cfn-guardian 0.7.9 → 0.7.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -0
  3. data/docs/event_subscriptions.md +17 -5
  4. data/docs/resources.md +1 -0
  5. data/lib/cfnguardian/compile.rb +1 -0
  6. data/lib/cfnguardian/config/defaults.yaml +2 -0
  7. data/lib/cfnguardian/models/alarm.rb +9 -0
  8. data/lib/cfnguardian/resources/documentdb_cluster.rb +39 -0
  9. data/lib/cfnguardian/version.rb +1 -1
  10. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 87b0a72c2cf978be553f83a589a2d45643358ce43434ebd4fd6d3cf8974eee27
4
- data.tar.gz: c69af701ac2d137887d935c6afc6ea0503e9529c2aa685f86c0f134bc5e0905a
3
+ metadata.gz: 033f2fc6acd9cb43ea7d5ed3e86380ad7ca5466f933a74a9ce82d596dcd60357
4
+ data.tar.gz: beae571c60d4b70cfb822ecce7987ef7c4f24e95b26b998982baee926bfd9779
5
5
  SHA512:
6
- metadata.gz: 11e0c2f2ef8d6b665fde021c661a4ad0c49201bc33281feab09c37ca07d9beebb64e7b2085bbd5076b89f64b2ab2e20a68f98d30c265427e25f22dfe60fc2c8e
7
- data.tar.gz: fca7427abb12c5616e4162fbf0ce3a7b9e33cafc6929c301ab3084f59f642eedad0a4c68130499f3a0e5afbf3889b7af7409951b601550f2fc61deefaf633252
6
+ metadata.gz: 155df68c0cf8696ca55547df817e45e60e967c817b2b00eae8fb416113a776792edc9cd6ba508ef6350fca3f09da202eb384e5bfb63047b5f598b5be2098dfb7
7
+ data.tar.gz: b1e423475b999de9444b1a90fcf22215a65284c2694c9c68cd7d32985a0690f018fee7343e9360809be00d3ec8615bef4800540b8f01a84d59020172b48640aa
data/README.md CHANGED
@@ -29,6 +29,7 @@ CfnGuardian is a AWS monitoring tool with a few capabilities:
29
29
  - Network TargetGroups
30
30
  - AutoScalingGroups
31
31
  - CloudFront Distributions
32
+ - DocumentDB Clusters
32
33
  - DynamoDB Tables
33
34
  - EC2 Instances
34
35
  - ECS Clusters
data/docs/event_subscriptions.md CHANGED
@@ -10,14 +10,14 @@ As with the default alarms in Guardian, there are default events for some resour
10
10
 
11
11
  ## Overriding Defaults
12
12
 
13
- Default properites of the events can be overridden through the config YAML using the `EventsSubscription` top level key.
13
+ Default properties of the events can be overridden through the config YAML using the `EventsSubscriptions` top level key.
14
14
  For example here we are changing the topic the event is being send to.
15
15
 
16
16
  ```yaml
17
17
  Topics:
18
18
  CustomEvents: arn:aws:sns....
19
19
 
20
- EventSubscription:
20
+ EventSubscriptions:
21
21
  Ec2Instance:
22
22
  InstanceTerminated:
23
23
  Topic: CustomEvents
@@ -28,12 +28,24 @@ EventSubscription:
28
28
  Default events can be disabled, the same way default alarms can be disabled through the config YAML.
29
29
 
30
30
  ```yaml
31
- EventSubscription:
31
+ EventSubscriptions:
32
32
  Ec2Instance:
33
33
  # set the instance terminated event to false to disable the event
34
34
  InstanceTerminated: false
35
35
  ```
36
36
 
37
+ ## Enabling Default Events
38
+
39
+ Some templates may have events that are disabled by default, they can be enabled using a slightly different syntax to disabling.
40
+
41
+ ```yaml
42
+ EventSubscriptions:
43
+ RDSInstance:
44
+ # set the replication failure event to true to enable the event
45
+ ReplicationFailure:
46
+ Enabled: true
47
+ ```
48
+
37
49
  ## Creating Custom Events
38
50
 
39
51
  Custom events can be created if there are not defaults for that event. They can be inherited from a default event or from the base event model.
@@ -44,7 +56,7 @@ This is useful if you want to create a new event and a default event already has
44
56
  The following example inherits the `MasterPasswordReset` RDS event and creates a new event that captures the security group add to an rds instance event.
45
57
 
46
58
  ```yaml
47
- EventSubscription:
59
+ EventSubscriptions:
48
60
  RDSInstance:
49
61
  # Create a new event name
50
62
  DBNewSecurityGroup:
@@ -59,7 +71,7 @@ EventSubscription:
59
71
  If there are no default events that match the format you require you can create an event of the base event subscription model.
60
72
 
61
73
  ```yaml
62
- EventSubscription:
74
+ EventSubscriptions:
63
75
  ECSCluster:
64
76
  ContainerInstanceStateChange:
65
77
  Source: aws.ecs
data/docs/resources.md CHANGED
@@ -39,6 +39,7 @@ Resources:
39
39
  | ApiGateway | Id |
40
40
  | AmazonMQBroker | Id |
41
41
  | AutoScalingGroup | Id |
42
+ | DocumentDBCluster | Id |
42
43
  | DynamoDBTable | Id |
43
44
  | ElastiCacheReplicationGroup | Id |
44
45
  | ElasticFileSystem | Id |
data/lib/cfnguardian/compile.rb CHANGED
@@ -12,6 +12,7 @@ require 'cfnguardian/resources/autoscaling_group'
12
12
  require 'cfnguardian/resources/cloudfront_distribution'
13
13
  require 'cfnguardian/resources/autoscaling_group'
14
14
  require 'cfnguardian/resources/domain_expiry'
15
+ require 'cfnguardian/resources/documentdb_cluster'
15
16
  require 'cfnguardian/resources/dynamodb_table'
16
17
  require 'cfnguardian/resources/ec2_instance'
17
18
  require 'cfnguardian/resources/ecs_cluster'
data/lib/cfnguardian/config/defaults.yaml CHANGED
@@ -19,6 +19,8 @@ Resources:
19
19
  - Id: Default
20
20
  CloudFrontDistribution:
21
21
  - Id: Default
22
+ DocumentDBCluster:
23
+ - Id: Default
22
24
  DomainExpiry:
23
25
  - Id: Default
24
26
  DynamoDBTable:
data/lib/cfnguardian/models/alarm.rb CHANGED
@@ -153,6 +153,15 @@ module CfnGuardian
153
153
  @dimensions = { AutoScalingGroupName: resource['Id'] }
154
154
  end
155
155
  end
156
+
157
+ class DocumentDBClusterAlarm < BaseAlarm
158
+ def initialize(resource)
159
+ super(resource)
160
+ @group = 'DocumentDBCluster'
161
+ @namespace = 'AWS/DocDB'
162
+ @dimensions = { DBClusterIdentifier: resource['Id'] }
163
+ end
164
+ end
156
165
 
157
166
  class DomainExpiryAlarm < BaseAlarm
158
167
  def initialize(resource)
data/lib/cfnguardian/resources/documentdb_cluster.rb ADDED
@@ -0,0 +1,39 @@
1
+ module CfnGuardian::Resource
2
+ class DocumentDBCluster < Base
3
+
4
+ def default_alarms
5
+ alarm = CfnGuardian::Models::DocumentDBClusterAlarm.new(@resource)
6
+ alarm.name = 'CPUUtilizationHighBase'
7
+ alarm.metric_name = 'CPUUtilization'
8
+ alarm.threshold = 75
9
+ alarm.evaluation_periods = 60
10
+ alarm.alarm_action = 'Warning'
11
+ @alarms.push(alarm)
12
+
13
+ alarm = CfnGuardian::Models::DocumentDBClusterAlarm.new(@resource)
14
+ alarm.name = 'CPUUtilizationHighSpike'
15
+ alarm.metric_name = 'CPUUtilization'
16
+ alarm.threshold = 95
17
+ alarm.evaluation_periods = 10
18
+ @alarms.push(alarm)
19
+
20
+ alarm = CfnGuardian::Models::DocumentDBClusterAlarm.new(@resource)
21
+ alarm.name = 'DatabaseConnections'
22
+ alarm.metric_name = 'DatabaseConnections'
23
+ alarm.statistic = 'Minimum'
24
+ alarm.threshold = 50
25
+ alarm.evaluation_periods = 10
26
+ @alarms.push(alarm)
27
+
28
+ alarm = CfnGuardian::Models::DocumentDBClusterAlarm.new(@resource)
29
+ alarm.name = 'FreeableMemory'
30
+ alarm.metric_name = 'FreeableMemory'
31
+ alarm.threshold = 1000000000
32
+ alarm.evaluation_periods = 3
33
+ @alarms.push(alarm)
34
+ end
35
+
36
+ end
37
+ end
38
+
39
+
data/lib/cfnguardian/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module CfnGuardian
2
- VERSION = "0.7.9"
2
+ VERSION = "0.7.10"
3
3
  CHANGE_SET_VERSION = VERSION.gsub('.', '-').freeze
4
4
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-guardian
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.9
4
+ version: 0.7.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Guslington
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-01-13 00:00:00.000000000 Z
11
+ date: 2022-01-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thor
@@ -280,6 +280,7 @@ files:
280
280
  - lib/cfnguardian/resources/base.rb
281
281
  - lib/cfnguardian/resources/batch.rb
282
282
  - lib/cfnguardian/resources/cloudfront_distribution.rb
283
+ - lib/cfnguardian/resources/documentdb_cluster.rb
283
284
  - lib/cfnguardian/resources/domain_expiry.rb
284
285
  - lib/cfnguardian/resources/dynamodb_table.rb
285
286
  - lib/cfnguardian/resources/ec2_instance.rb