Giters

daytonpa / awsCustomConfig

Function code to check for compliance for custom AWS Config rule for egress Security group configuration

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

AWS Config custom rule for evaluating Security group egress rule

Check if all lambdas belonging to a specific security group are in compliance by evaluating all egress ip ranges not being 0.0.0.0/0

Logic

  1. 'index.js'
  • Takes the AWS Config event as input containing the rule parameter (in this case a vpcid). Note that AWS Config runs this as a Scheduled notification.
  • Retrieves all lambdas within VPC
  • Uses lambda names to get associated security groups
  • Filter those security groups that have the 0.0.0.0/0 outbound rule
  • Send the evaluation result back to config

About

Function code to check for compliance for custom AWS Config rule for egress Security group configuration

Languages

Language:JavaScript 100.0%