Skip to content
/ steampipe-mod-aws-well-architected Public
forked from turbot/steampipe-mod-aws-well-architected

Are AWS Well-Architected best practices being followed? Use Steampipe to check if your AWS accounts are following best practices from each lens and pillar.

hub.steampipe.io/mods/turbot/aws_well_architected

License

Apache-2.0 license
0 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JeffreyFudge/steampipe-mod-aws-well-architected

BranchesTags
 
 

Repository files navigation

AWS Well-Architected Mod for Steampipe

200+ checks covering AWS Well-Architected Framework defined best practices across all AWS regions.

Run checks in a dashboard: image

Includes support for:

Getting started

Installation

Download and install Steampipe (https://steampipe.io/downloads). Or use Brew:

brew tap turbot/tap
brew install steampipe

Install the AWS plugin with Steampipe:

steampipe plugin install aws

Clone:

git clone https://github.com/turbot/steampipe-mod-aws-well-architected.git
cd steampipe-mod-aws-well-architected

Install mod dependencies:

steampipe mod install

Usage

Before running any benchmarks, it's recommended to generate your AWS credential report:

aws iam generate-credential-report

Start your dashboard server to get started:

steampipe dashboard

By default, the dashboard interface will then be launched in a new browser window at http://localhost:9194. From here, you can run benchmarks by selecting one or searching for a specific one.

Instead of running benchmarks in a dashboard, you can also run them within your terminal with the steampipe check command:

Run all benchmarks:

steampipe check all

Run a single benchmark:

steampipe check benchmark.well_architected_framework

Run a benchmark for a specific pillar:

steampipe check benchmark.well_architected_framework_security

Run a benchmark for a specific question:

steampipe check benchmark.well_architected_framework_sec01

Run a benchmark for a specific best practice:

steampipe check benchmark.well_architected_framework_sec01_bp01

Different output formats are also available, for more information please see Output Formats.

Credentials

This mod uses the credentials configured in the Steampipe AWS plugin.

Configuration

No extra configuration is required.

Common and Tag Dimensions

The benchmark queries use common properties (like account_id, connection_name and region) and tags that are defined in the dependent AWS Compliance mod. These properties can be executed in the following ways:

  • Copy and rename the steampipe.spvars.example file to steampipe.spvars, and then modify the variable values inside that file

  • Pass in a value on the command line:

    steampipe check benchmark.well_architected_framework_security --var 'common_dimensions=["account_id", "connection_name", "region"]'
    steampipe check benchmark.well_architected_framework_security --var 'tag_dimensions=["Environment", "Owner"]'

Contributing

If you have an idea for additional controls or just want to help maintain and extend this mod (or others) we would love you to join the community and start contributing.

Please see the contribution guidelines and our code of conduct. All contributions are subject to the Apache 2.0 open source license.

Want to help but not sure where to start? Pick up one of the help wanted issues:

Credits

About

Are AWS Well-Architected best practices being followed? Use Steampipe to check if your AWS accounts are following best practices from each lens and pillar.

hub.steampipe.io/mods/turbot/aws_well_architected

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

12 tags

Packages

No packages published

Languages

  • HCL 100.0%