Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Organizations that do not use AWS Control Tower #84

Open
wants to merge 7 commits into
base: main
Choose a base branch
from

Conversation

gcasilva
Copy link
Collaborator

Adding Support Organizations that do not use AWS Control Tower

@kkvinjam kkvinjam requested a review from jefferyfry February 29, 2024 14:17
@gcasilva
Copy link
Collaborator Author

gcasilva commented Feb 29, 2024

@jefferyfry Like we talked after reviewing this please add to your Lacework ABI documentation:
“If you're using this solution in an AWS organization that doesn't use AWS Control Tower, before deploying this ABI solution you need to make sure:
1 - you have enabled Amazon SNS notification in your CloudTrail trail if using this service integration and,
2 - you need to create IAM roles to Set up basic permissions for stack set operations:
a. You need to create pAdminRoleName [Parameter used while launching the solution] in your management account. The CloudFormation template to create this role is available here.
b. You need to create pExecRoleName [Parameter used while launching the solution] across all child accounts with in the organization. You can use this CloudFormation template and deploy the stack across the organization using instructions from Create a stack set with service-managed permissions

.taskcat.yml Show resolved Hide resolved
templates/cfn-abi-lacework-polygraph.template.yaml Outdated Show resolved Hide resolved
templates/cfn-abi-lacework-polygraph.template.yaml Outdated Show resolved Hide resolved
@gcasilva
Copy link
Collaborator Author

@jefferyfry Can you please review approve this PR to add support for non-control tower environments?

Copy link
Contributor

@jefferyfry jefferyfry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@gcasilva
Copy link
Collaborator Author

gcasilva commented Nov 8, 2024

/do-e2e-tests

Copy link

End to end test has been scheduled

Copy link

E2E tests in progress

Copy link

@aws-ia-automator-prod aws-ia-automator-prod bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

E2E test has completed with errors. If you are an external contributor, please contact the project maintainers for more information.

Fix linting error on cfn-abi-lacework-polygraph.template.yaml
Update Lambda python runtime to 3.11
@gcasilva
Copy link
Collaborator Author

gcasilva commented Nov 8, 2024

/do-e2e-tests

Copy link

End to end test has been scheduled

Copy link

E2E tests in progress

Copy link

@aws-ia-automator-prod aws-ia-automator-prod bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

E2E test has completed with errors. If you are an external contributor, please contact the project maintainers for more information.

Removed scoutsuite for testing
@gcasilva
Copy link
Collaborator Author

/do-e2e-tests

Copy link

End to end test has been scheduled

Copy link

E2E tests in progress

Copy link

@aws-ia-automator-prod aws-ia-automator-prod bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

E2E test has completed with errors. If you are an external contributor, please contact the project maintainers for more information.

@gcasilva
Copy link
Collaborator Author

/do-e2e-tests

Copy link

End to end test has been scheduled

Copy link

E2E tests in progress

Copy link

@aws-ia-automator-prod aws-ia-automator-prod bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

E2E test has completed with errors. If you are an external contributor, please contact the project maintainers for more information.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants