awslabs / assisted-log-enabler-for-aws Goto Github PK
View Code? Open in Web Editor NEWAssisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
License: Apache License 2.0
assisted-log-enabler-for-aws's Issues
Add support to turn on logs for Amazon Verified Access
Add support to ALE to turn on logs for Amazon Verified Access.
Add pagination for existing functions
Currently, ALE does not implement pagination. This is problematic because there is a non-zero chance that some accounts will have more resources than are provided back from a describe API in a single API call. In this case, ALE would not turn on logging for all of these resources.
Feature Request: Add option to specify AWS accounts to include/exclude
For multi-account deployments, add option to allow user to specify CSV file containing a list of AWS accounts to include or exclude based on switch e.g --includeaccounts --excludeaccounts
Add ability to have VPC Flow Logs stored in Parquet format
Add the ability to create VPC Flow Logs that are stored in Parquet format.
Boto3 documentation for the DestinationOptions for create_flow_logs: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2.html#EC2.Client.create_flow_logs
Add support for Route 53 Resolver Query Logging
Similar to the other logging types, it'd be great to have support for R53 Resolver query logging, since customers typically like to view VPC flow logs and their DNS logs in tandem.
Create cleanup function for resources created
Issue to create a cleanup function for the resources created by Assisted Log Enabler for AWS.
Cleanup for:
- AWS Route 53 Resolver Query Logs
- AWS VPC Flow Logs
Add random string to end of bucket name
Add random string to end of bucket name to help with S3 bucket attribution.
Increase log retention time from 365 days to 400 days
Request to increase log retention time from 365 days to 400 days for additional analysis in relation to current month.
Break up the service functions in argparse
Break up the AWS service function options in argparse
- Options
- All
- EKS
- CloudTrail
- VPC Flow Logs
- R53 Resolver Query Logs
Add S3 Logging
Issue to add function for the resources created by Assisted Log Enabler for AWS.
S3 access logging
Enable ability to use preexisting S3 bucket
Provide the ability within the Assisted Log Enabler for AWS to use a preexisting S3 bucket for storing the logs.
Add partition support (GovCloud, China region, and European Sovereign Cloud)
Add support for additional AWS partitions. This includes GovCloud, China, and the forthcoming European Sovereign Cloud
Add support to turn on logs for Amazon Bedrock
Add support to turn on logs for Amazon Bedrock. The prompts should be stored in S3. TBD whether they should be stored in a separate bucket or the same bucket as other ALE logs due to the potential for sensitive data to be included in the prompts.
Feature Request: need a --dry-run option
To check what would be done without actually making any changes.
Fix issue with CloudTrail enablement logic
Fix issue with CloudTrail enablement logic
Query: All aws resources will be covered by this tool?
As I see the tool covers some aws resources. Will future releases target all aws resources like ec2 instance etc as well?
Feature Request: Add support for load balancer access logs
https://docs.aws.amazon.com/elasticloadbalancing/index.html
In priority:
- ALB
- ELB (Classic)
- NLB
This will require logging to cloudwatch, which is a good initial target, no need in the short term to enable logging to S3
Add CloudTrail tags and change trail name
- Add CloudTrail tags to reflect that the CloudTrail trail was created by Assisted Log Enabler for AWS
- Change CloudTrail name to be more reflective that it's created by Assisted Log Enabler for AWS
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.