Account Reviews

Introduction

In this episode, we explain the steps required to create a Feed depending on the type of sourcing method you are using.

AWS Connector

Use the following steps:

• Go to the "Feeds" tab in the AR module
• Click on Actions / Add
• Provide a Name/Description for your feed
• Select AWS as the Source
• Provide your AWS Key/Secret and Region
• Save

If there is any issue the connector will output the error it gets from AWS

LDAP Connector

Use the following steps:

• Go to the "Feeds" tab in the AR module
• Click on Actions / Add
• Provide a Name/Description for your feed
• Select LDAP as the Source
• Provide your AWS Key/Secret and Region
• Save

If there is any issue the connector will output the error it gets from AWS

File

Assuming your scripts have already been developed and produce the output required by the type of feed you want to create then you have two options to deliver the file to eramba:

• Storing the output of your script into the file system directly (eramba container)
• REST APIs

Note: your script will run on a crontab or similar scheduler, the recurrence of your script should be less than the frequency set on your account review. For example: if you are planning to review accounts for your AWS systems and that review should take place every day, you need to provide an updated feed file every day minus at least one minute.

File System Delivery

Before you create your account review you need to run the script at least once so eramba can validate that the file format is correct. The name of the file you produce must end with .csv and must always be called the same way. You will need the full path of this file in order to create a Feed.

After you run the script once, the file was produced and you validated the content is ok you can create a Feed.

• Run your script and make sure the file is saved in the right directory and meets all requirements
• Go to the "Feed" tab and click on "Actions" / "Add".
• Set a title for the feed, for example, "AWS Accounts" and optionally a description.
• Select "File" as the Source method
• Select the type of Feed you are providing
• Define the full path of the file, for example:  /var/www/eramba/app/upgrade/data/files/account_reviews/aws_accounts.csv
• Save

You can now save the feed, eramba will validate that the CSV format is correct, if it detects any problem it will not let you save and will provide an error.

REST API Delivery

If your script will upload the CSV template using REST calls, then you need to create the Feed files using the REST method.  Use the API documentation to understand how API accounts and permissions must be set up to allow this type of action.

The first time you create the Feed and provide the initial CSV template for validation you need to use an "Add" method, subsequent runs of your script to update the CSV template will use the "Edit" method.

When you submit an erroneously formatted CSV template eramba will clearly state what the error is. We recommend you run the initial "Add" request by yourself and let the script do subsequent "Edit" updates.