Overview
Before diving into this section, complete get started for general understanding of Selefra workflow.
The section gives guidance on how to write customized Selefra rules in a project. After finishing this section, you will be able to extend usage to a much more systematic approach.
Project Structure
Selefra will officially generate a set of standard templates.
.
├── logs
├── selefra.yaml
├── providers.yaml
└── rules.yaml
There are 3 main modules generated by selefra init
:
selefra
contains settings for the project and providers' plugins.providers
contains provider credentials and account settings.rules
is the core of any Selefra project, it defines analysis tasks in SQL and YAML syntax.
In fact, you can design your own architecture. No matter how many yaml files you create, selfra cli will eventually be summarized into a yaml file for use.
Configuration Language
Selefra configuration files are written in YAML (version 1.2.2) (opens in a new tab). Every new project comes with default settings that you can tweak to suit more use cases. Check out our example plugin for AWS misconfiguration check can be found here (opens in a new tab).
Enable Auditing
Download plugin templates to the local file rules.yaml
.
Three Steps to Write Your Own Rule
- Before writing a rule, refer to Providers Connectors to locate resources to provision.
- Write SQL queries in individual rule files just like
rules.yaml
. See rules for detailed instructions on how to code in rule blocks and arguments.
Great job! Next, let's move on to configuring modules.