Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Lake Integration should support cross-account #276

Open
kclinden opened this issue Jun 20, 2024 · 0 comments
Open

Security Lake Integration should support cross-account #276

kclinden opened this issue Jun 20, 2024 · 0 comments
Labels
level/task Task issue type/enhancement Enhancement issue

Comments

@kclinden
Copy link

Is your feature request related to a problem? Please describe.
The 4.9.0 security lake integration currently assumes that the lambda function is running from the same account as AWS Security Lake. This should be ran from a different account the Lambda role should assume the Security Lake created role with an external id.

Describe the solution you'd like
Enhance the Security Lake integration to support cross account

Describe alternatives you've considered
Run the lambda in the same account as security lake which is not recommended by the AWS Security Reference Architecture

Additional context
Source - https://github.com/wazuh/wazuh-indexer/blob/4.9.0/integrations/amazon-security-lake/src/lambda_function.py#L50

@kclinden kclinden added level/task Task issue type/enhancement Enhancement issue labels Jun 20, 2024
@wazuhci wazuhci moved this to Backlog in Release 4.9.0 Jun 24, 2024
@havidarou havidarou removed this from Release 4.9.0 Jul 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
level/task Task issue type/enhancement Enhancement issue
Projects
None yet
Development

No branches or pull requests

1 participant