def handle_report(report_json):
aws = AwsInstance()
findings_list = []
issues_list = report_json['recommendations']['issues']
if not issues_list:
logger.info(
'No issues were found by the monkey, no need to send anything')
return True
for machine in issues_list:
for issue in issues_list[machine]:
if issue.get('aws_instance_id', None):
findings_list.append(
AWSExporter._prepare_finding(issue, aws.get_region()))
if not AWSExporter._send_findings(
findings_list, AWSExporter._get_aws_keys(), aws.get_region()):
logger.error('Exporting findings to aws failed')
return False
return True
class AwsEnvironment(Environment):
def __init__(self):
super(AwsEnvironment, self).__init__()
self.aws_info = AwsInstance()
self._instance_id = self._get_instance_id()
self.region = self._get_region()
def _get_instance_id(self):
return self.aws_info.get_instance_id()
def _get_region(self):
return self.aws_info.get_region()
def get_auth_users(self):
return [
monkey_island.cc.auth.User(1, 'monkey',
self.hash_secret(self._instance_id))
]
class AwsEnvironment(Environment):
def __init__(self):
super(AwsEnvironment, self).__init__()
# Not suppressing error here on purpose. This is critical if we're on AWS env.
self.aws_info = AwsInstance()
self._instance_id = self._get_instance_id()
self.region = self._get_region()
def _get_instance_id(self):
return self.aws_info.get_instance_id()
def _get_region(self):
return self.aws_info.get_region()
def get_auth_users(self):
return [
monkey_island.cc.auth.User(1, 'monkey',
self.hash_secret(self._instance_id))
]
def get_instances():
"""
Get the information for all instances with the relevant roles.
This function will assume that it's running on an EC2 instance with the correct IAM role.
See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html#iam-role for details.
:raises: botocore.exceptions.ClientError if can't describe local instance information.
:return: All visible instances from this instance
"""
current_instance = AwsInstance()
local_ssm_client = boto3.client("ssm", current_instance.get_region())
try:
response = local_ssm_client.describe_instance_information()
filtered_instances_data = filter_instance_data_from_aws_response(
response)
return filtered_instances_data
except botocore.exceptions.ClientError as e:
logger.warning("AWS client error while trying to get instances: " +
e.message)
raise e