Collector 'AWS-VPC-NAT-Gateway' Configuration Manual¶

Before reading this document, please read:

Cloud Integration

Tip

Before using this collector, you must install the "Integration Core Package" and its accompanying third-party dependencies.

1. Configuration Structure¶

The configuration structure of this collector is as follows:

Field	Type	Required	Description
`regions`	list	Required	List of regions to be collected
`regions[#]`	str	Required	Region ID. For example: `'cn-north-1'` See appendix for the complete list

2. Configuration Example¶

Collect instance data from the Beijing region

collector_configs = {
    'regions': ['cn-north-1' ]
}

Configuration Filter (Optional)¶

This collector script supports user-defined filters, allowing users to filter target resources based on object attributes. The filter function returns True｜False

True: The target resource needs to be collected.
False: The target resource does not need to be collected

Supported object attributes for filtering:

Attribute	Description
VpcId	VPC ID
SubnetId	Subnet ID where the NAT gateway is located
State	State of the NAT gateway
NatGatewayId	ID of the NAT gateway
ConnectivityType	Indicates whether the NAT gateway supports public or private connections

# Example: Enable the filter, filter based on the NatGatewayId and ConnectivityType attributes of the object. The configuration format is as follows:
def filter_instance(instance):
    '''
    return True｜False
    '''
    instance_id = instance['NatGatewayId']
    conn_type = instance['ConnectivityType']
    if instance_id in ['xxx'] and conn_type in ['xxx']:
        return True
    return False

###### Do not modify the following contents #####
from integration_core__runner import Runner
import integration_aws_vpc_nat_gateway__main as main


@DFF.API('AWS-VPC Nat Gateway Collection', timeout=3600, fixed_crontab='* * * * *')
def run():
    collectors = [
        main.DataCollector(account, collector_configs, filters=[filter_instance]),
    ]
    Runner(collectors).run()

3. Data Reporting Format¶

After data is successfully synchronized, you can view the data in the "Infrastructure - Resource Catalog" of TrueWatch.

Example of reported data:

{
  "measurement": "aws_vpc_nat_gateway",
  "tags": {
    "ConnectivityType": "public",
    "RegionId"        : "cn-north-1",
    "NatGatewayId"    : "nat-xxx",
    "State"           : "available",
    "SubnetId"        : "subnet-xxx",
    "VpcId"           : "vpc-xxx",
    "name"            : "nat-xxx"
  },
  "fields": {
    "CreateTime"         : "2023-11-22T05:44:44Z",
    "NatGatewayAddresses": "[Information about IP addresses and network interfaces associated with the NAT gateway]",
    "Tags"               : "[Tags of the NAT gateway]",
    "message"            : "{Instance JSON data}"
  }
}

Note

Fields in tags and fields may change with subsequent updates

4. IAM Policy Permissions¶

Note

If users use the method of bringing IAM roles to collect resources, certain operation permissions need to be enabled

This collector requires the following permissions:

ec2:DescribeNatGateways

X. Appendix¶

Please refer to the AWS official documentation: