NOTE: This repo contains only the documentation for the private BoltsOps Pro repo code. Original file: https://github.com/boltopspro/tag-reporter/blob/master/README.md The docs are publish so they are available for interested customers. For access to the source code, you must be a paying BoltOps Pro subscriber. If are interested, you can contact us at contact@boltops.com or https://www.boltops.com
This blueprint provisions a ConfigRule to check AWS resources for the presence of required tags and an associated Lambda Function that checks if resources comply with the rule on a regular (1 hour) interval.
- A list of required tags is configurable and defaults to ["Backup", "Owner"]
- A list of AWS resource types to check is configurable and defaults to ["AWS::EC2::Instance","AWS::EC2::Volume"]
- Add blueprint to Gemfile
- Configure: configs/tag-reporter values
- Deploy blueprint
Add the blueprint to your lono project's Gemfile
.
gem "tag-reporter", git: "git@github.com:boltopspro/tag-reporter.git"
Use the lono seed command to generate a starter config params files.
LONO_ENV=development lono seed tag-reporter
LONO_ENV=production lono seed tag-reporter
The files in config/tag-reporter
folder will look something like this:
configs/tag-reporter/
└── variables
├── development.rb
└── production.rb
Configure the configs/tag-reporter/variables
files.
Use @required_tags to specify tag names to check for.
Use @resource_types to specify AWS resource types to check. Currently supported types are "AWS::EC2::Instance" and "AWS::EC2::Volume"
Use the lono cfn deploy command to deploy.
LONO_ENV=development lono cfn deploy tag-reporter --sure --no-wait
LONO_ENV=production lono cfn deploy tag-reporter --sure --no-wait
If you are using One AWS Account, use these commands instead: One Account.