AWSΒΆ

SecurityΒΆ

Set of tools to audit AWS cloudtrail events and audit logs.

ConfigurationΒΆ

holmes:
    additionalEnvVars:
        - name: AWS_ACCESS_KEY_ID
          value: AKIAIOSFODNN7EXAMPLE
        - name: AWS_SECRET_ACCESS_KEY
          value: =wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
        - name: AWS_DEFAULT_REGION
          value: us-west-2
    toolsets:
        aws/security:
            enabled: true

Update your Helm values (generated_values.yaml) with the above configuration and run a Helm upgrade:

helm upgrade robusta robusta/robusta --values=generated_values.yaml --set clusterName=<YOUR_CLUSTER_NAME>

First, add the following environment vairables:

export AWS_ACCESS_KEY_ID="<your AWS access key ID>"
export AWS_SECRET_ACCESS_KEY="<your AWS secret access key>"
export AWS_DEFAULT_REGION="us-west-2"

Then, add the following to ~/.holmes/config.yaml, creating the file if it doesn't exist:

toolsets:
    aws/security:
        enabled: true

To test, run:

holmes ask "Are there any security misconfigurations my signup application, particularly in the database?"

CapabilitiesΒΆ

The table below describes the specific capabilities provided by this toolset. HolmesGPT can decide to invoke any of these capabilities when answering questions or investigating issues.

Tool Name

Description

aws_cloudtrail_event_lookup

Fetches events of a specified type from AWS CloudTrail along with the users that called them

aws_cloudtrail_event_details

Fetches and returns full event details for an AWS cloudtrail event in JSON format given an event ID

aws_user_audit_logs

Fetches audit logs for a specified user from AWS CloudTrail in past 24 hours. Provide username as was outputed by aws_event_lookup or aws_event_details

RDSΒΆ

Read access to Amazon RDS instances, events and logs

ConfigurationΒΆ

holmes:
    additionalEnvVars:
        - name: AWS_ACCESS_KEY_ID
          value: AKIXDDDSDSdSA
        - name: AWS_SECRET_ACCESS_KEY
          value: =wJalrXUtnFEMI/KNG/bPxRfiCYEXAMPLEKEY
        - name: AWS_DEFAULT_REGION
          value: us-west-2
    toolsets:
        aws/rds:
            enabled: true

Update your Helm values (generated_values.yaml) with the above configuration and run a Helm upgrade:

helm upgrade robusta robusta/robusta --values=generated_values.yaml --set clusterName=<YOUR_CLUSTER_NAME>

First, add the following environment vairables:

export AWS_ACCESS_KEY_ID="<your AWS access key ID>"
export AWS_SECRET_ACCESS_KEY="<your AWS secret access key>"
export AWS_DEFAULT_REGION="us-west-2"

Then, add the following to ~/.holmes/config.yaml, creating the file if it doesn't exist:

toolsets:
    aws/rds:
        enabled: true

To test, run:

holmes ask "Why is my signup application slow, also look into the database"

CapabilitiesΒΆ

The table below describes the specific capabilities provided by this toolset. HolmesGPT can decide to invoke any of these capabilities when answering questions or investigating issues.

Tool Name

Description

aws_rds_describe_events

Fetches rds events

aws_rds_describe_instance

Get the configuration of a RDS instance

aws_rds_describe_instances

Fetches rds instances

aws_rds_describe_logs

List available RDS logs (e.g. slow query logs)

aws_rds_fetch_log_by_name

Fetch a specific log for an AWS RDS instance by log file name.