Usage Examples of Filter Node

Updated 5 hours ago by Totalcloud

Here are a few examples on how to leverage different types of filters to meet your different cloud management requirements:

1.Filter old IAM users

How-to: If you want to take action on IAM users whose Access Keys age is greater than 90 days – say delete these old IAM roles, you can:

  • Drop the Trigger node in the workflow editor and set the trigger as per your choice.
  • Drop the Resource node in the workflow editor and select IAM service.
  • Drop the Filter node in the workflow editor and select Param filter type.
  • Set Key as iam:GetAccessKeyLastUsed, Operator as >=, Value as 90.
  • Click on Save Node.
2. Filter EC2 instances with Tag Stack DevEnv

How-to: If you want to take action only on EC2 instances with Tag ‘Dev Env,’ you can:

  • Drop the Trigger node in the workflow editor and set the trigger as per your choice.
  • Drop the Resource node in the workflow editor and select EC2 service and Instances as resources in Resource node.
  • Drop the Filter node in the workflow editor and select Tag filter type.
  • Set Key as Stack, Operator as ==, Value as DevEnv.
  • Click on Save Node.
3. Filter instances of instance type T2.micro

How-to: If you want to filter instances of particular instance type, you can:

  • Drop the Trigger node in the workflow editor and set the trigger as per your choice.
  • Drop the Resource node in the workflow editor and select EC2 service and Instances as resources in Resource node.
  • Drop the Filter node in the workflow editor and select Param filter type.
  • Set Key as InstanceType, Operator as ==, Value as t2.micro.
  • Click on Save Node.
4. Filter security groups with port 22 open to the world

How-to: If you want to filter security groups with port 22 open to the world, you can:

  • Drop the Trigger node in the workflow editor and set the trigger as per your choice.
  • Drop the Resource node in the workflow editor and select EC2 service and Instances as resources in Resource node.
  • Click on Add-ons and select Security Groups.
  • Drop the Filter node in the workflow editor and select Security Groups filter type.
  • Select 'Inbound' as the type of rule.
  • Enter '0.0.0.0/0' as the destination.
  • Enter 22 in both From port and To port.
  • Enter 'TCP' as the protocol.
  • Click on Save Node.
5. Filter NACLs that have all ports open to the world

How-to: If you want to filter NACLs that have all ports open to the world, you can:

  • Drop the Trigger node in the workflow editor and set the trigger as per your choice.
  • Drop the Resource node in the workflow editor and select EC2 service and Instances as resources in Resource node.
  • Drop the Filter node in the workflow editor and select Network ACLs filter type.
  • Enter 0.0.0.0/0 as the destination.
  • Enter 'TCP' as the protocol.
  • Select -1 as the to port and from port.
  • Enter -1 as the protocol.
  • Select 'Allow' as the rule.
  • Click on Save Node.


How did we do?