Skip to main content

AWS EC2

aws

Version: 1.5
Updated: Feb 04, 2025

Using the integration with EC2, you can enrich incidents with specific EC2 data, create and delete snapshots, work with elastic addresses and instances, and manipulate security groups.

Actions​

  • Authorize Security Group Ingress Rule (Containment) - Adds the specified ingress rules to a security group.
  • Create Snapshot (Containment) - Creates a new snapshot.
  • Delete Security Group (Containment) - Delete a security group.
  • Delete Snapshot (Containment) - Deletes an existing snapshot.
  • Describe Addresses (Enrichment) - Describes the specified Elastic IP addresses or all Elastic IP addresses.
  • Describe Instances (Enrichment) - Describes the specified instances or all of AWS account's instances.
  • Describe Instances V2 (Enrichment) - Describes the specified instances or all of AWS account's instances with pagination.
  • Describe Key Pairs (Enrichment) - Describes the specified key pairs or all key pairs.
  • Describe Regions (Enrichment) - Describes the Regions that are enabled for an account, or all Regions.
  • Describe Subnets (Enrichment) - Describes one or more subnets.
  • Describe Security Groups (Enrichment) - Describes the specified security groups or all security groups.
  • Describe Snapshots (Enrichment) - Describes a specified EBS snapshots or all of the EBS snapshots available.
  • Describe Volumes (Enrichment) - Describes the specified EBS volumes or all EBS volumes.
  • Describe VPCs (Enrichment) - Describes one or more VPCs.
  • Disassociate Address (Containment) - Disassociates an Elastic IP address from an instance or network interface it's associated with.
  • Get Password Data (Enrichment) - Retrieves the encrypted administrator password for a running Windows instance.
  • Monitor Instance (Containment) - Monitor a specific instance.
  • Release Address (Containment) - Releases the specified Elastic IP address.
  • Reboot Instances (Containment) - Reboot instances.
  • Revoke Security Group Ingress Rule (Containment) - Removes the specified ingress rules from a security group.
  • Start Instance (Containment) - Start an instance.
  • Stop Instance (Containment) - Stop an instance.
  • Terminate Instance (Containment) - Terminate an instance.
  • Unmonitor Instances (Containment) - Discontinue monitoring of a specified instances.

Supported Versions

  • October 2019

External Libraries​

Change Log​

  • October 9, 2019 - First upload
  • March 10, 2022 - Logo
  • June 15, 2023 (v1.2) - Updated the integration with Environmental Variables
  • January 16, 2024 (v1.3)
    • Updated action: Stop Instance (Resolved bug related to checkbox fields)
  • July 04, 2024 (v1.4)
    • Updated action: Describe Instances (Resolved bug related to Instance ID field)
  • February 04, 2025 (v1.5)
    • Added action: Describe Instances V2
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.