Skip to content

Generate AWS IAM Credential Report pipeline #80

Open
@bob-bot

Description

@bob-bot

Is your feature request related to a problem? Please describe.
To get the latest details from the AWS IAM Credential Report, which Powerpipe dashboards like AWS CIS v4.0.0 rely on, you need to run the aws iam generate-credential-report CLI command ahead of time. Would be great for Flowpipe to have a pipeline to execute this command in the AWS Library Mod.

Describe the solution you'd like
pipelines/iam/generate_iam_credential_report.fp

something like:

pipeline "generate_iam_credential_report" {
  title       = "Generate IAM Credential Report"
  description = "Generates the IAM Credential Report."

  param "conn" {
    type        = connection.aws
    description = local.conn_param_description
    default     = connection.aws.default
  }

  step "container" "generate_iam_credential_report" {
    image = "public.ecr.aws/aws-cli/aws-cli"
    cmd = [
      "iam",
      "generate-credential-report"
    ]
    env = param.conn.env
  }

  output "status" {
    description = "A structure with status details about the credentials report generates."
    value       = jsondecode(step.container.generate_iam_credential_report.stdout)
  }
}

This will go a long way for folks to run a scheduled pipeline locally or in Pipes every x hours to generate the report behind the scenes.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requeststaleNo recent activity has been detected on this issue/PR and it will be closed

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions