outliers 0.3.1 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8130b824d6821946ba5d05a836e3232c030427f4
-  data.tar.gz: c8afbce03b925b289ec32f46a7370bc1134b743f
+  metadata.gz: cc2b914a568b6654d252e80ef96d0162c3536393
+  data.tar.gz: 626bcaff7440abf632528dfedb7343b11d7176bd
 SHA512:
-  metadata.gz: 5da1d78eecef950a795f1d06ca1f97fef7c260ffbec34b356e0b9728695ca1bb9bd46e5175186408682c0d12a75b7d6e5faa0ca867b434b59a3679492b9265e2
-  data.tar.gz: b1468e505bd7edca7a87f10be45fc823c3e647ae5686dbcdae2dca8b21e5b53dd94a3a3c1b37b9e7aa995c7c2db2832ab5025082737ef7e39d1c21398e93308a
+  metadata.gz: f93aedb4217b62eae64e9c3a29fed3f6cf24d7ec9504ab0dd463404eed9b90b09a1d74e2ee44b7449e96cf00ddd2a14a94c497d0e7a46eaccc76e022477f555d
+  data.tar.gz: be47e5e6bfa238b2863424316899c0b6c3670a601724ca2f305725234aa99e862e4170bfa62082d41109d40cec87c733d72ff05c27dc94808d05494a8ae6f641

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 ## HEAD
 
+## 0.3.2
+
+* Minor update to CLI help
+
 ## 0.3.1
 
 * Moved shared verification info to shared.yaml

data/README.md

@@ -2,16 +2,20 @@
 
 # Outliers
 
-Outliers is a framework for verifying configuration of resources.
+A framework to detect misconfigurations (Outliers).
 
 ## Overview
 
-* Applications and teams rely on multiple service providers (AWS, etc).
-* Providers deliver like resources with complex configuration (EC2 Instances, S3 Buckets, etc).
-* Resource configuration can be verified (launched from given AMI, contain private objects, etc).
-* Resources can be targeted or excluded by their ID (Instance ID, Object Key, etc).
-* Resources can be targeted or excluded by matching a filter (Instance has tag 'x' with value 'y').
-* Those not passing verifications, are flagged as Outliers.
+To detect misconfigurations at scale, Outliers provides a framework for performing complex evaluations:
+
+* Applications rely on **resources** delivered from multiple **providers** (EC2, S3, etc).
+* Resource configuration can be evaluated against specific **verifications**  (Instance launched from given AMI, S3 bucket contains no public objects, etc).
+* Verifications can be performed against a subset of resources based on a **filter**.
+* Those not passing verification, are flagged as Outliers.
+
+Evalutions are read from from files ending with **.rb** within a target directory.
+
+Multiple evaluations can be specified in a file, with multiple files in directory.
 
 ## Requirements
 
@@ -23,44 +27,27 @@ Install the gem:
 
     gem install outliers
 
-## Setup
-
-**Currently Outliers only supports AWS**
+## Getting Started
 
 Create **~/outliers.yml** with a list of credentials in the following format:
 
     credential_name:
-      key1: value1
-      key2: value2
-
-Multiple accounts can be specified, to add a prod and preprod AWS account:
+      region: AWS_REGION
+      access_key_id: AWS_ACCESS_ID
+      secret_access_key: AWS_SECRET_KEY
 
-    aws_pre_prod:
-      region: us-east-1
-      access_key_id: YYY
-      secret_access_key: XXX
+For example:
 
     aws_prod:
       region: us-east-1
-      access_key_id: AAA
-      secret_access_key: BBB
-
-Depending on the provider, different keys and values are required.
+      access_key_id: abcd1234abcd1234abcd
+      secret_access_key: abcd1234abcd1234abcdabcd1234abcd1234abcd
 
-## Usage
+Outliers provides a DSL which can be used to build up a comprehensive list of evaluations. Create a directory to store your evaluations. 
 
-Outlier's DSL can be used to build up comprehensive list of verifications for a project or application.
+    mkdir ~/outliers
 
-* Create a directory to store your evaluations. 
-* Evalutions are read from from files within the directory.
-* All files ending in **.rb** will be processed.
-* Each file can have one or more evaluation blocks. 
-
-To process a directory:
-
-    outliers process -d /home/user/outliers
-
-To verify all instances are in a VPC, create the file **ec2.rb** and add the following block:
+To verify all instances are in a VPC, create a file **ec2.rb** in **~/outliers** containing:
 
     evaluate do
       connect 'aws_prod', provider: 'aws_ec2'
@@ -68,104 +55,34 @@ To verify all instances are in a VPC, create the file **ec2.rb** and add the fol
       verify 'vpc'
     end
 
-Files can have multiple evaluations, to add a validation that overrides the region:
+Run outliers against the directory:
 
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2'
-      resources 'instance'
-      verify 'vpc'
-    end
-
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2', region: 'us-west-1'
-      resources 'instance'
-      verify 'vpc'
-    end
-
-The DSL supports any valid Ruby code. To iterate over multiple regions:
+    outliers process -d ~/outliers
 
-    ['us-west-1', 'us-west-2', 'us-east-1'].each do |region|
-      evaluate do
-        connect 'aws_prod', provider: 'aws_ec2', region: region
-        resources 'instance'
-        verify 'vpc'
-      end
-    end
-
-Evaluations can run multiple verifications. To validate instances are in a VPC, running and using a valid image:
-
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2', region: 'us-west-1'
-      resources 'instance'
-      verify 'vpc'
-      verify 'running'
-      verify 'valid_image_id', image_ids: ['ami-12345678','ami-87654321']
-    end
+Sample Output:
 
-Evaluations can be given names to help identify Outliers in results.
+    I, [2013-09-24T09:42:39.925400 #4940]  INFO -- : Processing '~/outliers/ec2.rb'.
+    I, [2013-09-24T09:42:39.925657 #4940]  INFO -- : Connecting via 'aws_prod' to 'aws_ec2'.
+    I, [2013-09-24T09:42:39.925703 #4940]  INFO -- : Including connection options 'provider=aws_ec2,region=us-east-1'.
+    I, [2013-09-24T09:42:39.928945 #4940]  INFO -- : Loading 'instance' resource collection.
+    D, [2013-09-24T09:42:39.929015 #4940] DEBUG -- : Connecting to region 'us-east-1'.
+    I, [2013-09-24T09:42:41.192295 #4940]  INFO -- : Verifying 'vpc?'.
+    D, [2013-09-24T09:42:41.192498 #4940] DEBUG -- : Target resources 'i-abcd0001, i-abcd0002, i-abcd0003, i-abcd0004'.
+    D, [2013-09-24T09:42:41.476478 #4940] DEBUG -- : Verification of resource 'i-abcd0001' passed.
+    D, [2013-09-24T09:42:42.025429 #4940] DEBUG -- : Verification of resource 'i-abcd0002' passed.
+    D, [2013-09-24T09:42:42.278990 #4940] DEBUG -- : Verification of resource 'i-abcd0003' passed.
+    D, [2013-09-24T09:42:44.803911 #4940] DEBUG -- : Verification of resource 'i-abcd0004' passed.
+    I, [2013-09-24T09:42:44.804036 #4940]  INFO -- : Verification 'vpc?' passed.
+    I, [2013-09-24T09:42:44.804147 #4940]  INFO -- : Evaluations completed.
+    I, [2013-09-24T09:42:44.804211 #4940]  INFO -- : (0 evaluations failed, 1 evaluations passed.)
 
-    evaluate "validate_database_retention_period" do
-      connect 'aws_prod', provider: 'aws_rds', region: 'us-west-1'
-      resources 'db_instance'
-      verify 'backup_retention_period', days: 2
-    end
-
-To pass arguments to a verification:
-
-    evaluate do
-      connect 'aws_prod', provider: 'aws_rds', region: 'us-west-1'
-      resources 'db_instance'
-      verify 'backup_retention_period', days: 2
-    end
-
-To pass multiple arguments, specify them as an array:
-
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2', region: 'us-west-1'
-      resources 'instance'
-      verify 'valid_image_id', image_ids: ['ami-12345678','ami-87654321']
-    end
-
-To only target a specific resource:
-
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2', region: 'us-west-1'
-      resources 'instance', 'i-12345678'
-      verify 'valid_image_id', image_ids: ['ami-12345678','ami-87654321']
-    end
-
-To target multiple resources, you can pass an array:
-
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2', region: 'us-west-1'
-      resources 'instance', ['i-12345678', 'i-abcdef12']
-      verify 'valid_image_id', image_ids: ['ami-12345678','ami-87654321']
-    end
-
-Sometimes you want to exclude resources that are known exceptions, to exclude an instance from the VPC validation:
-
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2', region: 'us-west-1'
-      resources 'instance'
-      exclude 'i-12345678'
-      verify 'valid_image_id', image_ids: ['ami-12345678','ami-87654321']
-    end
-
-Resources have attributes which can be used to filter target resources.
+* Resources can be targeted or excluded by their ID (EC2 Instance ID, S3 Object Key, etc).
+* Resources can be targeted or excluded by matching a filter (Instance has tag 'x' with value 'y').
 
-To filter instances who have tag 'Name' equal to 'web'.
+## Examples
 
-    evaluate do
-      connect 'aws_prod', provider: 'aws_ec2', region: 'us-west-1'
-      resources 'instance'
-      filter tag: 'Name:web'
-      verify 'valid_image_id', image_ids: ['ami-12345678','ami-87654321']
-    end
+See [examples](http://brettweavnet.github.io/outliers/examples) for a list of more advanced evaluations.
 
-## Contributing
+## References
 
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
+See the [providers](http://brettweavnet.github.io/outliers/providers), [resources](http://brettweavnet.github.io/outliers/resources) and [filters](http://brettweavnet.github.io/outliers/filters) pages for additional documentation.

data/lib/outliers/cli.rb

@@ -31,6 +31,8 @@ module Outliers
       puts ''
       puts 'Append -h for help on specific subcommand.'
       puts ''
+      puts 'See http://brettweavnet.github.io/outliers for documentation.'
+      puts ''
 
       puts 'Commands:'
       commands.each do |cmd|

data/lib/outliers/version.rb

@@ -1,3 +1,3 @@
 module Outliers
-  VERSION = "0.3.1"
+  VERSION = "0.3.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: outliers
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Brett Weaver
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-09-24 00:00:00.000000000 Z
+date: 2013-09-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler