AWS
This config type is used to scrape information about your AWS infrastructure.
logLevel: ""
schedule: "@every 15m"
retention:
changes:
- name: CreateRole
age: 30d # Any change older than 30 days is removed
count: 50 # Only 50 last changes will be retained
aws:
- region:
- eu-west-2
- us-east-1
- af-south-1
- ap-south-1
- eu-central-1
compliance: true
patch_states: false
trusted_advisor_check: false
patch_details: false
cost_reporting:
s3_bucket_path: s3://flanksource-cost-reports/query-results
database: athenacurcfn_flanksource_report
table: flanksource_report
region: af-south-1
inventory: true
exclude:
- Amazon EC2 Reserved Instances Optimization
- Savings Plan
transform:
exclude:
- jsonpath: $.tags
- jsonpath: $.privateDnsNameOptionsOnLaunch
- jsonpath: outpostArn
- jsonpath: mapCustomerOwnedIpOnLaunch
- jsonpath: subnetArn
Scraper
| Field | Description | Scheme | Required |
|---|---|---|---|
logLevel | Specify the level of logging. | string | false |
schedule | Specify the interval to scrape in cron format. Defaults to every 60 minutes. | string | false |
full | Set to true to extract changes from scraped configurations. Defaults to false. | bool | false |
retention | Settings for retaining changes, analysis and scraped items | Retention | |
aws | Specifies the list of AWS configurations to scrape. | []AWS | false |
AWS
| Field | Description | Scheme | Required |
|---|---|---|---|
id | A static value or JSONPath expression to use as the ID for the resource. | string | true |
name | A static value or JSONPath expression to use as the Name for the resource. Default value is the id. | string | false |
items | A JSONPath expression to use to extract individual items from the resource | string | false |
type | A static value or JSONPath expression to use as the type for the resource. | string | true |
transform | Specify field to transform result | Transform | false |
format | Format of config item, defaults to JSON, available options are JSON | string | false |
timestampFormat | TimestampFormat is a Go time format string used to parse timestamps in createFields and DeletedFields. If not specified, the default is RFC3339. | string | false |
createFields | CreateFields is a list of JSONPath expression used to identify the created time of the config. If multiple fields are specified, the first non-empty value will be used | []string | false |
deleteFields | DeleteFields is a JSONPath expression used to identify the deleted time of the config. If multiple fields are specified, the first non-empty value will be used | []string | false |
compliance | Toggle scraping of compliance metadata | bool | |
patch_states | Set boolean value for scraping of patch state status, and report | bool | |
trusted_advisor_check | Set boolean value for enabling/disabling trusted advisor | bool | |
patch_details | Set boolean value to enable/disable scraping of patch details | bool | |
cost_reporting | Specify cost reporting for scraping of data | CostReporting | |
cloud_trail | Set CloudTrail specifications | CloudTrail | |
include | Specify AWS resources to include for scraping | []string | |
exclude | Specify AWS resources to exclude from scraping | []string | |
inventory | Toggle scrape of metadata for AWS resources | bool |
CloudTrail (cloudtrail)
| Field | Description | Scheme | Required |
|---|---|---|---|
exclude | Set events to be excluded from scraping | []string | |
max_age | Set maximum age of events for scraping | string |
Cost Reporting (cost_reporting)
| Field | Description | Scheme | Required |
|---|---|---|---|
s3_bucket_path | Set path for S3 bucket to scrape published AWS billing reports | string | |
table | Specify table containing cost and usage data | string | |
database | Specify database containing cost and usage data | string | |
region | Specify region for S3 bucket | string |
Supported Resources
- Account
- CloudTrail
- Config Rules
- Cost & Usage Reporting
- EBS
- EC2
- ECR
- EFS
- EKS
- IAM
- Load Balancers
- RDS
- Route53
- Subnet
- Trusted Advisor
- VPC