How to enable automations and actions for AWS

 

This article covers how to deploy Automations from our Github repository and connect them to your Hyperglance instance.

Pre-Requisites

Before you can deploy automations you will need:

  1. Terraform CLI - Install instructions
  2. AWS CLI - Install instructions
  3. Deploying Hyperglance In Your AWS VPC
  4. IAM permissions configured on the Hyperglance Instance - See below.

IAM Permissions

The IAM Policy on the Role associated with the Hyperglance EC2 Instance will need the following permissions added:

"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",

Quick Start

  1. Follow the pre-requisite steps above.

  2. Connect the AWS CLI to the AWS account that hosts Hyperglance by running: aws configure

    Note: You will need an AWS IAM access and secret key.

    Example:

    $ aws configure
    AWS Access Key ID [None]: ENTER_YOUR_ACCESS_KEY_HERE
    AWS Secret Access Key [None]: ENTER_YOUR_SECRET_KEY_HERE
    Default region name [None]: us-east-1
    Default output format [None]: json
  3. Clone our repo or download the zip

    $ git clone https://github.com/hyperglance/aws-rule-automations.git
  4. Deploy the stack:

    Terraform will prompt for the region you wish to deploy to and for final confirmation.

    $ cd aws-rule-automations/deployment/terraform/automations
    $ terraform init
    $ terraform apply
  5. Once complete, the bucket name and lambda function ARN will be returned:

    Apply complete! Resources: 8 added, 0 changed, 0 destroyed.

    Outputs:

    bucket_name = "hyperglance-automations-lucky-marmoset"
    lambda_arn = "arn:aws:lambda:us-east-1:0123456789:function:hyperglance-automations-stinky-fish"

    The lambda ARN is required to configure automations across accounts

    Copy the bucket_name into the Hyperglance UI: Settings ➔ Automations ➔ S3 Bucket Name or visit this URL: https://your-hyperglance-ip/#/admin/automations

    Note: Leave the 'Role ARN' field blank. This is only needed if you deploy the stack to a different AWS account from the Hyperglance Instance.

  6. That's it - Automations are now enabled!

    • Within Hyperglance click on any rule or visit the Advanced Search page to start exploring automations features.
    • If you need automations to run on resources from other AWS Accounts then continue on to follow our multi-account guide below.

Related Articles: