![]() ![]() Requirements: Retrieving and parsing CloudTrail logs non-working days, non-working hours, etc.) Presenting a couple examples of security (rather than pure compliance) scenarios: Detecting brute force on the AWS Console, and detecting suspicious logins (i.e.Using CrowdSec on top of CloudTrail to cover CIS benchmark compliance, with the addition of exceptions and fine-tuning to limit false positives.In this article, I will be covering the following: While this project started simply because we were not satisfied with the AWS chatbot (it cannot be described using IaC tools, it is noisy, offers no exceptions etc.), we went a lot further than the original scope of the project. Spoiler alert: We’re doing the same thing with Kubernetes and the support for Kubernetes audit logs.ĪWS CloudTrail has been a recurrent requested feature, so we decided to give it a shot. While we were working on improving the security of our data lake, we faced some limitations in the existing security tooling that looked like a great use case for CrowdSec!ĬrowdSec already effectively protects workloads on AWS - it supports Kinesis as a data source and AWS WAF as a remediation component - we wanted to be able to protect our AWS infrastructure itself. It exposes us to the use of different AWS services, also in subsequent blogs, I will be sharing how to deploy applications using Dockers and EC2.At CrowdSec, we have a dedicated AWS serverless architecture to process the 20 million signals we receive on a daily basis. This project demonstrates the usefulness of serverless in deploying applications with minimal infrastructure and reduced cost. Under the Request URL, change the URL to endpoints in your serverless deploy output and must be verified and save the changes. Navigate to features> Event Subscriptions, make sure to put on the enable events. To run a check if the deployed correctly, go to the slack dashboard and click on the app you created. In the directory of the app, deploy the app by running $ serverless deploy -aws-profile exampleslackapp. The runtime python 3.8, and the SLACK_TOKEN is the OAth token from your slack app, also SIGNING_SECRET is the signing secret of your slack app. Below is an example of my serverless.yml file. In the directory where you created your app, a serverless.yml file is created. Navigate to the directory of your app and run $ serverless $ serverless deploy –-aws-profile exampleslackapp The block of code is used to install serverless package, run serverless, and deploy the serverless application $ npm install -g serverless Open your terminal and install the serverless package using npm: $ npm install -g serverless ![]() This is to say the servers will be fully and efficiently managed by the cloud provider (AWS) when deploying the code or application. Then click on install to workspace What does Serverless mean?Īn environment where the developers no longer need to worry about managing or developing the application with the traditional method is referred to as Serverless. Navigate to Feature, click on OAuth & Permissions at the right side and scroll down Scopes. The result is shown belowĬlick on your app icon to see created apps or to create a new oneĪfter giving your app name and choosing your preferred workspace, click on create app icon. Run $ aws configure and put in the downloaded credential as stated. To test if installation is a successful run $ aws –-version NOTE: make sure your user has programmatic access to AWS and download the credentials as CSV file for later use. ![]() For this blog, I will be proceeding as a current user.Īfter login, this page should be displayed. If you already have an account, you can log in as a user or create an account as a first-time user. The screenshots are added for easy reference There are few requirements for the project: この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので、ご注意ください。ĭeploying Slack Bot with Serverless framework on AWS Introduction to Serverless FrameworkĪfter about a few months of working with Amazon Web Service tools, I finally laid my hands on deploying a Slack Bot application with a Serverless framework and hosting it on AWS. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |