Rule Development Kit Library for AWS Config
Project description
RDKlib
RDKlib is a Python library to enable you to run custom AWS Config Rules at scale. The library can be used to:
- Help you to focus only on the compliance logic, while the library does the heavy lifting
- Ease maintenance by moving the boilerplate code as a AWS Lambda Layer
- Ease deployment by using AWS Serverless Application Repository
RDKLib works in synergy with the AWS Config Rule Development Kit.
Getting Started
Install the library locally
pip install rdklib
Create a rule using the RDK
The runtime of your RDK rule have to be set to python3.11-lib in the RDK to provide you the Rule template.
- For periodic trigger:
rdk create YOUR_RULE_NAME --runtime python3.11-lib --maximum-frequency TwentyFour_Hours
- For configuration change trigger (for example S3 Bucket):
rdk create YOUR_RULE_NAME --runtime python3.11-lib --resource-types AWS::S3::Bucket
Note: you need to install the RDK first.
Deploy your rule with RDKlib layer
RDKLib is designed to work as a AWS Lambda Layer. It allows you to use the library without needing to include it in your deployment package.
- Install RDKlib layer (with AWS CLI)
aws serverlessrepo create-cloud-formation-change-set --application-id arn:aws:serverlessrepo:ap-southeast-1:711761543063:applications/rdklib --stack-name RDKlib-Layer
# Copy/paste the full change-set ARN to customize the following command
aws cloudformation execute-change-set --change-set-name NAME_OF_THE_CHANGE_SET
aws cloudformation describe-stack-resources --stack-name serverlessrepo-RDKlib-Layer
# Copy the ARN of the Lambda layer in the "PhysicalResourceId" key (i.e. arn:aws:lambda:YOUR_REGION:YOUR_ACCOUNT:layer:rdklib-layer:1).
Note: You can do the same step manually going to https://console.aws.amazon.com/lambda/home#/create/function?tab=serverlessApps and find "rdklib"
- Deploy the rule
rdk deploy YOUR_RULE_NAME --rdklib-layer-arn YOUR_RDKLIB_LAYER_ARN
License
This project is licensed under the Apache-2.0 License.
Feedback / Questions
Feel free to email rdk-maintainers@amazon.com
Contacts
- Benjamin Morris - Maintainer, code, testing
- Carlo DePaolis - Maintainer, code, testing
Acknowledgements
- Mark Beacom - Maintainer, code, testing
- Michael Borchert - Design, code, testing, feedback
- Ricky Chau - Maintainer, code, testing
- Julio Delgado Jr. - Design, testing, feedback
- Chris Gutierrez - Design, feedback
- Joe Lee - Design, feedback
- Jonathan Rault - Maintainer, design, code, testing, feedback
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
