cfn-guardian 0.1.0

data/lib/cfnguardian/resources/amazonmq_broker.rb

@@ -0,0 +1,45 @@
+module CfnGuardian::Resource
+  class AmazonMQBroker < Base
+    
+    def default_alarms    
+      alarm = CfnGuardian::Models::AmazonMQBrokerAlarm.new(@resource)
+      alarm.name = 'CpuCreditBalanceCritical'
+      alarm.metric_name = 'CpuCreditBalance'
+      alarm.comparison_operator = 'LessThanThreshold'
+      alarm.statistic = 'Minimum'
+      alarm.threshold = 15
+      alarm.evaluation_periods = 1
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::AmazonMQBrokerAlarm.new(@resource)
+      alarm.name = 'CpuCreditBalanceCritical'
+      alarm.metric_name = 'CpuCreditBalance'
+      alarm.comparison_operator = 'LessThanThreshold'
+      alarm.statistic = 'Minimum'
+      alarm.threshold = 30
+      alarm.evaluation_periods = 1
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::AmazonMQBrokerAlarm.new(@resource)
+      alarm.name = 'CpuUtilizationCritical'
+      alarm.metric_name = 'CpuUtilization'
+      alarm.threshold = 95
+      alarm.evaluation_periods = 3
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::AmazonMQBrokerAlarm.new(@resource)
+      alarm.name = 'CpuUtilizationWarning'
+      alarm.metric_name = 'CpuUtilization'
+      alarm.threshold = 80
+      alarm.evaluation_periods = 3
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+    end
+    
+  end
+end

data/lib/cfnguardian/resources/apigateway.rb

@@ -0,0 +1,34 @@
+module CfnGuardian::Resource
+  class ApiGateway < Base
+    
+    def default_alarms    
+      alarm = CfnGuardian::Models::ApiGatewayAlarm.new(@resource)
+      alarm.name = 'ApiEndpoint5xx'
+      alarm.metric_name = '5XXError'
+      alarm.statistic = 'Sum'
+      alarm.threshold = 5
+      alarm.evaluation_periods = 2
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::ApiGatewayAlarm.new(@resource)
+      alarm.name = 'ApiEndpoint4xx'
+      alarm.metric_name = '4XXError'
+      alarm.statistic = 'Sum'
+      alarm.threshold = 5
+      alarm.evaluation_periods = 2
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::ApiGatewayAlarm.new(@resource)
+      alarm.name = 'Latency'
+      alarm.metric_name = 'Latency'
+      alarm.statistic = 'Average'
+      alarm.threshold = 1000
+      alarm.evaluation_periods = 2
+      @alarms.push(alarm)
+    end
+    
+  end
+end
+

data/lib/cfnguardian/resources/application_targetgroup.rb

@@ -0,0 +1,31 @@
+module CfnGuardian::Resource
+  class ApplicationTargetGroup < Base
+        
+    def default_alarms    
+      alarm = CfnGuardian::Models::ApplicationTargetGroupAlarm.new(@resource)
+      alarm.name = 'HealthyHosts'
+      alarm.metric_name = 'HealthyHostCount'
+      alarm.statistic = 'Minimum'
+      alarm.threshold = 2
+      alarm.evaluation_periods = 1
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::ApplicationTargetGroupAlarm.new(@resource)
+      alarm.name = 'UnHealthyHosts'
+      alarm.metric_name = 'UnHealthyHostCount'
+      alarm.threshold = 0
+      alarm.evaluation_periods = 10
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::ApplicationTargetGroupAlarm.new(@resource)
+      alarm.name = 'TargetResponseTime'
+      alarm.metric_name = 'TargetResponseTime'
+      alarm.threshold = 5
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+    end
+    
+  end
+end

data/lib/cfnguardian/resources/autoscaling_group.rb

@@ -0,0 +1,22 @@
+module CfnGuardian::Resource
+  class AutoScalingGroup < Base
+    
+    def default_alarms    
+      alarm = CfnGuardian::Models::AutoScalingGroupAlarm.new(@resource)
+      alarm.name = 'CPUUtilizationHighBase'
+      alarm.metric_name = 'CPUUtilization'
+      alarm.statistic = 'Minimum'
+      alarm.threshold = 90
+      alarm.evaluation_periods = 10
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::AutoScalingGroupAlarm.new(@resource)
+      alarm.name = 'StatusCheckFailed'
+      alarm.metric_name = 'StatusCheckFailed'
+      alarm.threshold = 0
+      alarm.evaluation_periods = 10
+      @alarms.push(alarm)
+    end
+    
+  end
+end

data/lib/cfnguardian/resources/base.rb

@@ -0,0 +1,116 @@
+require 'cfnguardian/string'
+require 'cfnguardian/models/alarm'
+require 'cfnguardian/models/event'
+require 'cfnguardian/models/check'
+
+module CfnGuardian::Resource
+  class Base
+    include Logging
+    
+    def initialize(resource)
+      @resource = resource
+      @alarms = []
+      @events = []
+      @checks = []
+    end
+    
+    def default_alarms()
+      return @alarms
+    end
+    
+    def get_alarms(overides={})
+      # generate default alarms
+      default_alarms()
+      
+      # loop over each override template for the service
+      overides.each do |name,properties|
+        
+        # disable default alarms
+        if [false].include?(properties)
+          alarm = find_alarm(name)
+          
+          if !alarm.nil?
+            alarm.enabled = false 
+            logger.debug "Disabling alarm '#{name}' for resource #{alarm.resource}"
+            next
+          end
+        end
+        
+        unless properties.is_a?(Hash)
+          if name != 'Inherit'
+            logger.warn "Incorrect format for alarm '#{name}'. Should be of type 'Hash', instead got type '#{properties.class}'"
+          end
+          next
+        end
+        
+        if properties.has_key?('Inherit')
+          alarm = find_alarm(properties['Inherit'])
+          if !alarm.nil?
+            inheritited_alarm = alarm.clone
+            alarm.name = name
+            properties.each {|attr,value| update_alarm(inheritited_alarm,attr,value)}
+            @alarms.push(inheritited_alarm)
+          else
+            logger.warn "Alarm '#{properties['Inherit']}' doesn't exists and cannot be inherited"
+          end
+          next
+        end
+        
+        alarm = find_alarm(name)
+        
+        if alarm.nil?
+          alarm = Kernel.const_get("CfnGuardian::Models::#{self.class.to_s.split('::').last}Alarm").new(properties)
+        end
+        
+        if alarm.name.nil?
+          alarm.name = name
+        end
+        
+        properties.each {|attr,value| update_alarm(alarm,attr,value)}
+        @alarms.push(alarm)
+        
+      end
+      
+      return @alarms.select{|a| a.enabled}.map {|a| a.to_h}
+    end
+    
+    def default_events()
+      return @events
+    end
+    
+    def get_events()
+      default_events()
+      return @events.select{|e| e.enabled}.map {|e| e.to_h}
+    end
+    
+    def default_checks()
+      return @checks
+    end
+    
+    def get_checks()
+      default_checks()
+      return @checks.map {|c| c.to_h}
+    end
+    
+    def get_cost()
+      return @alarms.length * 0.10
+    end
+    
+    private
+    
+    def find_alarm(name)
+      @alarms.detect {|alarm| alarm.name == name}
+    end
+    
+    def update_alarm(alarm,attr,value)
+      begin
+        alarm.send("#{attr.to_underscore}=",value)
+      rescue NoMethodError => e
+        if !e.message.match?(/inherit/)
+          logger.warn "Unknown key '#{attr}' for #{alarm.resource} alarm #{alarm.name}"
+        end
+      end
+    end
+    
+  end
+end

data/lib/cfnguardian/resources/cloudfront_distribution.rb

@@ -0,0 +1,26 @@
+module CfnGuardian::Resource
+  class CloudFrontDistribution < Base
+    
+    def default_alarms    
+      alarm = CfnGuardian::Models::CloudFrontDistributionAlarm.new(@resource)
+      alarm.name = '4xxErrorRate'
+      alarm.metric_name = '4xxErrorRate'
+      alarm.threshold = 2
+      alarm.statistic = 'Sum'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::CloudFrontDistributionAlarm.new(@resource)
+      alarm.name = '5xxErrorRate'
+      alarm.metric_name = '5xxErrorRate'
+      alarm.threshold = 5
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::CloudFrontDistributionAlarm.new(@resource)
+      alarm.name = 'TotalErrorRate'
+      alarm.metric_name = 'TotalErrorRate'
+      alarm.threshold = 5
+      @alarms.push(alarm)
+    end
+    
+  end
+end

data/lib/cfnguardian/resources/domain_expiry.rb

@@ -0,0 +1,30 @@
+require 'digest/md5'
+
+module CfnGuardian::Resource
+  class DomainExpiry < Base
+    
+    def default_alarms    
+      alarm = CfnGuardian::Models::DomainExpiryAlarm.new(@resource)
+      alarm.name = 'ExpiresInDaysCritical'
+      alarm.metric_name = 'ExpiresInDays'
+      alarm.threshold = 7
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::DomainExpiryAlarm.new(@resource)
+      alarm.name = 'ExpiresInDaysWarning'
+      alarm.metric_name = 'ExpiresInDays'
+      alarm.threshold = 30
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+    end
+    
+    def default_events()
+      @events.push(CfnGuardian::Models::DomainExpiryEvent.new(@resource))
+    end
+    
+    def default_checks()
+      @checks.push(CfnGuardian::Models::DomainExpiryCheck.new(@resource))
+    end
+    
+  end
+end

data/lib/cfnguardian/resources/dynamodb_table.rb

@@ -0,0 +1,48 @@
+module CfnGuardian::Resource
+  class DynamoDBTable < Base
+    
+    def default_alarms    
+      alarm = CfnGuardian::Models::DynamoDBTableAlarm.new(@resource)
+      alarm.name = 'DynamoDBReadUsage'
+      alarm.metric_name = 'ConsumedReadCapacityUnits'
+      alarm.statistic = 'Sum'
+      alarm.threshold = 80
+      alarm.evaluation_periods = 2
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::DynamoDBTableAlarm.new(@resource)
+      alarm.name = 'DynamoDBWriteUsage'
+      alarm.metric_name = 'ConsumedWriteCapacityUnits'
+      alarm.statistic = 'Sum'
+      alarm.threshold = 80
+      alarm.evaluation_periods = 2
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::DynamoDBTableAlarm.new(@resource)
+      alarm.name = 'DynamoDBReadThrottleEvents'
+      alarm.metric_name = 'ReadThrottleEvents'
+      alarm.comparison_operator = 'GreaterThanOrEqualToThreshold'
+      alarm.statistic = 'Sum'
+      alarm.threshold = 1
+      alarm.evaluation_periods = 2
+      alarm.alarm_action = 'Warning'
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::DynamoDBTableAlarm.new(@resource)
+      alarm.name = 'DynamoDBWriteThrottleEvents'
+      alarm.metric_name = 'WriteThrottleEvents'
+      alarm.comparison_operator = 'GreaterThanOrEqualToThreshold'
+      alarm.statistic = 'Sum'
+      alarm.threshold = 1
+      alarm.evaluation_periods = 2
+      alarm.alarm_action = 'Warning'
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+    end
+    
+  end
+end
+

data/lib/cfnguardian/resources/ec2_instance.rb

@@ -0,0 +1,24 @@
+module CfnGuardian
+  module Resource
+    class Ec2Instance < Base
+      
+      def default_alarms    
+        alarm = CfnGuardian::Models::Ec2InstanceAlarm.new(@resource)
+        alarm.name = 'CPUUtilizationHigh'
+        alarm.metric_name = 'CPUUtilization'
+        alarm.statistic = 'Minimum'
+        alarm.threshold = 90
+        alarm.evaluation_periods = 10
+        @alarms.push(alarm)
+        
+        alarm = CfnGuardian::Models::Ec2InstanceAlarm.new(@resource)
+        alarm.name = 'StatusCheckFailed'
+        alarm.metric_name = 'StatusCheckFailed'
+        alarm.threshold = 90
+        alarm.evaluation_periods = 10
+        @alarms.push(alarm)
+      end
+      
+    end
+  end
+end

data/lib/cfnguardian/resources/ecs_cluster.rb

@@ -0,0 +1,44 @@
+module CfnGuardian::Resource
+  class ECSCluster < Base
+    
+    def default_alarms    
+      alarm = CfnGuardian::Models::ECSClusterAlarm.new(@resource)
+      alarm.name = 'CPUUtilizationWarning'
+      alarm.metric_name = 'CPUUtilization'
+      alarm.alarm_action = 'Warning'
+      alarm.statistic = 'Minimum'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::ECSClusterAlarm.new(@resource)
+      alarm.name = 'MemoryUtilizationWarning'
+      alarm.metric_name = 'MemoryUtilization'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::ECSClusterAlarm.new(@resource)
+      alarm.name = 'MemoryUtilizationCritical'
+      alarm.metric_name = 'MemoryUtilization'
+      alarm.threshold = 90
+      @alarms.push(alarm)
+      
+      alarm = CfnGuardian::Models::ECSClusterAlarm.new(@resource)
+      alarm.namespace = 'EcsCICheck'
+      alarm.name = 'ECSContianerInstancesDisconnected'
+      alarm.metric_name = 'ECSContianerInstancesDisconnected'
+      alarm.alarm_action = 'Critical'
+      alarm.threshold = 0
+      alarm.period = 300
+      alarm.evaluation_periods = 2
+      @alarms.push(alarm)
+    end
+    
+    def default_events
+      @events.push(CfnGuardian::Models::ContainerInstanceEvent.new(@resource))
+    end
+    
+    def default_checks
+      @checks.push(CfnGuardian::Models::ContainerInstanceCheck.new(@resource))
+    end
+    
+  end
+end

data/lib/cfnguardian/resources/ecs_service.rb

@@ -0,0 +1,32 @@
+module CfnGuardian
+  module Resource
+    class ECSService < Base
+      
+      def default_alarms    
+        alarm = CfnGuardian::Models::ECSServiceAlarm.new(@resource)
+        alarm.name = 'UnhealthyTaskCritical'
+        alarm.metric_name = 'MemoryUtilization'
+        alarm.comparison_operator = 'LessThanOrEqualToThreshold'
+        alarm.statistic = 'SampleCount'
+        alarm.threshold = 15
+        alarm.evaluation_periods = 10
+        alarm.treat_missing_data = 'breaching'
+        alarm.datapoints_to_alarm = 8
+        @alarms.push(alarm)
+        
+        alarm = CfnGuardian::Models::ECSServiceAlarm.new(@resource)
+        alarm.name = 'UnhealthyTaskWarning'
+        alarm.metric_name = 'MemoryUtilization'
+        alarm.comparison_operator = 'LessThanOrEqualToThreshold'
+        alarm.statistic = 'SampleCount'
+        alarm.threshold = 15
+        alarm.evaluation_periods = 10
+        alarm.treat_missing_data = 'breaching'
+        alarm.datapoints_to_alarm = 8
+        alarm.alarm_action = 'Warning'
+        @alarms.push(alarm)
+      end
+      
+    end
+  end
+end