AWS Configuration

This page explains the configuration steps needed for the successful crawling of an AWS account.

Prerequisites

Please make sure to have already installed (follow the instruction here) or deployed the coordimap agent.

:::danger Use a read-only user or policy We stronlgy recommend that you create a read-only AWS user or a policy as described here. This way you can prevent any data modification in case of a bug in the coordimap agent. :::

Configuration File

The agent configuration file for the AWS section should look like the following:

coordimap:
  api_key: ${COORDIMAP_API_KEY}
  data_sources:
    - type: aws
      name: <NAME>
      desc: <DESCRIPTION>
      config:
        - name: policy_config
          value: "true"
        - name: access_key_id
          value: ${ACCESS_KEY_ID}
        - name: secret_access_key
          value: ${SECRET_ACCSS_KEY}
        - name: crawl_interval
          value: 30s

The description of each configuration attribute is explained in the following table:

Attribute Name	Required	Description
type	YES	The type of the data source to crawl. Must be aws
name	YES	Please refer to the shared config page section for more information about this configuration option.
desc	YES	Please refer to the shared config page section for more information about this configuration option.
config.name: policy_config	YES	Set to "true"(note that this is a string) if the agent is deployed to an EC2 machine that has a policy attached to it or if there is a machine that already has AWS config file.
config.name: access_key_id	YES	The AWS ACCESS_KEY_ID.
config.name: secret_access_key	YES	The AWS SECRET_ACCESS_KEY.
config.name: crawl_interval	NO	Please refer to the shared config page section for more information about this configuration option. If not set it will default to the default value.

AWS Configuration

Prerequisites

Configuration File

On this page