cfn-guardian 0.1.0 → 0.6.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (71) hide show
  1. checksums.yaml +4 -4
  2. data/.dockerignore +1 -0
  3. data/.github/workflows/build-gem.yml +25 -0
  4. data/.github/workflows/release-gem.yml +25 -0
  5. data/.github/workflows/release-image.yml +33 -0
  6. data/.rspec +1 -0
  7. data/Dockerfile +19 -0
  8. data/Gemfile.lock +39 -21
  9. data/README.md +9 -378
  10. data/cfn-guardian.gemspec +7 -5
  11. data/docs/alarm_templates.md +130 -0
  12. data/docs/cli.md +182 -0
  13. data/docs/composite_alarms.md +24 -0
  14. data/docs/custom_checks/azure_file_check.md +28 -0
  15. data/docs/custom_checks/domain_expiry.md +10 -0
  16. data/docs/custom_checks/http.md +59 -0
  17. data/docs/custom_checks/log_group_metric_filters.md +27 -0
  18. data/docs/custom_checks/nrpe.md +29 -0
  19. data/docs/custom_checks/port.md +40 -0
  20. data/docs/custom_checks/sftp.md +73 -0
  21. data/docs/custom_checks/sql.md +44 -0
  22. data/docs/custom_checks/tls.md +25 -0
  23. data/docs/custom_metrics.md +71 -0
  24. data/docs/event_subscriptions.md +67 -0
  25. data/docs/maintenance_mode.md +85 -0
  26. data/docs/notifiers.md +33 -0
  27. data/docs/overview.md +22 -0
  28. data/docs/resources.md +93 -0
  29. data/docs/variables.md +58 -0
  30. data/lib/cfnguardian.rb +325 -37
  31. data/lib/cfnguardian/cloudwatch.rb +132 -0
  32. data/lib/cfnguardian/codecommit.rb +54 -0
  33. data/lib/cfnguardian/codepipeline.rb +138 -0
  34. data/lib/cfnguardian/compile.rb +142 -18
  35. data/lib/cfnguardian/config/defaults.yaml +103 -0
  36. data/lib/cfnguardian/deploy.rb +2 -16
  37. data/lib/cfnguardian/display_formatter.rb +163 -0
  38. data/lib/cfnguardian/drift.rb +79 -0
  39. data/lib/cfnguardian/error.rb +4 -0
  40. data/lib/cfnguardian/log.rb +0 -1
  41. data/lib/cfnguardian/models/alarm.rb +193 -59
  42. data/lib/cfnguardian/models/check.rb +128 -33
  43. data/lib/cfnguardian/models/composite.rb +21 -0
  44. data/lib/cfnguardian/models/event.rb +201 -49
  45. data/lib/cfnguardian/models/event_subscription.rb +96 -0
  46. data/lib/cfnguardian/models/metric_filter.rb +28 -0
  47. data/lib/cfnguardian/resources/amazonmq_rabbitmq.rb +136 -0
  48. data/lib/cfnguardian/resources/application_targetgroup.rb +2 -0
  49. data/lib/cfnguardian/resources/azure_file.rb +20 -0
  50. data/lib/cfnguardian/resources/base.rb +155 -33
  51. data/lib/cfnguardian/resources/ec2_instance.rb +11 -0
  52. data/lib/cfnguardian/resources/ecs_service.rb +2 -2
  53. data/lib/cfnguardian/resources/http.rb +17 -1
  54. data/lib/cfnguardian/resources/internal_http.rb +74 -0
  55. data/lib/cfnguardian/resources/internal_port.rb +33 -0
  56. data/lib/cfnguardian/resources/internal_sftp.rb +58 -0
  57. data/lib/cfnguardian/resources/log_group.rb +26 -0
  58. data/lib/cfnguardian/resources/network_targetgroup.rb +1 -0
  59. data/lib/cfnguardian/resources/port.rb +25 -0
  60. data/lib/cfnguardian/resources/rds_cluster.rb +14 -0
  61. data/lib/cfnguardian/resources/rds_instance.rb +73 -0
  62. data/lib/cfnguardian/resources/redshift_cluster.rb +2 -2
  63. data/lib/cfnguardian/resources/sftp.rb +50 -0
  64. data/lib/cfnguardian/resources/sql.rb +3 -3
  65. data/lib/cfnguardian/resources/tls.rb +66 -0
  66. data/lib/cfnguardian/s3.rb +3 -2
  67. data/lib/cfnguardian/stacks/main.rb +94 -72
  68. data/lib/cfnguardian/stacks/resources.rb +111 -43
  69. data/lib/cfnguardian/string.rb +12 -0
  70. data/lib/cfnguardian/version.rb +1 -1
  71. metadata +133 -10
data/lib/cfnguardian/models/check.rb CHANGED
@@ -2,54 +2,91 @@ require 'cfnguardian/string'
2
2
 
3
3
  module CfnGuardian
4
4
  module Models
5
- class Check
5
+ class BaseCheck
6
6
 
7
7
  attr_reader :type
8
- attr_accessor :class,
8
+ attr_accessor :group,
9
9
  :name,
10
+ :package,
10
11
  :handler,
11
12
  :version,
12
13
  :runtime,
13
- :environment
14
+ :environment,
15
+ :subnets,
16
+ :vpc,
17
+ :memory,
18
+ :timeout
14
19
 
15
20
  def initialize(resource)
16
21
  @type = 'Check'
17
- @class = nil
22
+ @group = nil
18
23
  @name = nil
19
24
  @package = nil
20
25
  @handler = nil
21
26
  @version = nil
22
27
  @runtime = nil
23
28
  @environment = ''
24
- end
25
-
26
- def to_h
27
- Hash[instance_variables.map { |name| [name[1..-1].to_sym, instance_variable_get(name)] } ]
29
+ @subnets = nil
30
+ @vpc = nil
31
+ @memory = 128
32
+ @timeout = 120
28
33
  end
29
34
  end
30
35
 
31
- class HttpCheck < Check
36
+ class HttpCheck < BaseCheck
32
37
  def initialize(resource)
33
38
  super(resource)
34
- @class = 'Http'
39
+ @group = 'Http'
35
40
  @name = 'HttpCheck'
36
- @package = 'aws-lambda-http-check'
37
- @handler = 'handler.main'
38
- @version = '0.1'
41
+ @package = 'http-check'
42
+ @handler = 'handler.http_check'
43
+ @version = 'f739631de74f1a882163b7e584a8b4710ccbc134'
44
+ @runtime = 'python3.7'
45
+ end
46
+ end
47
+
48
+ class InternalHttpCheck < HttpCheck
49
+ def initialize(resource)
50
+ super(resource)
51
+ @group = 'InternalHttp'
52
+ @name = 'InternalHttpCheck'
53
+ @subnets = resource['Subnets']
54
+ @vpc = resource['VpcId']
55
+ @environment = resource['Environment']
56
+ end
57
+ end
58
+
59
+ class PortCheck < BaseCheck
60
+ def initialize(resource)
61
+ super(resource)
62
+ @group = 'Port'
63
+ @name = 'PortCheck'
64
+ @package = 'port-check'
65
+ @handler = 'handler.port_check'
66
+ @version = '356203b2a720ba0730622f978e677b88f8d0c328'
39
67
  @runtime = 'python3.6'
40
68
  end
41
69
  end
42
70
 
43
- class NrpeCheck < Check
44
- attr_accessor :subnets, :vpc
45
-
71
+ class InternalPortCheck < PortCheck
72
+ def initialize(resource)
73
+ super(resource)
74
+ @group = 'InternalPort'
75
+ @name = 'InternalPortCheck'
76
+ @subnets = resource['Subnets']
77
+ @vpc = resource['VpcId']
78
+ @environment = resource['Environment']
79
+ end
80
+ end
81
+
82
+ class NrpeCheck < BaseCheck
46
83
  def initialize(resource)
47
84
  super(resource)
48
- @class = 'Nrpe'
85
+ @group = 'Nrpe'
49
86
  @name = 'NrpeCheck'
50
87
  @package = 'aws-lambda-nrpe-check'
51
88
  @handler = 'main'
52
- @version = '0.2'
89
+ @version = 'aa51a0ad497a6c012a3639da0eb3446e4c0f9540'
53
90
  @runtime = 'go1.x'
54
91
  @subnets = resource['Subnets']
55
92
  @vpc = resource['VpcId']
@@ -57,40 +94,49 @@ module CfnGuardian
57
94
  end
58
95
  end
59
96
 
60
- class SslCheck < Check
97
+ class SslCheck < BaseCheck
61
98
  def initialize(resource)
62
99
  super(resource)
63
- @class = 'Ssl'
100
+ @group = 'Ssl'
64
101
  @name = 'SslCheck'
65
102
  @package = 'aws-lambda-ssl-check'
66
103
  @handler = 'main'
67
- @version = '0.1'
104
+ @version = 'a25fd4006d1f95c06f3c098188543f5eea1986da'
68
105
  @runtime = 'go1.x'
69
106
  end
70
107
  end
71
108
 
72
- class DomainExpiryCheck < Check
109
+ class InternalSslCheck < SslCheck
73
110
  def initialize(resource)
74
111
  super(resource)
75
- @class = 'DomainExpiry'
112
+ @group = 'InternalSsl'
113
+ @name = 'InternalSslCheck'
114
+ @subnets = resource['Subnets']
115
+ @vpc = resource['VpcId']
116
+ @environment = resource['Environment']
117
+ end
118
+ end
119
+
120
+ class DomainExpiryCheck < BaseCheck
121
+ def initialize(resource)
122
+ super(resource)
123
+ @group = 'DomainExpiry'
76
124
  @name = 'DomainExpiryCheck'
77
125
  @package = 'aws-lambda-dns-check'
78
126
  @handler = 'main'
79
- @version = '0.1'
127
+ @version = '9db96ca32379faddc47e55849b7e296b7b70a48e'
80
128
  @runtime = 'go1.x'
81
129
  end
82
130
  end
83
131
 
84
- class SqlCheck < Check
85
- attr_accessor :subnets, :vpc
86
-
132
+ class SqlCheck < BaseCheck
87
133
  def initialize(resource)
88
134
  super(resource)
89
- @class = 'Sql'
135
+ @group = 'Sql'
90
136
  @name = 'SqlCheck'
91
137
  @package = 'aws-lambda-sql-check'
92
138
  @handler = 'main'
93
- @version = '0.1'
139
+ @version = '83bd6399c0376c98df90dd5f29e49d629c556cee'
94
140
  @runtime = 'go1.x'
95
141
  @subnets = resource['Subnets']
96
142
  @vpc = resource['VpcId']
@@ -98,17 +144,66 @@ module CfnGuardian
98
144
  end
99
145
  end
100
146
 
101
- class ContainerInstanceCheck < Check
147
+ class ContainerInstanceCheck < BaseCheck
102
148
  def initialize(resource)
103
149
  super(resource)
104
- @class = 'ContainerInstance'
150
+ @group = 'ContainerInstance'
105
151
  @name = 'ContainerInstanceCheck'
106
- @package = 'aws-lambda-ecs-container-instance-check'
152
+ @package = 'ecs-containder-instance-check'
107
153
  @handler = 'handler.run_check'
108
- @version = '0.1'
154
+ @version = '4f650d5846d6e8d19f0139bccdeeb147f03f0dd6'
109
155
  @runtime = 'python3.6'
110
156
  end
111
157
  end
158
+
159
+ class TLSCheck < BaseCheck
160
+ def initialize(resource)
161
+ super(resource)
162
+ @group = 'TLS'
163
+ @name = 'TLSCheck'
164
+ @package = 'tls-version-check'
165
+ @handler = 'handler.run_check'
166
+ @version = 'de83afdde0d976364af37ad7552a8496c3c94ab5'
167
+ @runtime = 'python3.7'
168
+ end
169
+ end
170
+
171
+ class SFTPCheck < BaseCheck
172
+ def initialize(resource)
173
+ super(resource)
174
+ @group = 'SFTP'
175
+ @name = 'SFTPCheck'
176
+ @package = 'sftp-check'
177
+ @handler = 'handler.sftp_check'
178
+ @version = '987e71f2607347e13e3f156535059d6d3ce1ceed'
179
+ @runtime = 'python3.7'
180
+ end
181
+ end
182
+
183
+ class InternalSFTPCheck < SFTPCheck
184
+ def initialize(resource)
185
+ super(resource)
186
+ @group = 'InternalSFTP'
187
+ @name = 'InternalSFTPCheck'
188
+ @subnets = resource['Subnets']
189
+ @vpc = resource['VpcId']
190
+ @environment = resource['Environment']
191
+ end
192
+ end
193
+
194
+ class AzureFileCheck < BaseCheck
195
+ def initialize(resource)
196
+ super(resource)
197
+ @group = 'AzureFile'
198
+ @name = 'AzureFileCheck'
199
+ @package = 'azure-file-check'
200
+ @handler = 'handler.file_check'
201
+ @version = 'cc37aa8fe4855570132431611b507274b390f4c1'
202
+ @runtime = 'python3.7'
203
+ @memory = 256
204
+ @timeout = 600
205
+ end
206
+ end
112
207
 
113
208
  end
114
209
  end
data/lib/cfnguardian/models/composite.rb ADDED
@@ -0,0 +1,21 @@
1
+ module CfnGuardian
2
+ module Models
3
+ class Composite
4
+
5
+ attr_reader :type
6
+ attr_accessor :name,
7
+ :description,
8
+ :rule,
9
+ :alarm_action
10
+
11
+ def initialize(name,params = {})
12
+ @type = 'Composite'
13
+ @name = name
14
+ @description = params.fetch('Description', '')
15
+ @rule = params.fetch('Rule', 'FALSE')
16
+ @alarm_action = params.fetch('Action', nil)
17
+ end
18
+
19
+ end
20
+ end
21
+ end
data/lib/cfnguardian/models/event.rb CHANGED
@@ -2,49 +2,36 @@ require 'cfnguardian/string'
2
2
 
3
3
  module CfnGuardian
4
4
  module Models
5
- class Event
5
+ class BaseEvent
6
6
 
7
7
  attr_reader :type
8
- attr_accessor :class,
8
+ attr_accessor :group,
9
9
  :target,
10
10
  :hash,
11
11
  :name,
12
12
  :cron,
13
13
  :enabled,
14
- :resource
14
+ :resource,
15
+ :environment,
16
+ :payload,
17
+ :ssm_parameters
15
18
 
16
19
  def initialize(resource)
17
20
  @type = 'Event'
18
- @class = nil
21
+ @group = nil
19
22
  @target = nil
20
23
  @hash = Digest::MD5.hexdigest resource['Id']
21
24
  @name = @hash
22
25
  @cron = "* * * * ? *"
23
26
  @enabled = true
24
27
  @resource = resource['Id'].to_resource_name
25
- end
26
-
27
- def to_h
28
- return {
29
- type: @type,
30
- class: @class,
31
- target: @target,
32
- hash: @hash,
33
- name: @name,
34
- cron: @cron,
35
- enabled: @enabled,
36
- resource: @resource,
37
- payload: event_payload()
38
- }
39
- end
40
-
41
- def event_payload
42
- {}.to_json
43
- end
44
-
28
+ @environment = ""
29
+ @payload = {}.to_json
30
+ @ssm_parameters = []
31
+ end
45
32
  end
46
33
 
47
- class HttpEvent < Event
34
+ class HttpEvent < BaseEvent
48
35
 
49
36
  attr_accessor :endpoint,
50
37
  :method,
@@ -56,7 +43,7 @@ module CfnGuardian
56
43
 
57
44
  def initialize(resource)
58
45
  super(resource)
59
- @class = 'Http'
46
+ @group = 'Http'
60
47
  @name = 'HttpEvent'
61
48
  @target = 'HttpCheckFunction'
62
49
  @endpoint = resource['Id']
@@ -66,9 +53,10 @@ module CfnGuardian
66
53
  @body_regex = resource.fetch('BodyRegex',nil)
67
54
  @headers = resource.fetch('Headers',nil)
68
55
  @payload = resource.fetch('Payload',nil)
56
+ @compressed = resource.fetch('Compressed',false)
69
57
  end
70
58
 
71
- def event_payload
59
+ def payload
72
60
  payload = {
73
61
  'ENDPOINT' => @endpoint,
74
62
  'METHOD' => @method,
@@ -78,23 +66,66 @@ module CfnGuardian
78
66
  payload['BODY_REGEX_MATCH'] = @body_regex unless @body_regex.nil?
79
67
  payload['HEADERS'] = @headers unless @headers.nil?
80
68
  payload['PAYLOAD'] = @payload unless @payload.nil?
69
+ payload['COMPRESSED'] = '1' if @compressed
81
70
  return payload.to_json
82
71
  end
83
72
  end
84
73
 
85
- class NrpeEvent < Event
74
+ class InternalHttpEvent < HttpEvent
75
+ def initialize(resource,environment)
76
+ super(resource)
77
+ @group = 'InternalHttp'
78
+ @name = 'InternalHttpEvent'
79
+ @target = "InternalHttpCheckFunction#{environment}"
80
+ @environment = environment
81
+ end
82
+ end
83
+
84
+ class PortEvent < BaseEvent
85
+ def initialize(resource)
86
+ super(resource)
87
+ @group = 'Port'
88
+ @name = 'PortEvent'
89
+ @target = 'PortCheckFunction'
90
+ @hostname = resource['Id']
91
+ @port = resource['Port']
92
+ @timeout = resource.fetch('Timeout',120)
93
+ end
94
+
95
+ def payload
96
+ return {
97
+ 'HOSTNAME' => @hostname,
98
+ 'PORT' => @port,
99
+ 'TIMEOUT' => @timeout,
100
+ 'STATUS_CODE_MATCH' => @status_code
101
+ }.to_json
102
+ end
103
+ end
104
+
105
+ class InternalPortEvent < PortEvent
106
+ def initialize(resource,environment)
107
+ super(resource)
108
+ @group = 'InternalPort'
109
+ @name = 'InternalPortEvent'
110
+ @target = "InternalPortCheckFunction#{environment}"
111
+ @environment = environment
112
+ end
113
+ end
114
+
115
+ class NrpeEvent < BaseEvent
86
116
  def initialize(resource,environment,command)
87
117
  super(resource)
88
- @class = 'Nrpe'
118
+ @group = 'Nrpe'
89
119
  @name = 'NrpeEvent'
90
120
  @target = "NrpeCheckFunction#{environment}"
91
121
  @host = resource['Id']
92
122
  @environment = environment
93
123
  @region = resource.fetch('Region',"${AWS::Region}")
124
+ @hash = Digest::MD5.hexdigest "#{resource['Id']}#{command}"
94
125
  @command = command
95
126
  end
96
127
 
97
- def event_payload
128
+ def payload
98
129
  return {
99
130
  'host' => @host,
100
131
  'environment' => @environment,
@@ -104,18 +135,18 @@ module CfnGuardian
104
135
  end
105
136
  end
106
137
 
107
- class SslEvent < Event
138
+ class SslEvent < BaseEvent
108
139
  def initialize(resource)
109
140
  super(resource)
110
- @class = 'Ssl'
141
+ @group = 'Ssl'
111
142
  @name = 'SslEvent'
112
143
  @target = 'SslCheckFunction'
113
- @cron = "0 12 * * ? *"
144
+ @cron = resource.fetch('Schedule', "0 12 * * ? *")
114
145
  @url = resource['Id']
115
146
  @region = resource.fetch('Region',"${AWS::Region}")
116
147
  end
117
148
 
118
- def event_payload
149
+ def payload
119
150
  return {
120
151
  'Url' => @url,
121
152
  'Region' => @region
@@ -123,32 +154,42 @@ module CfnGuardian
123
154
  end
124
155
  end
125
156
 
126
- class DomainExpiryEvent < Event
157
+ class InternalSslEvent < SslEvent
158
+ def initialize(resource,environment)
159
+ super(resource)
160
+ @group = 'InternalSsl'
161
+ @name = 'InternalSslEvent'
162
+ @target = "InternalSslCheckFunction#{environment}"
163
+ @environment = environment
164
+ end
165
+ end
166
+
167
+ class DomainExpiryEvent < BaseEvent
127
168
 
128
169
  attr_accessor :domain,
129
170
  :region
130
171
 
131
172
  def initialize(resource)
132
173
  super(resource)
133
- @class = 'DomainExpiry'
174
+ @group = 'DomainExpiry'
134
175
  @name = 'DomainExpiryEvent'
135
176
  @target = 'DomainExpiryCheckFunction'
136
- @cron = "0 12 * * ? *"
177
+ @cron = resource.fetch('Schedule', "0 12 * * ? *")
137
178
  @domain = resource['Id']
138
179
  @region = resource.fetch('Region',"${AWS::Region}")
139
180
  end
140
181
 
141
- def event_payload
142
- {'Domain' => @domain}.to_json
182
+ def payload
183
+ return {'Domain' => @domain}.to_json
143
184
  end
144
185
  end
145
186
 
146
- class SqlEvent < Event
147
- def initialize(resource,query)
187
+ class SqlEvent < BaseEvent
188
+ def initialize(resource,query,environment)
148
189
  super(resource)
149
- @class = 'Sql'
190
+ @group = 'Sql'
150
191
  @name = 'SqlEvent'
151
- @target = 'SqlCheckFunction'
192
+ @target = "SqlCheckFunction#{environment}"
152
193
  @host = resource['Id']
153
194
  @engine = resource['Engine']
154
195
  @port = resource['Port']
@@ -157,9 +198,10 @@ module CfnGuardian
157
198
  @query = query
158
199
  @region = resource.fetch('Region',"${AWS::Region}")
159
200
  @test_type = '1-row-1-value-zero-is-good'
201
+ @environment = environment
160
202
  end
161
203
 
162
- def event_payload
204
+ def payload
163
205
  return {
164
206
  'Host' => @host,
165
207
  'Engine' => @engine,
@@ -171,20 +213,130 @@ module CfnGuardian
171
213
  'TestType' => @test_type
172
214
  }.to_json
173
215
  end
216
+
217
+ def ssm_parameters
218
+ params = []
219
+ params << @ssm_username
220
+ params << @ssm_password
221
+ return params
222
+ end
174
223
  end
175
224
 
176
- class ContainerInstanceEvent < Event
225
+ class ContainerInstanceEvent < BaseEvent
177
226
  def initialize(resource)
178
227
  super(resource)
179
- @class = 'ContainerInstance'
228
+ @group = 'ContainerInstance'
180
229
  @name = 'ContainerInstanceEvent'
181
230
  @target = 'ContainerInstanceCheckFunction'
182
- @cron = "0/5 * * * ? *"
231
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
183
232
  @cluster = resource['Id']
184
233
  end
185
234
 
186
- def event_payload
187
- {'CLUSTER' => @cluster}.to_json
235
+ def payload
236
+ return {'CLUSTER' => @cluster}.to_json
237
+ end
238
+ end
239
+
240
+ class SFTPEvent < BaseEvent
241
+ def initialize(resource)
242
+ super(resource)
243
+ @group = 'SFTP'
244
+ @name = 'SFTPEvent'
245
+ @target = 'SFTPCheckFunction'
246
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
247
+ @host = resource['Id']
248
+ @user = resource['User']
249
+ @port = resource.fetch('Port', nil)
250
+ @server_key = resource.fetch('ServerKey', nil)
251
+ @password = resource.fetch('Password', nil)
252
+ @private_key = resource.fetch('PrivateKey', nil)
253
+ @private_key_pass = resource.fetch('PrivateKeyPass', nil)
254
+ @file = resource.fetch('File', nil)
255
+ @file_regex_match = resource.fetch('FileRegexMatch', nil)
256
+ end
257
+
258
+ def payload
259
+ payload = {
260
+ 'HOSTNAME' => @host,
261
+ 'USERNAME' => @user
262
+ }
263
+ payload['PORT'] = @port unless @port.nil?
264
+ payload['SERVER_KEY'] = @server_key unless @server_key.nil?
265
+ payload['PASSWORD'] = @password unless @password.nil?
266
+ payload['PRIVATEKEY'] = @private_key unless @private_key.nil?
267
+ payload['PRIVATEKEY_PASSWORD'] = @private_key_pass unless @private_key_pass.nil?
268
+ payload['FILE'] = @file unless @file.nil?
269
+ payload['FILE_REGEX_MATCH'] = @file_regex_match unless @file_regex_match.nil?
270
+ return payload.to_json
271
+ end
272
+
273
+ def ssm_parameters
274
+ params = []
275
+ params << @password unless @password.nil?
276
+ params << @private_key unless @private_key.nil?
277
+ params << @private_key_pass unless @private_key_pass.nil?
278
+ return params
279
+ end
280
+ end
281
+
282
+ class InternalSFTPEvent < SFTPEvent
283
+ def initialize(resource,environment)
284
+ super(resource)
285
+ @group = 'InternalSFTP'
286
+ @name = 'InternalSFTPEvent'
287
+ @target = "InternalSFTPCheckFunction#{environment}"
288
+ @environment = environment
289
+ end
290
+ end
291
+
292
+ class TLSEvent < BaseEvent
293
+ def initialize(resource)
294
+ super(resource)
295
+ @group = 'TLS'
296
+ @name = 'TLSEvent'
297
+ @target = 'TLSCheckFunction'
298
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
299
+ @host = resource['Id']
300
+ @port = resource.fetch('Port', 443)
301
+ @check_max = resource.fetch('MaxSupported', nil)
302
+ @versions = resource.fetch('Versions', ['SSLv2','SSLv3','TLSv1','TLSv1.1','TLSv1.2'])
303
+ end
304
+
305
+ def payload
306
+ payload = {
307
+ 'HOSTNAME' => @host,
308
+ 'PORT' => @port
309
+ }
310
+ payload['CHECK_MAX_SUPPORTED'] = @check_max.nil?
311
+ payload['PROTOCOLS'] = @versions unless @versions.nil?
312
+ return payload.to_json
313
+ end
314
+ end
315
+
316
+ class AzureFileEvent < BaseEvent
317
+ def initialize(resource)
318
+ super(resource)
319
+ @group = 'AzureFile'
320
+ @name = 'AzureFileEvent'
321
+ @target = 'AzureFileCheckFunction'
322
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
323
+ @storage_account = resource['Id']
324
+ @container = resource['Container']
325
+ @connection_string = resource['ConnectionString']
326
+ @search = resource['Search']
327
+ end
328
+
329
+ def payload
330
+ return {
331
+ 'STORAGE_ACCOUNT' => @storage_account,
332
+ 'CONTAINER' => @container,
333
+ 'CONNECTION_STRING' => @connection_string,
334
+ 'SEARCH' => @search
335
+ }.to_json
336
+ end
337
+
338
+ def ssm_parameters
339
+ return [@connection_string]
188
340
  end
189
341
  end
190
342