Example Plugin Installation

Example InsightCloudSec Plugin Installation

This example plugin allows the harvesting of AWS X-Ray Encryption Configuration Types and provides a custom filter for AWS regions. If you have questions or issues with this example reach out to us through the Customer Support Portal.

Permissions

Your plugin may require you to adjust your policy to add required permissions.

  • The example plugin on the page requires xray:GetEncryptionConfig permissions.

📘

Value Names (DivvyCloud vs. InsightCloudSec)

Some components, screen captures, examples, and values use our former product name (DivvyCloud vs. InsightCloudSec). Updates to the naming of these components will be communicated when changes are made, but note that the name difference does not affect functionality within the product.

Steps to Complete (on the server Running InsightCloudSec)

1. Log into the instance running InsightCloudSec.

2. Change directory into the plugins folder in the InsightCloudSec directory:
cd ../../divvycloud/plugins

3. Clone the following git repo:
sudo git clone https://github.com/DivvyCloud/AWS-Xray-Harvester.git

4. Return to the root InsightCloudSec folder:
cd ../

5. Restart InsightCloudSec:
sudo docker-compose down && sudo docker-compose up -d

Steps to Complete in the InsightCloudSec Platform

1. Verify that the plugin is loaded correctly by accessing the Plugins page (under "Administration --> Plugins" from the main navigation)

2. Verify that the plugin "AWS X-Ray Encryption Configuration" is listed and enabled; there will be a green-circled check in the "Enabled" column.

Verify Plugin is EnabledVerify Plugin is Enabled

Verify Plugin is Enabled

3. On the listing for your plugin, click on the "Admin" sub-menu and select "Manage Plugin".

Manage Plugin OptionsManage Plugin Options

Manage Plugin Options

4. Verify that the "Load Status" section of the page shows all green-circled checks.

Verify Load StatusVerify Load Status

Verify Load Status

5. To test your Plugin, from "Resource --> Resources" open "Identify Management" and select "Cloud Region".

Locate "Cloud Region" under Identity ManagementLocate "Cloud Region" under Identity Management

Locate "Cloud Region" under Identity Management

6. Select Filters (upper right-hand corner)

  • Search for and select "X-Ray Encryption Config Types".
Find FilterFind Filter

Find Filter

7. Select "Default" or "KMS", depending on how your resource is configured.

8. View the filter results under "Resources--> Identity & Management --> Cloud Region."

View the ResourcesView the Resources

View the Resources

Possible Next Steps

From here, you may wish to create a Bot that notes when XRay has been set up by someone not authorized to do so. The steps to create this Bot are as follows:

1. Open "Automation --> BotFactory" and click "Create Bot". This will launch the process that enables you to create a new Bot. Scope your Bot to Cloud Region and an AWS account; Select Next.

Create a new BotCreate a new Bot

Create a new Bot

2. Select the X-Ray Encryption Config Types in Conditions and choose "Default"

  • Select "Next".
Configuring the Bot ConditionsConfiguring the Bot Conditions

Configuring the Bot Conditions

3. Select "Send Slack Message" in Actions

  • Select "Next".
  • Choose a schedule for when your bot should run, then select "Save".
  • View the results in Slack to confirm.

Did this page help you?