Skip to content

SungardAS/aws-services-configrules

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Interfaces to Manage AWSConfig Rules

API Gateway and Lambda Function to Manage the AWSConfig Rules Service

aws-services

How to Send Requests

The 'Credentials' header doesn't need to be set if the target account is same with the account where this Lambda Function is deployed.

To check the current status of the services

const Credentials = {
  "AccessKeyId": "",
  "SecretAccessKey": "",
  "SessionToken": ""
}
path: /configrules?region=<<region>>
method : GET
headers: {
  "Credentials": JSON.stringify(Credentials),
}

To enable the services

Credentials = {
  "AccessKeyId": "",
  "SecretAccessKey": "",
  "SessionToken": ""
}
path: /configrules
method : POST
headers: {
  "Credentials": JSON.stringify(Credentials),
}
data:
{
  "region": "<<region>>"
}

To disable the services

Credentials = {
  "AccessKeyId": "",
  "SecretAccessKey": "",
  "SessionToken": ""
}
path: /configrules
method : DELETE
headers: {
  "Credentials": JSON.stringify(Credentials),
}
data:
{
  "region": "<<region>>"
}

How To Setup a CodePipeline

Launch Stack

Input Parameter Values

  • CloudformationLambdaExecutionRoleArn:

    Enter ARN of IAM Role for Cloudformation to create changesets and target stack. If you already created one or more CodePipeline that uses Cloudformation, this role should have been created already, so you can use the same role, 'cloudformation-lambda-execution-role'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

  • CodePipelineServiceRoleArn:

    Enter ARN of IAM Role for CodePipeline to be executed. If you already created one or more CodePipeline, this role should have been created already, so you can use the same role, 'AWS-CodePipeline-Service'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

  • CustomAuthorizerIAMRoleName:

  • CustomAuthorizerLambdaName:

  • EncryptionLambdaName:

  • GitHubPersonalAccessToken:

    Access Token for CodeBuild to access to the this Github repository. (See here to find how to generate the access token).

  • GitHubSourceRepositoryBranch: master

  • GitHubSourceRepositoryName: aws-services-configrules

  • GitHubSourceRepositoryOwner: SungardAS

  • ParameterOverrides: { "AWSConfigTopicArn": "<awsconfig_topic_arn>", "AWSConfigRulesLogGroupName": "/SungardAS/Alerts/AWSConfigRules", "SubscriptionFilterDestinationArn": "arn:aws:logs:<region>:<account>:destination:<destination_name>" }

  • ProjectImage: aws/codebuild/nodejs:8.11.0

How To Test Lambda Functions

  • $ cd tests
  • Export necessary environment variables and fill the necessary input values
  • $ node test_xxx.js

Sungard Availability Services | Labs

This project is maintained by the Labs group at Sungard Availability Services

GitHub: https://sungardas.github.io

Blog: http://blog.sungardas.com/CTOLabs/

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published