Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Minor Bugfix PR #422

Merged
merged 16 commits into from
May 25, 2023
Merged
Show file tree
Hide file tree
Changes from 15 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion NOTICE.txt
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
rdk
Copyright 2017-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
Copyright 2017-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
56 changes: 28 additions & 28 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ For complete documentation, including command reference, check out the

## Getting Started

Uses python 3.7/3.8/3.9 and is installed via pip. Requires you to have
Uses Python 3.7+ and is installed via pip. Requires you to have
an AWS account and sufficient permissions to manage the Config service,
and to create S3 Buckets, Roles, and Lambda Functions. An AWS IAM Policy
Document that describes the minimum necessary permissions can be found
Expand Down Expand Up @@ -126,7 +126,7 @@ rule and populate it with several files, including a skeleton of your
Lambda code.

```bash
rdk create MyRule --runtime python3.8 --resource-types AWS::EC2::Instance --input-parameters '{"desiredInstanceType":"t2.micro"}'
rdk create MyRule --runtime python3.10 --resource-types AWS::EC2::Instance --input-parameters '{"desiredInstanceType":"t2.micro"}'
Running create!
Local Rule files created.
```
Expand Down Expand Up @@ -220,7 +220,7 @@ will overwrite existing values, any that you do not specify will not be
changed.

```bash
rdk modify MyRule --runtime python3.9 --maximum-frequency TwentyFour_Hours --input-parameters '{"desiredInstanceType":"t2.micro"}'
rdk modify MyRule --runtime python3.10 --maximum-frequency TwentyFour_Hours --input-parameters '{"desiredInstanceType":"t2.micro"}'
Running modify!
Modified Rule 'MyRule'. Use the `deploy` command to push your changes to AWS.
```
Expand All @@ -239,7 +239,7 @@ Once you have completed your compliance validation code and set your
Rule's configuration, you can deploy the Rule to your account using the
`deploy` command. This will zip up your code (and the other associated
code files, if any) into a deployable package (or run a gradle build if
you have selected the java8 runtime or run the lambda packaging step
you have selected the java8 runtime or run the Lambda packaging step
from the dotnet CLI if you have selected the dotnetcore1.0 runtime),
copy that zip file to S3, and then launch or update a CloudFormation
stack that defines your Config Rule, Lambda function, and the necessary
Expand Down Expand Up @@ -272,8 +272,8 @@ You can also deploy the Rule to your AWS Organization using the
`deploy-organization` command. For successful evaluation of custom rules
in child accounts, please make sure you do one of the following:

1. Set ASSUME_ROLE_MODE in Lambda code to True, to get the lambda to assume the Role attached on the Config Service and confirm that the role trusts the master account where the Lambda function is going to be deployed.
2. Set ASSUME_ROLE_MODE in Lambda code to True, to get the lambda to assume a custom role and define an optional parameter with key as ExecutionRoleName and set the value to your custom role name; confirm that the role trusts the master account of the organization where the Lambda function will be deployed.
1. Set ASSUME_ROLE_MODE in Lambda code to True, to get the Lambda to assume the Role attached on the Config Service and confirm that the role trusts the master account where the Lambda function is going to be deployed.
2. Set ASSUME_ROLE_MODE in Lambda code to True, to get the Lambda to assume a custom role and define an optional parameter with key as ExecutionRoleName and set the value to your custom role name; confirm that the role trusts the master account of the organization where the Lambda function will be deployed.

```bash
rdk deploy-organization MyRule
Expand All @@ -300,7 +300,7 @@ doesn't exist within 7 hours of adding an account to your organization.
### View Logs For Deployed Rule

Once the Rule has been deployed to AWS you can get the CloudWatch logs
associated with your lambda function using the `logs` command.
associated with your Lambda function using the `logs` command.

```bash
rdk logs MyRule -n 5
Expand All @@ -321,8 +321,8 @@ make sure it is behaving as expected.

The `testing` directory contains scripts and buildspec files that I use
to run basic functionality tests across a variety of CLI environments
(currently Ubuntu linux running python 3.7/3.8/3.9, and Windows Server
running python3.9). If there is interest I can release a CloudFormation
(currently Ubuntu Linux running Python 3.7/3.8/3.9/3.10, and Windows Server
running Python 3.10). If there is interest I can release a CloudFormation
template that could be used to build the test environment, let me know
if this is something you want!

Expand All @@ -340,10 +340,10 @@ are used by other teams or departments. This gives the compliance team
confidence that their rule logic cannot be tampered with and makes it
much easier for them to modify rule logic without having to go through a
complex deployment process to potentially hundreds of AWS accounts. The
cross-account pattern uses two advanced RDK features
cross-account pattern uses two advanced RDK features:

- Functions-only deployment
- create-rule-template command
- `--functions-only` (`-f`) deployment
- `create-rule-template` command

#### Functions-Only Deployment

Expand All @@ -369,8 +369,8 @@ This command generates a CloudFormation template that defines the AWS
Config rules themselves, along with the Config Role, Config data bucket,
Configuration Recorder, and Delivery channel necessary for the Config
rules to work in a satellite account. You must specify the file name for
the generated template using the [--output-file]{.title-ref} or
[o]{.title-ref} command line flags. The generated template takes a
the generated template using the `--output-file` or
`-o` command line flags. The generated template takes a
single parameter of the AccountID of the central compliance account that
contains the Lambda functions that will back your custom Config Rules.
The generated template can be deployed in the desired satellite accounts
Expand All @@ -394,7 +394,7 @@ by rdk. To disable the supported resource check use the optional flag
'--skip-supported-resource-check' during the create command.

```bash
rdk create MyRule --runtime python3.8 --resource-types AWS::New::ResourceType --skip-supported-resource-check
rdk create MyRule --runtime python3.10 --resource-types AWS::New::ResourceType --skip-supported-resource-check
'AWS::New::ResourceType' not found in list of accepted resource types.
Skip-Supported-Resource-Check Flag set (--skip-supported-resource-check), ignoring missing resource type error.
Running create!
Expand All @@ -413,7 +413,7 @@ performing `rdk create`. This opens up new features like :
2. Custom lambda function naming as per personal or enterprise standards.

```bash
rdk create MyLongerRuleName --runtime python3.8 --resource-types AWS::EC2::Instance --custom-lambda-name custom-prefix-for-MyLongerRuleName
rdk create MyLongerRuleName --runtime python3.10 --resource-types AWS::EC2::Instance --custom-lambda-name custom-prefix-for-MyLongerRuleName
Running create!
Local Rule files created.
```
Expand Down Expand Up @@ -533,21 +533,21 @@ are happy to help and discuss.

## Contacts

- **Benjamin Morris** - [bmorrissirromb](https://github.com/bmorrissirromb) - *current maintainer*
- **Julio Delgado Jr** - [tekdj7](https://github.com/tekdj7) - *current maintainer*
- **Benjamin Morris** - [bmorrissirromb](https://github.com/bmorrissirromb) - _current maintainer_
- **Julio Delgado Jr** - [tekdj7](https://github.com/tekdj7) - _current maintainer_

## Past Contributors

- **Michael Borchert** - *Original Python version*
- **Jonathan Rault** - *Original Design, testing, feedback*
- **Greg Kim and Chris Gutierrez** - *Initial work and CI definitions*
- **Henry Huang** - *Original CFN templates and other code*
- **Santosh Kumar** - *maintainer*
- **Jose Obando** - *maintainer*
- **Jarrett Andrulis** - [jarrettandrulis](https://github.com/jarrettandrulis) - *maintainer*
- **Sandeep Batchu** - [batchus](https://github.com/batchus) - *maintainer*
- **Mark Beacom** - [mbeacom](https://github.com/mbeacom) - *maintainer*
- **Ricky Chau** - [rickychau2780](https://github.com/rickychau2780) - *maintainer*
- **Michael Borchert** - _Original Python version_
- **Jonathan Rault** - _Original Design, testing, feedback_
- **Greg Kim and Chris Gutierrez** - _Initial work and CI definitions_
- **Henry Huang** - _Original CFN templates and other code_
- **Santosh Kumar** - _maintainer_
- **Jose Obando** - _maintainer_
- **Jarrett Andrulis** - [jarrettandrulis](https://github.com/jarrettandrulis) - _maintainer_
- **Sandeep Batchu** - [batchus](https://github.com/batchus) - _maintainer_
- **Mark Beacom** - [mbeacom](https://github.com/mbeacom) - _maintainer_
- **Ricky Chau** - [rickychau2780](https://github.com/rickychau2780) - _maintainer_

## License

Expand Down
34 changes: 34 additions & 0 deletions developer_notes.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Developer Notes

These notes are intended to help RDK developers update the repository consistently.

## New Runtime Support Process

These instructions document the parts of the repository that need to be updated when support for a new Lambda runtime is added.

### Update pyproject.toml

- Add to `classifiers` list:

```yaml
"Programming Language :: Python :: <VER>,"
```

- Add to `include` list:

```yaml
"rdk/template/runtime/python<VER>/*",
"rdk/template/runtime/python<VER>-lib/*",
```

### Update README.md

- Update documentation and examples

### Update rdk.py

- Update references to include new version

### Update Linux and Windows Buildspec files (`testing` folder)

- Add new test cases for the new version
5 changes: 4 additions & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
# or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
[tool.poetry]
name = "rdk"
version = "0.14.0"
version = "0.15.0"
description = "Rule Development Kit CLI for AWS Config"
authors = [
"AWS RDK Maintainers <[email protected]>",
Expand All @@ -25,6 +25,7 @@ classifiers = [
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
]
include = [
"README.md",
Expand All @@ -46,6 +47,8 @@ include = [
"rdk/template/runtime/python3.8-lib/*",
"rdk/template/runtime/python3.9/*",
"rdk/template/runtime/python3.9-lib/*",
"rdk/template/runtime/python3.10/*",
"rdk/template/runtime/python3.10-lib/*",
"rdk/template/runtime/dotnetcore1.0/*",
"rdk/template/runtime/dotnetcore1.0/bin/*",
"rdk/template/runtime/dotnetcore1.0/obj/*",
Expand Down
2 changes: 1 addition & 1 deletion rdk-workshop/instructions.md
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ Note: It might take up to 2 hours to get the information about the CIS benchmark
## (Optional) Going further
7. Discover all the available [Managed Config Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html).

8. Navigate to [AWS System Manager Automation Documents](https://eu-west-1.console.aws.amazon.com/systems-manager/documents?region=eu-west-1) to discover all existing remediation actions.
8. Navigate to [AWS System Manager Automation Documents](https://us-east-1.console.aws.amazon.com/systems-manager/documents?region=us-east-1) to discover all existing remediation actions.


# Lab 2: Writing Your First Config Rule
Expand Down
2 changes: 1 addition & 1 deletion rdk/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,4 @@
#
# or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

MY_VERSION = "0.14.0"
MY_VERSION = "0.15.0"
Loading