Python RDSSecurityGroupAuditor 예제들

예제 #1

파일: __init__.py 프로젝트: synackme/security_monkey

def audit_rds(accounts, send_report):
    """ Runs auditors/rds_security_group """
    accounts = __prep_accounts__(accounts)
    au = RDSSecurityGroupAuditor(accounts=accounts, debug=True)
    au.audit_all_objects()

    if send_report:
        report = au.create_report()
        au.email_report(report)

    au.save_issues()
    db.session.close()

예제 #2

파일: reporter.py 프로젝트: synackme/security_monkey

 def __init__(self, accounts=None, alert_accounts=None, debug=False):
     self.account_watchers = {}
     self.account_alerters = {}
     if not alert_accounts:
         alert_accounts = accounts
     for account in accounts:
         self.account_watchers[account] = [
             (SQS(accounts=[account], debug=debug), None),
             (ELB(accounts=[account], debug=debug), None),
             (IAMSSL(accounts=[account], debug=debug), None),
             (RDSSecurityGroup(accounts=[account], debug=debug),
              RDSSecurityGroupAuditor(accounts=[account], debug=debug)),
             (SecurityGroup(accounts=[account], debug=debug),
              SecurityGroupAuditor(accounts=[account], debug=debug)),
             (S3(accounts=[account],
                 debug=debug), S3Auditor(accounts=[account], debug=debug)),
             (IAMUser(accounts=[account], debug=debug),
              IAMUserAuditor(accounts=[account], debug=debug)),
             (IAMGroup(accounts=[account], debug=debug), None),
             (IAMRole(accounts=[account], debug=debug), None),
             (Keypair(accounts=[account], debug=debug), None),
             (SNS(accounts=[account],
                  debug=debug), SNSAuditor(accounts=[account], debug=debug))
         ]
         if account in alert_accounts:
             self.account_alerters[account] = Alerter(
                 watchers_auditors=self.account_watchers[account],
                 account=account)

예제 #3

파일: __init__.py 프로젝트: gabrielmusicuo/security_monkey

def find_rds_changes(accounts):
    """ Runs watchers/rds_security_group"""
    accounts = __prep_accounts__(accounts)
    cw = RDSSecurityGroup(accounts=accounts, debug=True)
    (items, exception_map) = cw.slurp()
    cw.find_changes(current=items, exception_map=exception_map)

    # Audit these changed items
    items_to_audit = []
    for item in cw.created_items + cw.changed_items:
        rds_item = RDSSecurityGroupItem(region=item.region, account=item.account, name=item.name, config=item.new_config)
        items_to_audit.append(rds_item)

    au = RDSSecurityGroupAuditor(debug=True)
    au.audit_these_objects(items_to_audit)
    au.save_issues()
    cw.save()
    db.session.close()

예제 #4

파일: __init__.py 프로젝트: gabrielmusicuo/security_monkey

def audit_rds(accounts, send_report):
    """ Runs auditors/rds_security_group """
    accounts = __prep_accounts__(accounts)
    au = RDSSecurityGroupAuditor(accounts=accounts, debug=True)
    au.audit_all_objects()

    if send_report == 'true' or send_report == 'True':
        report = au.create_report()
        au.email_report(report)

    au.save_issues()
    db.session.close()

예제 #5

파일: __init__.py 프로젝트: synackme/security_monkey

def find_rds_changes(accounts):
    """ Runs watchers/rds_security_group"""
    accounts = __prep_accounts__(accounts)
    cw = RDSSecurityGroup(accounts=accounts, debug=True)
    (items, exception_map) = cw.slurp()
    cw.find_changes(current=items, exception_map=exception_map)

    # Audit these changed items
    items_to_audit = []
    for item in cw.created_items + cw.changed_items:
        rds_item = RDSSecurityGroupItem(region=item.region, account=item.account, name=item.name, config=item.new_config)
        items_to_audit.append(rds_item)

    au = RDSSecurityGroupAuditor(accounts=accounts, debug=True)
    au.audit_these_objects(items_to_audit)
    au.save_issues()
    cw.save()
    db.session.close()