AWSΒΆ

SecurityΒΆ

Set of tools to audit AWS cloudtrail events and audit logs.

ConfigurationΒΆ

holmes:
    additionalEnvVars:
        - name: AWS_ACCESS_KEY_ID
          value: AKIAIOSFODNN7EXAMPLE
        - name: AWS_SECRET_ACCESS_KEY
          value: =wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
        - name: AWS_DEFAULT_REGION
          value: us-west-2
    toolsets:
        aws/security:
            enabled: true
Enable this integration

To enable this integration, copy the above example into your Helm values for Robusta (generated_values.yaml).

After making changes, apply them using Helm:

helm upgrade robusta robusta/robusta --values=generated_values.yaml --set clusterName=<YOUR_CLUSTER_NAME>

CapabilitiesΒΆ

The table below describes the specific capabilities provided by this toolset. HolmesGPT can decide to invoke any of these capabilities when answering questions or investigating issues.

Tool Name

Description

aws_cloudtrail_event_lookup

Fetches events of a specified type from AWS CloudTrail along with the users that called them

aws_cloudtrail_event_details

Fetches and returns full event details for an AWS cloudtrail event in JSON format given an event ID

aws_user_audit_logs

Fetches audit logs for a specified user from AWS CloudTrail in past 24 hours. Provide username as was outputed by aws_event_lookup or aws_event_details

RDSΒΆ

Read access to Amazon RDS instances, events and logs

ConfigurationΒΆ

holmes:
    additionalEnvVars:
        - name: AWS_ACCESS_KEY_ID
          value: AKIAIOSFODNN7EXAMPLE
        - name: AWS_SECRET_ACCESS_KEY
          value: =wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
        - name: AWS_DEFAULT_REGION
          value: us-west-2
    toolsets:
        aws/rds:
            enabled: true
Enable this integration

To enable this integration, copy the above example into your Helm values for Robusta (generated_values.yaml).

After making changes, apply them using Helm:

helm upgrade robusta robusta/robusta --values=generated_values.yaml --set clusterName=<YOUR_CLUSTER_NAME>

CapabilitiesΒΆ

The table below describes the specific capabilities provided by this toolset. HolmesGPT can decide to invoke any of these capabilities when answering questions or investigating issues.

Tool Name

Description

aws_rds_describe_events

Fetches rds events

aws_rds_describe_instance

Get the configuration of a RDS instance

aws_rds_describe_instances

Fetches rds instances

aws_rds_describe_logs

List available RDS logs (e.g. slow query logs)

aws_rds_fetch_log_by_name

Fetch a specific log for an AWS RDS instance by log file name.