Skip to content

Latest commit

 

History

History
94 lines (63 loc) · 6.08 KB

index.md

File metadata and controls

94 lines (63 loc) · 6.08 KB
Raw

AWS Insights Mod - Visualize and report on resource configuration across your AWS accounts

DevOps professionals use the AWS insights mod to visualize cloud intelligence and security metrics using interactive dashboards. Report on AWS resource configuration, visualize relationships, and aggregate metrics to better understand your cloud infrastructure. The dashboards are specified using a "low code" HCL format (similar to Terraform). Making it easy to inspect, modify and compose new dashboards to meet specific compliance and security objectives for your organization.

Example of the 'AWS S3 Bucket Dashboard' with metrics on bucket privacy, encryption, logging, and costs.

Detailed report for AWS S3 bucket 'ria-example-test'. Highlights: no public access, encryption on, logging off. Shows AWS service connections.

Dashboard for 'AWS EBS Snapshot Age Report' with filters like '<24 hours', '1-30 Days', and '>1 Year'. Table columns include Snapshot ID, Name, Age, and Region.

'AWS EBS Volume Encryption Report' dashboard highlighting 'Unencrypted' volumes. Table columns: Volume ID, Name, Encryption status, and Region.

'AWS EC2 Instance Public Access Report' from Steampipe showing 5 instances with 1 publicly accessible. Table includes Instance ID, Name, and access status.

Dashboard for 'AWS IAM Policy Detail' from Steampipe. Top section has a policy selector. Main section shows policy's relationships with AWS services.

Detailed dashboard of AWS VPC 'VPC Test' detailing relationships with resources like CIDR blocks, subnets, and security groups.

Visualization of AWS VPC Security Group 'default'. Details on ingress/egress rules and associated AWS connections.

Overview

Resource type Dashboards have interactive elements that can answer questions like:

  • How many of this resource type do I have?
  • Counts by accounts and regions?
  • Cost of these resources over time.
  • Percentage of resources that are configured in specific ways (e.g. encryption on?)
  • How old are my resources?

Resource detail reports can be reached by drilling down from dashboards or manually selecting the resource name. They drill into a specific resource and can answer detailed configuration questions and provide a visualization of relationships to other resources. Use these to answer deep questions:

  • What are the relationships between this resource and others?
  • Is this resource publicly accessible?
  • Is encryption enabled and what keys are used for encryption?
  • Is versioning enabled?
  • What networking ingress and egress rules are associated with this resource.

Dashboards are available for 30+ services, including CloudTrail, EC2, IAM, RDS, S3, VPC, and more!

Documentation

Getting Started

Installation

Install Powerpipe (https://powerpipe.io/downloads), or use Brew:

brew install turbot/tap/powerpipe

This mod also requires Steampipe with the AWS plugin as the data source. Install Steampipe (https://steampipe.io/downloads), or use Brew:

brew install turbot/tap/steampipe
steampipe plugin install aws

Steampipe will automatically use your default AWS credentials. Optionally, you can setup multiple accounts or customize AWS credentials.

Finally, install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-insights

Browsing Dashboards

Start Steampipe as the data source:

steampipe service start

Start the dashboard server:

powerpipe server

Browse and view your dashboards at http://localhost:9033.

Open Source & Contributing

This repository is published under the Apache 2.0 license. Please see our code of conduct. We look forward to collaborating with you!

Steampipe and Powerpipe are products produced from this open source software, exclusively by Turbot HQ, Inc. They are distributed under our commercial terms. Others are allowed to make their own distribution of the software, but cannot use any of the Turbot trademarks, cloud services, etc. You can learn more in our Open Source FAQ.

Get Involved

Join #powerpipe on Slack →

Want to help but don't know where to start? Pick up one of the help wanted issues: