The AWS Inventory integration enables FireTail to automatically scan and discover your API and AI resources in AWS. The integration improves visibility and helps manage API and AI security risks by regularly scanning for new or updated resources. Using AWS IAM roles and CloudFormation templates, FireTail gains the necessary permissions to retrieve the API and AI metadata and updates the selected FireTail application with the discovered resources. You can configure scan regions, set update frequency, and filter by tags to focus on specific environments. To set up the integration:
1. Navigate to Integrations in the FireTail platform.
2. Click AWS Inventory Scanning.
3. In the Name of Integration field, enter a name for the integration. The integration is Enabled by default. Toggle off to make inactive.
4. Choose your deployment method. You can either:
5. Return to the FireTail platform. Paste the copied value in the AWS Role ARN field.
6. Select an application from the dropdown, or click Create to create a new application. Discovered APIs will be grouped under this application. Learn more about applications here.
7. Select the AWS Regions you want to scan.
8. Enter a Scan Frequency. This is how often the scan is done in seconds. The minimum is 900 seconds (15 minutes).
9. Filter on AWS resource (optional). Click Add key - Tags enable you to filter on the environment. Adding tags enables you to limit the scanning of AWS resources with the defined tags. For example, filter by env:prod to limit the scanning of AWS resources to your production environment.
10. Click Submit to complete the setup.
The discovered APIs can be viewed by navigating to the Inventory and selecting the APIs or Applications tab in the FireTail platform. The discovered AI resources can be viewed by navigating to the Inventory and selecting the AI tabs.
When the APIs have been populated on the platform you can then set up API logging using the FireTail API Gateway logging integration.
