Skip to content

Commit

Permalink
Add docs for early March additions
Browse files Browse the repository at this point in the history
  • Loading branch information
@misterpantz
misterpantz committed Mar 15, 2024
1 parent 6a49866 commit 408e9d2
Show file tree
Hide file tree
Showing 6 changed files with 58 additions and 10 deletions.
21 changes: 21 additions & 0 deletions docs/mql/mql-write.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -736,6 +736,27 @@ tfblock {
}
```
### Helpers for data type conversions

Helpers let you convert data to the type you need:

```coffee
> int(1.23)
1

> bool(1)
true

> float(12)
12

> string(1.89)
"1.89"

> regex("w.r.d") == "world 🌎"
/w.r.d/
```

## Error handling

For values that cannot be accessed, MQL provides errors:
Expand Down
4 changes: 2 additions & 2 deletions docs/platform/home.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,15 @@ hide_table_of_contents: true

Mondoo's flagship SaaS platform provides full-stack security, compliance, and asset intelligence for your entire cloud and on-premises infrastructure.

#### Get started
### Get started

- [What Is Mondoo?](/platform/start/plat-what-is/)

- [Create a Mondoo Account](/platform/start/plat-start-acct/)

- [Plan your Mondoo Organization](/platform/start/organize/overview/)

#### [Integrate Your Infrastructure with Mondoo](/platform/infra/overview/)
### [Integrate Your Infrastructure with Mondoo](/platform/infra/overview/)

- [Cloud and Kubernetes](/platform/infra/cloud/overview/)

Expand Down
36 changes: 31 additions & 5 deletions docs/platform/infra/cloud/aws/aws-integration-troubleshooting.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ image: /img/featured_img/mondoo-aws.jpg
description: This document covers how to debug and troubleshoot problems that may come up with the AWS Integration.
---

Troubleshoot problems that may come up deploying, running, and updating the Mondoo AWS Integration.
Troubleshoot problems that may come up deploying, running, and updating the Mondoo AWS integration.

## CloudFormation

Expand Down Expand Up @@ -67,9 +67,9 @@ StackSets with SERVICE_MANAGED permission model can only have OrganizationalUnit

You must remove these StackSet instances manually from an account using the AWS CLI.

### Remove a faulty StackSet from the Organization root using the AWS CLI
### Remove a faulty StackSet from the organization root using the AWS CLI

To remove a faulty StackSet with the AWS CLI , use the `aws cloudformation delete-stack-instances` [command](https://docs.aws.amazon.com/cli/latest/reference/cloudformation/delete-stack-instances.html).
To remove a faulty StackSet with the AWS CLI, use the `aws cloudformation delete-stack-instances` [command](https://docs.aws.amazon.com/cli/latest/reference/cloudformation/delete-stack-instances.html).

:::danger WARNING
Read the [full documentation on this command in the AWS CLI Command Reference](https://docs.aws.amazon.com/cli/latest/reference/cloudformation/delete-stack-instances.html) before you run it in your infrastructure.
Expand Down Expand Up @@ -109,12 +109,24 @@ Depending on how you configured your deployment, not all of the roles above may

:::

### Updates
## Updates

The CloudFormation stack and Lambda function update themselves to the latest available every 8 hours. These updates are independent of each other, meaning that if the CloudFormation stack fails to update, the Lambda code will still be updated.

On occasion, one of these CloudFormation updates may result in an `Update Failed` state on the stack. Sometimes this is a chicken/egg issue that will resolve on the next auto-update. In some cases, a stack will remain in `Update Failed` state until a user manually updates the stack to give it the required extra permissions.

### Force a Lambda update

You can manually force an update to the AWS Lambda from within the Mondoo console:

![Mondoo Platform - force AWS Lambda update](/img/platform/infra/cloud/aws/dotmenu.png)

1. Open the AWS integration.

2. Near the top-right corner of the integration page, select the **...** menu.

3. Select **Force Lambda Update**.

## VPC

### Lambda VPC access
Expand All @@ -125,7 +137,7 @@ Should your Lambda function require VPC access to be able to scan instances, ple

Security groups for all AWS SSM managed instances must include an egress rule to allow outbound traffic on port 443 (HTTPS) to [Mondoo Platform](https://console.mondoo.com) at IP address `34.98.71.94` to send results back to your account.

## Logging
## Logging and metrics

All lambda logs are stored in CloudWatch Logs, under a log group calls `/aws/lambda/MondooLambda` in the region where the CloudFormation was installed.

Expand All @@ -136,6 +148,18 @@ You can search for specific log messages or view a specific time frame of activi

To enable debug logging, add the debug environment variable to the MondooLambda function: `DEBUG=1` by visiting the AWS Mondoo Lambda Console Configuration tab. ![Lambda Console](/img/platform/infra/cloud/aws/lambda-envvars.png)

### Send logging data or metrics to Mondoo

If you're working with the Mondoo team to troubleshoot your AWS integration, you can send diagnostic data and Lambda metrics from within the Mondoo console:

![Mondoo Platform - send AWS information to Mondoo](/img/platform/infra/cloud/aws/dotmenu.png)

1. Open the AWS integration.

2. Near the top-right corner of the integration page, select the **...** menu.

3. Select the information you want to share with the Mondoo team: **Send Lambda Metrics** or **Send Diagnotics Data**.

Check failure on line 161 in docs/platform/infra/cloud/aws/aws-integration-troubleshooting.mdx

View workflow job for this annotation

GitHub Actions / Run spell check 

`Diagnotics` is not a recognized word. (unrecognized-spelling)

## 403 errors and Terraform

A known restriction of the HashiCorp Terraform `aws_iam_policy_attachment` resource can result in 403 errors. According to [HashiCorp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment):
Expand Down Expand Up @@ -173,3 +197,5 @@ And of course, please contact [email protected] and join us in the [Mondoo Comm
- [Scan Continuously with an AWS Integration](/docs/platform/infra/cloud/aws/aws-integration-scan)

---

import { updateApiKey } from "@algolia/client-search";
6 changes: 3 additions & 3 deletions releases/2024-03-05-mondoo-10.6-is-out.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,9 +82,9 @@ Check out our new public repo at [github.com/mondoohq/docs](https://github.com/m
Filter cnspec command line scans by AWS region with new filter options:

```bash
cnquery shell aws --filters all:region=us-east-2
cnquery shell aws --filters region=us-east-2
cnquery shell aws --filters ec2:region=us-east-2
cnspec scan aws --filters all:region=us-east-2
cnspec scan aws --filters region=us-east-2
cnspec scan aws --filters ec2:region=us-east-2
```

Thanks for this great contribution [@montera82](https://github.com/montera82/)!
Expand Down
1 change: 1 addition & 0 deletions releases/2024-03-12-mondoo-10.7-is-out.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Jump right to the source with new direct links to vendor advisories on software
### Improved AWS integration troubleshooting

Failures happen, so let's get to the root cause faster with new troubleshooting options for AWS integrations. The ... menu in the AWS integrations pages now includes new options that:

- Force an update of the Lambda code powering the integration
- Send diagnostics logs directly to Mondoo

Expand Down
Binary file added static/img/platform/infra/cloud/aws/dotmenu.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit 408e9d2

Please sign in to comment.