cfn-guardian 0.3.4 → 0.6.5

data/lib/cfnguardian/models/check.rb

@@ -2,7 +2,7 @@ require 'cfnguardian/string'
 
 module CfnGuardian
   module Models
-    class Check
+    class BaseCheck
       
       attr_reader :type
       attr_accessor :group,
@@ -13,7 +13,9 @@ module CfnGuardian
         :runtime,
         :environment,
         :subnets, 
-        :vpc
+        :vpc,
+        :memory,
+        :timeout
         
       def initialize(resource)
         @type = 'Check'
@@ -26,17 +28,19 @@ module CfnGuardian
         @environment = ''
         @subnets = nil
         @vpc = nil
+        @memory = 128
+        @timeout = 120
       end
     end
     
-    class HttpCheck < Check      
+    class HttpCheck < BaseCheck      
       def initialize(resource)
         super(resource)
         @group = 'Http'
         @name = 'HttpCheck'
         @package = 'http-check'
         @handler = 'handler.http_check'
-        @version = '0bc33e51abb1f27729ecb170611bf6b440e71a0e'
+        @version = 'f739631de74f1a882163b7e584a8b4710ccbc134'
         @runtime = 'python3.7'
       end
     end
@@ -52,7 +56,7 @@ module CfnGuardian
       end
     end
     
-    class PortCheck < Check      
+    class PortCheck < BaseCheck      
       def initialize(resource)
         super(resource)
         @group = 'Port'
@@ -75,7 +79,7 @@ module CfnGuardian
       end
     end
     
-    class NrpeCheck < Check
+    class NrpeCheck < BaseCheck
       def initialize(resource)
         super(resource)
         @group = 'Nrpe'
@@ -90,7 +94,7 @@ module CfnGuardian
       end
     end
     
-    class SslCheck < Check
+    class SslCheck < BaseCheck
       def initialize(resource)
         super(resource)
         @group = 'Ssl'
@@ -113,7 +117,7 @@ module CfnGuardian
       end
     end
     
-    class DomainExpiryCheck < Check
+    class DomainExpiryCheck < BaseCheck
       def initialize(resource)
         super(resource)
         @group = 'DomainExpiry'
@@ -125,7 +129,7 @@ module CfnGuardian
       end
     end
     
-    class SqlCheck < Check
+    class SqlCheck < BaseCheck
       def initialize(resource)
         super(resource)
         @group = 'Sql'
@@ -140,7 +144,7 @@ module CfnGuardian
       end
     end
     
-    class ContainerInstanceCheck < Check
+    class ContainerInstanceCheck < BaseCheck
       def initialize(resource)
         super(resource)
         @group = 'ContainerInstance'
@@ -152,7 +156,7 @@ module CfnGuardian
       end
     end
     
-    class TLSCheck < Check
+    class TLSCheck < BaseCheck
       def initialize(resource)
         super(resource)
         @group = 'TLS'
@@ -164,7 +168,7 @@ module CfnGuardian
       end
     end
     
-    class SFTPCheck < Check
+    class SFTPCheck < BaseCheck
       def initialize(resource)
         super(resource)
         @group = 'SFTP'
@@ -187,5 +191,19 @@ module CfnGuardian
       end
     end
 
+    class AzureFileCheck < BaseCheck
+      def initialize(resource)
+        super(resource)
+        @group = 'AzureFile'
+        @name = 'AzureFileCheck'
+        @package = 'azure-file-check'
+        @handler = 'handler.file_check'
+        @version = 'cc37aa8fe4855570132431611b507274b390f4c1'
+        @runtime = 'python3.7'
+        @memory = 256
+        @timeout = 600
+      end
+    end
+
   end
 end

data/lib/cfnguardian/models/event.rb

@@ -2,7 +2,7 @@ require 'cfnguardian/string'
 
 module CfnGuardian
   module Models
-    class Event
+    class BaseEvent
       
       attr_reader :type
       attr_accessor :group,
@@ -31,7 +31,7 @@ module CfnGuardian
       end      
     end
     
-    class HttpEvent < Event
+    class HttpEvent < BaseEvent
       
       attr_accessor :endpoint,
         :method,
@@ -81,7 +81,7 @@ module CfnGuardian
       end
     end
     
-    class PortEvent < Event      
+    class PortEvent < BaseEvent      
       def initialize(resource)
         super(resource)
         @group = 'Port'
@@ -112,7 +112,7 @@ module CfnGuardian
       end
     end
     
-    class NrpeEvent < Event      
+    class NrpeEvent < BaseEvent      
       def initialize(resource,environment,command)
         super(resource)
         @group = 'Nrpe'
@@ -121,6 +121,7 @@ module CfnGuardian
         @host = resource['Id']
         @environment = environment
         @region = resource.fetch('Region',"${AWS::Region}")
+        @hash = Digest::MD5.hexdigest "#{resource['Id']}#{command}"
         @command = command
       end
       
@@ -134,13 +135,13 @@ module CfnGuardian
       end
     end
     
-    class SslEvent < Event
+    class SslEvent < BaseEvent
       def initialize(resource)
         super(resource)
         @group = 'Ssl'
         @name = 'SslEvent'
         @target = 'SslCheckFunction'
-        @cron = "0 12 * * ? *" 
+        @cron = resource.fetch('Schedule', "0 12 * * ? *")
         @url = resource['Id']
         @region = resource.fetch('Region',"${AWS::Region}")
       end
@@ -163,7 +164,7 @@ module CfnGuardian
       end
     end
     
-    class DomainExpiryEvent < Event
+    class DomainExpiryEvent < BaseEvent
       
       attr_accessor :domain,
         :region
@@ -173,7 +174,7 @@ module CfnGuardian
         @group = 'DomainExpiry'
         @name = 'DomainExpiryEvent'
         @target = 'DomainExpiryCheckFunction'
-        @cron = "0 12 * * ? *" 
+        @cron = resource.fetch('Schedule', "0 12 * * ? *")
         @domain = resource['Id']
         @region = resource.fetch('Region',"${AWS::Region}")
       end
@@ -183,7 +184,7 @@ module CfnGuardian
       end
     end
     
-    class SqlEvent < Event
+    class SqlEvent < BaseEvent
       def initialize(resource,query,environment)
         super(resource)
         @group = 'Sql'
@@ -221,13 +222,13 @@ module CfnGuardian
       end
     end
     
-    class ContainerInstanceEvent < Event
+    class ContainerInstanceEvent < BaseEvent
       def initialize(resource)
         super(resource)
         @group = 'ContainerInstance'
         @name = 'ContainerInstanceEvent'
         @target = 'ContainerInstanceCheckFunction'
-        @cron = "0/5 * * * ? *"
+        @cron = resource.fetch('Schedule', "0/5 * * * ? *")
         @cluster = resource['Id']
       end
       
@@ -236,13 +237,13 @@ module CfnGuardian
       end
     end
     
-    class SFTPEvent < Event
+    class SFTPEvent < BaseEvent
       def initialize(resource)
         super(resource)
         @group = 'SFTP'
         @name = 'SFTPEvent'
         @target = 'SFTPCheckFunction'
-        @cron = "0/5 * * * ? *"
+        @cron = resource.fetch('Schedule', "0/5 * * * ? *")
         @host = resource['Id']
         @user = resource['User']
         @port = resource.fetch('Port', nil)
@@ -288,13 +289,13 @@ module CfnGuardian
       end
     end
     
-    class TLSEvent < Event
+    class TLSEvent < BaseEvent
       def initialize(resource)
         super(resource)
         @group = 'TLS'
         @name = 'TLSEvent'
         @target = 'TLSCheckFunction'
-        @cron = "0/5 * * * ? *"
+        @cron = resource.fetch('Schedule', "0/5 * * * ? *")
         @host = resource['Id']
         @port = resource.fetch('Port', 443)
         @check_max = resource.fetch('MaxSupported', nil)
@@ -312,5 +313,32 @@ module CfnGuardian
       end
     end
 
+    class AzureFileEvent < BaseEvent
+      def initialize(resource)
+        super(resource)
+        @group = 'AzureFile'
+        @name = 'AzureFileEvent'
+        @target = 'AzureFileCheckFunction'
+        @cron = resource.fetch('Schedule', "0/5 * * * ? *")
+        @storage_account = resource['Id']
+        @container = resource['Container']
+        @connection_string = resource['ConnectionString']
+        @search = resource['Search']
+      end
+
+      def payload
+        return {
+          'STORAGE_ACCOUNT' => @storage_account,
+          'CONTAINER' => @container,
+          'CONNECTION_STRING' => @connection_string,
+          'SEARCH' => @search
+        }.to_json
+      end
+
+      def ssm_parameters
+        return [@connection_string]
+      end
+    end
+
   end
 end

data/lib/cfnguardian/models/event_subscription.rb

@@ -0,0 +1,111 @@
+module CfnGuardian
+  module Models
+    class BaseEventSubscription
+        
+      attr_reader :type, :group
+      attr_writer :detail
+      attr_accessor :name,
+        :enabled,
+        :hash,
+        :topic,
+        :resource_id,
+        :resource_arn,
+        :source,
+        :detail_type,
+        :detail
+
+      def initialize(resource)
+        @type = 'EventSubscription'
+        @group = self.class.name.split('::').last
+        @name = ''
+        @hash = Digest::MD5.hexdigest resource['Id']
+        @enabled = true
+        @events = []
+        @topic = 'Events'
+        @resource_id = resource['Id']
+        @resource_arn = ''
+        @source = ''
+        @detail_type = ''
+        @detail = {}
+      end
+
+      def detail
+        return @detail
+      end
+    end
+
+    class RDSEventSubscription < BaseEventSubscription
+      attr_accessor :source_id, :rds_event_category, :message
+
+      def initialize(resource)
+        super(resource)
+        @source = 'aws.rds'
+        @detail_type = 'RDS DB Instance Event'
+        @source_id = ''
+        @rds_event_category = ''
+        @message = ''
+      end
+
+      def detail
+        return {
+          EventCategories: [@rds_event_category],
+          SourceType: [@source_type],
+          SourceIdentifier: ["rds:#{@resource_id}"],
+          Message: [@message]
+        }
+      end
+    end
+
+    class RDSInstanceEventSubscription < RDSEventSubscription
+      def initialize(resource)
+        super(resource)
+        @source_type = 'DB_INSTANCE'
+      end
+    end
+
+    class RDSClusterEventSubscription < RDSEventSubscription
+      def initialize(resource)
+        super(resource)
+        @source_type = 'DB_CLUSTER'
+      end
+    end
+
+    class Ec2InstanceEventSubscription < BaseEventSubscription
+      def initialize(resource)
+        super(resource)
+        @source = 'aws.ec2'
+      end
+    end
+
+    class BatchEventSubscription < BaseEventSubscription
+      def initialize(resource)
+        super(resource)
+        @source = 'aws.batch'
+      end
+    end
+
+    class GlueEventSubscription < BaseEventSubscription
+      def initialize(resource)
+        super(resource)
+        @source = 'aws.glue'
+      end
+    end
+
+    class ApiGatewayEventSubscription < BaseEventSubscription; end
+    class ApplicationTargetGroupEventSubscription < BaseEventSubscription; end
+    class AmazonMQBrokerEventSubscription < BaseEventSubscription; end
+    class CloudFrontDistributionEventSubscription < BaseEventSubscription; end
+    class AutoScalingGroupEventSubscription < BaseEventSubscription; end
+    class DynamoDBTableEventSubscription < BaseEventSubscription; end
+    class Ec2InstanceEventSubscription < BaseEventSubscription; end
+    class ECSClusterEventSubscription < BaseEventSubscription; end
+    class ECSServiceEventSubscription < BaseEventSubscription; end
+    class ElastiCacheReplicationGroupEventSubscription < BaseEventSubscription; end
+    class ElasticLoadBalancerEventSubscription < BaseEventSubscription; end
+    class ElasticFileSystemEventSubscription < BaseEventSubscription; end
+    class LambdaEventSubscription < BaseEventSubscription; end
+    class NetworkTargetGroupEventSubscription < BaseEventSubscription; end
+    class RedshiftClusterEventSubscription < BaseEventSubscription; end
+    class StepFunctionsSubscription < BaseEventSubscription; end
+  end
+end

data/lib/cfnguardian/resources/amazonmq_rabbitmq.rb

@@ -0,0 +1,136 @@
+module CfnGuardian::Resource
+  class AmazonMQRabbitMQBroker < Base
+      
+    def default_alarms
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQBrokerAlarm.new(@resource)
+      alarm.name = 'ConnectionCountCritical'
+      alarm.metric_name = 'ConnectionCount'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 50
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQBrokerAlarm.new(@resource)
+      alarm.name = 'ConnectionCountWarn'
+      alarm.metric_name = 'ConnectionCount'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 25
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQBrokerAlarm.new(@resource)
+      alarm.name = 'MessageCountCritical'
+      alarm.metric_name = 'MessageCount'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 500
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQBrokerAlarm.new(@resource)
+      alarm.name = 'MessageCountWarn'
+      alarm.metric_name = 'MessageCount'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 250
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+    end
+  end
+
+  class AmazonMQRabbitMQQueue < Base
+      
+    def default_alarms
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQQueueAlarm.new(@resource)
+      alarm.name = 'MessageCountHighWarn'
+      alarm.metric_name = 'MessageCount'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 100
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+    end
+  end
+
+  class AmazonMQRabbitMQNode < Base
+
+    def default_alarms
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQNodeAlarm.new(@resource)
+      alarm.name = 'SystemCpuUtilizationCritical'
+      alarm.metric_name = 'SystemCpuUtilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 95
+      alarm.evaluation_periods = 10
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQNodeAlarm.new(@resource)
+      alarm.name = 'SystemCpuUtilizationHighBase'
+      alarm.metric_name = 'SystemCpuUtilization'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 75
+      alarm.evaluation_periods = 30
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQNodeAlarm.new(@resource)
+      alarm.name = 'RabbitMQMemUsedCritical'
+      alarm.metric_name = 'RabbitMQMemUsed'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 390000000
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQNodeAlarm.new(@resource)
+      alarm.name = 'RabbitMQMemUsedWarn'
+      alarm.metric_name = 'RabbitMQMemUsed'
+      alarm.comparison_operator = 'GreaterThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 350000000
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQNodeAlarm.new(@resource)
+      alarm.name = 'RabbitMQDiskFreeLimitCritical'
+      alarm.metric_name = 'RabbitMQDiskFreeLimit'
+      alarm.comparison_operator = 'LessThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 1200000000
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      @alarms.push(alarm)
+
+      alarm = CfnGuardian::Models::AmazonMQRabbitMQNodeAlarm.new(@resource)
+      alarm.name = 'RabbitMQDiskFreeLimitWarn'
+      alarm.metric_name = 'RabbitMQDiskFreeLimit'
+      alarm.comparison_operator = 'LessThanThreshold'
+      alarm.statistic = 'Maximum'
+      alarm.threshold = 1200000000
+      alarm.evaluation_periods = 5
+      alarm.treat_missing_data = 'notBreaching'
+      alarm.alarm_action = 'Warning'
+      @alarms.push(alarm)
+
+    end
+  end
+end