Remediate AWS CIS v3.0 and v4.0 with Flowpipe's interactive wizard →
Flowpipe Hub 
Hub
standard
turbot/aws_thrifty
Overview
94
Pipelines
31
Triggers
139
VariablesGitHub

Pipeline: Detect & correct Route53 records with lower TTL

Overview

Route53 records with a lower TTL result in more DNS queries being received and answered than those with a higher TTL, which in turn results in more costs - common approaches for a TTL are between 3600s (one hour) and 86,400s (one day).

This pipeline detects records with a lower TTL and then either sends a notification or attempts to perform a predefined corrective action.

Getting Started

This control will work out-of-the-box with some sensible defaults (configurable via variables).

You should be able to simply run the following command in your terminal:

flowpipe pipeline run detect_and_correct_route53_records_with_lower_ttl

By default, Flowpipe runs in wizard mode and prompts directly in the terminal for a decision on the action(s) to take for each detected resource.

However, you can run Flowpipe in server mode with external integrations, allowing it to prompt for input via http, slack, teams, etc.

Alternatively, you can choose to configure and run in other modes:

  • Notify: Provides detections without taking any corrective action.
  • Automatic: Performs corrective actions automatically without user intervention.

Run the pipeline

To run this pipeline from your terminal:

flowpipe pipeline run aws_thrifty.pipeline.detect_and_correct_route53_records_with_lower_ttl

Use this pipeline

To call this pipeline from your pipeline, use a step:

step "pipeline" "step_name" {
  pipeline = aws_thrifty.pipeline.detect_and_correct_route53_records_with_lower_ttl  
}

Params

NameTypeRequiredDescriptionDefault
database
connection.steampipe
YesDatabase connection string.connection.steampipe.default
notifier
notifier
YesThe name of the notifier to use for sending notification messages.notifier.default
notification_level
string
info, verbose, error
YesThe verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'.info
approvers
list(notifier)
YesList of notifiers to be used for obtaining action/approval decisions.notifier.default
default_action
string
notify, skip, update_ttl
YesThe default action to use for the detected item, used if no input is provided.notify
enabled_actions
list(string)
skip, update_ttl
YesThe list of enabled actions to provide to approvers for selection.
[
  "skip",
  "update_ttl"
]

Outputs

This pipeline has no outputs.

Tags

category = Cost
class = higher
plugin = aws
recommended = true
service = AWS/Route53