Trend Micro Cloud Conformity

Version: 2.0.0

Trend Micro Cloud Conformity provides continuous security, compliance, and governance for your cloud infrastructure.

Connect Trend Micro Cloud Conformity with Logichub

  1. Navigate to Automations > Integrations.
  2. Search for Trend Micro Cloud Conformity.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Api Token: Api Token to access Trend Micro Cloud Conformity
    • Region: Region to access Trend Micro Cloud Conformity
  4. After you've entered all the details, click Connect.

Actions for Trend Micro Cloud Conformity

List All Accounts

Get all accounts that you have access to.

Input Field

Choose a connection that you have previously created.

Output

JSON containing following items:

{
  "data": [
    {
      "type": "accounts",
      "id": "63457713-88ae-4d70-bc4d-f0f1a290d488",
      "attributes": {
        "name": "integrations",
        "environment": "staging",
        "awsaccount-id": "827505017847",
        "security-package": true,
        "created-date": 1650957280117,
        "last-notified-date": 1652699185645,
        "last-checked-date": 1652699185254,
        "last-monitoring-event-date": null,
        "access": null,
        "tags": [
          "staging"
        ],
        "cloud-type": "aws",
        "resources-count": 780,
        "consumption-tier": "Small: 250-999 resources"
      },
      "relationships": {
        "organisation": {
          "data": {
            "type": "organisations",
            "id": "910286450235"
          }
        }
      }
    }
  ],
  "error": null,
  "has_error": false
}

Get Account Details

Get account details by its Id.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdJinja-templated text containing the Cloud Conformity ID of the account.Required

Output

JSON containing following items:

{
  "data": {
    "type": "accounts",
    "id": "63457713-88ae-4d70-bc4d-f90d488",
    "attributes": {
      "name": "integrations",
      "environment": "staging",
      "awsaccount-id": "82757847",
      "error-code": null,
      "status": "ACTIVE",
      "security-package": true,
      "created-date": 1650957280117,
      "settings": {
        "rules": [
          {
            "enabled": false,
            "id": "S3-021",
            "riskLevel": "HIGH"
          }
        ]
      },
      "last-notified-date": 1652699185645,
      "last-checked-date": 1652699185254,
      "last-monitoring-event-date": null,
      "access": null,
      "bot-status": null,
      "tags": [
        "staging"
      ],
      "cloud-type": "aws",
      "resources-count": 780,
      "consumption-tier": "Small: 250-999 resources"
    },
    "relationships": {
      "organisation": {
        "data": {
          "type": "organisations",
          "id": "910286235"
        }
      }
    }
  },
  "error": null,
  "has_error": false
}

List All Account Checks

List all account checks.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdsJinja-templated text containing the comma separated Cloud Conformity ID of the accounts. Example '123,789'Required
Consistent PaginationJinja-templated text containing the parameter that ensures that no duplicate checks are returned when paginating with the API. Setting this to false increases performance but could also introduce duplicates. (Default as 'true')Optional
FilterJinja-templated text containing all the filter. Example: 'filter[riskLevels]=HIGH&filter[services]=EC2,IAM'Optional
Page SizeJinja-templated text containing the page size for the pagination.Optional
Page NumberJinja-templated text containing the page number for pagination.Optional

Output

JSON containing following items:

{
  "data": [
    {
      "type": "checks",
      "id": "ccc:63457713-88ae-4d70-8:EC2-047:EC2:us-west-2:i-0414e7fb",
      "attributes": {
        "region": "us-west-2",
        "status": "FAILURE",
        "risk-level": "HIGH",
        "pretty-risk-level": "High",
        "message": "EC2 instance i-04ca899bbe7fb is idle",
        "resource": "i-04ca899514e7fb",
        "descriptorType": "ec2-itance",
        "link-title": "i-04ca899514e7fb",
        "resourceName": "EC2 Instance",
        "last-modified-date": 1652544404570,
        "created-date": 1651055706272,
        "categories": [
          "cost-optimisation",
          "sustainability"
        ],
        "compliances": [
          "AWAF",
          "AGISM",
          "FISC-V9"
        ],
        "failure-discovery-date": 1651055706272,
        "ccrn": "ccrn:aws:63457713-88ae-4d70-bc4d-f0f1a290d488:EC2:us-west-2:i-04ca899bb8514e7fb",
        "extradata": [
          {
            "name": "CPU_UTILIZATION",
            "label": "CPU Utilization",
            "type": "META",
            "value": "1%"
          },
          {
            "name": "TYPE",
            "label": "Instance Type",
            "type": "META",
            "value": "t1.micro"
          },
          {
            "name": "NETWORK_UTILIZATION",
            "label": "Network Utilization",
            "type": "META",
            "value": "0 MB"
          }
        ],
        "tags": [
          "Cost Center::Engineering",
          "Name::remote-agent-unix-dev",
          "Application::Integration"
        ],
        "cost": 14,
        "waste": 14,
        "excluded": false,
        "rule-title": "Idle EC2 Instance",
        "link": "https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#Instances:search=i-04ca899bb8514e7fb;sort=desc:dnsName",
        "provider": "aws",
        "resolution-page-url": "https://www.cloudconformity.com/knowledge-base/aws/EC2/idle-instance.html#910286450235",
        "service": "EC2"
      },
      "relationships": {
        "rule": {
          "data": {
            "type": "rules",
            "id": "EC2-047"
          }
        },
        "account": {
          "data": {
            "type": "accounts",
            "id": "63457713-88ae-4d70-bc4d-f0fd488"
          }
        }
      }
    },
    {
      "type": "checks",
      "id": "ccc:63457713-88ae-4d70-bc4d-f0d488:EC2-047:EC2:us-west-2:i-0e3ceab8d8f",
      "attributes": {
        "region": "us-west-2",
        "status": "FAILURE",
        "risk-level": "HIGH",
        "pretty-risk-level": "High",
        "message": "EC2 instance i-0e3cec0e8d8f is idle",
        "resource": "i-0e3ceabc8d8f",
        "descriptorType": "ec2-instance",
        "link-title": "i-0e3ceac0e8d8f",
        "resourceName": "EC2 Instance",
        "last-modified-date": 1652411147004,
        "created-date": 1651055706272,
        "categories": [
          "cost-optimisation",
          "sustainability"
        ],
        "compliances": [
          "AWAF",
          "AGISM",
          "FISC-V9"
        ],
        "failure-discovery-date": 1651055706272,
        "ccrn": "ccrn:aws:63457713-88ae-4d70-bc4d-f0f488:EC2:us-west-2:i-0e3ceab8d8f",
        "extradata": [
          {
            "name": "CPU_UTILIZATION",
            "label": "CPU Utilization",
            "type": "META",
            "value": "0.5%"
          },
          {
            "name": "TYPE",
            "label": "Instance Type",
            "type": "META",
            "value": "t2.micro"
          },
          {
            "name": "NETWORK_UTILIZATION",
            "label": "Network Utilization",
            "type": "META",
            "value": "0 MB"
          }
        ],
        "tags": [
          "os::linux",
          "Cost Center::Engineering",
          "Name::remote-agent-unix-test",
          "Application::Integration"
        ],
        "cost": 8,
        "waste": 8,
        "excluded": false,
        "rule-title": "Idle EC2 Instance",
        "link": "https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#Instances:search=i-0e3ceabccec0e8d8f;sort=desc:dnsName",
        "provider": "aws",
        "resolution-page-url": "https://www.cloudconformity.com/knowledge-base/aws/EC2/idle-instance.html#910286450235",
        "service": "EC2"
      },
      "relationships": {
        "rule": {
          "data": {
            "type": "rules",
            "id": "EC2-047"
          }
        },
        "account": {
          "data": {
            "type": "accounts",
            "id": "63457713-88ae-4d70-bc4d-f0f188"
          }
        }
      }
    }
  ],
  "meta": {
    "total": 2,
    "page-number": 1,
    "page-size": 2
  }
}

List All Events

List all events.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdsJinja-templated text containing the comma separated Cloud Conformity ID of the accounts. Example '123,789'Optional
AWS eventsJinja-templated text, if true returns AWS events.Optional
Azure eventsJinja-templated text, if true returns Azure events.Optional
Cloud Conformity activity-eventsJinja-templated text, if true returns Cloud Conformity activity-events.Optional
FilterJinja-templated text containing all the filter. Example: 'filter[identities]=static-deployer&filter[since]=1519919272016'Optional
Page SizeJinja-templated text containing the page size for pagination.Optional
Page NumberJinja-templated text containing the page number for pagination.Optional

Output

JSON containing following items:

{
  "data": [
    {
      "type": "events",
      "id": "SGSKA_iJOm9T7SCd",
      "attributes": {
        "name": "api.account.rules.settings.get",
        "time": 1652072504813
      },
      "relationships": {
        "organisation": {
          "data": {
            "type": "organisation",
            "id": "91028235"
          }
        },
        "account": {
          "data": {
            "type": "account",
            "id": "63457713-88ae-4d70-bc4d-f0f488"
          }
        },
        "user": {
          "data": {
            "type": "user",
            "id": "urn:cloudone:identity:in-1:910235:apikeytmc128KCmdbPNs6BDA"
          }
        },
        "parent": {
          "data": null
        },
        "rule": {
          "data": null
        },
        "check": {
          "data": null
        }
      }
    },
    {
      "type": "events",
      "id": "XnZswGP1e-rrfxVm",
      "attributes": {
        "name": "account.subscription.updated",
        "time": 1651055624564,
        "extra": {
          "security": true,
          "cost": false,
          "rtm": true
        },
        "description": "The subscription for this account has been updated"
      },
      "relationships": {
        "organisation": {
          "data": {
            "type": "organisation",
            "id": "910235"
          }
        },
        "account": {
          "data": {
            "type": "account",
            "id": "63457713-88ae-4d70-bc4d-f0f1488"
          }
        },
        "user": {
          "data": {
            "type": "user",
            "id": "urn:cloudone:identity:in-1:91028235:user/ffd1d43f-b5c8-4c91-9ce9-091"
          }
        },
        "parent": {
          "data": null
        },
        "rule": {
          "data": null
        },
        "check": {
          "data": null
        }
      }
    }
  ],
  "meta": {
    "total-hits": 7,
    "total-pages": 1,
    "filter": {
      "statuses": [],
      "services": [],
      "ruleIds": [],
      "userIds": [],
      "parentId": null,
      "regions": [],
      "categories": [],
      "compliances": [],
      "riskLevels": [],
      "resources": [],
      "tags": [],
      "identities": [],
      "aws": false,
      "cc": true,
      "azure": false,
      "since": null,
      "until": null,
      "name": "",
      "suppressed": true,
      "pageSize": 100,
      "pageNumber": 0
    }
  },
  "error": null,
  "has_error": false
}

Get Check Details

Get check details by Id.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Check IdJinja-templated text containing the Cloud Conformity ID of the check.Required
FilterJinja-templated text containing all the filter. Example: 'filter[notes]=true&filter[notesLength]=10'Optional

Output

JSON containing following items:

{
  "data": {
    "type": "checks",
    "id": "ccc:63457713-88ae-4d70-bc4d-f08:EC2-042:EC2:us-east-2:sg-02a0606",
    "attributes": {
      "region": "us-east-2",
      "status": "SUCCESS",
      "risk-level": "MEDIUM",
      "pretty-risk-level": "Medium",
      "message": "Security group CentOS 7 -x86_64- - with Updates HVM-1901_01-AutogenByAWSMP-2 doesn't allow ingress from 0.0.0.0/0 or ::/0 to ports 20, 21",
      "resource": "sg-02a06a2b806",
      "descriptorType": "ec2-securitygroup",
      "link-title": "sg-02a06a28806",
      "resourceName": "EC2 Security Group",
      "last-modified-date": 1651055882011,
      "created-date": 1651055882011,
      "categories": [
        "security"
      ],
      "compliances": [
        "AWAF",
        "NIST4",
        "NIST5",
        "ENISA",
        "FISC-V9"
      ],
      "ccrn": "ccrn:aws:63457713-88ae-4d70-b290d488:EC2:us-east-2:sg-02004f8806",
      "extradata": [
        {
          "name": "Attachments",
          "label": "Attachments",
          "value": "",
          "type": "META"
        },
        {
          "name": "Description",
          "label": "Description",
          "value": "This security group was generated by AWS Marketplace and is based on recommended settings for CentOS 7 (x86_64) - with Updates HVM version 1901_01 provided by Centos.org",
          "type": "META"
        }
      ],
      "tags": [],
      "cost": 0,
      "waste": 0,
      "notes": [],
      "not-scored": false,
      "excluded": false,
      "rule-title": "Unrestricted FTP Access",
      "provider": "aws",
      "resolution-page-url": "https://www.cloudconformity.com/knowledge-base/aws/EC2/unrestricted-ftp-access.html#91028235",
      "service": "EC2"
    },
    "relationships": {
      "rule": {
        "data": {
          "type": "rules",
          "id": "EC2-042"
        }
      },
      "account": {
        "data": {
          "type": "accounts",
          "id": "63457713-88ae-4d70-bc4d-f00d488"
        }
      }
    }
  },
  "error": null,
  "has_error": false
}

List Rule Settings

List all rule settings.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdJinja-templated text containing the Cloud Conformity ID of the accounts. Example '123'Required
Include DefaultsSelect whether or not to include default rule settings. (Default is 'false')Optional

Output

JSON containing following items:

{
  "data": {
    "type": "accounts",
    "id": "96d2d6de-8afa-4144-ada3-dadsfasb151060b",
    "attributes": {
      "settings": {
        "rules": [
          {
            "enabled": false,
            "id": "S3-122",
            "riskLevel": "HIGH"
          }
        ],
        "access": {}
      },
      "access": null,
      "cloud-type": "aws"
    },
    "relationships": {
      "organisation": {
        "data": {
          "type": "organisations",
          "id": "633501232060"
        }
      }
    }
  },
  "error": null,
  "has_error": false
}

Get Rule Setting

Get rule setting.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdJinja-templated text containing the Cloud Conformity ID of the accounts. Example '123'Required
Rule IdJinja-templated text containing the ID of the rule. Example '123'Required
Include NotesSelect whether to get notes for the specified rule setting. (Default is False)Optional

Output

JSON containing following items:

{
  "data": {
    "type": "accounts",
    "id": "96d2d6de-8afa-4144-ada3-d612343251060b",
    "attributes": {
      "settings": {
        "rules": [
          {
            "enabled": false,
            "id": "S3-122",
            "riskLevel": "HIGH"
          }
        ],
        "access": {}
      },
      "access": null,
      "cloud-type": "aws"
    },
    "relationships": {
      "organisation": {
        "data": {
          "type": "organisations",
          "id": "633523472060"
        }
      }
    }
  },
  "error": null,
  "has_error": false
}

Scan Account

Scan account by its id.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdJinja-templated text containing the Cloud Conformity ID of the accounts. Example '123'Required

Output

JSON containing following items:

{
  "data": [
    {
      "status": "STARTED"
    }
  ],
  "error": null,
  "has_error": false
}

List Custom Rules

List all custom rules.

Input Field

Choose a connection that you have previously created.

Output

JSON containing following items:

{
  "error_response": {
    "errors": [
      {
        "status": 403,
        "source": {
          "pointer": "/custom-rules"
        },
        "detail": "Forbidden"
      }
    ]
  },
  "error": "Error(403) occurred while sending the request. Please follow the https://cloudone.trendmicro.com/docs/conformity/api-reference/tag/Custom-Rules/#paths/~1custom-rules/get. 403 Client Error: Forbidden for url: https://conformity.in-1.cloudone.trendmicro.com/api/custom-rules",
  "has_error": true
}

Get Organisation External ID

Get organisation external ID.

Input Field

Choose a connection that you have previously created.

Output

JSON containing following items:

{
  "data": {
    "type": "external-ids",
    "id": "489dcab0-da67-11ec-b18d-9351237df39",
    "attributes": {
      "valid-until": 1653393123889
    }
  },
  "error": null,
  "has_error": false
}

List All Profiles

List all profiles.

Input Field

Choose a connection that you have previously created.

Output

JSON containing following items:

{
  "meta": {},
  "data": [],
  "error": null,
  "has_error": false
}

List All Groups

List all groups.

Input Field

Choose a connection that you have previously created.

Output

JSON containing the following items:

{
  "data": [
    {
      "type": "groups",
      "id": "uUmE2v0ns",
      "attributes": {
        "name": "test-group",
        "tags": [
          "dev-environment"
        ],
        "created-date": 1587441074460,
        "last-modified-date": 1590647034893
      },
      "relationships": {
        "organisation": {
          "data": {
            "type": "organisations",
            "id": "B1nHYYpwx"
          }
        },
        "accounts": {
          "data": [
            {
              "type": "accounts",
              "id": "16gZQXGZf"
            }
          ]
        }
      }
    }
  ],
  "error": null,
  "has_error": false
}

List All Reports

List all reports.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdJinja-templated text containing the Cloud Conformity ID of the accounts. Example '123'Optional
Group IdJinja-templated text containing the Group ID. Example '123'Optional
Report Config IdJinja-templated text containing the Report Config ID. Example 'reportConfigId[accountId]=123&reportConfigId[groupId]=14573&reportConfigId[organisationId]=05746378'Optional

Output

JSON containing the following items:

{
  "data": [
    {
      "type": "reports",
      "id": "abc123",
      "attributes": {
        "title": "Organisation Report",
        "created-date": 1581378332097,
        "entity-id": "accountId",
        "report-config-id": "accountId:CONFORMITY_BOT",
        "status": "READY",
        "formats": [
          "CSV"
        ],
        "included": [
          {
            "report-download-endpoint": "https://us-west-2-api.cloudconformity.com/v1/reports/abc123/accountId/csv",
            "type": "CSV"
          }
        ]
      }
    }
  ],
  "error": null,
  "has_error": false
}

Get Excluded Resources

Get excluded resources.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdsJinja-templated text containing the comma separated Cloud Conformity ID of the accounts. Example '123,789'Optional
ExcludedTrue for returning excluded resources. Currently only true is supported.Required
FilterJinja-templated text containing all the filter. Example: 'filter[regions]=us-west-2&filter[tags]=MyBucket'Optional
Page SizeJinja-templated text containing the page size for the pagination.Optional
Page NumberJinja-templated text containing the page number for pagination.Optional

Output

JSON containing the following items:

{
  "data": [
    {
      "type": "resources",
      "id": "ccrn:aws:r1gyR4cqg:CloudFormation:us-west-2:CloudConformityMonitoring",
      "attributes": {
        "account-id": "r1gyR4cqg",
        "ccrn": "ccrn:aws:r1gyR4cqg:CloudFormation:us-west-2:CloudConformityMonitoring",
        "resource": "CloudConformityMonitoring",
        "region": "us-west-2",
        "descriptor-type": "cfm-stack",
        "link": "https://us-west-2.console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks?filter=active",
        "link-title": "CloudConformityMonitoring",
        "resource-name": "CloudFormation Stack",
        "tags": [
          "Version::4"
        ],
        "provider": "aws",
        "excluded-rules": [
          {
            "rule-id": "CFM-001"
          }
        ]
      }
    }
  ],
  "error": null,
  "has_error": false
}

Get Services

Get Services.

Input Field

Choose a connection that you have previously created.

List Template Scanner Rules

List template scanner rules.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
TypeJinja-templated text containing the type of template(cloudformation-template/terraform-template). Default is 'cloudformation-template'Optional

Output

JSON containing the following items:

{
  "data": [
    {
      "type": "services",
      "id": "EC2",
      "attributes": {
        "name": "EC2",
        "provider": "aws"
      },
      "relationships": {
        "rules": [
          {
            "type": "rules",
            "id": "EC2-001"
          }
        ]
      }
    }
  ],
  "included": [
    {
      "id": "EC2-002",
      "name": "SecurityGroupPortRange",
      "description": "Ensure no security group opens range of ports",
      "title": "Security Group Port Range",
      "categories": [
        "security"
      ],
      "risk-level": "HIGH",
      "multi-risk-level": true,
      "knowledge-base-html": "security-group-port-range",
      "must-be-configured": true,
      "package": "base",
      "is-organisational": true,
      "not-scored": true,
      "level": "resource",
      "release-date": "2019-08-24T14:15:22Z",
      "update-date": "2019-08-24T14:15:22Z",
      "is-deprecated": true,
      "provider": "aws",
      "compliances": [
        "NIST4",
        "AWAF"
      ]
    }
  ],
  "error": null,
  "has_error": false 
}

List Template Scanner Rules

List template scanner rules.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
TypeJinja-templated text containing the type of template(cloudformation-template/terraform-template). Default is 'cloudformation-template'Optional

Output

JSON containing the following items:

{
  "data": [
    {
      "type": "rules",
      "id": "string",
      "attributes": {
        "title": "string",
        "description": "string",
        "compliances": [
          "string"
        ],
        "provider": "string",
        "service": "string"
      }
    }
  ],
  "error": null,
  "has_error": false
}

Scan A Template

Scan a template.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
TypeJinja-templated text containing the type of template(cloudformation-template/terraform-template).Required
ContentsJinja-templated text containing the stringified representation of the template to scan.Required
Account IdJinja-templated text containing the comma separated Cloud Conformity ID of the account. Example '123'Optional
ArgumentsJinja-templated text containing the array of objects containing parameter name and values. Example '[{"name1":"value1"},{"name2":"value2"}]'Optional
Profile IdJinja-templated text containing the profile ID. Example '123'Optional
Pseudo ArgumentsJinja-templated text containing object containing pseudo parameter name and values. Example '{"AWS::AccountId":"abcd1234","AWS::Region":"eu-west-1"}'Optional

Output

JSON containing the following items:

{
  "data": [
    {
      "type": "checks",
      "id": "ccc:H19NxM15-:CUSTOM-001:EC2:us-west-2:sg-956d00ea",
      "attributes": {
        "accountId": "FJagHgv1g",
        "categories": [
          "security"
        ],
        "compliances": [
          "NIST4",
          "AWAF"
        ],
        "cost": 3.1968,
        "created-date": 1521660152755,
        "descriptorType": "s3-bucket",
        "eventId": "Skzp7ra1WW",
        "excluded": false,
        "extradata": [
          {
            "label": "Group Id",
            "name": "GroupId",
            "type": "META",
            "value": "sg-2e885d00"
          }
        ],
        "failure-discovery-date": 1521660152755,
        "failure-introduced-by": "[email protected]",
        "ignored": false,
        "last-updated-date": 1521660152755,
        "last-updated-by": "[email protected]",
        "last-modified-date": 1521660152755,
        "lastStatusUpdateDate": 1521660152755,
        "link": "https://s3.console.aws.amazon.com/s3/buckets/gm-bucket-4/?region=us-east-1&tab=overview",
        "link-title": "gm-bucket-4",
        "message": "Bucket S3Bucket allows public 'READ' access.",
        "not-scored": false,
        "notes": [
          {
            "createdBy": "SYmS0YcL-",
            "createdDate": 1511456432526,
            "note": "hello world"
          }
        ],
        "organisationId": "F1r9_41ul",
        "pretty-risk-level": "Medium",
        "provider": "aws",
        "providerResourceId": "arn:aws:sns:us-east-1:123456789012:MyTopic",
        "region": "us-west-2",
        "resolved-date": 1521660152755,
        "resolved-by": "[email protected]",
        "resolution-page-url": "https://www.cloudconformity.com/conformity-rules/IAM/unused-iam-group.html#",
        "resource": "S3Bucket",
        "resourceName": "KeyVault Vault",
        "risk-level": "HIGH",
        "rule-title": "Custom Rule about EC2 SGs",
        "service": "S3",
        "status": "SUCCESS",
        "suppressed": true,
        "suppressed-until": 1521660152755,
        "tags": [
          "key0::value0",
          "key1::value1"
        ],
        "ttl": 1521660152755,
        "waste": 54.32
      },
      "relationships": {
        "rule": {
          "data": {
            "type": "rules",
            "id": "CUSTOM-001"
          }
        },
        "account": {
          "data": {
            "type": "accounts",
            "id": "H19NxM15-"
          }
        }
      }
    }
  ],
  "meta": {
    "missingParameters": [
      "AmazonASN"
    ],
    "errors": [
      {
        "ruleId": "ACM-001",
        "resourceId": "i-1234567890abcdef0",
        "errorMessage": "UNKNOWN ERROR"
      }
    ]
  },
  "error": null,
  "has_error": false
}

Run Custom Rule

Run custom rule.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Account IdJinja-templated text containing the Cloud Conformity ID of the account. Example '123'Required
Custom Rule IdJinja-templated text containing the ID of a saved custom rule to run. Example '123'Required
Resource DataEnables the return of the resource data that was used to evaluate the custom rule. This can only return data for one resource and requires a custom rule configuration to have property resourceId defined. Default is 'False'Optional

Output

JSON containing the following items:

{
  "data":[
      {
        "region": "us-west-2",
        "resource": "CloudConformityMonitoring",
        "ccrn": "ccrn:aws:r1gyR4cqg:CloudFormation:us-west-2:CloudConformityMonitoring",
        "status": "SUCCESS",
        "message": "S3 Bucket CloudConformityMonitoring passed 'Bucket name is longer than 32 characters' rule condition.",
        "extradata": [
          {
            "label": "successEvent",
            "name": "Passed Condition Event",
            "type": "META",
            "value": "Bucket name is longer than 32 characters"
          }
        ]
      }
  ],
	"error": null,
  "has_error": false
}

Get Group Details

Get group details by its Id.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Group IdJinja-templated text containing the Group Id. Example '123'Required

Output

JSON containing the following items:

{
  "data":{
      "data": [
        {
          "type": "groups",
          "id": "uUmE2v0ns",
          "attributes": {
            "name": "test-group",
            "tags": [
              "dev-environment"
            ],
            "created-date": 1587441074460,
            "last-modified-date": 1590647034893
          },
          "relationships": {
            "organisation": {
              "data": {
                "type": "organisations",
                "id": "B1nHYYpwx"
              }
            },
            "accounts": {
              "data": [
                {
                  "type": "accounts",
                  "id": "16gZQXGZf"
                }
              ]
            }
          }
        }
      ]
    },
	"error": null,
  "has_error": false
}

Get Profile And Rule Settings

Get profile and rule settings.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Profile IdJinja-templated text containing the Profile Id. Example '123'Required

Output

JSON containing the following items:

{
  "data":{
      "included": [
        {
          "type": "rules",
          "id": "EC2-055",
          "attributes": {
            "enabled": false,
            "extraSettings": [
              {
                "type": "single-number-value",
                "name": "cpuUtilizationThreshold",
                "value": 2
              }
            ],
            "riskLevel": "HIGH",
            "provider": "aws"
          }
        },
        {
          "type": "rules",
          "id": "EC2-071",
          "attributes": {
            "enabled": false,
            "riskLevel": "HIGH",
            "provider": "aws"
          }
        },
        {
          "type": "rules",
          "id": "RTM-007",
          "attributes": {
            "enabled": false,
            "extraSettings": [
              {
                "type": "multiple-ip-values",
                "name": "authorisedIps",
                "values": [
                  {
                    "value": null,
                    "default": null
                  }
                ]
              },
              {
                "name": "ttl",
                "type": "ttl",
                "value": 24,
                "ttl": true
              }
            ],
            "riskLevel": "HIGH",
            "provider": "aws"
          }
        },
        {
          "type": "rules",
          "id": "S3-006",
          "attributes": {
            "enabled": true,
            "exceptions": {
              "resources": [
                "fadfad"
              ],
              "tags": [
                "adsfs"
              ],
              "filterTags": [
                "dev"
              ]
            },
            "extraSettings": null,
            "riskLevel": "VERY_HIGH",
            "provider": "aws"
          }
        },
        {
          "type": "rules",
          "id": "SNS-002",
          "attributes": {
            "enabled": false,
            "riskLevel": "HIGH",
            "provider": "aws"
          }
        }
      ],
      "data": {
        "type": "profiles",
        "id": "d9yHTrzP0",
        "attributes": {
          "name": "hemen test 1",
          "description": "hemen test 1"
        },
        "relationships": {
          "ruleSettings": {
            "data": [
              {
                "type": "rules",
                "id": "EC2-055"
              },
              {
                "type": "rules",
                "id": "EC2-071"
              },
              {
                "type": "rules",
                "id": "RTM-007"
              },
              {
                "type": "rules",
                "id": "S3-006"
              },
              {
                "type": "rules",
                "id": "SNS-002"
              }
            ]
          }
        }
      }
    },
	"error": null,
  "has_error": false
}

Download Report

Download report.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Report IdJinja-templated text containing the Report Id. Example '123'Required
Entity IdJinja-templated text containing the Entity Id. Example '123'Required
TypeJinja-templated text containing the report type(pdf/csv/xlsx). Example 'pdf'Required

Output

JSON containing the following items:

{
  "data":{
  	"url": "string"
	},
  "error": null,
  "has_error": false
}

Get Custom Rule

Get custom rule by its id.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Custom Rule IdJinja-templated text containing the Custom Rule Id. Example '123'Required

Output

JSON containing the following items:

{
	"data":{
      "data": [
        {
          "type": "CustomRules",
          "id": "CUSTOM-123ABC",
          "attributes": {
            "name": "S3 Bucket Name Length Check",
            "description": "We want to make sure bucket names do not exceed some length",
            "remediationNotes": "If this is broken, please follow these steps:\n1. Step one \n2. Step two\n",
            "service": "S3",
            "resourceType": "s3-bucket",
            "severity": "MEDIUM",
            "enabled": true,
            "categories": [
              "operational-excellence"
            ],
            "attributes": [
              {
                "name": "bucketName",
                "path": "data.Name",
                "required": true
              }
            ],
            "rules": [
              {
                "conditions": {
                  "all": [
                    {
                      "fact": "bucketName",
                      "operator": "pattern",
                      "value": "^([a-zA-Z0-9_-]){1,32}$"
                    }
                  ]
                },
                "event": {
                  "type": "Bucket name is longer than 32 characters"
                }
              }
            ]
          }
        }
      ]
    },
  "error": null,
  "has_error": false
}

Release Notes

  • v2.0.0 - Updated architecture to support IO via filesystem
  • v1.3.0 - Added 5 new actions: Run Custom Rule, Get Group Details, Get Profile And Rule Settings, Download Report and Get Custom Rule.
  • v1.2.1 - Added 6 new actions: List All Groups ,List All Reports, Get Excluded Resources, Get Services, List Template Scanner Rules and Scan A Template.
  • v1.1.1 - Added 6 new actions: List All Profiles, Get Organisation External ID, List Custom Rules, Scan Account, Get Rule Setting and List Rule Settings.
  • v1.0.1 - Added 5 new actions: List All Accounts, Get Account Details, List events, List All Account Checks and Get Check Details.

© Devo Technology Inc. All Rights Reserved.