- What are Custom Audits?
Custom audits are the user defined checks that helps customers to enforce certain rules to their cloud infrastructure. Customer defined checks will be executed and the resources which doesn’t fall in line with these checks will reported in the Audit Report sections.
2. How to define Custom Audits?
Custom Audits can be defined in the Audit Report page and also in Configure section of the Security and Compliance application. We currently support customs scripts written in python 2.7 with a format supported by Beam.
You need to write the code in the highlighted area shown.
For more information, please click here.
3. What programming languages can Custom Audit support?
Currently we support only Python 2.7 for the development purpose.
4. Can I import external python library or other util functions in custom audits?
Yes, you can use inbuilt python libraries like datetime, json and python functions like len() ,max() ,min() etc.
Also, you can use external libraries like boto3 and requests. If you need any other library for your custom check, you should write to us.
5. Can I upload a file/zip of my own?
No, we don’t support file or zip uploadation for the custom audit. You need to write or paste your part of code in the space provided in our editor section.
In case, you like to check the syntax of you code, you can copy and paste whole code into your python IDE using Copy Script option.
6. How Custom Audits are different from the audits already supported by Beam?
We have covered most of the use-cases through Beam, but we understand there might be few use cases where you need to write your custom check to enforce rules in your team. Custom audits gives you flexibility to have your own rules defined and have data based on the defined rules.
7. When to create a custom audit?
We have tried to cover most of the use-cases through Beam Security and Compliance. But in order to create more specific checks based on your use-case, you can create custom checks.
8. What are the things you should know before creating custom audits?
We need to take care of the following points before making a custom audits:
- Execution time of audit should be less than 4 minutes.
- Currently ,we only support AWS.
- File Size can be upto 30KB.
- Users need to add permissions which are required by Custom audits to their arn given to Beam.
9. What are the permissions required by Custom Audits?
You need to give all the minimum required permissions for executing the Custom Audit. For example, if you needs to describe EC2 instance using custom script then you need to give "ec2:DescribeInstances" to the role given to Beam Security and Compliance application.
10. What are the input parameters?
Input parameters are used to pass the information to your custom job at the time of execution. It should be a valid json object.
11. Where can I see custom audit details?
All the custom audits can be viewed in the Configure section of the application. All the custom audits are listed with the option to Delete/ Deactivate/ Activate the audit.
12. How can I get the execution details of the custom audit?
After execution of a custom audit, you can view the last execution time of each audit in the Configure page.
13. Can I see data that is being generated by custom audit?
Yes, you can view the data generated by custom audits in Audit Report page. It will list all the active custom audit with the resources which doesn’t fall in line with the check.
14. Can I edit a custom audit?
Yes, you can easily edit the custom audit defined through Configure section. We provide you the ability to Edit/Delete/Deactivate/Activate custom audits.
15. What is a run function?
Run function is a python function that require one parameter- sessionObj.
sessionObj is an object which will be assumed by Beam for you AWS account. This sessionObj will create a connection client to the required AWS service. But, you don't need to pass sessionObj as it will be passed by Beam Systems.
16. What is the significance of Severity for each custom audit?
Severity in custom audit helps us in filtering data and showing the data in dashboard in a better useful way.
17. How can we schedule a custom audit?
As of now you cannot schedule a custom audit. Beam will execute the custom check everyday once and will update the data according to that. However, you can refresh anytime by using Audit Now button.
18. Do I need to run an audit after creating or modifying the custom audit?
No, you don’t need to run a manual audit at the time of creation or modification of the audit definition. Beam will refresh the data for all the accounts, for that custom audit.
19. Do I need to create the same custom audit for each account?
No, all the custom audits are created at the customer level, and check will be executed for all the accounts of that customer. However, if you want to have different check rules for your accounts, you need to make separate custom audits.
20. Can I filter result based on the custom audit result set?
Yes, we provide you the ability to filter data based on region and severity for each custom audit.
21. Are custom audit results based on Policy?
No, custom audits are not policy dependent. Custom audits are only dependent on the definition of checks and nothing else.