Skip to main content
Skip table of contents

AWS EC2 Actions

Actions for AWS EC2

Lucidum allows you to automatically perform the following actions on assets that meet your criteria. You define the criteria for assets by creating a query.

Use Cases

  • Stop Instance. You might want to stop an EC2 instance if:

    • the instance is under-used and the running cost of the instance is high

    • the instance has a critical vulnerability and requires remediation before it can be back on the network

  • Start Instance. You might want to start an EC2 instance if:

    • the instance was stopped for maintenance or updates and can now rejoin the network

  • Tag Instance. You might want to add a tag to an instance if:

    • your corporate policy requires tagging and you found an untagged instance

    • you want to add an additional tag to an instance

Prerequisites

To create actions that act upon AWS EC2 assets, you will require an Access Key ID and Access Key Secret for an AWS account that has AWS EC2 Full Access permission.

Workflow

To create an action in Lucidum, follow these steps:

  1. Choose Action Center from the left pane.

  2. In the Action Center, choose from the action types in the Channels pane.

  3. To create a configuration for the action, click the Manage Configuration button. A configuration provides the connection and authorization information to communicate with the external solution.

  4. Save the configuration.

  5. To create an action, click the Create a new action button. An action specifies the task to execute, the data to include in the action, and how frequently to execute the action.

  6. Save the action.

  7. Lucidum automatically executes the action at the time and recurrence you defined in the action.

You can apply an existing configuration to more than one action. If a configuration already exists, you might be able to re-use the existing configuration and might not need to create a new one.

Configuration for an AWS EC2 Action

  • Configuration Name. Identifier for the Configuration. This name will appear in the Lucidum Action Center.

  • Access Key ID (Single Account Access). AWS Access Key ID for an AWS account with read and write access.

  • Access Key Secret (Single Account Access). AWS Access Key Secret for an AWS account with read and write access.

Create a new action/View Action

  • Action Type. Select an action from the pulldown options.

  • Configuration Name. Select an action configuration from the pulldown options.

  • Action Name. Identifier for the action. This name will appear in the Lucidum Action Center.

  • Description. Description of the action.

  • Filters. For new actions, the Add Filter button leads to the New Query page, where you can query for the assets or users that the action will act upon. For existing actions, this field displays the query for this action. The Edit Filter button leads to the New Query page, with the current query already loaded for editing. For details on creating and editing queries in Lucidum, see the section on Building Queries.

  • Schedule Settings. Define the schedule for the action. Choices are setting a Recurrence by date and time or After Data Ingestion, which happens at least once every 24 hours and can also be triggered manually.

  • Do not trigger the action unless. Specify the number of results from Filters as a prerequisite for the action.

  • Output Fields. For each record specified in the Filters field, the Output Fields specifies the columns to include. When creating or editing the query, you can select the display fields in the Query Results page > Edit Column button.

  • EC2 Action. EC2 action to execute. Choices are START_INSTANCE, STOP_INSTANCE, TAG_INSTANCE, AND UNTAG_INSTANCE.

  • Tag Key. If you selected TAG_INSTANCE or UNTAG_INSTANCE in the EC2 Action field, specify the key (name) for the tag you want to create or delete.

  • Tag Value. If you selected TAG_INSTANCE or UNTAG_INSTANCE in the EC2 Action field, specify the value for the tag you want to create or delete.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.