search

awslabs / aws-config-rdklib

Python library to enable you to run custom AWS Config Rules at scale, using Lambda Layer.
Apache License 2.0
94 stars 26 forks source link

readme

RDKlib

image

RDKlib is a Python library to enable you to run custom AWS Config Rules at scale. The library can be used to:

RDKLib works in synergy with the AWS Config Rule Development Kit.

Getting Started

Install the library locally

pip install rdklib

Create a rule using the RDK

The runtime of your RDK rule have to be set to python3.11-lib in the RDK to provide you the Rule template.

    rdk create YOUR_RULE_NAME --runtime python3.11-lib --maximum-frequency TwentyFour_Hours
    rdk create YOUR_RULE_NAME --runtime python3.11-lib --resource-types AWS::S3::Bucket

Note: you need to install the RDK first.

Deploy your rule with RDKlib layer

RDKLib is designed to work as a AWS Lambda Layer. It allows you to use the library without needing to include it in your deployment package.

  1. Install RDKlib layer (with AWS CLI)
    aws serverlessrepo create-cloud-formation-change-set --application-id arn:aws:serverlessrepo:ap-southeast-1:711761543063:applications/rdklib --stack-name RDKlib-Layer

    # Copy/paste the full change-set ARN to customize the following command
    aws cloudformation execute-change-set --change-set-name NAME_OF_THE_CHANGE_SET

    aws cloudformation describe-stack-resources --stack-name serverlessrepo-RDKlib-Layer
    # Copy the ARN of the Lambda layer in the "PhysicalResourceId" key (i.e. arn:aws:lambda:YOUR_REGION:YOUR_ACCOUNT:layer:rdklib-layer:1).

Note: You can do the same step manually going to https://console.aws.amazon.com/lambda/home#/create/function?tab=serverlessApps and find "rdklib"

  1. Deploy the rule
    rdk deploy YOUR_RULE_NAME --rdklib-layer-arn YOUR_RDKLIB_LAYER_ARN

License

This project is licensed under the Apache-2.0 License.

Feedback / Questions

Feel free to email rdk-maintainers@amazon.com

Contacts

Acknowledgements