Name | fixinventory-plugin-aws JSON |
Version |
4.2.0
JSON |
| download |
home_page | None |
Summary | Runs collector plugins and sends the result to fixcore. |
upload_time | 2024-12-05 17:28:03 |
maintainer | None |
docs_url | None |
author | Some Engineering Inc. |
requires_python | >=3.12 |
license | AGPLv3 |
keywords |
|
VCS |
|
bugtrack_url |
|
requirements |
No requirements were recorded.
|
Travis-CI |
No Travis.
|
coveralls test coverage |
No coveralls.
|
# fix-plugin-aws
An AWS collector plugin for Fix.
## Usage
For details on how to edit configuration, please see [the documentation](https://inventory.fix.security/docs/getting-started/configuring-fix).
When the collector is enabled (`fixworker.collector = [aws]`) it will automatically collect any accounts the AWS boto3 SDK can authenticate for.
By default it will check for environment variables like `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY` or `AWS_SESSION_TOKEN`.
If Fix should assume an IAM role that role can be given via `fixworker.aws.role = SomeRoleName`.
The collector will scrape resources in all regions unless regions are specified using e.g. `fixworker.aws.region = [us-east-1, us-west-2]`.
## Scraping multiple accounts
If the given credentials are allowed to assume the specified role in other accounts of your AWS organisation, Fix
can collect multiple accounts at the same time. To do so provide the account IDs to the `fixworker.aws.account` configuration.
## Scraping the entire organisation
Instead of giving a list of account IDs manually you could also specify `fixworker.aws.scrape_org`, which will make Fix try to get the list of all accounts using the [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) API.
If certain accounts are to be excluded from that list they can be specified using the `fixworker.aws.scrape_exclude_account` config option.
## Miscellaneous Options
When collecting multiple accounts Fix by default will collect the accounts it finds in the org as well as the one it is currently authenticated as.
If you do not want it to scrape the account that was used to get the list of all org accounts (e.g. your root account) you can specify `fixworker.aws.dont_scrape_current`.
If instead of using the current credentials you would like Fix to assume the specified role (`fixworker.aws.role`) even for the current account you can specify the options
`fixworker.aws.assume_current` and `fixworker.aws.dont_scrape_current`. This would make it so that Fix does not scrape the current account using default credentials but instead assume the specified IAM role even for the current account.
## License
See [LICENSE](../../LICENSE) for details.
Raw data
{
"_id": null,
"home_page": null,
"name": "fixinventory-plugin-aws",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.12",
"maintainer_email": null,
"keywords": null,
"author": "Some Engineering Inc.",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/e1/23/9fe2b40bbbed14eac5e19a94acc8f757251edd7838525ab0430ef1da09f2/fixinventory_plugin_aws-4.2.0.tar.gz",
"platform": null,
"description": "# fix-plugin-aws\nAn AWS collector plugin for Fix.\n\n## Usage\nFor details on how to edit configuration, please see [the documentation](https://inventory.fix.security/docs/getting-started/configuring-fix).\n\nWhen the collector is enabled (`fixworker.collector = [aws]`) it will automatically collect any accounts the AWS boto3 SDK can authenticate for.\nBy default it will check for environment variables like `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY` or `AWS_SESSION_TOKEN`.\n\nIf Fix should assume an IAM role that role can be given via `fixworker.aws.role = SomeRoleName`.\n\nThe collector will scrape resources in all regions unless regions are specified using e.g. `fixworker.aws.region = [us-east-1, us-west-2]`.\n\n\n## Scraping multiple accounts\nIf the given credentials are allowed to assume the specified role in other accounts of your AWS organisation, Fix\ncan collect multiple accounts at the same time. To do so provide the account IDs to the `fixworker.aws.account` configuration.\n\n## Scraping the entire organisation\nInstead of giving a list of account IDs manually you could also specify `fixworker.aws.scrape_org`, which will make Fix try to get the list of all accounts using the [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) API.\n\nIf certain accounts are to be excluded from that list they can be specified using the `fixworker.aws.scrape_exclude_account` config option.\n\n## Miscellaneous Options\nWhen collecting multiple accounts Fix by default will collect the accounts it finds in the org as well as the one it is currently authenticated as.\nIf you do not want it to scrape the account that was used to get the list of all org accounts (e.g. your root account) you can specify `fixworker.aws.dont_scrape_current`.\n\nIf instead of using the current credentials you would like Fix to assume the specified role (`fixworker.aws.role`) even for the current account you can specify the options\n`fixworker.aws.assume_current` and `fixworker.aws.dont_scrape_current`. This would make it so that Fix does not scrape the current account using default credentials but instead assume the specified IAM role even for the current account.\n\n## License\nSee [LICENSE](../../LICENSE) for details.\n",
"bugtrack_url": null,
"license": "AGPLv3",
"summary": "Runs collector plugins and sends the result to fixcore.",
"version": "4.2.0",
"project_urls": {
"Documentation": "https://inventory.fix.security",
"Source": "https://github.com/someengineering/fix/tree/main/plugins/aws"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "629b0bda1fa1b6718caf8a5d1cb9731e95239e8dbe9c01de18b70b8871ec58aa",
"md5": "de88ef3eeb8658d08351e4a131cbffa1",
"sha256": "8f39070493b1d2ba3acc427c882b7671617be32679c262abe9e8b8faa7484b72"
},
"downloads": -1,
"filename": "fixinventory_plugin_aws-4.2.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "de88ef3eeb8658d08351e4a131cbffa1",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.12",
"size": 427187,
"upload_time": "2024-12-05T17:28:02",
"upload_time_iso_8601": "2024-12-05T17:28:02.474503Z",
"url": "https://files.pythonhosted.org/packages/62/9b/0bda1fa1b6718caf8a5d1cb9731e95239e8dbe9c01de18b70b8871ec58aa/fixinventory_plugin_aws-4.2.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "e1239fe2b40bbbed14eac5e19a94acc8f757251edd7838525ab0430ef1da09f2",
"md5": "02f3279e8933da6633f5cd1b9d0f661f",
"sha256": "13a8e95df74f8ea387f9abc5f2d16a907b996e5e3c007cb547560f0e325ff711"
},
"downloads": -1,
"filename": "fixinventory_plugin_aws-4.2.0.tar.gz",
"has_sig": false,
"md5_digest": "02f3279e8933da6633f5cd1b9d0f661f",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.12",
"size": 364768,
"upload_time": "2024-12-05T17:28:03",
"upload_time_iso_8601": "2024-12-05T17:28:03.908982Z",
"url": "https://files.pythonhosted.org/packages/e1/23/9fe2b40bbbed14eac5e19a94acc8f757251edd7838525ab0430ef1da09f2/fixinventory_plugin_aws-4.2.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-12-05 17:28:03",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "someengineering",
"github_project": "fix",
"github_not_found": true,
"lcname": "fixinventory-plugin-aws"
}