Example #1
0
 def getPrivateIpFromPublicName(self, name):
     auth = AWSV4Sign(self.credentials, self.region, self.service)
     response = requests.get(
         '{0}/1/get-private-ip-from-public?name={1}'.format(self.url, name),
         auth=auth)
     payload = json.loads(response.content.decode("utf-8"))
     return payload['private_ips']
Example #2
0
def call_nightlatch(session, url):
    credentials = session.get_credentials()
    region = url.split('execute-api.')[1].split('.amazonaws.com')[0]
    service = 'execute-api'
    auth = AWSV4Sign(credentials, region, service)
    response = requests.get(url, auth=auth)
    print(response)
Example #3
0
    def __init__(self, url, auto_commit_interval=DEFAULT_COMMIT_INTERVAL,
                 unique_key='_id', chunk_size=DEFAULT_MAX_BULK,
                 meta_index_name="mongodb_meta", meta_type="mongodb_meta",
                 attachment_field="content", **kwargs):
        aws = kwargs.get('aws', {'access_id': '', 'secret_key': '', 'region': 'us-east-1'})
        client_options = kwargs.get('clientOptions', {})
        if 'aws' in kwargs:
            if _HAS_AWS is False:
                raise ConfigurationError('aws extras must be installed to sign Elasticsearch requests')
            aws_args = kwargs.get('aws', {'region': 'us-east-1'})
            aws = aws_session.Session()
            if 'access_id' in aws_args and 'secret_key' in aws_args:
                aws = aws_session.Session(
                    aws_access_key_id = aws_args['access_id'],
                    aws_secret_access_key = aws_args['secret_key'])
            credentials = aws.get_credentials()
            region = aws.region_name or aws_args['region']
            aws_auth = AWSV4Sign(credentials, region, 'es')
            client_options['http_auth'] = aws_auth
            client_options['use_ssl'] = True
            client_options['verify_certs'] = True
            client_options['connection_class'] = es_connection.RequestsHttpConnection
        self.elastic = Elasticsearch(
            hosts=[url], **client_options)
        self.auto_commit_interval = auto_commit_interval
        self.meta_index_name = meta_index_name
        self.meta_type = meta_type
        self.unique_key = unique_key
        self.chunk_size = chunk_size
        if self.auto_commit_interval not in [None, 0]:
            self.run_auto_commit()
        self._formatter = DefaultDocumentFormatter()

        self.has_attachment_mapping = False
        self.attachment_field = attachment_field
def send_request(payload, method):
    session = boto3.Session()
    credentials = session.get_credentials()
    # sigv4 credentials must be scoped to the correct api-gateway region. Parse region from
    # cidr vending machine api - gateway endpoint : https://{api-id}.execute-api.{region}.amazonaws.com.
    uri = os.environ['VENDING_MACHINE_API']
    region = uri.split('.')[2]
    headers = {"Content-Type": "application/json"}
    service = 'execute-api'
    auth = AWSV4Sign(credentials, region, service)

    payload['region'] = session.region_name

    if method in ['POST', 'PATCH', 'DELETE']:
        if method == 'POST':
            response = requests.post(uri,
                                     auth=auth,
                                     headers=headers,
                                     params=payload)
        elif method == 'PATCH':
            response = requests.patch(uri,
                                      auth=auth,
                                      headers=headers,
                                      params=payload)
        elif method == 'DELETE':
            response = requests.delete(uri,
                                       auth=auth,
                                       headers=headers,
                                       params=payload)
        return response
    else:
        raise ValueError("Invalid HTTP method: {} ".format(method))
def handler(event, context):
    """
    Handler for APIGATEWAY request
    :param event: api gateway msg/event
    :param context: context of event

    :return: returns fqdn from api gateway requests
    """
    if event:
        session = boto3.session.Session()
        credentials = session.get_credentials()

        # You must provide an AWS region
        region = session.region_name or 'us-west-2'
        service = 'apigateway'

        auth = AWSV4Sign(credentials, region, service)
        endpoint = 'https://apigateway.us-west-2.amazonaws.com/apikeys'

        r = requests.get(endpoint, auth=auth)
        l = r.json()['_embedded']['item']
        for item in l:
            print(item['id'])
            usage_ids = requests.get(
                f"https://apigateway.us-west-2.amazonaws.com/usageplans?keyId={item['id']}",
                auth=auth)
            usages = usage_ids.json()['_embedded']['item']
            usage_details = requests.get(
                f"https://apigateway.us-west-2.amazonaws.com//usageplans/{usages['id']}/usage?startDate=2020-04-01&endDate=2020-04-30",
                auth=auth)
            print(usage_details.json())
        #return response(msg=f"keys are: {r.content}", statuscode=r.status_code)

    else:
        return response(msg=f"Input message is null\n.", statuscode=200)
Example #6
0
def create_aws_auth(aws_args):
    try:
        aws_session = session.Session(**convert_aws_args(aws_args))
    except TypeError as exc:
        raise errors.InvalidConfiguration(
            'Elastic DocManager unknown aws config option: %s' % (exc, ))
    return AWSV4Sign(aws_session.get_credentials(), aws_session.region_name
                     or DEFAULT_AWS_REGION, 'es')
Example #7
0
    def __init__(self, configuration):
        super(AmazonElasticsearchService, self).__init__(configuration)

        region = configuration['region']
        cred = None
        if configuration.get('use_aws_iam_profile', False):
            cred = credentials.get_credentials(session.Session())
        else:
            cred = credentials.Credentials(
                access_key=configuration.get('access_key', ''),
                secret_key=configuration.get('secret_key', ''))

        self.auth = AWSV4Sign(cred, region, 'es')
Example #8
0
    def __init__(self, configuration):
        super(AmazonElasticsearchService, self).__init__(configuration)

        region = configuration["region"]
        cred = None
        if configuration.get("use_aws_iam_profile", False):
            cred = credentials.get_credentials(session.Session())
        else:
            cred = credentials.Credentials(
                access_key=configuration.get("access_key", ""),
                secret_key=configuration.get("secret_key", ""),
            )

        self.auth = AWSV4Sign(cred, region, "es")
Example #9
0
def render_react(app, props=None):
    kwargs = {
        'headers': {
            'Content-Type': 'application/json'
        },
        'json': {
            'app': app,
            'props': props or {}
        },
    }
    local = json.loads(settings.REACT_LOCAL)
    if not local:
        # include aws creds in request
        creds = boto3.session.Session().get_credentials()
        auth = AWSV4Sign(creds, 'us-east-1', 'execute-api')
        kwargs.update({'auth': auth})
        kwargs['json']['props'].update({'aws': 'direct'})
    resp = requests.post(settings.REACT_URL, **kwargs)
    return format_response(resp.json())
Example #10
0
def send_data(data, connection_id):
    endpoint = "https://{api_id}.execute-api.{region}.amazonaws.com/{stage}/@connections/{connection_id}"
    session = boto3.Session()
    credentials = session.get_credentials()

    api_id = get_api_id()
    fe = endpoint.format(connection_id=quote(connection_id),
                         api_id=api_id,
                         region=session.region_name,
                         stage="prod")

    # ak = "AKIAI2VOK2U3MAWQFZSA"
    # sk = "DHfNU5C2fqhS6CB0gdLCZqPqheqAdiMFS9A9jTVN"
    auth = AWSV4Sign(credentials, session.region_name, 'execute-api')

    resp = requests.post(fe, json=data, auth=auth)

    if resp.status_code != 200:
        raise Exception("Failed data post: {}:{}".format(
            resp.status_code, resp.text))
Example #11
0
def __get_accounts_from_appsync(plugin_config: dict):
    """Make the call to get the aws accounts."""
    endpoint = plugin_config.get('appsync_url', None)
    if endpoint is None or endpoint == '':
        safe_print(
            'AppSync URL Not Configured. Cheack the README for instructions.')
        return {}

    query = 'query {listAccounts {items {id name}}}'
    headers = {"Content-Type": "application/json"}
    payload = {"query": query}
    service = 'appsync'
    appsync_region = __parse_region_from_url(endpoint) or region
    auth = AWSV4Sign(credentials, appsync_region, service)
    try:
        appsync_accounts = requests.post(endpoint,
                                         auth=auth,
                                         json=payload,
                                         headers=headers).json()
        if 'errors' in appsync_accounts:
            safe_print('Error attempting to query AppSync', color=ERROR_COLOR)
            err = appsync_accounts['errors'][0]
            if 'errorType' in err and 'message' in err:
                errorType = err['errorType']
                errorMessage = err['message']
                safe_print(f'\t{errorType}: {errorMessage}', color=ERROR_COLOR)
            return {}
        else:
            appsync_accounts = appsync_accounts['data']['listAccounts'][
                'items']
            if appsync_accounts is not None:
                __write_cache(appsync_accounts)
    except Exception as exception:
        appsync_accounts = {}
        safe_print("Cannot make the request to AppSync: ")
        safe_print(str(exception))
        safe_print("Make sure you are authorized to make the request")

    return appsync_accounts
def get_es_client(host, port):
    # Establish credentials
    # msession = boto3.session.Session()
    msession = boto3.session.Session(
        aws_access_key_id=os.environ.get('ACCESS_KEY_ID'),
        aws_secret_access_key=os.environ.get('SECRET_ACCESS_KEY'))
    credentials = msession.get_credentials()
    region = msession.region_name or 'eu-west-1'

    # Elasticsearch settings
    service = 'es'
    auth = AWSV4Sign(credentials, region, service)
    es_client = Elasticsearch(host=host,
                              port=int(port),
                              connection_class=RequestsHttpConnection,
                              http_auth=auth,
                              use_ssl=False,
                              verify_ssl=False)

    if es_client.info() is not None:
        return es_client
    else:
        print('ES Client couldn\'t be created successfully in get_es_client()')
        return None
Example #13
0
    def __init__(self, upload=False, get_sentiment=False):
        # Connect to s3
        self.s3 = boto3.client(service_name='s3')
        # Establish credentials
        session_var = boto3.session.Session()
        credentials = session_var.get_credentials()
        awsauth = AWSV4Sign(credentials, region_name, 'es')
        # Connect to es
        self.es = Elasticsearch(host=es_endpoint,
                                port=443,
                                connection_class=RequestsHttpConnection,
                                http_auth=awsauth,
                                use_ssl=True,
                                verify_ssl=True)
        self.upload = upload
        if self.upload and not self.es.indices.exists(index=self.es_index):
            logger.info('Creating mapping...')
            self.es.indices.create(index=self.es_index,
                                   body={'mappings': self.mapping})

        if get_sentiment:
            self.comprehend = boto3.client(service_name='comprehend')
        else:
            self.comprehend = None
Example #14
0
def lambda_handler(event, context):
    # Establish credentials
    session_var = session.Session()
    credentials = session_var.get_credentials()
    region = session_var.region_name or aws_region

    # Check to see if this event is a task event and, if so, if it contains
    # information about an event failure. If so, send an SNS notification.
    if "detail-type" not in event:
        raise ValueError(
            "ERROR: event object is not a valid CloudWatch Logs event")
    else:
        if event["detail-type"] == "ECS Task State Change":
            detail = event["detail"]
            if detail["lastStatus"] == "STOPPED":
                if detail[
                        "stoppedReason"] == "Essential container in task exited":
                    # Send an error status message.
                    sns_client = client('sns')
                    sns_client.publish(
                        TopicArn=sns_topic,
                        Subject="ECS task failure detected for container",
                        Message=json.dumps(detail))

                    # Send msg to slack_webhookurl
                    url = slack_webhookurl
                    Subject = "ECS task failure detected for container",
                    Message = json.dumps(detail)
                    messagedata = json.loads(Message)
                    # Break out Cloudwatch payload into variables that we use
                    taskArn = messagedata['taskArn']
                    desiredStatus = messagedata['desiredStatus']
                    lastStatus = messagedata['lastStatus']
                    stoppedReason = messagedata['stoppedReason']
                    clusterArn = messagedata['clusterArn']
                    # Get service name
                    serviceName = messagedata['containers'][0]['name']

                    taskDefinitionArn = messagedata['taskDefinitionArn']

                    #Only post to slack with specific data from cloudwatch ##
                    payload = {
                        'channel':
                        slack_channel,
                        'username':
                        slack_username,
                        'text':
                        '%s \n Task ARN: %s \n Desired Status: %s \n Last Status: %s \n Stopped Reason: %s \n Cluster ARN: %s \n Service: %s '
                        % (Subject, taskArn, desiredStatus, lastStatus,
                           stoppedReason, clusterArn, serviceName),
                        'icon_emoji':
                        'ghostwn:',
                        'username':
                        slack_username,
                        'channel':
                        slack_channel
                    }
                    headers = {"content-type": "application/json"}
                    r = requests.put(url,
                                     data=json.dumps(payload),
                                     headers=headers)

                    print r.status_code
                    print r.content
                    note = "Post of data to slack was attempted"

    # Elasticsearch connection. Note that you must sign your requests in order
    # to call the Elasticsearch API anonymously. Use the requests_aws_sign
    # package for this.
    service = 'es'
    auth = AWSV4Sign(credentials, region, service)
    es_client = Elasticsearch(host=es_host,
                              port=443,
                              connection_class=RequestsHttpConnection,
                              http_auth=auth,
                              use_ssl=True,
                              verify_ssl=True)

    es_client.index(index="ecs-index", doc_type="eventstream", body=event)
Example #15
0
scheduler_table = dynamodb.Table('v486121-GPS-PathFinder-Scheduler-Table-' + env)
validation_table = dynamodb.Table('v486121-GPS-PathFinder-Validation-Rules-' + env)

response = scheduler_table.scan()
schedule_data = eval(json.dumps(response))
response = validation_table.scan()
validate_data = eval(json.dumps(response))

#########################Create elasticsearch session instance###################################

session = session.Session()
credentials = session.get_credentials()
region = 'us-east-1'
service = 'es'
auth = AWSV4Sign(credentials, region, service)
try:
    es = Elasticsearch(host=host,
                   port=443,
                   connection_class=RequestsHttpConnection,
                   http_auth=auth,
                   use_ssl=True,
                   verify_ssl=True,
                   timeout=30,
                   max_retries=10,
                   retry_on_timeout=True
                    )
except Exception, err:
    print('Creating elasticsearch instance failed because : '+str(err))

Example #16
0
    def request(self, method, url,
                params=None,
                data=None,
                headers=None,
                cookies=None,
                files=None,
                timeout=None,
                allow_redirects=True,
                proxies=None,
                hooks=None,
                stream=None,
                verify=True,
                cert=None,
                json=None):
        """Constructs and sends a :class:`Request <Request>`.
        :param method: method for the new :class:`Request` object.
        :param url: URL for the new :class:`Request` object.
        :param params: (optional) Dictionary or bytes to be sent in the
            query string for the :class:`Request`.
        :param data: (optional) Dictionary, bytes, or file-like object to
            send in the body of the :class:`Request`.
        :param json: (optional) json data to send in the body of
            the :class:`Request`.
        :param headers: (optional) Dictionary of HTTP Headers to send
            with the :class:`Request`.
        :param cookies: (optional) Dict or CookieJar object to send
            with the :class:`Request`.
        :param files: (optional) Dictionary of ``'name': file-like-objects``
            (or ``{'name': ('filename', fileobj)}``) for multipart
            encoding upload.
        :param timeout: (optional) How long to wait for the server to send data
            before giving up, as a float, or a :ref:`(connect timeout, read
            timeout) <timeouts>` tuple.
        :type timeout: float or tuple
        :param allow_redirects: (optional) Boolean. Set to True if
            POST/PUT/DELETE redirect following is allowed.
        :type allow_redirects: bool
        :param proxies: (optional) Dictionary mapping protocol to the
            URL of the proxy.
        :param verify: (optional) if ``True``, the SSL cert will be verified.
            A CA_BUNDLE path can also be provided.
        :param stream: (optional) if ``False``, the response content will be
            immediately downloaded.
        :param cert: (optional) if String, path to ssl client cert file
            (.pem). If Tuple, ('cert', 'key') pair.
        :return: :class:`Response <Response>` object
        :rtype: requests.Response
        """

        auth = AWSV4Sign(self.creds, self.region, self.service)
        session = requests.sessions.Session()
        req = requests.Request(
            method,
            url,
            data=data,
            headers=headers,
            params=params,
            cookies=cookies,
            files=files,
            auth=auth,
            json=json,
            hooks=hooks)
        prepped = req.prepare()
        response = session.send(prepped,
                                stream=stream,
                                verify=verify,
                                proxies=proxies,
                                cert=cert,
                                timeout=timeout,
                                allow_redirects=allow_redirects
                                )
        session.close()
        return response
Example #17
0
def handler(event, context):
    """
    Handler for APIGATEWAY request
    :param event: api gateway msg/event
    :param context: context of event

    :return: returns fqdn from api gateway requests
    """
    if event:
        try:
            operation = event['httpMethod']
            payload = includevalues = None
            if operation in operations:
                payload = event.get(
                    'queryStringParameters',
                    None) if operation == 'GET' else json.loads(event['body'])

            if payload:
                includevalues = payload.get('includeValues', False)
            if includevalues and includevalues.lower() == 'true':
                includevalues = True
            else:
                includevalues = False

            # get credential form role using boto3 libs
            session = boto3.session.Session()
            credentials = session.get_credentials()

            # You must provide an AWS region
            region = session.region_name or 'us-west-2'
            service = 'apigateway'

            auth = AWSV4Sign(credentials, region, service)
            endpoint = f'https://{service}.{region}.amazonaws.com/apikeys?includeValues={includevalues}'

            r = requests.get(endpoint, auth=auth)
            item_list = r.json()['_embedded']['item']
            key_list = []
            for item in item_list:
                if includevalues:
                    key_details = {
                        "name": {item['name']},
                        "id": item['id'],
                        "value": item.get('value', None),
                        "descrpition": item['description']
                    }
                else:
                    key_details = {
                        "name": item['name'],
                        "id": item['id'],
                        "descrpition": item['description']
                    }

                key_list = [*key_list, key_details]
                # usage_ids = requests.get(f"https://apigateway.us-west-2.amazonaws.com/usageplans?keyId={item['id']}", auth=auth)
                # usages = usage_ids.json()['_embedded']['item']
                # usage_details = requests.get(f"https://apigateway.us-west-2.amazonaws.com//usageplans/{usages['id']}/usage?startDate=2020-04-01&endDate=2020-04-30",
                #                              auth=auth)
            ret_response = {"key_list": key_list}
            return response(msg=f"{ret_response}".replace("\'", "\""),
                            statuscode=r.status_code)

        except Exception as e:
            response(msg=f"An exepection occurred {traceback.format_exc()}",
                     statuscode=500)

    else:
        return response(msg=f"Input message is null.\n", statuscode=200)