Skip to content
This repository has been archived by the owner on Feb 15, 2024. It is now read-only.

4n6ir/shipit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
error
error
 
 
shipit
shipit
 
 
timeout
timeout
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
app.py
app.py
 
 
cdk.json
cdk.json
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

shipit

Generate AWS Security Hub findings into a centralized event bus from all regions in all organization accounts.

These are pulled from the Cloud Watch Logs using Subscription filters for error and timeout events.

Dependency

    aws_logs_destinations as _destinations,

Requirement

        account = Stack.of(self).account
        region = Stack.of(self).region

Error

        error = _lambda.Function.from_function_arn(
            self, 'error',
            'arn:aws:lambda:'+region+':'+account+':function:shipit-error'
        )

        errorsub = _logs.SubscriptionFilter(
            self, 'errorsub',
            log_group = logs,
            destination = _destinations.LambdaDestination(error),
            filter_pattern = _logs.FilterPattern.all_terms('ERROR')
        )

Timeout

        timeout = _lambda.Function.from_function_arn(
            self, 'timeout',
            'arn:aws:lambda:'+region+':'+account+':function:shipit-timeout'
        )

        timesub = _logs.SubscriptionFilter(
            self, 'timesub',
            log_group = logs,
            destination = _destinations.LambdaDestination(timeout),
            filter_pattern = _logs.FilterPattern.all_terms('Task','timed','out')
        )

About

Security Hub Integration

4n6ir.com

Topics

aws lambda monitor aws-lambda timeout error cwlogs cdk securityhub

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages