Prometheus exporter for AWS Config
Project description
Prometheus exporter for AWS Config
Credits
Heavily based upon Spreaker's Guard Duty exporter
Features
- Exports the number of compliant and non-compliant resources from AWS Config, labelled by region and resource type
- Supports multiple AWS regions
Exported metrics
The exporter exports the following metrics:
Metric name | Type | Labels | Description |
---|---|---|---|
aws_config_exporter_up |
gauge | None | Always 1 : can be used to check if the exporter is running |
aws_config_current_resources |
guage | region ,resource_type |
The total number of resources recorded by AWS Config |
aws_config_compliant_resources |
guage | region ,resource_type |
The number of compliant resources recorded by AWS Config |
aws_config_noncompliant_resources |
guage | region ,resource_type |
The number of non-compliant resources recorded by AWS Config |
aws_config_scrape_errors_total |
counter | region |
The total number of scrape errors |
How to run it
You have two options to run it:
-
Manually install and run the
prometheus-aws-configservice-exporter
Python packagepip3 install prometheus-aws-configservice-exporter prometheus-aws-configservice-exporter --region us-east-1
-
Use the Docker image available on Docker hub
docker run --env AWS_ACCESS_KEY_ID="id" --env AWS_SECRET_ACCESS_KEY="secret" airwalkconsulting/prometheus-aws-configservice-exporter --region us-east-1
The cli supports the following arguments:
Argument | Required | Description |
---|---|---|
--region REGION [REGION ...] |
yes | AWS Config region (can specify multiple space separated regions) |
--throttle SECONDS |
The number of seconds to wait between AWS Config API requests. Float, eg 0.5 . Defaults to 1.0 |
|
--exporter-host |
The host at which the Prometheus exporter should listen to. Defaults to 127.0.0.1 |
|
--exporter-port |
The port at which the Prometheus exporter should listen to. Defaults to 9100 |
|
--log-level LOG_LEVEL |
Minimum log level. Accepted values are: DEBUG , INFO , WARNING , ERROR , CRITICAL . Defaults to INFO |
Required IAM privileges
In order to successfully run, this application requires the following IAM privileges:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ConfigServiceGetOnly",
"Effect": "Allow",
"Action": [
"config:Get*",
],
"Resource": "*"
}
]
}
Development
Run the development environment:
docker-compose build dev && docker-compose run --rm dev
Run tests in the dev environment (Warning: See TODO.md):
python3 -m unittest
License
This software is released under the MIT license.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for prometheus-aws-configservice-exporter-1.0.7.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | c36544abda47e3775e37a4669fd4cce27255a632acd317e3a8fb66f8ddca2a1e |
|
MD5 | 194ae063827546f2afa8d3613e68d84f |
|
BLAKE2b-256 | ebdec3ad1927db3c42084d3155c9aac9815121aad14c17b39876b51522c8cedb |