diff --git a/manual_readme_content.md b/manual_readme_content.md new file mode 100644 index 0000000..552f7a7 --- /dev/null +++ b/manual_readme_content.md @@ -0,0 +1,34 @@ +[comment]: # " File: README.md" +[comment]: # " Copyright (c) 2019-2022 Splunk Inc." +[comment]: # "" +[comment]: # "Licensed under the Apache License, Version 2.0 (the 'License');" +[comment]: # "you may not use this file except in compliance with the License." +[comment]: # "You may obtain a copy of the License at" +[comment]: # "" +[comment]: # " http://www.apache.org/licenses/LICENSE-2.0" +[comment]: # "" +[comment]: # "Unless required by applicable law or agreed to in writing, software distributed under" +[comment]: # "the License is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND," +[comment]: # "either express or implied. See the License for the specific language governing permissions" +[comment]: # "and limitations under the License." +[comment]: # "" +## Asset Configuration + +There are two ways to configure an AWS Inspector asset. The first is to configure the **access_key** +, **secret_key** and **region** variables. If it is preferred to use a role and Phantom is running +as an EC2 instance, the **use_role** checkbox can be checked instead. This will allow the role that +is attached to the instance to be used. Please see the [AWS EC2 and IAM +documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html) +for more information. + +## Assumed Role Credentials + +The optional **credentials** action parameter consists of temporary **assumed role** credentials +that will be used to perform the action instead of those that are configured in the **asset** . The +parameter is not designed to be configured manually, but should instead be used in conjunction with +the Phantom AWS Security Token Service app. The output of the **assume_role** action of the STS app +with data path **assume_role\_\:action_result.data.\*.Credentials** consists of a dictionary +containing the **AccessKeyId** , **SecretAccessKey** , **SessionToken** and **Expiration** key/value +pairs. This dictionary can be passed directly into the credentials parameter in any of the following +actions within a playbook. For more information, please see the [AWS Identity and Access Management +documentation](https://docs.aws.amazon.com/iam/index.html) . diff --git a/readme.html b/readme.html deleted file mode 100644 index c9c1c0b..0000000 --- a/readme.html +++ /dev/null @@ -1,23 +0,0 @@ - - - -

Asset Configuration

-There are two ways to configure an AWS Inspector asset. The first is to configure the access_key, secret_key and region variables. If it is preferred to use a role and Phantom is running as an EC2 instance, the use_role checkbox can be checked instead. This will allow the role that is attached to the instance to be used. Please see the AWS EC2 and IAM documentation for more information. - -

Assumed Role Credentials

-The optional credentials action parameter consists of temporary assumed role credentials that will be used to perform the action instead of those that are configured in the asset. The parameter is not designed to be configured manually, but should instead be used in conjunction with the Phantom AWS Security Token Service app. The output of the assume_role action of the STS app with data path assume_role_<number>:action_result.data.*.Credentials consists of a dictionary containing the AccessKeyId, SecretAccessKey, SessionToken and Expiration key/value pairs. This dictionary can be passed directly into the credentials parameter in any of the following actions within a playbook. For more information, please see the AWS Identity and Access Management documentation. - -