Control AWS costs with 29 FinOps workflows →
Flowpipe Hub 
Hub
samples
turbot/flowpipe-samples/aws-s3-bucket-versioning-enforcement
Overview
2
Pipelines
1
Triggers
5
VariablesGitHub

AWS S3 Bucket Versioning Enforcement

Watches for S3 buckets without versioning enabled and notifies through email asking for approval to enable versioning or delete the bucket.

Installation

Download and install Flowpipe (https://flowpipe.io/downloads). Or use Brew:

brew tap turbot/tap
brew install flowpipe

Clone:

git clone https://github.com/turbot/flowpipe-samples.git
cd public_cloud/aws_s3_bucket_versioning_enforcement

Install mod dependencies:

flowpipe mod install

Credentials

It is recommended to create a credential_import resource to import your AWS connections:

vi ~/.flowpipe/config/aws.fpc
credential_import "aws" {
  source      = "~/.steampipe/config/aws.spc"
  connections = ["*"]
}

For more information on importing credentials, please see Credential Import.

Configuration

Create a notifier resource, which will be used to route inputs and other messages.

For instance:

vi ~/.flowpipe/config/integrations.fpc
integration "email" "my_email" {
  from          = "user@company.com"
  to            = ["user@company.com"]
  smtp_tls      = "required"
  smtps_port    = 587
  smtp_host     = "smtp.mydomain.com"
  smtp_username = "my_user@mydomain.com"
  smtp_password = env("FLOWPIPE_EMAIL_APP_PW")
}


notifier "my_email" {
  notify {
    integration = integration.email.my_email
  }
}

For more examples of integrations and notifiers, please see:

Then set the variable values:

cp flowpipe.fpvars.example flowpipe.fpvars
vi flowpipe.fpvars
# AWS Region
aws_region = "us-east-1"


# Set the AWS credentials profile to use
# aws_cred = "default"


# Steampipe database connection string
# Defaults to local Steampipe database
# You can also set a search path as part of this connection string
# database = "postgresql://steampipe@localhost:9193/steampipe?options=-c%20search_path%3Dput,search,path,here"


# Set the notifier to use for inputs and messages
# Defaults to the "default" notifier
notifier = "my_email"


# Set the schedule for the mod to run
# schedule = "daily"

Usage

Start the Steampipe service:

steampipe service start

Note: Please remember to set search_path or search_path_prefix in your Steampipe workspace options to ensure the right connections are queried.

Run the mod with the Flowpipe server:

flowpipe server --verbose