esp_sdk 2.0.0 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +1 -0
- data/CHANGELOG.md +6 -1
- data/Gemfile.lock +11 -1
- data/README.md +287 -28
- data/bin/esp +15 -0
- data/esp_sdk.gemspec +2 -0
- data/lib/esp/aws_clients.rb +60 -0
- data/lib/esp/commands/add_external_account.rb +57 -0
- data/lib/esp/commands/commands_tasks.rb +106 -0
- data/lib/esp/commands/console.rb +68 -0
- data/lib/esp/extensions/active_resource/formats/json_api_format.rb +12 -4
- data/lib/esp/extensions/active_resource/paginated_collection.rb +5 -5
- data/lib/esp/extensions/active_resource/validations.rb +1 -1
- data/lib/esp/external_account_creator.rb +77 -0
- data/lib/esp/resources/alert.rb +30 -34
- data/lib/esp/resources/cloud_trail_event.rb +5 -0
- data/lib/esp/resources/contact_request.rb +6 -5
- data/lib/esp/resources/custom_signature.rb +32 -56
- data/lib/esp/resources/dashboard.rb +8 -1
- data/lib/esp/resources/external_account.rb +27 -19
- data/lib/esp/resources/organization.rb +27 -3
- data/lib/esp/resources/region.rb +15 -3
- data/lib/esp/resources/report.rb +28 -24
- data/lib/esp/resources/resource.rb +26 -10
- data/lib/esp/resources/service.rb +5 -0
- data/lib/esp/resources/signature.rb +28 -12
- data/lib/esp/resources/stat.rb +21 -2
- data/lib/esp/resources/stat_custom_signature.rb +30 -4
- data/lib/esp/resources/stat_region.rb +29 -3
- data/lib/esp/resources/stat_service.rb +29 -3
- data/lib/esp/resources/stat_signature.rb +29 -3
- data/lib/esp/resources/sub_organization.rb +27 -3
- data/lib/esp/resources/suppression/region.rb +14 -32
- data/lib/esp/resources/suppression/signature.rb +14 -40
- data/lib/esp/resources/suppression/unique_identifier.rb +8 -6
- data/lib/esp/resources/suppression.rb +43 -5
- data/lib/esp/resources/tag.rb +5 -0
- data/lib/esp/resources/team.rb +33 -9
- data/lib/esp/resources/user.rb +29 -3
- data/lib/esp/version.rb +1 -1
- data/lib/esp.rb +25 -5
- data/test/esp/aws_clients_test.rb +101 -0
- data/test/esp/extensions/active_resource/formats/json_api_format_test.rb +26 -12
- data/test/esp/extensions/active_resource/paginated_collection_test.rb +93 -72
- data/test/esp/extensions/active_resource/validations_test.rb +2 -12
- data/test/esp/external_account_creator_test.rb +153 -0
- data/test/esp/resources/alert_test.rb +71 -33
- data/test/esp/resources/cloud_trail_event_test.rb +9 -1
- data/test/esp/resources/contact_request_test.rb +8 -0
- data/test/esp/resources/custom_signature_test.rb +8 -0
- data/test/esp/resources/dashboard_test.rb +8 -0
- data/test/esp/resources/external_account_test.rb +8 -0
- data/test/esp/resources/metadata_test.rb +1 -1
- data/test/esp/resources/organization_test.rb +8 -0
- data/test/esp/resources/region_test.rb +12 -4
- data/test/esp/resources/report_test.rb +13 -4
- data/test/esp/resources/resource_test.rb +208 -64
- data/test/esp/resources/service_test.rb +8 -0
- data/test/esp/resources/signature_test.rb +15 -9
- data/test/esp/resources/stat_custom_signature_test.rb +9 -1
- data/test/esp/resources/stat_region_test.rb +23 -1
- data/test/esp/resources/stat_service_test.rb +23 -1
- data/test/esp/resources/stat_signature_test.rb +23 -1
- data/test/esp/resources/stat_test.rb +52 -8
- data/test/esp/resources/sub_organization_test.rb +8 -0
- data/test/esp/resources/suppression/region_test.rb +10 -2
- data/test/esp/resources/suppression/signature_test.rb +10 -2
- data/test/esp/resources/suppression/unique_identifier_test.rb +10 -2
- data/test/esp/resources/suppression_test.rb +74 -14
- data/test/esp/resources/tag_test.rb +9 -1
- data/test/esp/resources/team_test.rb +8 -0
- data/test/esp/resources/user_test.rb +49 -19
- data/test/esp_test.rb +19 -1
- data/test/factories/alerts.rb +70 -0
- data/test/factories/organizations.rb +2 -2
- data/test/factories/regions.rb +1 -1
- data/test/factories/sub_organizations.rb +1 -1
- data/test/factories/suppressions.rb +109 -3
- data/test/factories/users.rb +65 -2
- data/test/test_helper.rb +9 -8
- metadata +41 -69
- data/bin/esp_console +0 -67
- data/rdoc/ActiveResource/Formats.html +0 -178
- data/rdoc/ActiveResource/PaginatedCollection.html +0 -912
- data/rdoc/ActiveResource.html +0 -182
- data/rdoc/ESP/Alert.html +0 -808
- data/rdoc/ESP/CloudTrailEvent.html +0 -377
- data/rdoc/ESP/ContactRequest.html +0 -368
- data/rdoc/ESP/CustomSignature.html +0 -748
- data/rdoc/ESP/Dashboard.html +0 -357
- data/rdoc/ESP/ExternalAccount.html +0 -567
- data/rdoc/ESP/Metadata.html +0 -411
- data/rdoc/ESP/Organization.html +0 -592
- data/rdoc/ESP/Region.html +0 -401
- data/rdoc/ESP/Report.html +0 -624
- data/rdoc/ESP/Service.html +0 -382
- data/rdoc/ESP/Signature.html +0 -557
- data/rdoc/ESP/Stat.html +0 -1780
- data/rdoc/ESP/StatCustomSignature.html +0 -1601
- data/rdoc/ESP/StatRegion.html +0 -1600
- data/rdoc/ESP/StatService.html +0 -1600
- data/rdoc/ESP/StatSignature.html +0 -1600
- data/rdoc/ESP/SubOrganization.html +0 -542
- data/rdoc/ESP/Suppression/Region.html +0 -456
- data/rdoc/ESP/Suppression/Signature.html +0 -472
- data/rdoc/ESP/Suppression/UniqueIdentifier.html +0 -419
- data/rdoc/ESP/Suppression.html +0 -651
- data/rdoc/ESP/Tag.html +0 -373
- data/rdoc/ESP/Team.html +0 -586
- data/rdoc/ESP/User.html +0 -485
- data/rdoc/ESP.html +0 -549
- data/rdoc/README_md.html +0 -503
- data/rdoc/created.rid +0 -31
- data/rdoc/images/add.png +0 -0
- data/rdoc/images/arrow_up.png +0 -0
- data/rdoc/images/brick.png +0 -0
- data/rdoc/images/brick_link.png +0 -0
- data/rdoc/images/bug.png +0 -0
- data/rdoc/images/bullet_black.png +0 -0
- data/rdoc/images/bullet_toggle_minus.png +0 -0
- data/rdoc/images/bullet_toggle_plus.png +0 -0
- data/rdoc/images/date.png +0 -0
- data/rdoc/images/delete.png +0 -0
- data/rdoc/images/find.png +0 -0
- data/rdoc/images/loadingAnimation.gif +0 -0
- data/rdoc/images/macFFBgHack.png +0 -0
- data/rdoc/images/package.png +0 -0
- data/rdoc/images/page_green.png +0 -0
- data/rdoc/images/page_white_text.png +0 -0
- data/rdoc/images/page_white_width.png +0 -0
- data/rdoc/images/plugin.png +0 -0
- data/rdoc/images/ruby.png +0 -0
- data/rdoc/images/tag_blue.png +0 -0
- data/rdoc/images/tag_green.png +0 -0
- data/rdoc/images/transparent.png +0 -0
- data/rdoc/images/wrench.png +0 -0
- data/rdoc/images/wrench_orange.png +0 -0
- data/rdoc/images/zoom.png +0 -0
- data/rdoc/index.html +0 -136
- data/rdoc/js/darkfish.js +0 -155
- data/rdoc/js/jquery.js +0 -4
- data/rdoc/js/navigation.js +0 -142
- data/rdoc/js/search.js +0 -94
- data/rdoc/js/search_index.js +0 -1
- data/rdoc/js/searcher.js +0 -228
- data/rdoc/rdoc.css +0 -595
- data/rdoc/table_of_contents.html +0 -942
@@ -0,0 +1,68 @@
|
|
1
|
+
# https://www.fedux.org/articles/2015/08/26/creating-an-irb-based-repl-console-for-your-project.html
|
2
|
+
require 'optparse'
|
3
|
+
require 'irb'
|
4
|
+
|
5
|
+
ARGV.clone.options do |opts|
|
6
|
+
opts.banner = "Usage: esp console"
|
7
|
+
|
8
|
+
opts.separator ""
|
9
|
+
|
10
|
+
opts.on("-h", "--help",
|
11
|
+
"Show this help message.") do
|
12
|
+
puts opts # rubocop:disable Rails/Output
|
13
|
+
exit
|
14
|
+
end
|
15
|
+
|
16
|
+
opts.separator ""
|
17
|
+
opts.separator "An IRB console you can use if not using it in a Rails app"
|
18
|
+
opts.separator ""
|
19
|
+
|
20
|
+
opts.parse!
|
21
|
+
end
|
22
|
+
|
23
|
+
module ESP
|
24
|
+
class Console
|
25
|
+
def start # rubocop:disable Metrics/MethodLength
|
26
|
+
ARGV.clear
|
27
|
+
IRB.setup nil
|
28
|
+
|
29
|
+
IRB.conf[:PROMPT] = {}
|
30
|
+
IRB.conf[:IRB_NAME] = 'espsdk'
|
31
|
+
IRB.conf[:PROMPT][:ESPSDK] = {
|
32
|
+
PROMPT_I: '%N:%03n:%i> ',
|
33
|
+
PROMPT_N: '%N:%03n:%i> ',
|
34
|
+
PROMPT_S: '%N:%03n:%i%l ',
|
35
|
+
PROMPT_C: '%N:%03n:%i* ',
|
36
|
+
RETURN: "# => %s\n"
|
37
|
+
}
|
38
|
+
IRB.conf[:PROMPT_MODE] = :ESPSDK
|
39
|
+
|
40
|
+
IRB.conf[:RC] = false
|
41
|
+
|
42
|
+
require 'irb/completion'
|
43
|
+
require 'irb/ext/save-history'
|
44
|
+
IRB.conf[:READLINE] = true
|
45
|
+
IRB.conf[:SAVE_HISTORY] = 1000
|
46
|
+
IRB.conf[:HISTORY_FILE] = '~/.esp_sdk_history'
|
47
|
+
|
48
|
+
context = Class.new do
|
49
|
+
include ESP
|
50
|
+
end
|
51
|
+
|
52
|
+
irb = IRB::Irb.new(IRB::WorkSpace.new(context.new))
|
53
|
+
IRB.conf[:MAIN_CONTEXT] = irb.context
|
54
|
+
|
55
|
+
trap("SIGINT") do
|
56
|
+
irb.signal_handle
|
57
|
+
end
|
58
|
+
|
59
|
+
begin
|
60
|
+
catch(:IRB_EXIT) do
|
61
|
+
irb.eval_input
|
62
|
+
end
|
63
|
+
ensure
|
64
|
+
IRB.irb_at_exit
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'active_support/json'
|
2
2
|
|
3
|
-
module ActiveResource
|
3
|
+
module ActiveResource # :nodoc: all
|
4
4
|
class ConnectionError
|
5
5
|
def initialize(response)
|
6
6
|
@response = if response.respond_to?(:response)
|
@@ -20,7 +20,7 @@ module ActiveResource
|
|
20
20
|
end
|
21
21
|
end
|
22
22
|
|
23
|
-
module Formats
|
23
|
+
module Formats # :nodoc: all
|
24
24
|
module JsonAPIFormat
|
25
25
|
module_function
|
26
26
|
|
@@ -114,11 +114,19 @@ module ActiveResource
|
|
114
114
|
return if included.blank?
|
115
115
|
object[assoc] = case data
|
116
116
|
when Array
|
117
|
-
|
117
|
+
merge_nested_included_objects(object, data, included)
|
118
118
|
when Hash
|
119
|
-
|
119
|
+
merge_nested_included_objects(object, [data], included).first
|
120
120
|
end
|
121
121
|
end
|
122
|
+
|
123
|
+
def self.merge_nested_included_objects(object, data, included)
|
124
|
+
assocs = included.select { |i| data.include?((i.slice('type', 'id'))) }
|
125
|
+
# Remove the object from the included array to prevent an infinite loop if one of it's associations relates back to itself.
|
126
|
+
assoc_included = included.dup
|
127
|
+
assoc_included.delete(object)
|
128
|
+
assocs.map { |i| parse_object!(i, assoc_included) }
|
129
|
+
end
|
122
130
|
end
|
123
131
|
end
|
124
132
|
end
|
@@ -26,7 +26,7 @@ module ActiveResource
|
|
26
26
|
# alerts.current_page_number # => 5
|
27
27
|
# first_page.current_page_number # => 1
|
28
28
|
def first_page
|
29
|
-
previous_page? ? resource_class.
|
29
|
+
previous_page? ? resource_class.where(original_params.merge(from: from, page: { number: 1 })) : self
|
30
30
|
end
|
31
31
|
|
32
32
|
# Updates the existing PaginatedCollection object with the first page of data when not on the first page.
|
@@ -49,7 +49,7 @@ module ActiveResource
|
|
49
49
|
# alerts.current_page_number # => 5
|
50
50
|
# previous_page.current_page_number # => 4
|
51
51
|
def previous_page
|
52
|
-
previous_page? ? resource_class.
|
52
|
+
previous_page? ? resource_class.where(original_params.merge(previous_page_params.merge(from: from))) : self
|
53
53
|
end
|
54
54
|
|
55
55
|
# Updates the existing PaginatedCollection object with the previous page of data when not on the first page.
|
@@ -72,7 +72,7 @@ module ActiveResource
|
|
72
72
|
# alerts.current_page_number # => 5
|
73
73
|
# next_page.current_page_number # => 6
|
74
74
|
def next_page
|
75
|
-
next_page? ? resource_class.
|
75
|
+
next_page? ? resource_class.where(original_params.merge(next_page_params.merge(from: from))) : self
|
76
76
|
end
|
77
77
|
|
78
78
|
# Updates the existing PaginatedCollection object with the last page of data when not on the last page.
|
@@ -95,7 +95,7 @@ module ActiveResource
|
|
95
95
|
# alerts.current_page_number # => 5
|
96
96
|
# last_page.current_page_number # => 25
|
97
97
|
def last_page
|
98
|
-
!last_page? ? resource_class.
|
98
|
+
!last_page? ? resource_class.where(original_params.merge(last_page_params.merge(from: from))) : self
|
99
99
|
end
|
100
100
|
|
101
101
|
# Updates the existing PaginatedCollection object with the last page of data when not on the last page.
|
@@ -125,7 +125,7 @@ module ActiveResource
|
|
125
125
|
fail ArgumentError, "You must supply a page number." unless page_number.present?
|
126
126
|
fail ArgumentError, "Page number cannot be less than 1." if page_number.to_i < 1
|
127
127
|
fail ArgumentError, "Page number cannot be greater than the last page number." if page_number.to_i > last_page_number.to_i
|
128
|
-
page_number.to_i != current_page_number.to_i ? resource_class.
|
128
|
+
page_number.to_i != current_page_number.to_i ? resource_class.where(original_params.merge(from: from, page: { number: page_number, size: (next_page_params || previous_page_params)['page']['size'] })) : self
|
129
129
|
end
|
130
130
|
|
131
131
|
# Returns a new PaginatedCollection with the +page_number+ page of data when not already on page +page_number+.
|
@@ -0,0 +1,77 @@
|
|
1
|
+
module ESP # :nodoc: all
|
2
|
+
class AddExternalAccountError < StandardError
|
3
|
+
EXIT_CODES = {
|
4
|
+
'12 characters' => 98,
|
5
|
+
'not a number' => 97,
|
6
|
+
'organization not found' => 96,
|
7
|
+
'sub organization' => 95,
|
8
|
+
'team' => 94,
|
9
|
+
'external account' => 93
|
10
|
+
}.freeze
|
11
|
+
|
12
|
+
def initialize(message = nil)
|
13
|
+
super
|
14
|
+
end
|
15
|
+
|
16
|
+
def exit_code
|
17
|
+
EXIT_CODES.detect { |key, _code| message =~ /#{key}/i }.last
|
18
|
+
rescue StandardError
|
19
|
+
1
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
class ExternalAccountCreator
|
24
|
+
attr_reader :aws
|
25
|
+
|
26
|
+
def initialize
|
27
|
+
@aws = AWSClients.new
|
28
|
+
end
|
29
|
+
|
30
|
+
def create
|
31
|
+
fail ESP::AddExternalAccountError, aws.errors.full_messages.join(', ') unless aws.valid?
|
32
|
+
|
33
|
+
puts "adding AWS account #{aws.owner_id} to ESP as #{team_name}" # rubocop:disable Rails/Output
|
34
|
+
aws_role_object = aws.create_and_attach_role!(external_account_id)
|
35
|
+
sleep 10
|
36
|
+
|
37
|
+
puts "aws_role_arn = #{aws_role_object.role.arn}, external_id = #{external_account_id}, nickname = #{team_name}, esp_suborg_id = #{sub_organization.id}, esp_team_id = #{team.id}" # rubocop:disable Rails/Output
|
38
|
+
external_account = ESP::ExternalAccount.create(arn: aws_role_object.role.arn, external_id: external_account_id, name: team_name, sub_organization_id: sub_organization.id, team_id: team.id)
|
39
|
+
fail ESP::AddExternalAccountError, "On External Account: #{external_account.errors.full_messages.join(', ')}" unless external_account.errors.blank?
|
40
|
+
external_account
|
41
|
+
end
|
42
|
+
|
43
|
+
private
|
44
|
+
|
45
|
+
def external_account_id
|
46
|
+
@external_id ||= ESP::ExternalAccount.new.generate_external_id
|
47
|
+
end
|
48
|
+
|
49
|
+
def organization
|
50
|
+
@organization ||= ESP::Organization.last
|
51
|
+
fail ESP::AddExternalAccountError, "Organization not found" if @organization.blank?
|
52
|
+
@organization
|
53
|
+
end
|
54
|
+
|
55
|
+
def sub_organization
|
56
|
+
@sub_org ||= begin
|
57
|
+
sub_org = ESP::SubOrganization.where(name_eq: 'AutoCreate').first
|
58
|
+
sub_org || ESP::SubOrganization.create(name: "AutoCreate", organization_id: organization.id)
|
59
|
+
end
|
60
|
+
fail ESP::AddExternalAccountError, "On Sub Organization: #{@sub_org.errors.full_messages.first}" unless @sub_org.errors.blank?
|
61
|
+
@sub_org
|
62
|
+
end
|
63
|
+
|
64
|
+
def team_name
|
65
|
+
"#{sub_organization.name} #{aws.owner_id}"
|
66
|
+
end
|
67
|
+
|
68
|
+
def team
|
69
|
+
@team ||= begin
|
70
|
+
team = ESP::Team.where(name: team_name, sub_organization_id: sub_organization.id).first
|
71
|
+
team || ESP::Team.create(name: team_name, sub_organization_id: sub_organization.id)
|
72
|
+
end
|
73
|
+
fail ESP::AddExternalAccountError, "On Team: #{@team.errors.full_messages.first}" unless @team.errors.blank?
|
74
|
+
@team
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
data/lib/esp/resources/alert.rb
CHANGED
@@ -45,61 +45,57 @@ module ESP
|
|
45
45
|
end
|
46
46
|
|
47
47
|
# Returns a paginated collection of alerts for the given report_id
|
48
|
-
# Convenience method to use instead of ::find since a report_id is required to return alerts.
|
49
48
|
#
|
50
49
|
# ==== Parameters
|
51
50
|
#
|
52
|
-
# +
|
51
|
+
# +clauses+ | Required | Hash of attributes with appended predicates to search, sort and include.
|
53
52
|
#
|
54
|
-
#
|
53
|
+
# ===== Valid Clauses
|
55
54
|
#
|
56
|
-
#
|
55
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#searching-alerts] for valid arguments
|
57
56
|
#
|
58
|
-
#
|
59
|
-
#
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
57
|
+
# ==== Example
|
58
|
+
# alerts = ESP::Alert.where(report_id: 54, status_eq: 'fail', signature_risk_level_in: ['High'], include: 'signature')
|
59
|
+
def self.where(clauses = {})
|
60
|
+
clauses = clauses.with_indifferent_access
|
61
|
+
return super(clauses) if clauses[:from].present?
|
62
|
+
from = for_report(clauses.delete(:report_id))
|
63
|
+
super clauses.merge(from: from)
|
64
|
+
end
|
65
|
+
|
66
|
+
# Find an Alert by id
|
65
67
|
#
|
66
|
-
#
|
68
|
+
# ==== Parameter
|
67
69
|
#
|
68
|
-
# +
|
70
|
+
# +id+ | Required | The ID of the alert to retrieve
|
69
71
|
#
|
70
|
-
# +
|
72
|
+
# +options+ | Optional | A hash of options
|
71
73
|
#
|
72
|
-
#
|
74
|
+
# ===== Valid Options
|
73
75
|
#
|
74
|
-
# +
|
76
|
+
# +include+ | The list of associated objects to return on the initial request.
|
75
77
|
#
|
76
|
-
#
|
78
|
+
# ===== Valid Includable Associations
|
77
79
|
#
|
78
|
-
#
|
80
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#searching-alerts] for valid arguments
|
79
81
|
#
|
80
82
|
# ==== Example
|
81
|
-
#
|
82
|
-
def self.for_report(report_id = nil, arguments = {})
|
83
|
-
fail ArgumentError, "You must supply a report id." unless report_id.present?
|
84
|
-
from = "#{prefix}reports/#{report_id}/alerts.json"
|
85
|
-
all(from: from, params: arguments)
|
86
|
-
end
|
87
|
-
|
88
|
-
# Find an Alert by id
|
89
|
-
#
|
90
|
-
# ==== Parameter
|
91
|
-
#
|
92
|
-
# +id+ | Required | The ID of the alert to retrieve
|
83
|
+
# alert = ESP::Alert.find(1, include: 'tags,external_account.team')
|
93
84
|
#
|
94
85
|
# :call-seq:
|
95
|
-
# find(id)
|
86
|
+
# find(id, options = {})
|
96
87
|
def self.find(*arguments)
|
97
88
|
scope = arguments.slice!(0)
|
98
89
|
options = (arguments.slice!(0) || {}).with_indifferent_access
|
99
90
|
return super(scope, options) if scope.is_a?(Numeric) || options[:from].present?
|
100
|
-
params = options.fetch(:params, {})
|
101
|
-
|
102
|
-
|
91
|
+
params = options.fetch(:params, {})
|
92
|
+
from = for_report(params.delete(:report_id))
|
93
|
+
all(from: "#{from}.json", params: params)
|
94
|
+
end
|
95
|
+
|
96
|
+
def self.for_report(report_id) # :nodoc:
|
97
|
+
fail ArgumentError, "You must supply a report id." unless report_id.present?
|
98
|
+
"#{prefix}reports/#{report_id}/alerts"
|
103
99
|
end
|
104
100
|
|
105
101
|
# Suppress the signature associated with this alert.
|
@@ -1,5 +1,10 @@
|
|
1
1
|
module ESP
|
2
2
|
class CloudTrailEvent < ESP::Resource
|
3
|
+
# Not Implemented. You cannot search for a CloudTrailEvent.
|
4
|
+
def self.where(*)
|
5
|
+
fail ESP::NotImplementedError
|
6
|
+
end
|
7
|
+
|
3
8
|
# Not Implemented. You cannot create or update a CloudTrailEvent.
|
4
9
|
def save
|
5
10
|
fail ESP::NotImplementedError
|
@@ -6,6 +6,11 @@ module ESP
|
|
6
6
|
fail ESP::NotImplementedError
|
7
7
|
end
|
8
8
|
|
9
|
+
# Not Implemented. You cannot search for ContactRequest.
|
10
|
+
def self.where(*)
|
11
|
+
fail ESP::NotImplementedError
|
12
|
+
end
|
13
|
+
|
9
14
|
# Not Implemented. You cannot update a ContactRequest.
|
10
15
|
def update
|
11
16
|
fail ESP::NotImplementedError
|
@@ -25,11 +30,7 @@ module ESP
|
|
25
30
|
#
|
26
31
|
# ===== Valid Attributes
|
27
32
|
#
|
28
|
-
#
|
29
|
-
#
|
30
|
-
# +description+ | Required | Body of your message
|
31
|
-
#
|
32
|
-
# +request_type+ | Required | Type of contact request. Supported values are `support` for support requests and `feature` for a feature request
|
33
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#contact-request-create] for valid arguments
|
33
34
|
#
|
34
35
|
#
|
35
36
|
# :call-seq:
|
@@ -14,13 +14,7 @@ module ESP
|
|
14
14
|
#
|
15
15
|
# ===== Valid Arguments
|
16
16
|
#
|
17
|
-
#
|
18
|
-
#
|
19
|
-
# +signature+ | Required | The code for this custom signature
|
20
|
-
#
|
21
|
-
# +language+ | Required | The language of the custom signature. Possible values are `ruby` or `javascript`
|
22
|
-
#
|
23
|
-
# +regions+ | Required | Array of region names to run this custom signature against
|
17
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-run-new] for valid arguments
|
24
18
|
#
|
25
19
|
# ==== Example
|
26
20
|
# signature = "# Demo Ruby Signature\r\nconfigure do |c|\r\n # Set regions to run in. Remove this line to run in all regions.\r\n c.valid_regions = [:us_east_1]\r\n # Override region to display as global. Useful when checking resources\r\n # like IAM that do not have a specific region.\r\n c.display_as = :global\r\n # deep_inspection works with set_data to automically collect\r\n # data fields for each alert. Not required.\r\n c.deep_inspection = [:users]\r\nend\r\n\r\n# Required perform method\r\ndef perform(aws)\r\n list_users = aws.iam.list_users\r\n count = list_users[:users].count\r\n\r\n # Set data for deep_inspection to use\r\n set_data(list_users)\r\n\r\n if count == 0\r\n fail(user_count: count, condition: 'count == 0')\r\n else\r\n pass(user_count: count, condition: 'count >= 1')\r\n end\r\nend\r\n"
|
@@ -42,13 +36,7 @@ module ESP
|
|
42
36
|
#
|
43
37
|
# ===== Valid Arguments
|
44
38
|
#
|
45
|
-
#
|
46
|
-
#
|
47
|
-
# +signature+ | Required | The code for this custom signature
|
48
|
-
#
|
49
|
-
# +language+ | Required | The language of the custom signature. Possible values are `ruby` or `javascript`
|
50
|
-
#
|
51
|
-
# +regions+ | Required | Array of region names to run this custom signature against
|
39
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-run-new] for valid arguments
|
52
40
|
#
|
53
41
|
# ==== Example
|
54
42
|
# signature = "# Demo Ruby Signature\r\nconfigure do |c|\r\n # Set regions to run in. Remove this line to run in all regions.\r\n c.valid_regions = [:us_east_1]\r\n # Override region to display as global. Useful when checking resources\r\n # like IAM that do not have a specific region.\r\n c.display_as = :global\r\n # deep_inspection works with set_data to automically collect\r\n # data fields for each alert. Not required.\r\n c.deep_inspection = [:users]\r\nend\r\n\r\n# Required perform method\r\ndef perform(aws)\r\n list_users = aws.iam.list_users\r\n count = list_users[:users].count\r\n\r\n # Set data for deep_inspection to use\r\n set_data(list_users)\r\n\r\n if count == 0\r\n fail(user_count: count, condition: 'count == 0')\r\n else\r\n pass(user_count: count, condition: 'count >= 1')\r\n end\r\nend\r\n"
|
@@ -69,9 +57,7 @@ module ESP
|
|
69
57
|
#
|
70
58
|
# ===== Valid Arguments
|
71
59
|
#
|
72
|
-
#
|
73
|
-
#
|
74
|
-
# +regions+ | Required | Array of region names to run this custom signature against
|
60
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-run-existing] for valid arguments
|
75
61
|
#
|
76
62
|
# ==== Example
|
77
63
|
# custom_signature = ESP::CustomSignature.find(365)
|
@@ -93,9 +79,7 @@ module ESP
|
|
93
79
|
#
|
94
80
|
# ===== Valid Arguments
|
95
81
|
#
|
96
|
-
#
|
97
|
-
#
|
98
|
-
# +regions+ | Required | Array of region names to run this custom signature against
|
82
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-run-existing] for valid arguments
|
99
83
|
#
|
100
84
|
# ==== Example
|
101
85
|
# custom_signature = ESP::CustomSignature.find(365)
|
@@ -122,11 +106,7 @@ module ESP
|
|
122
106
|
#
|
123
107
|
# ===== Valid Arguments
|
124
108
|
#
|
125
|
-
#
|
126
|
-
#
|
127
|
-
# +external_account_ids+ | Required | An Array of the external accounts identified by +external_account_id+ to suppress the signature or custom signature on.
|
128
|
-
#
|
129
|
-
# +reason+ | Required | The reason for creating the suppression.
|
109
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#suppression-create] for valid arguments
|
130
110
|
#
|
131
111
|
# ==== Example
|
132
112
|
# suppress(regions: ['us_east_1'], external_account_ids: [5], reason: 'My very good reason for creating this suppression')
|
@@ -135,6 +115,20 @@ module ESP
|
|
135
115
|
ESP::Suppression::Signature.create(custom_signature_ids: [id], regions: Array(arguments[:regions]), external_account_ids: Array(arguments[:external_account_ids]), reason: arguments[:reason])
|
136
116
|
end
|
137
117
|
|
118
|
+
# :singleton-method: where
|
119
|
+
# Return a paginated CustomSignature list filtered by search parameters
|
120
|
+
#
|
121
|
+
# ==== Parameters
|
122
|
+
#
|
123
|
+
# +clauses+ | Hash of attributes with appended predicates to search, sort and include.
|
124
|
+
#
|
125
|
+
# ===== Valid Clauses
|
126
|
+
#
|
127
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-attributes] for valid arguments
|
128
|
+
#
|
129
|
+
# :call-seq:
|
130
|
+
# where(clauses = {})
|
131
|
+
|
138
132
|
##
|
139
133
|
# :singleton-method: find
|
140
134
|
# Find a CustomSignature by id
|
@@ -143,8 +137,18 @@ module ESP
|
|
143
137
|
#
|
144
138
|
# +id+ | Required | The ID of the custom signature to retrieve
|
145
139
|
#
|
140
|
+
# +options+ | Optional | A hash of options
|
141
|
+
#
|
142
|
+
# ===== Valid Options
|
143
|
+
#
|
144
|
+
# +include+ | The list of associated objects to return on the initial request.
|
145
|
+
#
|
146
|
+
# ===== Valid Includable Associations
|
147
|
+
#
|
148
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-attributes] for valid arguments
|
149
|
+
#
|
146
150
|
# :call-seq:
|
147
|
-
# find(id)
|
151
|
+
# find(id, options = {})
|
148
152
|
|
149
153
|
# :singleton-method: all
|
150
154
|
# Return a paginated CustomSignature list
|
@@ -160,21 +164,7 @@ module ESP
|
|
160
164
|
#
|
161
165
|
# ===== Valid Attributes
|
162
166
|
#
|
163
|
-
#
|
164
|
-
#
|
165
|
-
# +description+ | Not Required | The description of the custom signature that is displayed on alerts
|
166
|
-
#
|
167
|
-
# +identifier+ | Required | The identifier to use for the custom signature. Common format is AWS:<Service>-<Number> such as AWS:IAM-001
|
168
|
-
#
|
169
|
-
# +language+ | Required | The language of the custom signature. Possible values are `ruby` or `javascript`
|
170
|
-
#
|
171
|
-
# +name+ | Required | The name of the custom signature
|
172
|
-
#
|
173
|
-
# +resolution+ | Not Required | Details for how to resolve this custom signature that is displayed on alerts
|
174
|
-
#
|
175
|
-
# +risk_level+ | Required | The risk-level of the problem identified by the custom signature
|
176
|
-
#
|
177
|
-
# +signature+ | Required | The code for this custom signature
|
167
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-create] for valid arguments
|
178
168
|
#
|
179
169
|
# ==== Example
|
180
170
|
#
|
@@ -186,21 +176,7 @@ module ESP
|
|
186
176
|
#
|
187
177
|
# ===== Valid Attributes
|
188
178
|
#
|
189
|
-
#
|
190
|
-
#
|
191
|
-
# +description+ | Not Required | The description of the custom signature that is displayed on alerts
|
192
|
-
#
|
193
|
-
# +identifier+ | Required | The identifier to use for the custom signature. Common format is AWS:<Service>-<Number> such as AWS:IAM-001
|
194
|
-
#
|
195
|
-
# +language+ | Required | The language of the custom signature. Possible values are `ruby` or `javascript`
|
196
|
-
#
|
197
|
-
# +name+ | Required | The name of the custom signature
|
198
|
-
#
|
199
|
-
# +resolution+ | Not Required | Details for how to resolve this custom signature that is displayed on alerts
|
200
|
-
#
|
201
|
-
# +risk_level+ | Required | The risk-level of the problem identified by the custom signature
|
202
|
-
#
|
203
|
-
# +signature+ | Required | The code for this custom signature
|
179
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#custom-signature-create] for valid arguments
|
204
180
|
#
|
205
181
|
# ==== Example
|
206
182
|
#
|
@@ -4,7 +4,14 @@ module ESP
|
|
4
4
|
#
|
5
5
|
# Regular ARELlike methods are disabled.
|
6
6
|
def self.find(*)
|
7
|
-
fail ESP::NotImplementedError, 'Regular ARELlike methods are disabled. Use
|
7
|
+
fail ESP::NotImplementedError, 'Regular ARELlike methods are disabled. Use the .recent method.'
|
8
|
+
end
|
9
|
+
|
10
|
+
# Not Implemented. You cannot search for Suppression::Region.
|
11
|
+
#
|
12
|
+
# Regular ARELlike methods are disabled.
|
13
|
+
def self.where(*)
|
14
|
+
fail ESP::NotImplementedError, 'Regular ARELlike methods are disabled. Use the .recent method.'
|
8
15
|
end
|
9
16
|
|
10
17
|
# Not Implemented. You cannot create or update a Dashboard.
|
@@ -24,6 +24,20 @@ module ESP
|
|
24
24
|
super
|
25
25
|
end
|
26
26
|
|
27
|
+
# :singleton-method: where
|
28
|
+
# Return a paginated ExternalAccount list filtered by search parameters
|
29
|
+
#
|
30
|
+
# ==== Parameters
|
31
|
+
#
|
32
|
+
# +clauses+ | Hash of attributes with appended predicates to search, sort and include.
|
33
|
+
#
|
34
|
+
# ===== Valid Clauses
|
35
|
+
#
|
36
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#external-account-attributes] for valid arguments
|
37
|
+
#
|
38
|
+
# :call-seq:
|
39
|
+
# where(clauses = {})
|
40
|
+
|
27
41
|
##
|
28
42
|
# :singleton-method: find
|
29
43
|
# Find an ExternalAccount by id
|
@@ -32,8 +46,18 @@ module ESP
|
|
32
46
|
#
|
33
47
|
# +id+ | Required | The ID of the external account to retrieve
|
34
48
|
#
|
49
|
+
# +options+ | Optional | A hash of options
|
50
|
+
#
|
51
|
+
# ===== Valid Options
|
52
|
+
#
|
53
|
+
# +include+ | The list of associated objects to return on the initial request.
|
54
|
+
#
|
55
|
+
# ===== Valid Includable Associations
|
56
|
+
#
|
57
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#external-account-attributes] for valid arguments
|
58
|
+
#
|
35
59
|
# :call-seq:
|
36
|
-
# find(id)
|
60
|
+
# find(id, options = {})
|
37
61
|
|
38
62
|
# :singleton-method: all
|
39
63
|
# Return a paginated CustomSignature list
|
@@ -49,15 +73,7 @@ module ESP
|
|
49
73
|
#
|
50
74
|
# ===== Valid Attributes
|
51
75
|
#
|
52
|
-
#
|
53
|
-
#
|
54
|
-
# +external_id+ | Required | External identifier set on the role. This will be set by calling #generate_external_id if not already set.
|
55
|
-
#
|
56
|
-
# +name+ | Not Required | The name for this external account
|
57
|
-
#
|
58
|
-
# +sub_organization_id+ | Required | The ID of the sub organization the external account will belong to
|
59
|
-
#
|
60
|
-
# +team_id+ | Required | The ID of the team the external account will belong to
|
76
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#external-account-create] for valid arguments
|
61
77
|
#
|
62
78
|
# ==== Example
|
63
79
|
#
|
@@ -68,15 +84,7 @@ module ESP
|
|
68
84
|
#
|
69
85
|
# ===== Valid Attributes
|
70
86
|
#
|
71
|
-
#
|
72
|
-
#
|
73
|
-
# +external_id+ | Required | External identifier set on the role. This will be set by calling #generate_external_id if not already set.
|
74
|
-
#
|
75
|
-
# +name+ | Not Required | The name for this external account
|
76
|
-
#
|
77
|
-
# +sub_organization_id+ | Required | The ID of the sub organization the external account will belong to
|
78
|
-
#
|
79
|
-
# +team_id+ | Required | The ID of the team the external account will belong to
|
87
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#external-account-create] for valid arguments
|
80
88
|
#
|
81
89
|
# ==== Example
|
82
90
|
#
|
@@ -34,6 +34,20 @@ module ESP
|
|
34
34
|
fail ESP::NotImplementedError
|
35
35
|
end
|
36
36
|
|
37
|
+
# :singleton-method: where
|
38
|
+
# Return a paginated Organization list filtered by search parameters
|
39
|
+
#
|
40
|
+
# ==== Parameters
|
41
|
+
#
|
42
|
+
# +clauses+ | Hash of attributes with appended predicates to search, sort and include.
|
43
|
+
#
|
44
|
+
# ===== Valid Clauses
|
45
|
+
#
|
46
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#organization-attributes] for valid arguments
|
47
|
+
#
|
48
|
+
# :call-seq:
|
49
|
+
# where(clauses = {})
|
50
|
+
|
37
51
|
##
|
38
52
|
# :singleton-method: find
|
39
53
|
# Find a Organization by id
|
@@ -42,8 +56,18 @@ module ESP
|
|
42
56
|
#
|
43
57
|
# +id+ | Required | The ID of the organization to retrieve
|
44
58
|
#
|
59
|
+
# +options+ | Optional | A hash of options
|
60
|
+
#
|
61
|
+
# ===== Valid Options
|
62
|
+
#
|
63
|
+
# +include+ | The list of associated objects to return on the initial request.
|
64
|
+
#
|
65
|
+
# ===== Valid Includable Associations
|
66
|
+
#
|
67
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#organization-attributes] for valid arguments
|
68
|
+
#
|
45
69
|
# :call-seq:
|
46
|
-
# find(id)
|
70
|
+
# find(id, options = {})
|
47
71
|
|
48
72
|
# :singleton-method: all
|
49
73
|
# Return a paginated Organization list
|
@@ -54,8 +78,8 @@ module ESP
|
|
54
78
|
# :method: save
|
55
79
|
# Update an Organization.
|
56
80
|
#
|
57
|
-
#
|
81
|
+
# ===== Valid Attributes
|
58
82
|
#
|
59
|
-
#
|
83
|
+
# See {API documentation}[http://api-docs.evident.io?ruby#organization-update] for valid arguments
|
60
84
|
end
|
61
85
|
end
|