Syntinel

Syntinel is a policy enforcement engine for Amazon Web Services and Microsoft Azure.

Overview

Syntinel is a targeted implementation of Synapse.Server making use of the AWS and Azure SDKs via Handlers, where the Synapse Plans provide simple query/action interfaces into managing your cloud environments.

Components

Reporter

Scripts, Services, or Agents that discover and forward actionable data to the Relay tier.

Recon

A Syntinel-provided Reporter.

Relay Tier

  • Formats Reporter data to "Signal"
  • Sends Signal message to Subscribers (push notification)
  • Record Signal message in Store
  • Includes Gateway for Signal Cue Response

Resolver

Receives client response and passes to automation provider.

  • Broker: examines config for redirect to proper Resolver
  • Resolver: Automation provider, could be “anything, anywhere”

Signal and Cues

  • JSON message that contains
    • Cues: Options for resolving Signal message
    • UI Abstraction: Generic JSON to describe UI
    • Default Cue Choice: Optional timeout for default Cue

UI Abstraction

  • JSON layout for translation to miscellaneous client types
    • Slack
    • Teams
    • HTML
    • Text
    • Support for “any” client architecture

Resolver Abstraction

  • Resolver Broker examines Signal for selecting proper automation provider
  • AWS Native (Lambda), redirects to “anything” under known provider model

Resolver Provider

  • Proper automation provider to act on targets based on Cue response

Use-Cases

  • Query uptime on servers and shut-down development kit.
  • Validate tags for compliance against desired structure.
  • Validate environment settings for drift against template definition.

Release Status

Syntinel is in active development and not fully released as a product at this time. You may evauluate the AWS Handlers at the links below.

     Source Code     |     Current Release