def monitor(event, context):
"""
This method looks for iam data and reports 4 different
kinds of data into 4 different JSON files stored in s3
"""
arns = parseArnsString(READER_ROLE_ARNS)
# gather iamData
iamData = getAllIAMData()
for arn in arns:
additionalIamData = getAllIAMData(arn)
iamData['users'] += additionalIamData['users']
iamData['groups'] += additionalIamData['groups']
iamData['roles'] += additionalIamData['roles']
iamData['policies'] += additionalIamData['policies']
# report each type of data
s3Client = getSession().resource("s3")
reportName = datetime.datetime.utcnow().isoformat(
) + '.json' # same report name for each data type
for typeOfIamData in iamData:
# get s3 key and body
key = S3_MONITORING_PATH + f"/{typeOfIamData}/" + reportName
body = json.dumps(iamData[typeOfIamData],
default=datetimeSerializer).encode("utf-8")
# save to s3
logger.info(
f"creating new monitoring report at s3://{S3_BUCKET_NAME}/{key}")
s3Client.Bucket(S3_BUCKET_NAME).put_object(Key=key, Body=body)
return "finished monitoring."
def monitor(event, context):
"""
This method looks for security groups and reports
any found groups to a json file in s3.
"""
arns = parseArnsString(READER_ROLE_ARNS)
# get groups
groups = getAllSecurityGroups() # defaults to current account
for arn in arns:
groups += getAllSecurityGroups(arn)
if len(groups) is 0:
logger.warning("no security groups found")
return
# get s3 key and body
key = S3_MONITORING_PATH + '/' + datetime.datetime.utcnow().isoformat(
) + '.json'
body = json.dumps(groups, default=datetimeSerializer).encode("utf-8")
# save to s3
logger.info(
f"creating new monitoring report at s3://{S3_BUCKET_NAME}/{key}")
s3 = getSession().resource("s3")
s3.Bucket(S3_BUCKET_NAME).put_object(Key=key, Body=body)
return "finished monitoring."
def monitor(event, context):
"""
This method looks for elastic load balancers and reports
any found elbs to a json file in s3.
"""
arns = parseArnsString(READER_ROLE_ARNS)
# get elbs
v1ELBs = getAllV1ELBs()
v2ELBs = getAllV2ELBs()
elbs = [] + v1ELBs + v2ELBs
for arn in arns:
elbs += getAllV1ELBs(arn) + getAllV2ELBs(arn)
if len(elbs) is 0:
logger.warning("no elastic load balancers found")
return
# get s3 key and body
key = S3_MONITORING_PATH + '/' + datetime.datetime.utcnow().isoformat(
) + '.json'
body = json.dumps(elbs, default=datetimeSerializer).encode("utf-8")
# save to s3
logger.info(
f"creating new monitoring report at s3://{S3_BUCKET_NAME}/{key}")
s3 = getSession().resource("s3")
s3.Bucket(S3_BUCKET_NAME).put_object(Key=key, Body=body)
return "finished monitoring."
def monitor(event, context):
"""
This method looks for iam data and reports 4 different
kinds of data into 4 different JSON files stored in s3
"""
arns = parseArnsString(READER_ROLE_ARNS)
# gather iamData
iamData = getAllIAMData()
for arn in arns:
additionalIamData = getAllIAMData(arn)
iamData['users'] += additionalIamData['users']
iamData['groups'] += additionalIamData['groups']
iamData['roles'] += additionalIamData['roles']
iamData['policies'] += additionalIamData['policies']
# convert to valid json strings
userJsonStrings = [
json.dumps(user, default=datetimeSerializer).encode("utf-8")
for user in iamData['users']
]
groupJsonStrings = [
json.dumps(group, default=datetimeSerializer).encode("utf-8")
for group in iamData['groups']
]
roleJsonStrings = [
json.dumps(role, default=datetimeSerializer).encode("utf-8")
for role in iamData['roles']
]
policyJsonStrings = [
json.dumps(policy, default=datetimeSerializer).encode("utf-8")
for policy in iamData['policies']
]
# create valid insert data for fivetran response
monitored_time = datetime.datetime.utcnow().isoformat()
iamInsertData = {
'IAM_USERS': [{
'RAW_DATA': json.loads(jsonString),
'SNOWWATCH_MONITORED_TIME_UTC': monitored_time
} for jsonString in userJsonStrings],
'IAM_GROUPS': [{
'RAW_DATA': json.loads(jsonString),
'SNOWWATCH_MONITORED_TIME_UTC': monitored_time
} for jsonString in groupJsonStrings],
'IAM_ROLES': [{
'RAW_DATA': json.loads(jsonString),
'SNOWWATCH_MONITORED_TIME_UTC': monitored_time
} for jsonString in roleJsonStrings],
'IAM_POLICIES': [{
'RAW_DATA': json.loads(jsonString),
'SNOWWATCH_MONITORED_TIME_UTC': monitored_time
} for jsonString in policyJsonStrings]
}
# return monitoring results to fivetran
response = {'state': 0, 'hasMore': False, 'insert': iamInsertData}
return response
def monitor(event, context):
"""
This method looks for elastic load balancers and reports
any found elbs to a json file in s3.
"""
arns = parseArnsString(READER_ROLE_ARNS)
# get elbs
v1ELBs = getAllV1ELBs()
v2ELBs = getAllV2ELBs()
elbs = [] + v1ELBs + v2ELBs
for arn in arns:
elbs += getAllV1ELBs(arn) + getAllV2ELBs(arn)
# convert to valid json strings
jsonStrings = [
json.dumps(elb, default=datetimeSerializer).encode("utf-8")
for elb in elbs
]
# create valid insert data for fivetran response
monitored_time = datetime.datetime.utcnow().isoformat()
fivetranInserts = [{
'RAW_DATA': json.loads(jsonString),
'SNOWWATCH_MONITORED_TIME_UTC': monitored_time
} for jsonString in jsonStrings]
# return monitoring results to fivetran
response = {
'state': 0,
'hasMore': False,
'insert': {
'elastic_load_balancers': fivetranInserts
}
}
return response
def monitor(event, context):
"""
This method looks for ec2 instances in each AWS
account to be monitored and reports
any found instances to a json file in s3.
"""
arns = parseArnsString(READER_ROLE_ARNS)
instances = getAllInstances(
) # monitor for current account with no role arn
for arn in arns:
instances += getAllInstances(arn)
# convert to valid json strings
jsonStrings = [
json.dumps(instance, default=datetimeSerializer).encode("utf-8")
for instance in instances
]
# create valid insert data for fivetran response
monitored_time = datetime.datetime.utcnow().isoformat()
fivetranInserts = [{
'RAW_DATA': json.loads(jsonString),
'SNOWWATCH_MONITORED_TIME_UTC': monitored_time
} for jsonString in jsonStrings]
# return monitoring results to fivetran
response = {
'state': 0,
'hasMore': False,
'insert': {
'ec2_instances': fivetranInserts
}
}
return response
def monitor(event, context):
"""
This method looks for security groups and reports
any found groups to a json file in s3.
"""
arns = parseArnsString(READER_ROLE_ARNS)
# get groups
groups = getAllSecurityGroups() # defaults to current account
for arn in arns: groups += getAllSecurityGroups(arn)
# convert to valid json strings
jsonStrings = [
json.dumps(group, default=datetimeSerializer).encode("utf-8") for group in groups
]
# create valid insert data for fivetran response
monitored_time = datetime.datetime.utcnow().isoformat()
fivetranInserts = [
{
'RAW_DATA': json.loads(jsonString),
'SNOWWATCH_MONITORED_TIME_UTC': monitored_time
}
for jsonString in jsonStrings
]
# return monitoring results to fivetran
response = {
'state': 0,
'hasMore': False,
'insert': {
'security_groups': fivetranInserts
}
}
return response