def create(trace_id, check_result_item_id, check_history_id, check_result_id, check_item_code, organization_id, organization_name, project_id, project_name, aws_account_coop_id, aws_account, sort_code, check_result, result_json_path, result_csv_path, executed_date_time, time_to_live, aws_account_name, assessment_flag, exclusion_flag): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 不要なクラムを作成することを避けるため date_now = common_utils.get_current_date() data_create = { 'CheckResultItemID': check_result_item_id, 'CheckHistoryID': check_history_id, 'CheckResultID': check_result_id, 'CheckItemCode': check_item_code, 'OrganizationID': organization_id, 'OrganizationName': organization_name, 'ProjectID': project_id, 'ProjectName': project_name, 'AWSAccountCoopID': aws_account_coop_id, 'AWSAccount': aws_account, 'SortCode': sort_code, 'CheckResult': check_result, 'ResultJsonPath': result_json_path, 'ResultCsvPath': result_csv_path, 'ExecutedDateTime': executed_date_time, 'TimeToLive': time_to_live, 'AssessmentFlag': assessment_flag, 'ExclusionFlag': exclusion_flag, 'CreatedAt': date_now, 'UpdatedAt': date_now, "AWSAccountName": aws_account_name } condition_expression = Attr("CheckResultItemID").not_exists() DB_utils.create(trace_id, Tables.PM_CHECK_RESULT_ITEMS, data_create, condition_expression)
def update_organization(trace_id, organization_id, update_attribute, target_update_date): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"OrganizationID": organization_id} DB_utils.update(trace_id, Tables.PM_ORGANIZATIONS, key, update_attribute, target_update_date)
def create_report(trace_id, report_id, report_name, generate_user, aws_accounts, status, resource_info_path, json_output_path, json_output_time, html_output_status, html_path, html_output_time, excel_output_status, excel_path, excel_output_time, schema_version, organization_id, project_id): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 不要なクラムを作成することを避けるため date_now = common_utils.get_current_date() create_report = { 'ReportID': report_id, 'ReportName': report_name, 'GenerateUser': generate_user, 'AWSAccounts': aws_accounts, 'ReportStatus': status, 'ResourceInfoPath': resource_info_path, 'JsonOutputPath': json_output_path, 'JsonOutputTime': json_output_time, 'HTMLOutputStatus': html_output_status, 'HTMLPath': html_path, 'HTMLOutputTime': html_output_time, 'ExcelOutputStatus': excel_output_status, 'ExcelPath': excel_path, 'ExcelOutputTime': excel_output_time, 'SchemaVersion': schema_version, 'OrganizationID': organization_id, 'ProjectID': project_id, 'CreatedAt': date_now, 'UpdatedAt': date_now } condition_expression = Attr("ReportID").not_exists() DB_utils.create(trace_id, Tables.PM_REPORTS, create_report, condition_expression)
def create(trace_id, organization_id, notify_code, webhook_url, mentions, is_cw_logger=False): if (is_cw_logger): common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) if common_utils.is_null(mentions): mentions = None date_now = common_utils.get_current_date() org_notify_slack = { "OrganizationID": organization_id, "NotifyCode": notify_code, "WebhookURL": webhook_url, "Mentions": mentions, "CreatedAt": date_now, "UpdatedAt": date_now } DB_utils.create(trace_id, Tables.PM_ORG_NOTIFY_SLACK, org_notify_slack, is_cw_logger=is_cw_logger)
def create(user_id, exclusion_resource_id, organization_id, project_id, aws_account, check_item_code, region_name, resource_type, resource_name, exclusion_comment, email, account_refine_code, check_item_refine_code, time_to_live): common_utils.begin_logger(user_id, __name__, inspect.currentframe()) date_now = common_utils.get_current_date() if len(exclusion_comment) == 0: exclusion_comment = None create_exclusion_resources = { 'ExclusionResourceID': exclusion_resource_id, 'OrganizationID': organization_id, 'ProjectID': project_id, 'AWSAccount': aws_account, 'CheckItemCode': check_item_code, 'RegionName': region_name, 'ResourceType': resource_type, 'ResourceName': resource_name, 'ExclusionComment': exclusion_comment, 'UserID': user_id, 'MailAddress': email, 'AccountRefineCode': account_refine_code, 'CheckItemRefineCode': check_item_refine_code, 'TimeToLive': time_to_live, 'CreatedAt': date_now, 'UpdatedAt': date_now } DB_utils.create(user_id, Tables.PM_EXCLUSION_RESOURCES, create_exclusion_resources)
def update_affiliation(trace_id, user_id, organization_id, update_attribute, target_update_date): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"UserID": user_id, "OrganizationID": organization_id} DB_utils.update(trace_id, Tables.PM_AFFILIATION, key, update_attribute, target_update_date)
def update(trace_id, exclusion_item_id, update_attribute, target_update_date=None): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"ExclusionItemID": exclusion_item_id} DB_utils.update(trace_id, Tables.PM_EXCLUSION_ITEMS, key, update_attribute, target_update_date)
def update(trace_id, assessment_item_id, update_attribute, target_update_date=None): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"AssessmentItemID": assessment_item_id} DB_utils.update(trace_id, Tables.PM_ASSESSMENT_ITEMS, key, update_attribute, target_update_date)
def delete(trace_id, security_check_webhook_id, create_at): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = { "SecurityCheckWebhookID": security_check_webhook_id, "CreatedAt": create_at } DB_utils.delete(trace_id, Tables.PM_SECURITY_CHECK_WEBHOOK_CALL_HISTORY, key)
def update(task_id, update_attribute, target_update_date): pm_logger = common_utils.begin_logger(task_id, __name__, inspect.currentframe()) try: key = {"TaskID": task_id} DB_utils.update(task_id, Tables.PM_ORGANIZATION_TASKS, key, update_attribute, target_update_date) return common_utils.response(True, pm_logger) except PmError as e: pm_logger.error(e) return common_utils.response(False, pm_logger)
def update(trace_id, check_result_id, update_attribute, is_cw_logger=False): if (is_cw_logger): common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"CheckResultID": check_result_id} DB_utils.update(trace_id, Tables.PM_CHECK_RESULTS, key, update_attribute, is_cw_logger=is_cw_logger)
def create(trace_id, organization_id, notify_code, destinations): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) date_now = common_utils.get_current_date() create_notify = { 'OrganizationID': organization_id, 'NotifyCode': notify_code, 'Destinations': destinations, 'CreatedAt': date_now, 'UpdatedAt': date_now } DB_utils.create(trace_id, Tables.PM_ORG_NOTIFY_MAIL_DESTINATIONS, create_notify)
def create(trace_id, security_check_webhook_id, executed_status): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) date_now = common_utils.get_current_date() data_create = { 'SecurityCheckWebhookID': security_check_webhook_id, 'CreatedAt': date_now, 'ExecutedStatus': executed_status } condition_expression = Attr('SecurityCheckWebhookID').not_exists().__and__( Attr('CreatedAt').not_exists()) DB_utils.create(trace_id, Tables.PM_SECURITY_CHECK_WEBHOOK_CALL_HISTORY, data_create, condition_expression)
def create(trace_id, check_result_id, check_history_id, check_rule_code, organization_id, organization_name, project_id, project_name, aws_account_coop_id, aws_account, sort_code, ok_count, critical_count, ng_count, executed_date_time, time_to_live, aws_account_name, is_cw_logger=False): if (is_cw_logger): common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 不要なクラムを作成することを避けるため date_now = common_utils.get_current_date() data_create = { 'CheckResultID': check_result_id, 'CheckHistoryID': check_history_id, 'CheckRuleCode': check_rule_code, 'OrganizationID': organization_id, 'OrganizationName': organization_name, 'ProjectID': project_id, 'ProjectName': project_name, 'AWSAccountCoopID': aws_account_coop_id, 'AWSAccount': aws_account, 'SortCode': sort_code, 'OKCount': ok_count, 'CriticalCount': critical_count, 'NGCount': ng_count, 'ExecutedDateTime': executed_date_time, 'TimeToLive': time_to_live, 'CreatedAt': date_now, 'UpdatedAt': date_now, 'AWSAccountName': aws_account_name } condition_expression = Attr("CheckResultID").not_exists() DB_utils.create(trace_id, Tables.PM_CHECK_RESULTS, data_create, condition_expression, is_cw_logger=is_cw_logger)
def create_daily_check(trace_id, awsaccount): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) now_utc = datetime.utcnow() date_format = now_utc.strftime("%Y-%m-%d") unixtime = calendar.timegm(now_utc.utctimetuple()) ttl = 60 * 60 * 24 * 3 create_daily_check = { "AWSAccount": awsaccount, 'ExecutedDate': date_format, 'TTL': unixtime + ttl } condition_expression = Attr("AWSAccountID").not_exists().__and__( Attr("ExecutedDate").not_exists()) DB_utils.create(trace_id, Tables.PM_DAILY_CHECK_EXECUTED_AWSACCOUNTS, create_daily_check, condition_expression)
def query_key(trace_id, organization_id, notify_code, convert_response=None, is_cw_logger=False): if (is_cw_logger): logger = common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"OrganizationID": organization_id, "NotifyCode": notify_code} result = DB_utils.query_key(trace_id, Tables.PM_ORG_NOTIFY_MAIL_DESTINATIONS, key, is_cw_logger=is_cw_logger) if result and convert_response: result = common_utils.convert_response( trace_id, result, RESPONSE_ORG_NOTIFY_MAIL_DESTINATIONS, is_cw_logger=is_cw_logger) result['destinations'] = common_utils.convert_list_response( trace_id, result['destinations'], RESPONSE_DESTINATIONS, is_cw_logger=is_cw_logger) return common_utils.response(result, logger)
def query_check_history_index(trace_id, check_history_id, sort_code=None, filter_expression=None, is_cw_logger=False): if (is_cw_logger): logger = common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key_conditions = { 'CheckHistoryID': { 'AttributeValueList': [check_history_id], 'ComparisonOperator': 'EQ' } } if sort_code is not None: key_conditions['SortCode'] = { 'AttributeValueList': [sort_code], 'ComparisonOperator': 'EQ' } result = DB_utils.query_index(trace_id, Tables.PM_CHECK_RESULT_ITEMS, CHECK_HISTORY_INDEX, key_conditions, filter_expression, is_cw_logger=is_cw_logger) return common_utils.response(result, logger)
def query_history_index(trace_id, check_history_id, filter_expression=None, convert_response=None, is_cw_logger=False): if (is_cw_logger): logger = common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key_conditions = { 'CheckHistoryID': { 'AttributeValueList': [check_history_id], 'ComparisonOperator': 'EQ' } } result = DB_utils.query_index(trace_id, Tables.PM_CHECK_RESULTS, CHECK_HISTORY_INDEX, key_conditions, filter_expression, is_cw_logger=is_cw_logger) if result and convert_response: result = common_utils.convert_list_response(trace_id, result, RESPONSE_CHECK_RESULTS, RESPONSE_REQUIRED, is_cw_logger=is_cw_logger) return common_utils.response(result, logger)
def create_organization(trace_id, organization_id, organization_name, contract, contract_status): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 不要なクラムを作成することを避けるため date_now = common_utils.get_current_date() create_organization = { 'OrganizationID': organization_id, 'OrganizationName': organization_name, 'Contract': contract, 'ContractStatus': contract_status, 'CreatedAt': date_now, 'UpdatedAt': date_now } condition_expression = Attr("OrganizationID").not_exists() DB_utils.create(trace_id, Tables.PM_ORGANIZATIONS, create_organization, condition_expression)
def query_project_index(trace_id, project_id, user_id=None, filter_expression=None, convert_response=None): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key_conditions = { 'ProjectID': { 'AttributeValueList': [project_id], 'ComparisonOperator': 'EQ' } } if common_utils.is_null(user_id) is False: key_conditions['UserID'] = { 'AttributeValueList': [user_id], 'ComparisonOperator': 'EQ' } result = DB_utils.query_index(trace_id, Tables.PM_SECURITY_CHECK_WEBHOOK, PROJECT_INDEX, key_conditions, filter_expression) if result and convert_response: result = common_utils.convert_list_response( trace_id, result, RESPONSE_SECURITY_CHECK_WEBHOOK) return common_utils.response(result, pm_logger)
def query_userid_key(trace_id, user_id, organization_id=None, filter_expression=None, convert_response=None, is_cw_logger=False): if (is_cw_logger): logger = common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key_conditions = { 'UserID': { 'AttributeValueList': [user_id], 'ComparisonOperator': 'EQ' } } if (organization_id): key_conditions['OrganizationID'] = { 'AttributeValueList': [organization_id], 'ComparisonOperator': 'EQ' } result = DB_utils.query(trace_id, Tables.PM_AFFILIATION, key_conditions, filter_expression, is_cw_logger=is_cw_logger) if result and convert_response: result = common_utils.convert_list_response(trace_id, result, RESPONSE_AFFILIATION, is_cw_logger=is_cw_logger) return common_utils.response(result, logger)
def create(trace_id, apply_id, before_mail_address, after_mail_address, time_to_live, caller_service_name): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 不要なカラムを作成することを避けるため date_now = common_utils.get_current_date() create_email_change_apply = { 'ApplyID': apply_id, 'UserID': trace_id, 'BeforeMailAddress': before_mail_address, 'AfterMailAddress': after_mail_address, 'TimeToLive': time_to_live, 'CallerServiceName': caller_service_name, 'CreatedAt': date_now, 'UpdatedAt': date_now } DB_utils.create(trace_id, Tables.PM_EMAIL_CHANGE_APPLY, create_email_change_apply)
def create_projects(trace_id, project_id, project_name, description, organization_id): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) date_now = common_utils.get_current_date() # 不要なクラムを作成することを避けるため create_projects = { 'ProjectID': project_id, 'ProjectName': project_name, 'Description': description, 'OrganizationID': organization_id, 'CreatedAt': date_now, 'UpdatedAt': date_now } condition_expression = Attr("ProjectID").not_exists() DB_utils.create(trace_id, Tables.PM_PROJECTS, create_projects, condition_expression)
def update(trace_id, check_history_id, update_attribute, target_update_date, is_cw_logger=False): if (is_cw_logger): common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"CheckHistoryID": check_history_id} DB_utils.update(trace_id, Tables.PM_CHECK_HISTORY, key, update_attribute, target_update_date, is_cw_logger=is_cw_logger)
def query_key(trace_id, assessment_item_id, convert_response=None): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"AssessmentItemID": assessment_item_id} result = DB_utils.query_key(trace_id, Tables.PM_ASSESSMENT_ITEMS, key) if result is not None and convert_response: result = common_utils.convert_response( trace_id, result, RESPONSE_ASSESSMENT) return common_utils.response(result, pm_logger)
def query_key(trace_id, apply_id, convert_response=None): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"ApplyID": apply_id} result = DB_utils.query_key(trace_id, Tables.PM_EMAIL_CHANGE_APPLY, key) if convert_response: result = common_utils.convert_response(trace_id, result, RESPONSE_EMAIL_CHANGE_APPLY) return common_utils.response(result, pm_logger)
def query_key(trace_id, exclusion_resource_id, convert_response=None): pm_logger = common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"ExclusionResourceID": exclusion_resource_id} result = DB_utils.query_key(trace_id, Tables.PM_EXCLUSION_RESOURCES, key) if result is not None and convert_response: result = common_utils.convert_response(trace_id, result, RESPONSE_EXCLUSION_RESOURCES) return common_utils.response(result, pm_logger)
def update_awscoops(trace_id, coop_id, update_attribute, target_update_date=None, is_cw_logger=False): if (is_cw_logger): common_utils.begin_cw_logger(trace_id, __name__, inspect.currentframe()) else: common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) key = {"CoopID": coop_id} DB_utils.update(trace_id, Tables.PM_AWSACCOUNTCOOPS, key, update_attribute, target_update_date, is_cw_logger=is_cw_logger)
def create_affiliation(trace_id, email, user_id, organization_id, authority, invitation_status): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 不要なクラムを作成することを避けるため date_now = common_utils.get_current_date() create_affiliation = { "MailAddress": email, "UserID": user_id, "OrganizationID": organization_id, "Authority": authority, "InvitationStatus": invitation_status, 'CreatedAt': date_now, 'UpdatedAt': date_now } condition_expression = Attr("UserID").not_exists().__and__( Attr("OrganizationID").not_exists()) DB_utils.create(trace_id, Tables.PM_AFFILIATION, create_affiliation, condition_expression)
def create_report_job_def(trace_id, code, job_definition, job_queue, max_retry, environment): common_utils.begin_logger(trace_id, __name__, inspect.currentframe()) # 不要なクラムを作成することを避けるため date_now = common_utils.get_current_date() create_report_job_def = { 'Code': code, 'JobDefinition': job_definition, 'JobQueue': job_queue, 'MaxRetry': max_retry, 'Environment': environment, 'CreatedAt': date_now, 'UpdatedAt': date_now } condition_expression = Attr("Code").not_exists() DB_utils.create(trace_id, Tables.PM_BATCH_JOB_DEFS, create_report_job_def, condition_expression)