cfn-guardian 0.6.8 → 0.6.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Dockerfile +1 -1
- data/lib/cfnguardian/compile.rb +1 -0
- data/lib/cfnguardian/config/defaults.yaml +2 -0
- data/lib/cfnguardian/models/alarm.rb +12 -1
- data/lib/cfnguardian/models/event_subscription.rb +1 -0
- data/lib/cfnguardian/resources/ec2_instance.rb +11 -0
- data/lib/cfnguardian/resources/elastic_file_system.rb +11 -0
- data/lib/cfnguardian/resources/vpn_connection.rb +18 -0
- data/lib/cfnguardian/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f67555f251f3b3722588f632934e2b620bf766e039c18978b401d177e2c4d7df
|
|
4
|
+
data.tar.gz: f7e27d27ef3b7e5276bee5b76346a0be1194026316d20f12bfe5f924c87ef742
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fae3f10ea6abbc18e8907b67ea52191ca245d45bf7a5dc7eb22a7510d2cb15522079eda8248420dbcba1280bb0cdf6680d2670612927a68aeb8d6fe4f84c4783
|
|
7
|
+
data.tar.gz: 467a2121d1e783ca38d19f43d2fc3708af8317b3c4297d171fe3f91cc1b9d6d58d417478d9b0236c38b94a2cac999e835da660cb2d642f2f2a72f2563c11830d
|
data/Dockerfile
CHANGED
data/lib/cfnguardian/compile.rb
CHANGED
|
@@ -41,6 +41,7 @@ require 'cfnguardian/resources/batch'
|
|
|
41
41
|
require 'cfnguardian/resources/glue'
|
|
42
42
|
require 'cfnguardian/resources/step_functions'
|
|
43
43
|
require 'cfnguardian/resources/vpn_tunnel'
|
|
44
|
+
require 'cfnguardian/resources/vpn_connection'
|
|
44
45
|
require 'cfnguardian/version'
|
|
45
46
|
require 'cfnguardian/error'
|
|
46
47
|
|
|
@@ -456,6 +456,17 @@ module CfnGuardian
|
|
|
456
456
|
}
|
|
457
457
|
end
|
|
458
458
|
end
|
|
459
|
-
|
|
459
|
+
|
|
460
|
+
class VPNConnectionAlarm < BaseAlarm
|
|
461
|
+
def initialize(resource)
|
|
462
|
+
super(resource)
|
|
463
|
+
@group = 'VPNConnection'
|
|
464
|
+
@namespace = 'AWS/VPN'
|
|
465
|
+
@dimensions = {
|
|
466
|
+
VpnId: resource['Id']
|
|
467
|
+
}
|
|
468
|
+
end
|
|
469
|
+
end
|
|
470
|
+
|
|
460
471
|
end
|
|
461
472
|
end
|
|
@@ -108,5 +108,6 @@ module CfnGuardian
|
|
|
108
108
|
class RedshiftClusterEventSubscription < BaseEventSubscription; end
|
|
109
109
|
class StepFunctionsSubscription < BaseEventSubscription; end
|
|
110
110
|
class VPNTunnelEventSubscription < BaseEventSubscription; end
|
|
111
|
+
class VPNConnectionEventSubscription < BaseEventSubscription; end
|
|
111
112
|
end
|
|
112
113
|
end
|
|
@@ -17,6 +17,17 @@ module CfnGuardian
|
|
|
17
17
|
alarm.threshold = 90
|
|
18
18
|
alarm.evaluation_periods = 10
|
|
19
19
|
@alarms.push(alarm)
|
|
20
|
+
|
|
21
|
+
alarm = CfnGuardian::Models::Ec2InstanceAlarm.new(@resource)
|
|
22
|
+
alarm.name = 'CPUCreditBalanceLow'
|
|
23
|
+
alarm.metric_name = 'CPUCreditBalance'
|
|
24
|
+
alarm.comparison_operator = 'LessThanThreshold'
|
|
25
|
+
alarm.statistic = 'Minimum'
|
|
26
|
+
alarm.threshold = 100
|
|
27
|
+
alarm.evaluation_periods = 5
|
|
28
|
+
alarm.treat_missing_data = 'notBreaching'
|
|
29
|
+
alarm.datapoints_to_alarm = 5
|
|
30
|
+
@alarms.push(alarm)
|
|
20
31
|
end
|
|
21
32
|
|
|
22
33
|
def default_event_subscriptions()
|
|
@@ -11,6 +11,17 @@ module CfnGuardian
|
|
|
11
11
|
alarm.evaluation_periods = 5
|
|
12
12
|
alarm.statistic = 'Minimum'
|
|
13
13
|
@alarms.push(alarm)
|
|
14
|
+
|
|
15
|
+
alarm = CfnGuardian::Models::ElasticFileSystemAlarm.new(@resource)
|
|
16
|
+
alarm.name = 'BurstCreditBalanceLow'
|
|
17
|
+
alarm.metric_name = 'BurstCreditBalance'
|
|
18
|
+
alarm.comparison_operator = 'LessThanThreshold'
|
|
19
|
+
alarm.statistic = 'Minimum'
|
|
20
|
+
alarm.threshold = 1000000000000
|
|
21
|
+
alarm.evaluation_periods = 5
|
|
22
|
+
alarm.treat_missing_data = 'notBreaching'
|
|
23
|
+
alarm.datapoints_to_alarm = 5
|
|
24
|
+
@alarms.push(alarm)
|
|
14
25
|
end
|
|
15
26
|
end
|
|
16
27
|
end
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
module CfnGuardian::Resource
|
|
2
|
+
class VPNConnection < Base
|
|
3
|
+
|
|
4
|
+
def default_alarms
|
|
5
|
+
alarm = CfnGuardian::Models::VPNConnectionAlarm.new(@resource)
|
|
6
|
+
alarm.name = 'VPNConnectionState'
|
|
7
|
+
alarm.metric_name = 'TunnelState'
|
|
8
|
+
alarm.comparison_operator = 'LessThanThreshold'
|
|
9
|
+
alarm.statistic = 'Average'
|
|
10
|
+
alarm.threshold = 0.5
|
|
11
|
+
alarm.evaluation_periods = 3
|
|
12
|
+
alarm.treat_missing_data = 'breaching'
|
|
13
|
+
alarm.datapoints_to_alarm = 3
|
|
14
|
+
@alarms.push(alarm)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
end
|
|
18
|
+
end
|
data/lib/cfnguardian/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cfn-guardian
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.6.
|
|
4
|
+
version: 0.6.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Guslington
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-06-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thor
|
|
@@ -307,6 +307,7 @@ files:
|
|
|
307
307
|
- lib/cfnguardian/resources/sqs_queue.rb
|
|
308
308
|
- lib/cfnguardian/resources/step_functions.rb
|
|
309
309
|
- lib/cfnguardian/resources/tls.rb
|
|
310
|
+
- lib/cfnguardian/resources/vpn_connection.rb
|
|
310
311
|
- lib/cfnguardian/resources/vpn_tunnel.rb
|
|
311
312
|
- lib/cfnguardian/s3.rb
|
|
312
313
|
- lib/cfnguardian/stacks/main.rb
|