https://github.com/stelligent/config-rule-status
A project to create AWS Config Rules and use them to test AWS Resource compliance.
https://github.com/stelligent/config-rule-status
Last synced: about 1 year ago
JSON representation
A project to create AWS Config Rules and use them to test AWS Resource compliance.
- Host: GitHub
- URL: https://github.com/stelligent/config-rule-status
- Owner: stelligent
- License: mit
- Created: 2016-03-18T21:56:04.000Z (about 10 years ago)
- Default Branch: master
- Last Pushed: 2020-01-07T16:36:45.000Z (over 6 years ago)
- Last Synced: 2025-03-24T05:27:03.810Z (about 1 year ago)
- Language: JavaScript
- Size: 69.3 KB
- Stars: 21
- Watchers: 5
- Forks: 7
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# config-rule-status
## What it Does
- Setup resource monitoring using AWS Config.
- Create security compliance rules using AWS Config Rules, including both AWS-managed and custom rules.
- Create AWS Lambda functions that implement infrastructure security tests (for the custom rules).
- Create an AWS Lambda function to aggregate the Config Rule compliance statuses and return an overall "PASS" or "FAIL". This function is designed to be used as a Security Integration Test as part of a CD pipeline.
- Provide a CLI (via gulp) for creating and updating the associated resources in AWS.
## Installation
**Prerequisites**
```
aws cli
npm install --global serverless@0.5.5
npm install --global gulp-cli
```
**Clone the source and set environment variables**
```
==> git clone https://github.com/stelligent/config-rule-status.git
```
**Install packages and configure:**
```
==> cd config-rule-status
==> npm install
```
**Initialize the project:**
```
==> gulp init \
--region us-east-1 \
--stage prod \
--name config-rule-status \
--awsProfile yourProfileName \
--email user@company.com
```
**Build the project:**
```
==> gulp build
```
## Execution
**Run Tests**
```
==> gulp test:local
```
**Deploy to AWS**
```
==> gulp deploy:lambda --stage prod --region us-east-1
==> gulp deploy:config --stage prod --region us-east-1
```
**Verify Deploy and/or Integrate into a CD pipeline**
```
==> gulp verify --stage prod --region us-east-1
```
**View Lambda logs**
```
==> gulp logs --stage prod --region us-east-1 --functionName cidrIngress --duration 1d
```
## Modifying
**Create Additional Stages, Regions, and Functions**
Use the Serverless CLI to add new configurations and functionality:
http://docs.serverless.com/docs/commands-overview