Aws notes/Getting Serious About AWS Config Rules: Difference between revisions

From Federal Burro of Information
Jump to navigationJump to search
No edit summary
 
Line 27: Line 27:
* You want the right amount of automation.
* You want the right amount of automation.
* And open source is the right price.
* And open source is the right price.
0. ensure your env has AWS api keys loaded.


1. install rdk ( rule development kit )
1. install rdk ( rule development kit )
Line 36: Line 38:
  cd ~/work
  cd ~/work
  git clone git@github.com:awslabs/aws-config-rules.git
  git clone git@github.com:awslabs/aws-config-rules.git
  cd aws-condif
  cd aws-config
cd python
rdk init
rdk deploy ANY_ONE_OF_RULE_IN_THIS_DIR
 
Then go take a look in the console to see how you are doing.
 
=== To Do ===
 
* reporting
* management
* reconcile

Latest revision as of 18:02, 13 November 2018

Overview

There are a suite of service in AWS that can help you get yourself to an auditable position:

  • AWS config
  • AWS Cloudtrails

You can define rule about how your cloud account should be, and make an immutable record of how it is and changes over time with these two services.

There are published best practices , so you can go and roll your own setup.

You could pay someone else to do it:

Or you can use some open source tools:

The OS way

For those of you who just want results. ( not for those of you who want to write your own rules ). THink of this as 80/20. For 20% work, you get 80% of the functionality and effect. If you have nthing, or little time, this is for you.

  • You have the right amount of know-how.
  • You want the right amount of automation.
  • And open source is the right price.

0. ensure your env has AWS api keys loaded.

1. install rdk ( rule development kit )

pip install rdk

2. clone the rules:

cd ~/work
git clone git@github.com:awslabs/aws-config-rules.git
cd aws-config
cd python
rdk init
rdk deploy ANY_ONE_OF_RULE_IN_THIS_DIR

Then go take a look in the console to see how you are doing.

To Do

  • reporting
  • management
  • reconcile