Set up an AWS API inventory integration

Created:
March 13, 2023
Updated:
May 30, 2023

Integrating with AWS API inventory enables the scanning of API resources to populate into the FireTail platform.

1. Go to the Integrations tab on the dashboard. Click Create Integration.

2. Select AWS API inventory.

3. Enter a name for the integration.

4. You can either:

  • Use a Launch Cloudformation template - this is a template that adds a role to the account.
  • Manually deploy. To do this, click Manual setup of IAM Role and follow the onscreen instructions.

5. When using the template, select the Launch IAM role cloudformation template heading.

6. Log in to AWS.

7. Click Launch Cloudformation to launch the template. This opens in a new window.

8. Select the checkbox; I acknowledge that AWS CloudFormation might create IAM resources. Click Create stack.

9. When the CloudFormation Stack has a status of CREATE_COMPLETE, copy the FiretailRoleARN from the Outputs tab.

10. Return to the FireTail platform. Paste the copied value in the AWS role ARN field.

11. Select an application from the dropdown, or click Create to create a new application. This is the application that will be associated with the integratio. When you complete the integration this adds the discovered API's from AWS under the FireTail application that you choose. Learn more about applications here.

12. Select the AWS Regions you want scanned.

13. Enter a Scan Frequency. This is how often the scan is done in seconds.

14. Add Tags (optional) - Tags enable you to filter on the environment. Adding tags enables you to limit the scanning of AWS resources with the defined tags. For example, filter by env:prod to limit the scanning of AWS resources to the production environment.

15. Click Submit.

The discovered APIs can be viewed by navigating to the APIs tab in the dashboard.

When the APIs have been populated on the platform you can then set up API logging using the FireTail API logging integration.