
Key CloudTrail Events To Monitor for Security in AWS
30 Oct 2017“Manual Run Only” as a Trigger
10 Nov 2017
Not all service schedulers are created equal – we’ve been sourcing feedback from some of our heaviest users and asking them specifically what they like most about GorillaStack compared to our competitors. Some of the responses go beyond the amount of money we help them to save, the governance improvements that we facilitate and the resource optimizations that improve their processes.
Here are the 7 killer features that you can’t live without when scheduling AWS Services:
1. Snooze and Cancel
GorillaStack is unique in that it allows DevOps engineers to snooze and cancel any schedule that’s been set up. More often than you might expect, there are exceptions to your schedule and you’ll want to delay an instance turning off (or on) either indefinitely or for a given period. GorillaStack is built with that kind of convenience in mind:
- Define how long before a scheduled event you want an alert
- Define who in your team receives that alert
- Define how that alert comes in – either by Slack, Teams, email or have webhooks.
- Define who can actually act on that alert
- Choose to snooze / cancel a set or subset of targeted instances.
- Define how long to snooze instances for
Flexibility is a key feature for our users – with just a couple of minutes of configuration you can rest easy that nothing will happen outside of your control.
2. Integrations
We know that teams spend more time in their chat consoles than they do their browsers. That’s why we built in rich Slack and HipChat integrations. You and your team can be kept abreast of all GorillaStack activity. This includes any changes to your environment in a context that makes sense.
Additionally, GorillaStack has a free CloudTrail monitoring tool for Slack that 100s of organizations are using to monitor their infrastructure – improving governance, security and cost optimization for AWS.
3. User Access Control
As well as cost optimization and automation, governance is a key benefit that our customers are always telling us they get from GorillaStack. Often organizations won’t want to give console access to their users or will want to limit which instances they can control and what they can do with them. GorillaStack takes user permissions and security seriously:
- Sign in using Google OAuth or SAML
- 3 default roles including read only, read & write, full team management
- Custom roles – define a role with fine granular permissions around which resources can be managed by the user
- Granular snooze / cancel – allow users to only snooze / cancel a subset of a targeted service
4. Use existing resource tags with advanced logic
GorillaStack allows you to target resources based on your existing tags inside AWS. You can create and define Tag Groups to target groups of multiple tags or even to explicitly ignore tags.
Using GorillaStack’s advanced logic tag group creator you can define Key Value Pairs to target and ignore. You can use traditional basic logic gates to specify which tags fall into a group e.g. “Tag 1 AND Tag 2 OR Tag 3 NOT Tag 4”. This allows for considerable flexibility but also peace of mind that only the exact matched resources are being targeted by a rule.
Furthermore, every time you define a Key Value Pair to be considered by the Tag Group, you can select how that Pair is matched, either by regex, case sensitive or case insensitive.
That’s a whole lot of flexibility!
5. SaaS or Self-hosted
The majority of organizations who work with GorillaStack leverage our SaaS solution to automate our cloud infrastructure with simple role based access for the product. GorillaStack only ever asks for the permissions it needs to automate your cloud. These are defined and given via an inline policy attached to a role in your environment. That way you can be certain that nothing is happening outside of GorillaStack’s purview.
We also work with a number of sensitive organizations as an approved AWS Government Partner. Some of these organizations are subject to regulation and as such cannot grant the required access to a 3rd party. That’s why we created a version which you can host inside your own AWS environment so you have full 360 control over how your services are managed.
6. More than just schedules
Central to our product vision is flexibility and the ability to create rules of your own devising. That’s why we’re constantly extending our rules engine to extend to more than just scheduling as inputs. You can adjust your infrastructure from various events, you’re not just limited to time of day!
7. Pay via AWS
GorillaStack is available via the AWS marketplace. That means you don’t have to worry about procurement or setting up a new billing relationship with us. Just sign up and we’ll get tacked on to your AWS bill at the end of every month. Don’t worry, you can still cancel at any time if you’re not satisfied with our service!
Get in touch
If you’re considering automating and optimizing your cloud or your current provider doesn’t offer all of the above features then we’d love to help you! We’ve helped a bunch of users in the past to migrate from their current automation provider so we can help you with the heavy lifting.
You can reach out via contact us form or even just speak to us on our publicly available Slack Channel – we look forward to hearing from you!