Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/awslabs/aws-config-rdklib

Python library to enable you to run custom AWS Config Rules at scale, using Lambda Layer.
https://github.com/awslabs/aws-config-rdklib

Last synced: about 2 months ago
JSON representation

Python library to enable you to run custom AWS Config Rules at scale, using Lambda Layer.

Host: GitHub
URL: https://github.com/awslabs/aws-config-rdklib
Owner: awslabs
License: apache-2.0
Created: 2020-01-17T23:17:18.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2024-04-29T17:37:43.000Z (about 2 months ago)
Last Synced: 2024-05-02T15:18:45.681Z (about 2 months ago)
Language: Python
Homepage:
Size: 473 KB
Stars: 93
Watchers: 13
Forks: 25
Open Issues: 5
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Lists

awesome-cloud-security - AWS Config Rules Development Kit
awesome-cloud-security - AWS Config Rules Development Kit
awesome-cloud-security - AWS Config Rules Development Kit

README

# RDKlib

[![image](https://github.com/awslabs/aws-config-rdklib/workflows/ci/badge.svg?branch=master)](https://github.com/awslabs/aws-config-rdklib/actions?query=workflow%3Aci+branch%3Amaster)

RDKlib is a Python library to enable you to **run custom AWS Config
Rules at scale**. The library can be used to:

- Help you to focus only on the compliance logic, while the library
does the heavy lifting
- Ease maintenance by moving the boilerplate code as a AWS Lambda
Layer
- Ease deployment by using AWS Serverless Application Repository

RDKLib works in synergy with the [AWS Config Rule Development Kit](https://github.com/awslabs/aws-config-rdk).

# Getting Started

## Install the library locally

```bash
pip install rdklib
```

## Create a rule using the RDK

The runtime of your RDK rule have to be set to python3.11-lib in the RDK
to provide you the Rule template.

- For periodic trigger:

```bash
rdk create YOUR_RULE_NAME --runtime python3.11-lib --maximum-frequency TwentyFour_Hours
```

- For configuration change trigger (for example S3 Bucket):

```bash
rdk create YOUR_RULE_NAME --runtime python3.11-lib --resource-types AWS::S3::Bucket
```

> Note: you need to [install the RDK](https://github.com/awslabs/aws-config-rdk#getting-started) first.

## Deploy your rule with RDKlib layer

RDKLib is designed to work as a AWS Lambda Layer. It allows you to use the library without needing to include it in your deployment package.

1. Install RDKlib layer (with AWS CLI)

```bash
aws serverlessrepo create-cloud-formation-change-set --application-id arn:aws:serverlessrepo:ap-southeast-1:711761543063:applications/rdklib --stack-name RDKlib-Layer

# Copy/paste the full change-set ARN to customize the following command
aws cloudformation execute-change-set --change-set-name NAME_OF_THE_CHANGE_SET

aws cloudformation describe-stack-resources --stack-name serverlessrepo-RDKlib-Layer
# Copy the ARN of the Lambda layer in the "PhysicalResourceId" key (i.e. arn:aws:lambda:YOUR_REGION:YOUR_ACCOUNT:layer:rdklib-layer:1).
```

> Note: You can do the same step manually going to and find "rdklib"

1. Deploy the rule

```bash
rdk deploy YOUR_RULE_NAME --rdklib-layer-arn YOUR_RDKLIB_LAYER_ARN
```

# License

This project is licensed under the Apache-2.0 License.

# Feedback / Questions

Feel free to email

# Contacts

- **Benjamin Morris** - _Maintainer, code, testing_
- **Carlo DePaolis** - _Maintainer, code, testing_

# Acknowledgements

- **Mark Beacom** - _Maintainer, code, testing_
- **Michael Borchert** - _Design, code, testing, feedback_
- **Ricky Chau** - _Maintainer, code, testing_
- **Julio Delgado Jr.** - *Design, testing, feedback*
- **Chris Gutierrez** - _Design, feedback_
- **Joe Lee** - _Design, feedback_
- **Jonathan Rault** - _Maintainer, design, code, testing, feedback_