Recommended integrations with AirIAM:
Integration with Bridgecrew cloud
To remove entities en-masse in a simple-to-use, time-efficient manner, we recommend utilizing the free community version
of Bridgecrew's platform, Bridgecrew Cloud.
The setup will contain 3 steps:
- Configuring a new customer with Bridgecrew
- Granting Bridgecrew READ ONLY access to your AWS account
- Finding the relevant automations
To configure a new customer with Bridgecrew, simply go to Bridgecrew Cloud and use one
of the signup methods to create a new user - Google, Github and regular email-based authentication is supported.
To grant Bridgecrew access to your account it is required to deploy a CloudFormation stack
/ terraform module in the
target account.
To deploy using CloudFormation:
- Log into your AWS account. No need to keep that tab open.
- Log into Bridgecrew Cloud
- Go to
Integrationstab, select theAWS Read Accessintegration - Click
ADD ACCOUNTand thenLAUNCH STACK
To deploy using Terraform, import our module from the terraform registry and insert the relevant parameters:
module "bridgecrew-read-only" {
source = "bridgecrewio/bridgecrew-read-only/aws"
version = "0.3.1" // Please make sure this is the latest release!
customer_name = "acme" // Should be the customer name as registered when signing up
aws_profile = "dev" // If using a default set of credentials, should be set to null
}
When running the following command:
airiam remove_unused [-p PROFILE] [-l LAST_SEEN_THRESHOLD]The expected output will be the unused entities, together with links to Bridgecrews playbooks. Clicking these links
will redirect you to your Bridgecrew Cloud account, where you can see the remediation
script, download and use it.
Checkov allows static analysis of terraform code (as well as cloudformation)