@gugananuvem/aws-local-simulator 1.0.31 → 1.0.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +834 -834
- package/aws-config +153 -153
- package/bin/aws-local-simulator.js +63 -63
- package/package.json +3 -2
- package/src/config/config-loader.js +114 -114
- package/src/config/default-config.js +79 -79
- package/src/config/env-loader.js +68 -68
- package/src/index.js +146 -146
- package/src/index.mjs +123 -123
- package/src/server.js +463 -463
- package/src/services/apigateway/index.js +75 -75
- package/src/services/apigateway/server.js +607 -607
- package/src/services/apigateway/simulator.js +1405 -1405
- package/src/services/athena/index.js +75 -75
- package/src/services/athena/server.js +101 -101
- package/src/services/athena/simulador.js +998 -998
- package/src/services/athena/simulator.js +346 -346
- package/src/services/cloudformation/index.js +106 -106
- package/src/services/cloudformation/server.js +417 -417
- package/src/services/cloudformation/simulador.js +1020 -1020
- package/src/services/cloudtrail/index.js +84 -84
- package/src/services/cloudtrail/server.js +235 -235
- package/src/services/cloudtrail/simulador.js +719 -719
- package/src/services/cloudwatch/index.js +84 -84
- package/src/services/cloudwatch/server.js +366 -366
- package/src/services/cloudwatch/simulador.js +1173 -1173
- package/src/services/cognito/index.js +79 -79
- package/src/services/cognito/server.js +297 -297
- package/src/services/cognito/simulator.js +1992 -1761
- package/src/services/config/index.js +96 -96
- package/src/services/config/server.js +215 -215
- package/src/services/config/simulador.js +1260 -1260
- package/src/services/dynamodb/index.js +74 -74
- package/src/services/dynamodb/server.js +139 -139
- package/src/services/dynamodb/simulator.js +1005 -982
- package/src/services/dynamodb/sqlite-store.js +722 -0
- package/src/services/ecs/index.js +65 -65
- package/src/services/ecs/server.js +235 -235
- package/src/services/ecs/simulator.js +844 -844
- package/src/services/eventbridge/index.js +89 -89
- package/src/services/eventbridge/server.js +209 -209
- package/src/services/eventbridge/simulator.js +684 -684
- package/src/services/index.js +45 -45
- package/src/services/kms/index.js +75 -75
- package/src/services/kms/server.js +81 -81
- package/src/services/kms/simulator.js +344 -344
- package/src/services/lambda/handler-loader.js +183 -183
- package/src/services/lambda/index.js +81 -81
- package/src/services/lambda/route-registry.js +274 -274
- package/src/services/lambda/server.js +191 -191
- package/src/services/lambda/simulator.js +364 -364
- package/src/services/parameter-store/index.js +80 -80
- package/src/services/parameter-store/server.js +50 -50
- package/src/services/parameter-store/simulator.js +201 -201
- package/src/services/s3/index.js +73 -73
- package/src/services/s3/server.js +350 -350
- package/src/services/s3/simulator.js +568 -568
- package/src/services/secret-manager/index.js +80 -80
- package/src/services/secret-manager/server.js +51 -51
- package/src/services/secret-manager/simulator.js +182 -182
- package/src/services/sns/index.js +89 -89
- package/src/services/sns/server.js +607 -607
- package/src/services/sns/simulator.js +1482 -1482
- package/src/services/sqs/index.js +98 -98
- package/src/services/sqs/server.js +360 -360
- package/src/services/sqs/simulator.js +509 -509
- package/src/services/sts/index.js +37 -37
- package/src/services/sts/server.js +144 -144
- package/src/services/sts/simulator.js +69 -69
- package/src/services/xray/index.js +83 -83
- package/src/services/xray/server.js +308 -308
- package/src/services/xray/simulador.js +994 -994
- package/src/template/aws-config-template.js +87 -87
- package/src/template/aws-config-template.mjs +90 -90
- package/src/template/config-template.json +203 -203
- package/src/utils/aws-config.js +91 -91
- package/src/utils/cloudtrail-audit.js +129 -129
- package/src/utils/local-store.js +83 -83
- package/src/utils/logger.js +59 -59
|
@@ -1,84 +1,84 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
/**
|
|
4
|
-
* @fileoverview CloudTrail Service
|
|
5
|
-
* Porta padrão: 4012
|
|
6
|
-
*/
|
|
7
|
-
|
|
8
|
-
const http = require('http');
|
|
9
|
-
const path = require('path');
|
|
10
|
-
const { CloudTrailSimulator } = require('./simulador');
|
|
11
|
-
const { createCloudTrailServer } = require('./server');
|
|
12
|
-
const LocalStore = require('../../utils/local-store');
|
|
13
|
-
|
|
14
|
-
class CloudTrailService {
|
|
15
|
-
constructor(config) {
|
|
16
|
-
this.config = config;
|
|
17
|
-
this.logger = require('../../utils/logger');
|
|
18
|
-
this.name = 'cloudtrail';
|
|
19
|
-
this.port = config?.ports?.cloudtrail || config?.services?.cloudtrail?.port || 4012;
|
|
20
|
-
this.store = null;
|
|
21
|
-
this.simulator = null;
|
|
22
|
-
this._server = null;
|
|
23
|
-
this.isRunning = false;
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
async initialize() {
|
|
27
|
-
this.logger.debug(`Inicializando CloudTrail Service na porta ${this.port}...`);
|
|
28
|
-
const dataDir = process.env.AWS_LOCAL_SIMULATOR_DATA_DIR;
|
|
29
|
-
this.store = new LocalStore(path.join(dataDir, 'cloudtrail'));
|
|
30
|
-
this.simulator = new CloudTrailSimulator(this.config, this.store, this.logger);
|
|
31
|
-
await this.simulator.load();
|
|
32
|
-
this.logger.debug('CloudTrail Service inicializado');
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
injectDependencies(server) {
|
|
36
|
-
if (!server) return;
|
|
37
|
-
const s3 = server.getService('s3');
|
|
38
|
-
if (s3?.simulator) this.simulator.s3Simulator = s3.simulator;
|
|
39
|
-
const cw = server.getService('cloudwatch');
|
|
40
|
-
if (cw?.simulator) this.simulator.cloudwatchSimulator = cw.simulator;
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
async start() {
|
|
44
|
-
if (this.isRunning) return;
|
|
45
|
-
const app = createCloudTrailServer(this.simulator, this.logger);
|
|
46
|
-
return new Promise((resolve, reject) => {
|
|
47
|
-
this._server = http.createServer(app);
|
|
48
|
-
this._server.listen(this.port, () => {
|
|
49
|
-
this.isRunning = true;
|
|
50
|
-
this.logger.debug(`CloudTrail rodando na porta ${this.port}`);
|
|
51
|
-
resolve();
|
|
52
|
-
});
|
|
53
|
-
this._server.on('error', reject);
|
|
54
|
-
});
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
async stop() {
|
|
58
|
-
if (!this.isRunning || !this._server) return;
|
|
59
|
-
return new Promise((resolve) => {
|
|
60
|
-
this._server.close(() => {
|
|
61
|
-
this.isRunning = false;
|
|
62
|
-
resolve();
|
|
63
|
-
});
|
|
64
|
-
});
|
|
65
|
-
}
|
|
66
|
-
|
|
67
|
-
async reset() {
|
|
68
|
-
this.simulator.reset();
|
|
69
|
-
await this.simulator.save();
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
getStatus() {
|
|
73
|
-
return {
|
|
74
|
-
running: this.isRunning,
|
|
75
|
-
port: this.port,
|
|
76
|
-
endpoint: `http://localhost:${this.port}`,
|
|
77
|
-
...this.simulator?.getStatus(),
|
|
78
|
-
};
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
getSimulator() { return this.simulator; }
|
|
82
|
-
}
|
|
83
|
-
|
|
84
|
-
module.exports = CloudTrailService;
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* @fileoverview CloudTrail Service
|
|
5
|
+
* Porta padrão: 4012
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
const http = require('http');
|
|
9
|
+
const path = require('path');
|
|
10
|
+
const { CloudTrailSimulator } = require('./simulador');
|
|
11
|
+
const { createCloudTrailServer } = require('./server');
|
|
12
|
+
const LocalStore = require('../../utils/local-store');
|
|
13
|
+
|
|
14
|
+
class CloudTrailService {
|
|
15
|
+
constructor(config) {
|
|
16
|
+
this.config = config;
|
|
17
|
+
this.logger = require('../../utils/logger');
|
|
18
|
+
this.name = 'cloudtrail';
|
|
19
|
+
this.port = config?.ports?.cloudtrail || config?.services?.cloudtrail?.port || 4012;
|
|
20
|
+
this.store = null;
|
|
21
|
+
this.simulator = null;
|
|
22
|
+
this._server = null;
|
|
23
|
+
this.isRunning = false;
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
async initialize() {
|
|
27
|
+
this.logger.debug(`Inicializando CloudTrail Service na porta ${this.port}...`);
|
|
28
|
+
const dataDir = process.env.AWS_LOCAL_SIMULATOR_DATA_DIR;
|
|
29
|
+
this.store = new LocalStore(path.join(dataDir, 'cloudtrail'));
|
|
30
|
+
this.simulator = new CloudTrailSimulator(this.config, this.store, this.logger);
|
|
31
|
+
await this.simulator.load();
|
|
32
|
+
this.logger.debug('CloudTrail Service inicializado');
|
|
33
|
+
}
|
|
34
|
+
|
|
35
|
+
injectDependencies(server) {
|
|
36
|
+
if (!server) return;
|
|
37
|
+
const s3 = server.getService('s3');
|
|
38
|
+
if (s3?.simulator) this.simulator.s3Simulator = s3.simulator;
|
|
39
|
+
const cw = server.getService('cloudwatch');
|
|
40
|
+
if (cw?.simulator) this.simulator.cloudwatchSimulator = cw.simulator;
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
async start() {
|
|
44
|
+
if (this.isRunning) return;
|
|
45
|
+
const app = createCloudTrailServer(this.simulator, this.logger);
|
|
46
|
+
return new Promise((resolve, reject) => {
|
|
47
|
+
this._server = http.createServer(app);
|
|
48
|
+
this._server.listen(this.port, () => {
|
|
49
|
+
this.isRunning = true;
|
|
50
|
+
this.logger.debug(`CloudTrail rodando na porta ${this.port}`);
|
|
51
|
+
resolve();
|
|
52
|
+
});
|
|
53
|
+
this._server.on('error', reject);
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
async stop() {
|
|
58
|
+
if (!this.isRunning || !this._server) return;
|
|
59
|
+
return new Promise((resolve) => {
|
|
60
|
+
this._server.close(() => {
|
|
61
|
+
this.isRunning = false;
|
|
62
|
+
resolve();
|
|
63
|
+
});
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
|
|
67
|
+
async reset() {
|
|
68
|
+
this.simulator.reset();
|
|
69
|
+
await this.simulator.save();
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
getStatus() {
|
|
73
|
+
return {
|
|
74
|
+
running: this.isRunning,
|
|
75
|
+
port: this.port,
|
|
76
|
+
endpoint: `http://localhost:${this.port}`,
|
|
77
|
+
...this.simulator?.getStatus(),
|
|
78
|
+
};
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
getSimulator() { return this.simulator; }
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
module.exports = CloudTrailService;
|
|
@@ -1,235 +1,235 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
/**
|
|
4
|
-
* @fileoverview CloudTrail HTTP Server
|
|
5
|
-
*
|
|
6
|
-
* Protocolo: JSON com header X-Amz-Target
|
|
7
|
-
* Compatível com @aws-sdk/client-cloudtrail (CloudTrailClient)
|
|
8
|
-
*
|
|
9
|
-
* Target prefix: com.amazonaws.cloudtrail.v20131101.CloudTrail_20131101
|
|
10
|
-
*
|
|
11
|
-
* Operações suportadas:
|
|
12
|
-
* - CreateTrail
|
|
13
|
-
* - UpdateTrail
|
|
14
|
-
* - DeleteTrail
|
|
15
|
-
* - DescribeTrails
|
|
16
|
-
* - GetTrail
|
|
17
|
-
* - GetTrailStatus
|
|
18
|
-
* - StartLogging
|
|
19
|
-
* - StopLogging
|
|
20
|
-
* - LookupEvents
|
|
21
|
-
* - GetEventSelectors
|
|
22
|
-
* - PutEventSelectors
|
|
23
|
-
* - AddTags
|
|
24
|
-
* - RemoveTags
|
|
25
|
-
* - ListTags
|
|
26
|
-
*
|
|
27
|
-
* Rotas admin:
|
|
28
|
-
* GET /__admin/trails - lista todos os trails
|
|
29
|
-
* GET /__admin/events - lista todos os eventos registrados
|
|
30
|
-
* POST /__admin/events/record - registra evento manualmente
|
|
31
|
-
* GET /__admin/health - health check
|
|
32
|
-
* POST /__admin/reset - reseta todos os dados
|
|
33
|
-
*
|
|
34
|
-
* Rota interna:
|
|
35
|
-
* POST /__internal/record-event - usada pelos outros serviços para registrar API calls
|
|
36
|
-
*/
|
|
37
|
-
|
|
38
|
-
const { CloudTrailSimulator } = require('./simulador');
|
|
39
|
-
|
|
40
|
-
function parseBody(req) {
|
|
41
|
-
return new Promise((resolve, reject) => {
|
|
42
|
-
let body = '';
|
|
43
|
-
req.on('data', chunk => (body += chunk.toString()));
|
|
44
|
-
req.on('end', () => {
|
|
45
|
-
try {
|
|
46
|
-
resolve(body ? JSON.parse(body) : {});
|
|
47
|
-
} catch {
|
|
48
|
-
resolve({});
|
|
49
|
-
}
|
|
50
|
-
});
|
|
51
|
-
req.on('error', reject);
|
|
52
|
-
});
|
|
53
|
-
}
|
|
54
|
-
|
|
55
|
-
function sendJson(res, statusCode, data) {
|
|
56
|
-
const body = JSON.stringify(data);
|
|
57
|
-
res.writeHead(statusCode, {
|
|
58
|
-
'Content-Type': 'application/x-amz-json-1.1',
|
|
59
|
-
'Content-Length': Buffer.byteLength(body),
|
|
60
|
-
'x-amzn-RequestId': require('crypto').randomUUID(),
|
|
61
|
-
});
|
|
62
|
-
res.end(body);
|
|
63
|
-
}
|
|
64
|
-
|
|
65
|
-
function sendError(res, err) {
|
|
66
|
-
const statusCode = err.statusCode || 400;
|
|
67
|
-
sendJson(res, statusCode, {
|
|
68
|
-
__type: err.code || 'ServiceException',
|
|
69
|
-
message: err.message,
|
|
70
|
-
});
|
|
71
|
-
}
|
|
72
|
-
|
|
73
|
-
// ─── Mapa de operações ────────────────────────────────────────────────────────
|
|
74
|
-
|
|
75
|
-
const OPERATION_MAP = {
|
|
76
|
-
// Trails
|
|
77
|
-
'CreateTrail': (sim, body) => sim.createTrail(body),
|
|
78
|
-
'UpdateTrail': (sim, body) => sim.updateTrail(body),
|
|
79
|
-
'DeleteTrail': (sim, body) => sim.deleteTrail(body),
|
|
80
|
-
'DescribeTrails': (sim, body) => sim.describeTrails(body),
|
|
81
|
-
'GetTrail': (sim, body) => sim.getTrail(body),
|
|
82
|
-
'GetTrailStatus': (sim, body) => sim.getTrailStatus(body),
|
|
83
|
-
'StartLogging': (sim, body) => sim.startLogging(body),
|
|
84
|
-
'StopLogging': (sim, body) => sim.stopLogging(body),
|
|
85
|
-
|
|
86
|
-
// Events
|
|
87
|
-
'LookupEvents': (sim, body) => sim.lookupEvents(body),
|
|
88
|
-
|
|
89
|
-
// Event selectors
|
|
90
|
-
'GetEventSelectors': (sim, body) => sim.getEventSelectors(body),
|
|
91
|
-
'PutEventSelectors': (sim, body) => sim.putEventSelectors(body),
|
|
92
|
-
|
|
93
|
-
// Tags
|
|
94
|
-
'AddTags': (sim, body) => sim.addTags(body),
|
|
95
|
-
'RemoveTags': (sim, body) => sim.removeTags(body),
|
|
96
|
-
'ListTags': (sim, body) => sim.listTags(body),
|
|
97
|
-
};
|
|
98
|
-
|
|
99
|
-
// ─── Extrai nome da operação do header X-Amz-Target ──────────────────────────
|
|
100
|
-
|
|
101
|
-
function extractOperation(target) {
|
|
102
|
-
if (!target) return null;
|
|
103
|
-
// Formato: com.amazonaws.cloudtrail.v20131101.CloudTrail_20131101.CreateTrail
|
|
104
|
-
const parts = target.split('.');
|
|
105
|
-
return parts[parts.length - 1];
|
|
106
|
-
}
|
|
107
|
-
|
|
108
|
-
// ─── Factory do servidor ──────────────────────────────────────────────────────
|
|
109
|
-
|
|
110
|
-
function createCloudTrailServer(simulator, logger) {
|
|
111
|
-
const http = require('http');
|
|
112
|
-
|
|
113
|
-
const server = http.createServer(async (req, res) => {
|
|
114
|
-
const { method, url } = req;
|
|
115
|
-
|
|
116
|
-
// ── CORS ────────────────────────────────────────────────────────────────
|
|
117
|
-
res.setHeader('Access-Control-Allow-Origin', '*');
|
|
118
|
-
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
|
|
119
|
-
res.setHeader('Access-Control-Allow-Headers', 'Content-Type, X-Amz-Target, Authorization, X-Amz-Date, X-Amz-Security-Token');
|
|
120
|
-
|
|
121
|
-
if (method === 'OPTIONS') {
|
|
122
|
-
res.writeHead(204);
|
|
123
|
-
res.end();
|
|
124
|
-
return;
|
|
125
|
-
}
|
|
126
|
-
|
|
127
|
-
// ── Admin routes ────────────────────────────────────────────────────────
|
|
128
|
-
if (url.startsWith('/__admin')) {
|
|
129
|
-
return handleAdmin(req, res, simulator, logger);
|
|
130
|
-
}
|
|
131
|
-
|
|
132
|
-
// ── Internal route (cross-service) ──────────────────────────────────────
|
|
133
|
-
if (url === '/__internal/record-event' && method === 'POST') {
|
|
134
|
-
const body = await parseBody(req);
|
|
135
|
-
try {
|
|
136
|
-
const event = simulator.recordEvent(body);
|
|
137
|
-
sendJson(res, 200, { event });
|
|
138
|
-
} catch (err) {
|
|
139
|
-
sendError(res, err);
|
|
140
|
-
}
|
|
141
|
-
return;
|
|
142
|
-
}
|
|
143
|
-
|
|
144
|
-
// ── AWS SDK v3 — X-Amz-Target ────────────────────────────────────────────
|
|
145
|
-
const target = req.headers['x-amz-target'] || '';
|
|
146
|
-
const operation = extractOperation(target);
|
|
147
|
-
|
|
148
|
-
if (!operation) {
|
|
149
|
-
sendJson(res, 400, {
|
|
150
|
-
__type: 'MissingAction',
|
|
151
|
-
message: 'Missing X-Amz-Target header',
|
|
152
|
-
});
|
|
153
|
-
return;
|
|
154
|
-
}
|
|
155
|
-
|
|
156
|
-
const handler = OPERATION_MAP[operation];
|
|
157
|
-
if (!handler) {
|
|
158
|
-
sendJson(res, 400, {
|
|
159
|
-
__type: 'InvalidAction',
|
|
160
|
-
message: `Operation not supported: ${operation}`,
|
|
161
|
-
});
|
|
162
|
-
return;
|
|
163
|
-
}
|
|
164
|
-
|
|
165
|
-
try {
|
|
166
|
-
const body = await parseBody(req);
|
|
167
|
-
logger.debug(`[CloudTrail] ${operation}`, body);
|
|
168
|
-
const result = await handler(simulator, body);
|
|
169
|
-
sendJson(res, 200, result || {});
|
|
170
|
-
} catch (err) {
|
|
171
|
-
logger.error(`[CloudTrail] ${operation} error:`, err.message);
|
|
172
|
-
sendError(res, err);
|
|
173
|
-
}
|
|
174
|
-
});
|
|
175
|
-
|
|
176
|
-
return server;
|
|
177
|
-
}
|
|
178
|
-
|
|
179
|
-
// ─── Admin handlers ───────────────────────────────────────────────────────────
|
|
180
|
-
|
|
181
|
-
async function handleAdmin(req, res, simulator, logger) {
|
|
182
|
-
const { method, url } = req;
|
|
183
|
-
const path = url.split('?')[0];
|
|
184
|
-
|
|
185
|
-
// GET /__admin/health
|
|
186
|
-
if (path === '/__admin/health' && method === 'GET') {
|
|
187
|
-
sendJson(res, 200, {
|
|
188
|
-
service: 'cloudtrail',
|
|
189
|
-
status: 'ok',
|
|
190
|
-
...simulator.getStatus(),
|
|
191
|
-
});
|
|
192
|
-
return;
|
|
193
|
-
}
|
|
194
|
-
|
|
195
|
-
// GET /__admin/trails
|
|
196
|
-
if (path === '/__admin/trails' && method === 'GET') {
|
|
197
|
-
const result = simulator.describeTrails({});
|
|
198
|
-
sendJson(res, 200, result);
|
|
199
|
-
return;
|
|
200
|
-
}
|
|
201
|
-
|
|
202
|
-
// GET /__admin/events
|
|
203
|
-
if (path === '/__admin/events' && method === 'GET') {
|
|
204
|
-
const urlObj = new URL(url, 'http://localhost');
|
|
205
|
-
const maxResults = parseInt(urlObj.searchParams.get('maxResults') || '50', 10);
|
|
206
|
-
const result = simulator.lookupEvents({ MaxResults: maxResults });
|
|
207
|
-
sendJson(res, 200, result);
|
|
208
|
-
return;
|
|
209
|
-
}
|
|
210
|
-
|
|
211
|
-
// POST /__admin/events/record
|
|
212
|
-
if (path === '/__admin/events/record' && method === 'POST') {
|
|
213
|
-
const body = await parseBody(req);
|
|
214
|
-
try {
|
|
215
|
-
const event = simulator.recordEvent(body);
|
|
216
|
-
sendJson(res, 200, { event });
|
|
217
|
-
} catch (err) {
|
|
218
|
-
sendError(res, err);
|
|
219
|
-
}
|
|
220
|
-
return;
|
|
221
|
-
}
|
|
222
|
-
|
|
223
|
-
// POST /__admin/reset
|
|
224
|
-
if (path === '/__admin/reset' && method === 'POST') {
|
|
225
|
-
simulator.reset();
|
|
226
|
-
await simulator.save();
|
|
227
|
-
logger.info('[CloudTrail] State reset via admin');
|
|
228
|
-
sendJson(res, 200, { message: 'CloudTrail state reset successfully' });
|
|
229
|
-
return;
|
|
230
|
-
}
|
|
231
|
-
|
|
232
|
-
sendJson(res, 404, { message: `Admin route not found: ${path}` });
|
|
233
|
-
}
|
|
234
|
-
|
|
235
|
-
module.exports = { createCloudTrailServer };
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* @fileoverview CloudTrail HTTP Server
|
|
5
|
+
*
|
|
6
|
+
* Protocolo: JSON com header X-Amz-Target
|
|
7
|
+
* Compatível com @aws-sdk/client-cloudtrail (CloudTrailClient)
|
|
8
|
+
*
|
|
9
|
+
* Target prefix: com.amazonaws.cloudtrail.v20131101.CloudTrail_20131101
|
|
10
|
+
*
|
|
11
|
+
* Operações suportadas:
|
|
12
|
+
* - CreateTrail
|
|
13
|
+
* - UpdateTrail
|
|
14
|
+
* - DeleteTrail
|
|
15
|
+
* - DescribeTrails
|
|
16
|
+
* - GetTrail
|
|
17
|
+
* - GetTrailStatus
|
|
18
|
+
* - StartLogging
|
|
19
|
+
* - StopLogging
|
|
20
|
+
* - LookupEvents
|
|
21
|
+
* - GetEventSelectors
|
|
22
|
+
* - PutEventSelectors
|
|
23
|
+
* - AddTags
|
|
24
|
+
* - RemoveTags
|
|
25
|
+
* - ListTags
|
|
26
|
+
*
|
|
27
|
+
* Rotas admin:
|
|
28
|
+
* GET /__admin/trails - lista todos os trails
|
|
29
|
+
* GET /__admin/events - lista todos os eventos registrados
|
|
30
|
+
* POST /__admin/events/record - registra evento manualmente
|
|
31
|
+
* GET /__admin/health - health check
|
|
32
|
+
* POST /__admin/reset - reseta todos os dados
|
|
33
|
+
*
|
|
34
|
+
* Rota interna:
|
|
35
|
+
* POST /__internal/record-event - usada pelos outros serviços para registrar API calls
|
|
36
|
+
*/
|
|
37
|
+
|
|
38
|
+
const { CloudTrailSimulator } = require('./simulador');
|
|
39
|
+
|
|
40
|
+
function parseBody(req) {
|
|
41
|
+
return new Promise((resolve, reject) => {
|
|
42
|
+
let body = '';
|
|
43
|
+
req.on('data', chunk => (body += chunk.toString()));
|
|
44
|
+
req.on('end', () => {
|
|
45
|
+
try {
|
|
46
|
+
resolve(body ? JSON.parse(body) : {});
|
|
47
|
+
} catch {
|
|
48
|
+
resolve({});
|
|
49
|
+
}
|
|
50
|
+
});
|
|
51
|
+
req.on('error', reject);
|
|
52
|
+
});
|
|
53
|
+
}
|
|
54
|
+
|
|
55
|
+
function sendJson(res, statusCode, data) {
|
|
56
|
+
const body = JSON.stringify(data);
|
|
57
|
+
res.writeHead(statusCode, {
|
|
58
|
+
'Content-Type': 'application/x-amz-json-1.1',
|
|
59
|
+
'Content-Length': Buffer.byteLength(body),
|
|
60
|
+
'x-amzn-RequestId': require('crypto').randomUUID(),
|
|
61
|
+
});
|
|
62
|
+
res.end(body);
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
function sendError(res, err) {
|
|
66
|
+
const statusCode = err.statusCode || 400;
|
|
67
|
+
sendJson(res, statusCode, {
|
|
68
|
+
__type: err.code || 'ServiceException',
|
|
69
|
+
message: err.message,
|
|
70
|
+
});
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
// ─── Mapa de operações ────────────────────────────────────────────────────────
|
|
74
|
+
|
|
75
|
+
const OPERATION_MAP = {
|
|
76
|
+
// Trails
|
|
77
|
+
'CreateTrail': (sim, body) => sim.createTrail(body),
|
|
78
|
+
'UpdateTrail': (sim, body) => sim.updateTrail(body),
|
|
79
|
+
'DeleteTrail': (sim, body) => sim.deleteTrail(body),
|
|
80
|
+
'DescribeTrails': (sim, body) => sim.describeTrails(body),
|
|
81
|
+
'GetTrail': (sim, body) => sim.getTrail(body),
|
|
82
|
+
'GetTrailStatus': (sim, body) => sim.getTrailStatus(body),
|
|
83
|
+
'StartLogging': (sim, body) => sim.startLogging(body),
|
|
84
|
+
'StopLogging': (sim, body) => sim.stopLogging(body),
|
|
85
|
+
|
|
86
|
+
// Events
|
|
87
|
+
'LookupEvents': (sim, body) => sim.lookupEvents(body),
|
|
88
|
+
|
|
89
|
+
// Event selectors
|
|
90
|
+
'GetEventSelectors': (sim, body) => sim.getEventSelectors(body),
|
|
91
|
+
'PutEventSelectors': (sim, body) => sim.putEventSelectors(body),
|
|
92
|
+
|
|
93
|
+
// Tags
|
|
94
|
+
'AddTags': (sim, body) => sim.addTags(body),
|
|
95
|
+
'RemoveTags': (sim, body) => sim.removeTags(body),
|
|
96
|
+
'ListTags': (sim, body) => sim.listTags(body),
|
|
97
|
+
};
|
|
98
|
+
|
|
99
|
+
// ─── Extrai nome da operação do header X-Amz-Target ──────────────────────────
|
|
100
|
+
|
|
101
|
+
function extractOperation(target) {
|
|
102
|
+
if (!target) return null;
|
|
103
|
+
// Formato: com.amazonaws.cloudtrail.v20131101.CloudTrail_20131101.CreateTrail
|
|
104
|
+
const parts = target.split('.');
|
|
105
|
+
return parts[parts.length - 1];
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
// ─── Factory do servidor ──────────────────────────────────────────────────────
|
|
109
|
+
|
|
110
|
+
function createCloudTrailServer(simulator, logger) {
|
|
111
|
+
const http = require('http');
|
|
112
|
+
|
|
113
|
+
const server = http.createServer(async (req, res) => {
|
|
114
|
+
const { method, url } = req;
|
|
115
|
+
|
|
116
|
+
// ── CORS ────────────────────────────────────────────────────────────────
|
|
117
|
+
res.setHeader('Access-Control-Allow-Origin', '*');
|
|
118
|
+
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
|
|
119
|
+
res.setHeader('Access-Control-Allow-Headers', 'Content-Type, X-Amz-Target, Authorization, X-Amz-Date, X-Amz-Security-Token');
|
|
120
|
+
|
|
121
|
+
if (method === 'OPTIONS') {
|
|
122
|
+
res.writeHead(204);
|
|
123
|
+
res.end();
|
|
124
|
+
return;
|
|
125
|
+
}
|
|
126
|
+
|
|
127
|
+
// ── Admin routes ────────────────────────────────────────────────────────
|
|
128
|
+
if (url.startsWith('/__admin')) {
|
|
129
|
+
return handleAdmin(req, res, simulator, logger);
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
// ── Internal route (cross-service) ──────────────────────────────────────
|
|
133
|
+
if (url === '/__internal/record-event' && method === 'POST') {
|
|
134
|
+
const body = await parseBody(req);
|
|
135
|
+
try {
|
|
136
|
+
const event = simulator.recordEvent(body);
|
|
137
|
+
sendJson(res, 200, { event });
|
|
138
|
+
} catch (err) {
|
|
139
|
+
sendError(res, err);
|
|
140
|
+
}
|
|
141
|
+
return;
|
|
142
|
+
}
|
|
143
|
+
|
|
144
|
+
// ── AWS SDK v3 — X-Amz-Target ────────────────────────────────────────────
|
|
145
|
+
const target = req.headers['x-amz-target'] || '';
|
|
146
|
+
const operation = extractOperation(target);
|
|
147
|
+
|
|
148
|
+
if (!operation) {
|
|
149
|
+
sendJson(res, 400, {
|
|
150
|
+
__type: 'MissingAction',
|
|
151
|
+
message: 'Missing X-Amz-Target header',
|
|
152
|
+
});
|
|
153
|
+
return;
|
|
154
|
+
}
|
|
155
|
+
|
|
156
|
+
const handler = OPERATION_MAP[operation];
|
|
157
|
+
if (!handler) {
|
|
158
|
+
sendJson(res, 400, {
|
|
159
|
+
__type: 'InvalidAction',
|
|
160
|
+
message: `Operation not supported: ${operation}`,
|
|
161
|
+
});
|
|
162
|
+
return;
|
|
163
|
+
}
|
|
164
|
+
|
|
165
|
+
try {
|
|
166
|
+
const body = await parseBody(req);
|
|
167
|
+
logger.debug(`[CloudTrail] ${operation}`, body);
|
|
168
|
+
const result = await handler(simulator, body);
|
|
169
|
+
sendJson(res, 200, result || {});
|
|
170
|
+
} catch (err) {
|
|
171
|
+
logger.error(`[CloudTrail] ${operation} error:`, err.message);
|
|
172
|
+
sendError(res, err);
|
|
173
|
+
}
|
|
174
|
+
});
|
|
175
|
+
|
|
176
|
+
return server;
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
// ─── Admin handlers ───────────────────────────────────────────────────────────
|
|
180
|
+
|
|
181
|
+
async function handleAdmin(req, res, simulator, logger) {
|
|
182
|
+
const { method, url } = req;
|
|
183
|
+
const path = url.split('?')[0];
|
|
184
|
+
|
|
185
|
+
// GET /__admin/health
|
|
186
|
+
if (path === '/__admin/health' && method === 'GET') {
|
|
187
|
+
sendJson(res, 200, {
|
|
188
|
+
service: 'cloudtrail',
|
|
189
|
+
status: 'ok',
|
|
190
|
+
...simulator.getStatus(),
|
|
191
|
+
});
|
|
192
|
+
return;
|
|
193
|
+
}
|
|
194
|
+
|
|
195
|
+
// GET /__admin/trails
|
|
196
|
+
if (path === '/__admin/trails' && method === 'GET') {
|
|
197
|
+
const result = simulator.describeTrails({});
|
|
198
|
+
sendJson(res, 200, result);
|
|
199
|
+
return;
|
|
200
|
+
}
|
|
201
|
+
|
|
202
|
+
// GET /__admin/events
|
|
203
|
+
if (path === '/__admin/events' && method === 'GET') {
|
|
204
|
+
const urlObj = new URL(url, 'http://localhost');
|
|
205
|
+
const maxResults = parseInt(urlObj.searchParams.get('maxResults') || '50', 10);
|
|
206
|
+
const result = simulator.lookupEvents({ MaxResults: maxResults });
|
|
207
|
+
sendJson(res, 200, result);
|
|
208
|
+
return;
|
|
209
|
+
}
|
|
210
|
+
|
|
211
|
+
// POST /__admin/events/record
|
|
212
|
+
if (path === '/__admin/events/record' && method === 'POST') {
|
|
213
|
+
const body = await parseBody(req);
|
|
214
|
+
try {
|
|
215
|
+
const event = simulator.recordEvent(body);
|
|
216
|
+
sendJson(res, 200, { event });
|
|
217
|
+
} catch (err) {
|
|
218
|
+
sendError(res, err);
|
|
219
|
+
}
|
|
220
|
+
return;
|
|
221
|
+
}
|
|
222
|
+
|
|
223
|
+
// POST /__admin/reset
|
|
224
|
+
if (path === '/__admin/reset' && method === 'POST') {
|
|
225
|
+
simulator.reset();
|
|
226
|
+
await simulator.save();
|
|
227
|
+
logger.info('[CloudTrail] State reset via admin');
|
|
228
|
+
sendJson(res, 200, { message: 'CloudTrail state reset successfully' });
|
|
229
|
+
return;
|
|
230
|
+
}
|
|
231
|
+
|
|
232
|
+
sendJson(res, 404, { message: `Admin route not found: ${path}` });
|
|
233
|
+
}
|
|
234
|
+
|
|
235
|
+
module.exports = { createCloudTrailServer };
|