def save_app_auth_info(app, info, func_name, overwrite=False):
"""Function to add app auth information to parameter store
Args:
info (dict): Required values needed to save the requested authentication
information to AWS Parameter Store
"""
# Get all of the required authentication values from the user for this app integration
auth_dict = {
auth_key: user_input(info['description'], False, info['format'])
for auth_key, info in app.required_auth_info().iteritems()
}
description = (
'Required authentication information for the \'{}\' service for '
'use in the \'{}\' app'.format(info['type'], info['app_name']))
# Save these to the parameter store
param_name = '{}_{}'.format(func_name, AppConfig.AUTH_CONFIG_SUFFIX)
saved = save_parameter(info['region'], param_name, auth_dict, description,
overwrite)
if saved:
LOGGER.info(
'App authentication info successfully saved to parameter store.')
else:
LOGGER.error(
'App authentication info was not saved to parameter store.')
return saved
def configure_output(options):
"""Configure a new output for this service
Args:
options (argparser): Basically a namedtuple with the service setting
"""
account_config = CONFIG['global']['account']
region = account_config['region']
prefix = account_config['prefix']
kms_key_alias = account_config['kms_key_alias']
# Verify that the word alias is not in the config.
# It is interpolated when the API call is made.
if 'alias/' in kms_key_alias:
kms_key_alias = kms_key_alias.split('/')[1]
# Retrieve the proper service class to handle dispatching the alerts of this services
output = get_output_dispatcher(options.service, region, prefix,
config_outputs.load_outputs_config())
# If an output for this service has not been defined, the error is logged
# prior to this
if not output:
return
# get dictionary of OutputProperty items to be used for user prompting
props = output.get_user_defined_properties()
for name, prop in props.iteritems():
# pylint: disable=protected-access
props[name] = prop._replace(value=user_input(
prop.description, prop.mask_input, prop.input_restrictions))
service = output.__service__
config = config_outputs.load_config(props, service)
# An empty config here means this configuration already exists,
# so we can ask for user input again for a unique configuration
if config is False:
return configure_output(options)
secrets_bucket = '{}.streamalert.secrets'.format(prefix)
secrets_key = output.output_cred_name(props['descriptor'].value)
# Encrypt the creds and push them to S3
# then update the local output configuration with properties
if config_outputs.encrypt_and_push_creds_to_s3(region, secrets_bucket,
secrets_key, props,
kms_key_alias):
updated_config = output.format_output_config(config, props)
config_outputs.update_outputs_config(config, updated_config, service)
LOGGER_CLI.info(
'Successfully saved \'%s\' output configuration for service \'%s\'',
props['descriptor'].value, options.service)
else:
LOGGER_CLI.error(
'An error occurred while saving \'%s\' '
'output configuration for service \'%s\'',
props['descriptor'].value, options.service)
def save_api_creds_info(region, overwrite=False):
"""Function to add API creds information to parameter store
Args:
info (dict): Required values needed to save the requested credentials
information to AWS Parameter Store
"""
# Get all of the required credentials from the user for API calls
required_creds = {
'api_user': {
'description': ('API username to retrieve IOCs via API calls. '
'This should be an email address.'),
'format':
re.compile(r'^[a-zA-Z].*@.*')
},
'api_key': {
'description':
('API key to retrieve IOCs via API calls. '
'This should be a string of 40 alphanumeric characters.'),
'format':
re.compile(r'^[a-zA-Z0-9]{40}$')
}
}
creds_dict = {
auth_key: user_input(info['description'], False, info['format'])
for auth_key, info in required_creds.iteritems()
}
description = ('Required credentials for the Threat Intel Downloader')
# Save these to the parameter store
param_name = 'threat_intel_downloader_api_creds'
saved = save_parameter(region, param_name, creds_dict, description,
overwrite)
if saved:
LOGGER_CLI.info(
'Threat Intel Downloader credentials were successfully '
'saved to parameter store.')
else:
LOGGER_CLI.error(
'Threat Intel Downloader credentials were not saved to '
'parameter store.')
return saved
def output_handler(options, config):
"""Configure a new output for this service
Args:
options (argparse.Namespace): Basically a namedtuple with the service setting
Returns:
bool: False if errors occurred, True otherwise
"""
account_config = config['global']['account']
region = account_config['region']
prefix = account_config['prefix']
kms_key_alias = account_config['kms_key_alias']
# Verify that the word alias is not in the config.
# It is interpolated when the API call is made.
if 'alias/' in kms_key_alias:
kms_key_alias = kms_key_alias.split('/')[1]
# Retrieve the proper service class to handle dispatching the alerts of this services
output = StreamAlertOutput.get_dispatcher(options.service)
# If an output for this service has not been defined, the error is logged
# prior to this
if not output:
return False
# get dictionary of OutputProperty items to be used for user prompting
props = output.get_user_defined_properties()
for name, prop in props.iteritems():
# pylint: disable=protected-access
props[name] = prop._replace(value=user_input(
prop.description, prop.mask_input, prop.input_restrictions))
output_config = config['outputs']
service = output.__service__
# If it exists already, ask for user input again for a unique configuration
if output_exists(output_config, props, service):
return output_handler(options, config)
provider = OutputCredentialsProvider(service,
config=config,
region=region,
prefix=prefix)
result = provider.save_credentials(props['descriptor'].value,
kms_key_alias, props)
if not result:
LOGGER.error(
'An error occurred while saving \'%s\' '
'output configuration for service \'%s\'',
props['descriptor'].value, options.service)
return False
updated_config = output.format_output_config(output_config, props)
output_config[service] = updated_config
config.write()
LOGGER.info(
'Successfully saved \'%s\' output configuration for service \'%s\'',
props['descriptor'].value, options.service)
return True
