def test_kms_decrypt(self):
config = {'test': {'secret': 'mysecretpassword'}}
session_mock = Mock()
session_mock.client().get_secret().value = 'value'
session_mock.get_session_for_resource.return_value = session_mock
self.assertEqual(utils.kms_decrypt(config, Mock(), session_mock, 'test'), config['test'])
def __init__(self, config, session, logger):
if config.get('slack_token'):
config['slack_token'] = kms_decrypt(config, logger, session, 'slack_token')
self.caching = self.cache_factory(config, config.get('cache_engine', None))
self.config = config
self.logger = logger
self.session = session
self.email_handler = EmailDelivery(config, session, logger)
def __init__(self, config, session, logger):
if config.get('slack_token'):
config['slack_token'] = kms_decrypt(config, logger, session, 'slack_token')
self.client = SlackClient(config['slack_token'])
self.caching = self.cache_factory(config, config.get('cache_engine', None))
self.config = config
self.logger = logger
self.session = session
self.email_handler = EmailDelivery(config, session, logger)
def process_sqs_message(self, encoded_sqs_message):
body = encoded_sqs_message['Body']
try:
body = json.dumps(json.loads(body)['Message'])
except ValueError:
pass
sqs_message = json.loads(zlib.decompress(base64.b64decode(body)))
self.logger.debug(
"Got account:%s message:%s %s:%d policy:%s recipients:%s" %
(sqs_message.get('account',
'na'), encoded_sqs_message['MessageId'],
sqs_message['policy']['resource'], len(sqs_message['resources']),
sqs_message['policy']['name'], ', '.join(
sqs_message['action'].get('to'))))
# get the map of email_to_addresses to mimetext messages (with resources baked in)
# and send any emails (to SES or SMTP) if there are email addresses found
email_delivery = EmailDelivery(self.config, self.session, self.logger)
to_addrs_to_email_messages_map = email_delivery.get_to_addrs_email_messages_map(
sqs_message)
for email_to_addrs, mimetext_msg in to_addrs_to_email_messages_map.items(
):
email_delivery.send_c7n_email(sqs_message, list(email_to_addrs),
mimetext_msg)
# this sections gets the map of sns_to_addresses to rendered_jinja messages
# (with resources baked in) and delivers the message to each sns topic
sns_delivery = SnsDelivery(self.config, self.session, self.logger)
sns_message_packages = sns_delivery.get_sns_message_packages(
sqs_message)
sns_delivery.deliver_sns_messages(sns_message_packages, sqs_message)
# this section sends a notification to the resource owner via Slack
if any(
e.startswith('slack')
or e.startswith('https://hooks.slack.com/')
for e in sqs_message.get('action', ()).get('to', []) +
sqs_message.get('action', ()).get('owner_absent_contact', [])):
from .slack_delivery import SlackDelivery
if self.config.get('slack_token'):
self.config['slack_token'] = \
kms_decrypt(self.config, self.logger, self.session, 'slack_token')
slack_delivery = SlackDelivery(self.config, self.logger,
email_delivery)
slack_messages = slack_delivery.get_to_addrs_slack_messages_map(
sqs_message)
try:
slack_delivery.slack_handler(sqs_message, slack_messages)
except Exception:
traceback.print_exc()
pass
# this section gets the map of metrics to send to datadog and delivers it
if any(
e.startswith('datadog')
for e in sqs_message.get('action', ()).get('to')):
from .datadog_delivery import DataDogDelivery
datadog_delivery = DataDogDelivery(self.config, self.session,
self.logger)
datadog_message_packages = datadog_delivery.get_datadog_message_packages(
sqs_message)
try:
datadog_delivery.deliver_datadog_messages(
datadog_message_packages, sqs_message)
except Exception:
traceback.print_exc()
pass
# this section sends the full event to a Splunk HTTP Event Collector (HEC)
if any(
e.startswith('splunkhec://')
for e in sqs_message.get('action', ()).get('to')):
from .splunk_delivery import SplunkHecDelivery
splunk_delivery = SplunkHecDelivery(self.config, self.session,
self.logger)
splunk_messages = splunk_delivery.get_splunk_payloads(
sqs_message,
encoded_sqs_message['Attributes']['SentTimestamp'])
try:
splunk_delivery.deliver_splunk_messages(splunk_messages)
except Exception:
traceback.print_exc()
pass
