This example plugin allows the harvesting of AWS X-Ray Encryption Configuration Types and provides a custom filter for AWS regions. If you have questions or issues with this example reach out to us through the Customer Support Portal.
Your plugin may require you to adjust your policy to add required permissions.
- The example plugin on the page requires
Value Names (DivvyCloud vs. InsightCloudSec)
Some components, screen captures, examples, and values use our former product name (DivvyCloud vs. InsightCloudSec). Updates to the naming of these components will be communicated when changes are made, but note that the name difference does not affect functionality within the product.
1. Log into the instance running InsightCloudSec.
2. Change directory into the plugins folder in the InsightCloudSec directory:
3. Clone the following git repo:
sudo git clone https://github.com/DivvyCloud/AWS-Xray-Harvester.git
4. Return to the root InsightCloudSec folder:
5. Restart InsightCloudSec:
sudo docker-compose down && sudo docker-compose up -d
1. Verify that the plugin is loaded correctly by accessing the Plugins page (under "Administration --> Plugins" from the main navigation)
2. Verify that the plugin "AWS X-Ray Encryption Configuration" is listed and enabled; there will be a green-circled check in the "Enabled" column.
3. On the listing for your plugin, click on the "Admin" sub-menu and select "Manage Plugin".
4. Verify that the "Load Status" section of the page shows all green-circled checks.
5. To test your Plugin, from "Resource --> Resources" open "Identify Management" and select "Cloud Region".
6. Select Filters (upper right-hand corner)
- Search for and select "X-Ray Encryption Config Types".
7. Select "Default" or "KMS", depending on how your resource is configured.
8. View the filter results under "Resources--> Identity & Management --> Cloud Region."
From here, you may wish to create a Bot that notes when XRay has been set up by someone not authorized to do so. The steps to create this Bot are as follows:
1. Open "Automation --> BotFactory" and click "Create Bot". This will launch the process that enables you to create a new Bot. Scope your Bot to Cloud Region and an AWS account; Select Next.
2. Select the X-Ray Encryption Config Types in Conditions and choose "Default"
- Select "Next".
3. Select "Send Slack Message" in Actions
- Select "Next".
- Choose a schedule for when your bot should run, then select "Save".
- View the results in Slack to confirm.
Updated 6 months ago