Beispiel #1
0
def fetch_word_cloud(username):
    try:
        vault = Vault.instance(**vault_conf)
        client = vault.client
        res = client.read('kv/usernames/{}'.format(
            hashlib.sha512(str(username).encode('utf-8')).hexdigest()))
    except:
        raise VaultError('VE')

    try:
        entity_id = res['data']['entity_id']
    except:
        raise VaultUserNotFound('VUNF')

    try:
        res = client.read('kv/words/{}'.format(entity_id))
    except:
        raise VaultUserWordCloudNotAccessible('VUWCNA')

    try:
        word_cloud = res['data']
    except:
        raise VaultUserWordCloudNotFound('VUWCNF')

    return word_cloud
Beispiel #2
0
        parser.print_usage()
        print("Error: SSH key not provided and SSH_KEY is not defined")
        sys.exit(1)

    session = aws.create_session(args.aws_credentials)
    bastion = aws.machine_lookup(session, 'bastion.' + args.domain)
    iam = session.resource('iam')
    client = session.client('iam')

    domain = args.domain.replace('.', '-')

    print("Opening ssh tunnel")
    with vault_tunnel(args.ssh_key, bastion):
        print("\tcomplete")

        v = Vault('vault.' + args.domain)

        #while True:
        #    try:
        #        v.revoke_secret_prefix('aws/creds/ingest-loadtest')
        #    except Exception as ex:
        #        print(ex)
        #
        #    time.sleep(10)
        #sys.exit(0)

        print("Creating IAM policy")
        policy = iam.create_policy(
            PolicyName = '{}-ingest_client-loadtest'.format(domain),
            PolicyDocument = json.dumps({
                "Version": "2012-10-17",
Beispiel #3
0
        private = args.internal
    else:
        private = aws.machine_lookup(session, args.internal, public_ip=False)

    ssh = SSHConnection(args.ssh_key, private, bastion)

    if args.command in ("ssh", ):
        ssh.shell()
    elif args.command in ("scp", ):
        ret = ssh.scp(*args.arguments)
        sys.exit(ret)
    elif args.command in ("ssh-cmd", ):
        ret = ssh.cmd(*args.arguments)
        sys.exit(ret)
    elif args.command in ("ssh-tunnel", ):
        ssh.external_tunnel(*args.arguments)
    elif args.command in ("ssh-all", ):
        addrs = aws.machine_lookup_all(session, args.internal, public_ip=False)
        for addr in addrs:
            print("{} at {}".format(args.internal, addr))
            ssh = SSHConnection(args.ssh_key, addr, bastion)
            ssh.cmd(*args.arguments)
            print()
    elif args.command in vault.COMMANDS:
        with vault_tunnel(args.ssh_key, bastion):
            vault.COMMANDS[args.command](Vault(args.internal, private),
                                         *args.arguments)
    else:
        parser.print_usage()
        sys.exit(1)
Beispiel #4
0
        ssh.shell()
    elif args.command in ("scp", ):
        ret = ssh.scp(*args.arguments)
        sys.exit(ret)
    elif args.command in ("ssh-cmd", ):
        ret = ssh.cmd(*args.arguments)
        sys.exit(ret)
    elif args.command in ("ssh-tunnel", ):
        with ssh.tunnel() as local_port:
            print("Connect to localhost:{} to be forwarded to {}:{}".format(
                local_port, args.ip, args.port))
            input("Waiting to close tunnel...")
    elif args.command in ("ssh-all", ):
        addrs = aws.machine_lookup_all(bosslet_config.session,
                                       args.hostname,
                                       public_ip=False)
        for addr in addrs:
            print("{} at {}".format(args.hostname, addr))
            ssh_target = SSHTarget(bosslet_config.ssh_key, addr, args.port,
                                   args.user)
            ssh = SSHConnection(ssh_target, bastions)
            ssh.cmd(*args.arguments)
            print()
    elif args.command in vault.COMMANDS:
        with vault_tunnel(bosslet_config.ssh_key, bastions):
            vault.COMMANDS[args.command](Vault(args.hostname, args.ip),
                                         *args.arguments)
    else:
        parser.print_usage()
        sys.exit(1)
Beispiel #5
0
        return "\n" + header + "\n" + \
               "\n".join(map(lambda x: "  " + x, options)) + "\n"

    commands = list(COMMANDS.keys())
    commands_help = create_help("command supports the following:", commands)

    parser = argparse.ArgumentParser(
        description="Script for manipulating Vault instances",
        formatter_class=argparse.RawDescriptionHelpFormatter,
        epilog=commands_help)
    parser.add_argument(
        "--machine",
        "-m",
        help="The name of the Vault server, used to read/write tokens and keys."
    )
    parser.add_argument("command",
                        choices=commands,
                        metavar="command",
                        help="Command to execute")
    parser.add_argument("arguments",
                        nargs="*",
                        help="Arguments to pass to the command")

    args = parser.parse_args()

    if args.command in COMMANDS:
        COMMANDS[args.command](Vault(args.machine), *args.arguments)
    else:
        parser.print_usage()
        sys.exit(1)