sport_ngin_aws_auditor 4.2.1 → 4.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.ruby-version +1 -1
- data/CHANGELOG.markdown +9 -0
- data/lib/sport_ngin_aws_auditor/audit_data.rb +1 -1
- data/lib/sport_ngin_aws_auditor/instance_helper.rb +29 -6
- data/lib/sport_ngin_aws_auditor/rds_instance.rb +14 -14
- data/lib/sport_ngin_aws_auditor/scripts/audit.rb +11 -12
- data/lib/sport_ngin_aws_auditor/version.rb +1 -1
- data/spec/sport_ngin_aws_auditor/instance_helper_spec.rb +2 -2
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 77f4a4a6712086ccf4206ba4477e49aa2723b099031b33f94b3f9b7e4e043575
|
|
4
|
+
data.tar.gz: 52c30f9db578a364389d5f7890a8733e9f813f96db844cec0ce6f354bee43dcd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0e9b82ba9bde5c9d3c4accb58016ad85903e0cca91fb746f17db2edf5b21aeeb9f4ce7776c70ee49f5b3a201f8626266e9a51506cf1b45e8c0ca97687dc4a103
|
|
7
|
+
data.tar.gz: 54371f74e22edb4e546df3b79cb886b625a5fd18e7aafcff0741f0192621f9c1c59532f26badb99150c56d2bfdb9695242e6991990a257f25cdde5a3926bc884
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
ruby-2.2.
|
|
1
|
+
ruby-2.2.7
|
data/CHANGELOG.markdown
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
#### v4.3.0
|
|
2
|
+
* Compare platforms of RDS and EC2 instances correctly
|
|
3
|
+
|
|
4
|
+
> Emma Sax: Unknown User: https://github.com/sportngin/sport_ngin_aws_auditor/pull/43
|
|
5
|
+
|
|
6
|
+
* Have auditor check all regions, not just U.S. regions
|
|
7
|
+
|
|
8
|
+
> Emma Sax: Unknown User: https://github.com/sportngin/sport_ngin_aws_auditor/pull/42
|
|
9
|
+
|
|
1
10
|
#### v4.2.1
|
|
2
11
|
* Only give the name 'VPC' to an instance if the account supports EC2 Classic
|
|
3
12
|
|
|
@@ -65,7 +65,7 @@ module SportNginAwsAuditor
|
|
|
65
65
|
def gather_all_data
|
|
66
66
|
instances = self.klass.get_instances(self.client, tag_name)
|
|
67
67
|
retired_tags = self.klass.get_retired_tags(instances)
|
|
68
|
-
instance_hash = self.klass.compare(instances, ignore_instances_regexes, self.client)
|
|
68
|
+
instance_hash = self.klass.compare(instances, ignore_instances_regexes, self.client, self.klass)
|
|
69
69
|
retired_ris = self.klass.get_recent_retired_reserved_instances(self.client)
|
|
70
70
|
|
|
71
71
|
return instance_hash, retired_tags, retired_ris
|
|
@@ -24,7 +24,7 @@ module SportNginAwsAuditor
|
|
|
24
24
|
instance_hash
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
-
def add_region_ris_to_hash(ris_region, differences)
|
|
27
|
+
def add_region_ris_to_hash(ris_region, differences, klass)
|
|
28
28
|
ris_region.each do |ri|
|
|
29
29
|
differences.each do |key, value|
|
|
30
30
|
# if key = 'Linux VPC us-east-1a t2.medium'...
|
|
@@ -38,7 +38,9 @@ module SportNginAwsAuditor
|
|
|
38
38
|
size = my_match[2] if my_match
|
|
39
39
|
size[0] = ''
|
|
40
40
|
|
|
41
|
-
if (platform
|
|
41
|
+
if compare_platforms_based_on_klass(klass, platform, ri.platform) &&
|
|
42
|
+
(size == ri.instance_type) &&
|
|
43
|
+
(value[:count] < 0)
|
|
42
44
|
until (ri.count == 0) || (value[:count] == 0)
|
|
43
45
|
value[:count] = value[:count] + 1
|
|
44
46
|
ri.count = ri.count - 1
|
|
@@ -117,18 +119,18 @@ module SportNginAwsAuditor
|
|
|
117
119
|
differences
|
|
118
120
|
end
|
|
119
121
|
|
|
120
|
-
def add_additional_data(ris_region, instances_with_tag, ignored_instances, differences)
|
|
121
|
-
add_region_ris_to_hash(ris_region, differences)
|
|
122
|
+
def add_additional_data(ris_region, instances_with_tag, ignored_instances, differences, klass)
|
|
123
|
+
add_region_ris_to_hash(ris_region, differences, klass)
|
|
122
124
|
add_additional_instances_to_hash(instances_with_tag, differences, " with tag (")
|
|
123
125
|
add_additional_instances_to_hash(ignored_instances, differences, " ignored (")
|
|
124
126
|
return differences
|
|
125
127
|
end
|
|
126
128
|
|
|
127
|
-
def compare(instances, ignore_instances_regexes, client)
|
|
129
|
+
def compare(instances, ignore_instances_regexes, client, klass)
|
|
128
130
|
ignored_instances, instances_with_tag, instance_hash = sort_through_instances(instances, ignore_instances_regexes)
|
|
129
131
|
ris_region, ris_hash = sort_through_RIs(client)
|
|
130
132
|
differences = measure_differences(instance_hash, ris_hash)
|
|
131
|
-
add_additional_data(ris_region, instances_with_tag, ignored_instances, differences)
|
|
133
|
+
add_additional_data(ris_region, instances_with_tag, ignored_instances, differences, klass)
|
|
132
134
|
differences
|
|
133
135
|
end
|
|
134
136
|
|
|
@@ -203,5 +205,26 @@ module SportNginAwsAuditor
|
|
|
203
205
|
end
|
|
204
206
|
value
|
|
205
207
|
end
|
|
208
|
+
|
|
209
|
+
#################### HELPER METHODS ####################
|
|
210
|
+
|
|
211
|
+
# If the klass is EC2, then just make sure the instance platform includes the RI platform because
|
|
212
|
+
# classic RIs (non-VPC) are used on any instance.
|
|
213
|
+
#
|
|
214
|
+
# Instance | RI | Used?
|
|
215
|
+
# ----------|-----------|------
|
|
216
|
+
# Linux | Linux | Yes
|
|
217
|
+
# Linux | Linux VPC | No
|
|
218
|
+
# Linux VPC | Linux | Yes
|
|
219
|
+
# Linux VPC | Linux VPC | Yes
|
|
220
|
+
#
|
|
221
|
+
# If the klass is not EC2, then the platforms must match as normal.
|
|
222
|
+
def compare_platforms_based_on_klass(klass, platform, ri_platform)
|
|
223
|
+
if klass =~ /EC2/
|
|
224
|
+
platform.include?(ri_platform)
|
|
225
|
+
else
|
|
226
|
+
platform == ri_platform
|
|
227
|
+
end
|
|
228
|
+
end
|
|
206
229
|
end
|
|
207
230
|
end
|
|
@@ -74,30 +74,30 @@ module SportNginAwsAuditor
|
|
|
74
74
|
|
|
75
75
|
# Generates a name based on the RDS engine or product description
|
|
76
76
|
def engine_helper(engine)
|
|
77
|
-
case
|
|
78
|
-
when 'aurora'
|
|
77
|
+
case
|
|
78
|
+
when engine.downcase.include?('aurora')
|
|
79
79
|
'Aurora'
|
|
80
|
-
when 'mariadb'
|
|
80
|
+
when engine.downcase.include?('mariadb')
|
|
81
81
|
'MariaDB'
|
|
82
|
-
when 'mysql'
|
|
82
|
+
when engine.downcase.include?('mysql')
|
|
83
83
|
'MySQL'
|
|
84
|
-
when 'oracle-ee'
|
|
84
|
+
when engine.downcase.include?('oracle-ee')
|
|
85
85
|
'Oracle EE'
|
|
86
|
-
when 'oracle-
|
|
87
|
-
'Oracle SE'
|
|
88
|
-
when 'oracle-se1', 'oracle-se1(li)'
|
|
86
|
+
when engine.downcase.include?('oracle-se1')
|
|
89
87
|
'Oracle SE One'
|
|
90
|
-
when 'oracle-se2'
|
|
88
|
+
when engine.downcase.include?('oracle-se2')
|
|
91
89
|
'Oracle SE Two'
|
|
92
|
-
when '
|
|
90
|
+
when engine.downcase.include?('oracle-se')
|
|
91
|
+
'Oracle SE'
|
|
92
|
+
when engine.downcase.include?('postgres')
|
|
93
93
|
'PostgreSQL'
|
|
94
|
-
when 'sqlserver-ee'
|
|
94
|
+
when engine.downcase.include?('sqlserver-ee')
|
|
95
95
|
'SQL Server EE'
|
|
96
|
-
when 'sqlserver-ex'
|
|
96
|
+
when engine.downcase.include?('sqlserver-ex')
|
|
97
97
|
'SQL Server EX'
|
|
98
|
-
when 'sqlserver-se'
|
|
98
|
+
when engine.downcase.include?('sqlserver-se')
|
|
99
99
|
'SQL Server SE'
|
|
100
|
-
when 'sqlserver-web'
|
|
100
|
+
when engine.downcase.include?('sqlserver-web')
|
|
101
101
|
'SQL Server Web'
|
|
102
102
|
else
|
|
103
103
|
'Unknown DB Engine'
|
|
@@ -78,20 +78,20 @@ module SportNginAwsAuditor
|
|
|
78
78
|
|
|
79
79
|
def self.say_instances
|
|
80
80
|
@audit_results.data.each do |instance|
|
|
81
|
-
|
|
81
|
+
name_type = instance.type
|
|
82
82
|
count = instance.count
|
|
83
83
|
color, rgb, prefix = color_chooser({:instance => instance, :retired_ri => false, :retired_tag => false})
|
|
84
84
|
|
|
85
85
|
if instance.tagged?
|
|
86
86
|
if instance.reason
|
|
87
|
-
description = "#{prefix} #{
|
|
87
|
+
description = "#{prefix} #{name_type}: (expiring on #{instance.tag_value} because #{instance.reason})\n"
|
|
88
88
|
else
|
|
89
|
-
description = "#{prefix} #{
|
|
89
|
+
description = "#{prefix} #{name_type}: (expiring on #{instance.tag_value})\n"
|
|
90
90
|
end
|
|
91
91
|
elsif instance.ignored?
|
|
92
|
-
description = "#{prefix} #{
|
|
92
|
+
description = "#{prefix} #{name_type}\n"
|
|
93
93
|
else
|
|
94
|
-
description = "#{prefix} #{
|
|
94
|
+
description = "#{prefix} #{name_type}: #{count}\n"
|
|
95
95
|
end
|
|
96
96
|
|
|
97
97
|
@message << description.colorize(:color => color)
|
|
@@ -159,20 +159,20 @@ module SportNginAwsAuditor
|
|
|
159
159
|
@slack_message.attachments.push({"color" => "#32CD32", "text" => "All RIs are properly matched here!", "mrkdwn_in" => ["text"]})
|
|
160
160
|
else
|
|
161
161
|
data_array.each do |instance|
|
|
162
|
-
|
|
162
|
+
name_type = instance.type
|
|
163
163
|
count = instance.count
|
|
164
164
|
color, rgb, prefix = color_chooser({:instance => instance, :retired_ri => false, :retired_tag => false})
|
|
165
165
|
|
|
166
166
|
if instance.tagged?
|
|
167
167
|
if instance.reason
|
|
168
|
-
text = "#{prefix} #{
|
|
168
|
+
text = "#{prefix} #{name_type}: (expiring on #{instance.tag_value} because #{instance.reason})"
|
|
169
169
|
else
|
|
170
|
-
text = "#{prefix} #{
|
|
170
|
+
text = "#{prefix} #{name_type}: (expiring on #{instance.tag_value})"
|
|
171
171
|
end
|
|
172
172
|
elsif instance.ignored?
|
|
173
|
-
text = "#{prefix} #{
|
|
173
|
+
text = "#{prefix} #{name_type}"
|
|
174
174
|
else
|
|
175
|
-
text = "#{prefix} #{
|
|
175
|
+
text = "#{prefix} #{name_type}: #{count}"
|
|
176
176
|
end
|
|
177
177
|
|
|
178
178
|
@slack_message.attachments.push({"color" => rgb, "text" => text, "mrkdwn_in" => ["text"]})
|
|
@@ -228,8 +228,7 @@ module SportNginAwsAuditor
|
|
|
228
228
|
|
|
229
229
|
def self.gather_regions
|
|
230
230
|
regions = AWS.ec2.describe_regions[:regions]
|
|
231
|
-
|
|
232
|
-
us_regions.collect { |r| r.region_name }
|
|
231
|
+
regions.collect { |r| r.region_name }
|
|
233
232
|
end
|
|
234
233
|
|
|
235
234
|
def self.collect_options(environment, options, global_options)
|
|
@@ -135,7 +135,7 @@ module SportNginAwsAuditor
|
|
|
135
135
|
ris_count = ris.has_key?(key) ? ris[key][:count] : 0
|
|
136
136
|
differences[key] = {count: ris_count - instance_count, region_based: false}
|
|
137
137
|
end
|
|
138
|
-
result = klass.add_region_ris_to_hash(@region_reserved_instances, differences)
|
|
138
|
+
result = klass.add_region_ris_to_hash(@region_reserved_instances, differences, "EC2")
|
|
139
139
|
expect(differences).to eq({"Linux VPC us-east-1b t2.small"=>{count: 0, region_based: false}, "Windows us-east-1b t2.medium"=>{count: 0, region_based: false},
|
|
140
140
|
"Linux VPC t2.small" => {count: 2, region_based: true}, "Windows t2.medium" => {count: 4, region_based: true}})
|
|
141
141
|
end
|
|
@@ -147,7 +147,7 @@ module SportNginAwsAuditor
|
|
|
147
147
|
allow(@region_reserved_ec2_instance1).to receive(:count=)
|
|
148
148
|
allow(@region_reserved_ec2_instance2).to receive(:count=)
|
|
149
149
|
instance_hash = klass.instance_count_hash(@ec2_instances)
|
|
150
|
-
result = klass.add_region_ris_to_hash(@region_reserved_instances, instance_hash)
|
|
150
|
+
result = klass.add_region_ris_to_hash(@region_reserved_instances, instance_hash, "EC2")
|
|
151
151
|
expect(instance_hash).to eq({"Linux VPC us-east-1b t2.small"=>{count: 0, region_based: false}, "Windows us-east-1b t2.medium"=>{count: 5, region_based: false},
|
|
152
152
|
"Linux VPC t2.small" => {count: 2, region_based: true}, "Windows t2.medium" => {count: 4, region_based: true}})
|
|
153
153
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sport_ngin_aws_auditor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Elliot Hursh
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date:
|
|
13
|
+
date: 2018-06-12 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: aws-sdk
|
|
@@ -271,7 +271,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
271
271
|
version: '0'
|
|
272
272
|
requirements: []
|
|
273
273
|
rubyforge_project:
|
|
274
|
-
rubygems_version: 2.
|
|
274
|
+
rubygems_version: 2.7.5
|
|
275
275
|
signing_key:
|
|
276
276
|
specification_version: 4
|
|
277
277
|
summary: AWS configuration as code
|