Forward event from AWS CT into nOps
- AWS Cloudtrail with S3 bucket for CloudTrail logs must be configured before deploying this stack.
- S3 bucket for AWS CloudTrail, and nOps-aws-forwarder should be within the some Region.
- API key from nOps, if you want to use encrypted version, please setup a symmetric encryption key within KMS in the same region of lambda and provide the permission for Lambda execution's role later.
- Log into your admin AWS account/role and deploy the CloudFormation Stack using the button seen above.
- Fill in
pnOpsApiKeyorpnOpsKmsAPIKey,pCTForwarderReleaseVersion,pCloudtrailBucketName. All other parameters are optional. - Click Create stack, and wait for the creation to complete.
- Find the installed forwarder Lambda function under the stack's "Resources" tab with logical ID
rLambdaForwarder. - If you use KMS encrypted API key, please provide the access permission for lambda role for KMS Key
- Repeat the steps 1-4 above in another region if you operate in multiple AWS regions with single-region trail.
If you can't install the Forwarder using the provided CloudFormation template, you can install the Forwarder manually following the steps below. Feel free to open an issue or create a pull request to let us know if there is anything we can improve to make the template work for you.
- Create a Python 3.9 Lambda function using
nops-aws-forwarder-deployment-package-<VERSION>.zipfrom the latest releases. - Save your NOPS API key to Lambda's environment variable
NOPS_API_KEYor encrypted kms key asNOPS_KMS_API_KEY - Add the
s3:GetObjectpermission to the Lambda execution role. - Configure triggers.
- If you use KMS encrypted API key, please provide the access permission for lambda role for KMS Key
- Run ./bump_version minor/major/main to add a new version