Skip to content

unicrons/steampipe-config-generator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
cmd
cmd
 
 
docs
docs
 
 
pkg
pkg
 
 
templates
templates
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

Steampipe Config Generator

Manage your Steampipe AWS config files at scale!

What is this?

steampipe-config-generator is tool that generates configuration files for steampipe-aws-plugin. These files are used by Steampipe AWS plugin to connect to your AWS Accounts and fetch the desired data.

We have created this tool to facilitate the creation and management of these files in organizations with multiple accounts.
If you want more details about this, check our blog post: Automate your Steampipe AWS configuration with AWS Organizations

Features

  • Automate generation of .aws/credentials and .steampipe/config/aws.spc for your AWS Organization.
  • Create Steampipe connection aggregators using your AWS Organization Accounts tags.
  • Skip AWS Accounts based on their organizational units.
  • Assume an IAM role to fech AWS Organizations information.

Requirements

  • Valid AWS credentials with the following IAM actions: 
    "organizations:ListAccounts",
"organizations:ListParents",
"organizations:ListTagsForResource"
  • An AWS IAM Role deployed in all your AWS accounts with your required permissions for Steampipe.

How to use it

./steampipe_config_generator -role my-org-role-name

If you are executing the tool inside an EC2 instance use -credential Ec2InstanceMetadata flag. If you are executing the tool inside an ECS container use -credential EcsContainer flag.

Create Aggregators

The aws_connections.tmpl template is used to generate the AWS connections files where you can add the needed aggregators.

To create an aggregators based on your AWS Account names. E.g: The following template will create an aggregator with all your AWS Accounts whose name begins with Sandbox:

connection "aws_sandbox" {
  plugin      = "aws"
  type        = "aggregator"
  connections = ["aws_sandbox_*"]
}

Note

All AWS Account names are normalized to lowercase. Spaces and hyphens are replaced by _.

To create an aggregators based on your AWS Accounts tags. E.g: The following template will create an aggregator with all your AWS Accounts that contains the tag team:engineering:

{{ $teamEng := index .Tags "team,engineering" }}
connection "aws_engineering_team" {
  plugin      = "aws"
  type        = "aggregator"
  connections = [{{- range $index, $name := $teamEng -}}{{ if $index }}, {{ end }}"aws_{{ $name }}"{{- end }}]
}

Contribute

We welcome all contributors!

About

Generate Steampipe AWS config files for an AWS Organization

unicrons.cloud/en/2024/10/18/automate-your-steampipe-aws-configuration-with-aws-organizations/

Topics

go aws hacktoberfest steampipe

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

7 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases 1

v0.1.0 Latest
Oct 18, 2024

Packages

No packages published

Contributors 2

  •  
  •  

Languages