cfn-guardian 0.1.0 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. checksums.yaml +4 -4
  2. data/.dockerignore +1 -0
  3. data/.github/workflows/build-gem.yml +25 -0
  4. data/.github/workflows/release-gem.yml +25 -0
  5. data/.github/workflows/release-image.yml +33 -0
  6. data/.rspec +1 -0
  7. data/Dockerfile +19 -0
  8. data/Gemfile.lock +39 -21
  9. data/README.md +9 -378
  10. data/cfn-guardian.gemspec +7 -5
  11. data/docs/alarm_templates.md +130 -0
  12. data/docs/cli.md +182 -0
  13. data/docs/composite_alarms.md +24 -0
  14. data/docs/custom_checks/azure_file_check.md +28 -0
  15. data/docs/custom_checks/domain_expiry.md +10 -0
  16. data/docs/custom_checks/http.md +59 -0
  17. data/docs/custom_checks/log_group_metric_filters.md +27 -0
  18. data/docs/custom_checks/nrpe.md +29 -0
  19. data/docs/custom_checks/port.md +40 -0
  20. data/docs/custom_checks/sftp.md +73 -0
  21. data/docs/custom_checks/sql.md +44 -0
  22. data/docs/custom_checks/tls.md +25 -0
  23. data/docs/custom_metrics.md +71 -0
  24. data/docs/event_subscriptions.md +67 -0
  25. data/docs/maintenance_mode.md +85 -0
  26. data/docs/notifiers.md +33 -0
  27. data/docs/overview.md +22 -0
  28. data/docs/resources.md +93 -0
  29. data/docs/variables.md +58 -0
  30. data/lib/cfnguardian.rb +325 -37
  31. data/lib/cfnguardian/cloudwatch.rb +132 -0
  32. data/lib/cfnguardian/codecommit.rb +54 -0
  33. data/lib/cfnguardian/codepipeline.rb +138 -0
  34. data/lib/cfnguardian/compile.rb +142 -18
  35. data/lib/cfnguardian/config/defaults.yaml +103 -0
  36. data/lib/cfnguardian/deploy.rb +2 -16
  37. data/lib/cfnguardian/display_formatter.rb +163 -0
  38. data/lib/cfnguardian/drift.rb +79 -0
  39. data/lib/cfnguardian/error.rb +4 -0
  40. data/lib/cfnguardian/log.rb +0 -1
  41. data/lib/cfnguardian/models/alarm.rb +193 -59
  42. data/lib/cfnguardian/models/check.rb +128 -33
  43. data/lib/cfnguardian/models/composite.rb +21 -0
  44. data/lib/cfnguardian/models/event.rb +201 -49
  45. data/lib/cfnguardian/models/event_subscription.rb +96 -0
  46. data/lib/cfnguardian/models/metric_filter.rb +28 -0
  47. data/lib/cfnguardian/resources/amazonmq_rabbitmq.rb +136 -0
  48. data/lib/cfnguardian/resources/application_targetgroup.rb +2 -0
  49. data/lib/cfnguardian/resources/azure_file.rb +20 -0
  50. data/lib/cfnguardian/resources/base.rb +155 -33
  51. data/lib/cfnguardian/resources/ec2_instance.rb +11 -0
  52. data/lib/cfnguardian/resources/ecs_service.rb +2 -2
  53. data/lib/cfnguardian/resources/http.rb +17 -1
  54. data/lib/cfnguardian/resources/internal_http.rb +74 -0
  55. data/lib/cfnguardian/resources/internal_port.rb +33 -0
  56. data/lib/cfnguardian/resources/internal_sftp.rb +58 -0
  57. data/lib/cfnguardian/resources/log_group.rb +26 -0
  58. data/lib/cfnguardian/resources/network_targetgroup.rb +1 -0
  59. data/lib/cfnguardian/resources/port.rb +25 -0
  60. data/lib/cfnguardian/resources/rds_cluster.rb +14 -0
  61. data/lib/cfnguardian/resources/rds_instance.rb +73 -0
  62. data/lib/cfnguardian/resources/redshift_cluster.rb +2 -2
  63. data/lib/cfnguardian/resources/sftp.rb +50 -0
  64. data/lib/cfnguardian/resources/sql.rb +3 -3
  65. data/lib/cfnguardian/resources/tls.rb +66 -0
  66. data/lib/cfnguardian/s3.rb +3 -2
  67. data/lib/cfnguardian/stacks/main.rb +94 -72
  68. data/lib/cfnguardian/stacks/resources.rb +111 -43
  69. data/lib/cfnguardian/string.rb +12 -0
  70. data/lib/cfnguardian/version.rb +1 -1
  71. metadata +133 -10
@@ -2,54 +2,91 @@ require 'cfnguardian/string'
2
2
 
3
3
  module CfnGuardian
4
4
  module Models
5
- class Check
5
+ class BaseCheck
6
6
 
7
7
  attr_reader :type
8
- attr_accessor :class,
8
+ attr_accessor :group,
9
9
  :name,
10
+ :package,
10
11
  :handler,
11
12
  :version,
12
13
  :runtime,
13
- :environment
14
+ :environment,
15
+ :subnets,
16
+ :vpc,
17
+ :memory,
18
+ :timeout
14
19
 
15
20
  def initialize(resource)
16
21
  @type = 'Check'
17
- @class = nil
22
+ @group = nil
18
23
  @name = nil
19
24
  @package = nil
20
25
  @handler = nil
21
26
  @version = nil
22
27
  @runtime = nil
23
28
  @environment = ''
24
- end
25
-
26
- def to_h
27
- Hash[instance_variables.map { |name| [name[1..-1].to_sym, instance_variable_get(name)] } ]
29
+ @subnets = nil
30
+ @vpc = nil
31
+ @memory = 128
32
+ @timeout = 120
28
33
  end
29
34
  end
30
35
 
31
- class HttpCheck < Check
36
+ class HttpCheck < BaseCheck
32
37
  def initialize(resource)
33
38
  super(resource)
34
- @class = 'Http'
39
+ @group = 'Http'
35
40
  @name = 'HttpCheck'
36
- @package = 'aws-lambda-http-check'
37
- @handler = 'handler.main'
38
- @version = '0.1'
41
+ @package = 'http-check'
42
+ @handler = 'handler.http_check'
43
+ @version = 'f739631de74f1a882163b7e584a8b4710ccbc134'
44
+ @runtime = 'python3.7'
45
+ end
46
+ end
47
+
48
+ class InternalHttpCheck < HttpCheck
49
+ def initialize(resource)
50
+ super(resource)
51
+ @group = 'InternalHttp'
52
+ @name = 'InternalHttpCheck'
53
+ @subnets = resource['Subnets']
54
+ @vpc = resource['VpcId']
55
+ @environment = resource['Environment']
56
+ end
57
+ end
58
+
59
+ class PortCheck < BaseCheck
60
+ def initialize(resource)
61
+ super(resource)
62
+ @group = 'Port'
63
+ @name = 'PortCheck'
64
+ @package = 'port-check'
65
+ @handler = 'handler.port_check'
66
+ @version = '356203b2a720ba0730622f978e677b88f8d0c328'
39
67
  @runtime = 'python3.6'
40
68
  end
41
69
  end
42
70
 
43
- class NrpeCheck < Check
44
- attr_accessor :subnets, :vpc
45
-
71
+ class InternalPortCheck < PortCheck
72
+ def initialize(resource)
73
+ super(resource)
74
+ @group = 'InternalPort'
75
+ @name = 'InternalPortCheck'
76
+ @subnets = resource['Subnets']
77
+ @vpc = resource['VpcId']
78
+ @environment = resource['Environment']
79
+ end
80
+ end
81
+
82
+ class NrpeCheck < BaseCheck
46
83
  def initialize(resource)
47
84
  super(resource)
48
- @class = 'Nrpe'
85
+ @group = 'Nrpe'
49
86
  @name = 'NrpeCheck'
50
87
  @package = 'aws-lambda-nrpe-check'
51
88
  @handler = 'main'
52
- @version = '0.2'
89
+ @version = 'aa51a0ad497a6c012a3639da0eb3446e4c0f9540'
53
90
  @runtime = 'go1.x'
54
91
  @subnets = resource['Subnets']
55
92
  @vpc = resource['VpcId']
@@ -57,40 +94,49 @@ module CfnGuardian
57
94
  end
58
95
  end
59
96
 
60
- class SslCheck < Check
97
+ class SslCheck < BaseCheck
61
98
  def initialize(resource)
62
99
  super(resource)
63
- @class = 'Ssl'
100
+ @group = 'Ssl'
64
101
  @name = 'SslCheck'
65
102
  @package = 'aws-lambda-ssl-check'
66
103
  @handler = 'main'
67
- @version = '0.1'
104
+ @version = 'a25fd4006d1f95c06f3c098188543f5eea1986da'
68
105
  @runtime = 'go1.x'
69
106
  end
70
107
  end
71
108
 
72
- class DomainExpiryCheck < Check
109
+ class InternalSslCheck < SslCheck
73
110
  def initialize(resource)
74
111
  super(resource)
75
- @class = 'DomainExpiry'
112
+ @group = 'InternalSsl'
113
+ @name = 'InternalSslCheck'
114
+ @subnets = resource['Subnets']
115
+ @vpc = resource['VpcId']
116
+ @environment = resource['Environment']
117
+ end
118
+ end
119
+
120
+ class DomainExpiryCheck < BaseCheck
121
+ def initialize(resource)
122
+ super(resource)
123
+ @group = 'DomainExpiry'
76
124
  @name = 'DomainExpiryCheck'
77
125
  @package = 'aws-lambda-dns-check'
78
126
  @handler = 'main'
79
- @version = '0.1'
127
+ @version = '9db96ca32379faddc47e55849b7e296b7b70a48e'
80
128
  @runtime = 'go1.x'
81
129
  end
82
130
  end
83
131
 
84
- class SqlCheck < Check
85
- attr_accessor :subnets, :vpc
86
-
132
+ class SqlCheck < BaseCheck
87
133
  def initialize(resource)
88
134
  super(resource)
89
- @class = 'Sql'
135
+ @group = 'Sql'
90
136
  @name = 'SqlCheck'
91
137
  @package = 'aws-lambda-sql-check'
92
138
  @handler = 'main'
93
- @version = '0.1'
139
+ @version = '83bd6399c0376c98df90dd5f29e49d629c556cee'
94
140
  @runtime = 'go1.x'
95
141
  @subnets = resource['Subnets']
96
142
  @vpc = resource['VpcId']
@@ -98,17 +144,66 @@ module CfnGuardian
98
144
  end
99
145
  end
100
146
 
101
- class ContainerInstanceCheck < Check
147
+ class ContainerInstanceCheck < BaseCheck
102
148
  def initialize(resource)
103
149
  super(resource)
104
- @class = 'ContainerInstance'
150
+ @group = 'ContainerInstance'
105
151
  @name = 'ContainerInstanceCheck'
106
- @package = 'aws-lambda-ecs-container-instance-check'
152
+ @package = 'ecs-containder-instance-check'
107
153
  @handler = 'handler.run_check'
108
- @version = '0.1'
154
+ @version = '4f650d5846d6e8d19f0139bccdeeb147f03f0dd6'
109
155
  @runtime = 'python3.6'
110
156
  end
111
157
  end
158
+
159
+ class TLSCheck < BaseCheck
160
+ def initialize(resource)
161
+ super(resource)
162
+ @group = 'TLS'
163
+ @name = 'TLSCheck'
164
+ @package = 'tls-version-check'
165
+ @handler = 'handler.run_check'
166
+ @version = 'de83afdde0d976364af37ad7552a8496c3c94ab5'
167
+ @runtime = 'python3.7'
168
+ end
169
+ end
170
+
171
+ class SFTPCheck < BaseCheck
172
+ def initialize(resource)
173
+ super(resource)
174
+ @group = 'SFTP'
175
+ @name = 'SFTPCheck'
176
+ @package = 'sftp-check'
177
+ @handler = 'handler.sftp_check'
178
+ @version = '987e71f2607347e13e3f156535059d6d3ce1ceed'
179
+ @runtime = 'python3.7'
180
+ end
181
+ end
182
+
183
+ class InternalSFTPCheck < SFTPCheck
184
+ def initialize(resource)
185
+ super(resource)
186
+ @group = 'InternalSFTP'
187
+ @name = 'InternalSFTPCheck'
188
+ @subnets = resource['Subnets']
189
+ @vpc = resource['VpcId']
190
+ @environment = resource['Environment']
191
+ end
192
+ end
193
+
194
+ class AzureFileCheck < BaseCheck
195
+ def initialize(resource)
196
+ super(resource)
197
+ @group = 'AzureFile'
198
+ @name = 'AzureFileCheck'
199
+ @package = 'azure-file-check'
200
+ @handler = 'handler.file_check'
201
+ @version = 'cc37aa8fe4855570132431611b507274b390f4c1'
202
+ @runtime = 'python3.7'
203
+ @memory = 256
204
+ @timeout = 600
205
+ end
206
+ end
112
207
 
113
208
  end
114
209
  end
@@ -0,0 +1,21 @@
1
+ module CfnGuardian
2
+ module Models
3
+ class Composite
4
+
5
+ attr_reader :type
6
+ attr_accessor :name,
7
+ :description,
8
+ :rule,
9
+ :alarm_action
10
+
11
+ def initialize(name,params = {})
12
+ @type = 'Composite'
13
+ @name = name
14
+ @description = params.fetch('Description', '')
15
+ @rule = params.fetch('Rule', 'FALSE')
16
+ @alarm_action = params.fetch('Action', nil)
17
+ end
18
+
19
+ end
20
+ end
21
+ end
@@ -2,49 +2,36 @@ require 'cfnguardian/string'
2
2
 
3
3
  module CfnGuardian
4
4
  module Models
5
- class Event
5
+ class BaseEvent
6
6
 
7
7
  attr_reader :type
8
- attr_accessor :class,
8
+ attr_accessor :group,
9
9
  :target,
10
10
  :hash,
11
11
  :name,
12
12
  :cron,
13
13
  :enabled,
14
- :resource
14
+ :resource,
15
+ :environment,
16
+ :payload,
17
+ :ssm_parameters
15
18
 
16
19
  def initialize(resource)
17
20
  @type = 'Event'
18
- @class = nil
21
+ @group = nil
19
22
  @target = nil
20
23
  @hash = Digest::MD5.hexdigest resource['Id']
21
24
  @name = @hash
22
25
  @cron = "* * * * ? *"
23
26
  @enabled = true
24
27
  @resource = resource['Id'].to_resource_name
25
- end
26
-
27
- def to_h
28
- return {
29
- type: @type,
30
- class: @class,
31
- target: @target,
32
- hash: @hash,
33
- name: @name,
34
- cron: @cron,
35
- enabled: @enabled,
36
- resource: @resource,
37
- payload: event_payload()
38
- }
39
- end
40
-
41
- def event_payload
42
- {}.to_json
43
- end
44
-
28
+ @environment = ""
29
+ @payload = {}.to_json
30
+ @ssm_parameters = []
31
+ end
45
32
  end
46
33
 
47
- class HttpEvent < Event
34
+ class HttpEvent < BaseEvent
48
35
 
49
36
  attr_accessor :endpoint,
50
37
  :method,
@@ -56,7 +43,7 @@ module CfnGuardian
56
43
 
57
44
  def initialize(resource)
58
45
  super(resource)
59
- @class = 'Http'
46
+ @group = 'Http'
60
47
  @name = 'HttpEvent'
61
48
  @target = 'HttpCheckFunction'
62
49
  @endpoint = resource['Id']
@@ -66,9 +53,10 @@ module CfnGuardian
66
53
  @body_regex = resource.fetch('BodyRegex',nil)
67
54
  @headers = resource.fetch('Headers',nil)
68
55
  @payload = resource.fetch('Payload',nil)
56
+ @compressed = resource.fetch('Compressed',false)
69
57
  end
70
58
 
71
- def event_payload
59
+ def payload
72
60
  payload = {
73
61
  'ENDPOINT' => @endpoint,
74
62
  'METHOD' => @method,
@@ -78,23 +66,66 @@ module CfnGuardian
78
66
  payload['BODY_REGEX_MATCH'] = @body_regex unless @body_regex.nil?
79
67
  payload['HEADERS'] = @headers unless @headers.nil?
80
68
  payload['PAYLOAD'] = @payload unless @payload.nil?
69
+ payload['COMPRESSED'] = '1' if @compressed
81
70
  return payload.to_json
82
71
  end
83
72
  end
84
73
 
85
- class NrpeEvent < Event
74
+ class InternalHttpEvent < HttpEvent
75
+ def initialize(resource,environment)
76
+ super(resource)
77
+ @group = 'InternalHttp'
78
+ @name = 'InternalHttpEvent'
79
+ @target = "InternalHttpCheckFunction#{environment}"
80
+ @environment = environment
81
+ end
82
+ end
83
+
84
+ class PortEvent < BaseEvent
85
+ def initialize(resource)
86
+ super(resource)
87
+ @group = 'Port'
88
+ @name = 'PortEvent'
89
+ @target = 'PortCheckFunction'
90
+ @hostname = resource['Id']
91
+ @port = resource['Port']
92
+ @timeout = resource.fetch('Timeout',120)
93
+ end
94
+
95
+ def payload
96
+ return {
97
+ 'HOSTNAME' => @hostname,
98
+ 'PORT' => @port,
99
+ 'TIMEOUT' => @timeout,
100
+ 'STATUS_CODE_MATCH' => @status_code
101
+ }.to_json
102
+ end
103
+ end
104
+
105
+ class InternalPortEvent < PortEvent
106
+ def initialize(resource,environment)
107
+ super(resource)
108
+ @group = 'InternalPort'
109
+ @name = 'InternalPortEvent'
110
+ @target = "InternalPortCheckFunction#{environment}"
111
+ @environment = environment
112
+ end
113
+ end
114
+
115
+ class NrpeEvent < BaseEvent
86
116
  def initialize(resource,environment,command)
87
117
  super(resource)
88
- @class = 'Nrpe'
118
+ @group = 'Nrpe'
89
119
  @name = 'NrpeEvent'
90
120
  @target = "NrpeCheckFunction#{environment}"
91
121
  @host = resource['Id']
92
122
  @environment = environment
93
123
  @region = resource.fetch('Region',"${AWS::Region}")
124
+ @hash = Digest::MD5.hexdigest "#{resource['Id']}#{command}"
94
125
  @command = command
95
126
  end
96
127
 
97
- def event_payload
128
+ def payload
98
129
  return {
99
130
  'host' => @host,
100
131
  'environment' => @environment,
@@ -104,18 +135,18 @@ module CfnGuardian
104
135
  end
105
136
  end
106
137
 
107
- class SslEvent < Event
138
+ class SslEvent < BaseEvent
108
139
  def initialize(resource)
109
140
  super(resource)
110
- @class = 'Ssl'
141
+ @group = 'Ssl'
111
142
  @name = 'SslEvent'
112
143
  @target = 'SslCheckFunction'
113
- @cron = "0 12 * * ? *"
144
+ @cron = resource.fetch('Schedule', "0 12 * * ? *")
114
145
  @url = resource['Id']
115
146
  @region = resource.fetch('Region',"${AWS::Region}")
116
147
  end
117
148
 
118
- def event_payload
149
+ def payload
119
150
  return {
120
151
  'Url' => @url,
121
152
  'Region' => @region
@@ -123,32 +154,42 @@ module CfnGuardian
123
154
  end
124
155
  end
125
156
 
126
- class DomainExpiryEvent < Event
157
+ class InternalSslEvent < SslEvent
158
+ def initialize(resource,environment)
159
+ super(resource)
160
+ @group = 'InternalSsl'
161
+ @name = 'InternalSslEvent'
162
+ @target = "InternalSslCheckFunction#{environment}"
163
+ @environment = environment
164
+ end
165
+ end
166
+
167
+ class DomainExpiryEvent < BaseEvent
127
168
 
128
169
  attr_accessor :domain,
129
170
  :region
130
171
 
131
172
  def initialize(resource)
132
173
  super(resource)
133
- @class = 'DomainExpiry'
174
+ @group = 'DomainExpiry'
134
175
  @name = 'DomainExpiryEvent'
135
176
  @target = 'DomainExpiryCheckFunction'
136
- @cron = "0 12 * * ? *"
177
+ @cron = resource.fetch('Schedule', "0 12 * * ? *")
137
178
  @domain = resource['Id']
138
179
  @region = resource.fetch('Region',"${AWS::Region}")
139
180
  end
140
181
 
141
- def event_payload
142
- {'Domain' => @domain}.to_json
182
+ def payload
183
+ return {'Domain' => @domain}.to_json
143
184
  end
144
185
  end
145
186
 
146
- class SqlEvent < Event
147
- def initialize(resource,query)
187
+ class SqlEvent < BaseEvent
188
+ def initialize(resource,query,environment)
148
189
  super(resource)
149
- @class = 'Sql'
190
+ @group = 'Sql'
150
191
  @name = 'SqlEvent'
151
- @target = 'SqlCheckFunction'
192
+ @target = "SqlCheckFunction#{environment}"
152
193
  @host = resource['Id']
153
194
  @engine = resource['Engine']
154
195
  @port = resource['Port']
@@ -157,9 +198,10 @@ module CfnGuardian
157
198
  @query = query
158
199
  @region = resource.fetch('Region',"${AWS::Region}")
159
200
  @test_type = '1-row-1-value-zero-is-good'
201
+ @environment = environment
160
202
  end
161
203
 
162
- def event_payload
204
+ def payload
163
205
  return {
164
206
  'Host' => @host,
165
207
  'Engine' => @engine,
@@ -171,20 +213,130 @@ module CfnGuardian
171
213
  'TestType' => @test_type
172
214
  }.to_json
173
215
  end
216
+
217
+ def ssm_parameters
218
+ params = []
219
+ params << @ssm_username
220
+ params << @ssm_password
221
+ return params
222
+ end
174
223
  end
175
224
 
176
- class ContainerInstanceEvent < Event
225
+ class ContainerInstanceEvent < BaseEvent
177
226
  def initialize(resource)
178
227
  super(resource)
179
- @class = 'ContainerInstance'
228
+ @group = 'ContainerInstance'
180
229
  @name = 'ContainerInstanceEvent'
181
230
  @target = 'ContainerInstanceCheckFunction'
182
- @cron = "0/5 * * * ? *"
231
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
183
232
  @cluster = resource['Id']
184
233
  end
185
234
 
186
- def event_payload
187
- {'CLUSTER' => @cluster}.to_json
235
+ def payload
236
+ return {'CLUSTER' => @cluster}.to_json
237
+ end
238
+ end
239
+
240
+ class SFTPEvent < BaseEvent
241
+ def initialize(resource)
242
+ super(resource)
243
+ @group = 'SFTP'
244
+ @name = 'SFTPEvent'
245
+ @target = 'SFTPCheckFunction'
246
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
247
+ @host = resource['Id']
248
+ @user = resource['User']
249
+ @port = resource.fetch('Port', nil)
250
+ @server_key = resource.fetch('ServerKey', nil)
251
+ @password = resource.fetch('Password', nil)
252
+ @private_key = resource.fetch('PrivateKey', nil)
253
+ @private_key_pass = resource.fetch('PrivateKeyPass', nil)
254
+ @file = resource.fetch('File', nil)
255
+ @file_regex_match = resource.fetch('FileRegexMatch', nil)
256
+ end
257
+
258
+ def payload
259
+ payload = {
260
+ 'HOSTNAME' => @host,
261
+ 'USERNAME' => @user
262
+ }
263
+ payload['PORT'] = @port unless @port.nil?
264
+ payload['SERVER_KEY'] = @server_key unless @server_key.nil?
265
+ payload['PASSWORD'] = @password unless @password.nil?
266
+ payload['PRIVATEKEY'] = @private_key unless @private_key.nil?
267
+ payload['PRIVATEKEY_PASSWORD'] = @private_key_pass unless @private_key_pass.nil?
268
+ payload['FILE'] = @file unless @file.nil?
269
+ payload['FILE_REGEX_MATCH'] = @file_regex_match unless @file_regex_match.nil?
270
+ return payload.to_json
271
+ end
272
+
273
+ def ssm_parameters
274
+ params = []
275
+ params << @password unless @password.nil?
276
+ params << @private_key unless @private_key.nil?
277
+ params << @private_key_pass unless @private_key_pass.nil?
278
+ return params
279
+ end
280
+ end
281
+
282
+ class InternalSFTPEvent < SFTPEvent
283
+ def initialize(resource,environment)
284
+ super(resource)
285
+ @group = 'InternalSFTP'
286
+ @name = 'InternalSFTPEvent'
287
+ @target = "InternalSFTPCheckFunction#{environment}"
288
+ @environment = environment
289
+ end
290
+ end
291
+
292
+ class TLSEvent < BaseEvent
293
+ def initialize(resource)
294
+ super(resource)
295
+ @group = 'TLS'
296
+ @name = 'TLSEvent'
297
+ @target = 'TLSCheckFunction'
298
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
299
+ @host = resource['Id']
300
+ @port = resource.fetch('Port', 443)
301
+ @check_max = resource.fetch('MaxSupported', nil)
302
+ @versions = resource.fetch('Versions', ['SSLv2','SSLv3','TLSv1','TLSv1.1','TLSv1.2'])
303
+ end
304
+
305
+ def payload
306
+ payload = {
307
+ 'HOSTNAME' => @host,
308
+ 'PORT' => @port
309
+ }
310
+ payload['CHECK_MAX_SUPPORTED'] = @check_max.nil?
311
+ payload['PROTOCOLS'] = @versions unless @versions.nil?
312
+ return payload.to_json
313
+ end
314
+ end
315
+
316
+ class AzureFileEvent < BaseEvent
317
+ def initialize(resource)
318
+ super(resource)
319
+ @group = 'AzureFile'
320
+ @name = 'AzureFileEvent'
321
+ @target = 'AzureFileCheckFunction'
322
+ @cron = resource.fetch('Schedule', "0/5 * * * ? *")
323
+ @storage_account = resource['Id']
324
+ @container = resource['Container']
325
+ @connection_string = resource['ConnectionString']
326
+ @search = resource['Search']
327
+ end
328
+
329
+ def payload
330
+ return {
331
+ 'STORAGE_ACCOUNT' => @storage_account,
332
+ 'CONTAINER' => @container,
333
+ 'CONNECTION_STRING' => @connection_string,
334
+ 'SEARCH' => @search
335
+ }.to_json
336
+ end
337
+
338
+ def ssm_parameters
339
+ return [@connection_string]
188
340
  end
189
341
  end
190
342