Amazon AWS

Version: 2.0.0

Amazon Web Services (AWS) is a subsidiary of Amazon.com that provides on-demand cloud computing platforms to individuals, companies and governments, on a paid subscription basis.

Connect Amazon AWS with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for Amazon AWS.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • AWS Region: Provide a valid Region for accessing AWS API. For example, us-west-1.
    • AWS Access Key: To access AWS API, provide a valid Access Key.
    • AWS Secret Key: To access AWS API, provide a valid Secret Key.
  4. After you've entered all the details, click Connect.

Actions for Amazon AWS

IP Address Ranges

Action will get the range of IP Addresses.

Input Field

Choose a connection that you have previously created to complete the connection.

Output

A JSON object containing multiple rows of results:

  • has_error: True/False
  • error: message/null
  • result: IP Address ranges
{
   "syncToken": "1613086452",
   "createDate": "2021-02-11-23-34-12",
   "prefixes": [
      {
         "ip_prefix": "3.5.140.0/22",
         "region": "ap-northeast-2",
         "service": "AMAZON",
         "network_border_group": "ap-northeast-2"
      },
      {
         "ip_prefix": "15.230.56.104/31",
         "region": "us-east-1",
         "service": "AMAZON",
         "network_border_group": "us-east-1"
      },
      {
         "ip_prefix": "35.180.0.0/16",
         "region": "eu-west-3",
         "service": "AMAZON",
         "network_border_group": "eu-west-3"
      },
      {
         "ip_prefix": "52.93.153.170/32",
         "region": "eu-west-2",
         "service": "AMAZON",
         "network_border_group": "eu-west-2"
      },

User Details

Action will get the user details of provided username.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
UsernameColumn name from parent table that contains the username.Required
Display Attached ItemsSelect option True/False to display attached items to this IAM user (default is False).Optional

Output

A JSON object containing multiple rows of results:

  • has_error: True/False
  • error: message/null
  • result: User details.
{
  "Arn": "arn:aws:iam::273248288272:user/indrajeet",
  "CreateDate": "2020-02-20 11:11:58+00:00",
  "PasswordLastUsed": "2021-02-19 14:35:01+00:00",
  "Path": "/",
  "UserId": "AIDAT7HW57YIPXU2NSZPB",
  "UserName": "indrajeet",
  "access_keys": [
    {
      "AccessKeyId": "AKIAT7HW57YIKOZKHAME",
      "CreateDate": "2020-02-20 11:12:00+00:00",
      "Status": "Active",
      "UserName": "indrajeet"
    },
    {
      "AccessKeyId": "AKIAT7HW57YILHERPDXV",
      "CreateDate": "2020-06-01 13:39:47+00:00",
      "Status": "Active",
      "UserName": "indrajeet"
    }
  ],
  "attached_policies": [],
  "git_creds": [],
  "groups": [
    {
      "Arn": "arn:aws:iam::273248288272:group/administrator",
      "CreateDate": "2020-01-15 00:12:01+00:00",
      "GroupId": "AGPAT7HW57YIGCWTILAJL",
      "GroupName": "administrator",
      "Path": "/"
    }
  ],
  "login_profile": {
    "CreateDate": "2020-02-20 11:12:00+00:00",
    "PasswordResetRequired": false,
    "UserName": "indrajeet"
  },
  "mfa_devices": [
    {
      "EnableDate": "2020-12-14 09:54:39+00:00",
      "SerialNumber": "arn:aws:iam::273248288272:mfa/indrajeet",
      "UserName": "indrajeet"
    }
  ],
  "signing_certs": [],
  "ssh_pub_keys": [],
  "user_policies": []
}

Allow/Deny IP to Network ACL

Action will allow/deny IP to Network ACL.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Network ACL IDColumn name that contains network ACL ID.Required
Rule No.Column name that contains rule number.Required
Cidr BlockColumn name that contains CIDR Block.Required
From PortColumn name that contains from the port.Required
To PortColumn name that contains to port.Required
Rule ActionAction to determine to allow/deny IP to Network ACL.Required
ProtocolColumn name that contains protocol information.Required
ICMP protocol codeColumn name that contains protocol code information, Required in case of ICMP.Required
ICMP protocol typeColumn name that contains protocol type information, Required in case of ICMP.Required

Output

A JSON object containing multiple rows of results:

  • has_error: True/False
  • error: message/null
  • result: Rule added to AWS Network ACL.
3360

Delete IAM User

Action will delete provided users identified by usernames along with their attached items. See Delete User.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescritionRequired
UsernameColumn name from parent table that contains the username.Required

Output

A JSON object containing multiple rows of results:

  • has_error: True/False
  • error: message/null
  • msg: User XYZ has been deleted from IAM (if successful)
{
   "error": "Could not delete user indrajeet\nClientError('An error occurred (AccessDenied) when calling the DeleteLoginProfile operation: User: arn:aws:iam::827505017847:user/ec2-read-only is not authorized to perform: iam:DeleteLoginProfile on resource: user indrajeet')",
   "has_error": true
}

Release Notes

  • v2.0.0 - Updated architecture to support IO via filesystem

© Devo Technology Inc. All Rights Reserved.