diff --git a/api/pacman-api-admin/pom.xml b/api/pacman-api-admin/pom.xml index 249650cfa..47a062940 100644 --- a/api/pacman-api-admin/pom.xml +++ b/api/pacman-api-admin/pom.xml @@ -64,16 +64,7 @@ 2.7.0 - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix - - - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix-dashboard - - + org.springframework.boot spring-boot-starter-data-rest diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/AdminApplication.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/AdminApplication.java index fae05457a..863484158 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/AdminApplication.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/AdminApplication.java @@ -28,8 +28,6 @@ * AdminApplication Main Class */ @SpringBootApplication -/*@EnableHystrix -@EnableHystrixDashboard*/ @EnableFeignClients @EnableConfigurationProperties @Configuration diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/AssetGroupController.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/AssetGroupController.java index 08a678eff..de92b600b 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/AssetGroupController.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/AssetGroupController.java @@ -24,15 +24,14 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.admin.domain.CreateUpdateAssetGroupDetails; import com.tmobile.pacman.api.admin.domain.DeleteAssetGroupRequest; import com.tmobile.pacman.api.admin.domain.Response; @@ -65,7 +64,7 @@ public class AssetGroupController { * @return The asset group names */ @ApiOperation(httpMethod = "GET", value = "API to get all asset group names", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand + @RequestMapping(path = "/list-names", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAllAssetGroupNames() { try { diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/DatasourceController.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/DatasourceController.java index 2fa6110f2..ef65496ff 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/DatasourceController.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/DatasourceController.java @@ -26,7 +26,6 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.admin.domain.Response; import com.tmobile.pacman.api.admin.repository.service.DatasourceService; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -57,7 +56,7 @@ public class DatasourceController { */ @ApiOperation(httpMethod = "GET", value = "API to get all datasource details", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) //@PreAuthorize("@securityService.hasPermission(authentication)") - @HystrixCommand + @RequestMapping(path = "/list", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAllDatasourceDetails() { try { diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/JobExecutionManagerController.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/JobExecutionManagerController.java index 1c0a1ae15..c849445f7 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/JobExecutionManagerController.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/JobExecutionManagerController.java @@ -33,7 +33,6 @@ import org.springframework.web.bind.annotation.RestController; import org.springframework.web.multipart.MultipartFile; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.admin.domain.JobDetails; import com.tmobile.pacman.api.admin.domain.Response; import com.tmobile.pacman.api.admin.repository.service.JobExecutionManagerService; @@ -68,7 +67,6 @@ public class JobExecutionManagerController { * @return All JobExecutionManagers details */ @ApiOperation(httpMethod = "GET", value = "API to get all Job Execution Managers", response = Page.class, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand @RequestMapping(path = "/list", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAllJobExecutionManagers( @ApiParam(value = "provide valid page number", required = true) @RequestParam("page") Integer page, @@ -92,7 +90,6 @@ public ResponseEntity getAllJobExecutionManagers( */ @ApiOperation(httpMethod = "POST", value = "API to create new job", response = Response.class, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) @RequestMapping(path = "/create", method = RequestMethod.POST, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) - @HystrixCommand public ResponseEntity createJob(@AuthenticationPrincipal Principal user, @ApiParam(value = "provide valid job details", required = false) @RequestParam(defaultValue = StringUtils.EMPTY, value = "file", required = false) MultipartFile fileToUpload, JobDetails createJobDetails) { try { @@ -113,7 +110,6 @@ public ResponseEntity createJob(@AuthenticationPrincipal Principal user, */ @ApiOperation(httpMethod = "POST", value = "API to update existing job", response = Response.class, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) @RequestMapping(path = "/update", method = RequestMethod.POST, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) - @HystrixCommand public ResponseEntity updateJob(@AuthenticationPrincipal Principal user, @ApiParam(value = "provide valid job details", required = false) @RequestParam(value = "file", required = false) MultipartFile fileToUpload, JobDetails updateJobDetails) { try { @@ -131,7 +127,6 @@ public ResponseEntity updateJob(@AuthenticationPrincipal Principal user, * @return All Job Id list */ @ApiOperation(httpMethod = "GET", value = "API to get all Job Id's", response = Page.class, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand @RequestMapping(path = "/job-ids", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAllJobIds() { try { @@ -150,7 +145,6 @@ public ResponseEntity getAllJobIds() { * @return Job details */ @ApiOperation(httpMethod = "GET", value = "API to get job by id", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand @RequestMapping(path = "/details-by-id", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getRulesById( @ApiParam(value = "provide valid job id", required = true) @RequestParam(defaultValue = StringUtils.EMPTY, name = "jobId", required = true) String jobId) { diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PluginController.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PluginController.java index 7010db330..0ad56ec15 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PluginController.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PluginController.java @@ -15,23 +15,22 @@ ******************************************************************************/ package com.tmobile.pacman.api.admin.controller; -import io.swagger.annotations.Api; - import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.RequestBody; import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.admin.domain.PluginDetails; import com.tmobile.pacman.api.admin.repository.service.PluginService; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; +import io.swagger.annotations.Api; + @Api(value = "/plugin", consumes = "application/json", produces = "application/json") @RestController @PreAuthorize("@securityService.hasPermission(authentication, 'ROLE_ADMIN')") @@ -39,7 +38,6 @@ public class PluginController { PluginService pluginService; - @HystrixCommand @RequestMapping(path = "/v1/plugins", method = RequestMethod.GET) @ResponseBody public ResponseEntity getplugins( @RequestParam(name = "pluginId", required = false) String pluginId){ diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PolicyController.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PolicyController.java index 542a5d85e..b2b306b75 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PolicyController.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/PolicyController.java @@ -22,14 +22,13 @@ import org.springframework.data.domain.Page; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.RequestBody; import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.admin.domain.CreatePolicyDetails; import com.tmobile.pacman.api.admin.domain.Response; import com.tmobile.pacman.api.admin.domain.UpdatePolicyDetails; @@ -67,7 +66,6 @@ public class PolicyController { @ApiOperation(httpMethod = "GET", value = "API to get all policies", response = Page.class, produces = MediaType.APPLICATION_JSON_VALUE) //@PreAuthorize("@securityService.hasPermission(authentication)") @RequestMapping(path = "/list", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand public ResponseEntity getPolicies( @ApiParam(value = "provide valid page number", required = true) @RequestParam("page") Integer page, @ApiParam(value = "provide valid page size", required = true) @RequestParam("size") Integer size, @@ -109,7 +107,6 @@ public ResponseEntity getRulesById( @ApiOperation(httpMethod = "GET", value = "API to get all policy ids", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) //@PreAuthorize("@securityService.hasPermission(authentication)") @RequestMapping(path = "/list-ids", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand public ResponseEntity getAllPolicyIds() { try { return ResponseUtils.buildSucessResponse(policyService.getAllPolicyIds()); @@ -129,7 +126,6 @@ public ResponseEntity getAllPolicyIds() { @ApiOperation(httpMethod = "POST", value = "API to update existing policy", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) //@PreAuthorize("@securityService.hasPermission(authentication)") @RequestMapping(path = "/update", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand public ResponseEntity updatePolicies( @ApiParam(value = "provide valid policy details", required = true) @RequestBody(required = true) UpdatePolicyDetails policyDetails) { try { @@ -150,7 +146,6 @@ public ResponseEntity updatePolicies( @ApiOperation(httpMethod = "POST", value = "API to create new policy", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) //@PreAuthorize("@securityService.hasPermission(authentication)") @RequestMapping(path = "/create", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand public ResponseEntity createPolicies( @ApiParam(value = "provide valid policy details", required = true) @RequestBody(required = true) CreatePolicyDetails policyDetails) { try { diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/RuleController.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/RuleController.java index aaaebb55d..9dea3085f 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/RuleController.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/RuleController.java @@ -27,16 +27,15 @@ import org.springframework.data.domain.Page; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.multipart.MultipartFile; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.admin.domain.CreateUpdateRuleDetails; import com.tmobile.pacman.api.admin.domain.Response; import com.tmobile.pacman.api.admin.repository.service.RuleService; @@ -70,7 +69,6 @@ public class RuleController { * @param searchTerm - searchTerm to be searched. * @return All Rules details */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "API to get all rules", response = Page.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/list", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getRules( @@ -110,7 +108,6 @@ public ResponseEntity getRulesById( * @author Nidhish * @return All AlexaKeywords */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "API to get alexa keywords", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/alexa-keywords", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAllAlexaKeywords() { @@ -128,7 +125,6 @@ public ResponseEntity getAllAlexaKeywords() { * @author Nidhish * @return All Rule Id's */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "API to get all Rule Id's", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/rule-ids", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAllRuleIds() { @@ -148,7 +144,6 @@ public ResponseEntity getAllRuleIds() { * @param createRuleDetails - details for creating new rule * @return Success or Failure response */ - @HystrixCommand @ApiOperation(httpMethod = "POST", value = "API to create new rule", response = Response.class, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) @RequestMapping(path = "/create", method = RequestMethod.POST, consumes = MediaType.MULTIPART_FORM_DATA_VALUE) public ResponseEntity createRule(@AuthenticationPrincipal Principal user, @@ -229,7 +224,6 @@ public ResponseEntity enableDisableRule(@AuthenticationPrincipal Princip * * @return the all rule category */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "API to get all Rule Category's", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/categories", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAllRuleCategory() { diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/TargetTypesController.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/TargetTypesController.java index e08167e45..38decf93f 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/TargetTypesController.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/controller/TargetTypesController.java @@ -33,7 +33,6 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.admin.domain.AttributeValuesRequest; import com.tmobile.pacman.api.admin.domain.CreateUpdateTargetTypeDetailsRequest; import com.tmobile.pacman.api.admin.domain.Response; @@ -111,7 +110,6 @@ public ResponseEntity getAllTargetTypesCategories() { * @param assetGroupName - valid assetGroup name * @return TargetTypes details */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "API to get all target types by asset group name", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/list-by-asset-group-name", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getTargetTypesByAssetGroupName( @@ -131,7 +129,6 @@ public ResponseEntity getTargetTypesByAssetGroupName( * @param targetTypeName - valid targetType name * @return TargetTypes details */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "API to get target types details by name", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/list-by-target-type-name", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getTargetTypesByName( @@ -206,7 +203,6 @@ public ResponseEntity getAllTargetTypes( * @param dataSourceName - valid dataSourceName * @return TargetTypes names */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "API to get all target type names by datasource name", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/list-names-by-datasource", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getTargetTypesNamesByDataSourceName( @@ -226,7 +222,6 @@ public ResponseEntity getTargetTypesNamesByDataSourceName( * @param targetTypes - list of target type details * @return TargetType Attributes */ - @HystrixCommand @ApiOperation(httpMethod = "POST", value = "API to get all target type attributes", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/list-target-type-attributes", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getTargetTypeAttributes( @@ -246,7 +241,6 @@ public ResponseEntity getTargetTypeAttributes( * @param attributeValuesRequest - valid attribute value request details * @return TargetType Attribute Values */ - @HystrixCommand @ApiOperation(httpMethod = "POST", value = "API to get attribute values", response = Response.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(path = "/list-target-type-attributes-values", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) public ResponseEntity getAttributeValues( diff --git a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/repository/service/RuleServiceImpl.java b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/repository/service/RuleServiceImpl.java index 32ba418de..03baa8c5d 100644 --- a/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/repository/service/RuleServiceImpl.java +++ b/api/pacman-api-admin/src/main/java/com/tmobile/pacman/api/admin/repository/service/RuleServiceImpl.java @@ -1,550 +1,550 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.pacman.api.admin.repository.service; - -import static com.tmobile.pacman.api.admin.common.AdminConstants.CLOUDWATCH_RULE_DELETION_FAILURE; -import static com.tmobile.pacman.api.admin.common.AdminConstants.UNEXPECTED_ERROR_OCCURRED; -import static com.tmobile.pacman.api.admin.common.AdminConstants.DELETE_RULE_TARGET_FAILED; - -import java.nio.ByteBuffer; -import java.util.Collection; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.UUID; - -import org.apache.commons.lang.StringUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.data.domain.Page; -import org.springframework.data.domain.PageRequest; -import org.springframework.stereotype.Service; -import org.springframework.web.multipart.MultipartFile; - -import com.amazonaws.services.cloudwatchevents.model.DeleteRuleRequest; -import com.amazonaws.services.cloudwatchevents.model.DeleteRuleResult; -import com.amazonaws.services.cloudwatchevents.model.PutRuleRequest; -import com.amazonaws.services.cloudwatchevents.model.PutRuleResult; -import com.amazonaws.services.cloudwatchevents.model.PutTargetsRequest; -import com.amazonaws.services.cloudwatchevents.model.PutTargetsResult; -import com.amazonaws.services.cloudwatchevents.model.RemoveTargetsRequest; -import com.amazonaws.services.cloudwatchevents.model.RemoveTargetsResult; -import com.amazonaws.services.cloudwatchevents.model.RuleState; -import com.amazonaws.services.cloudwatchevents.model.Target; -import com.amazonaws.services.lambda.AWSLambda; -import com.amazonaws.services.lambda.model.AddPermissionRequest; -import com.amazonaws.services.lambda.model.GetPolicyRequest; -import com.amazonaws.services.lambda.model.InvokeRequest; -import com.amazonaws.services.lambda.model.InvokeResult; -import com.amazonaws.services.lambda.model.ResourceNotFoundException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.common.collect.Lists; -import com.google.common.collect.Maps; -import com.tmobile.pacman.api.admin.common.AdminConstants; -import com.tmobile.pacman.api.admin.config.PacmanConfiguration; -import com.tmobile.pacman.api.admin.domain.CreateUpdateRuleDetails; -import com.tmobile.pacman.api.admin.domain.RuleProjection; -import com.tmobile.pacman.api.admin.exceptions.PacManException; -import com.tmobile.pacman.api.admin.repository.RuleCategoryRepository; -import com.tmobile.pacman.api.admin.repository.RuleRepository; -import com.tmobile.pacman.api.admin.repository.model.Rule; -import com.tmobile.pacman.api.admin.repository.model.RuleCategory; -import com.tmobile.pacman.api.admin.service.AmazonClientBuilderService; -import com.tmobile.pacman.api.admin.service.AwsS3BucketService; -import com.tmobile.pacman.api.admin.util.AdminUtils; - -/** - * Rule Service Implementations - */ -@Service -public class RuleServiceImpl implements RuleService { - - private static final Logger log = LoggerFactory.getLogger(RuleServiceImpl.class); - - @Autowired - private PacmanConfiguration config; - - @Autowired - private AmazonClientBuilderService amazonClient; - - @Autowired - private AwsS3BucketService awsS3BucketService; - - @Autowired - private RuleRepository ruleRepository; - - @Autowired - private ObjectMapper mapper; - - @Autowired - private RuleCategoryRepository ruleCategoryRepository; - - @Override - public List getAllRulesByTargetType(String targetType) { - return ruleRepository.findByTargetTypeIgnoreCase(targetType); - } - - @Override - public List getAllRulesByTargetTypeName(String targetType) { - return ruleRepository.findByTargetType(targetType); - } - - @Override - public List getAllRulesByTargetTypeAndNotInRuleIdList(final String targetType, final List ruleIdList) { - return ruleRepository.findByTargetTypeAndRuleIdNotIn(targetType, ruleIdList); - } - - @Override - public List getAllRulesByTargetTypeAndRuleIdList(final String targetType, final List ruleIdList) { - return ruleRepository.findByTargetTypeAndRuleIdIn(targetType, ruleIdList); - } - - @Override - public Rule getByRuleId(String ruleId) { - return ruleRepository.findByRuleId(ruleId); - } - - @Override - public Page getRules(final String searchTerm, final int page, final int size) { - return ruleRepository.findAll(searchTerm.toLowerCase(), PageRequest.of(page, size)); - } - - @Override - public Collection getAllAlexaKeywords() { - return ruleRepository.getAllAlexaKeywords(); - } - - @Override - public Collection getAllRuleIds() { - return ruleRepository.getAllRuleIds(); - } - - @Override - public String createRule(final MultipartFile fileToUpload, final CreateUpdateRuleDetails ruleDetails, final String userId) throws PacManException { - checkRuleTypeNotServerlessOrManaged(ruleDetails, fileToUpload); - return addRuleInstance(fileToUpload, ruleDetails, userId); - } - - @Override - public String updateRule(MultipartFile fileToUpload, CreateUpdateRuleDetails updateRuleDetails, String userId) throws PacManException { - checkRuleTypeNotServerlessOrManaged(updateRuleDetails, fileToUpload); - return updateRuleInstance(fileToUpload, updateRuleDetails, userId); - } - - @Override - public String invokeRule(String ruleId, List> ruleOptionalParams) { - Rule ruleDetails = ruleRepository.findById(ruleId).get(); - AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); - String invocationId = AdminUtils.getReferenceId(); - boolean invokeStatus = invokeRule(awsLambdaClient, ruleDetails, invocationId, ruleOptionalParams); - if(invokeStatus) { - return invocationId; - } else { - return null; - } - } - - @Override - public String enableDisableRule(final String ruleId, final String action, final String userId) throws PacManException { - if(ruleRepository.existsById(ruleId)) { - Rule existingRule = ruleRepository.findById(ruleId).get(); - if(action.equalsIgnoreCase("enable")) { - return enableAndCreateCloudWatchRule(existingRule, userId, RuleState.ENABLED); - } else { - return disableAndDeleteCloudWatchRule(existingRule, userId, RuleState.DISABLED); - } - } else { - throw new PacManException(String.format(AdminConstants.RULE_ID_NOT_EXITS, ruleId)); - } - } - - private String disableAndDeleteCloudWatchRule(Rule existingRule, String userId, RuleState ruleState) throws PacManException { - boolean isRemoveTargetSuccess = removeTargetWithRule(existingRule); - if(isRemoveTargetSuccess) { - DeleteRuleRequest deleteRuleRequest = new DeleteRuleRequest() - .withName(existingRule.getRuleUUID()); - DeleteRuleResult deleteRuleResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).deleteRule(deleteRuleRequest); - if (deleteRuleResult.getSdkHttpMetadata() != null) { - if(deleteRuleResult.getSdkHttpMetadata().getHttpStatusCode() == 200) { - existingRule.setUserId(userId); - existingRule.setModifiedDate(new Date()); - existingRule.setStatus(ruleState.name()); - ruleRepository.save(existingRule); - return String.format(AdminConstants.RULE_DISABLE_ENABLE_SUCCESS, ruleState.name().toLowerCase()); - } else { - linkTargetWithRule(existingRule); - throw new PacManException(DELETE_RULE_TARGET_FAILED); - } - } else { - throw new PacManException(CLOUDWATCH_RULE_DELETION_FAILURE); - } - } else { - linkTargetWithRule(existingRule); - throw new PacManException(DELETE_RULE_TARGET_FAILED); - } - } - - private String enableAndCreateCloudWatchRule(Rule existingRule, String userId, RuleState ruleState) throws PacManException { - AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); - if (!checkIfPolicyAvailableForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient)) { - createPolicyForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient); - } - - PutRuleRequest ruleRequest = new PutRuleRequest() - .withName(existingRule.getRuleUUID()) - .withDescription(existingRule.getRuleId()) - .withState(ruleState); - ruleRequest.setState(ruleState); - ruleRequest.setScheduleExpression("cron(".concat(existingRule.getRuleFrequency()).concat(")")); - PutRuleResult ruleResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).putRule(ruleRequest); - - existingRule.setUserId(userId); - existingRule.setModifiedDate(new Date()); - existingRule.setStatus(ruleState.name()); - - - if (ruleResult.getRuleArn() != null) { - existingRule.setRuleArn(ruleResult.getRuleArn()); - boolean isLambdaFunctionLinked = linkTargetWithRule(existingRule); - if(!isLambdaFunctionLinked) { - throw new PacManException(String.format(AdminConstants.LAMBDA_LINKING_EXCEPTION, existingRule.getRuleId())); - } else { - ruleRepository.save(existingRule); - invokeRule(awsLambdaClient, existingRule, null, null); - } - } else { - throw new PacManException(String.format(AdminConstants.UNEXPECTED_ERROR_OCCURRED, existingRule.getRuleId())); - } - return String.format(AdminConstants.RULE_DISABLE_ENABLE_SUCCESS, ruleState.name().toLowerCase()); - } - - private void checkRuleTypeNotServerlessOrManaged(CreateUpdateRuleDetails ruleDetails, MultipartFile fileToUpload) throws PacManException { - if (isRuleTypeNotServerlessOrManaged(ruleDetails.getRuleType()) && ruleDetails.getIsFileChanged()) { - if(fileToUpload.isEmpty()) { - throw new PacManException(AdminConstants.JAR_FILE_MISSING); - } - } - } - - private String updateRuleInstance(final MultipartFile fileToUpload, CreateUpdateRuleDetails ruleDetails, String userId) throws PacManException { - if(ruleDetails != null) { - if(isRuleIdExits(ruleDetails.getRuleId())) { - Date currentDate = new Date(); - Rule updateRuleDetails = ruleRepository.findById(ruleDetails.getRuleId()).get(); - ruleDetails.setTargetType(updateRuleDetails.getTargetType()); - ruleDetails.setPolicyId(updateRuleDetails.getPolicyId()); - ruleDetails.setDataSource(retrieveDataSource(updateRuleDetails)); - String ruleParams = buildAndGetRuleParams(ruleDetails, updateRuleDetails.getRuleUUID(), false); - updateRuleDetails.setRuleParams(ruleParams); - updateRuleDetails.setRuleFrequency(ruleDetails.getRuleFrequency()); - updateRuleDetails.setRuleExecutable(ruleDetails.getRuleExecutable()); - updateRuleDetails.setUserId(userId); - updateRuleDetails.setDisplayName(ruleDetails.getDisplayName()); - updateRuleDetails.setAssetGroup(ruleDetails.getAssetGroup()); - updateRuleDetails.setAlexaKeyword(ruleDetails.getAlexaKeyword()); - updateRuleDetails.setModifiedDate(currentDate); - updateRuleDetails.setRuleType(ruleDetails.getRuleType()); - updateRuleDetails.setRuleRestUrl(ruleDetails.getRuleRestUrl()); - updateRuleDetails.setSeverity(ruleDetails.getSeverity()); - updateRuleDetails.setCategory(ruleDetails.getCategory()); - createUpdateCloudWatchEventRule(updateRuleDetails); - if (ruleDetails.getIsFileChanged() && ruleDetails.getRuleType().equalsIgnoreCase("Classic")) { - createUpdateRuleJartoS3Bucket(fileToUpload, updateRuleDetails.getRuleUUID()); - } - } else { - throw new PacManException(String.format(AdminConstants.RULE_ID_NOT_EXITS, (ruleDetails.getRuleId() == null ? "given" : ruleDetails.getRuleId()))); - } - } else { - throw new PacManException("Invalid Rule Instance, please provide valid details."); - } - return AdminConstants.RULE_CREATION_SUCCESS; - } - - private String retrieveDataSource(final Rule updateRuleDetails) { - Map ruleParams; - try { - ruleParams = mapper.readValue(updateRuleDetails.getRuleParams(), new TypeReference>(){}); - return String.valueOf(ruleParams.get("pac_ds")); - } catch (Exception exception) { - log.error(UNEXPECTED_ERROR_OCCURRED, exception); - return StringUtils.EMPTY; - } - } - - private String addRuleInstance(final MultipartFile fileToUpload, CreateUpdateRuleDetails ruleDetails, String userId) throws PacManException { - if(ruleDetails != null) { - Date currentDate = new Date(); - if(!isRuleIdExits(ruleDetails.getRuleId())) { - Rule newRuleDetails = new Rule(); - String ruleUUID = UUID.randomUUID().toString(); - newRuleDetails.setRuleId(ruleDetails.getRuleId()); - newRuleDetails.setPolicyId(ruleDetails.getPolicyId()); - newRuleDetails.setRuleName(ruleDetails.getRuleName()); - newRuleDetails.setTargetType(ruleDetails.getTargetType()); - String ruleParams = buildAndGetRuleParams(ruleDetails, ruleUUID, true); - newRuleDetails.setRuleParams(ruleParams); - newRuleDetails.setRuleFrequency(ruleDetails.getRuleFrequency()); - newRuleDetails.setRuleExecutable(ruleDetails.getRuleExecutable()); - newRuleDetails.setDisplayName(ruleDetails.getDisplayName()); - newRuleDetails.setUserId(userId); - newRuleDetails.setStatus(RuleState.ENABLED.name().toUpperCase()); - newRuleDetails.setAssetGroup(ruleDetails.getAssetGroup()); - newRuleDetails.setAlexaKeyword(ruleDetails.getAlexaKeyword()); - newRuleDetails.setCreatedDate(currentDate); - newRuleDetails.setModifiedDate(currentDate); - newRuleDetails.setRuleUUID(ruleUUID); - newRuleDetails.setRuleType(ruleDetails.getRuleType()); - newRuleDetails.setRuleRestUrl(ruleDetails.getRuleRestUrl()); - newRuleDetails.setSeverity(ruleDetails.getSeverity()); - newRuleDetails.setCategory(ruleDetails.getCategory()); - createUpdateCloudWatchEventRule(newRuleDetails); - if (ruleDetails.getIsFileChanged() && ruleDetails.getRuleType().equalsIgnoreCase("Classic")) { - createUpdateRuleJartoS3Bucket(fileToUpload, ruleUUID); - } - } else { - throw new PacManException(String.format(AdminConstants.RULE_ID_EXITS, (ruleDetails.getRuleId() == null ? "given" : ruleDetails.getRuleId()))); - } - } else { - throw new PacManException("Invalid Rule Instance, please provide valid details."); - } - return AdminConstants.RULE_CREATION_SUCCESS; - } - - private void createUpdateCloudWatchEventRule(final Rule ruleDetails) { - try { - PutRuleRequest ruleRequest = new PutRuleRequest() - .withName(ruleDetails.getRuleUUID()) - .withDescription(ruleDetails.getRuleId()); - ruleRequest.withScheduleExpression("cron(".concat(ruleDetails.getRuleFrequency()).concat(")")); - - AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); - - if (!checkIfPolicyAvailableForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient)) { - createPolicyForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient); - } - - if (ruleDetails.getStatus().equalsIgnoreCase(RuleState.ENABLED.name())) { - ruleRequest.setState(RuleState.ENABLED); - } else { - ruleRequest.setState(RuleState.DISABLED); - } - - PutRuleResult ruleResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).putRule(ruleRequest); - if (ruleResult.getRuleArn() != null) { - ruleDetails.setRuleArn(ruleResult.getRuleArn()); - boolean isLambdaFunctionLinked = linkTargetWithRule(ruleDetails); - if(!isLambdaFunctionLinked) { - //message.put(RuleConst.SUCCESS.getName(), false); - //message.put(RuleConst.MESSAGE.getName(), "Unexpected Error Occured!"); - } else { - ruleRepository.save(ruleDetails); - invokeRule(awsLambdaClient, ruleDetails, null, null); - } - } else { - //message.put(RuleConst.SUCCESS.getName(), false); - //message.put(RuleConst.MESSAGE.getName(), "Unexpected Error Occured!"); - } - } catch(Exception exception) { - log.error(UNEXPECTED_ERROR_OCCURRED, exception); - } - } - - @Override - public Map invokeAllRules(List ruleIds) { - AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); - Map responseLists = Maps.newHashMap(); - List successList = Lists.newArrayList(); - List failedList = Lists.newArrayList(); - for(String ruleId: ruleIds) { - Rule ruleInstance = ruleRepository.findById(ruleId).get(); - boolean isInvoked = invokeRule(awsLambdaClient, ruleInstance, null, Lists.newArrayList()); - if(isInvoked) { - successList.add(ruleId); - } else { - failedList.add(ruleId); - } - } - responseLists.put("successList", successList); - responseLists.put("failedList", failedList); - return responseLists; - } - - private boolean invokeRule(AWSLambda awsLambdaClient, Rule ruleDetails, String invocationId, List> additionalRuleParams) { - String ruleParams = ruleDetails.getRuleParams(); - if(invocationId != null) { - Map ruleParamDetails; - try { - ruleParamDetails = mapper.readValue(ruleDetails.getRuleParams(), new TypeReference>(){}); - ruleParamDetails.put("invocationId", invocationId); - ruleParamDetails.put("additionalParams", mapper.writeValueAsString(additionalRuleParams)); - ruleParams = mapper.writeValueAsString(ruleParamDetails); - } catch (Exception exception) { - log.error(UNEXPECTED_ERROR_OCCURRED, exception); - } - } - String functionName = config.getRule().getLambda().getFunctionName(); - ByteBuffer payload = ByteBuffer.wrap(ruleParams.getBytes()); - InvokeRequest invokeRequest = new InvokeRequest().withFunctionName(functionName).withPayload(payload); - InvokeResult invokeResult = awsLambdaClient.invoke(invokeRequest); - if (invokeResult.getStatusCode() == 200) { - return true; - } else { - return false; - } - } - - private boolean linkTargetWithRule(final Rule rule) { - Target target = new Target() - .withId(config.getRule().getLambda().getTargetId()) - .withArn(config.getRule().getLambda().getFunctionArn()) - .withInput(rule.getRuleParams()); - - PutTargetsRequest targetsRequest = new PutTargetsRequest() - .withTargets(target) - .withRule(rule.getRuleUUID()); - - try { - PutTargetsResult targetsResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).putTargets(targetsRequest); - return (targetsResult.getFailedEntryCount()==0); - } catch(Exception exception) { - return false; - } - } - - private boolean removeTargetWithRule(final Rule rule) { - RemoveTargetsRequest removeTargetsRequest = new RemoveTargetsRequest() - .withIds(config.getRule().getLambda().getTargetId()) - .withRule(rule.getRuleUUID()); - try { - RemoveTargetsResult targetsResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).removeTargets(removeTargetsRequest); - return (targetsResult.getFailedEntryCount()==0); - } catch(Exception exception) { - exception.printStackTrace(); - return false; - } - } - - private void createPolicyForLambda(final String lambdaFunctionName, final AWSLambda lambdaClient) { - AddPermissionRequest addPermissionRequest = new AddPermissionRequest() - .withFunctionName(lambdaFunctionName) - .withPrincipal(config.getRule().getLambda().getPrincipal()) - .withStatementId("sid-".concat(config.getRule().getLambda().getTargetId())) - .withAction(config.getRule().getLambda().getActionEnabled()); - lambdaClient.addPermission(addPermissionRequest); - } - - private static boolean checkIfPolicyAvailableForLambda(final String lambdaFunctionName, final AWSLambda lambdaClient) { - try { - GetPolicyRequest getPolicyRequest = new GetPolicyRequest(); - getPolicyRequest.setFunctionName(lambdaFunctionName); - lambdaClient.getPolicy(getPolicyRequest); - return true; - } catch (ResourceNotFoundException resourceNotFoundException) { - if (resourceNotFoundException.getStatusCode() == 404) { - return false; - } - } - return false; - } - - private boolean isRuleTypeNotServerlessOrManaged(final String ruleType) { - String ruleTypeToCheck = ruleType.replace(" ", StringUtils.EMPTY); - return (!ruleTypeToCheck.equalsIgnoreCase(AdminConstants.SERVERLESS_RULE_TYPE) && !ruleTypeToCheck.equalsIgnoreCase(AdminConstants.MANAGED_RULE_TYPE)); - } - - private boolean createUpdateRuleJartoS3Bucket(MultipartFile fileToUpload, String ruleUUID) { - return awsS3BucketService.uploadFile(amazonClient.getAmazonS3(config.getRule().getS3().getBucketRegion()), fileToUpload, config.getJob().getS3().getBucketName(), ruleUUID.concat(".jar")); - } - - public boolean isRuleIdExits(String ruleId) { - return ruleRepository.findByRuleId(ruleId) != null; - } - - @SuppressWarnings("unchecked") - private String buildAndGetRuleParams(final CreateUpdateRuleDetails ruleDetails, final String ruleUUID, final boolean isCreatedNew) { - Map newJobParams; - try { - newJobParams = mapper.readValue(ruleDetails.getRuleParams(), new TypeReference>(){}); - newJobParams.put("ruleId", ruleDetails.getRuleId()); - newJobParams.put("autofix", ruleDetails.isAutofixEnabled()); - newJobParams.put("alexaKeyword", ruleDetails.getAlexaKeyword()); - newJobParams.put("ruleRestUrl", ruleDetails.getRuleRestUrl()); - newJobParams.put("targetType", ruleDetails.getTargetType()); - newJobParams.put("pac_ds", ruleDetails.getDataSource()); - newJobParams.put("policyId", ruleDetails.getPolicyId()); - newJobParams.put("assetGroup", ruleDetails.getAssetGroup()); - newJobParams.put("ruleUUID", ruleUUID); - newJobParams.put("ruleType", ruleDetails.getRuleType()); - Map severity = new HashMap<>(); - severity.put("key", "severity"); - severity.put("value", ruleDetails.getSeverity()); - severity.put("encrypt", false); - Map category = new HashMap<>(); - category.put("key", "ruleCategory"); - category.put("value", ruleDetails.getCategory()); - category.put("encrypt", false); - List> environmentVariables = (List>) newJobParams.get("environmentVariables"); - List> params = (List>) newJobParams.get("params"); - params.add(severity); - params.add(category); - newJobParams.put("environmentVariables", encryptDecryptValues(environmentVariables, ruleUUID, isCreatedNew)); - newJobParams.put("params", encryptDecryptValues(params, ruleUUID, isCreatedNew)); - return mapper.writeValueAsString(newJobParams); - } catch (Exception exception) { - log.error(UNEXPECTED_ERROR_OCCURRED, exception); - } - return ruleDetails.getRuleParams(); - } - - private List> encryptDecryptValues(List> ruleParams, String ruleUUID, boolean isCreatedNew) { - for (int index = 0; index < ruleParams.size(); index++) { - Map keyValue = ruleParams.get(index); - if (isCreatedNew) { - String isToBeEncrypted = keyValue.get("encrypt").toString(); - if (StringUtils.isNotBlank(isToBeEncrypted) && Boolean.parseBoolean(isToBeEncrypted)) { - try { - keyValue.put("value", AdminUtils.encrypt(keyValue.get("value").toString(), ruleUUID)); - } catch (Exception exception) { - keyValue.put("value", keyValue.get("value").toString()); - } - } - } else { - if (keyValue.get("isValueNew") != null) { - String isValueNew = keyValue.get("isValueNew").toString(); - String isToBeEncrypted = keyValue.get("encrypt").toString(); - if (StringUtils.isNotBlank(isValueNew) && Boolean.parseBoolean(isValueNew)) { - if (StringUtils.isNotBlank(isToBeEncrypted) && Boolean.parseBoolean(isToBeEncrypted)) { - try { - keyValue.put("value", AdminUtils.encrypt(keyValue.get("value").toString(), ruleUUID)); - } catch (Exception exception) { - keyValue.put("value", keyValue.get("value").toString()); - } - } - } - } - } - } - return ruleParams; - } - - @Override - public List getAllRuleCategories() throws PacManException{ - return ruleCategoryRepository.findAll(); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.pacman.api.admin.repository.service; + +import static com.tmobile.pacman.api.admin.common.AdminConstants.CLOUDWATCH_RULE_DELETION_FAILURE; +import static com.tmobile.pacman.api.admin.common.AdminConstants.UNEXPECTED_ERROR_OCCURRED; +import static com.tmobile.pacman.api.admin.common.AdminConstants.DELETE_RULE_TARGET_FAILED; + +import java.nio.ByteBuffer; +import java.util.Collection; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.UUID; + +import org.apache.commons.lang.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.domain.Page; +import org.springframework.data.domain.PageRequest; +import org.springframework.stereotype.Service; +import org.springframework.web.multipart.MultipartFile; + +import com.amazonaws.services.cloudwatchevents.model.DeleteRuleRequest; +import com.amazonaws.services.cloudwatchevents.model.DeleteRuleResult; +import com.amazonaws.services.cloudwatchevents.model.PutRuleRequest; +import com.amazonaws.services.cloudwatchevents.model.PutRuleResult; +import com.amazonaws.services.cloudwatchevents.model.PutTargetsRequest; +import com.amazonaws.services.cloudwatchevents.model.PutTargetsResult; +import com.amazonaws.services.cloudwatchevents.model.RemoveTargetsRequest; +import com.amazonaws.services.cloudwatchevents.model.RemoveTargetsResult; +import com.amazonaws.services.cloudwatchevents.model.RuleState; +import com.amazonaws.services.cloudwatchevents.model.Target; +import com.amazonaws.services.lambda.AWSLambda; +import com.amazonaws.services.lambda.model.AddPermissionRequest; +import com.amazonaws.services.lambda.model.GetPolicyRequest; +import com.amazonaws.services.lambda.model.InvokeRequest; +import com.amazonaws.services.lambda.model.InvokeResult; +import com.amazonaws.services.lambda.model.ResourceNotFoundException; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.common.collect.Lists; +import com.google.common.collect.Maps; +import com.tmobile.pacman.api.admin.common.AdminConstants; +import com.tmobile.pacman.api.admin.config.PacmanConfiguration; +import com.tmobile.pacman.api.admin.domain.CreateUpdateRuleDetails; +import com.tmobile.pacman.api.admin.domain.RuleProjection; +import com.tmobile.pacman.api.admin.exceptions.PacManException; +import com.tmobile.pacman.api.admin.repository.RuleCategoryRepository; +import com.tmobile.pacman.api.admin.repository.RuleRepository; +import com.tmobile.pacman.api.admin.repository.model.Rule; +import com.tmobile.pacman.api.admin.repository.model.RuleCategory; +import com.tmobile.pacman.api.admin.service.AmazonClientBuilderService; +import com.tmobile.pacman.api.admin.service.AwsS3BucketService; +import com.tmobile.pacman.api.admin.util.AdminUtils; + +/** + * Rule Service Implementations + */ +@Service +public class RuleServiceImpl implements RuleService { + + private static final Logger log = LoggerFactory.getLogger(RuleServiceImpl.class); + + @Autowired + private PacmanConfiguration config; + + @Autowired + private AmazonClientBuilderService amazonClient; + + @Autowired + private AwsS3BucketService awsS3BucketService; + + @Autowired + private RuleRepository ruleRepository; + + @Autowired + private ObjectMapper mapper; + + @Autowired + private RuleCategoryRepository ruleCategoryRepository; + + @Override + public List getAllRulesByTargetType(String targetType) { + return ruleRepository.findByTargetTypeIgnoreCase(targetType); + } + + @Override + public List getAllRulesByTargetTypeName(String targetType) { + return ruleRepository.findByTargetType(targetType); + } + + @Override + public List getAllRulesByTargetTypeAndNotInRuleIdList(final String targetType, final List ruleIdList) { + return ruleRepository.findByTargetTypeAndRuleIdNotIn(targetType, ruleIdList); + } + + @Override + public List getAllRulesByTargetTypeAndRuleIdList(final String targetType, final List ruleIdList) { + return ruleRepository.findByTargetTypeAndRuleIdIn(targetType, ruleIdList); + } + + @Override + public Rule getByRuleId(String ruleId) { + return ruleRepository.findByRuleId(ruleId); + } + + @Override + public Page getRules(final String searchTerm, final int page, final int size) { + return ruleRepository.findAll(searchTerm.toLowerCase(), PageRequest.of(page, size)); + } + + @Override + public Collection getAllAlexaKeywords() { + return ruleRepository.getAllAlexaKeywords(); + } + + @Override + public Collection getAllRuleIds() { + return ruleRepository.getAllRuleIds(); + } + + @Override + public String createRule(final MultipartFile fileToUpload, final CreateUpdateRuleDetails ruleDetails, final String userId) throws PacManException { + checkRuleTypeNotServerlessOrManaged(ruleDetails, fileToUpload); + return addRuleInstance(fileToUpload, ruleDetails, userId); + } + + @Override + public String updateRule(MultipartFile fileToUpload, CreateUpdateRuleDetails updateRuleDetails, String userId) throws PacManException { + checkRuleTypeNotServerlessOrManaged(updateRuleDetails, fileToUpload); + return updateRuleInstance(fileToUpload, updateRuleDetails, userId); + } + + @Override + public String invokeRule(String ruleId, List> ruleOptionalParams) { + Rule ruleDetails = ruleRepository.findById(ruleId).get(); + AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); + String invocationId = AdminUtils.getReferenceId(); + boolean invokeStatus = invokeRule(awsLambdaClient, ruleDetails, invocationId, ruleOptionalParams); + if(invokeStatus) { + return invocationId; + } else { + return null; + } + } + + @Override + public String enableDisableRule(final String ruleId, final String action, final String userId) throws PacManException { + if(ruleRepository.existsById(ruleId)) { + Rule existingRule = ruleRepository.findById(ruleId).get(); + if(action.equalsIgnoreCase("enable")) { + return enableAndCreateCloudWatchRule(existingRule, userId, RuleState.ENABLED); + } else { + return disableAndDeleteCloudWatchRule(existingRule, userId, RuleState.DISABLED); + } + } else { + throw new PacManException(String.format(AdminConstants.RULE_ID_NOT_EXITS, ruleId)); + } + } + + private String disableAndDeleteCloudWatchRule(Rule existingRule, String userId, RuleState ruleState) throws PacManException { + boolean isRemoveTargetSuccess = removeTargetWithRule(existingRule); + if(isRemoveTargetSuccess) { + DeleteRuleRequest deleteRuleRequest = new DeleteRuleRequest() + .withName(existingRule.getRuleUUID()); + DeleteRuleResult deleteRuleResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).deleteRule(deleteRuleRequest); + if (deleteRuleResult.getSdkHttpMetadata() != null) { + if(deleteRuleResult.getSdkHttpMetadata().getHttpStatusCode() == 200) { + existingRule.setUserId(userId); + existingRule.setModifiedDate(new Date()); + existingRule.setStatus(ruleState.name()); + ruleRepository.save(existingRule); + return String.format(AdminConstants.RULE_DISABLE_ENABLE_SUCCESS, ruleState.name().toLowerCase()); + } else { + linkTargetWithRule(existingRule); + throw new PacManException(DELETE_RULE_TARGET_FAILED); + } + } else { + throw new PacManException(CLOUDWATCH_RULE_DELETION_FAILURE); + } + } else { + linkTargetWithRule(existingRule); + throw new PacManException(DELETE_RULE_TARGET_FAILED); + } + } + + private String enableAndCreateCloudWatchRule(Rule existingRule, String userId, RuleState ruleState) throws PacManException { + AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); + if (!checkIfPolicyAvailableForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient)) { + createPolicyForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient); + } + + PutRuleRequest ruleRequest = new PutRuleRequest() + .withName(existingRule.getRuleUUID()) + .withDescription(existingRule.getRuleId()) + .withState(ruleState); + ruleRequest.setState(ruleState); + ruleRequest.setScheduleExpression("cron(".concat(existingRule.getRuleFrequency()).concat(")")); + PutRuleResult ruleResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).putRule(ruleRequest); + + existingRule.setUserId(userId); + existingRule.setModifiedDate(new Date()); + existingRule.setStatus(ruleState.name()); + + + if (ruleResult.getRuleArn() != null) { + existingRule.setRuleArn(ruleResult.getRuleArn()); + boolean isLambdaFunctionLinked = linkTargetWithRule(existingRule); + if(!isLambdaFunctionLinked) { + throw new PacManException(String.format(AdminConstants.LAMBDA_LINKING_EXCEPTION, existingRule.getRuleId())); + } else { + ruleRepository.save(existingRule); + invokeRule(awsLambdaClient, existingRule, null, null); + } + } else { + throw new PacManException(String.format(AdminConstants.UNEXPECTED_ERROR_OCCURRED, existingRule.getRuleId())); + } + return String.format(AdminConstants.RULE_DISABLE_ENABLE_SUCCESS, ruleState.name().toLowerCase()); + } + + private void checkRuleTypeNotServerlessOrManaged(CreateUpdateRuleDetails ruleDetails, MultipartFile fileToUpload) throws PacManException { + if (isRuleTypeNotServerlessOrManaged(ruleDetails.getRuleType()) && ruleDetails.getIsFileChanged()) { + if(fileToUpload.isEmpty()) { + throw new PacManException(AdminConstants.JAR_FILE_MISSING); + } + } + } + + private String updateRuleInstance(final MultipartFile fileToUpload, CreateUpdateRuleDetails ruleDetails, String userId) throws PacManException { + if(ruleDetails != null) { + if(isRuleIdExits(ruleDetails.getRuleId())) { + Date currentDate = new Date(); + Rule updateRuleDetails = ruleRepository.findById(ruleDetails.getRuleId()).get(); + ruleDetails.setTargetType(updateRuleDetails.getTargetType()); + ruleDetails.setPolicyId(updateRuleDetails.getPolicyId()); + ruleDetails.setDataSource(retrieveDataSource(updateRuleDetails)); + String ruleParams = buildAndGetRuleParams(ruleDetails, updateRuleDetails.getRuleUUID(), false); + updateRuleDetails.setRuleParams(ruleParams); + updateRuleDetails.setRuleFrequency(ruleDetails.getRuleFrequency()); + updateRuleDetails.setRuleExecutable(ruleDetails.getRuleExecutable()); + updateRuleDetails.setUserId(userId); + updateRuleDetails.setDisplayName(ruleDetails.getDisplayName()); + updateRuleDetails.setAssetGroup(ruleDetails.getAssetGroup()); + updateRuleDetails.setAlexaKeyword(ruleDetails.getAlexaKeyword()); + updateRuleDetails.setModifiedDate(currentDate); + updateRuleDetails.setRuleType(ruleDetails.getRuleType()); + updateRuleDetails.setRuleRestUrl(ruleDetails.getRuleRestUrl()); + updateRuleDetails.setSeverity(ruleDetails.getSeverity()); + updateRuleDetails.setCategory(ruleDetails.getCategory()); + createUpdateCloudWatchEventRule(updateRuleDetails); + if (ruleDetails.getIsFileChanged() && ruleDetails.getRuleType().equalsIgnoreCase("Classic")) { + createUpdateRuleJartoS3Bucket(fileToUpload, updateRuleDetails.getRuleUUID()); + } + } else { + throw new PacManException(String.format(AdminConstants.RULE_ID_NOT_EXITS, (ruleDetails.getRuleId() == null ? "given" : ruleDetails.getRuleId()))); + } + } else { + throw new PacManException("Invalid Rule Instance, please provide valid details."); + } + return AdminConstants.RULE_CREATION_SUCCESS; + } + + private String retrieveDataSource(final Rule updateRuleDetails) { + Map ruleParams; + try { + ruleParams = mapper.readValue(updateRuleDetails.getRuleParams(), new TypeReference>(){}); + return String.valueOf(ruleParams.get("pac_ds")); + } catch (Exception exception) { + log.error(UNEXPECTED_ERROR_OCCURRED, exception); + return StringUtils.EMPTY; + } + } + + private String addRuleInstance(final MultipartFile fileToUpload, CreateUpdateRuleDetails ruleDetails, String userId) throws PacManException { + if(ruleDetails != null) { + Date currentDate = new Date(); + if(!isRuleIdExits(ruleDetails.getRuleId())) { + Rule newRuleDetails = new Rule(); + String ruleUUID = UUID.randomUUID().toString(); + newRuleDetails.setRuleId(ruleDetails.getRuleId()); + newRuleDetails.setPolicyId(ruleDetails.getPolicyId()); + newRuleDetails.setRuleName(ruleDetails.getRuleName()); + newRuleDetails.setTargetType(ruleDetails.getTargetType()); + String ruleParams = buildAndGetRuleParams(ruleDetails, ruleUUID, true); + newRuleDetails.setRuleParams(ruleParams); + newRuleDetails.setRuleFrequency(ruleDetails.getRuleFrequency()); + newRuleDetails.setRuleExecutable(ruleDetails.getRuleExecutable()); + newRuleDetails.setDisplayName(ruleDetails.getDisplayName()); + newRuleDetails.setUserId(userId); + newRuleDetails.setStatus(RuleState.ENABLED.name().toUpperCase()); + newRuleDetails.setAssetGroup(ruleDetails.getAssetGroup()); + newRuleDetails.setAlexaKeyword(ruleDetails.getAlexaKeyword()); + newRuleDetails.setCreatedDate(currentDate); + newRuleDetails.setModifiedDate(currentDate); + newRuleDetails.setRuleUUID(ruleUUID); + newRuleDetails.setRuleType(ruleDetails.getRuleType()); + newRuleDetails.setRuleRestUrl(ruleDetails.getRuleRestUrl()); + newRuleDetails.setSeverity(ruleDetails.getSeverity()); + newRuleDetails.setCategory(ruleDetails.getCategory()); + createUpdateCloudWatchEventRule(newRuleDetails); + if (ruleDetails.getIsFileChanged() && ruleDetails.getRuleType().equalsIgnoreCase("Classic")) { + createUpdateRuleJartoS3Bucket(fileToUpload, ruleUUID); + } + } else { + throw new PacManException(String.format(AdminConstants.RULE_ID_EXITS, (ruleDetails.getRuleId() == null ? "given" : ruleDetails.getRuleId()))); + } + } else { + throw new PacManException("Invalid Rule Instance, please provide valid details."); + } + return AdminConstants.RULE_CREATION_SUCCESS; + } + + private void createUpdateCloudWatchEventRule(final Rule ruleDetails) { + try { + PutRuleRequest ruleRequest = new PutRuleRequest() + .withName(ruleDetails.getRuleUUID()) + .withDescription(ruleDetails.getRuleId()); + ruleRequest.withScheduleExpression("cron(".concat(ruleDetails.getRuleFrequency()).concat(")")); + + AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); + + if (!checkIfPolicyAvailableForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient)) { + createPolicyForLambda(config.getRule().getLambda().getFunctionName(), awsLambdaClient); + } + + if (ruleDetails.getStatus().equalsIgnoreCase(RuleState.ENABLED.name())) { + ruleRequest.setState(RuleState.ENABLED); + } else { + ruleRequest.setState(RuleState.DISABLED); + } + + PutRuleResult ruleResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).putRule(ruleRequest); + if (ruleResult.getRuleArn() != null) { + ruleDetails.setRuleArn(ruleResult.getRuleArn()); + boolean isLambdaFunctionLinked = linkTargetWithRule(ruleDetails); + if(!isLambdaFunctionLinked) { + //message.put(RuleConst.SUCCESS.getName(), false); + //message.put(RuleConst.MESSAGE.getName(), "Unexpected Error Occured!"); + } else { + ruleRepository.save(ruleDetails); + invokeRule(awsLambdaClient, ruleDetails, null, null); + } + } else { + //message.put(RuleConst.SUCCESS.getName(), false); + //message.put(RuleConst.MESSAGE.getName(), "Unexpected Error Occured!"); + } + } catch(Exception exception) { + log.error(UNEXPECTED_ERROR_OCCURRED, exception); + } + } + + @Override + public Map invokeAllRules(List ruleIds) { + AWSLambda awsLambdaClient = amazonClient.getAWSLambdaClient(config.getRule().getLambda().getRegion()); + Map responseLists = Maps.newHashMap(); + List successList = Lists.newArrayList(); + List failedList = Lists.newArrayList(); + for(String ruleId: ruleIds) { + Rule ruleInstance = ruleRepository.findById(ruleId).get(); + boolean isInvoked = invokeRule(awsLambdaClient, ruleInstance, null, Lists.newArrayList()); + if(isInvoked) { + successList.add(ruleId); + } else { + failedList.add(ruleId); + } + } + responseLists.put("successList", successList); + responseLists.put("failedList", failedList); + return responseLists; + } + + private boolean invokeRule(AWSLambda awsLambdaClient, Rule ruleDetails, String invocationId, List> additionalRuleParams) { + String ruleParams = ruleDetails.getRuleParams(); + if(invocationId != null) { + Map ruleParamDetails; + try { + ruleParamDetails = mapper.readValue(ruleDetails.getRuleParams(), new TypeReference>(){}); + ruleParamDetails.put("invocationId", invocationId); + ruleParamDetails.put("additionalParams", mapper.writeValueAsString(additionalRuleParams)); + ruleParams = mapper.writeValueAsString(ruleParamDetails); + } catch (Exception exception) { + log.error(UNEXPECTED_ERROR_OCCURRED, exception); + } + } + String functionName = config.getRule().getLambda().getFunctionName(); + ByteBuffer payload = ByteBuffer.wrap(ruleParams.getBytes()); + InvokeRequest invokeRequest = new InvokeRequest().withFunctionName(functionName).withPayload(payload); + InvokeResult invokeResult = awsLambdaClient.invoke(invokeRequest); + if (invokeResult.getStatusCode() == 200) { + return true; + } else { + return false; + } + } + + private boolean linkTargetWithRule(final Rule rule) { + Target target = new Target() + .withId(config.getRule().getLambda().getTargetId()) + .withArn(config.getRule().getLambda().getFunctionArn()) + .withInput(rule.getRuleParams()); + + PutTargetsRequest targetsRequest = new PutTargetsRequest() + .withTargets(target) + .withRule(rule.getRuleUUID()); + + try { + PutTargetsResult targetsResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).putTargets(targetsRequest); + return (targetsResult.getFailedEntryCount()==0); + } catch(Exception exception) { + return false; + } + } + + private boolean removeTargetWithRule(final Rule rule) { + RemoveTargetsRequest removeTargetsRequest = new RemoveTargetsRequest() + .withIds(config.getRule().getLambda().getTargetId()) + .withRule(rule.getRuleUUID()); + try { + RemoveTargetsResult targetsResult = amazonClient.getAmazonCloudWatchEvents(config.getRule().getLambda().getRegion()).removeTargets(removeTargetsRequest); + return (targetsResult.getFailedEntryCount()==0); + } catch(Exception exception) { + exception.printStackTrace(); + return false; + } + } + + private void createPolicyForLambda(final String lambdaFunctionName, final AWSLambda lambdaClient) { + AddPermissionRequest addPermissionRequest = new AddPermissionRequest() + .withFunctionName(lambdaFunctionName) + .withPrincipal(config.getRule().getLambda().getPrincipal()) + .withStatementId("sid-".concat(config.getRule().getLambda().getTargetId())) + .withAction(config.getRule().getLambda().getActionEnabled()); + lambdaClient.addPermission(addPermissionRequest); + } + + private static boolean checkIfPolicyAvailableForLambda(final String lambdaFunctionName, final AWSLambda lambdaClient) { + try { + GetPolicyRequest getPolicyRequest = new GetPolicyRequest(); + getPolicyRequest.setFunctionName(lambdaFunctionName); + lambdaClient.getPolicy(getPolicyRequest); + return true; + } catch (ResourceNotFoundException resourceNotFoundException) { + if (resourceNotFoundException.getStatusCode() == 404) { + return false; + } + } + return false; + } + + private boolean isRuleTypeNotServerlessOrManaged(final String ruleType) { + String ruleTypeToCheck = ruleType.replace(" ", StringUtils.EMPTY); + return (!ruleTypeToCheck.equalsIgnoreCase(AdminConstants.SERVERLESS_RULE_TYPE) && !ruleTypeToCheck.equalsIgnoreCase(AdminConstants.MANAGED_RULE_TYPE)); + } + + private boolean createUpdateRuleJartoS3Bucket(MultipartFile fileToUpload, String ruleUUID) { + return awsS3BucketService.uploadFile(amazonClient.getAmazonS3(config.getRule().getS3().getBucketRegion()), fileToUpload, config.getJob().getS3().getBucketName()+"/pacbot", ruleUUID.concat(".jar")); + } + + public boolean isRuleIdExits(String ruleId) { + return ruleRepository.findByRuleId(ruleId) != null; + } + + @SuppressWarnings("unchecked") + private String buildAndGetRuleParams(final CreateUpdateRuleDetails ruleDetails, final String ruleUUID, final boolean isCreatedNew) { + Map newJobParams; + try { + newJobParams = mapper.readValue(ruleDetails.getRuleParams(), new TypeReference>(){}); + newJobParams.put("ruleId", ruleDetails.getRuleId()); + newJobParams.put("autofix", ruleDetails.isAutofixEnabled()); + newJobParams.put("alexaKeyword", ruleDetails.getAlexaKeyword()); + newJobParams.put("ruleRestUrl", ruleDetails.getRuleRestUrl()); + newJobParams.put("targetType", ruleDetails.getTargetType()); + newJobParams.put("pac_ds", ruleDetails.getDataSource()); + newJobParams.put("policyId", ruleDetails.getPolicyId()); + newJobParams.put("assetGroup", ruleDetails.getAssetGroup()); + newJobParams.put("ruleUUID", ruleUUID); + newJobParams.put("ruleType", ruleDetails.getRuleType()); + Map severity = new HashMap<>(); + severity.put("key", "severity"); + severity.put("value", ruleDetails.getSeverity()); + severity.put("encrypt", false); + Map category = new HashMap<>(); + category.put("key", "ruleCategory"); + category.put("value", ruleDetails.getCategory()); + category.put("encrypt", false); + List> environmentVariables = (List>) newJobParams.get("environmentVariables"); + List> params = (List>) newJobParams.get("params"); + params.add(severity); + params.add(category); + newJobParams.put("environmentVariables", encryptDecryptValues(environmentVariables, ruleUUID, isCreatedNew)); + newJobParams.put("params", encryptDecryptValues(params, ruleUUID, isCreatedNew)); + return mapper.writeValueAsString(newJobParams); + } catch (Exception exception) { + log.error(UNEXPECTED_ERROR_OCCURRED, exception); + } + return ruleDetails.getRuleParams(); + } + + private List> encryptDecryptValues(List> ruleParams, String ruleUUID, boolean isCreatedNew) { + for (int index = 0; index < ruleParams.size(); index++) { + Map keyValue = ruleParams.get(index); + if (isCreatedNew) { + String isToBeEncrypted = keyValue.get("encrypt").toString(); + if (StringUtils.isNotBlank(isToBeEncrypted) && Boolean.parseBoolean(isToBeEncrypted)) { + try { + keyValue.put("value", AdminUtils.encrypt(keyValue.get("value").toString(), ruleUUID)); + } catch (Exception exception) { + keyValue.put("value", keyValue.get("value").toString()); + } + } + } else { + if (keyValue.get("isValueNew") != null) { + String isValueNew = keyValue.get("isValueNew").toString(); + String isToBeEncrypted = keyValue.get("encrypt").toString(); + if (StringUtils.isNotBlank(isValueNew) && Boolean.parseBoolean(isValueNew)) { + if (StringUtils.isNotBlank(isToBeEncrypted) && Boolean.parseBoolean(isToBeEncrypted)) { + try { + keyValue.put("value", AdminUtils.encrypt(keyValue.get("value").toString(), ruleUUID)); + } catch (Exception exception) { + keyValue.put("value", keyValue.get("value").toString()); + } + } + } + } + } + } + return ruleParams; + } + + @Override + public List getAllRuleCategories() throws PacManException{ + return ruleCategoryRepository.findAll(); + } +} diff --git a/api/pacman-api-asset/pom.xml b/api/pacman-api-asset/pom.xml index f462ed942..3dd6e7c10 100644 --- a/api/pacman-api-asset/pom.xml +++ b/api/pacman-api-asset/pom.xml @@ -179,16 +179,6 @@ true - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix - - - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix-dashboard - - org.powermock powermock-api-mockito diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/AssetApplication.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/AssetApplication.java index a3ab4644a..f3571b9a2 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/AssetApplication.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/AssetApplication.java @@ -34,8 +34,6 @@ @EnableFeignClients @EnableConfigurationProperties @Configuration -/*@EnableHystrix -@EnableHystrixDashboard*/ @EnableCaching @ComponentScan(basePackages = "com.tmobile.pacman") @EnableResourceServer diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetController.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetController.java index 5edb4eeed..56cdcbf21 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetController.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetController.java @@ -15,9 +15,6 @@ ******************************************************************************/ package com.tmobile.pacman.api.asset.controller; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; - import java.util.HashMap; import java.util.List; import java.util.Map; @@ -39,7 +36,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.asset.domain.AssetUpdateRequest; import com.tmobile.pacman.api.asset.domain.Response; import com.tmobile.pacman.api.asset.model.DefaultUserAssetGroup; @@ -47,6 +43,9 @@ import com.tmobile.pacman.api.commons.exception.DataException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; + /** * The controller layer for Assets which has methods to fetch the asset related info. */ @@ -68,7 +67,6 @@ public class AssetController { * * @return list of target types. */ - @HystrixCommand @GetMapping(value = "/v1/list/targettype") public ResponseEntity getListOfTargetTypes(@RequestParam(name = "ag", required = true) String assetGroup, @RequestParam(name = "domain", required = false) String domain) { @@ -119,7 +117,6 @@ public ResponseEntity getListOfApplications(@RequestParam(name = "ag", r * * @return list of environments. */ - @HystrixCommand @GetMapping(value = "/v1/list/environment") public ResponseEntity getListOfEnvironments(@RequestParam(name = "ag", required = true) String assetGroup, @RequestParam(name = "application", required = false) String application, @@ -147,7 +144,6 @@ public ResponseEntity getListOfEnvironments(@RequestParam(name = "ag", r * * @return list of asset group details. */ - @HystrixCommand @GetMapping(value = "/v1/list/assetgroup") public ResponseEntity getAllAssetGroups() { try { @@ -167,7 +163,6 @@ public ResponseEntity getAllAssetGroups() { * * @return asset group info. */ - @HystrixCommand @GetMapping(value = "/v1/assetgroup") public ResponseEntity getAssetGroupInfo(@RequestParam(name = "ag", required = true) String assetGroup) { Map assetGroupInfo = assetService.getAssetGroupInfo(assetGroup); @@ -187,7 +182,6 @@ public ResponseEntity getAssetGroupInfo(@RequestParam(name = "ag", requi * * @return asset group name. */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "Get User Default Asset Group") @GetMapping(value = "/v1/list/user-default-assetgroup") public ResponseEntity getUserDefaultAssetGroup( @@ -208,7 +202,6 @@ public ResponseEntity getUserDefaultAssetGroup( * * @return boolean as updated status. */ - @HystrixCommand @ApiOperation(httpMethod = "POST", value = "Save or Update User Asset Groups") @PostMapping(value = "/v1/save-or-update/assetgroup") public ResponseEntity saveOrUpdateAssetGroup( @@ -230,7 +223,6 @@ public ResponseEntity saveOrUpdateAssetGroup( * * @return updated list of asset group for the userId. */ - @HystrixCommand @ApiOperation(httpMethod = "POST", value = "Save or Append User Recently Viewed Asset Groups") @PostMapping(value = "/v1/appendToRecentlyViewedAG") public ResponseEntity appendToRecentlyViewedAG( @@ -257,7 +249,6 @@ public ResponseEntity appendToRecentlyViewedAG( * * @return config details as string. */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "Retrieve Asset Config for the given resourceId and configType") @GetMapping(value = "/v1/retrieve-asset-config") public ResponseEntity retrieveAssetConfig( @@ -283,7 +274,6 @@ public ResponseEntity retrieveAssetConfig( * * @return ResponseEntity. */ - @HystrixCommand @ApiOperation(httpMethod = "POST", value = "Save Asset Configuration") @PostMapping(value = "/v1/save-asset-config") public ResponseEntity saveAssetConfig( @@ -307,7 +297,6 @@ public ResponseEntity saveAssetConfig( * @throws DataException when the update fails. */ - @HystrixCommand @ApiOperation(httpMethod = "POST", value = "Update Asset values") @PostMapping(value = "/v1/update-asset") public ResponseEntity updateAsset(@RequestBody(required = true) AssetUpdateRequest request) @@ -343,7 +332,6 @@ public ResponseEntity updateAsset(@RequestBody(required = true) AssetUpd * * @return created date as string */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "Get Resource Created Date") @RequestMapping(path = "/v1/get-resource-created-date", method = RequestMethod.GET) @ResponseBody diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetCountController.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetCountController.java index e17a58081..d02d28605 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetCountController.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetCountController.java @@ -28,7 +28,6 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.asset.AssetConstants; import com.tmobile.pacman.api.asset.service.AssetService; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -56,7 +55,6 @@ public class AssetCountController { * * @return list of type and its asset count. */ - @HystrixCommand @GetMapping(value = "/v1/count") public ResponseEntity geAssetCount(@RequestParam(name = "ag", required = true) String assetGroup, @RequestParam(name = "type", required = false) String type, @@ -86,7 +84,6 @@ public ResponseEntity geAssetCount(@RequestParam(name = "ag", required = * * @return list of applications and its asset count. */ - @HystrixCommand @GetMapping(value = "/v1/count/byapplication") public ResponseEntity geAssetCountByTypeAndApplication( @RequestParam(name = "ag", required = true) String assetGroup, @@ -121,7 +118,6 @@ public ResponseEntity geAssetCountByTypeAndApplication( * * @return list of environment and its asset count. */ - @HystrixCommand @GetMapping(value = "/v1/count/byenvironment") public ResponseEntity geAssetCountByTypeEnvironment( @RequestParam(name = "ag", required = true) String assetGroup, diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetDetailController.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetDetailController.java index ac04cf40b..c60b5c01a 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetDetailController.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetDetailController.java @@ -37,7 +37,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.asset.AssetConstants; import com.tmobile.pacman.api.asset.client.ComplianceServiceClient; import com.tmobile.pacman.api.asset.domain.PageFilterRequest; @@ -80,7 +79,7 @@ public class AssetDetailController { * * @return list of date and its CPU utilization of the instance id. */ - @HystrixCommand + @GetMapping(value = "/v1/{assetGroup}/ec2/{resourceId}/cpu-utilization") public ResponseEntity getCPUUtilizationByInstanceId( @PathVariable(name = "resourceId", required = true) String instanceId) { @@ -104,7 +103,6 @@ public ResponseEntity getCPUUtilizationByInstanceId( * * @return list of disk name, size and free space of the instance id. */ - @HystrixCommand @RequestMapping(path = "/v1/{assetGroup}/ec2/{resourceId}/disk-utilization", method = RequestMethod.GET) public ResponseEntity getDiskUtilizationByInstanceId( @PathVariable(name = "resourceId", required = true) String instanceId) { @@ -134,7 +132,6 @@ public ResponseEntity getDiskUtilizationByInstanceId( * * @return list of software name and its version installed on the instance id. */ - @HystrixCommand @RequestMapping(path = "/v1/{assetGroup}/ec2/{resourceId}/installed-softwares", method = RequestMethod.GET) public ResponseEntity getInstalledSoftwareDetailsByInstanceId( @PathVariable(name = "resourceId", required = true) String instanceId, @@ -197,7 +194,6 @@ public ResponseEntity getInstalledSoftwareDetailsByInstanceId( * * @return list of open ports. */ - @HystrixCommand @RequestMapping(path = "/v1/{assetGroup}/ec2/{resourceId}/open-ports", method = RequestMethod.GET) public ResponseEntity getOpenPortsByInstanceId( @PathVariable(name = "resourceId", required = true) String instanceId, @@ -254,7 +250,7 @@ public ResponseEntity getOpenPortsByInstanceId( * * @return list of assets with open,closed and upcoming count. */ - @HystrixCommand + @RequestMapping(path = "/v1/{assetGroup}/ec2/{resourceId}/aws-notifications/summary", method = RequestMethod.GET) public ResponseEntity getAwsNotificationSummary( @PathVariable(name = "resourceId", required = true) String instanceId) { @@ -289,7 +285,7 @@ public ResponseEntity getAwsNotificationSummary( * * @return list of notification details. */ - @HystrixCommand + @RequestMapping(path = "/v1/{assetGroup}/ec2/{resourceId}/aws-notifications/details", method = RequestMethod.POST) public ResponseEntity getAwsNotificationDetails(@RequestBody(required = true) PageFilterRequest request, @PathVariable(name = "resourceId", required = true) String instanceId) { @@ -354,7 +350,6 @@ public ResponseEntity getAwsNotificationDetails(@RequestBody(required = * * @return created by, creation date and email. */ - @HystrixCommand @ApiOperation(httpMethod = "GET", value = "Get the creator details for a particular resource") @GetMapping(value = "/v1/{assetGroup}/{resourceType}/{resourceId}/creatordetails") public ResponseEntity getEc2CreatorDetail( @@ -381,7 +376,7 @@ public ResponseEntity getEc2CreatorDetail( * * @return list of AD group details. */ - @HystrixCommand + @ApiOperation(httpMethod = "GET", value = "Get the ad group details for a ec2 instance") @GetMapping(value = "/v1/{assetGroup}/ec2/{resourceId}/ad-groups") public ResponseEntity getAdGroupsDetail(@PathVariable(name = "assetGroup", required = true) String ag, @@ -407,7 +402,7 @@ public ResponseEntity getAdGroupsDetail(@PathVariable(name = "assetGroup * * @return details of ec2 resource */ - @HystrixCommand + @ApiOperation(httpMethod = "GET", value = "Get the details from a particular data source for a particular resource") @GetMapping(value = "v1/{assetGroup}/{resourceType}/{resourceId}/details") public ResponseEntity getEc2ResourceDetail(@PathVariable(name = "assetGroup", required = true) String ag, @@ -437,7 +432,7 @@ public ResponseEntity getEc2ResourceDetail(@PathVariable(name = "assetGr * @return average last week cost and total cost of ec2. * @throws DataException when fetching data from ES. */ - @HystrixCommand + @ApiOperation(httpMethod = "GET", value = "Get the average cost and total cost for an EC2 resource") @GetMapping(value = "v1/{assetGroup}/ec2/{resourceId}/cost") public ResponseEntity getEc2ResourceSummary( @@ -462,7 +457,7 @@ public ResponseEntity getEc2ResourceSummary( * * @return compliance, statename and attributes */ - @HystrixCommand + @ApiOperation(httpMethod = "GET", value = "Get the summary from AWS for a particular resource") @GetMapping(value = "v1/{assetGroup}/{resourceType}/{resourceId}/summary") public ResponseEntity getEc2ResourceSummary(@PathVariable(name = "assetGroup", required = true) String ag, diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetListController.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetListController.java index 0287c7459..b6c1757ac 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetListController.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetListController.java @@ -15,8 +15,6 @@ ******************************************************************************/ package com.tmobile.pacman.api.asset.controller; -import io.swagger.annotations.ApiOperation; - import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; @@ -39,7 +37,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.asset.AssetConstants; import com.tmobile.pacman.api.asset.domain.Request; import com.tmobile.pacman.api.asset.domain.ResponseWithCount; @@ -50,6 +47,8 @@ import com.tmobile.pacman.api.commons.utils.CommonUtils; import com.tmobile.pacman.api.commons.utils.ResponseUtils; +import io.swagger.annotations.ApiOperation; + /** * The controller layer which has methods to return list of assets. */ @@ -77,7 +76,7 @@ public class AssetListController { * * @return list of assets and its some details. */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Get the list of assets in an asset group. Optional filters -'application','environment','resourceType' ") @PostMapping(value = "/v1/list/assets") public ResponseEntity listAssets(@RequestBody(required = true) Request request, @@ -134,7 +133,7 @@ public ResponseEntity listAssets(@RequestBody(required = true) Request r * * @return list of assets tagged/untagged. */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Get the list of taggble assets in an asset group. Optional filters -'application','environment','resourceType','tagged'{true/false} ,'tagName' {Application/Environment/Stack/Role}") @PostMapping(value = "/v1/list/assets/taggable") public ResponseEntity listTaggableAssets(@RequestBody(required = true) Request request) { @@ -194,7 +193,7 @@ public ResponseEntity listTaggableAssets(@RequestBody(required = true) R * * @return list of assets patched/unpatched. */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Get the list of patchable assets in an asset group. Optional filters -'application', 'environment', 'resourceType', 'patched'{true/false}, 'executiveSponsor' and 'director'.") @PostMapping(value = "/v1/list/assets/patchable") public ResponseEntity listPatchableAssets(@RequestBody(required = true) Request request) { @@ -255,7 +254,7 @@ public ResponseEntity listPatchableAssets(@RequestBody(required = true) * * @return list of vulnerable assets. */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Get the list of vulnerable assets in an asset group for a particualr qid. Mandatory Filter -'qid'. Optional filters -'application','environment','resourceType' ") @PostMapping(value = "/v1/list/assets/vulnerable") public ResponseEntity listVulnerableAssets(@RequestBody(required = true) Request request) { @@ -314,7 +313,7 @@ public ResponseEntity listVulnerableAssets(@RequestBody(required = true) * * @return list of assets with open issue status. */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Get the list of assets scanned by a ruleid in an asset group . Mandatory Filter -'ruleId'. Optional filters -'application','environment','resourceType','compliant'{true/false}") @PostMapping(value = "/v1/list/assets/scanned") public ResponseEntity listScannedAssets(@RequestBody(required = true) Request request, @@ -372,7 +371,7 @@ public ResponseEntity listScannedAssets(@RequestBody(required = true) Re * * @return list of complete asset details. */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Get the complete details assets") @PostMapping(value = "/v1/listing/assets") public ResponseEntity getAssetLists(@RequestBody(required = true) Request request) { @@ -438,7 +437,7 @@ public ResponseEntity getAssetLists(@RequestBody(required = true) Reques * * @return list of editable fields */ - @HystrixCommand + @RequestMapping(path = "/v1/updateFieldsbyresourceType", method = RequestMethod.GET) public ResponseEntity getEditableFieldsByTargetType( @RequestParam(name = "ag", required = true) String assetGroup, diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetTrendController.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetTrendController.java index 2a99b172d..5ae64e429 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetTrendController.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/AssetTrendController.java @@ -31,7 +31,6 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.asset.service.AssetService; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -62,7 +61,7 @@ public class AssetTrendController { * * @return list of days with its min/max asset count. */ - @HystrixCommand + @ApiOperation(value = "View the asset trends(daily min/max) over the period of last 1 month", response = Iterable.class) @GetMapping(path = "/v1/trend/minmax") public ResponseEntity getMinMaxAssetCount(@RequestParam(name = "ag", required = true) String assetGroup, diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/SearchController.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/SearchController.java index 14426520d..834700d91 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/SearchController.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/controller/SearchController.java @@ -30,7 +30,6 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.asset.domain.SearchCriteria; import com.tmobile.pacman.api.asset.domain.SearchException; import com.tmobile.pacman.api.asset.domain.SearchResult; @@ -58,7 +57,7 @@ public class SearchController { * @param criteria the criteria * @return the response entity */ - @HystrixCommand + @PostMapping(value = "/v1/search") public ResponseEntity search(@RequestBody SearchCriteria criteria) { long start = System.currentTimeMillis(); @@ -101,7 +100,7 @@ public ResponseEntity search(@RequestBody SearchCriteria criteria) { * @param domain the domain * @return the search categories */ - @HystrixCommand + @GetMapping(value = "/v1/search/categories") public ResponseEntity getSearchCategories(@RequestParam(name = "domain", required = false) String domain) { diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/AssetRepositoryImpl.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/AssetRepositoryImpl.java index d1b185c6c..e0f8755e7 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/AssetRepositoryImpl.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/AssetRepositoryImpl.java @@ -1,2359 +1,2361 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.pacman.api.asset.repository; - -import java.io.IOException; -import java.lang.reflect.Type; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Set; -import java.util.concurrent.CopyOnWriteArrayList; -import java.util.stream.Collectors; - -import javax.annotation.PostConstruct; - -import org.apache.commons.lang.StringUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.http.HttpEntity; -import org.apache.http.HttpHost; -import org.apache.http.entity.ContentType; -import org.apache.http.nio.entity.NStringEntity; -import org.apache.http.util.EntityUtils; -import org.elasticsearch.client.Response; -import org.elasticsearch.client.RestClient; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.stereotype.Repository; -import org.springframework.util.CollectionUtils; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.common.base.Strings; -import com.google.common.collect.HashMultimap; -import com.google.gson.Gson; -import com.google.gson.GsonBuilder; -import com.google.gson.JsonArray; -import com.google.gson.JsonElement; -import com.google.gson.JsonObject; -import com.google.gson.JsonParser; -import com.google.gson.reflect.TypeToken; -import com.tmobile.pacman.api.asset.AssetConstants; -import com.tmobile.pacman.api.asset.domain.ResourceResponse; -import com.tmobile.pacman.api.asset.domain.ResourceResponse.Source; -import com.tmobile.pacman.api.asset.model.DefaultUserAssetGroup; -import com.tmobile.pacman.api.commons.Constants; -import com.tmobile.pacman.api.commons.exception.DataException; -import com.tmobile.pacman.api.commons.exception.NoDataFoundException; -import com.tmobile.pacman.api.commons.repo.ElasticSearchRepository; -import com.tmobile.pacman.api.commons.repo.PacmanRdsRepository; -import com.tmobile.pacman.api.commons.utils.CommonUtils; -import com.tmobile.pacman.api.commons.utils.PacHttpUtils; - -/** - * Implemented class for AssetRepository and all its method - */ -@Repository -@ConfigurationProperties(prefix = "resource") -public class AssetRepositoryImpl implements AssetRepository { - - private Map events; - - @Value("${tagging.mandatoryTags}") - private String mandatoryTags; - - @Value("${elastic-search.host}") - private String esHost; - @Value("${elastic-search.port}") - private int esPort; - @Value("${elastic-search.update-host}") - private String updateESHost; - @Value("${elastic-search.update-port}") - private int updateESPort; - @Value("${elastic-search.host-heimdall}") - private String heimdallEsHost; - @Value("${elastic-search.port-heimdall}") - private int heimdallEsPort; - - private static final String PROTOCOL = "http"; - private String esUrl; - private String heimdallEsesUrl; - - @Value("${vulnerability.types}") - private String vulnTypes; - - @Value("${features.vulnerability.enabled:false}") - private boolean qualysEnabled; - - private static final Log LOGGER = LogFactory.getLog(AssetRepositoryImpl.class); - private RestClient restClient; - - @Autowired - ElasticSearchRepository esRepository; - @Autowired - PacmanRdsRepository rdsRepository; - @Autowired - PacmanRedshiftRepository redshiftRepository; - - @PostConstruct - void init() { - esUrl = PROTOCOL + "://" + esHost + ":" + esPort; - heimdallEsesUrl = PROTOCOL + "://" + heimdallEsHost + ":" + heimdallEsPort; - } - - @Override - public Map getAssetCountByAssetGroup(String aseetGroupName, String type) { - - Map filter = new HashMap<>(); - filter.put(Constants.LATEST, Constants.TRUE); - filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); - HashMultimap shouldFilter = HashMultimap.create(); - if (Constants.EC2.equals(type) || AssetConstants.ALL.equals(type)) { - shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); - } - Map countMap = new HashMap<>(); - try { - if (AssetConstants.ALL.equals(type)) { - try { - countMap = esRepository.getTotalDistributionForIndexAndType(aseetGroupName, null, filter, null, - null, AssetConstants.UNDERSCORE_TYPE, Constants.THOUSAND, null); - } catch (Exception e) { - LOGGER.error("Exception in getAssetCountByAssetGroup :" , e); - } - if (!countMap.isEmpty()) { - countMap.put(Constants.EC2, esRepository.getTotalDocumentCountForIndexAndType(aseetGroupName, - Constants.EC2, filter, null, shouldFilter, null, null)); - } - } else { - long count = esRepository.getTotalDocumentCountForIndexAndType(aseetGroupName, type, filter, null, - shouldFilter, null, null); - countMap.put(type, count); - } - } catch (Exception e) { - LOGGER.error("Exception in getAssetCountByAssetGroup :" , e); - } - - return countMap; - } - - @Override - public List> getTargetTypesByAssetGroup(String aseetGroupName, String domain) { - - String query = "select distinct targetType as type ,c.category as category,c.domain as domain from cf_AssetGroupTargetDetails a , cf_AssetGroupDetails b ,cf_Target c where a.groupId = b.groupId and a.targetType = c.targetName and b.groupName ='" - + aseetGroupName.trim() + "'"; - if (!StringUtils.isEmpty(domain)) { - query = query + " and lower(c.domain) = '" + domain.toLowerCase().trim() + "'"; - } - return rdsRepository.getDataFromPacman(query); - } - - @Override - public List> getAllTargetTypes() { - - String query = "select distinct targetName as type, category from cf_Target"; - return rdsRepository.getDataFromPacman(query); - - } - - @Override - public List getApplicationByAssetGroup(String aseetGroupName) throws DataException { - - Map filter = new HashMap<>(); - filter.put(Constants.LATEST, Constants.TRUE); - filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); - Map applicationMap ; - try { - applicationMap = esRepository.getTotalDistributionForIndexAndType(aseetGroupName, null, filter, null, null, - Constants.TAGS_APPS, Constants.THOUSAND, null); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_GETAPPSBYAG, e); - throw new DataException(e); - } - return new ArrayList<>(applicationMap.keySet()); - } - - @Override - public List getApplicationByAssetGroup(String aseetGroupName, String domain) throws DataException { - - List targetTypes = getTargetTypesByAssetGroup(aseetGroupName, domain).stream() - .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); - Map filter = new HashMap<>(); - filter.put(Constants.LATEST, Constants.TRUE); - filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); - Map mustTermsFilter = new HashMap<>(); - mustTermsFilter.put(AssetConstants.UNDERSCORE_TYPE, targetTypes); - Map applicationMap = new HashMap<>() ; - - try { - applicationMap = esRepository.getTotalDistributionForIndexAndType(aseetGroupName, null, - filter, null, null, Constants.TAGS_APPS, Constants.THOUSAND, mustTermsFilter); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_GETAPPSBYAG, e); - throw new DataException(e); - } - return new ArrayList<>(applicationMap.keySet()); - } - - @Override - public List getEnvironmentsByAssetGroup(String assetGroup, String application, String domain) { - - Map filter = new HashMap<>(); - filter.put(Constants.LATEST, Constants.TRUE); - filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); - if (application != null) { - filter.put(Constants.TAGS_APPS, application); - } - Map mustTermsFilter; - if (!StringUtils.isEmpty(domain)) { - List targetTypes = getTargetTypesByAssetGroup(assetGroup, domain).stream() - .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); - mustTermsFilter = new HashMap<>(); - mustTermsFilter.put(AssetConstants.UNDERSCORE_TYPE, targetTypes); - } else { - mustTermsFilter = null; - } - - Map envnMap = new HashMap<>(); - try { - envnMap = esRepository.getTotalDistributionForIndexAndType(assetGroup, null, filter, null, null, - Constants.TAGS_ENV, Constants.THOUSAND, mustTermsFilter); - } catch (Exception e) { - LOGGER.error("Exception in getEnvironmentsByAssetGroup :" , e); - } - return new ArrayList<>(envnMap.keySet()); - } - - @Override - public List> getAllAssetGroups() { - - String query = "select distinct groupName as name, displayName as displayname ,description, groupType as type ,createdBy as createdby from cf_AssetGroupDetails where isVisible = true order by groupName asc "; - return rdsRepository.getDataFromPacman(query); - } - - @Override - public Map getAssetGroupInfo(String assetGroup) { - - String query = "select distinct groupName as name, displayName as displayname ,description, groupType as type ,createdBy as createdby from cf_AssetGroupDetails where groupName = '" - + assetGroup + "'"; - List> results = rdsRepository.getDataFromPacman(query); - if (!results.isEmpty()) { - return results.get(0); - } else { - return new HashMap<>(); - } - } - - @Override - public Map getAssetCountByApplication(String assetGroup, String type) throws DataException { - Map filter = new HashMap<>(); - filter.put(Constants.LATEST, Constants.TRUE); - HashMultimap shouldFilter = HashMultimap.create(); - if (Constants.EC2.equals(type)) { - shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); - } - try { - return esRepository.getTotalDistributionForIndexAndType(assetGroup, type, filter, null, shouldFilter, - Constants.TAGS_APPS, Constants.THOUSAND, null); - } catch (Exception e) { - LOGGER.error("Exception in getAssetCountByApplication ", e); - throw new DataException(e); - } - } - - @Override - public List> getAssetMinMax(String assetGroup, String type, Date from, Date to) { - - List> minMaxList = new ArrayList<>(); - try { - - StringBuilder request = new StringBuilder( - "{\"size\": 10000, \"_source\": [\"min\",\"max\",\"date\"], \"query\": { \"bool\": { \"must\": [ { \"match\": {\"ag.keyword\": "); - request.append("\"" + assetGroup + "\"}} ,{ \"match\": {\"type.keyword\": " + "\"" + type + "\"}}"); - String gte = null; - String lte = null; - - if (from != null) { - gte = "\"gte\": \"" + new SimpleDateFormat("yyyy-MM-dd").format(from) + "\""; - } - if (to != null) { - lte = "\"lte\": \"" + new SimpleDateFormat("yyyy-MM-dd").format(to) + "\""; - } - - if (gte == null && lte == null) { - request.append("]}}}"); - } else if (gte != null && lte != null) { - request.append(AssetConstants.ESQUERY_RANGE + gte + "," + lte + AssetConstants.ESQUERY_RANGE_CLOSE); - } else if (gte != null) { - request.append(AssetConstants.ESQUERY_RANGE + gte + AssetConstants.ESQUERY_RANGE_CLOSE); - } else { - request.append(AssetConstants.ESQUERY_RANGE + lte + AssetConstants.ESQUERY_RANGE_CLOSE); - } - minMaxList = getAssetStats(request.toString()); - - } catch (Exception e) { - LOGGER.error("Exception in getAssetMinMax " , e); - } - return minMaxList; - } - - List> getAssetStats(String rqstBody) { - - List> docs = new ArrayList<>(); - String responseJson = ""; - try { - responseJson = PacHttpUtils.doHttpPost("http://" + esHost + ":" + esPort - + "/assetgroup_stats/count_type/_search", rqstBody); - } catch (Exception e) { - LOGGER.error("Exception in getAssetStats " , e); - } - JsonParser jsonParser = new JsonParser(); - JsonObject resultJson = (JsonObject) jsonParser.parse(responseJson); - JsonObject hitsJson = (JsonObject) jsonParser.parse(resultJson.get("hits").toString()); - JsonArray jsonArray = hitsJson.getAsJsonObject().get("hits").getAsJsonArray(); - if (jsonArray.size() > 0) { - for (int i = 0; i < jsonArray.size(); i++) { - JsonObject obj = (JsonObject) jsonArray.get(i); - JsonObject sourceJson = (JsonObject) obj.get(AssetConstants.UNDERSCORE_SOURCE); - if (sourceJson != null) { - Map doc = new Gson().fromJson(sourceJson, new TypeToken>() { - }.getType()); - docs.add(doc); - } - } - } - return docs; - - } - - @Override - public Integer saveOrUpdateAssetGroup(final DefaultUserAssetGroup defaultAssetGroup) { - - String userId = defaultAssetGroup.getUserId().toLowerCase(); - String defaultAssetGroupDetails = defaultAssetGroup.getDefaultAssetGroup(); - String userCountQuery = "SELECT COUNT(userId) FROM pac_v2_userpreferences WHERE userId=\"" + userId + "\""; - String assetGroupUpdateQuery = "UPDATE pac_v2_userpreferences SET defaultAssetGroup=? WHERE userId=?"; - String assetGroupInserteQuery = "INSERT INTO pac_v2_userpreferences (userId, defaultAssetGroup) VALUES (?, ?)"; - int userCount = rdsRepository.count(userCountQuery); - if (userCount > 0) { - return rdsRepository.update(assetGroupUpdateQuery, defaultAssetGroupDetails, userId); - } else { - return rdsRepository.update(assetGroupInserteQuery, userId, defaultAssetGroupDetails); - } - } - - @Override - public String getUserDefaultAssetGroup(String userId) { - String query = "SELECT defaultAssetGroup from pac_v2_userpreferences WHERE userId=\"" + userId.toLowerCase() - + "\""; - try { - return rdsRepository.queryForString(query); - } catch (Exception exception) { - LOGGER.error("Error in getUserDefaultAssetGroup " , exception); - return StringUtils.EMPTY; - } - } - - @Override - public String retrieveAssetConfig(String resourceId, String configType) { - String query = "SELECT config FROM Pacman_Asset_Config WHERE resourceId=\"" + resourceId.toLowerCase() - + "\" AND configType=\"" + configType.toLowerCase() + "\""; - try { - return rdsRepository.queryForString(query); - } catch (Exception exception) { - LOGGER.error("Exception in retrieveAssetConfig : " , exception); - return StringUtils.EMPTY; - } - } - - @Override - public Integer saveAssetConfig(String resourceId, String configType, String config) { - String assetGroupInserteQuery = "INSERT INTO Pacman_Asset_Config (resourceId, configType, config, createdDate) VALUES (?, ?, ?, ?)"; - try { - return rdsRepository.update(assetGroupInserteQuery, resourceId, configType, config, new Date()); - } catch (Exception exception) { - LOGGER.error("Exception in saveAssetConfig :" , exception); - return -1; - } - } - - @Override - public List> getAssetCountByEnvironment(String assetGroup, String application, String type) { - StringBuilder request = new StringBuilder( - "{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}"); // Common - // part - // where - // we - // will - // check - // for - // latest=true - if (application != null) { - request.append(",{\"match\":{\"tags.Application.keyword\":\"" + application + "\"}}"); // Add - // Application - // filter - } - if (Constants.EC2.equals(type)) { - request.append(",{\"terms\":{\"statename\":[\"running\",\"stopped\",\"stopping\"]}}"); // EC2 - // special - // handling - // to - // check - // for - // only - // relevant - // assets - // Ending must/bool/query - request.append("]}}"); - request.append(",\"aggs\":{\"apps\":{\"terms\":{\"field\":\"tags.Application.keyword\",\"size\":1000},\"aggs\":{\"envs\":{\"terms\":{\"field\":\"tags.Environment.keyword\",\"size\":1000}}}}}}"); // Aggs - } // part - - String responseJson = ""; - try { - responseJson = PacHttpUtils.doHttpPost("http://" + esHost + ":" + esPort + "/" + assetGroup + "/" + type - + "/_search", request.toString()); - } catch (Exception e) { - LOGGER.error("Error in getAssetCountByEnvironment " , e); - } - - JsonParser jsonParser = new JsonParser(); - JsonObject resultJson = jsonParser.parse(responseJson).getAsJsonObject(); - JsonArray apps = resultJson.get("aggregations").getAsJsonObject().get("apps").getAsJsonObject().get(Constants.BUCKETS) - .getAsJsonArray(); - List> appList = new ArrayList<>(); - for (JsonElement app : apps) { - - JsonObject appObj = app.getAsJsonObject(); - String appName = appObj.get("key").getAsString(); - JsonArray envs = appObj.get("envs").getAsJsonObject().get(Constants.BUCKETS).getAsJsonArray(); - Map appMap = new HashMap<>(); - appMap.put("application", appName); - List> envList = new ArrayList<>(); - appMap.put("environments", envList); - for (JsonElement env : envs) { - - JsonObject envObj = env.getAsJsonObject(); - String envName = envObj.get("key").getAsString(); - long count = envObj.get("doc_count").getAsLong(); - Map envMap = new HashMap<>(); - envMap.put("environment", envName); - envMap.put("count", count); - envList.add(envMap); - } - appList.add(appMap); - } - return appList; - } - - @Override - public List> saveAndAppendAssetGroup(String userId, String assetGroup) throws DataException { - - String lowerCaseUserId = userId.toLowerCase(); - String recentView = null; - boolean isDuplicate = false; - boolean isGreaterThanTen = false; - boolean isValidAssetGroup = false; - String assetGroupUpdateWithListQuery = null; - List recentViewList = new ArrayList<>(); - List> assets = getAllAssetGroups(); - List> recentlyViewed = new ArrayList<>(); - Map recentViewMap = new HashMap<>(); - for (Map ag : assets) { - if (assetGroup.equals(ag.get("name"))) { - isValidAssetGroup = true; - String userCountQuery = "SELECT COUNT(userId) FROM pac_v2_userpreferences WHERE userId=\"" - + lowerCaseUserId + "\""; - String recentlyViewedAgQuery = "SELECT recentlyViewedAG FROM pac_v2_userpreferences WHERE userId=\"" - + lowerCaseUserId + "\""; - String assetGroupUpdateQuery = "UPDATE pac_v2_userpreferences SET recentlyViewedAG='" + assetGroup - + "' WHERE userId='" + lowerCaseUserId + "'"; - String assetGroupUpdateAndAppendQuery = "UPDATE pac_v2_userpreferences SET recentlyViewedAG = concat(recentlyViewedAG,'" - + "," + assetGroup + "') WHERE userId='" + lowerCaseUserId + "'"; - String assetGroupInsertQuery = "INSERT INTO pac_v2_userpreferences (userId, recentlyViewedAG) VALUES (?, ?)"; - int userCount = rdsRepository.count(userCountQuery); - List> recentlyViewedAgMap = rdsRepository.getDataFromPacman(recentlyViewedAgQuery); - for (Map recentlyViewedAg : recentlyViewedAgMap) { - if (recentlyViewedAg.get(AssetConstants.RECENTLY_VIEWED_AG) != null) { - recentView = recentlyViewedAg.get(AssetConstants.RECENTLY_VIEWED_AG).toString(); - recentViewList = new CopyOnWriteArrayList(Arrays.asList(recentView.split(","))); - } - } - - if (userCount > 0) { - if (!StringUtils.isEmpty(recentView)) { - if (recentViewList.size() <= AssetConstants.NINE) { - if (recentViewList.contains(assetGroup)) { - recentViewList.remove(assetGroup); - isDuplicate = true; - } - } else { - if (recentViewList.contains(assetGroup)) { - recentViewList.remove(assetGroup); - isDuplicate = true; - } else { - recentViewList.remove(0); - isGreaterThanTen = true; - } - } - if (isDuplicate || isGreaterThanTen) { - recentViewList.add(assetGroup); - String assetGroups = String.join(",", recentViewList); - assetGroupUpdateWithListQuery = "UPDATE pac_v2_userpreferences SET recentlyViewedAG='" - + assetGroups + "' WHERE userId='" + lowerCaseUserId + "'"; - rdsRepository.update(assetGroupUpdateWithListQuery); - recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); - recentlyViewed.add(recentViewMap); - return recentlyViewed; - - } else { - rdsRepository.update(assetGroupUpdateAndAppendQuery); - recentViewList.add(assetGroup); - recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); - recentlyViewed.add(recentViewMap); - return recentlyViewed; - } - } else { - rdsRepository.update(assetGroupUpdateQuery); - recentViewList.add(assetGroup); - recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); - recentlyViewed.add(recentViewMap); - return recentlyViewed; - } - } else { - rdsRepository.update(assetGroupInsertQuery, lowerCaseUserId, assetGroup); - recentViewList.add(assetGroup); - recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); - recentlyViewed.add(recentViewMap); - return recentlyViewed; - } - } - } - if (!isValidAssetGroup) { - throw new DataException("Not A Valid Asset Group"); - } - return recentlyViewed; - } - - @SuppressWarnings("rawtypes") - @Override - public List> getListAssets(String assetGroup, Map filter, int from, int size, - String searchText) { - LOGGER.info("Inside getListAssets"); - List> assetDetails = new ArrayList<>(); - List fieldNames = new ArrayList<>(); - String targetType = ""; - String domain = filter.get(Constants.DOMAIN); - Map mustFilter = new HashMap<>(); - - Iterator it = filter.entrySet().iterator(); - while (it.hasNext()) { - Map.Entry entry = (Map.Entry) it.next(); - if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { - mustFilter.put(Constants.TAGS_APPS, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { - mustFilter.put(Constants.TAGS_ENV, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_RES_TYPE)) { - targetType = entry.getValue().toString(); - } - } - - try { - if (StringUtils.isEmpty(targetType)) { - List validTypes = getTargetTypesByAssetGroup(assetGroup, domain).stream() - .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); - if (validTypes.size() > 1) { - try { - fieldNames = getDisplayFieldsForTargetType("all_list"); - } catch (Exception e) { - LOGGER.error("Error while fetching field names for all targetType in getListAssets" , e); - } - } else { - try { - fieldNames = getDisplayFieldsForTargetType(validTypes.get(0)); - } catch (Exception e) { - LOGGER.error("Error while fetching field names for " + validTypes.get(0) + " in getListAssets" - , e); - } - } - assetDetails = getAssetsByAssetGroupBySize(assetGroup, AssetConstants.ALL, mustFilter, validTypes, - fieldNames, from, size, searchText); - } else { - try { - fieldNames = getDisplayFieldsForTargetType(targetType); - } catch (Exception e) { - LOGGER.error("Error while fetching field names for " + targetType + " in getListAssets" , e); - } - assetDetails = getAssetsByAssetGroupBySize(assetGroup, targetType, mustFilter, null, fieldNames, from, - size, searchText); - } - - } catch (Exception e) { - LOGGER.error("Error in getListAssets", e); - } - - List fieldsToBeSkipped = Arrays.asList(Constants.RESOURCEID, Constants.DOCID, AssetConstants.UNDERSCORE_ENTITY, - Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, - AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, Constants.LATEST, AssetConstants.CREATION_DATE); - LOGGER.info("Exiting getListAssets"); - return formGetListResponse(fieldNames,assetDetails,fieldsToBeSkipped); - } - - @Override - public long getAssetCount(String assetGroup, Map filter, String searchText) { - - Map mustFilter = new HashMap<>(); - mustFilter.put(AssetConstants.UNDERSCORE_ENTITY, true); - mustFilter.put(Constants.LATEST, true); - String domain = filter.get(Constants.DOMAIN); - String targetType = ""; - if (filter != null) { - Iterator> it = filter.entrySet().iterator(); - while (it.hasNext()) { - Entry entry = it.next(); - if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { - mustFilter.put(Constants.TAGS_APPS, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { - mustFilter.put(Constants.TAGS_ENV, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_RES_TYPE)) { - targetType = entry.getValue(); - } - } - } - - try { - Map mustTermFilter = null; - if (StringUtils.isEmpty(targetType)) { - mustTermFilter = new HashMap<>(); - List validTypes = getTargetTypesByAssetGroup(assetGroup, domain).stream() - .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); - mustTermFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, validTypes); - } else { - mustFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, targetType); - } - return esRepository.getTotalDocumentCountForIndexAndType(assetGroup, null, mustFilter, null, null, - searchText, mustTermFilter); - } catch (Exception e) { - LOGGER.error("Error retrieving inventory from ES in getAssetCount ", e); - } - return 0; - } - - public List> getCpuUtilizationByAssetGroupAndInstanceId(String instanceId) throws DataException { - - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) - .append("/").append("ec2_utilization").append("/").append(Constants.SEARCH); - Map utilization = null; - List> utilizationList = new ArrayList<>(); - try { - StringBuilder requestBodyCpu = new StringBuilder( - "{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"range\":{\"#Datetime-CPU-Utilization\":{\"gte\":\"now-30d\",\"lte\":\"now\",\"format\":\"yyyy-MM-dd HH:mm:ss\"}}},{\"match\":{\"Instance_Id.keyword\":\"" - + instanceId - + "\"}}]}},\"aggs\":{\"avg-values-per-day\":{\"date_histogram\":{\"field\":\"#Datetime-CPU-Utilization\",\"interval\":\"day\",\"format\":\"yyyy-MM-dd HH:mm:ss\",\"order\":{\"_key\":\"desc\"}},\"aggs\":{\"Avg-CPU-Utilization\":{\"avg\":{\"field\":\"Avg-CPU-Utilization\"}}}}}}"); - String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); - - JsonParser parser = new JsonParser(); - JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); - JsonObject aggregations = responseDetailsjson.get("aggregations").getAsJsonObject(); - JsonObject avgvalues = aggregations.get("avg-values-per-day").getAsJsonObject(); - JsonArray buckets = avgvalues.get(Constants.BUCKETS).getAsJsonArray(); - - for (JsonElement jsonElement : buckets) { - - JsonObject bucketdetails = jsonElement.getAsJsonObject(); - JsonObject cpuUtilizationObj = bucketdetails.get("Avg-CPU-Utilization").getAsJsonObject(); - if (!cpuUtilizationObj.get(Constants.VALUE).isJsonNull()) { - utilization = new HashMap<>(); - utilization.put("date", bucketdetails.get("key_as_string").getAsString()); - utilization.put("cpu-utilization", cpuUtilizationObj.get(Constants.VALUE).getAsDouble()); - utilizationList.add(utilization); - } - } - return utilizationList; - - } catch (Exception e) { - LOGGER.error("Error retrieving inventory from ES in getCpuUtilizationByAssetGroupAndInstanceId", e); - throw new DataException(e); - } - } - - public List> getDiskUtilizationByAssetGroupAndInstanceId(String instanceId) throws DataException { - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) - .append("/").append(Constants.QUALYS_INFO).append("/").append(Constants.SEARCH); - Map utilization = null; - List> utilizationList = new ArrayList<>(); - try { - StringBuilder requestBodyCpu = new StringBuilder( - "{\"_source\":[\"volume\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"match\":{\"instanceid.keyword\":\"" - + instanceId + AssetConstants.ESQUERY_CLOSE); - String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); - - JsonParser parser = new JsonParser(); - JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); - JsonObject firstHits = responseDetailsjson.get("hits").getAsJsonObject(); - JsonArray secHitsArray = firstHits.get("hits").getAsJsonArray(); - for (JsonElement hits : secHitsArray) { - JsonObject hitsJson = hits.getAsJsonObject(); - JsonObject source = hitsJson.get(AssetConstants.UNDERSCORE_SOURCE).getAsJsonObject(); - if (!source.get("volume").isJsonNull()) { - JsonObject volume = source.get("volume").getAsJsonObject(); - - JsonObject list = volume.get("list").getAsJsonObject(); - JsonArray hostAssetVolume = list.get("hostAssetVolume").getAsJsonArray(); - - for (JsonElement jsonElement : hostAssetVolume) { - utilization = new HashMap<>(); - JsonObject voldetails = jsonElement.getAsJsonObject(); - utilization.put("size", voldetails.get("size").getAsString()); - utilization.put("name", voldetails.get("name").getAsString()); - utilization.put("free", voldetails.get("free").getAsString()); - utilizationList.add(utilization); - } - } - } - return utilizationList; - } catch (Exception e) { - LOGGER.error("Error retrieving inventory from ES in getDiskUtilizationByAssetGroupAndInstanceId", e); - throw new DataException(e); - } - } - - public List> getSoftwareInstalledDetailsByAssetGroupAndInstanceId(String instanceId, - Integer from, Integer size, String searchText) throws DataException { - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) - .append("/").append(Constants.QUALYS_INFO).append("/").append(Constants.SEARCH).append("?") - .append("size").append("=").append(Constants.ES_PAGE_SIZE); - Map softwareDet = null; - List> softwareList = new ArrayList<>(); - StringBuilder requestBodyCpu = null; - try { - if (StringUtils.isEmpty(searchText)) { - requestBodyCpu = new StringBuilder( - "{\"_source\":[\"software\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"match\":{\"instanceid.keyword\":\"" - + instanceId + AssetConstants.ESQUERY_CLOSE); - } else { - requestBodyCpu = new StringBuilder( - "{\"_source\":[\"software\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"term\":{\"instanceid.keyword\":{\"value\":\"" - + instanceId + "\"}}},{\"match_phrase_prefix\":{\"_all\":\"" + searchText + AssetConstants.ESQUERY_CLOSE); - } - - String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); - JsonParser parser = new JsonParser(); - JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); - JsonObject firstHits = responseDetailsjson.get("hits").getAsJsonObject(); - JsonArray secHitsArray = firstHits.get("hits").getAsJsonArray(); - for (JsonElement hits : secHitsArray) { - JsonObject hitsJson = hits.getAsJsonObject(); - JsonObject source = hitsJson.get(AssetConstants.UNDERSCORE_SOURCE).getAsJsonObject(); - if (!source.get("software").isJsonNull()) { - JsonObject software = source.get("software").getAsJsonObject(); - JsonObject list = software.get("list").getAsJsonObject(); - JsonArray hostAssetSoftware = list.get("hostAssetSoftware").getAsJsonArray(); - - for (JsonElement jsonElement : hostAssetSoftware) { - softwareDet = new HashMap<>(); - JsonObject softwareDetails = jsonElement.getAsJsonObject(); - softwareDet.put("version", softwareDetails.get("version").getAsString()); - softwareDet.put("name", softwareDetails.get("name").getAsString()); - softwareList.add(softwareDet); - } - } - } - return softwareList; - } catch (Exception e) { - LOGGER.error("Error retrieving inventory from ES in getSoftwareInstalledDetailsByAssetGroupAndInstanceId", - e); - throw new DataException(e); - } - } - - @Override - public List> getEc2ResourceDetailFromRhn(String resourceId) throws DataException { - Map mustFilter = new HashMap<>(); - mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); - try { - return esRepository.getDataFromES(AssetConstants.AWS_EC2, "rhn-info", mustFilter, null, null, - Arrays.asList(Constants.INSTANCE_ID, "last_checkin", "ip", "last_boot"), null); - } catch (Exception e) { - LOGGER.error("Exception in getEc2ResourceDetailFromRhn ",e); - return null; - } - } - - @Override - public List> getEc2ResourceDetail(String ag, String resourceId) throws DataException { - Map mustFilter = new HashMap<>(); - mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); - try { - return esRepository.getDataFromES(ag, Constants.EC2, mustFilter, null, null, Arrays.asList( - Constants.INSTANCE_ID, "imageid", "publicipaddress", "privateipaddress", "vpcid", "availabilityzone", - "subnetid", "instancetype", "accountid", "tags", "accountname", "iaminstanceprofilearn", - Constants.STATE_NAME, "monitoringstate", "hostid", "statereasoncode", "virtualizationtype", - "rootdevicename", "keyname", "kernelid", Constants.STATE_NAME, "hypervisor", "architecture", "tenancy", - "launchtime", "platform"), null); - } catch (Exception e) { - LOGGER.error("Exception in getEc2ResourceDetail ",e); - throw new DataException(e); - } - } - - @Override - public List> getEc2ResourceSecurityGroupDetail(String resourceId) throws DataException { - Map mustFilter = new HashMap<>(); - mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); - try { - return esRepository.getDataFromES(AssetConstants.AWS_EC2, "ec2_secgroups", mustFilter, null, null, - Arrays.asList(Constants.RESOURCEID, "securitygroupid", "securitygroupname", "tmonpe"), null); - } catch (Exception e) { - LOGGER.error("Exception in getEc2ResourceSecurityGroupDetail ",e); - throw new DataException(e); - } - } - - @Override - public List> getEc2ResourceBlockDevicesDetail(String resourceId) throws DataException { - Map mustFilter = new HashMap<>(); - mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); - try { - return esRepository.getDataFromES(AssetConstants.AWS_EC2, "ec2_blockdevices", mustFilter, null, null, - Arrays.asList(Constants.RESOURCEID, "volumeid"), null); - } catch (Exception e) { - LOGGER.error("Exception in getEc2ResourceBlockDevicesDetail ",e); - throw new DataException(e); - } - } - - @Override - public List> getListAssetsPatchable(String assetGroup, Map filter) { - - LOGGER.info("Inside getListAssetsPatchable"); - List> assetList = new ArrayList<>(); - List> assetDetails = new ArrayList<>(); - List sourceFields = null; - String resourceType = null; - if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { - resourceType = filter.get(AssetConstants.FILTER_RES_TYPE); - if (Constants.ONPREMSERVER.equals(resourceType)) { - sourceFields = getDisplayFieldsForTargetType(resourceType); - assetDetails.addAll(getListAssetsPathachableForOnPrem(assetGroup, filter, sourceFields)); - } else if (Constants.EC2.equals(resourceType)) { - assetDetails.addAll(getListAssetsPathachableForEC2(assetGroup, filter, sourceFields)); - sourceFields = getDisplayFieldsForTargetType(resourceType); - } - } else { - boolean agContainsOnPrem = false; - boolean agContainsEc2 = false; - - for (Map targettype : getTargetTypesByAssetGroup(assetGroup, null)) { - if (StringUtils.isNotBlank(targettype.get(Constants.TYPE).toString())) { - if (Constants.ONPREMSERVER.equals(targettype.get(Constants.TYPE).toString())) { - agContainsOnPrem = true; - } - if (Constants.EC2.equals(targettype.get(Constants.TYPE).toString())) { - agContainsEc2 = true; - } - } - } - if (agContainsEc2 && agContainsOnPrem) { - // source common fields for onprem & cloud - sourceFields = getDisplayFieldsForTargetType("all_patchable"); - assetDetails.addAll(getListAssetsPathachableForEC2(assetGroup, filter, sourceFields)); - assetDetails.addAll(getListAssetsPathachableForOnPrem(assetGroup, filter, sourceFields)); - } else if (agContainsEc2) { - sourceFields = getDisplayFieldsForTargetType(Constants.EC2); - assetDetails.addAll(getListAssetsPathachableForEC2(assetGroup, filter, sourceFields)); - } else if (agContainsOnPrem) { - sourceFields = getDisplayFieldsForTargetType(Constants.ONPREMSERVER); - assetDetails.addAll(getListAssetsPathachableForOnPrem(assetGroup, filter, sourceFields)); - } - } - - try { - List executiveapps = new ArrayList<>(); - if (filter.containsKey(AssetConstants.FILTER_EXEC_SPONSOR)) { - executiveapps = fetchExecDirectorApps(filter.get(AssetConstants.FILTER_EXEC_SPONSOR), - "executiveSponsor"); - } - if (filter.containsKey(AssetConstants.FILTER_DIRECTOR)) { - executiveapps = fetchExecDirectorApps(filter.get(AssetConstants.FILTER_DIRECTOR), "director"); - } - for (Map assetDetail : assetDetails) { - Map asset = new LinkedHashMap<>(); - if (CollectionUtils.isEmpty(sourceFields)) { - asset.put(Constants.RESOURCE_DISPLAY_ID, assetDetail.get(Constants.RESOURCEID)); - asset.put(Constants.ACCOUNT_DISPALY_NAME, assetDetail.get(Constants.ACCOUNT_NAME)); - asset.put(Constants.REGION_DISPALY_NAME, assetDetail.get(Constants.REGION)); - if (!assetDetail.containsKey(Constants.TAGS_APPLICATION)) { - asset.put(Constants.APPLICATION, ""); - } else { - asset.put(Constants.APPLICATION, assetDetail.get(Constants.TAGS_APPLICATION)); - } - if (!assetDetail.containsKey(Constants.TAGS_ENVIRONMENT)) { - asset.put(Constants.ENVIRONMENT, ""); - } else { - asset.put(Constants.ENVIRONMENT, assetDetail.get(Constants.TAGS_ENVIRONMENT)); - } - asset.put(Constants.ACCOUNT_DISPLAYI_D, assetDetail.get(Constants.ACCOUNT_ID)); - - } else { - // Loop through the displayble fields if the value is null - // pull null value - for (String field : sourceFields) { - if (!assetDetail.containsKey(field)) { - asset.put(field, ""); - } else { - asset.put(field, assetDetail.get(field)); - } - } - } - // common fileds for filters - if (filter.containsKey(AssetConstants.FILTER_PATCHED)) { - if (AssetConstants.FALSE.equals(filter.get(AssetConstants.FILTER_PATCHED))) { - asset.put(AssetConstants.UNDERSCORE_ENTITY_TYPE, assetDetail.get(Constants.TARGET_TYPE)); - } else { - asset.put(AssetConstants.UNDERSCORE_ENTITY_TYPE, - assetDetail.get(AssetConstants.UNDERSCORE_ENTITY_TYPE)); - } - } else { - asset.put(AssetConstants.UNDERSCORE_ENTITY_TYPE, - assetDetail.get(AssetConstants.UNDERSCORE_ENTITY_TYPE)); - } - if (filter.containsKey(AssetConstants.FILTER_EXEC_SPONSOR) - || filter.containsKey(AssetConstants.FILTER_DIRECTOR)) { - if (executiveapps.contains(assetDetail.get(Constants.TAGS_APPLICATION))) { - assetList.add(asset); - } - } else { - assetList.add(asset); - } - } - } catch (Exception e) { - LOGGER.error("Error in getListAssetsPatchable", e); - } - - LOGGER.info("Exiting getListAssetsPatchable"); - return assetList; - } - - @Override - public List> getListAssetsTaggable(String assetGroup, Map filter) { - - LOGGER.info("Inside getListAssetsTaggable"); - List> assetList = new ArrayList<>(); - List> assetDetails = new ArrayList<>(); - List fieldNames = new ArrayList<>(); - - Map mustFilter = new HashMap<>(); - Map mustFilterAsset = new HashMap<>(); - HashMultimap shouldFilter = HashMultimap.create(); - - String[] tags = mandatoryTags.split(","); - for (String tag : tags) { - shouldFilter.put(CommonUtils.convertAttributetoKeyword(tag.trim()), AssetConstants.TAG_NOT_FOUND); - } - - List> untaggedAssets; - List> totalAssets; - StringBuilder sb; - String type; - String targetType = ""; - if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { - targetType = filter.get(AssetConstants.FILTER_RES_TYPE); - } - - List> ruleIdwithTargetType ; - String ruleIdWithTargetTypeQuery = null; - - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.POLICYID), Constants.TAGGIG_POLICY); - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); - - filter.entrySet() - .stream() - .forEach( - entry -> { - String filterKey = entry.getKey(); - if (!(filterKey.equals(AssetConstants.FILTER_TAGGED) - || filterKey.equals(AssetConstants.FILTER_RES_TYPE) || filterKey - .equals(AssetConstants.FILTER_TAGNAME))) { - if (filterKey.equals(AssetConstants.FILTER_APPLICATION)) { - mustFilter.put(Constants.TAGS_APPS, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); - } - if (filterKey.equals(AssetConstants.FILTER_ENVIRONMENT)) { - mustFilter.put(Constants.TAGS_ENV, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); - } - } - }); - if (!Strings.isNullOrEmpty(targetType)) { - sb = new StringBuilder(); - type = sb.append("'").append(targetType).append("'").toString(); - ruleIdWithTargetTypeQuery = "SELECT A.targetType FROM cf_RuleInstance A, cf_Policy B WHERE A.policyId = B.policyId AND A.status = 'ENABLED' AND B.policyId = 'PacMan_TaggingRule_version-1' AND A.targetType = " - + type; - ruleIdwithTargetType = rdsRepository.getDataFromPacman(ruleIdWithTargetTypeQuery); - try { - fieldNames = getDisplayFieldsForTargetType(targetType); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); - } - if (!ruleIdwithTargetType.isEmpty()) { - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TARGET_TYPE), targetType); - try { - if (filter.containsKey(AssetConstants.FILTER_TAGNAME)) { - mustFilter.put( - CommonUtils.convertAttributetoKeyword(filter.get(AssetConstants.FILTER_TAGNAME)), - "Not Found"); - shouldFilter = null; - } - - if (filter.containsKey(AssetConstants.FILTER_TAGGED)) { - untaggedAssets = esRepository.getDataFromES(assetGroup, null, mustFilter, null, shouldFilter, - null, null); - List untaggedResourceIds = untaggedAssets.parallelStream() - .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); - totalAssets = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, null, fieldNames); - if (filter.get(AssetConstants.FILTER_TAGGED).equals(AssetConstants.FALSE)) { - assetDetails = totalAssets.parallelStream() - .filter(asset -> untaggedResourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } else { - assetDetails = totalAssets.parallelStream() - .filter(asset -> !untaggedResourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } - } else { - assetDetails = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, null, fieldNames); - } - } catch (Exception e) { - LOGGER.error("Error in getListAssetsTaggable", e); - } - } - } else { - ruleIdWithTargetTypeQuery = "SELECT A.targetType FROM cf_RuleInstance A, cf_Policy B WHERE A.policyId = B.policyId AND A.status = 'ENABLED' AND B.policyId = 'PacMan_TaggingRule_version-1'"; - ruleIdwithTargetType = rdsRepository.getDataFromPacman(ruleIdWithTargetTypeQuery); - List validTypes = ruleIdwithTargetType.stream() - .map(obj -> obj.get(Constants.TARGET_TYPE).toString()).collect(Collectors.toList()); - if (validTypes.size() > 1) { - try { - fieldNames = getDisplayFieldsForTargetType("all_taggable"); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); - } - } else { - try { - fieldNames = getDisplayFieldsForTargetType(validTypes.get(0)); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); - } - } - try { - if (filter.containsKey(AssetConstants.FILTER_TAGNAME)) { - mustFilter.put(CommonUtils.convertAttributetoKeyword(filter.get(AssetConstants.FILTER_TAGNAME)), - "Not Found"); - shouldFilter = null; - } - if (filter.containsKey(AssetConstants.FILTER_TAGGED)) { - untaggedAssets = esRepository.getDataFromES(assetGroup, null, mustFilter, null, shouldFilter, - fieldNames, null); - List untaggedResourceIds = untaggedAssets - .parallelStream() - .map(obj -> obj.get(Constants.RESOURCEID).toString() - + obj.get(Constants.TARGET_TYPE).toString()).collect(Collectors.toList()); - totalAssets = getAssetsByAssetGroup(assetGroup, AssetConstants.ALL, mustFilterAsset, validTypes, - fieldNames); - if (filter.get(AssetConstants.FILTER_TAGGED).equals(AssetConstants.FALSE)) { - assetDetails = totalAssets - .parallelStream() - .filter(asset -> untaggedResourceIds.contains(asset.get(Constants.RESOURCEID) - .toString() + asset.get(AssetConstants.UNDERSCORE_ENTITY_TYPE).toString())) - .collect(Collectors.toList()); - } else { - assetDetails = totalAssets - .parallelStream() - .filter(asset -> !untaggedResourceIds.contains(asset.get(Constants.RESOURCEID) - .toString() + asset.get(AssetConstants.UNDERSCORE_ENTITY_TYPE).toString())) - .collect(Collectors.toList()); - } - } else { - assetDetails = getAssetsByAssetGroup(assetGroup, AssetConstants.ALL, mustFilterAsset, validTypes, - fieldNames); - } - - } catch (Exception e) { - LOGGER.error("Error in getListAssetsTaggable", e); - } - } - - if (!CollectionUtils.isEmpty(fieldNames)) { - final List fieldNamesCopy = fieldNames; - assetDetails.parallelStream().forEach(assetDetail -> { - Map asset = new LinkedHashMap<>(); - for (String fieldName : fieldNamesCopy) { - if (!Constants.TARGET_TYPE.equals(fieldName)) { - if (!assetDetail.containsKey(fieldName)) { - asset.put(fieldName, ""); - } else { - asset.put(fieldName, assetDetail.get(fieldName)); - } - } - } - synchronized (assetList) { - assetList.add(asset); - } - }); - LOGGER.info("Exiting getListAssetsTaggable"); - return assetList; - } else { - assetDetails.parallelStream().forEach( - assetDetail -> { - Map asset = new LinkedHashMap<>(); - asset.put(Constants.RESOURCEID, assetDetail.get(Constants.RESOURCEID)); - assetDetail.forEach((key, value) -> { - if (!Arrays.asList(Constants.RESOURCEID, Constants.DOCID, AssetConstants.UNDERSCORE_ENTITY, - Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, - Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, - AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, Constants.LATEST, - AssetConstants.CREATION_DATE).contains(key)) { - asset.put(key, value); - } - }); - synchronized (assetList) { - assetList.add(asset); - } - }); - LOGGER.info("Exiting getListAssetsTaggable"); - return assetList; - } - } - - @Override - public List> getListAssetsVulnerable(String assetGroup, Map filter) { - - LOGGER.info("Inside getListAssetsVulnerable"); - List> assetList = new ArrayList<>(); - List> assetDetails = new ArrayList<>(); - - boolean agContainsOnPrem = false; - boolean agContainsEc2 = false; - - List validTargetTypes = getTargetTypesByAssetGroup(assetGroup, null).stream() - .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); - String[] vulnTypesArray = vulnTypes.split(","); - List vulnTargetTypes = new ArrayList<>(); - - for (String vulnType : vulnTypesArray) { - if (validTargetTypes.contains(vulnType.trim())) { - vulnTargetTypes.add(vulnType); - } - } - - if (validTargetTypes.contains(Constants.ONPREMSERVER)) { - agContainsOnPrem = true; - } - if (validTargetTypes.contains(Constants.EC2)) { - agContainsEc2 = true; - } - List fieldNames = null; - try { - if (agContainsEc2 && agContainsOnPrem) { - fieldNames = getDisplayFieldsForTargetType("all_vulnerable"); - } else if (agContainsEc2) { - fieldNames = getDisplayFieldsForTargetType(Constants.EC2); - } else if (agContainsOnPrem) { - fieldNames = getDisplayFieldsForTargetType(Constants.ONPREMSERVER); - } - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); - } - if (!vulnTargetTypes.isEmpty()) { - for (String parentType : vulnTargetTypes) { - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(assetGroup); - urlToQueryBuffer.append("/").append(parentType); - urlToQueryBuffer.append("/").append(Constants.SEARCH).append("?scroll=") - .append(Constants.ES_PAGE_SCROLL_TTL); - - String urlToQuery = urlToQueryBuffer.toString(); - String urlToScroll = new StringBuilder(esUrl).append("/").append(Constants.SEARCH).append("/scroll") - .toString(); - - StringBuilder requestBody = new StringBuilder( - "{\"size\":10000,\"query\":{\"bool\":{\"must\":[{\"has_child\":{\"type\":\"vulninfo\",\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":true}},{\"term\":{\"qid\":"); - requestBody.append(filter.get("qid")); - requestBody.append("}}]}}}},{\"term\":{\"latest\":true}}"); - if (filter.containsKey(AssetConstants.FILTER_APPLICATION)) { - requestBody.append(",{\"term\":{\"tags.Application.keyword\":\""); - requestBody.append(filter.get(AssetConstants.FILTER_APPLICATION)); - requestBody.append("\"}}"); - } - if (filter.containsKey(AssetConstants.FILTER_ENVIRONMENT)) { - requestBody.append(",{\"term\":{\"tags.Environment.keyword\":\""); - requestBody.append(filter.get(AssetConstants.FILTER_ENVIRONMENT)); - requestBody.append("\"}}"); - } - if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { - requestBody.append(",{\"term\":{\"_entitytype.keyword\":\""); - requestBody.append(filter.get(AssetConstants.FILTER_RES_TYPE)); - requestBody.append("\"}}"); - } - requestBody.append("]}}}"); - Long totalDocs = getTotalDocCount(assetGroup, parentType, "{" + requestBody.toString().substring(14)); - String request = requestBody.toString(); - String scrollId = null; - if(totalDocs>0){ - for (int index = 0; index <= (totalDocs / Constants.ES_PAGE_SIZE); index++) { - String responseDetails = null; - try { - if (!Strings.isNullOrEmpty(scrollId)) { - request = esRepository.buildScrollRequest(scrollId, Constants.ES_PAGE_SCROLL_TTL); - urlToQuery = urlToScroll; - } - responseDetails = PacHttpUtils.doHttpPost(urlToQuery, request); - scrollId = esRepository.processResponseAndSendTheScrollBack(responseDetails, assetDetails); - } catch (Exception e) { - LOGGER.error("Error in getListAssetsVulnerable", e); - } - } - } - } - - List fieldsToBeSkipped = Arrays.asList(Constants.RESOURCEID, Constants.DOCID, - AssetConstants.UNDERSCORE_ENTITY, Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, - Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, - Constants.LATEST, AssetConstants.CREATION_DATE); - LOGGER.info("Exiting getListAssetsVulnerable"); - assetList.addAll(formGetListResponse(fieldNames, assetDetails, fieldsToBeSkipped)); - } - return assetList; - } - - @Override - public List> getListAssetsScanned(String assetGroup, Map filter) { - - LOGGER.info("Inside getListAssetsScanned"); - List> assetDetails = new ArrayList<>(); - List fieldNames = new ArrayList<>(); - - Map mustFilter = new HashMap<>(); - Map mustFilterAsset = new HashMap<>(); - - String targetType = ""; - if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { - targetType = filter.get(AssetConstants.FILTER_RES_TYPE); - } - - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.RULEID), - filter.get(AssetConstants.FILTER_RULEID)); - mustFilterAsset.put(Constants.LATEST, Constants.TRUE); - mustFilterAsset.put(Constants.RULEID, - filter.get(AssetConstants.FILTER_RULEID)); - - filter.entrySet() - .stream() - .forEach( - entry -> { - if (!(entry.getKey().equals(AssetConstants.FILTER_RULEID) - || entry.getKey().equals(AssetConstants.FILTER_RES_TYPE) || entry.getKey().equals( - AssetConstants.FILTER_COMPLIANT))) { - if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { - mustFilter.put(Constants.TAGS_APPS, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { - mustFilter.put(Constants.TAGS_ENV, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); - } - } - }); - - try { - List> nonCompliantAssets = esRepository.getDataFromES(assetGroup, null, mustFilter, - null, null, null, null); - if (!nonCompliantAssets.isEmpty()) { - String policy = nonCompliantAssets.get(0).get("policyId").toString(); - if ("PacMan_TaggingRule_version-1".equals(policy)) { - String[] tags = mandatoryTags.split(","); - nonCompliantAssets = nonCompliantAssets.stream().filter(issue -> { - boolean compliant = true; - for (String tag : tags) { - if (AssetConstants.TAG_NOT_FOUND.equals(issue.get(tag))) { - compliant = false; - break; - } - } - return !compliant; - }).collect(Collectors.toList()); - } - } - if (filter.containsKey(AssetConstants.FILTER_COMPLIANT)) { - List nonCompliantresourceIds = nonCompliantAssets.parallelStream() - .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); - if (StringUtils.isEmpty(targetType)) { - targetType = getTargetTypeByRuleId(assetGroup, filter.get(AssetConstants.FILTER_RULEID)); - } - try { - fieldNames = getDisplayFieldsForTargetType(targetType); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); - } - List> totalAssets = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, - null, fieldNames); - - if (filter.get(AssetConstants.FILTER_COMPLIANT).equals(AssetConstants.FALSE)) { - assetDetails = totalAssets.parallelStream() - .filter(asset -> nonCompliantresourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } else { - assetDetails = totalAssets.parallelStream() - .filter(asset -> !nonCompliantresourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } - } else { - if (StringUtils.isEmpty(targetType)) { - targetType = getTargetTypeByRuleId(assetGroup, filter.get(AssetConstants.FILTER_RULEID)); - } - try { - fieldNames = getDisplayFieldsForTargetType(targetType); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); - } - assetDetails = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, null, fieldNames); - } - } catch (Exception e) { - LOGGER.error("Error in getListAssetsScanned", e); - } - - List fieldsToBeSkipped = Arrays.asList(Constants.RESOURCEID, Constants.DOCID, AssetConstants.UNDERSCORE_ENTITY, - Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, - AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, Constants.LATEST, AssetConstants.CREATION_DATE); - LOGGER.info("Exiting getListAssetsScanned"); - return formGetListResponse(fieldNames, assetDetails, fieldsToBeSkipped); - - } - - @Override - public List> getResourceDetail(String ag, String resourceType, String resourceId) - throws DataException { - - String indexName = ag; - Map mustFilter = new HashMap<>(); - mustFilter.put("_resourceid.keyword", resourceId); - try { - return esRepository.getDataFromES(indexName, resourceType, mustFilter, null, null, null, null); - } catch (Exception e) { - LOGGER.error("Exception in getResourceDetail ",e); - throw new DataException(e); - } - } - - private List> getAssetsByAssetGroup(String assetGroupName, String type, - Map mustFilter, List targetTypes, List fieldNames) { - - mustFilter.put(Constants.LATEST, Constants.TRUE); - mustFilter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); - - HashMultimap shouldFilter = HashMultimap.create(); - if (Constants.EC2.equals(type) || AssetConstants.ALL.equals(type)) { - if(mustFilter.containsKey(AssetConstants.FILTER_RULEID) && - ((mustFilter.get(AssetConstants.FILTER_RULEID).toString().equalsIgnoreCase(Constants.CLOUD_QUALYS_RULE) && qualysEnabled) || mustFilter.get(AssetConstants.FILTER_RULEID).toString().equalsIgnoreCase(Constants.SSM_AGENT_RULE))) { - return getLongRunningInstances(assetGroupName, type, fieldNames); - } else { - shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); - } - } - mustFilter.remove(AssetConstants.FILTER_RULEID); - - List> assets = new ArrayList<>(); - try { - if (AssetConstants.ALL.equals(type)) { - try { - boolean ec2Exists = false; - Map mustTermsFilter = new HashMap<>(); - if (targetTypes.contains(Constants.EC2)) { - targetTypes.remove(Constants.EC2); - ec2Exists = true; - } - mustTermsFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, targetTypes); - - assets = esRepository.getDataFromES(assetGroupName, null, mustFilter, null, null, fieldNames, - mustTermsFilter); - if (ec2Exists) { - assets.addAll(esRepository.getDataFromES(assetGroupName, Constants.EC2, mustFilter, null, - shouldFilter, fieldNames, null)); - } - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); - } - - } else { - if (Constants.ONPREMSERVER.equalsIgnoreCase(type)) { - fieldNames = getDisplayFieldsForTargetType(type); - } - assets = esRepository.getDataFromES(assetGroupName, type, mustFilter, null, shouldFilter, fieldNames, - null); - } - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); - } - - return assets; - } - - private List> getLongRunningInstances(String assetGroup, String type, List fieldNames) { - - List> assetDetails = new ArrayList<>(); - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(assetGroup); - urlToQueryBuffer.append("/").append(type); - urlToQueryBuffer.append("/").append(Constants.SEARCH).append("?scroll=") - .append(Constants.ES_PAGE_SCROLL_TTL); - - String urlToQuery = urlToQueryBuffer.toString(); - String urlToScroll = new StringBuilder(esUrl).append("/").append(Constants.SEARCH).append("/scroll") - .toString(); - StringBuilder requestCount = new StringBuilder("{\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}},{\"match\":{\"statename\":\"running\"}}]," - + "\"should\":[{\"script\":{\"script\":\"LocalDate.parse(doc['firstdiscoveredon.keyword'].value.substring(0,10))" - + ".isBefore(LocalDate.from(Instant.ofEpochMilli(new Date().getTime()).atZone(ZoneId.systemDefault())).minusDays(7))\"}}," - + "{\"has_child\":{\"type\":\"qualysinfo\",\"query\":{\"match\":{\"latest\":\"true\"}}}}],\"minimum_should_match\":1}}}"); - - Long totalDocs = getTotalDocCount(assetGroup, type, requestCount.toString()); - StringBuilder requestBody = new StringBuilder("{\"_source\":").append(new Gson().toJson(fieldNames)).append(",").append("\"size\":10000,"). - append(requestCount.toString().substring(1, requestCount.length())); - String request = requestBody.toString(); - String scrollId = null; - if(totalDocs>0){ - for (int index = 0; index <= (totalDocs / Constants.ES_PAGE_SIZE); index++) { - String responseDetails = null; - try { - if (!Strings.isNullOrEmpty(scrollId)) { - request = esRepository.buildScrollRequest(scrollId, Constants.ES_PAGE_SCROLL_TTL); - urlToQuery = urlToScroll; - } - responseDetails = PacHttpUtils.doHttpPost(urlToQuery, request); - scrollId = esRepository.processResponseAndSendTheScrollBack(responseDetails, assetDetails); - } catch (Exception e) { - LOGGER.error("Error in getListAssetsVulnerable", e); - } - } - } - return assetDetails; - } - - private List> getAssetsByAssetGroupBySize(String assetGroupName, String type, - Map mustFilter, List targetTypes, List fieldNames, int from, int size, - String searchText) { - mustFilter.put(Constants.LATEST, Constants.TRUE); - mustFilter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); - HashMultimap shouldFilter = HashMultimap.create(); - if (Constants.EC2.equals(type)) { - shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); - shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); - } - - List> assets = new ArrayList<>(); - try { - if (AssetConstants.ALL.equals(type)) { - try { - Map mustTermsFilter = new HashMap<>(); - mustTermsFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, targetTypes); - assets = esRepository.getDataFromESBySize(assetGroupName, null, mustFilter, null, null, fieldNames, - from, size, searchText, mustTermsFilter); - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); - } - - } else { - if (Constants.ONPREMSERVER.equalsIgnoreCase(type)) { - fieldNames = getDisplayFieldsForTargetType(type); - } - assets = esRepository.getDataFromESBySize(assetGroupName, type, mustFilter, null, shouldFilter, - fieldNames, from, size, searchText, null); - } - } catch (Exception e) { - LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); - } - - return assets; - } - - @SuppressWarnings("unchecked") - private long getTotalDocCount(String index, String type, String requestBody) { - StringBuilder urlToQuery = new StringBuilder(esUrl).append("/").append(index).append("/").append(type) - .append("/").append("_count"); - String responseDetails = null; - Gson gson = new GsonBuilder().create(); - try { - responseDetails = PacHttpUtils.doHttpPost(urlToQuery.toString(), requestBody); - Map response = (Map) gson.fromJson(responseDetails, Object.class); - return (long) (Double.parseDouble(response.get("count").toString())); - } catch (Exception e) { - LOGGER.error("Error in getTotalDocCount", e); - return 0; - } - } - - private List fetchExecDirectorApps(String name, String exeOrDirec) { - List executiveApps = new ArrayList<>(); - List> execAndDirectorInfo; - try { - execAndDirectorInfo = esRepository.getDataFromES("aws_apps", "apps", null, null, null, - Arrays.asList("appTag", "director", "executiveSponsor"), null); - for (Map execMap : execAndDirectorInfo) { - if (name.equals(execMap.get(exeOrDirec))) { - executiveApps.add(execMap.get("appTag").toString()); - } - } - - } catch (Exception e) { - LOGGER.error("Error in fetchExecDirectorApps", e); - } - return executiveApps; - } - - public List> getOpenPortDetailsByInstanceId(String instanceId, Integer from, Integer size, - String searchText) throws DataException { - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) - .append("/").append(Constants.QUALYS_INFO).append("/").append(Constants.SEARCH).append("?") - .append("size").append("=").append(Constants.ES_PAGE_SIZE); - Map openPortDet = null; - List> openPortList = new ArrayList<>(); - StringBuilder requestBodyCpu = null; - try { - if (StringUtils.isEmpty(searchText)) { - requestBodyCpu = new StringBuilder( - "{\"_source\":[\"openPort\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"match\":{\"instanceid.keyword\":\"" - + instanceId + AssetConstants.ESQUERY_CLOSE); - } else { - requestBodyCpu = new StringBuilder( - "{\"_source\":[\"openPort\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"term\":{\"instanceid.keyword\":{\"value\":\"" - + instanceId + "\"}}},{\"match_phrase_prefix\":{\"_all\":\"" + searchText + AssetConstants.ESQUERY_CLOSE); - } - String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); - JsonParser parser = new JsonParser(); - JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); - JsonObject firstHits = responseDetailsjson.get("hits").getAsJsonObject(); - JsonArray secHitsArray = firstHits.get("hits").getAsJsonArray(); - for (JsonElement hits : secHitsArray) { - JsonObject hitsJson = hits.getAsJsonObject(); - JsonObject source = hitsJson.get(AssetConstants.UNDERSCORE_SOURCE).getAsJsonObject(); - if (!source.get("openPort").isJsonNull()) { - JsonObject openPort = source.get("openPort").getAsJsonObject(); - JsonObject list = openPort.get("list").getAsJsonObject(); - JsonArray hostAssetOpenPort = list.get("hostAssetOpenPort").getAsJsonArray(); - - for (JsonElement jsonElement : hostAssetOpenPort) { - openPortDet = new HashMap<>(); - JsonObject openPortDetails = jsonElement.getAsJsonObject(); - openPortDet.put("protocol", openPortDetails.get("protocol").getAsString()); - openPortDet.put("port", openPortDetails.get("port").getAsString()); - openPortDet.put("serviceId", openPortDetails.get("serviceId").getAsString()); - if (!openPortDetails.get(AssetConstants.SERVICE_NAME).isJsonNull()) { - openPortDet.put(AssetConstants.SERVICE_NAME, - openPortDetails.get(AssetConstants.SERVICE_NAME).getAsString()); - } else { - openPortDet.put(AssetConstants.SERVICE_NAME, ""); - } - openPortList.add(openPortDet); - } - } - } - return openPortList; - - } catch (Exception e) { - LOGGER.error("Error retrieving inventory from ES in getOpenPortDetailsByInstanceId", e); - throw new DataException(e); - } - } - - private String getTargetTypeByRuleId(String assetGroup, String ruleId) { - - LOGGER.info("Getting Target type for Rule id : " + ruleId); - List targetTypes = getTargetTypesByAssetGroup(assetGroup, null).stream() - .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); - String ttypesTemp; - String ttypes = null; - for (String name : targetTypes) { - ttypesTemp = new StringBuilder().append('\'').append(name).append('\'').toString(); - if (Strings.isNullOrEmpty(ttypes)) { - ttypes = ttypesTemp; - } else { - ttypes = new StringBuilder().append(ttypes).append(",").append(ttypesTemp).toString(); - } - } - String ruleIdWithTargetTypeQuery = "SELECT ruleId, targetType FROM cf_RuleInstance WHERE STATUS = 'ENABLED'AND targetType IN (" - + ttypes + ")"; - List> ruleIdwithTargetType = rdsRepository.getDataFromPacman(ruleIdWithTargetTypeQuery); - Map ruleIdwithruleTargetTypeMap = ruleIdwithTargetType.stream().collect( - Collectors.toMap(s -> (String) s.get(Constants.RULEID), s -> (String) s.get(Constants.TARGET_TYPE))); - - return ruleIdwithruleTargetTypeMap.get(ruleId); - } - - @Override - public Map getResourceCreateInfo(String resourceId) throws DataException { - - String url = heimdallEsesUrl + "/pacman-resource-claim/_search"; - String request = "{\"query\": {\"match\": {\"resourceid.keyword\": \"" + resourceId + "\"}}}"; - String responseDetails; - try { - responseDetails = PacHttpUtils.doHttpPost(url, request); - } catch (Exception e) { - LOGGER.error("Exception in getResourceCreateInfo ",e); - throw new DataException(e); - } - - JsonObject responseDetailsjson = new JsonParser().parse(responseDetails).getAsJsonObject(); - JsonArray hits = responseDetailsjson.get("hits").getAsJsonObject().get("hits").getAsJsonArray(); - - if (hits.size() > 0) { - JsonObject createInfoObj = hits.get(0).getAsJsonObject().get(AssetConstants.UNDERSCORE_SOURCE) - .getAsJsonObject(); // Exp - Gson gson = new Gson(); - Map map = new HashMap<>(); - map = (Map) gson.fromJson(createInfoObj, map.getClass()); - - // User better key names for createdBy and creationDate - Object obj = map.remove("user"); - map.put("createdBy", obj); - - obj = map.remove("time"); - map.put(AssetConstants.CREATION_DATE, obj); - - // The string 'null' could come in email - if ("null".equals(map.get("email").toString())) { - map.put("email", ""); - } - return map; - } - return null; - } - - @Override - public Map getNotificationSummary(String instanceId) throws DataException { - - Map matchEntryMap = new HashMap<>(); - matchEntryMap.put("entityvalue.keyword", instanceId); - - Map matchMap = new HashMap<>(); - matchMap.put(Constants.MATCH, matchEntryMap); - - Map childEntryMap = new LinkedHashMap<>(); - childEntryMap.put(Constants.TYPE, "phd_entities"); - childEntryMap.put(AssetConstants.QUERY, matchMap); - - // Create must map - Map mustFilter = new HashMap<>(); - mustFilter.put(Constants.LATEST, Constants.TRUE); - mustFilter.put("has_child", childEntryMap); - - String aggsFilterFieldName = CommonUtils.convertAttributetoKeyword("statuscode"); - - try { - return esRepository.getTotalDistributionForIndexAndType("aws_phd", "phd", mustFilter, null, null, - aggsFilterFieldName, Constants.TEN, null); - } catch (Exception e) { - LOGGER.error("Exception in getNotificationSummary ",e); - throw new DataException(e); - } - - } - - @Override - public List> getNotificationDetails(String instanceId, Map filters, - String searchText) throws DataException { - - Map matchEntryMap = new HashMap<>(); - matchEntryMap.put("entityvalue.keyword", instanceId); - - Map matchMap = new HashMap<>(); - matchMap.put(Constants.MATCH, matchEntryMap); - - Map childEntryMap = new LinkedHashMap<>(); - childEntryMap.put(Constants.TYPE, "phd_entities"); - childEntryMap.put(AssetConstants.QUERY, matchMap); - - // Create must map - Map mustFilter = new HashMap<>(); - mustFilter.put(Constants.LATEST, Constants.TRUE); - mustFilter.put("has_child", childEntryMap); - - if (null != filters && filters.size() > 0) { - filters.forEach((key, value) -> mustFilter.put(key, value)); - } - - try { - return esRepository.getDataFromESBySize("aws_phd", "phd", mustFilter, null, null, null, 0, - Constants.ES_PAGE_SIZE, searchText, null); - } catch (Exception e) { - LOGGER.error("Exception in getNotificationDetails ",e); - throw new DataException(e); - } - - } - - @Override - public List> getQualysDetail(String resourceId) throws DataException { - - Map mustFilter = new HashMap<>(); - mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); - try { - return esRepository.getDataFromES(AssetConstants.AWS_EC2, Constants.QUALYS_INFO, mustFilter, null, null, - Arrays.asList("lastVulnScan", "totalMemory", "account.list.hostAssetAccount.username"), null); - } catch (Exception e) { - LOGGER.error("Exception in getQualysDetail ",e); - throw new DataException(); - } - } - - @SuppressWarnings({ "unchecked" }) - @Override - public int updateAsset(String assetGroup, String targettype, Map resources, String updatedBy, - List> updates) throws DataException, NoDataFoundException { - - int totalrows = 0; - List queriesToExecute = new ArrayList<>(); - List> assetDetails = new ArrayList<>(); - List insertValuesList = new ArrayList<>(); - List deleteValuesList = new ArrayList<>(); - String[] insertValuesListFinal; - String[] deleteValuesListFinal; - List inptutResources = (List) resources.get("values"); - LOGGER.info("Total Resouces passed in " + inptutResources.size()); - Set resourceids = new HashSet<>(inptutResources); - LOGGER.info("Dups Resouces passed in " + (resourceids.size() - inptutResources.size())); - HashMap mustFilter = new HashMap<>(); - mustFilter.put(Constants.LATEST, true); - List> assetDetailsFromES; - try { - assetDetailsFromES = esRepository.getDataFromES(assetGroup, targettype, mustFilter, - null, null, null, null); - } catch (Exception e) { - LOGGER.error("Exception in updateAsset ",e); - throw new DataException(e); - } - LOGGER.info("Total records in ES " + assetDetailsFromES.size()); - - Map> assetsTobeUpdated = assetDetailsFromES.parallelStream() - .filter(asset -> resourceids.contains(asset.get(Constants.RESOURCEID).toString())) - .collect(Collectors.toMap(asset -> asset.get(Constants.RESOURCEID).toString(), asset -> asset)); - assetDetailsFromES.clear(); - - LOGGER.info("Total records to be updated " + assetsTobeUpdated.size()); - resourceids.parallelStream().forEach( - resourceValue -> { - Map assetDetailsMap = assetsTobeUpdated.get(resourceValue); - if (null != assetDetailsMap) { - assetDetailsMap.remove(Constants._ID); - assetDetailsMap.remove(Constants.ES_DOC_PARENT_KEY); - assetDetailsMap.remove(Constants.ES_DOC_ROUTING_KEY); - assetDetailsMap.put(Constants.LATEST, true); - for (Map updateMap : updates) { - String type = targettype; - String updatedByLocal = updatedBy; - StringBuilder deleteValue = new StringBuilder("(").append("'" + resourceValue + "'") - .append("," + "'" + updateMap.get("key") + "'").append(")"); - if (deleteValue != null) { - synchronized (deleteValuesList) { - deleteValuesList.add(deleteValue.toString()); - } - } - StringBuilder insertValue = new StringBuilder("(") - .append("'" + type + "'") - .append("," + "'" + resourceValue + "'") - .append("," + "'" + updateMap.get("key") + "'") - .append("," + "'" + updateMap.get("value") + "'") - .append("," + "'" + updatedByLocal + "'") - .append("," + "'" - + new SimpleDateFormat("yyyy-MM-dd H:00:00Z").format(new java.util.Date()) - + "')"); - if (insertValue != null) { - synchronized (insertValuesList) { - insertValuesList.add(insertValue.toString()); - } - } - assetDetailsMap.put(updateMap.get("key").toString(), updateMap.get("value")); - } - synchronized (assetDetails) { - assetDetails.add(assetDetailsMap); - } - } else { - LOGGER.info("resource not found" + resourceValue); - } - }); - - LOGGER.info("Total records to be updated back in ES " + assetDetails.size()); - assetsTobeUpdated.clear(); - if (!assetDetails.isEmpty()) { - insertValuesList.removeAll(Collections.singleton(null)); - insertValuesListFinal = insertValuesList.toArray(new String[insertValuesList.size()]); - deleteValuesList.removeAll(Collections.singleton(null)); - deleteValuesListFinal = deleteValuesList.toArray(new String[deleteValuesList.size()]); - - StringBuilder insertQuery = new StringBuilder( - "INSERT INTO pacman_field_override ( resourcetype,_resourceid,fieldName,fieldValue,updatedBy,updatedOn) VALUES "); - insertQuery.append(String.join(",", insertValuesListFinal)); - StringBuilder deleteQuery = new StringBuilder("DELETE FROM pacman_field_override WHERE resourceType = '" - + targettype + "' AND " + "( _resourceid,fieldName) IN"); - - deleteQuery.append("(").append(String.join(",", deleteValuesListFinal)).append(")"); - - queriesToExecute.add(deleteQuery.toString()); - queriesToExecute.add(insertQuery.toString()); - int[] updateCnt = redshiftRepository.batchUpdate(queriesToExecute); - if (updateCnt != null && updateCnt.length == Constants.TWO && updateCnt[1] > 0) { - String index = "aws_" + targettype; - uploadData(index, targettype, assetDetails, Constants.DOCID); - totalrows = updateCnt[1]; - } else { - LOGGER.error("Update failed"); - } - return totalrows; - } else { - throw new NoDataFoundException("Updation Failed,No matching records found in ES"); - } - } - - private boolean uploadData(String index, String type, List> docs, String idKey) { - String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_id\" : \"%s\"} }%n"; - - LOGGER.info("*********UPLOADING*** " + type); - if (null != docs && !docs.isEmpty()) { - StringBuilder bulkRequest = new StringBuilder(); - int i = 0; - for (Map doc : docs) { - if (doc != null) { - String id = doc.get(idKey).toString(); - StringBuilder docStrBuilder = new StringBuilder(createESDoc(doc)); - - if (docStrBuilder != null) { - bulkRequest.append(String.format(actionTemplate, index, type, id)); - bulkRequest.append(docStrBuilder + "\n"); - } - i++; - if (i % Constants.THOUSAND == AssetConstants.ZERO - || bulkRequest.toString().getBytes().length - / (Constants.THOUSAND_TWENTY_FOUR * Constants.THOUSAND_TWENTY_FOUR) > Constants.FIVE) { - LOGGER.info("Uploaded" + i); - Response resp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, bulkRequest.toString()); - try { - String responseStr = ""; - if(null != resp) { - responseStr = EntityUtils.toString(resp.getEntity()); - } - if (responseStr.contains(AssetConstants.RESPONSE_ERROR)) { - Response retryResp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, - bulkRequest.toString()); - String retryResponse = ""; - if(null != retryResp) { - retryResponse = EntityUtils.toString(retryResp.getEntity()); - } - if (retryResponse.contains(AssetConstants.RESPONSE_ERROR)) { - LOGGER.error(retryResponse); - } - } - } catch (Exception e) { - LOGGER.error("Bulk upload failed",e); - return false; - } - bulkRequest = new StringBuilder(); - } - } - } - if (bulkRequest.length() > 0) { - LOGGER.info("Uploaded" + i); - Response resp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, bulkRequest.toString()); - try { - String responseStr = ""; - if(null != resp) { - responseStr = EntityUtils.toString(resp.getEntity()); - } - if (responseStr.contains(AssetConstants.RESPONSE_ERROR)) { - Response retryResp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, - bulkRequest.toString()); - String retryResponse = ""; - if(null != retryResp) { - retryResponse = EntityUtils.toString(retryResp.getEntity()); - } - - if (retryResponse.contains(AssetConstants.RESPONSE_ERROR)) { - LOGGER.error(retryResponse); - } - } - return resp.getStatusLine().getStatusCode() == 200 ? true : false; - } catch (Exception e) { - LOGGER.error("Bulk upload failed",e); - return false; - } - } - } - return true; - } - - private String createESDoc(Map doc) { - ObjectMapper objMapper = new ObjectMapper(); - String docJson = "{}"; - try { - docJson = objMapper.writeValueAsString(doc); - } catch (JsonProcessingException e) { - LOGGER.error("Error in createESDoc" , e); - } - return docJson; - } - - private Response invokeAPI(String method, String endpoint, String payLoad) { - HttpEntity entity = null; - try { - if (payLoad != null) { - entity = new NStringEntity(payLoad, ContentType.APPLICATION_JSON); - } - return getRestClient().performRequest(method, endpoint, Collections.emptyMap(), entity); - } catch (IOException e) { - LOGGER.error("Error in invokeAPI" , e); - } - return null; - } - - private RestClient getRestClient() { - if (restClient == null) { - restClient = RestClient.builder(new HttpHost(updateESHost, updateESPort)).build(); - } - return restClient; - } - - @SuppressWarnings("rawtypes") - @Override - public List> getAssetLists(String assetGroup, Map filter, int from, int size, - String searchText) { - LOGGER.info("Inside getAssetLists"); - List> assetDetails = new ArrayList<>(); - String targetType = ""; - - Map mustFilter = new HashMap<>(); - mustFilter.put(Constants.LATEST, Constants.TRUE); - Iterator it = filter.entrySet().iterator(); - while (it.hasNext()) { - Map.Entry entry = (Map.Entry) it.next(); - if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { - mustFilter.put(Constants.TAGS_APPS, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { - mustFilter.put(Constants.TAGS_ENV, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_RES_TYPE)) { - targetType = entry.getValue().toString(); - } - } - - List fieldNames = Arrays.asList(Constants.RESOURCEID, Constants.ACCOUNT_NAME, Constants.REGION, - Constants.TAGS_APPLICATION, Constants.TAGS_ENVIRONMENT, Constants.ACCOUNT_ID, - AssetConstants.UNDERSCORE_ENTITY_TYPE); - if (Constants.ONPREMSERVER.equalsIgnoreCase(targetType)) { - fieldNames = getDisplayFieldsForTargetType(targetType); - } - try { - String url = esUrl + "/" + assetGroup + "/" + targetType + "/_search?size=" + size + "&from=" + from; - Map source = new HashMap<>(); - source.put(AssetConstants.UNDERSCORE_SOURCE, fieldNames); - String soruceJson = new Gson().toJson(source).replaceFirst("}", ""); - String query = soruceJson - + ",\"query\":{\"match\":{\"latest\":\"true\"}},\"sort\":[{\"_resourceid.keyword\":{\"order\":\"asc\"}}]}"; - String responseJson = ""; - try { - responseJson = PacHttpUtils.doHttpPost(url, query); - } catch (Exception e) { - LOGGER.error("Error in getAssetLists" , e); - } - JsonParser jsonParser = new JsonParser(); - JsonObject resultJson = (JsonObject) jsonParser.parse(responseJson); - JsonObject hitsJson = (JsonObject) jsonParser.parse(resultJson.get("hits").toString()); - JsonArray jsonArray = hitsJson.getAsJsonObject().get("hits").getAsJsonArray(); - if (jsonArray.size() > 0) { - for (int i = 0; i < jsonArray.size(); i++) { - JsonObject obj = (JsonObject) jsonArray.get(i); - JsonObject sourceJson = (JsonObject) obj.get(AssetConstants.UNDERSCORE_SOURCE); - if (sourceJson != null) { - Map doc = new Gson().fromJson(sourceJson, new TypeToken>() { - }.getType()); - assetDetails.add(doc); - } - } - } - - if (targetType.equals(Constants.ONPREMSERVER)) { - assetDetails.parallelStream().forEach(asset -> { - if (!asset.containsKey("u_kernel_release")) { - asset.put("u_kernel_release", ""); - } - if (!asset.containsKey("u_projection_week")) { - asset.put("u_projection_week", ""); - } - }); - } - } catch (Exception e) { - LOGGER.error("Error in getAssetLists", e); - } - - LOGGER.info("Exiting getAssetLists"); - return assetDetails; - } - - private List> getListAssetsPathachableForEC2(String assetGroup, Map filter, - List source) { - - List> assetDetails = new ArrayList<>(); - - Map mustFilter = new HashMap<>(); - Map mustFilterAsset = new HashMap<>(); - Map mustNotFilterAsset = new HashMap<>(); - - List> unpatchedInstances; - List> totalInstances; - - String targetAssetGroup; - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); - - Map parentBool = new HashMap<>(); - List> mustList = new ArrayList<>(); - Map matchMap = new HashMap<>(); - Map match = new HashMap<>(); - - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.RULEID), Constants.EC2_KERNEL_COMPLIANCE_RULE); - - // Changes to include only latest resources - - match.put(Constants.LATEST, Constants.TRUE); - - matchMap.put(Constants.MATCH, match); - mustList.add(matchMap); - - match = new HashMap<>(); - match.put(Constants.STATE_NAME, Constants.RUNNING); - matchMap = new HashMap<>(); - matchMap.put(Constants.MATCH, match); - mustList.add(matchMap); - - parentBool.put("must", mustList); - - match = new HashMap<>(); - match.put("platform", "windows"); - matchMap = new HashMap<>(); - matchMap.put(Constants.MATCH, match); - - parentBool.put("must_not", matchMap); - - Map queryMap = new HashMap<>(); - queryMap.put("bool", parentBool); - - Map parentEntryMap = new LinkedHashMap<>(); - parentEntryMap.put(Constants.TYPE, Constants.EC2); - parentEntryMap.put(AssetConstants.QUERY, queryMap); - mustFilter.put("has_parent", parentEntryMap); - - filter.entrySet() - .stream() - .forEach( - entry -> { - if (!(entry.getKey().equals(AssetConstants.FILTER_PATCHED) - || entry.getKey().equals(AssetConstants.FILTER_RES_TYPE) - || entry.getKey().equals(AssetConstants.FILTER_EXEC_SPONSOR) || entry - .getKey().equals(AssetConstants.FILTER_DIRECTOR))) { - if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { - mustFilter.put(Constants.TAGS_APPS, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { - mustFilter.put(Constants.TAGS_ENV, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); - } - } - }); - - mustFilterAsset.put(Constants.LATEST, true); - mustFilterAsset.put(CommonUtils.convertAttributetoKeyword(Constants.STATE_NAME), Constants.RUNNING); - mustNotFilterAsset.put(CommonUtils.convertAttributetoKeyword(Constants.PLATFORM), Constants.WINDOWS); - targetAssetGroup = assetGroup + "/" + Constants.EC2; - - try { - if (filter.containsKey(AssetConstants.FILTER_PATCHED)) { - - unpatchedInstances = esRepository.getDataFromES(assetGroup, null, mustFilter, null, null, null, null); - List unPatchedResourceIds = unpatchedInstances.parallelStream() - .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); - totalInstances = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, - mustNotFilterAsset, null, null, null); - if (filter.get(AssetConstants.FILTER_PATCHED).equals(AssetConstants.FALSE)) { - assetDetails = totalInstances.parallelStream() - .filter(asset -> unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } else if (filter.get(AssetConstants.FILTER_PATCHED).equals(Constants.TRUE)) { - assetDetails = totalInstances.parallelStream() - .filter(asset -> !unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } - } else { - assetDetails = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, mustNotFilterAsset, - null, source, null); - } - } catch (Exception e) { - LOGGER.error("Error in getListAssetsPatchable", e); - } - return assetDetails; - } - - private List> getListAssetsPathachableForOnPrem(String assetGroup, Map filter, - List source) { - - List> assetDetails = new ArrayList<>(); - Map mustFilter = new HashMap<>(); - Map mustFilterAsset = new HashMap<>(); - - List> unpatchedInstances; - List> totalInstances; - - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); - mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); - - mustFilter - .put(CommonUtils.convertAttributetoKeyword(Constants.RULEID), Constants.ONPREM_KERNEL_COMPLIANCE_RULE); - - // Has Parent Query Start - Map match = new HashMap<>(); - match.put(Constants.LATEST, Constants.TRUE); - - Map matchMap = new HashMap<>(); - matchMap.put(Constants.MATCH, match); - - Map parentEntryMap = new LinkedHashMap<>(); - parentEntryMap.put(Constants.TYPE, Constants.ONPREMSERVER); - parentEntryMap.put(AssetConstants.QUERY, matchMap); - mustFilter.put("has_parent", parentEntryMap); - - // Has Parent Query End - - filter.entrySet() - .stream() - .forEach( - entry -> { - if (!(entry.getKey().equals(AssetConstants.FILTER_PATCHED) - || entry.getKey().equals(AssetConstants.FILTER_RES_TYPE) - || entry.getKey().equals(AssetConstants.FILTER_EXEC_SPONSOR) || entry - .getKey().equals(AssetConstants.FILTER_DIRECTOR))) { - if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { - mustFilter.put(Constants.TAGS_APPS, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); - } - if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { - mustFilter.put(Constants.TAGS_ENV, entry.getValue()); - mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); - } - } - }); - - mustFilterAsset.put(Constants.LATEST, true); - mustFilterAsset.put(Constants.INSCOPE, true); - String targetAssetGroup = assetGroup + "/" + Constants.ONPREMSERVER; - - try { - Map mustNotFilterAsset = new HashMap<>(); - if (filter.containsKey(AssetConstants.FILTER_PATCHED)) { - unpatchedInstances = esRepository.getDataFromES(assetGroup, null, mustFilter, null, null, null, null); - List unPatchedResourceIds = unpatchedInstances.parallelStream() - .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); - totalInstances = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, - mustNotFilterAsset, null, null, null); - if (AssetConstants.FALSE.equals(filter.get(AssetConstants.FILTER_PATCHED))) { - assetDetails = totalInstances.parallelStream() - .filter(asset -> unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } else if (Constants.TRUE.equals(filter.get(AssetConstants.FILTER_PATCHED))) { - assetDetails = totalInstances.parallelStream() - .filter(asset -> !unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) - .collect(Collectors.toList()); - } - } else { - assetDetails = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, mustNotFilterAsset, - null, source, null); - } - } catch (Exception e) { - LOGGER.error("Error in getListAssetsPatchableForOnPrem", e); - } - - return assetDetails; - } - - private List getDisplayFieldsForTargetType(String targetType) { - - String query = "select displayfields from cf_pac_updatable_fields where resourceType = '" + targetType.trim() - + "'"; - return Arrays.asList(rdsRepository.queryForString(query).split("\\s*,\\s*")); - } - - public long getTotalCountForListingAsset(String index, String type) { - StringBuilder requestBody = new StringBuilder( - "{\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}]}}}"); - return getTotalDocCount(index, type, requestBody.toString()); - } - - @Override - public String getResourceCreatedDate(final String resourceId, final String resourceType) { - try { - String eventName = events.get(resourceType.toLowerCase()); - String searchResourceQuery = "{\"query\":{\"bool\":{\"must\":[{\"term\":{\"detail.eventName.keyword\":{\"value\":\"" - + eventName + "\"}}},{\"term\":{\"resourceid.keyword\":{\"value\":\"" + resourceId + "\"}}}]}}}"; - StringBuilder urlToQueryResource = new StringBuilder(heimdallEsesUrl).append("/") - .append("pacman-resource-claim").append("/").append(Constants.SEARCH); - String resourceDetails; - Gson gson = new Gson(); - resourceDetails = PacHttpUtils.doHttpPost(urlToQueryResource.toString(), searchResourceQuery); - Type resourceTypeToken = new TypeToken() { - }.getType(); - ResourceResponse resourceResponse = gson.fromJson(resourceDetails, resourceTypeToken); - int total = resourceResponse.getHits().getTotal(); - if (total > 0) { - Source source = resourceResponse.getHits().getHits().get(0).getSource(); - String time = null; - String creationDate = null; - String eventTime = null; - try { - time = source.getTime(); - } catch (Exception exception) { - LOGGER.error(exception); - } - try { - creationDate = source.getDetail().getUserIdentity().getSessionContext().getAttributes() - .getCreationDate(); - } catch (Exception exception) { - LOGGER.error(exception); - } - try { - eventTime = source.getDetail().getEventTime(); - } catch (Exception exception) { - LOGGER.error(exception); - } - - if (creationDate != null) { - return creationDate; - } else if (eventTime != null) { - return eventTime; - } else if (time != null) { - return time; - } else { - return StringUtils.EMPTY; - } - } - } catch (Exception exception) { - LOGGER.error(exception); - } - return null; - } - - @Override - public List> getDomainsByAssetGroup(String aseetGroupName) { - String query = "select distinct c.domain from cf_AssetGroupTargetDetails a , cf_AssetGroupDetails b, cf_Target c where a.groupId = b.groupId and a.targetType = c.targetName and b.groupName ='" - + aseetGroupName.trim() + "'"; - return rdsRepository.getDataFromPacman(query); - } - - @Override - public List> getAssetGroupAndDomains() { - String query = "select distinct b.groupName as name, c.domain from cf_AssetGroupTargetDetails a , cf_AssetGroupDetails b, cf_Target c where a.groupId = b.groupId and a.targetType = c.targetName"; - return rdsRepository.getDataFromPacman(query); - } - - public Map getEvents() { - return events; - } - - public void setEvents(Map events) { - this.events = events; - } - - @Override - public String getDataTypeInfoByTargetType(String targettype) { - String query = "select updatableFields from cf_pac_updatable_fields where resourceType = '" + targettype.trim() - + "'"; - return rdsRepository.queryForString(query); - } - - @Override - public List> getAdGroupDetails() throws DataException { - try { - return esRepository.getDataFromES("adinfo", null, null, null, null, Arrays.asList("managedBy", "name"), null); - } catch (Exception e) { - LOGGER.error("Exception in getAdGroupDetails ",e); - throw new DataException(); - } - } - - private List> formGetListResponse(List fieldNames, List> assetDetails, List fieldsToBeSkipped) { - - List> assetList = new ArrayList<>(); - if (!CollectionUtils.isEmpty(fieldNames)) { - final List fieldNamesCopy = fieldNames; - assetDetails.parallelStream().forEach(assetDetail -> { - Map asset = new LinkedHashMap<>(); - for (String fieldName : fieldNamesCopy) { - if (!assetDetail.containsKey(fieldName)) { - asset.put(fieldName, ""); - } else { - asset.put(fieldName, assetDetail.get(fieldName)); - } - } - synchronized (assetList) { - assetList.add(asset); - } - }); - return assetList; - } else { - assetDetails.parallelStream().forEach( - assetDetail -> { - Map asset = new LinkedHashMap<>(); - asset.put(Constants.RESOURCEID, assetDetail.get(Constants.RESOURCEID)); - assetDetail.forEach((key, value) -> { - if (!fieldsToBeSkipped.contains(key)) { - asset.put(key, value); - } - }); - synchronized (assetList) { - assetList.add(asset); - } - }); - return assetList; - } - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.pacman.api.asset.repository; + +import java.io.IOException; +import java.lang.reflect.Type; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Set; +import java.util.concurrent.CopyOnWriteArrayList; +import java.util.stream.Collectors; + +import javax.annotation.PostConstruct; + +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.HttpEntity; +import org.apache.http.HttpHost; +import org.apache.http.entity.ContentType; +import org.apache.http.nio.entity.NStringEntity; +import org.apache.http.util.EntityUtils; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.RestClient; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Repository; +import org.springframework.util.CollectionUtils; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.common.base.Strings; +import com.google.common.collect.HashMultimap; +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import com.google.gson.reflect.TypeToken; +import com.tmobile.pacman.api.asset.AssetConstants; +import com.tmobile.pacman.api.asset.domain.ResourceResponse; +import com.tmobile.pacman.api.asset.domain.ResourceResponse.Source; +import com.tmobile.pacman.api.asset.model.DefaultUserAssetGroup; +import com.tmobile.pacman.api.commons.Constants; +import com.tmobile.pacman.api.commons.exception.DataException; +import com.tmobile.pacman.api.commons.exception.NoDataFoundException; +import com.tmobile.pacman.api.commons.repo.ElasticSearchRepository; +import com.tmobile.pacman.api.commons.repo.PacmanRdsRepository; +import com.tmobile.pacman.api.commons.utils.CommonUtils; +import com.tmobile.pacman.api.commons.utils.PacHttpUtils; + +/** + * Implemented class for AssetRepository and all its method + */ +@Repository +@ConfigurationProperties(prefix = "resource") +public class AssetRepositoryImpl implements AssetRepository { + + private Map events; + + @Value("${tagging.mandatoryTags}") + private String mandatoryTags; + + @Value("${elastic-search.host}") + private String esHost; + @Value("${elastic-search.port}") + private int esPort; + @Value("${elastic-search.update-host}") + private String updateESHost; + @Value("${elastic-search.update-port}") + private int updateESPort; + @Value("${elastic-search.host-heimdall}") + private String heimdallEsHost; + @Value("${elastic-search.port-heimdall}") + private int heimdallEsPort; + + private static final String PROTOCOL = "http"; + private String esUrl; + private String heimdallEsesUrl; + + @Value("${vulnerability.types}") + private String vulnTypes; + + @Value("${features.vulnerability.enabled:false}") + private boolean qualysEnabled; + + private static final Log LOGGER = LogFactory.getLog(AssetRepositoryImpl.class); + private RestClient restClient; + + @Autowired + ElasticSearchRepository esRepository; + @Autowired + PacmanRdsRepository rdsRepository; + @Autowired + PacmanRedshiftRepository redshiftRepository; + + @PostConstruct + void init() { + esUrl = PROTOCOL + "://" + esHost + ":" + esPort; + heimdallEsesUrl = PROTOCOL + "://" + heimdallEsHost + ":" + heimdallEsPort; + } + + @Override + public Map getAssetCountByAssetGroup(String aseetGroupName, String type) { + + Map filter = new HashMap<>(); + filter.put(Constants.LATEST, Constants.TRUE); + filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); + HashMultimap shouldFilter = HashMultimap.create(); + if (Constants.EC2.equals(type) || AssetConstants.ALL.equals(type)) { + shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); + } + Map countMap = new HashMap<>(); + try { + if (AssetConstants.ALL.equals(type)) { + try { + countMap = esRepository.getTotalDistributionForIndexAndType(aseetGroupName, null, filter, null, + null, AssetConstants.UNDERSCORE_TYPE, Constants.THOUSAND, null); + } catch (Exception e) { + LOGGER.error("Exception in getAssetCountByAssetGroup :" , e); + } + if (!countMap.isEmpty()) { + countMap.put(Constants.EC2, esRepository.getTotalDocumentCountForIndexAndType(aseetGroupName, + Constants.EC2, filter, null, shouldFilter, null, null)); + } + } else { + long count = esRepository.getTotalDocumentCountForIndexAndType(aseetGroupName, type, filter, null, + shouldFilter, null, null); + countMap.put(type, count); + } + } catch (Exception e) { + LOGGER.error("Exception in getAssetCountByAssetGroup :" , e); + } + + return countMap; + } + + @Override + public List> getTargetTypesByAssetGroup(String aseetGroupName, String domain) { + + String query = "select distinct targetType as type ,c.category as category,c.domain as domain from cf_AssetGroupTargetDetails a , cf_AssetGroupDetails b ,cf_Target c where a.groupId = b.groupId and a.targetType = c.targetName and b.groupName ='" + + aseetGroupName.trim() + "'"; + if (!StringUtils.isEmpty(domain)) { + query = query + " and lower(c.domain) = '" + domain.toLowerCase().trim() + "'"; + } + return rdsRepository.getDataFromPacman(query); + } + + @Override + public List> getAllTargetTypes() { + + String query = "select distinct targetName as type, category from cf_Target"; + return rdsRepository.getDataFromPacman(query); + + } + + @Override + public List getApplicationByAssetGroup(String aseetGroupName) throws DataException { + + Map filter = new HashMap<>(); + filter.put(Constants.LATEST, Constants.TRUE); + filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); + Map applicationMap ; + try { + applicationMap = esRepository.getTotalDistributionForIndexAndType(aseetGroupName, null, filter, null, null, + Constants.TAGS_APPS, Constants.THOUSAND, null); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_GETAPPSBYAG, e); + throw new DataException(e); + } + return new ArrayList<>(applicationMap.keySet()); + } + + @Override + public List getApplicationByAssetGroup(String aseetGroupName, String domain) throws DataException { + + List targetTypes = getTargetTypesByAssetGroup(aseetGroupName, domain).stream() + .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); + Map filter = new HashMap<>(); + filter.put(Constants.LATEST, Constants.TRUE); + filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); + Map mustTermsFilter = new HashMap<>(); + mustTermsFilter.put(AssetConstants.UNDERSCORE_TYPE, targetTypes); + Map applicationMap = new HashMap<>() ; + + try { + applicationMap = esRepository.getTotalDistributionForIndexAndType(aseetGroupName, null, + filter, null, null, Constants.TAGS_APPS, Constants.THOUSAND, mustTermsFilter); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_GETAPPSBYAG, e); + throw new DataException(e); + } + return new ArrayList<>(applicationMap.keySet()); + } + + @Override + public List getEnvironmentsByAssetGroup(String assetGroup, String application, String domain) { + + Map filter = new HashMap<>(); + filter.put(Constants.LATEST, Constants.TRUE); + filter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); + if (application != null) { + filter.put(Constants.TAGS_APPS, application); + } + Map mustTermsFilter; + if (!StringUtils.isEmpty(domain)) { + List targetTypes = getTargetTypesByAssetGroup(assetGroup, domain).stream() + .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); + mustTermsFilter = new HashMap<>(); + mustTermsFilter.put(AssetConstants.UNDERSCORE_TYPE, targetTypes); + } else { + mustTermsFilter = null; + } + + Map envnMap = new HashMap<>(); + try { + envnMap = esRepository.getTotalDistributionForIndexAndType(assetGroup, null, filter, null, null, + Constants.TAGS_ENV, Constants.THOUSAND, mustTermsFilter); + } catch (Exception e) { + LOGGER.error("Exception in getEnvironmentsByAssetGroup :" , e); + } + return new ArrayList<>(envnMap.keySet()); + } + + @Override + public List> getAllAssetGroups() { + + String query = "select distinct groupName as name, displayName as displayname ,description, groupType as type ,createdBy as createdby from cf_AssetGroupDetails where isVisible = true order by groupName asc "; + return rdsRepository.getDataFromPacman(query); + } + + @Override + public Map getAssetGroupInfo(String assetGroup) { + + String query = "select distinct groupName as name, displayName as displayname ,description, groupType as type ,createdBy as createdby from cf_AssetGroupDetails where groupName = '" + + assetGroup + "'"; + List> results = rdsRepository.getDataFromPacman(query); + if (!results.isEmpty()) { + return results.get(0); + } else { + return new HashMap<>(); + } + } + + @Override + public Map getAssetCountByApplication(String assetGroup, String type) throws DataException { + Map filter = new HashMap<>(); + filter.put(Constants.LATEST, Constants.TRUE); + HashMultimap shouldFilter = HashMultimap.create(); + if (Constants.EC2.equals(type)) { + shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); + } + try { + return esRepository.getTotalDistributionForIndexAndType(assetGroup, type, filter, null, shouldFilter, + Constants.TAGS_APPS, Constants.THOUSAND, null); + } catch (Exception e) { + LOGGER.error("Exception in getAssetCountByApplication ", e); + throw new DataException(e); + } + } + + @Override + public List> getAssetMinMax(String assetGroup, String type, Date from, Date to) { + + List> minMaxList = new ArrayList<>(); + try { + + StringBuilder request = new StringBuilder( + "{\"size\": 10000, \"_source\": [\"min\",\"max\",\"date\"], \"query\": { \"bool\": { \"must\": [ { \"match\": {\"ag.keyword\": "); + request.append("\"" + assetGroup + "\"}} ,{ \"match\": {\"type.keyword\": " + "\"" + type + "\"}}"); + String gte = null; + String lte = null; + + if (from != null) { + gte = "\"gte\": \"" + new SimpleDateFormat("yyyy-MM-dd").format(from) + "\""; + } + if (to != null) { + lte = "\"lte\": \"" + new SimpleDateFormat("yyyy-MM-dd").format(to) + "\""; + } + + if (gte == null && lte == null) { + request.append("]}}}"); + } else if (gte != null && lte != null) { + request.append(AssetConstants.ESQUERY_RANGE + gte + "," + lte + AssetConstants.ESQUERY_RANGE_CLOSE); + } else if (gte != null) { + request.append(AssetConstants.ESQUERY_RANGE + gte + AssetConstants.ESQUERY_RANGE_CLOSE); + } else { + request.append(AssetConstants.ESQUERY_RANGE + lte + AssetConstants.ESQUERY_RANGE_CLOSE); + } + minMaxList = getAssetStats(request.toString()); + + } catch (Exception e) { + LOGGER.error("Exception in getAssetMinMax " , e); + } + return minMaxList; + } + + List> getAssetStats(String rqstBody) { + + List> docs = new ArrayList<>(); + String responseJson = ""; + try { + responseJson = PacHttpUtils.doHttpPost("http://" + esHost + ":" + esPort + + "/assetgroup_stats/count_type/_search", rqstBody); + } catch (Exception e) { + LOGGER.error("Exception in getAssetStats " , e); + } + JsonParser jsonParser = new JsonParser(); + JsonObject resultJson = (JsonObject) jsonParser.parse(responseJson); + JsonObject hitsJson = (JsonObject) jsonParser.parse(resultJson.get("hits").toString()); + JsonArray jsonArray = hitsJson.getAsJsonObject().get("hits").getAsJsonArray(); + if (jsonArray.size() > 0) { + for (int i = 0; i < jsonArray.size(); i++) { + JsonObject obj = (JsonObject) jsonArray.get(i); + JsonObject sourceJson = (JsonObject) obj.get(AssetConstants.UNDERSCORE_SOURCE); + if (sourceJson != null) { + Map doc = new Gson().fromJson(sourceJson, new TypeToken>() { + }.getType()); + docs.add(doc); + } + } + } + return docs; + + } + + @Override + public Integer saveOrUpdateAssetGroup(final DefaultUserAssetGroup defaultAssetGroup) { + + String userId = defaultAssetGroup.getUserId().toLowerCase(); + String defaultAssetGroupDetails = defaultAssetGroup.getDefaultAssetGroup(); + String userCountQuery = "SELECT COUNT(userId) FROM pac_v2_userpreferences WHERE userId=\"" + userId + "\""; + String assetGroupUpdateQuery = "UPDATE pac_v2_userpreferences SET defaultAssetGroup=? WHERE userId=?"; + String assetGroupInserteQuery = "INSERT INTO pac_v2_userpreferences (userId, defaultAssetGroup) VALUES (?, ?)"; + int userCount = rdsRepository.count(userCountQuery); + if (userCount > 0) { + return rdsRepository.update(assetGroupUpdateQuery, defaultAssetGroupDetails, userId); + } else { + return rdsRepository.update(assetGroupInserteQuery, userId, defaultAssetGroupDetails); + } + } + + @Override + public String getUserDefaultAssetGroup(String userId) { + String query = "SELECT defaultAssetGroup from pac_v2_userpreferences WHERE userId=\"" + userId.toLowerCase() + + "\""; + try { + return rdsRepository.queryForString(query); + } catch (Exception exception) { + LOGGER.error("Error in getUserDefaultAssetGroup " , exception); + return StringUtils.EMPTY; + } + } + + @Override + public String retrieveAssetConfig(String resourceId, String configType) { + String query = "SELECT config FROM Pacman_Asset_Config WHERE resourceId=\"" + resourceId.toLowerCase() + + "\" AND configType=\"" + configType.toLowerCase() + "\""; + try { + return rdsRepository.queryForString(query); + } catch (Exception exception) { + LOGGER.error("Exception in retrieveAssetConfig : " , exception); + return StringUtils.EMPTY; + } + } + + @Override + public Integer saveAssetConfig(String resourceId, String configType, String config) { + String assetGroupInserteQuery = "INSERT INTO Pacman_Asset_Config (resourceId, configType, config, createdDate) VALUES (?, ?, ?, ?)"; + try { + return rdsRepository.update(assetGroupInserteQuery, resourceId, configType, config, new Date()); + } catch (Exception exception) { + LOGGER.error("Exception in saveAssetConfig :" , exception); + return -1; + } + } + + @Override + public List> getAssetCountByEnvironment(String assetGroup, String application, String type) { + StringBuilder request = new StringBuilder( + "{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}"); // Common + // part + // where + // we + // will + // check + // for + // latest=true + if (application != null) { + request.append(",{\"match\":{\"tags.Application.keyword\":\"" + application + "\"}}"); // Add + // Application + // filter + } + if (Constants.EC2.equals(type)) { + request.append(",{\"terms\":{\"statename\":[\"running\",\"stopped\",\"stopping\"]}}"); // EC2 + // special + // handling + // to + // check + // for + // only + // relevant + // assets + // Ending must/bool/query + request.append("]}}"); + request.append(",\"aggs\":{\"apps\":{\"terms\":{\"field\":\"tags.Application.keyword\",\"size\":1000},\"aggs\":{\"envs\":{\"terms\":{\"field\":\"tags.Environment.keyword\",\"size\":1000}}}}}}"); // Aggs + } // part + + String responseJson = ""; + try { + responseJson = PacHttpUtils.doHttpPost("http://" + esHost + ":" + esPort + "/" + assetGroup + "/" + type + + "/_search", request.toString()); + } catch (Exception e) { + LOGGER.error("Error in getAssetCountByEnvironment " , e); + } + + JsonParser jsonParser = new JsonParser(); + JsonObject resultJson = jsonParser.parse(responseJson).getAsJsonObject(); + JsonArray apps = resultJson.get("aggregations").getAsJsonObject().get("apps").getAsJsonObject().get(Constants.BUCKETS) + .getAsJsonArray(); + List> appList = new ArrayList<>(); + for (JsonElement app : apps) { + + JsonObject appObj = app.getAsJsonObject(); + String appName = appObj.get("key").getAsString(); + JsonArray envs = appObj.get("envs").getAsJsonObject().get(Constants.BUCKETS).getAsJsonArray(); + Map appMap = new HashMap<>(); + appMap.put("application", appName); + List> envList = new ArrayList<>(); + appMap.put("environments", envList); + for (JsonElement env : envs) { + + JsonObject envObj = env.getAsJsonObject(); + String envName = envObj.get("key").getAsString(); + long count = envObj.get("doc_count").getAsLong(); + Map envMap = new HashMap<>(); + envMap.put("environment", envName); + envMap.put("count", count); + envList.add(envMap); + } + appList.add(appMap); + } + return appList; + } + + @Override + public List> saveAndAppendAssetGroup(String userId, String assetGroup) throws DataException { + + String lowerCaseUserId = userId.toLowerCase(); + String recentView = null; + boolean isDuplicate = false; + boolean isGreaterThanTen = false; + boolean isValidAssetGroup = false; + String assetGroupUpdateWithListQuery = null; + List recentViewList = new ArrayList<>(); + List> assets = getAllAssetGroups(); + List> recentlyViewed = new ArrayList<>(); + Map recentViewMap = new HashMap<>(); + for (Map ag : assets) { + if (assetGroup.equals(ag.get("name"))) { + isValidAssetGroup = true; + String userCountQuery = "SELECT COUNT(userId) FROM pac_v2_userpreferences WHERE userId=\"" + + lowerCaseUserId + "\""; + String recentlyViewedAgQuery = "SELECT recentlyViewedAG FROM pac_v2_userpreferences WHERE userId=\"" + + lowerCaseUserId + "\""; + String assetGroupUpdateQuery = "UPDATE pac_v2_userpreferences SET recentlyViewedAG='" + assetGroup + + "' WHERE userId='" + lowerCaseUserId + "'"; + String assetGroupUpdateAndAppendQuery = "UPDATE pac_v2_userpreferences SET recentlyViewedAG = concat(recentlyViewedAG,'" + + "," + assetGroup + "') WHERE userId='" + lowerCaseUserId + "'"; + String assetGroupInsertQuery = "INSERT INTO pac_v2_userpreferences (userId, recentlyViewedAG) VALUES (?, ?)"; + int userCount = rdsRepository.count(userCountQuery); + List> recentlyViewedAgMap = rdsRepository.getDataFromPacman(recentlyViewedAgQuery); + for (Map recentlyViewedAg : recentlyViewedAgMap) { + if (recentlyViewedAg.get(AssetConstants.RECENTLY_VIEWED_AG) != null) { + recentView = recentlyViewedAg.get(AssetConstants.RECENTLY_VIEWED_AG).toString(); + recentViewList = new CopyOnWriteArrayList(Arrays.asList(recentView.split(","))); + } + } + + if (userCount > 0) { + if (!StringUtils.isEmpty(recentView)) { + if (recentViewList.size() <= AssetConstants.NINE) { + if (recentViewList.contains(assetGroup)) { + recentViewList.remove(assetGroup); + isDuplicate = true; + } + } else { + if (recentViewList.contains(assetGroup)) { + recentViewList.remove(assetGroup); + isDuplicate = true; + } else { + recentViewList.remove(0); + isGreaterThanTen = true; + } + } + if (isDuplicate || isGreaterThanTen) { + recentViewList.add(assetGroup); + String assetGroups = String.join(",", recentViewList); + assetGroupUpdateWithListQuery = "UPDATE pac_v2_userpreferences SET recentlyViewedAG='" + + assetGroups + "' WHERE userId='" + lowerCaseUserId + "'"; + rdsRepository.update(assetGroupUpdateWithListQuery); + recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); + recentlyViewed.add(recentViewMap); + return recentlyViewed; + + } else { + rdsRepository.update(assetGroupUpdateAndAppendQuery); + recentViewList.add(assetGroup); + recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); + recentlyViewed.add(recentViewMap); + return recentlyViewed; + } + } else { + rdsRepository.update(assetGroupUpdateQuery); + recentViewList.add(assetGroup); + recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); + recentlyViewed.add(recentViewMap); + return recentlyViewed; + } + } else { + rdsRepository.update(assetGroupInsertQuery, lowerCaseUserId, assetGroup); + recentViewList.add(assetGroup); + recentViewMap.put(AssetConstants.RECENTLY_VIEWED_AG, recentViewList); + recentlyViewed.add(recentViewMap); + return recentlyViewed; + } + } + } + if (!isValidAssetGroup) { + throw new DataException("Not A Valid Asset Group"); + } + return recentlyViewed; + } + + @SuppressWarnings("rawtypes") + @Override + public List> getListAssets(String assetGroup, Map filter, int from, int size, + String searchText) { + LOGGER.info("Inside getListAssets"); + List> assetDetails = new ArrayList<>(); + List fieldNames = new ArrayList<>(); + String targetType = ""; + String domain = filter.get(Constants.DOMAIN); + Map mustFilter = new HashMap<>(); + + Iterator it = filter.entrySet().iterator(); + while (it.hasNext()) { + Map.Entry entry = (Map.Entry) it.next(); + if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { + mustFilter.put(Constants.TAGS_APPS, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { + mustFilter.put(Constants.TAGS_ENV, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_RES_TYPE)) { + targetType = entry.getValue().toString(); + } + } + + try { + if (StringUtils.isEmpty(targetType)) { + List validTypes = getTargetTypesByAssetGroup(assetGroup, domain).stream() + .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); + if (validTypes.size() > 1) { + try { + fieldNames = getDisplayFieldsForTargetType("all_list"); + } catch (Exception e) { + LOGGER.error("Error while fetching field names for all targetType in getListAssets" , e); + } + } else { + try { + fieldNames = getDisplayFieldsForTargetType(validTypes.get(0)); + } catch (Exception e) { + LOGGER.error("Error while fetching field names for " + validTypes.get(0) + " in getListAssets" + , e); + } + } + assetDetails = getAssetsByAssetGroupBySize(assetGroup, AssetConstants.ALL, mustFilter, validTypes, + fieldNames, from, size, searchText); + } else { + try { + fieldNames = getDisplayFieldsForTargetType(targetType); + } catch (Exception e) { + LOGGER.error("Error while fetching field names for " + targetType + " in getListAssets" , e); + } + assetDetails = getAssetsByAssetGroupBySize(assetGroup, targetType, mustFilter, null, fieldNames, from, + size, searchText); + } + + } catch (Exception e) { + LOGGER.error("Error in getListAssets", e); + } + + List fieldsToBeSkipped = Arrays.asList(Constants.RESOURCEID, Constants.DOCID, AssetConstants.UNDERSCORE_ENTITY, + Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, + AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, Constants.LATEST, AssetConstants.CREATION_DATE); + LOGGER.info("Exiting getListAssets"); + return formGetListResponse(fieldNames,assetDetails,fieldsToBeSkipped); + } + + @Override + public long getAssetCount(String assetGroup, Map filter, String searchText) { + + Map mustFilter = new HashMap<>(); + mustFilter.put(AssetConstants.UNDERSCORE_ENTITY, true); + mustFilter.put(Constants.LATEST, true); + String domain = filter.get(Constants.DOMAIN); + String targetType = ""; + if (filter != null) { + Iterator> it = filter.entrySet().iterator(); + while (it.hasNext()) { + Entry entry = it.next(); + if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { + mustFilter.put(Constants.TAGS_APPS, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { + mustFilter.put(Constants.TAGS_ENV, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_RES_TYPE)) { + targetType = entry.getValue(); + } + } + } + + try { + Map mustTermFilter = null; + if (StringUtils.isEmpty(targetType)) { + mustTermFilter = new HashMap<>(); + List validTypes = getTargetTypesByAssetGroup(assetGroup, domain).stream() + .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); + mustTermFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, validTypes); + } else { + mustFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, targetType); + } + return esRepository.getTotalDocumentCountForIndexAndType(assetGroup, null, mustFilter, null, null, + searchText, mustTermFilter); + } catch (Exception e) { + LOGGER.error("Error retrieving inventory from ES in getAssetCount ", e); + } + return 0; + } + + public List> getCpuUtilizationByAssetGroupAndInstanceId(String instanceId) throws DataException { + + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) + .append("/").append("ec2_utilization").append("/").append(Constants.SEARCH); + Map utilization = null; + List> utilizationList = new ArrayList<>(); + try { + StringBuilder requestBodyCpu = new StringBuilder( + "{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"range\":{\"#Datetime-CPU-Utilization\":{\"gte\":\"now-30d\",\"lte\":\"now\",\"format\":\"yyyy-MM-dd HH:mm:ss\"}}},{\"match\":{\"Instance_Id.keyword\":\"" + + instanceId + + "\"}}]}},\"aggs\":{\"avg-values-per-day\":{\"date_histogram\":{\"field\":\"#Datetime-CPU-Utilization\",\"interval\":\"day\",\"format\":\"yyyy-MM-dd HH:mm:ss\",\"order\":{\"_key\":\"desc\"}},\"aggs\":{\"Avg-CPU-Utilization\":{\"avg\":{\"field\":\"Avg-CPU-Utilization\"}}}}}}"); + String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); + + JsonParser parser = new JsonParser(); + JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); + JsonObject aggregations = responseDetailsjson.get("aggregations").getAsJsonObject(); + JsonObject avgvalues = aggregations.get("avg-values-per-day").getAsJsonObject(); + JsonArray buckets = avgvalues.get(Constants.BUCKETS).getAsJsonArray(); + + for (JsonElement jsonElement : buckets) { + + JsonObject bucketdetails = jsonElement.getAsJsonObject(); + JsonObject cpuUtilizationObj = bucketdetails.get("Avg-CPU-Utilization").getAsJsonObject(); + if (!cpuUtilizationObj.get(Constants.VALUE).isJsonNull()) { + utilization = new HashMap<>(); + utilization.put("date", bucketdetails.get("key_as_string").getAsString()); + utilization.put("cpu-utilization", cpuUtilizationObj.get(Constants.VALUE).getAsDouble()); + utilizationList.add(utilization); + } + } + return utilizationList; + + } catch (Exception e) { + LOGGER.error("Error retrieving inventory from ES in getCpuUtilizationByAssetGroupAndInstanceId", e); + throw new DataException(e); + } + } + + public List> getDiskUtilizationByAssetGroupAndInstanceId(String instanceId) throws DataException { + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) + .append("/").append(Constants.QUALYS_INFO).append("/").append(Constants.SEARCH); + Map utilization = null; + List> utilizationList = new ArrayList<>(); + try { + StringBuilder requestBodyCpu = new StringBuilder( + "{\"_source\":[\"volume\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"match\":{\"instanceid.keyword\":\"" + + instanceId + AssetConstants.ESQUERY_CLOSE); + String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); + + JsonParser parser = new JsonParser(); + JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); + JsonObject firstHits = responseDetailsjson.get("hits").getAsJsonObject(); + JsonArray secHitsArray = firstHits.get("hits").getAsJsonArray(); + for (JsonElement hits : secHitsArray) { + JsonObject hitsJson = hits.getAsJsonObject(); + JsonObject source = hitsJson.get(AssetConstants.UNDERSCORE_SOURCE).getAsJsonObject(); + if (!source.get("volume").isJsonNull()) { + JsonObject volume = source.get("volume").getAsJsonObject(); + + JsonObject list = volume.get("list").getAsJsonObject(); + JsonArray hostAssetVolume = list.get("hostAssetVolume").getAsJsonArray(); + + for (JsonElement jsonElement : hostAssetVolume) { + utilization = new HashMap<>(); + JsonObject voldetails = jsonElement.getAsJsonObject(); + utilization.put("size", voldetails.get("size").getAsString()); + utilization.put("name", voldetails.get("name").getAsString()); + utilization.put("free", voldetails.get("free").getAsString()); + utilizationList.add(utilization); + } + } + } + return utilizationList; + } catch (Exception e) { + LOGGER.error("Error retrieving inventory from ES in getDiskUtilizationByAssetGroupAndInstanceId", e); + throw new DataException(e); + } + } + + public List> getSoftwareInstalledDetailsByAssetGroupAndInstanceId(String instanceId, + Integer from, Integer size, String searchText) throws DataException { + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) + .append("/").append(Constants.QUALYS_INFO).append("/").append(Constants.SEARCH).append("?") + .append("size").append("=").append(Constants.ES_PAGE_SIZE); + Map softwareDet = null; + List> softwareList = new ArrayList<>(); + StringBuilder requestBodyCpu = null; + try { + if (StringUtils.isEmpty(searchText)) { + requestBodyCpu = new StringBuilder( + "{\"_source\":[\"software\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"match\":{\"instanceid.keyword\":\"" + + instanceId + AssetConstants.ESQUERY_CLOSE); + } else { + requestBodyCpu = new StringBuilder( + "{\"_source\":[\"software\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"term\":{\"instanceid.keyword\":{\"value\":\"" + + instanceId + "\"}}},{\"match_phrase_prefix\":{\"_all\":\"" + searchText + AssetConstants.ESQUERY_CLOSE); + } + + String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); + JsonParser parser = new JsonParser(); + JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); + JsonObject firstHits = responseDetailsjson.get("hits").getAsJsonObject(); + JsonArray secHitsArray = firstHits.get("hits").getAsJsonArray(); + for (JsonElement hits : secHitsArray) { + JsonObject hitsJson = hits.getAsJsonObject(); + JsonObject source = hitsJson.get(AssetConstants.UNDERSCORE_SOURCE).getAsJsonObject(); + if (!source.get("software").isJsonNull()) { + JsonObject software = source.get("software").getAsJsonObject(); + JsonObject list = software.get("list").getAsJsonObject(); + JsonArray hostAssetSoftware = list.get("hostAssetSoftware").getAsJsonArray(); + + for (JsonElement jsonElement : hostAssetSoftware) { + softwareDet = new HashMap<>(); + JsonObject softwareDetails = jsonElement.getAsJsonObject(); + softwareDet.put("version", softwareDetails.get("version").getAsString()); + softwareDet.put("name", softwareDetails.get("name").getAsString()); + softwareList.add(softwareDet); + } + } + } + return softwareList; + } catch (Exception e) { + LOGGER.error("Error retrieving inventory from ES in getSoftwareInstalledDetailsByAssetGroupAndInstanceId", + e); + throw new DataException(e); + } + } + + @Override + public List> getEc2ResourceDetailFromRhn(String resourceId) throws DataException { + Map mustFilter = new HashMap<>(); + mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); + try { + return esRepository.getDataFromES(AssetConstants.AWS_EC2, "rhn-info", mustFilter, null, null, + Arrays.asList(Constants.INSTANCE_ID, "last_checkin", "ip", "last_boot"), null); + } catch (Exception e) { + LOGGER.error("Exception in getEc2ResourceDetailFromRhn ",e); + return null; + } + } + + @Override + public List> getEc2ResourceDetail(String ag, String resourceId) throws DataException { + Map mustFilter = new HashMap<>(); + mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); + try { + return esRepository.getDataFromES(ag, Constants.EC2, mustFilter, null, null, Arrays.asList( + Constants.INSTANCE_ID, "imageid", "publicipaddress", "privateipaddress", "vpcid", "availabilityzone", + "subnetid", "instancetype", "accountid", "tags", "accountname", "iaminstanceprofilearn", + Constants.STATE_NAME, "monitoringstate", "hostid", "statereasoncode", "virtualizationtype", + "rootdevicename", "keyname", "kernelid", Constants.STATE_NAME, "hypervisor", "architecture", "tenancy", + "launchtime", "platform"), null); + } catch (Exception e) { + LOGGER.error("Exception in getEc2ResourceDetail ",e); + throw new DataException(e); + } + } + + @Override + public List> getEc2ResourceSecurityGroupDetail(String resourceId) throws DataException { + Map mustFilter = new HashMap<>(); + mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); + try { + return esRepository.getDataFromES(AssetConstants.AWS_EC2, "ec2_secgroups", mustFilter, null, null, + Arrays.asList(Constants.RESOURCEID, "securitygroupid", "securitygroupname", "tmonpe"), null); + } catch (Exception e) { + LOGGER.error("Exception in getEc2ResourceSecurityGroupDetail ",e); + throw new DataException(e); + } + } + + @Override + public List> getEc2ResourceBlockDevicesDetail(String resourceId) throws DataException { + Map mustFilter = new HashMap<>(); + mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); + try { + return esRepository.getDataFromES(AssetConstants.AWS_EC2, "ec2_blockdevices", mustFilter, null, null, + Arrays.asList(Constants.RESOURCEID, "volumeid"), null); + } catch (Exception e) { + LOGGER.error("Exception in getEc2ResourceBlockDevicesDetail ",e); + throw new DataException(e); + } + } + + @Override + public List> getListAssetsPatchable(String assetGroup, Map filter) { + + LOGGER.info("Inside getListAssetsPatchable"); + List> assetList = new ArrayList<>(); + List> assetDetails = new ArrayList<>(); + List sourceFields = null; + String resourceType = null; + if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { + resourceType = filter.get(AssetConstants.FILTER_RES_TYPE); + if (Constants.ONPREMSERVER.equals(resourceType)) { + sourceFields = getDisplayFieldsForTargetType(resourceType); + assetDetails.addAll(getListAssetsPathachableForOnPrem(assetGroup, filter, sourceFields)); + } else if (Constants.EC2.equals(resourceType)) { + assetDetails.addAll(getListAssetsPathachableForEC2(assetGroup, filter, sourceFields)); + sourceFields = getDisplayFieldsForTargetType(resourceType); + } + } else { + boolean agContainsOnPrem = false; + boolean agContainsEc2 = false; + + for (Map targettype : getTargetTypesByAssetGroup(assetGroup, null)) { + if (StringUtils.isNotBlank(targettype.get(Constants.TYPE).toString())) { + if (Constants.ONPREMSERVER.equals(targettype.get(Constants.TYPE).toString())) { + agContainsOnPrem = true; + } + if (Constants.EC2.equals(targettype.get(Constants.TYPE).toString())) { + agContainsEc2 = true; + } + } + } + if (agContainsEc2 && agContainsOnPrem) { + // source common fields for onprem & cloud + sourceFields = getDisplayFieldsForTargetType("all_patchable"); + assetDetails.addAll(getListAssetsPathachableForEC2(assetGroup, filter, sourceFields)); + assetDetails.addAll(getListAssetsPathachableForOnPrem(assetGroup, filter, sourceFields)); + } else if (agContainsEc2) { + sourceFields = getDisplayFieldsForTargetType(Constants.EC2); + assetDetails.addAll(getListAssetsPathachableForEC2(assetGroup, filter, sourceFields)); + } else if (agContainsOnPrem) { + sourceFields = getDisplayFieldsForTargetType(Constants.ONPREMSERVER); + assetDetails.addAll(getListAssetsPathachableForOnPrem(assetGroup, filter, sourceFields)); + } + } + + try { + List executiveapps = new ArrayList<>(); + if (filter.containsKey(AssetConstants.FILTER_EXEC_SPONSOR)) { + executiveapps = fetchExecDirectorApps(filter.get(AssetConstants.FILTER_EXEC_SPONSOR), + "executiveSponsor"); + } + if (filter.containsKey(AssetConstants.FILTER_DIRECTOR)) { + executiveapps = fetchExecDirectorApps(filter.get(AssetConstants.FILTER_DIRECTOR), "director"); + } + for (Map assetDetail : assetDetails) { + Map asset = new LinkedHashMap<>(); + if (CollectionUtils.isEmpty(sourceFields)) { + asset.put(Constants.RESOURCE_DISPLAY_ID, assetDetail.get(Constants.RESOURCEID)); + asset.put(Constants.ACCOUNT_DISPALY_NAME, assetDetail.get(Constants.ACCOUNT_NAME)); + asset.put(Constants.REGION_DISPALY_NAME, assetDetail.get(Constants.REGION)); + if (!assetDetail.containsKey(Constants.TAGS_APPLICATION)) { + asset.put(Constants.APPLICATION, ""); + } else { + asset.put(Constants.APPLICATION, assetDetail.get(Constants.TAGS_APPLICATION)); + } + if (!assetDetail.containsKey(Constants.TAGS_ENVIRONMENT)) { + asset.put(Constants.ENVIRONMENT, ""); + } else { + asset.put(Constants.ENVIRONMENT, assetDetail.get(Constants.TAGS_ENVIRONMENT)); + } + asset.put(Constants.ACCOUNT_DISPLAYI_D, assetDetail.get(Constants.ACCOUNT_ID)); + + } else { + // Loop through the displayble fields if the value is null + // pull null value + for (String field : sourceFields) { + if (!assetDetail.containsKey(field)) { + asset.put(field, ""); + } else { + asset.put(field, assetDetail.get(field)); + } + } + } + // common fileds for filters + if (filter.containsKey(AssetConstants.FILTER_PATCHED)) { + if (AssetConstants.FALSE.equals(filter.get(AssetConstants.FILTER_PATCHED))) { + asset.put(AssetConstants.UNDERSCORE_ENTITY_TYPE, assetDetail.get(Constants.TARGET_TYPE)); + } else { + asset.put(AssetConstants.UNDERSCORE_ENTITY_TYPE, + assetDetail.get(AssetConstants.UNDERSCORE_ENTITY_TYPE)); + } + } else { + asset.put(AssetConstants.UNDERSCORE_ENTITY_TYPE, + assetDetail.get(AssetConstants.UNDERSCORE_ENTITY_TYPE)); + } + if (filter.containsKey(AssetConstants.FILTER_EXEC_SPONSOR) + || filter.containsKey(AssetConstants.FILTER_DIRECTOR)) { + if (executiveapps.contains(assetDetail.get(Constants.TAGS_APPLICATION))) { + assetList.add(asset); + } + } else { + assetList.add(asset); + } + } + } catch (Exception e) { + LOGGER.error("Error in getListAssetsPatchable", e); + } + + LOGGER.info("Exiting getListAssetsPatchable"); + return assetList; + } + + @Override + public List> getListAssetsTaggable(String assetGroup, Map filter) { + + LOGGER.info("Inside getListAssetsTaggable"); + List> assetList = new ArrayList<>(); + List> assetDetails = new ArrayList<>(); + List fieldNames = new ArrayList<>(); + + Map mustFilter = new HashMap<>(); + Map mustFilterAsset = new HashMap<>(); + HashMultimap shouldFilter = HashMultimap.create(); + + String[] tags = mandatoryTags.split(","); + for (String tag : tags) { + shouldFilter.put(CommonUtils.convertAttributetoKeyword(tag.trim()), AssetConstants.TAG_NOT_FOUND); + } + + List> untaggedAssets; + List> totalAssets; + StringBuilder sb; + String type; + String targetType = ""; + if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { + targetType = filter.get(AssetConstants.FILTER_RES_TYPE); + } + + List> ruleIdwithTargetType ; + String ruleIdWithTargetTypeQuery = null; + + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.POLICYID), Constants.TAGGIG_POLICY); + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); + + filter.entrySet() + .stream() + .forEach( + entry -> { + String filterKey = entry.getKey(); + if (!(filterKey.equals(AssetConstants.FILTER_TAGGED) + || filterKey.equals(AssetConstants.FILTER_RES_TYPE) || filterKey + .equals(AssetConstants.FILTER_TAGNAME))) { + if (filterKey.equals(AssetConstants.FILTER_APPLICATION)) { + mustFilter.put(Constants.TAGS_APPS, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); + } + if (filterKey.equals(AssetConstants.FILTER_ENVIRONMENT)) { + mustFilter.put(Constants.TAGS_ENV, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); + } + } + }); + if (!Strings.isNullOrEmpty(targetType)) { + sb = new StringBuilder(); + type = sb.append("'").append(targetType).append("'").toString(); + ruleIdWithTargetTypeQuery = "SELECT A.targetType FROM cf_RuleInstance A, cf_Policy B WHERE A.policyId = B.policyId AND A.status = 'ENABLED' AND B.policyId = 'PacMan_TaggingRule_version-1' AND A.targetType = " + + type; + ruleIdwithTargetType = rdsRepository.getDataFromPacman(ruleIdWithTargetTypeQuery); + try { + fieldNames = getDisplayFieldsForTargetType(targetType); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); + } + if (!ruleIdwithTargetType.isEmpty()) { + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TARGET_TYPE), targetType); + try { + if (filter.containsKey(AssetConstants.FILTER_TAGNAME)) { + mustFilter.put( + CommonUtils.convertAttributetoKeyword(filter.get(AssetConstants.FILTER_TAGNAME)), + "Not Found"); + shouldFilter = null; + } + + if (filter.containsKey(AssetConstants.FILTER_TAGGED)) { + untaggedAssets = esRepository.getDataFromES(assetGroup, null, mustFilter, null, shouldFilter, + null, null); + List untaggedResourceIds = untaggedAssets.parallelStream() + .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); + totalAssets = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, null, fieldNames); + if (filter.get(AssetConstants.FILTER_TAGGED).equals(AssetConstants.FALSE)) { + assetDetails = totalAssets.parallelStream() + .filter(asset -> untaggedResourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } else { + assetDetails = totalAssets.parallelStream() + .filter(asset -> !untaggedResourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } + } else { + assetDetails = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, null, fieldNames); + } + } catch (Exception e) { + LOGGER.error("Error in getListAssetsTaggable", e); + } + }else{ + assetDetails = getAssetsByAssetGroup(assetGroup, targetType, new HashMap(), null, fieldNames); + } + } else { + ruleIdWithTargetTypeQuery = "SELECT A.targetType FROM cf_RuleInstance A, cf_Policy B WHERE A.policyId = B.policyId AND A.status = 'ENABLED' AND B.policyId = 'PacMan_TaggingRule_version-1'"; + ruleIdwithTargetType = rdsRepository.getDataFromPacman(ruleIdWithTargetTypeQuery); + List validTypes = ruleIdwithTargetType.stream() + .map(obj -> obj.get(Constants.TARGET_TYPE).toString()).collect(Collectors.toList()); + if (validTypes.size() > 1) { + try { + fieldNames = getDisplayFieldsForTargetType("all_taggable"); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); + } + } else { + try { + fieldNames = getDisplayFieldsForTargetType(validTypes.get(0)); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); + } + } + try { + if (filter.containsKey(AssetConstants.FILTER_TAGNAME)) { + mustFilter.put(CommonUtils.convertAttributetoKeyword(filter.get(AssetConstants.FILTER_TAGNAME)), + "Not Found"); + shouldFilter = null; + } + if (filter.containsKey(AssetConstants.FILTER_TAGGED)) { + untaggedAssets = esRepository.getDataFromES(assetGroup, null, mustFilter, null, shouldFilter, + fieldNames, null); + List untaggedResourceIds = untaggedAssets + .parallelStream() + .map(obj -> obj.get(Constants.RESOURCEID).toString() + + obj.get(Constants.TARGET_TYPE).toString()).collect(Collectors.toList()); + totalAssets = getAssetsByAssetGroup(assetGroup, AssetConstants.ALL, mustFilterAsset, validTypes, + fieldNames); + if (filter.get(AssetConstants.FILTER_TAGGED).equals(AssetConstants.FALSE)) { + assetDetails = totalAssets + .parallelStream() + .filter(asset -> untaggedResourceIds.contains(asset.get(Constants.RESOURCEID) + .toString() + asset.get(AssetConstants.UNDERSCORE_ENTITY_TYPE).toString())) + .collect(Collectors.toList()); + } else { + assetDetails = totalAssets + .parallelStream() + .filter(asset -> !untaggedResourceIds.contains(asset.get(Constants.RESOURCEID) + .toString() + asset.get(AssetConstants.UNDERSCORE_ENTITY_TYPE).toString())) + .collect(Collectors.toList()); + } + } else { + assetDetails = getAssetsByAssetGroup(assetGroup, AssetConstants.ALL, mustFilterAsset, validTypes, + fieldNames); + } + + } catch (Exception e) { + LOGGER.error("Error in getListAssetsTaggable", e); + } + } + + if (!CollectionUtils.isEmpty(fieldNames)) { + final List fieldNamesCopy = fieldNames; + assetDetails.parallelStream().forEach(assetDetail -> { + Map asset = new LinkedHashMap<>(); + for (String fieldName : fieldNamesCopy) { + if (!Constants.TARGET_TYPE.equals(fieldName)) { + if (!assetDetail.containsKey(fieldName)) { + asset.put(fieldName, ""); + } else { + asset.put(fieldName, assetDetail.get(fieldName)); + } + } + } + synchronized (assetList) { + assetList.add(asset); + } + }); + LOGGER.info("Exiting getListAssetsTaggable"); + return assetList; + } else { + assetDetails.parallelStream().forEach( + assetDetail -> { + Map asset = new LinkedHashMap<>(); + asset.put(Constants.RESOURCEID, assetDetail.get(Constants.RESOURCEID)); + assetDetail.forEach((key, value) -> { + if (!Arrays.asList(Constants.RESOURCEID, Constants.DOCID, AssetConstants.UNDERSCORE_ENTITY, + Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, + Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, + AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, Constants.LATEST, + AssetConstants.CREATION_DATE).contains(key)) { + asset.put(key, value); + } + }); + synchronized (assetList) { + assetList.add(asset); + } + }); + LOGGER.info("Exiting getListAssetsTaggable"); + return assetList; + } + } + + @Override + public List> getListAssetsVulnerable(String assetGroup, Map filter) { + + LOGGER.info("Inside getListAssetsVulnerable"); + List> assetList = new ArrayList<>(); + List> assetDetails = new ArrayList<>(); + + boolean agContainsOnPrem = false; + boolean agContainsEc2 = false; + + List validTargetTypes = getTargetTypesByAssetGroup(assetGroup, null).stream() + .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); + String[] vulnTypesArray = vulnTypes.split(","); + List vulnTargetTypes = new ArrayList<>(); + + for (String vulnType : vulnTypesArray) { + if (validTargetTypes.contains(vulnType.trim())) { + vulnTargetTypes.add(vulnType); + } + } + + if (validTargetTypes.contains(Constants.ONPREMSERVER)) { + agContainsOnPrem = true; + } + if (validTargetTypes.contains(Constants.EC2)) { + agContainsEc2 = true; + } + List fieldNames = null; + try { + if (agContainsEc2 && agContainsOnPrem) { + fieldNames = getDisplayFieldsForTargetType("all_vulnerable"); + } else if (agContainsEc2) { + fieldNames = getDisplayFieldsForTargetType(Constants.EC2); + } else if (agContainsOnPrem) { + fieldNames = getDisplayFieldsForTargetType(Constants.ONPREMSERVER); + } + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); + } + if (!vulnTargetTypes.isEmpty()) { + for (String parentType : vulnTargetTypes) { + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(assetGroup); + urlToQueryBuffer.append("/").append(parentType); + urlToQueryBuffer.append("/").append(Constants.SEARCH).append("?scroll=") + .append(Constants.ES_PAGE_SCROLL_TTL); + + String urlToQuery = urlToQueryBuffer.toString(); + String urlToScroll = new StringBuilder(esUrl).append("/").append(Constants.SEARCH).append("/scroll") + .toString(); + + StringBuilder requestBody = new StringBuilder( + "{\"size\":10000,\"query\":{\"bool\":{\"must\":[{\"has_child\":{\"type\":\"vulninfo\",\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":true}},{\"term\":{\"qid\":"); + requestBody.append(filter.get("qid")); + requestBody.append("}}]}}}},{\"term\":{\"latest\":true}}"); + if (filter.containsKey(AssetConstants.FILTER_APPLICATION)) { + requestBody.append(",{\"term\":{\"tags.Application.keyword\":\""); + requestBody.append(filter.get(AssetConstants.FILTER_APPLICATION)); + requestBody.append("\"}}"); + } + if (filter.containsKey(AssetConstants.FILTER_ENVIRONMENT)) { + requestBody.append(",{\"term\":{\"tags.Environment.keyword\":\""); + requestBody.append(filter.get(AssetConstants.FILTER_ENVIRONMENT)); + requestBody.append("\"}}"); + } + if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { + requestBody.append(",{\"term\":{\"_entitytype.keyword\":\""); + requestBody.append(filter.get(AssetConstants.FILTER_RES_TYPE)); + requestBody.append("\"}}"); + } + requestBody.append("]}}}"); + Long totalDocs = getTotalDocCount(assetGroup, parentType, "{" + requestBody.toString().substring(14)); + String request = requestBody.toString(); + String scrollId = null; + if(totalDocs>0){ + for (int index = 0; index <= (totalDocs / Constants.ES_PAGE_SIZE); index++) { + String responseDetails = null; + try { + if (!Strings.isNullOrEmpty(scrollId)) { + request = esRepository.buildScrollRequest(scrollId, Constants.ES_PAGE_SCROLL_TTL); + urlToQuery = urlToScroll; + } + responseDetails = PacHttpUtils.doHttpPost(urlToQuery, request); + scrollId = esRepository.processResponseAndSendTheScrollBack(responseDetails, assetDetails); + } catch (Exception e) { + LOGGER.error("Error in getListAssetsVulnerable", e); + } + } + } + } + + List fieldsToBeSkipped = Arrays.asList(Constants.RESOURCEID, Constants.DOCID, + AssetConstants.UNDERSCORE_ENTITY, Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, + Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, + Constants.LATEST, AssetConstants.CREATION_DATE); + LOGGER.info("Exiting getListAssetsVulnerable"); + assetList.addAll(formGetListResponse(fieldNames, assetDetails, fieldsToBeSkipped)); + } + return assetList; + } + + @Override + public List> getListAssetsScanned(String assetGroup, Map filter) { + + LOGGER.info("Inside getListAssetsScanned"); + List> assetDetails = new ArrayList<>(); + List fieldNames = new ArrayList<>(); + + Map mustFilter = new HashMap<>(); + Map mustFilterAsset = new HashMap<>(); + + String targetType = ""; + if (filter.containsKey(AssetConstants.FILTER_RES_TYPE)) { + targetType = filter.get(AssetConstants.FILTER_RES_TYPE); + } + + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.RULEID), + filter.get(AssetConstants.FILTER_RULEID)); + mustFilterAsset.put(Constants.LATEST, Constants.TRUE); + mustFilterAsset.put(Constants.RULEID, + filter.get(AssetConstants.FILTER_RULEID)); + + filter.entrySet() + .stream() + .forEach( + entry -> { + if (!(entry.getKey().equals(AssetConstants.FILTER_RULEID) + || entry.getKey().equals(AssetConstants.FILTER_RES_TYPE) || entry.getKey().equals( + AssetConstants.FILTER_COMPLIANT))) { + if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { + mustFilter.put(Constants.TAGS_APPS, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { + mustFilter.put(Constants.TAGS_ENV, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); + } + } + }); + + try { + List> nonCompliantAssets = esRepository.getDataFromES(assetGroup, null, mustFilter, + null, null, null, null); + if (!nonCompliantAssets.isEmpty()) { + String policy = nonCompliantAssets.get(0).get("policyId").toString(); + if ("PacMan_TaggingRule_version-1".equals(policy)) { + String[] tags = mandatoryTags.split(","); + nonCompliantAssets = nonCompliantAssets.stream().filter(issue -> { + boolean compliant = true; + for (String tag : tags) { + if (AssetConstants.TAG_NOT_FOUND.equals(issue.get(tag))) { + compliant = false; + break; + } + } + return !compliant; + }).collect(Collectors.toList()); + } + } + if (filter.containsKey(AssetConstants.FILTER_COMPLIANT)) { + List nonCompliantresourceIds = nonCompliantAssets.parallelStream() + .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); + if (StringUtils.isEmpty(targetType)) { + targetType = getTargetTypeByRuleId(assetGroup, filter.get(AssetConstants.FILTER_RULEID)); + } + try { + fieldNames = getDisplayFieldsForTargetType(targetType); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); + } + List> totalAssets = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, + null, fieldNames); + + if (filter.get(AssetConstants.FILTER_COMPLIANT).equals(AssetConstants.FALSE)) { + assetDetails = totalAssets.parallelStream() + .filter(asset -> nonCompliantresourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } else { + assetDetails = totalAssets.parallelStream() + .filter(asset -> !nonCompliantresourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } + } else { + if (StringUtils.isEmpty(targetType)) { + targetType = getTargetTypeByRuleId(assetGroup, filter.get(AssetConstants.FILTER_RULEID)); + } + try { + fieldNames = getDisplayFieldsForTargetType(targetType); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_FETCHING_FIELDNAMES , e); + } + assetDetails = getAssetsByAssetGroup(assetGroup, targetType, mustFilterAsset, null, fieldNames); + } + } catch (Exception e) { + LOGGER.error("Error in getListAssetsScanned", e); + } + + List fieldsToBeSkipped = Arrays.asList(Constants.RESOURCEID, Constants.DOCID, AssetConstants.UNDERSCORE_ENTITY, + Constants._ID, AssetConstants.UNDERSCORE_LOADDATE, Constants.ES_DOC_PARENT_KEY, Constants.ES_DOC_ROUTING_KEY, AssetConstants.CREATE_TIME, + AssetConstants.FIRST_DISCOVEREDON, AssetConstants.DISCOVERY_DATE, Constants.LATEST, AssetConstants.CREATION_DATE); + LOGGER.info("Exiting getListAssetsScanned"); + return formGetListResponse(fieldNames, assetDetails, fieldsToBeSkipped); + + } + + @Override + public List> getResourceDetail(String ag, String resourceType, String resourceId) + throws DataException { + + String indexName = ag; + Map mustFilter = new HashMap<>(); + mustFilter.put("_resourceid.keyword", resourceId); + try { + return esRepository.getDataFromES(indexName, resourceType, mustFilter, null, null, null, null); + } catch (Exception e) { + LOGGER.error("Exception in getResourceDetail ",e); + throw new DataException(e); + } + } + + private List> getAssetsByAssetGroup(String assetGroupName, String type, + Map mustFilter, List targetTypes, List fieldNames) { + + mustFilter.put(Constants.LATEST, Constants.TRUE); + mustFilter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); + + HashMultimap shouldFilter = HashMultimap.create(); + if (Constants.EC2.equals(type) || AssetConstants.ALL.equals(type)) { + if(mustFilter.containsKey(AssetConstants.FILTER_RULEID) && + ((mustFilter.get(AssetConstants.FILTER_RULEID).toString().equalsIgnoreCase(Constants.CLOUD_QUALYS_RULE) && qualysEnabled) || mustFilter.get(AssetConstants.FILTER_RULEID).toString().equalsIgnoreCase(Constants.SSM_AGENT_RULE))) { + return getLongRunningInstances(assetGroupName, type, fieldNames); + } else { + shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); + } + } + mustFilter.remove(AssetConstants.FILTER_RULEID); + + List> assets = new ArrayList<>(); + try { + if (AssetConstants.ALL.equals(type)) { + try { + boolean ec2Exists = false; + Map mustTermsFilter = new HashMap<>(); + if (targetTypes.contains(Constants.EC2)) { + targetTypes.remove(Constants.EC2); + ec2Exists = true; + } + mustTermsFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, targetTypes); + + assets = esRepository.getDataFromES(assetGroupName, null, mustFilter, null, null, fieldNames, + mustTermsFilter); + if (ec2Exists) { + assets.addAll(esRepository.getDataFromES(assetGroupName, Constants.EC2, mustFilter, null, + shouldFilter, fieldNames, null)); + } + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); + } + + } else { + if (Constants.ONPREMSERVER.equalsIgnoreCase(type)) { + fieldNames = getDisplayFieldsForTargetType(type); + } + assets = esRepository.getDataFromES(assetGroupName, type, mustFilter, null, shouldFilter, fieldNames, + null); + } + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); + } + + return assets; + } + + private List> getLongRunningInstances(String assetGroup, String type, List fieldNames) { + + List> assetDetails = new ArrayList<>(); + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(assetGroup); + urlToQueryBuffer.append("/").append(type); + urlToQueryBuffer.append("/").append(Constants.SEARCH).append("?scroll=") + .append(Constants.ES_PAGE_SCROLL_TTL); + + String urlToQuery = urlToQueryBuffer.toString(); + String urlToScroll = new StringBuilder(esUrl).append("/").append(Constants.SEARCH).append("/scroll") + .toString(); + StringBuilder requestCount = new StringBuilder("{\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}},{\"match\":{\"statename\":\"running\"}}]," + + "\"should\":[{\"script\":{\"script\":\"LocalDate.parse(doc['firstdiscoveredon.keyword'].value.substring(0,10))" + + ".isBefore(LocalDate.from(Instant.ofEpochMilli(new Date().getTime()).atZone(ZoneId.systemDefault())).minusDays(7))\"}}," + + "{\"has_child\":{\"type\":\"qualysinfo\",\"query\":{\"match\":{\"latest\":\"true\"}}}}],\"minimum_should_match\":1}}}"); + + Long totalDocs = getTotalDocCount(assetGroup, type, requestCount.toString()); + StringBuilder requestBody = new StringBuilder("{\"_source\":").append(new Gson().toJson(fieldNames)).append(",").append("\"size\":10000,"). + append(requestCount.toString().substring(1, requestCount.length())); + String request = requestBody.toString(); + String scrollId = null; + if(totalDocs>0){ + for (int index = 0; index <= (totalDocs / Constants.ES_PAGE_SIZE); index++) { + String responseDetails = null; + try { + if (!Strings.isNullOrEmpty(scrollId)) { + request = esRepository.buildScrollRequest(scrollId, Constants.ES_PAGE_SCROLL_TTL); + urlToQuery = urlToScroll; + } + responseDetails = PacHttpUtils.doHttpPost(urlToQuery, request); + scrollId = esRepository.processResponseAndSendTheScrollBack(responseDetails, assetDetails); + } catch (Exception e) { + LOGGER.error("Error in getListAssetsVulnerable", e); + } + } + } + return assetDetails; + } + + private List> getAssetsByAssetGroupBySize(String assetGroupName, String type, + Map mustFilter, List targetTypes, List fieldNames, int from, int size, + String searchText) { + mustFilter.put(Constants.LATEST, Constants.TRUE); + mustFilter.put(AssetConstants.UNDERSCORE_ENTITY, Constants.TRUE); + HashMultimap shouldFilter = HashMultimap.create(); + if (Constants.EC2.equals(type)) { + shouldFilter.put(Constants.STATE_NAME, Constants.RUNNING); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPED); + shouldFilter.put(Constants.STATE_NAME, AssetConstants.STOPPING); + } + + List> assets = new ArrayList<>(); + try { + if (AssetConstants.ALL.equals(type)) { + try { + Map mustTermsFilter = new HashMap<>(); + mustTermsFilter.put(AssetConstants.UNDERSCORE_ENTITY_TYPE_KEYWORD, targetTypes); + assets = esRepository.getDataFromESBySize(assetGroupName, null, mustFilter, null, null, fieldNames, + from, size, searchText, mustTermsFilter); + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); + } + + } else { + if (Constants.ONPREMSERVER.equalsIgnoreCase(type)) { + fieldNames = getDisplayFieldsForTargetType(type); + } + assets = esRepository.getDataFromESBySize(assetGroupName, type, mustFilter, null, shouldFilter, + fieldNames, from, size, searchText, null); + } + } catch (Exception e) { + LOGGER.error(AssetConstants.ERROR_GETASSETSBYAG, e); + } + + return assets; + } + + @SuppressWarnings("unchecked") + private long getTotalDocCount(String index, String type, String requestBody) { + StringBuilder urlToQuery = new StringBuilder(esUrl).append("/").append(index).append("/").append(type) + .append("/").append("_count"); + String responseDetails = null; + Gson gson = new GsonBuilder().create(); + try { + responseDetails = PacHttpUtils.doHttpPost(urlToQuery.toString(), requestBody); + Map response = (Map) gson.fromJson(responseDetails, Object.class); + return (long) (Double.parseDouble(response.get("count").toString())); + } catch (Exception e) { + LOGGER.error("Error in getTotalDocCount", e); + return 0; + } + } + + private List fetchExecDirectorApps(String name, String exeOrDirec) { + List executiveApps = new ArrayList<>(); + List> execAndDirectorInfo; + try { + execAndDirectorInfo = esRepository.getDataFromES("aws_apps", "apps", null, null, null, + Arrays.asList("appTag", "director", "executiveSponsor"), null); + for (Map execMap : execAndDirectorInfo) { + if (name.equals(execMap.get(exeOrDirec))) { + executiveApps.add(execMap.get("appTag").toString()); + } + } + + } catch (Exception e) { + LOGGER.error("Error in fetchExecDirectorApps", e); + } + return executiveApps; + } + + public List> getOpenPortDetailsByInstanceId(String instanceId, Integer from, Integer size, + String searchText) throws DataException { + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/").append(AssetConstants.AWS_EC2) + .append("/").append(Constants.QUALYS_INFO).append("/").append(Constants.SEARCH).append("?") + .append("size").append("=").append(Constants.ES_PAGE_SIZE); + Map openPortDet = null; + List> openPortList = new ArrayList<>(); + StringBuilder requestBodyCpu = null; + try { + if (StringUtils.isEmpty(searchText)) { + requestBodyCpu = new StringBuilder( + "{\"_source\":[\"openPort\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"match\":{\"instanceid.keyword\":\"" + + instanceId + AssetConstants.ESQUERY_CLOSE); + } else { + requestBodyCpu = new StringBuilder( + "{\"_source\":[\"openPort\",\"instanceid\"],\"query\":{\"bool\":{\"must\":[{\"term\":{\"instanceid.keyword\":{\"value\":\"" + + instanceId + "\"}}},{\"match_phrase_prefix\":{\"_all\":\"" + searchText + AssetConstants.ESQUERY_CLOSE); + } + String responseDetails = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), requestBodyCpu.toString()); + JsonParser parser = new JsonParser(); + JsonObject responseDetailsjson = parser.parse(responseDetails).getAsJsonObject(); + JsonObject firstHits = responseDetailsjson.get("hits").getAsJsonObject(); + JsonArray secHitsArray = firstHits.get("hits").getAsJsonArray(); + for (JsonElement hits : secHitsArray) { + JsonObject hitsJson = hits.getAsJsonObject(); + JsonObject source = hitsJson.get(AssetConstants.UNDERSCORE_SOURCE).getAsJsonObject(); + if (!source.get("openPort").isJsonNull()) { + JsonObject openPort = source.get("openPort").getAsJsonObject(); + JsonObject list = openPort.get("list").getAsJsonObject(); + JsonArray hostAssetOpenPort = list.get("hostAssetOpenPort").getAsJsonArray(); + + for (JsonElement jsonElement : hostAssetOpenPort) { + openPortDet = new HashMap<>(); + JsonObject openPortDetails = jsonElement.getAsJsonObject(); + openPortDet.put("protocol", openPortDetails.get("protocol").getAsString()); + openPortDet.put("port", openPortDetails.get("port").getAsString()); + openPortDet.put("serviceId", openPortDetails.get("serviceId").getAsString()); + if (!openPortDetails.get(AssetConstants.SERVICE_NAME).isJsonNull()) { + openPortDet.put(AssetConstants.SERVICE_NAME, + openPortDetails.get(AssetConstants.SERVICE_NAME).getAsString()); + } else { + openPortDet.put(AssetConstants.SERVICE_NAME, ""); + } + openPortList.add(openPortDet); + } + } + } + return openPortList; + + } catch (Exception e) { + LOGGER.error("Error retrieving inventory from ES in getOpenPortDetailsByInstanceId", e); + throw new DataException(e); + } + } + + private String getTargetTypeByRuleId(String assetGroup, String ruleId) { + + LOGGER.info("Getting Target type for Rule id : " + ruleId); + List targetTypes = getTargetTypesByAssetGroup(assetGroup, null).stream() + .map(obj -> obj.get(Constants.TYPE).toString()).collect(Collectors.toList()); + String ttypesTemp; + String ttypes = null; + for (String name : targetTypes) { + ttypesTemp = new StringBuilder().append('\'').append(name).append('\'').toString(); + if (Strings.isNullOrEmpty(ttypes)) { + ttypes = ttypesTemp; + } else { + ttypes = new StringBuilder().append(ttypes).append(",").append(ttypesTemp).toString(); + } + } + String ruleIdWithTargetTypeQuery = "SELECT ruleId, targetType FROM cf_RuleInstance WHERE STATUS = 'ENABLED'AND targetType IN (" + + ttypes + ")"; + List> ruleIdwithTargetType = rdsRepository.getDataFromPacman(ruleIdWithTargetTypeQuery); + Map ruleIdwithruleTargetTypeMap = ruleIdwithTargetType.stream().collect( + Collectors.toMap(s -> (String) s.get(Constants.RULEID), s -> (String) s.get(Constants.TARGET_TYPE))); + + return ruleIdwithruleTargetTypeMap.get(ruleId); + } + + @Override + public Map getResourceCreateInfo(String resourceId) throws DataException { + + String url = heimdallEsesUrl + "/pacman-resource-claim/_search"; + String request = "{\"query\": {\"match\": {\"resourceid.keyword\": \"" + resourceId + "\"}}}"; + String responseDetails; + try { + responseDetails = PacHttpUtils.doHttpPost(url, request); + } catch (Exception e) { + LOGGER.error("Exception in getResourceCreateInfo ",e); + throw new DataException(e); + } + + JsonObject responseDetailsjson = new JsonParser().parse(responseDetails).getAsJsonObject(); + JsonArray hits = responseDetailsjson.get("hits").getAsJsonObject().get("hits").getAsJsonArray(); + + if (hits.size() > 0) { + JsonObject createInfoObj = hits.get(0).getAsJsonObject().get(AssetConstants.UNDERSCORE_SOURCE) + .getAsJsonObject(); // Exp + Gson gson = new Gson(); + Map map = new HashMap<>(); + map = (Map) gson.fromJson(createInfoObj, map.getClass()); + + // User better key names for createdBy and creationDate + Object obj = map.remove("user"); + map.put("createdBy", obj); + + obj = map.remove("time"); + map.put(AssetConstants.CREATION_DATE, obj); + + // The string 'null' could come in email + if ("null".equals(map.get("email").toString())) { + map.put("email", ""); + } + return map; + } + return null; + } + + @Override + public Map getNotificationSummary(String instanceId) throws DataException { + + Map matchEntryMap = new HashMap<>(); + matchEntryMap.put("entityvalue.keyword", instanceId); + + Map matchMap = new HashMap<>(); + matchMap.put(Constants.MATCH, matchEntryMap); + + Map childEntryMap = new LinkedHashMap<>(); + childEntryMap.put(Constants.TYPE, "phd_entities"); + childEntryMap.put(AssetConstants.QUERY, matchMap); + + // Create must map + Map mustFilter = new HashMap<>(); + mustFilter.put(Constants.LATEST, Constants.TRUE); + mustFilter.put("has_child", childEntryMap); + + String aggsFilterFieldName = CommonUtils.convertAttributetoKeyword("statuscode"); + + try { + return esRepository.getTotalDistributionForIndexAndType("aws_phd", "phd", mustFilter, null, null, + aggsFilterFieldName, Constants.TEN, null); + } catch (Exception e) { + LOGGER.error("Exception in getNotificationSummary ",e); + throw new DataException(e); + } + + } + + @Override + public List> getNotificationDetails(String instanceId, Map filters, + String searchText) throws DataException { + + Map matchEntryMap = new HashMap<>(); + matchEntryMap.put("entityvalue.keyword", instanceId); + + Map matchMap = new HashMap<>(); + matchMap.put(Constants.MATCH, matchEntryMap); + + Map childEntryMap = new LinkedHashMap<>(); + childEntryMap.put(Constants.TYPE, "phd_entities"); + childEntryMap.put(AssetConstants.QUERY, matchMap); + + // Create must map + Map mustFilter = new HashMap<>(); + mustFilter.put(Constants.LATEST, Constants.TRUE); + mustFilter.put("has_child", childEntryMap); + + if (null != filters && filters.size() > 0) { + filters.forEach((key, value) -> mustFilter.put(key, value)); + } + + try { + return esRepository.getDataFromESBySize("aws_phd", "phd", mustFilter, null, null, null, 0, + Constants.ES_PAGE_SIZE, searchText, null); + } catch (Exception e) { + LOGGER.error("Exception in getNotificationDetails ",e); + throw new DataException(e); + } + + } + + @Override + public List> getQualysDetail(String resourceId) throws DataException { + + Map mustFilter = new HashMap<>(); + mustFilter.put(AssetConstants.INSTANCEID_KEYWORD, resourceId); + try { + return esRepository.getDataFromES(AssetConstants.AWS_EC2, Constants.QUALYS_INFO, mustFilter, null, null, + Arrays.asList("lastVulnScan", "totalMemory", "account.list.hostAssetAccount.username"), null); + } catch (Exception e) { + LOGGER.error("Exception in getQualysDetail ",e); + throw new DataException(); + } + } + + @SuppressWarnings({ "unchecked" }) + @Override + public int updateAsset(String assetGroup, String targettype, Map resources, String updatedBy, + List> updates) throws DataException, NoDataFoundException { + + int totalrows = 0; + List queriesToExecute = new ArrayList<>(); + List> assetDetails = new ArrayList<>(); + List insertValuesList = new ArrayList<>(); + List deleteValuesList = new ArrayList<>(); + String[] insertValuesListFinal; + String[] deleteValuesListFinal; + List inptutResources = (List) resources.get("values"); + LOGGER.info("Total Resouces passed in " + inptutResources.size()); + Set resourceids = new HashSet<>(inptutResources); + LOGGER.info("Dups Resouces passed in " + (resourceids.size() - inptutResources.size())); + HashMap mustFilter = new HashMap<>(); + mustFilter.put(Constants.LATEST, true); + List> assetDetailsFromES; + try { + assetDetailsFromES = esRepository.getDataFromES(assetGroup, targettype, mustFilter, + null, null, null, null); + } catch (Exception e) { + LOGGER.error("Exception in updateAsset ",e); + throw new DataException(e); + } + LOGGER.info("Total records in ES " + assetDetailsFromES.size()); + + Map> assetsTobeUpdated = assetDetailsFromES.parallelStream() + .filter(asset -> resourceids.contains(asset.get(Constants.RESOURCEID).toString())) + .collect(Collectors.toMap(asset -> asset.get(Constants.RESOURCEID).toString(), asset -> asset)); + assetDetailsFromES.clear(); + + LOGGER.info("Total records to be updated " + assetsTobeUpdated.size()); + resourceids.parallelStream().forEach( + resourceValue -> { + Map assetDetailsMap = assetsTobeUpdated.get(resourceValue); + if (null != assetDetailsMap) { + assetDetailsMap.remove(Constants._ID); + assetDetailsMap.remove(Constants.ES_DOC_PARENT_KEY); + assetDetailsMap.remove(Constants.ES_DOC_ROUTING_KEY); + assetDetailsMap.put(Constants.LATEST, true); + for (Map updateMap : updates) { + String type = targettype; + String updatedByLocal = updatedBy; + StringBuilder deleteValue = new StringBuilder("(").append("'" + resourceValue + "'") + .append("," + "'" + updateMap.get("key") + "'").append(")"); + if (deleteValue != null) { + synchronized (deleteValuesList) { + deleteValuesList.add(deleteValue.toString()); + } + } + StringBuilder insertValue = new StringBuilder("(") + .append("'" + type + "'") + .append("," + "'" + resourceValue + "'") + .append("," + "'" + updateMap.get("key") + "'") + .append("," + "'" + updateMap.get("value") + "'") + .append("," + "'" + updatedByLocal + "'") + .append("," + "'" + + new SimpleDateFormat("yyyy-MM-dd H:00:00Z").format(new java.util.Date()) + + "')"); + if (insertValue != null) { + synchronized (insertValuesList) { + insertValuesList.add(insertValue.toString()); + } + } + assetDetailsMap.put(updateMap.get("key").toString(), updateMap.get("value")); + } + synchronized (assetDetails) { + assetDetails.add(assetDetailsMap); + } + } else { + LOGGER.info("resource not found" + resourceValue); + } + }); + + LOGGER.info("Total records to be updated back in ES " + assetDetails.size()); + assetsTobeUpdated.clear(); + if (!assetDetails.isEmpty()) { + insertValuesList.removeAll(Collections.singleton(null)); + insertValuesListFinal = insertValuesList.toArray(new String[insertValuesList.size()]); + deleteValuesList.removeAll(Collections.singleton(null)); + deleteValuesListFinal = deleteValuesList.toArray(new String[deleteValuesList.size()]); + + StringBuilder insertQuery = new StringBuilder( + "INSERT INTO pacman_field_override ( resourcetype,_resourceid,fieldName,fieldValue,updatedBy,updatedOn) VALUES "); + insertQuery.append(String.join(",", insertValuesListFinal)); + StringBuilder deleteQuery = new StringBuilder("DELETE FROM pacman_field_override WHERE resourceType = '" + + targettype + "' AND " + "( _resourceid,fieldName) IN"); + + deleteQuery.append("(").append(String.join(",", deleteValuesListFinal)).append(")"); + + queriesToExecute.add(deleteQuery.toString()); + queriesToExecute.add(insertQuery.toString()); + int[] updateCnt = redshiftRepository.batchUpdate(queriesToExecute); + if (updateCnt != null && updateCnt.length == Constants.TWO && updateCnt[1] > 0) { + String index = "aws_" + targettype; + uploadData(index, targettype, assetDetails, Constants.DOCID); + totalrows = updateCnt[1]; + } else { + LOGGER.error("Update failed"); + } + return totalrows; + } else { + throw new NoDataFoundException("Updation Failed,No matching records found in ES"); + } + } + + private boolean uploadData(String index, String type, List> docs, String idKey) { + String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_id\" : \"%s\"} }%n"; + + LOGGER.info("*********UPLOADING*** " + type); + if (null != docs && !docs.isEmpty()) { + StringBuilder bulkRequest = new StringBuilder(); + int i = 0; + for (Map doc : docs) { + if (doc != null) { + String id = doc.get(idKey).toString(); + StringBuilder docStrBuilder = new StringBuilder(createESDoc(doc)); + + if (docStrBuilder != null) { + bulkRequest.append(String.format(actionTemplate, index, type, id)); + bulkRequest.append(docStrBuilder + "\n"); + } + i++; + if (i % Constants.THOUSAND == AssetConstants.ZERO + || bulkRequest.toString().getBytes().length + / (Constants.THOUSAND_TWENTY_FOUR * Constants.THOUSAND_TWENTY_FOUR) > Constants.FIVE) { + LOGGER.info("Uploaded" + i); + Response resp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, bulkRequest.toString()); + try { + String responseStr = ""; + if(null != resp) { + responseStr = EntityUtils.toString(resp.getEntity()); + } + if (responseStr.contains(AssetConstants.RESPONSE_ERROR)) { + Response retryResp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, + bulkRequest.toString()); + String retryResponse = ""; + if(null != retryResp) { + retryResponse = EntityUtils.toString(retryResp.getEntity()); + } + if (retryResponse.contains(AssetConstants.RESPONSE_ERROR)) { + LOGGER.error(retryResponse); + } + } + } catch (Exception e) { + LOGGER.error("Bulk upload failed",e); + return false; + } + bulkRequest = new StringBuilder(); + } + } + } + if (bulkRequest.length() > 0) { + LOGGER.info("Uploaded" + i); + Response resp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, bulkRequest.toString()); + try { + String responseStr = ""; + if(null != resp) { + responseStr = EntityUtils.toString(resp.getEntity()); + } + if (responseStr.contains(AssetConstants.RESPONSE_ERROR)) { + Response retryResp = invokeAPI("POST", AssetConstants.ESQUERY_BULK, + bulkRequest.toString()); + String retryResponse = ""; + if(null != retryResp) { + retryResponse = EntityUtils.toString(retryResp.getEntity()); + } + + if (retryResponse.contains(AssetConstants.RESPONSE_ERROR)) { + LOGGER.error(retryResponse); + } + } + return resp.getStatusLine().getStatusCode() == 200 ? true : false; + } catch (Exception e) { + LOGGER.error("Bulk upload failed",e); + return false; + } + } + } + return true; + } + + private String createESDoc(Map doc) { + ObjectMapper objMapper = new ObjectMapper(); + String docJson = "{}"; + try { + docJson = objMapper.writeValueAsString(doc); + } catch (JsonProcessingException e) { + LOGGER.error("Error in createESDoc" , e); + } + return docJson; + } + + private Response invokeAPI(String method, String endpoint, String payLoad) { + HttpEntity entity = null; + try { + if (payLoad != null) { + entity = new NStringEntity(payLoad, ContentType.APPLICATION_JSON); + } + return getRestClient().performRequest(method, endpoint, Collections.emptyMap(), entity); + } catch (IOException e) { + LOGGER.error("Error in invokeAPI" , e); + } + return null; + } + + private RestClient getRestClient() { + if (restClient == null) { + restClient = RestClient.builder(new HttpHost(updateESHost, updateESPort)).build(); + } + return restClient; + } + + @SuppressWarnings("rawtypes") + @Override + public List> getAssetLists(String assetGroup, Map filter, int from, int size, + String searchText) { + LOGGER.info("Inside getAssetLists"); + List> assetDetails = new ArrayList<>(); + String targetType = ""; + + Map mustFilter = new HashMap<>(); + mustFilter.put(Constants.LATEST, Constants.TRUE); + Iterator it = filter.entrySet().iterator(); + while (it.hasNext()) { + Map.Entry entry = (Map.Entry) it.next(); + if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { + mustFilter.put(Constants.TAGS_APPS, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { + mustFilter.put(Constants.TAGS_ENV, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_RES_TYPE)) { + targetType = entry.getValue().toString(); + } + } + + List fieldNames = Arrays.asList(Constants.RESOURCEID, Constants.ACCOUNT_NAME, Constants.REGION, + Constants.TAGS_APPLICATION, Constants.TAGS_ENVIRONMENT, Constants.ACCOUNT_ID, + AssetConstants.UNDERSCORE_ENTITY_TYPE); + if (Constants.ONPREMSERVER.equalsIgnoreCase(targetType)) { + fieldNames = getDisplayFieldsForTargetType(targetType); + } + try { + String url = esUrl + "/" + assetGroup + "/" + targetType + "/_search?size=" + size + "&from=" + from; + Map source = new HashMap<>(); + source.put(AssetConstants.UNDERSCORE_SOURCE, fieldNames); + String soruceJson = new Gson().toJson(source).replaceFirst("}", ""); + String query = soruceJson + + ",\"query\":{\"match\":{\"latest\":\"true\"}},\"sort\":[{\"_resourceid.keyword\":{\"order\":\"asc\"}}]}"; + String responseJson = ""; + try { + responseJson = PacHttpUtils.doHttpPost(url, query); + } catch (Exception e) { + LOGGER.error("Error in getAssetLists" , e); + } + JsonParser jsonParser = new JsonParser(); + JsonObject resultJson = (JsonObject) jsonParser.parse(responseJson); + JsonObject hitsJson = (JsonObject) jsonParser.parse(resultJson.get("hits").toString()); + JsonArray jsonArray = hitsJson.getAsJsonObject().get("hits").getAsJsonArray(); + if (jsonArray.size() > 0) { + for (int i = 0; i < jsonArray.size(); i++) { + JsonObject obj = (JsonObject) jsonArray.get(i); + JsonObject sourceJson = (JsonObject) obj.get(AssetConstants.UNDERSCORE_SOURCE); + if (sourceJson != null) { + Map doc = new Gson().fromJson(sourceJson, new TypeToken>() { + }.getType()); + assetDetails.add(doc); + } + } + } + + if (targetType.equals(Constants.ONPREMSERVER)) { + assetDetails.parallelStream().forEach(asset -> { + if (!asset.containsKey("u_kernel_release")) { + asset.put("u_kernel_release", ""); + } + if (!asset.containsKey("u_projection_week")) { + asset.put("u_projection_week", ""); + } + }); + } + } catch (Exception e) { + LOGGER.error("Error in getAssetLists", e); + } + + LOGGER.info("Exiting getAssetLists"); + return assetDetails; + } + + private List> getListAssetsPathachableForEC2(String assetGroup, Map filter, + List source) { + + List> assetDetails = new ArrayList<>(); + + Map mustFilter = new HashMap<>(); + Map mustFilterAsset = new HashMap<>(); + Map mustNotFilterAsset = new HashMap<>(); + + List> unpatchedInstances; + List> totalInstances; + + String targetAssetGroup; + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); + + Map parentBool = new HashMap<>(); + List> mustList = new ArrayList<>(); + Map matchMap = new HashMap<>(); + Map match = new HashMap<>(); + + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.RULEID), Constants.EC2_KERNEL_COMPLIANCE_RULE); + + // Changes to include only latest resources + + match.put(Constants.LATEST, Constants.TRUE); + + matchMap.put(Constants.MATCH, match); + mustList.add(matchMap); + + match = new HashMap<>(); + match.put(Constants.STATE_NAME, Constants.RUNNING); + matchMap = new HashMap<>(); + matchMap.put(Constants.MATCH, match); + mustList.add(matchMap); + + parentBool.put("must", mustList); + + match = new HashMap<>(); + match.put("platform", "windows"); + matchMap = new HashMap<>(); + matchMap.put(Constants.MATCH, match); + + parentBool.put("must_not", matchMap); + + Map queryMap = new HashMap<>(); + queryMap.put("bool", parentBool); + + Map parentEntryMap = new LinkedHashMap<>(); + parentEntryMap.put(Constants.TYPE, Constants.EC2); + parentEntryMap.put(AssetConstants.QUERY, queryMap); + mustFilter.put("has_parent", parentEntryMap); + + filter.entrySet() + .stream() + .forEach( + entry -> { + if (!(entry.getKey().equals(AssetConstants.FILTER_PATCHED) + || entry.getKey().equals(AssetConstants.FILTER_RES_TYPE) + || entry.getKey().equals(AssetConstants.FILTER_EXEC_SPONSOR) || entry + .getKey().equals(AssetConstants.FILTER_DIRECTOR))) { + if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { + mustFilter.put(Constants.TAGS_APPS, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { + mustFilter.put(Constants.TAGS_ENV, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); + } + } + }); + + mustFilterAsset.put(Constants.LATEST, true); + mustFilterAsset.put(CommonUtils.convertAttributetoKeyword(Constants.STATE_NAME), Constants.RUNNING); + mustNotFilterAsset.put(CommonUtils.convertAttributetoKeyword(Constants.PLATFORM), Constants.WINDOWS); + targetAssetGroup = assetGroup + "/" + Constants.EC2; + + try { + if (filter.containsKey(AssetConstants.FILTER_PATCHED)) { + + unpatchedInstances = esRepository.getDataFromES(assetGroup, null, mustFilter, null, null, null, null); + List unPatchedResourceIds = unpatchedInstances.parallelStream() + .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); + totalInstances = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, + mustNotFilterAsset, null, null, null); + if (filter.get(AssetConstants.FILTER_PATCHED).equals(AssetConstants.FALSE)) { + assetDetails = totalInstances.parallelStream() + .filter(asset -> unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } else if (filter.get(AssetConstants.FILTER_PATCHED).equals(Constants.TRUE)) { + assetDetails = totalInstances.parallelStream() + .filter(asset -> !unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } + } else { + assetDetails = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, mustNotFilterAsset, + null, source, null); + } + } catch (Exception e) { + LOGGER.error("Error in getListAssetsPatchable", e); + } + return assetDetails; + } + + private List> getListAssetsPathachableForOnPrem(String assetGroup, Map filter, + List source) { + + List> assetDetails = new ArrayList<>(); + Map mustFilter = new HashMap<>(); + Map mustFilterAsset = new HashMap<>(); + + List> unpatchedInstances; + List> totalInstances; + + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.TYPE), Constants.ISSUE); + mustFilter.put(CommonUtils.convertAttributetoKeyword(Constants.ISSUE_STATUS), Constants.OPEN); + + mustFilter + .put(CommonUtils.convertAttributetoKeyword(Constants.RULEID), Constants.ONPREM_KERNEL_COMPLIANCE_RULE); + + // Has Parent Query Start + Map match = new HashMap<>(); + match.put(Constants.LATEST, Constants.TRUE); + + Map matchMap = new HashMap<>(); + matchMap.put(Constants.MATCH, match); + + Map parentEntryMap = new LinkedHashMap<>(); + parentEntryMap.put(Constants.TYPE, Constants.ONPREMSERVER); + parentEntryMap.put(AssetConstants.QUERY, matchMap); + mustFilter.put("has_parent", parentEntryMap); + + // Has Parent Query End + + filter.entrySet() + .stream() + .forEach( + entry -> { + if (!(entry.getKey().equals(AssetConstants.FILTER_PATCHED) + || entry.getKey().equals(AssetConstants.FILTER_RES_TYPE) + || entry.getKey().equals(AssetConstants.FILTER_EXEC_SPONSOR) || entry + .getKey().equals(AssetConstants.FILTER_DIRECTOR))) { + if (entry.getKey().equals(AssetConstants.FILTER_APPLICATION)) { + mustFilter.put(Constants.TAGS_APPS, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_APPS, entry.getValue()); + } + if (entry.getKey().equals(AssetConstants.FILTER_ENVIRONMENT)) { + mustFilter.put(Constants.TAGS_ENV, entry.getValue()); + mustFilterAsset.put(Constants.TAGS_ENV, entry.getValue()); + } + } + }); + + mustFilterAsset.put(Constants.LATEST, true); + mustFilterAsset.put(Constants.INSCOPE, true); + String targetAssetGroup = assetGroup + "/" + Constants.ONPREMSERVER; + + try { + Map mustNotFilterAsset = new HashMap<>(); + if (filter.containsKey(AssetConstants.FILTER_PATCHED)) { + unpatchedInstances = esRepository.getDataFromES(assetGroup, null, mustFilter, null, null, null, null); + List unPatchedResourceIds = unpatchedInstances.parallelStream() + .map(obj -> obj.get(Constants.RESOURCEID).toString()).collect(Collectors.toList()); + totalInstances = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, + mustNotFilterAsset, null, null, null); + if (AssetConstants.FALSE.equals(filter.get(AssetConstants.FILTER_PATCHED))) { + assetDetails = totalInstances.parallelStream() + .filter(asset -> unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } else if (Constants.TRUE.equals(filter.get(AssetConstants.FILTER_PATCHED))) { + assetDetails = totalInstances.parallelStream() + .filter(asset -> !unPatchedResourceIds.contains(asset.get(Constants.RESOURCEID))) + .collect(Collectors.toList()); + } + } else { + assetDetails = esRepository.getDataFromES(targetAssetGroup, null, mustFilterAsset, mustNotFilterAsset, + null, source, null); + } + } catch (Exception e) { + LOGGER.error("Error in getListAssetsPatchableForOnPrem", e); + } + + return assetDetails; + } + + private List getDisplayFieldsForTargetType(String targetType) { + + String query = "select displayfields from cf_pac_updatable_fields where resourceType = '" + targetType.trim() + + "'"; + return Arrays.asList(rdsRepository.queryForString(query).split("\\s*,\\s*")); + } + + public long getTotalCountForListingAsset(String index, String type) { + StringBuilder requestBody = new StringBuilder( + "{\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}]}}}"); + return getTotalDocCount(index, type, requestBody.toString()); + } + + @Override + public String getResourceCreatedDate(final String resourceId, final String resourceType) { + try { + String eventName = events.get(resourceType.toLowerCase()); + String searchResourceQuery = "{\"query\":{\"bool\":{\"must\":[{\"term\":{\"detail.eventName.keyword\":{\"value\":\"" + + eventName + "\"}}},{\"term\":{\"resourceid.keyword\":{\"value\":\"" + resourceId + "\"}}}]}}}"; + StringBuilder urlToQueryResource = new StringBuilder(heimdallEsesUrl).append("/") + .append("pacman-resource-claim").append("/").append(Constants.SEARCH); + String resourceDetails; + Gson gson = new Gson(); + resourceDetails = PacHttpUtils.doHttpPost(urlToQueryResource.toString(), searchResourceQuery); + Type resourceTypeToken = new TypeToken() { + }.getType(); + ResourceResponse resourceResponse = gson.fromJson(resourceDetails, resourceTypeToken); + int total = resourceResponse.getHits().getTotal(); + if (total > 0) { + Source source = resourceResponse.getHits().getHits().get(0).getSource(); + String time = null; + String creationDate = null; + String eventTime = null; + try { + time = source.getTime(); + } catch (Exception exception) { + LOGGER.error(exception); + } + try { + creationDate = source.getDetail().getUserIdentity().getSessionContext().getAttributes() + .getCreationDate(); + } catch (Exception exception) { + LOGGER.error(exception); + } + try { + eventTime = source.getDetail().getEventTime(); + } catch (Exception exception) { + LOGGER.error(exception); + } + + if (creationDate != null) { + return creationDate; + } else if (eventTime != null) { + return eventTime; + } else if (time != null) { + return time; + } else { + return StringUtils.EMPTY; + } + } + } catch (Exception exception) { + LOGGER.error(exception); + } + return null; + } + + @Override + public List> getDomainsByAssetGroup(String aseetGroupName) { + String query = "select distinct c.domain from cf_AssetGroupTargetDetails a , cf_AssetGroupDetails b, cf_Target c where a.groupId = b.groupId and a.targetType = c.targetName and b.groupName ='" + + aseetGroupName.trim() + "'"; + return rdsRepository.getDataFromPacman(query); + } + + @Override + public List> getAssetGroupAndDomains() { + String query = "select distinct b.groupName as name, c.domain from cf_AssetGroupTargetDetails a , cf_AssetGroupDetails b, cf_Target c where a.groupId = b.groupId and a.targetType = c.targetName"; + return rdsRepository.getDataFromPacman(query); + } + + public Map getEvents() { + return events; + } + + public void setEvents(Map events) { + this.events = events; + } + + @Override + public String getDataTypeInfoByTargetType(String targettype) { + String query = "select updatableFields from cf_pac_updatable_fields where resourceType = '" + targettype.trim() + + "'"; + return rdsRepository.queryForString(query); + } + + @Override + public List> getAdGroupDetails() throws DataException { + try { + return esRepository.getDataFromES("adinfo", null, null, null, null, Arrays.asList("managedBy", "name"), null); + } catch (Exception e) { + LOGGER.error("Exception in getAdGroupDetails ",e); + throw new DataException(); + } + } + + private List> formGetListResponse(List fieldNames, List> assetDetails, List fieldsToBeSkipped) { + + List> assetList = new ArrayList<>(); + if (!CollectionUtils.isEmpty(fieldNames)) { + final List fieldNamesCopy = fieldNames; + assetDetails.parallelStream().forEach(assetDetail -> { + Map asset = new LinkedHashMap<>(); + for (String fieldName : fieldNamesCopy) { + if (!assetDetail.containsKey(fieldName)) { + asset.put(fieldName, ""); + } else { + asset.put(fieldName, assetDetail.get(fieldName)); + } + } + synchronized (assetList) { + assetList.add(asset); + } + }); + return assetList; + } else { + assetDetails.parallelStream().forEach( + assetDetail -> { + Map asset = new LinkedHashMap<>(); + asset.put(Constants.RESOURCEID, assetDetail.get(Constants.RESOURCEID)); + assetDetail.forEach((key, value) -> { + if (!fieldsToBeSkipped.contains(key)) { + asset.put(key, value); + } + }); + synchronized (assetList) { + assetList.add(asset); + } + }); + return assetList; + } + } +} diff --git a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/PacmanRedshiftRepository.java b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/PacmanRedshiftRepository.java index 37e9e8152..9799f2485 100644 --- a/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/PacmanRedshiftRepository.java +++ b/api/pacman-api-asset/src/main/java/com/tmobile/pacman/api/asset/repository/PacmanRedshiftRepository.java @@ -39,13 +39,13 @@ @Repository public class PacmanRedshiftRepository { - @Value("${redshift.url}") + @Value("${redshift.url:}") private String dbURL; - @Value("${redshift.userName}") + @Value("${redshift.userName:}") private String userName; - @Value("${redshift.password}") + @Value("${redshift.password:}") private String password; private static final Log LOGGER = LogFactory.getLog(PacmanRedshiftRepository.class); diff --git a/api/pacman-api-auth/pom.xml b/api/pacman-api-auth/pom.xml index 538baa34f..f1ebceb25 100644 --- a/api/pacman-api-auth/pom.xml +++ b/api/pacman-api-auth/pom.xml @@ -54,16 +54,6 @@ spring-cloud-starter-config - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix - - - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix-dashboard - - org.springframework.boot spring-boot-starter-data-jpa diff --git a/api/pacman-api-auth/src/main/java/com/tmobile/pacman/api/auth/controller/AuthController.java b/api/pacman-api-auth/src/main/java/com/tmobile/pacman/api/auth/controller/AuthController.java index 96c2e9d2e..777318b63 100644 --- a/api/pacman-api-auth/src/main/java/com/tmobile/pacman/api/auth/controller/AuthController.java +++ b/api/pacman-api-auth/src/main/java/com/tmobile/pacman/api/auth/controller/AuthController.java @@ -30,7 +30,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.collect.Maps; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.auth.domain.TokenDetails; import com.tmobile.pacman.api.auth.domain.UserLoginCredentials; import com.tmobile.pacman.api.auth.services.ApiService; @@ -90,7 +89,6 @@ public ResponseEntity refresh(@ApiParam(value = "Provide valid refresh_t @ApiOperation(httpMethod = "POST", value = "Login to Auth Server", response = Map.class, produces = MediaType.APPLICATION_JSON_VALUE) @RequestMapping(value = "/user/login", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) - @HystrixCommand public Map login(@ApiParam(value = "provide valid username and password details", required = true) @RequestBody final UserLoginCredentials credentials) { Map response = apiService.login(credentials); if (response != null) { @@ -102,14 +100,12 @@ public Map login(@ApiParam(value = "provide valid username and p @ApiOperation(httpMethod = "GET", value = "Logout User from Auth Server") @RequestMapping(value = "/user/logout-session", method = RequestMethod.GET) - @HystrixCommand public void logout(@AuthenticationPrincipal Principal principal) { apiService.logout(principal); } @ApiOperation(httpMethod = "GET", value = "Get User Details") @RequestMapping(value = "/user", method = RequestMethod.GET) - @HystrixCommand public Principal user(@AuthenticationPrincipal Principal user) { return user; } diff --git a/api/pacman-api-compliance/pom.xml b/api/pacman-api-compliance/pom.xml index c9df0e5d6..80786d6ae 100644 --- a/api/pacman-api-compliance/pom.xml +++ b/api/pacman-api-compliance/pom.xml @@ -195,16 +195,6 @@ 1.11.264 - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix - - - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix-dashboard - - org.powermock powermock-api-mockito diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/ComplianceApplication.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/ComplianceApplication.java index 6cc2ddab5..36d8cc4fe 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/ComplianceApplication.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/ComplianceApplication.java @@ -34,8 +34,6 @@ @EnableFeignClients @Configuration @EnableCaching -/*@EnableHystrix -@EnableHystrixDashboard*/ @ComponentScan(basePackages = "com.tmobile.pacman") public class ComplianceApplication implements WebMvcConfigurer { diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/AssetGroupController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/AssetGroupController.java index a73230afc..803266da0 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/AssetGroupController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/AssetGroupController.java @@ -28,7 +28,6 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.compliance.service.AssetGroupService; /** @@ -47,7 +46,7 @@ public class AssetGroupController { * @return the all asset group apis */ @RequestMapping(path = "/v1/get-all-asset-group-apis", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity>> getAllAssetGroupApis() { try { List> assetGroupDetails = assetGroupService diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/CertificateController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/CertificateController.java index 3c5eca522..e4b9e6784 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/CertificateController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/CertificateController.java @@ -33,7 +33,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -63,7 +62,7 @@ public class CertificateController implements Constants { * @throws ServiceException the service exception */ @RequestMapping(path = "/v1/certificates/expirybyapplication", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getCerticatesExpiryByApplication( @RequestParam(name = "ag", required = true) String assetGroup) throws ServiceException { @@ -91,7 +90,7 @@ public ResponseEntity getCerticatesExpiryByApplication( * @return the certificates details */ @RequestMapping(path = "/v1/certificates/detail", method = RequestMethod.POST) - @HystrixCommand + public ResponseEntity getCertificatesDetails( @RequestBody(required = true) Request request) { @@ -158,7 +157,7 @@ public ResponseEntity getCertificatesDetails( * @throws ServiceException the service exception */ @RequestMapping(path = "/v1/certificates/summary", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getCertificatesSummary( @RequestParam(name = "ag", required = true) String assetGroup) throws ServiceException { diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ComplianceController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ComplianceController.java index 943953f01..f3baa0f66 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ComplianceController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ComplianceController.java @@ -15,17 +15,10 @@ ******************************************************************************/ package com.tmobile.pacman.api.compliance.controller; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; - import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Calendar; -import java.util.Date; import java.util.HashMap; -import java.util.List; import java.util.Map; import java.util.TimeZone; @@ -42,7 +35,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -63,6 +55,11 @@ import com.tmobile.pacman.api.compliance.service.ComplianceService; import com.tmobile.pacman.api.compliance.service.VulnerabilityService; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; + /** * The Class ComplianceController. */ @@ -90,7 +87,7 @@ public class ComplianceController implements Constants { * @param request request body * @return issues */ - @HystrixCommand + @RequestMapping(path = "/v1/issues", method = RequestMethod.POST) @ResponseBody public ResponseEntity getIssues(@RequestBody(required = false) Request request) { @@ -123,7 +120,7 @@ public ResponseEntity getIssues(@RequestBody(required = false) Request r * @param ruleId the rule id * @return the issues count */ - @HystrixCommand + @RequestMapping(path = "/v1/issues/count", method = RequestMethod.GET) public ResponseEntity getIssuesCount(@RequestParam("ag") String assetGroup, @RequestParam("domain") String domain, @RequestParam(name = "ruleId", required = false) String ruleId) { @@ -150,7 +147,7 @@ public ResponseEntity getIssuesCount(@RequestParam("ag") String assetGro * @param domain the domain * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/issues/distribution", method = RequestMethod.GET) public ResponseEntity getDistribution(@RequestParam("ag") String assetGroup, @RequestParam(name = "domain", required = false) String domain) { @@ -178,7 +175,7 @@ public ResponseEntity getDistribution(@RequestParam("ag") String assetGr * @param targetType the target type * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/tagging", method = RequestMethod.GET) public ResponseEntity getTagging(@RequestParam("ag") String assetGroup, @RequestParam(name = "targettype", required = false) String targetType) { @@ -202,7 +199,7 @@ public ResponseEntity getTagging(@RequestParam("ag") String assetGroup, * @return ResponseEntity */ // @Cacheable("trends") - @HystrixCommand + @RequestMapping(path = "/v1/vulnerabilites", method = RequestMethod.GET) public ResponseEntity getVulnerabilities(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { @@ -232,7 +229,7 @@ public ResponseEntity getVulnerabilities(@RequestParam("ag") String asse * @param assetGroup name of the asset group * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/certificates", method = RequestMethod.GET) public ResponseEntity getCertificates(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { @@ -254,7 +251,7 @@ public ResponseEntity getCertificates(@RequestParam("ag") String assetGr * @param assetGroup name of the asset group * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/patching", method = RequestMethod.GET) public ResponseEntity getPatching(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { @@ -282,7 +279,7 @@ public ResponseEntity getPatching(@RequestParam("ag") String assetGroup) * @param targetType the target type * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/recommendations", method = RequestMethod.GET) public ResponseEntity getRecommendations(@RequestParam("ag") String assetGroup, @RequestParam(name = "targettype", required = false) String targetType) { @@ -309,7 +306,7 @@ public ResponseEntity getRecommendations(@RequestParam("ag") String asse * @param request the request * @return the issue audit */ - @HystrixCommand + @RequestMapping(path = "/v1/issueauditlog", method = RequestMethod.POST) public ResponseEntity getIssueAudit(@RequestBody IssueAuditLogRequest request) { String issueId = request.getIssueId(); @@ -338,7 +335,7 @@ public ResponseEntity getIssueAudit(@RequestBody IssueAuditLogRequest re * @param resourceId the resource id * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/resourcedetails", method = RequestMethod.GET) public ResponseEntity getResourceDetails(@RequestParam("ag") String assetGroup, @RequestParam("resourceId") String resourceId) { @@ -365,7 +362,7 @@ public ResponseEntity getResourceDetails(@RequestParam("ag") String asse @ApiOperation(httpMethod = "PUT", value = "Close Issues by Rule Details") @RequestMapping(path = "/v1/issues/close-by-rule-id", method = RequestMethod.PUT) @ResponseBody - @HystrixCommand + public ResponseEntity closeIssues( @ApiParam(value = "Provide valid Rule Details ", required = true) @RequestBody(required = true) RuleDetails ruleDetails) { Map response = complianceService.closeIssuesByRule(ruleDetails); @@ -390,7 +387,7 @@ public ResponseEntity closeIssues( @ApiResponse(code = 401, message = "You are not authorized to Add Issue Exception"), @ApiResponse(code = 403, message = "Add Issue Exception is forbidden") }) @ResponseBody - @HystrixCommand + public ResponseEntity addIssueException( @ApiParam(value = "Provide Issue Exception Details", required = true) @RequestBody(required = true) IssueResponse issueException) { try { @@ -417,7 +414,7 @@ public ResponseEntity addIssueException( @ApiResponse(code = 401, message = "You are not authorized to Revoke Issue Exception"), @ApiResponse(code = 403, message = "Revoke IssueException is forbidden") }) @ResponseBody - @HystrixCommand + public ResponseEntity revokeIssueException( @ApiParam(value = "Provide Issue Id", required = true) @RequestParam(required = true) String issueId) { try { @@ -444,7 +441,7 @@ public ResponseEntity revokeIssueException( // @Cacheable(cacheNames="compliance",unless="#result.status==200") // commenting to performance after refacoting // @Cacheable(cacheNames="compliance",key="#request.key") - @HystrixCommand + public ResponseEntity getNonCompliancePolicyByRule(@RequestBody(required = false) Request request) { String assetGroup = request.getAg(); @@ -478,7 +475,7 @@ public ResponseEntity getNonCompliancePolicyByRule(@RequestBody(required @RequestMapping(path = "/v1/policydetailsbyapplication", method = RequestMethod.GET) // @Cacheable(cacheNames="compliance",unless="#result.status==200") - @HystrixCommand + public ResponseEntity getPolicydetailsbyApplication(@RequestParam("ag") String assetGroup, @RequestParam("ruleId") String ruleId, @RequestParam(name = "searchText", required = false) String searchText) { @@ -510,7 +507,7 @@ public ResponseEntity getPolicydetailsbyApplication(@RequestParam("ag") */ @RequestMapping(path = "/v1/policydetailsbyenvironment", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getpolicydetailsbyEnvironment(@RequestParam("ag") String assetGroup, @RequestParam("application") String application, @RequestParam("ruleId") String ruleId, @RequestParam(name = "searchText", required = false) String searchText) { @@ -537,7 +534,7 @@ public ResponseEntity getpolicydetailsbyEnvironment(@RequestParam("ag") */ @RequestMapping(path = "/v1/policydescription", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getPolicyDescription(@RequestParam("ruleId") String ruleId) { if (Strings.isNullOrEmpty(ruleId)) { @@ -561,7 +558,7 @@ public ResponseEntity getPolicyDescription(@RequestParam("ruleId") Strin * @return ResponseEntity */ @RequestMapping(path = "/v1/kernelcompliancebyinstanceid", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getKernelComplianceByInstanceId(@RequestParam("instanceId") String instanceId) { if (Strings.isNullOrEmpty(instanceId)) { @@ -588,7 +585,7 @@ public ResponseEntity getKernelComplianceByInstanceId(@RequestParam("ins @ApiOperation(httpMethod = "PUT", value = "Update Kernel Version by InstanceId") @RequestMapping(path = "/v1/update-kernel-version", method = RequestMethod.PUT) @ResponseBody - @HystrixCommand + public ResponseEntity updateKernelVersion( @ApiParam(value = "Provide valid Rule Details ", required = true) @RequestBody(required = true) KernelVersion kernelVersion) { Map response = complianceService.updateKernelVersion(kernelVersion); @@ -604,7 +601,7 @@ public ResponseEntity updateKernelVersion( * @return ResponseEntity . */ @RequestMapping(path = "/v1/overallcompliance", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getOverallCompliance(@RequestParam("ag") String assetGroup, @RequestParam(name = "domain") String domain) { if (Strings.isNullOrEmpty(assetGroup) || Strings.isNullOrEmpty(domain)) { @@ -629,7 +626,7 @@ public ResponseEntity getOverallCompliance(@RequestParam("ag") String as */ @RequestMapping(path = "/v1/targetType", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getTargetType(@RequestParam("ag") String assetgroup, @RequestParam(name = "domain", required = false) String domain) { @@ -696,7 +693,7 @@ public ResponseEntity getCurrentKernelVersions() { @ApiResponse(code = 401, message = "You are not authorized to Add Issue Exception"), @ApiResponse(code = 403, message = "Add Issue Exception is forbidden") }) @ResponseBody - @HystrixCommand + public ResponseEntity addIssuesException( @ApiParam(value = "Provide Issue Exception Details", required = true) @RequestBody(required = true) IssuesException issuesException) { try { @@ -738,7 +735,7 @@ public ResponseEntity addIssuesException( @ApiResponse(code = 401, message = "You are not authorized to Revoke Issue Exception"), @ApiResponse(code = 403, message = "Revoke IssueException is forbidden") }) @ResponseBody - @HystrixCommand + public ResponseEntity revokeIssuesException( @ApiParam(value = "Provide Issue Id", required = true) @RequestBody(required = true) RevokeIssuesException revokeIssuesException) { try { diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/DownloadController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/DownloadController.java index 59bd0b9f7..eddb772f6 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/DownloadController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/DownloadController.java @@ -15,9 +15,6 @@ ******************************************************************************/ package com.tmobile.pacman.api.compliance.controller; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; - import java.util.HashMap; import java.util.List; import java.util.Map; @@ -35,7 +32,6 @@ import org.springframework.http.ResponseEntity; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; @@ -48,9 +44,7 @@ import com.google.gson.JsonArray; import com.google.gson.JsonObject; import com.google.gson.JsonParser; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; -import com.tmobile.pacman.api.compliance.util.PacHttpUtils; import com.tmobile.pacman.api.commons.utils.ResponseUtils; import com.tmobile.pacman.api.compliance.domain.Request; import com.tmobile.pacman.api.compliance.repository.DownloadRepository; @@ -59,6 +53,10 @@ import com.tmobile.pacman.api.compliance.service.DownloadFileService; import com.tmobile.pacman.api.compliance.service.PatchingService; import com.tmobile.pacman.api.compliance.service.TaggingService; +import com.tmobile.pacman.api.compliance.util.PacHttpUtils; + +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; /** * The Class DownloadController. @@ -134,7 +132,7 @@ public class DownloadController implements Constants { * the exception */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Download Service Details in CSV or Excel") @RequestMapping(path = "/v1/download/services", method = RequestMethod.POST, produces = { MediaType.APPLICATION_JSON_VALUE }) public ResponseEntity getIssuesDownload(final HttpServletRequest servletRequest, @@ -199,7 +197,7 @@ public ResponseEntity getIssuesDownload(final HttpServletRequest servlet * the json * @return the service details */ - @HystrixCommand + private JsonArray getServiceDetails(String json) { JsonParser jsonParser; JsonObject dataJson = null; diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FAQSController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FAQSController.java index 17591bfac..b349a9e24 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FAQSController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FAQSController.java @@ -33,7 +33,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; import com.tmobile.pacman.api.compliance.domain.ResponseDTO; @@ -63,7 +62,7 @@ public class FAQSController { * @param domainId the domain id * @return FAQ Details */ - @HystrixCommand + @RequestMapping(path = "/v1/faqs", method = RequestMethod.GET) public ResponseEntity getFAQSByWidget( @RequestParam("widgetId") String widgetId, diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FilterController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FilterController.java index 36b8c5ad5..654970c87 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FilterController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/FilterController.java @@ -15,8 +15,6 @@ ******************************************************************************/ package com.tmobile.pacman.api.compliance.controller; -import io.swagger.annotations.ApiParam; - import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.security.access.prepost.PreAuthorize; @@ -27,7 +25,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -35,6 +32,8 @@ import com.tmobile.pacman.api.compliance.service.ComplianceService; import com.tmobile.pacman.api.compliance.service.FilterService; +import io.swagger.annotations.ApiParam; + /** * The Class FilterController. */ @@ -59,7 +58,7 @@ public class FilterController implements Constants { * @param domain the domain * @return ResponseEntity. */ - @HystrixCommand + @RequestMapping(path = "/v1/filters", method = RequestMethod.GET) public ResponseEntity getFilters( @ApiParam(value = "Provide filter 1-issue,2-vulnerability,3-asset,4-compliance", required = false) @RequestParam("filterId") int filterId, @@ -83,7 +82,7 @@ public ResponseEntity getFilters( * @param domain the domain * @return ResponseEntity. */ - @HystrixCommand + @RequestMapping(path = "/v1/filters/policies", method = RequestMethod.GET) public ResponseEntity getPolicies(@RequestParam("ag") String assetGroup, @RequestParam("domain") String domain) { @@ -105,7 +104,7 @@ public ResponseEntity getPolicies(@RequestParam("ag") String assetGroup, * @param assetGroup the asset group * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/filters/regions", method = RequestMethod.GET) public ResponseEntity getRegions(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { @@ -126,7 +125,7 @@ public ResponseEntity getRegions(@RequestParam("ag") String assetGroup) * @param assetGroup the asset group * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/filters/accounts", method = RequestMethod.GET) public ResponseEntity getAccounts(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { @@ -148,7 +147,7 @@ public ResponseEntity getAccounts(@RequestParam("ag") String assetGroup) * @param domain the domain * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/filters/rules", method = RequestMethod.GET) public ResponseEntity getRules(@RequestParam("ag") String assetGroup, @RequestParam("domain") String domain) { if (Strings.isNullOrEmpty(assetGroup)) { @@ -171,7 +170,7 @@ public ResponseEntity getRules(@RequestParam("ag") String assetGroup, @R * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/filters/application", method = RequestMethod.GET) public ResponseEntity getListOfApplications(@RequestParam(name = "ag", required = true) String assetGroup, @RequestParam(name = "domain", required = false) String domain) { @@ -198,7 +197,7 @@ public ResponseEntity getListOfApplications(@RequestParam(name = "ag", r * @param domain the domain * @return the list of environments */ - @HystrixCommand + @RequestMapping(path = "/v1/filters/environment", method = RequestMethod.GET) public ResponseEntity getListOfEnvironments(@RequestParam(name = "ag", required = true) String assetGroup, @RequestParam(name = "application", required = false) String application, @@ -225,7 +224,7 @@ public ResponseEntity getListOfEnvironments(@RequestParam(name = "ag", r * @return ResponseEntity */ - @HystrixCommand + @GetMapping(value = "/v1/filters/targettype") public ResponseEntity getListOfTargetTypes(@RequestParam(name = "ag", required = true) String assetGroup, @RequestParam(name = "domain", required = false) String domain) { diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PatchingController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PatchingController.java index 8b344e0de..4fbba4112 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PatchingController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PatchingController.java @@ -33,7 +33,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -70,7 +69,7 @@ public class PatchingController implements Constants { * @param assetGroup name of the asset group * @return ResponseEntity list of non compliant number */ - @HystrixCommand + @RequestMapping(path = "/v1/patching/topnoncompliantapps", method = RequestMethod.GET) public ResponseEntity getTopNonCompliantApps(@RequestParam(name = "ag", required = true) String assetGroup) { ResponseData response = null; @@ -88,7 +87,7 @@ public ResponseEntity getTopNonCompliantApps(@RequestParam(name = "ag", * @param assetGroup name of the asset group * @return ResponseEntity list of top non compliant */ - @HystrixCommand + @RequestMapping(path = "/v1/patching/topnoncompliantexecs", method = RequestMethod.GET) public ResponseEntity getTopNonCompliantExecs(@RequestParam(name = "ag", required = true) String assetGroup) { ResponseData response = null; @@ -107,7 +106,7 @@ public ResponseEntity getTopNonCompliantExecs(@RequestParam(name = "ag", * @param request the request * @return ResponseEntity list of patching details */ - @HystrixCommand + @RequestMapping(path = "/v1/patching/detail", method = RequestMethod.POST) public ResponseEntity getPatchingDetails(@RequestBody(required = true) Request request) { @@ -171,7 +170,7 @@ public ResponseEntity getPatchingDetails(@RequestBody(required = true) R * @param request the request * @return ResponseEntity list of patching progress */ - @HystrixCommand + @RequestMapping(path = "/v1/patching/progress", method = RequestMethod.POST) public ResponseEntity getPatchingProgress(@RequestBody(required = true) PatchingRequest request) { @@ -217,7 +216,7 @@ public ResponseEntity getPatchingProgress(@RequestBody(required = true) * @param assetGroup name of the asset group * @return ResponseEntity list of quarters with patching data */ - @HystrixCommand + @RequestMapping(path = "/v1/patching/quarters", method = RequestMethod.POST) public ResponseEntity getQuartersWithPatchingData(String assetGroup) { Map response = new HashMap<>(); @@ -237,7 +236,7 @@ public ResponseEntity getQuartersWithPatchingData(String assetGroup) { * @param ag name of the asset group * @return ResponseEntity rating info */ - @HystrixCommand + @RequestMapping(path = "/v1/patching/rating", method = RequestMethod.GET) public ResponseEntity getPatchingDataForAgForQuarter(String ag, int quarter, int year) { Map response = new HashMap<>(); diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PolicyAssetController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PolicyAssetController.java index 88a12a188..731de1690 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PolicyAssetController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/PolicyAssetController.java @@ -32,7 +32,6 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.utils.CommonUtils; import com.tmobile.pacman.api.commons.utils.ResponseUtils; import com.tmobile.pacman.api.compliance.domain.PolicyScanInfo; @@ -69,7 +68,7 @@ public class PolicyAssetController { @SuppressWarnings("unchecked") @GetMapping(path = "/v1/policyevaluations/{assetGroup}/{resourceType}/{resourceId}") @ResponseBody - @HystrixCommand + public ResponseEntity getPolicyViolations( @PathVariable("resourceId") String resourceId, @PathVariable("assetGroup") String ag, @@ -137,7 +136,7 @@ public ResponseEntity getPolicyViolations( */ @GetMapping(path = "/v1/policyviolations/summary/{assetGroup}/{resourceType}/{resourceId}") @ResponseBody - @HystrixCommand + public ResponseEntity getPolicyViolationSummary( @PathVariable("resourceId") String resourceId, @PathVariable("assetGroup") String ag, diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ProjectionController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ProjectionController.java index 944e9ab3f..e2edbcdd0 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ProjectionController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/ProjectionController.java @@ -15,8 +15,6 @@ ******************************************************************************/ package com.tmobile.pacman.api.compliance.controller; -import io.swagger.annotations.ApiOperation; - import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -31,7 +29,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -41,6 +38,8 @@ import com.tmobile.pacman.api.compliance.domain.Request; import com.tmobile.pacman.api.compliance.service.ProjectionService; +import io.swagger.annotations.ApiOperation; + /** * The Class ProjectionController. */ @@ -66,7 +65,7 @@ public class ProjectionController implements Constants { * @param quarter the quarter * @return the projection data */ - @HystrixCommand + @RequestMapping(path = "/v1/getprojection", method = RequestMethod.GET) public ResponseEntity getProjectionData( @RequestParam(name = "targettype", required = true) String targetType, @@ -104,7 +103,7 @@ public ResponseEntity getProjectionData( * @return the response entity * @throws ServiceException the service exception */ - @HystrixCommand + @ApiOperation(httpMethod = "POST", value = "Save or Update Projection Details") @PostMapping(value = "/v1/updateprojection") public ResponseEntity updateProjectionData(@RequestBody ProjectionRequest projectionRequest) @@ -142,7 +141,7 @@ public ResponseEntity updateProjectionData(@RequestBody ProjectionReques * @param assetGroup the asset group * @return the patching and projection progress */ - @HystrixCommand + @RequestMapping(path = "/v1/getPatchingAndProjectionProgress", method = RequestMethod.GET) public ResponseEntity getPatchingAndProjectionProgress( @RequestParam(name = "ag", required = true) String assetGroup) { @@ -170,7 +169,7 @@ public ResponseEntity getPatchingAndProjectionProgress( * @param request the request * @return the response entity */ - @HystrixCommand + @RequestMapping(path = "/v1/getPatchingProgressByDirector", method = RequestMethod.POST) public ResponseEntity patchingProgressByDirector(@RequestBody(required = false) Request request) { String assetGroup = request.getAg(); @@ -194,7 +193,7 @@ public ResponseEntity patchingProgressByDirector(@RequestBody(required = * @param request the request * @return the response entity */ - @HystrixCommand + @RequestMapping(path = "/v1/getPatchingProgressByExecutiveSponsor", method = RequestMethod.POST) public ResponseEntity patchingProgressByExecutiveSponser(@RequestBody(required = false) Request request) { String assetGroup = request.getAg(); diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RecommendedActionController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RecommendedActionController.java index e0c5bf38b..878dd0281 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RecommendedActionController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RecommendedActionController.java @@ -43,7 +43,6 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.utils.ResponseUtils; import com.tmobile.pacman.api.compliance.service.RecommendedActionService; @@ -73,7 +72,7 @@ public class RecommendedActionController { * @param dataSource the data source * @return the trend for issues */ - @HystrixCommand + @ApiOperation(value = "get the list of recommended actions for datasource and targetType", response = Iterable.class) @RequestMapping(path = "/v1/recommendations/actions", method = RequestMethod.GET) public ResponseEntity getTrendForIssues( diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RuleEngineController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RuleEngineController.java index a5a106b9f..f2482fecd 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RuleEngineController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/RuleEngineController.java @@ -39,7 +39,6 @@ import com.google.common.collect.Lists; import com.google.common.collect.Maps; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.utils.ResponseUtils; import com.tmobile.pacman.api.compliance.service.RuleEngineService; @@ -70,7 +69,7 @@ public class RuleEngineController { @ApiOperation(httpMethod = "POST", value = "Invoke PacMan Rule") @RequestMapping(path = "/v1/invoke-rule", method = RequestMethod.POST) @ResponseBody - @HystrixCommand + public ResponseEntity runRule( @ApiParam(value = "Provide valid Rule Id", required = true) @RequestParam("ruleId") String ruleId, @ApiParam(value = "Provide valid Rule Runtime Parameters") @RequestBody Map runTimeParams) { @@ -93,7 +92,7 @@ public ResponseEntity runRule( @ApiOperation(httpMethod = "GET", value = "Get Last Action") @RequestMapping(path = "/v1/get-last-action", method = RequestMethod.GET) @ResponseBody - @HystrixCommand + public ResponseEntity getLastAction( @ApiParam(value = "Provide valid Resource Id", required = true) @RequestParam("resourceId") String resourceId) { try { @@ -130,7 +129,7 @@ private Map buildErrorResponse() { @ApiOperation(httpMethod = "POST", value = "Post new Resource Action") @RequestMapping(path = "/v1/post-action", method = RequestMethod.POST) @ResponseBody - @HystrixCommand + public ResponseEntity postAction( @ApiParam(value = "Provide valid Resource Id", required = true) @RequestParam("resourceId") String resourceId, @ApiParam(value = "Provide a valid Action", required = true) @RequestParam("action") String action) { diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TaggingController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TaggingController.java index 338d42d16..d8a5fa2d7 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TaggingController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TaggingController.java @@ -33,7 +33,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.ResponseUtils; @@ -70,7 +69,7 @@ public class TaggingController implements Constants { @RequestMapping(path = "/v1/tagging/summarybyapplication", method = RequestMethod.POST) @ResponseBody - @HystrixCommand + public ResponseEntity getUntaggedAssetsByApp(@RequestBody(required = false) Request request) { String assetGroup = request.getAg(); if (Strings.isNullOrEmpty(assetGroup)) { @@ -95,7 +94,7 @@ public ResponseEntity getUntaggedAssetsByApp(@RequestBody(required = fal * the asset group * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/tagging/compliance", method = RequestMethod.GET) public ResponseEntity taggingSummary(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { @@ -125,7 +124,7 @@ public ResponseEntity taggingSummary(@RequestParam("ag") String assetGro * the request * @return ResponseEntity . */ - @HystrixCommand + @RequestMapping(path = "/v1/tagging/summarybytargettype", method = RequestMethod.POST) @ResponseBody public ResponseEntity untaggingByTargetTypes(@RequestBody UntaggedTargetTypeRequest request) { @@ -157,7 +156,7 @@ public ResponseEntity untaggingByTargetTypes(@RequestBody UntaggedTarget * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/tagging/taggingByApplication", method = RequestMethod.GET) public ResponseEntity taggingByApplication(@RequestParam("ag") String assetGroup, @RequestParam(name = "targetType", required = false) String targetType) { diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TrendController.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TrendController.java index f933efac2..ed5012ee6 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TrendController.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/controller/TrendController.java @@ -15,10 +15,6 @@ ******************************************************************************/ package com.tmobile.pacman.api.compliance.controller; -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; - import java.time.Instant; import java.time.LocalDate; import java.time.ZoneId; @@ -45,7 +41,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.exception.ServiceException; import com.tmobile.pacman.api.commons.utils.CommonUtils; @@ -55,6 +50,10 @@ import com.tmobile.pacman.api.compliance.domain.RuleTrendRequest; import com.tmobile.pacman.api.compliance.service.IssueTrendService; +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; + /** * The Class TrendController. */ @@ -80,7 +79,7 @@ public class TrendController implements Constants { @ApiResponse(code = 403, message = "Accessing the resource you were trying to reach is forbidden"), @ApiResponse(code = 404, message = "The resource you were trying to reach is not found"), @ApiResponse(code = 417, message = "Expectation Failed") }) - @HystrixCommand + @ApiOperation(value = "view the issue trends over the period of last 3 months", response = Iterable.class) @RequestMapping(path = "/v1/trend", method = RequestMethod.GET) public String getTrend() { @@ -120,7 +119,7 @@ public String getTrend() { @ApiResponse(code = 403, message = "Accessing the resource you were trying to reach is forbidden"), @ApiResponse(code = 404, message = "The resource you were trying to reach is not found"), @ApiResponse(code = 417, message = "Expectation Failed") }) - @HystrixCommand + @ApiOperation(value = "view the issue trends over the period of last 3 months", response = Iterable.class) // @Cacheable(cacheNames="trends",unless="#result.status==200") @Cacheable(cacheNames = "trends", key = "T(java.util.Objects).hash(#p0,#p1, #p2, #p3, #p4, #p5, #p6, #p7)") @@ -159,7 +158,7 @@ public ResponseEntity getTrendForIssues(@RequestParam("ag") String asset * * @return the trend from cache */ - @HystrixCommand + public String getTrendFromCache() { return "{\"message\":\"retrieving from cache..! when I will implement caching it will get picked up :-)))\"}"; } @@ -179,7 +178,7 @@ public String getTrendFromCache() { * the rule id * @return ResponseEntity */ - @HystrixCommand + public ResponseEntity getTrendFromCache(String assetGroup, String fromDate, String toDate, String severity, String ruleId) { return ResponseUtils.buildFailureResponse(new ServiceException( @@ -199,7 +198,7 @@ public ResponseEntity getTrendFromCache(String assetGroup, String fromDa */ @RequestMapping(path = "/v1/trend/compliance", method = RequestMethod.POST) - @HystrixCommand + public ResponseEntity getCompliantTrend(@RequestBody(required = true) CompliantTrendRequest request) { Map response = new HashMap<>(); String assetGroup = request.getAg(); @@ -243,7 +242,7 @@ public ResponseEntity getCompliantTrend(@RequestBody(required = true) Co * the request * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/trend/compliancebyrule", method = RequestMethod.POST) public ResponseEntity getRuleTrend(@RequestBody(required = true) RuleTrendRequest request) { @@ -290,7 +289,7 @@ public ResponseEntity getRuleTrend(@RequestBody(required = true) RuleTre * the request * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/trend/compliance/vulnerabilities", method = RequestMethod.POST) public ResponseEntity getVulnTrend(@RequestBody(required = true) CompliantTrendRequest request) { @@ -336,7 +335,7 @@ public ResponseEntity getVulnTrend(@RequestBody(required = true) Complia * the request * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/trend/compliance/certificates", method = RequestMethod.POST) public ResponseEntity getCertTrend(@RequestBody(required = true) CompliantTrendRequest request) { @@ -382,7 +381,7 @@ public ResponseEntity getCertTrend(@RequestBody(required = true) Complia * the request * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/trend/compliance/tagging", method = RequestMethod.POST) public ResponseEntity getTagTrend(@RequestBody(required = true) CompliantTrendRequest request) { @@ -428,7 +427,7 @@ public ResponseEntity getTagTrend(@RequestBody(required = true) Complian * @return ResponseEntity */ - @HystrixCommand + @RequestMapping(path = "/v1/trend/issues", method = RequestMethod.POST) public ResponseEntity getTrendIssues(@RequestBody(required = true) CompliantTrendRequest request) { Map response = new HashMap<>(); diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/repository/TaggingRepositoryImpl.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/repository/TaggingRepositoryImpl.java index a5a7a16a5..7296e35a8 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/repository/TaggingRepositoryImpl.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/repository/TaggingRepositoryImpl.java @@ -1,272 +1,275 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.pacman.api.compliance.repository; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.annotation.PostConstruct; - -import org.apache.commons.lang.StringUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Repository; - -import com.google.common.base.Strings; -import com.google.common.collect.HashMultimap; -import com.google.gson.JsonArray; -import com.google.gson.JsonObject; -import com.google.gson.JsonParser; -import com.tmobile.pacman.api.commons.Constants; -import com.tmobile.pacman.api.commons.exception.DataException; -import com.tmobile.pacman.api.commons.repo.ElasticSearchRepository; -import com.tmobile.pacman.api.commons.repo.PacmanRdsRepository; -import com.tmobile.pacman.api.commons.utils.CommonUtils; -import com.tmobile.pacman.api.commons.utils.PacHttpUtils; -import com.tmobile.pacman.api.compliance.client.AssetServiceClient; -import com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest; -import com.tmobile.pacman.api.compliance.service.ComplianceService; - -/** - * The Class TaggingRepositoryImpl. - */ -@Repository -public class TaggingRepositoryImpl implements TaggingRepository, Constants { - - /** The logger. */ - protected final Log logger = LogFactory.getLog(getClass()); - - /** The elastic search repository. */ - @Autowired - private ElasticSearchRepository elasticSearchRepository; - - /** The rdsepository. */ - @Autowired - private PacmanRdsRepository rdsepository; - - /** The asset service client. */ - @Autowired - private AssetServiceClient assetServiceClient; - - /** The compliance service client. */ - @Autowired - private ComplianceService complianceServiceClient; - - /** The complaince repository. */ - @Autowired - private ComplianceRepository complainceRepository; - - /** The mandatory tags. */ - @Value("${tagging.mandatoryTags}") - private String mandatoryTags; - - /** The es host. */ - @Value("${elastic-search.host}") - private String esHost; - - /** The es port. */ - @Value("${elastic-search.port}") - private int esPort; - - /** The Constant PROTOCOL. */ - static final String PROTOCOL = "http"; - - /** The es url. */ - private String esUrl; - - /** The page size. */ - private Integer pageSize = TEN_THOUSAND; - - /** - * Inits the. - */ - @PostConstruct - void init() { - esUrl = PROTOCOL + "://" + esHost + ":" + esPort; - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getUntaggedIssuesByapplicationFromES(java.lang.String, java.lang.String, java.lang.String, int, int) - */ - public JsonArray getUntaggedIssuesByapplicationFromES(String assetGroup, - String mandatoryTags, String searchText, int from, int size) - throws DataException { - List mandatoryTagsList = Arrays - .asList(mandatoryTags.split(",")); - String responseJson = null; - JsonParser jsonParser; - JsonObject resultJson; - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/") - .append(assetGroup).append("/").append(SEARCH); - StringBuilder requestBody = new StringBuilder( - "{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"term\":{\"type.keyword\":{\"value\":\"issue\"}}},{\"term\":{\"policyId.keyword\":{\"value\":\"PacMan_TaggingRule_version-1\"}}}"); - if (!Strings.isNullOrEmpty(searchText)) { - requestBody.append("," + "{\"match_phrase_prefix\":{\"_all\":\"" - + searchText + "\"" + "}}"); - } - - requestBody - .append("],\"should\":[{\"term\":{\"issueStatus.keyword\":{\"value\":\"open\"}}}],\"minimum_should_match\":1}},\"aggs\":{\"apps\":{\"terms\":{\"field\":\"tags.Application.keyword\",\"size\":" - + pageSize - + "},\"aggs\":{\"tags\":{\"filters\":{\"filters\":{"); - - for (String tags : mandatoryTagsList) { - if (!"Application".equalsIgnoreCase(tags)) { - requestBody.append("\"" + tags + "\"" - + ":{\"bool\":{\"must\":[{\"match\":{\"missingTags\":" - + "\"" + tags + "\"" + "}}]}},"); - - } - } - requestBody.setLength(requestBody.length() - 1); - requestBody.append("}}}}}}}"); - try{ - responseJson = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), - requestBody.toString()); - } catch (Exception e) { - throw new DataException(e); - } - jsonParser = new JsonParser(); - resultJson = (JsonObject) jsonParser.parse(responseJson); - JsonObject aggsJson = (JsonObject) jsonParser.parse(resultJson.get( - AGGREGATIONS).toString()); - return aggsJson.getAsJsonObject("apps").getAsJsonArray(BUCKETS); - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getRuleParamsFromDbByPolicyId(java.lang.String) - */ - public List> getRuleParamsFromDbByPolicyId( - String policyId) throws DataException { - String ruleIdQuery = "SELECT rule.ruleParams FROM cf_RuleInstance rule LEFT JOIN cf_Policy policy ON rule.policyId = policy.policyId WHERE rule.status = 'ENABLED' AND policy.policyId ='" - + policyId + "' GROUP BY rule.policyId"; - return rdsepository.getDataFromPacman(ruleIdQuery); - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getUntaggedIssues(java.lang.String, java.lang.String) - */ - public Long getUntaggedIssues(String assetGroup, String mandatoryTag) - throws DataException { - Map mustFilter = new HashMap<>(); - Map mustNotFilter = new HashMap<>(); - Map mustTermsFilter = new HashMap<>(); - HashMultimap shouldFilter = HashMultimap.create(); - Map> matchPhrasePrefix = new HashMap<>(); - List mandatoryTagsList = new ArrayList<>(); - if (mandatoryTag != null) { - mandatoryTagsList.add(mandatoryTag); - } - mustFilter.put(CommonUtils.convertAttributetoKeyword(TYPE), ISSUE); - mustFilter.put(CommonUtils.convertAttributetoKeyword(POLICYID), - TAGGIG_POLICY); - matchPhrasePrefix.put(MISSING_TAGS, mandatoryTagsList); - shouldFilter.put(CommonUtils.convertAttributetoKeyword(ISSUE_STATUS), - OPEN); - try{ - return elasticSearchRepository - .getTotalDistributionForIndexAndTypeWithMatchPhrase(assetGroup, - null, mustFilter, mustNotFilter, shouldFilter, null, - mustTermsFilter, matchPhrasePrefix); - } catch (Exception e) { - throw new DataException(e); - } - } - - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getRuleTargetTypesFromDbByPolicyId(java.lang.String) - */ - public List> getRuleTargetTypesFromDbByPolicyId( - String policyId) throws DataException { - String ruleIdQuery = "SELECT rule.targetType FROM cf_RuleInstance rule LEFT JOIN cf_Policy policy ON rule.policyId = policy.policyId WHERE rule.status = 'ENABLED' AND policy.policyId ='" - + policyId + "'"; - return rdsepository.getDataFromPacman(ruleIdQuery); - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getUntaggedTargetTypeIssues(com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest, java.util.List) - */ - public String getUntaggedTargetTypeIssues( - UntaggedTargetTypeRequest request, List tagsList) - throws DataException { - String assetGroup = request.getAg(); - StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/") - .append(assetGroup).append("/").append(SEARCH); - StringBuilder requestBody = null; - String body = "{\"query\":{\"bool\":{\"must\":[{\"term\":{\"type.keyword\":{\"value\":\"issue\"}}},{\"term\":{\"policyId.keyword\":{\"value\":\"" - + TAGGIG_POLICY - + "\"}}},{\"term\":{\"issueStatus.keyword\":{\"value\":\"open\"}}}]"; - - if (!tagsList.isEmpty()) { - body = body + ",\"should\":["; - /* filtering by tags */ - for (String tag : tagsList) { - body = body + "{\"match_phrase_prefix\":{\"missingTags\":\"" - + tag + "\"}},"; - } - body = body.substring(0, body.length() - 1); - body = body + "]"; - body = body + ",\"minimum_should_match\":1"; - } - body = body - + "}},\"aggs\":{\"NAME\":{\"terms\":{\"field\":\"targetType.keyword\",\"size\":1000}}}}"; - requestBody = new StringBuilder(body); - try{ return PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), - requestBody.toString()); - } catch (Exception e) { - logger.error(e.getMessage()); - throw new DataException(e); - } - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getTaggingByApplication(java.lang.String, java.lang.String) - */ - @Override - public String getTaggingByApplication(String ag, String targetType) - throws DataException { - StringBuilder requestBody = new StringBuilder(); - StringBuilder urlToQuery = new StringBuilder(esUrl).append("/").append( - ag); - if (!StringUtils.isEmpty(targetType)) { - urlToQuery.append("/").append(targetType); - urlToQuery.append("/").append(UNDERSCORE_COUNT); - requestBody - .append("{\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}],\"must_not\":[{\"exists\":{\"field\":\"tags.Application\"}}]}}}"); - } else { - urlToQuery.append("/").append(SEARCH); - requestBody - .append("{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}],\"must_not\":[{\"exists\":{\"field\":\"tags.Application\"}}]}},\"aggs\":{\"NAME\":{\"terms\":{\"field\":\"_entitytype.keyword\",\"size\":" - + TEN_THOUSAND + "}}}}"); - } - - String responseJson = ""; - try { - responseJson = PacHttpUtils.doHttpPost(urlToQuery.toString(), - requestBody.toString()); - } catch (Exception e) { - logger.error(e.getMessage()); - throw new DataException(e); - } - return responseJson; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.pacman.api.compliance.repository; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.annotation.PostConstruct; + +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Repository; + +import com.google.common.base.Strings; +import com.google.common.collect.HashMultimap; +import com.google.gson.JsonArray; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import com.tmobile.pacman.api.commons.Constants; +import com.tmobile.pacman.api.commons.exception.DataException; +import com.tmobile.pacman.api.commons.repo.ElasticSearchRepository; +import com.tmobile.pacman.api.commons.repo.PacmanRdsRepository; +import com.tmobile.pacman.api.commons.utils.CommonUtils; +import com.tmobile.pacman.api.commons.utils.PacHttpUtils; +import com.tmobile.pacman.api.compliance.client.AssetServiceClient; +import com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest; +import com.tmobile.pacman.api.compliance.service.ComplianceService; + +/** + * The Class TaggingRepositoryImpl. + */ +@Repository +public class TaggingRepositoryImpl implements TaggingRepository, Constants { + + /** The logger. */ + protected final Log logger = LogFactory.getLog(getClass()); + + /** The elastic search repository. */ + @Autowired + private ElasticSearchRepository elasticSearchRepository; + + /** The rdsepository. */ + @Autowired + private PacmanRdsRepository rdsepository; + + /** The asset service client. */ + @Autowired + private AssetServiceClient assetServiceClient; + + /** The compliance service client. */ + @Autowired + private ComplianceService complianceServiceClient; + + /** The complaince repository. */ + @Autowired + private ComplianceRepository complainceRepository; + + /** The mandatory tags. */ + @Value("${tagging.mandatoryTags}") + private String mandatoryTags; + + /** The es host. */ + @Value("${elastic-search.host}") + private String esHost; + + /** The es port. */ + @Value("${elastic-search.port}") + private int esPort; + + /** The Constant PROTOCOL. */ + static final String PROTOCOL = "http"; + + /** The es url. */ + private String esUrl; + + /** The page size. */ + private Integer pageSize = TEN_THOUSAND; + + /** + * Inits the. + */ + @PostConstruct + void init() { + esUrl = PROTOCOL + "://" + esHost + ":" + esPort; + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getUntaggedIssuesByapplicationFromES(java.lang.String, java.lang.String, java.lang.String, int, int) + */ + public JsonArray getUntaggedIssuesByapplicationFromES(String assetGroup, + String mandatoryTags, String searchText, int from, int size) + throws DataException { + List mandatoryTagsList = new ArrayList<>(); + if(!com.amazonaws.util.StringUtils.isNullOrEmpty(mandatoryTags)){ + mandatoryTagsList = Arrays + .asList(mandatoryTags.split(",")); + } + String responseJson = null; + JsonParser jsonParser; + JsonObject resultJson; + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/") + .append(assetGroup).append("/").append(SEARCH); + StringBuilder requestBody = new StringBuilder( + "{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"term\":{\"type.keyword\":{\"value\":\"issue\"}}},{\"term\":{\"policyId.keyword\":{\"value\":\"PacMan_TaggingRule_version-1\"}}}"); + if (!Strings.isNullOrEmpty(searchText)) { + requestBody.append("," + "{\"match_phrase_prefix\":{\"_all\":\"" + + searchText + "\"" + "}}"); + } + + requestBody + .append("],\"should\":[{\"term\":{\"issueStatus.keyword\":{\"value\":\"open\"}}}],\"minimum_should_match\":1}},\"aggs\":{\"apps\":{\"terms\":{\"field\":\"tags.Application.keyword\",\"size\":" + + pageSize + + "},\"aggs\":{\"tags\":{\"filters\":{\"filters\":{"); + + for (String tags : mandatoryTagsList) { + if (!"Application".equalsIgnoreCase(tags)) { + requestBody.append("\"" + tags + "\"" + + ":{\"bool\":{\"must\":[{\"match\":{\"missingTags\":" + + "\"" + tags + "\"" + "}}]}},"); + + } + } + requestBody.setLength(requestBody.length() - 1); + requestBody.append("}}}}}}}"); + try{ + responseJson = PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), + requestBody.toString()); + } catch (Exception e) { + throw new DataException(e); + } + jsonParser = new JsonParser(); + resultJson = (JsonObject) jsonParser.parse(responseJson); + JsonObject aggsJson = (JsonObject) jsonParser.parse(resultJson.get( + AGGREGATIONS).toString()); + return aggsJson.getAsJsonObject("apps").getAsJsonArray(BUCKETS); + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getRuleParamsFromDbByPolicyId(java.lang.String) + */ + public List> getRuleParamsFromDbByPolicyId( + String policyId) throws DataException { + String ruleIdQuery = "SELECT rule.ruleParams FROM cf_RuleInstance rule LEFT JOIN cf_Policy policy ON rule.policyId = policy.policyId WHERE rule.status = 'ENABLED' AND policy.policyId ='" + + policyId + "' GROUP BY rule.policyId"; + return rdsepository.getDataFromPacman(ruleIdQuery); + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getUntaggedIssues(java.lang.String, java.lang.String) + */ + public Long getUntaggedIssues(String assetGroup, String mandatoryTag) + throws DataException { + Map mustFilter = new HashMap<>(); + Map mustNotFilter = new HashMap<>(); + Map mustTermsFilter = new HashMap<>(); + HashMultimap shouldFilter = HashMultimap.create(); + Map> matchPhrasePrefix = new HashMap<>(); + List mandatoryTagsList = new ArrayList<>(); + if (mandatoryTag != null) { + mandatoryTagsList.add(mandatoryTag); + } + mustFilter.put(CommonUtils.convertAttributetoKeyword(TYPE), ISSUE); + mustFilter.put(CommonUtils.convertAttributetoKeyword(POLICYID), + TAGGIG_POLICY); + matchPhrasePrefix.put(MISSING_TAGS, mandatoryTagsList); + shouldFilter.put(CommonUtils.convertAttributetoKeyword(ISSUE_STATUS), + OPEN); + try{ + return elasticSearchRepository + .getTotalDistributionForIndexAndTypeWithMatchPhrase(assetGroup, + null, mustFilter, mustNotFilter, shouldFilter, null, + mustTermsFilter, matchPhrasePrefix); + } catch (Exception e) { + throw new DataException(e); + } + } + + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getRuleTargetTypesFromDbByPolicyId(java.lang.String) + */ + public List> getRuleTargetTypesFromDbByPolicyId( + String policyId) throws DataException { + String ruleIdQuery = "SELECT rule.targetType FROM cf_RuleInstance rule LEFT JOIN cf_Policy policy ON rule.policyId = policy.policyId WHERE rule.status = 'ENABLED' AND policy.policyId ='" + + policyId + "'"; + return rdsepository.getDataFromPacman(ruleIdQuery); + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getUntaggedTargetTypeIssues(com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest, java.util.List) + */ + public String getUntaggedTargetTypeIssues( + UntaggedTargetTypeRequest request, List tagsList) + throws DataException { + String assetGroup = request.getAg(); + StringBuilder urlToQueryBuffer = new StringBuilder(esUrl).append("/") + .append(assetGroup).append("/").append(SEARCH); + StringBuilder requestBody = null; + String body = "{\"query\":{\"bool\":{\"must\":[{\"term\":{\"type.keyword\":{\"value\":\"issue\"}}},{\"term\":{\"policyId.keyword\":{\"value\":\"" + + TAGGIG_POLICY + + "\"}}},{\"term\":{\"issueStatus.keyword\":{\"value\":\"open\"}}}]"; + + if (!tagsList.isEmpty()) { + body = body + ",\"should\":["; + /* filtering by tags */ + for (String tag : tagsList) { + body = body + "{\"match_phrase_prefix\":{\"missingTags\":\"" + + tag + "\"}},"; + } + body = body.substring(0, body.length() - 1); + body = body + "]"; + body = body + ",\"minimum_should_match\":1"; + } + body = body + + "}},\"aggs\":{\"NAME\":{\"terms\":{\"field\":\"targetType.keyword\",\"size\":1000}}}}"; + requestBody = new StringBuilder(body); + try{ return PacHttpUtils.doHttpPost(urlToQueryBuffer.toString(), + requestBody.toString()); + } catch (Exception e) { + logger.error(e.getMessage()); + throw new DataException(e); + } + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.repository.TaggingRepository#getTaggingByApplication(java.lang.String, java.lang.String) + */ + @Override + public String getTaggingByApplication(String ag, String targetType) + throws DataException { + StringBuilder requestBody = new StringBuilder(); + StringBuilder urlToQuery = new StringBuilder(esUrl).append("/").append( + ag); + if (!StringUtils.isEmpty(targetType)) { + urlToQuery.append("/").append(targetType); + urlToQuery.append("/").append(UNDERSCORE_COUNT); + requestBody + .append("{\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}],\"must_not\":[{\"exists\":{\"field\":\"tags.Application\"}}]}}}"); + } else { + urlToQuery.append("/").append(SEARCH); + requestBody + .append("{\"size\":0,\"query\":{\"bool\":{\"must\":[{\"match\":{\"latest\":\"true\"}}],\"must_not\":[{\"exists\":{\"field\":\"tags.Application\"}}]}},\"aggs\":{\"NAME\":{\"terms\":{\"field\":\"_entitytype.keyword\",\"size\":" + + TEN_THOUSAND + "}}}}"); + } + + String responseJson = ""; + try { + responseJson = PacHttpUtils.doHttpPost(urlToQuery.toString(), + requestBody.toString()); + } catch (Exception e) { + logger.error(e.getMessage()); + throw new DataException(e); + } + return responseJson; + } +} diff --git a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/service/TaggingServiceImpl.java b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/service/TaggingServiceImpl.java index 1fc59d6b9..4ff85241e 100644 --- a/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/service/TaggingServiceImpl.java +++ b/api/pacman-api-compliance/src/main/java/com/tmobile/pacman/api/compliance/service/TaggingServiceImpl.java @@ -1,487 +1,489 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.pacman.api.compliance.service; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Iterator; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import org.apache.commons.lang.StringUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Service; - -import com.google.common.collect.HashMultimap; -import com.google.gson.JsonArray; -import com.google.gson.JsonElement; -import com.google.gson.JsonObject; -import com.google.gson.JsonParser; -import com.tmobile.pacman.api.commons.Constants; -import com.tmobile.pacman.api.commons.exception.DataException; -import com.tmobile.pacman.api.commons.exception.ServiceException; -import com.tmobile.pacman.api.commons.repo.ElasticSearchRepository; -import com.tmobile.pacman.api.compliance.domain.Request; -import com.tmobile.pacman.api.compliance.domain.ResponseWithCount; -import com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest; -import com.tmobile.pacman.api.compliance.repository.ComplianceRepository; -import com.tmobile.pacman.api.compliance.repository.TaggingRepository; - -/** - * The Class TaggingServiceImpl. - */ -@Service -public class TaggingServiceImpl implements TaggingService, Constants { - - /** The mandatory tags. */ - @Value("${tagging.mandatoryTags}") - private String mandatoryTags; - - /** The repository. */ - @Autowired - private TaggingRepository repository; - - /** The complaince repository. */ - @Autowired - private ComplianceRepository complainceRepository; - - /** The elastic search repository. */ - @Autowired - private ElasticSearchRepository elasticSearchRepository; - - /** The logger. */ - protected final Log logger = LogFactory.getLog(getClass()); - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.service.TaggingService#getUnTaggedAssetsByApplication(com.tmobile.pacman.api.compliance.domain.Request) - */ - @Override - public ResponseWithCount getUnTaggedAssetsByApplication(Request request) throws ServiceException { - String assetGroup = request.getAg(); - String searchText = request.getSearchtext(); - int from = request.getFrom(); - int size = request.getSize(); - - List> masterDetailList = new ArrayList<>(); - LinkedHashMap app; - JsonArray buckets; - try { - buckets = repository.getUntaggedIssuesByapplicationFromES(assetGroup, getMandatoryTags(), searchText, from, - size); - } catch (DataException e) { - throw new ServiceException(e); - } - JsonObject tagsObj = null; - JsonObject bucketsTags = null; - JsonObject tagsJson = null; - - JsonElement tagsDocId = null; - String tags = null; - String tagName = null; - int total = 0; - for (int i = 0; i < buckets.size(); i++) { - total = buckets.size(); - app = new LinkedHashMap<>(); - app.put("application", buckets.get(i).getAsJsonObject().get("key").getAsString()); - tagsObj = (JsonObject) buckets.get(i).getAsJsonObject().get("tags"); - bucketsTags = (JsonObject) tagsObj.get("buckets"); - Iterator it = bucketsTags.keySet().iterator(); - - while (it.hasNext()) { - tags = it.next(); - tagsJson = (JsonObject) bucketsTags.get(tags); - tagsDocId = tagsJson.get("doc_count"); - StringBuilder sb = new StringBuilder(tags); - sb.setCharAt(0, Character.toLowerCase(sb.charAt(0))); - tagName = sb.toString(); - app.put(tagName + "Untagged", tagsDocId.getAsLong()); - } - masterDetailList.add(app); - } - - if (masterDetailList.isEmpty()) { - throw new ServiceException(NO_DATA_FOUND); - } - - if (from >= masterDetailList.size()) { - throw new ServiceException("From exceeds the size of list"); - } - - int endIndex = 0; - - if ((from + size) > masterDetailList.size()) { - endIndex = masterDetailList.size(); - } else { - endIndex = from + size; - } - List> subDetailList; - - if (from == 0 && size == 0) { - subDetailList = masterDetailList; - } else { - subDetailList = masterDetailList.subList(from, endIndex); - } - if (buckets.size() > 0) { - return new ResponseWithCount(subDetailList, total); - } else { - throw new ServiceException("No records found!!"); - } - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.service.TaggingService#getTaggingSummary(java.lang.String) - */ - public Map getTaggingSummary(String assetGroup) throws ServiceException { - List mandatoryTagsList = new ArrayList<>(); - if (!StringUtils.isEmpty(getMandatoryTags())) { - mandatoryTagsList = Arrays.asList(getMandatoryTags().split(",")); - } - Map totalMap = new HashMap<>(); - List> unTagsList = new ArrayList<>(); - Map tagMap; - try { - tagMap = complainceRepository.getTagging(assetGroup, null); - } catch (DataException e) { - throw new ServiceException(e); - } - unTagsList = getUnTaggedListData(unTagsList, assetGroup, mandatoryTagsList, tagMap); - totalMap.put("untaggedList", unTagsList); - totalMap.put("overallCompliance", tagMap.get("compliance")); - - return totalMap; - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.service.TaggingService#getUntaggingByTargetTypes(com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest) - */ - public List> getUntaggingByTargetTypes(UntaggedTargetTypeRequest request) - throws ServiceException { - long assetCount ; - long untaggedCount ; - long taggedCount ; - double compliancePercentage; - String type; - - List tagsList = new ArrayList<>(Arrays.asList(mandatoryTags.split(","))); - List> targetTypes; - try { - targetTypes = repository.getRuleTargetTypesFromDbByPolicyId(TAGGIG_POLICY); - } catch (DataException e) { - throw new ServiceException(e); - } - if (targetTypes.isEmpty()) { - throw new ServiceException(NO_DATA_FOUND); - } - - Map filterTags = request.getFilter(); - - List> unTagsList = new ArrayList<>(); - Map assetCountByTypes = complainceRepository.getTotalAssetCount(request.getAg(), null); - Map untaggedCountMap = getUntaggedTargetTypeIssues(request, tagsList); - // process records to format the response - for (Map targetType : targetTypes) { - type = targetType.get(TARGET_TYPE).toString(); - - Map data = new HashMap<>(); - if (null != filterTags && !filterTags.isEmpty() && !filterTags.get(TARGET_TYPE).isEmpty() - && (!type.equalsIgnoreCase(filterTags.get(TARGET_TYPE)))) { - continue; - } - assetCount = (null != assetCountByTypes.get(type)) ? Long.parseLong(assetCountByTypes.get(type).toString()) - : 0l; - if (assetCount > 0) { - untaggedCount = getUntaggedAsset(untaggedCountMap, type); - if (untaggedCount > assetCount) { - untaggedCount = assetCount; - } - taggedCount = assetCount - untaggedCount; - compliancePercentage = (double) (taggedCount * INT_HUNDRED) / assetCount; - compliancePercentage = Math.floor(compliancePercentage); - - data.put("name", type); - data.put("untagged", untaggedCount); - data.put("tagged", taggedCount); - data.put("assetCount", assetCount); - data.put(COMP_PERCENTAGE, compliancePercentage); - unTagsList.add(data); - } - } - if (unTagsList.isEmpty()) { - throw new ServiceException(NO_DATA_FOUND); - } - return unTagsList; - } - - /* (non-Javadoc) - * @see com.tmobile.pacman.api.compliance.service.TaggingService#taggingByApplication(java.lang.String, java.lang.String) - */ - @Override - public List> taggingByApplication(String assetGroup, String targetType) throws ServiceException { - List> taggsApplication = new ArrayList<>(); - List tagsList = new ArrayList<>(); - tagsList.add(""); - tagsList.add("unknown"); - Map tagsMap = new HashMap<>(); - Map mustTermsFilter = new HashMap<>(); - String targetTypes = complainceRepository.getTargetTypeForAG(assetGroup, null); - List targetTypesList = new ArrayList<>(Arrays.asList(targetTypes.split(","))); - Map mustNotFilter = new HashMap<>(); - HashMultimap shouldFilter = HashMultimap.create(); - String aggsEntityType = "_entitytype.keyword"; - mustTermsFilter.put("tags.Application.keyword", tagsList); - Map mustFilter = new HashMap<>(); - mustFilter.put("latest", true); - Map assetWithoutTag; - Map emptyOrUnkownAssets; - Long emptyOrUnkownAssetsLong; - Long assetWithoutTagLong = 0l; - String type = null; - if (!StringUtils.isEmpty(targetType)) { - type = "'" + targetType + "'"; - if (targetTypesList.contains(type)) { - assetWithoutTag = getAssetCountWithoutApplicationTag(assetGroup, targetType); - try { - emptyOrUnkownAssetsLong = elasticSearchRepository - .getTotalDocumentCountForIndexAndTypeWithMustNotTermsFilter(assetGroup, targetType, - mustFilter, null, null, null, mustTermsFilter, null, null); - } catch (Exception e) { - throw new ServiceException(e); - } - if (assetWithoutTag.containsKey(targetType)) { - assetWithoutTagLong = assetWithoutTag.get(targetType); - } - tagsMap.put(targetType, emptyOrUnkownAssetsLong + assetWithoutTagLong); - } - } else { - assetWithoutTag = getAssetCountWithoutApplicationTag(assetGroup, null); - try { - emptyOrUnkownAssets = elasticSearchRepository.getTotalDistributionForIndexAndType(assetGroup, null, - mustFilter, mustNotFilter, shouldFilter, aggsEntityType, TEN_THOUSAND, mustTermsFilter); - } catch (Exception e) { - throw new ServiceException(e); - } - getNoTagsData(tagsMap, targetTypesList, assetWithoutTag, emptyOrUnkownAssets); - } - taggsApplication.add(tagsMap); - return taggsApplication; - } - - /** - * Gets the mandatory tags. - * - * @return the mandatory tags - * @throws ServiceException the service exception - */ - private String getMandatoryTags() throws ServiceException { - String mand = "mandatoryTags"; - char ch = '"'; - String mandTags = ch + "" + mand + "" + ch; - JsonObject paramObj = null; - JsonObject paramDet = null; - JsonArray array = null; - JsonParser parser = new JsonParser(); - List> ruleParams; - try { - ruleParams = repository.getRuleParamsFromDbByPolicyId(TAGGIG_POLICY); - } catch (DataException e) { - throw new ServiceException(e); - } - for (Map params : ruleParams) { - String rParams = params.get("ruleParams").toString(); - paramObj = parser.parse(rParams).getAsJsonObject(); - array = paramObj.get("params").getAsJsonArray(); - - for (JsonElement jsonElement : array) { - - paramDet = jsonElement.getAsJsonObject(); - if (paramDet.get("key").toString().equals(mandTags)) { - mandatoryTags = paramDet.get("value").getAsString(); - } - } - } - return mandatoryTags; - } - - /** - * Gets the untagged asset. - * - * @param bucketMap the bucket map - * @param type the type - * @return the untagged asset - */ - private long getUntaggedAsset(Map bucketMap, String type) { - if (bucketMap.get(type) != null) { - return bucketMap.get(type); - } else { - return 0; - } - } - - /** - * Gets the asset count without application tag. - * - * @param assetGroup the asset group - * @param targetType the target type - * @return the asset count without application tag - * @throws ServiceException the service exception - */ - private Map getAssetCountWithoutApplicationTag(String assetGroup, String targetType) - throws ServiceException { - Map assetWithoutTagsMap = new HashMap<>(); - String responseJson; - try { - responseJson = repository.getTaggingByApplication(assetGroup, targetType); - } catch (DataException e) { - throw new ServiceException(e); - } - JsonParser jsonParser = new JsonParser(); - JsonObject resultJson = jsonParser.parse(responseJson).getAsJsonObject(); - if (StringUtils.isEmpty(targetType)) { - JsonObject aggs = (JsonObject) resultJson.get(AGGREGATIONS); - JsonObject name = (JsonObject) aggs.get("NAME"); - JsonArray buckets = name.get(BUCKETS).getAsJsonArray(); - // convert Json Array to Map object - for (JsonElement bucket : buckets) { - assetWithoutTagsMap.put(bucket.getAsJsonObject().get("key").getAsString(), bucket.getAsJsonObject() - .get(DOC_COUNT).getAsLong()); - } - } else { - if(resultJson.has(COUNT)){ - assetWithoutTagsMap.put(targetType, resultJson.get(COUNT).getAsLong()); - } - } - return assetWithoutTagsMap; - } - - /** - * Gets the untagged target type issues. - * - * @param request the request - * @param tagsList the tags list - * @return the untagged target type issues - * @throws ServiceException the service exception - */ - private Map getUntaggedTargetTypeIssues(UntaggedTargetTypeRequest request, List tagsList) - throws ServiceException { - JsonParser parser = new JsonParser(); - Map untaggedCountMap = new HashMap<>(); - String responseDetails; - try { - responseDetails = repository.getUntaggedTargetTypeIssues(request, tagsList); - } catch (DataException e) { - throw new ServiceException(e); - } - JsonObject responseJson = parser.parse(responseDetails).getAsJsonObject(); - JsonObject aggs = (JsonObject) responseJson.get(AGGREGATIONS); - JsonObject name = (JsonObject) aggs.get("NAME"); - JsonArray buckets = name.get(BUCKETS).getAsJsonArray(); - // convert Json Array to Map object - for (JsonElement bucket : buckets) { - untaggedCountMap.put(bucket.getAsJsonObject().get("key").getAsString(), - bucket.getAsJsonObject().get(DOC_COUNT).getAsLong()); - } - return untaggedCountMap; - } - - /** - * Gets the total assets. - * - * @param tagMap the tag map - * @return the total assets - */ - private long getTotalAssets(Map tagMap){ - Long totalAssets = 0l; - for (Map.Entry asset : tagMap.entrySet()) { - if ("assets".equalsIgnoreCase(asset.getKey())) { - totalAssets = asset.getValue(); - } - } - return totalAssets; - } - - /** - * Gets the un tagged list data. - * - * @param unTagsList the un tags list - * @param assetGroup the asset group - * @param mandatoryTagsList the mandatory tags list - * @param tagMap the tag map - * @return the un tagged list data - * @throws ServiceException the service exception - */ - private List> getUnTaggedListData(List> unTagsList,String assetGroup,List mandatoryTagsList, Map tagMap) throws ServiceException{ - Long docCount; - for (String mandatoryTag : mandatoryTagsList) { - Map data = new HashMap<>(); - Long totalAssets = getTotalAssets(tagMap); - try { - docCount = repository.getUntaggedIssues(assetGroup, mandatoryTag); - } catch (DataException e) { - throw new ServiceException(e); - } - data.put("name", mandatoryTag); - data.put("untagged", docCount); - data.put("tagged", (totalAssets - docCount)); - - if (totalAssets < docCount) { - totalAssets = docCount; - } - - if (docCount == 0 && totalAssets == 0) { - data.put(COMP_PERCENTAGE, INT_HUNDRED); - } - - if (totalAssets > 0) { - data.put( - COMP_PERCENTAGE, - Math.floor(((totalAssets - Double.parseDouble(String.valueOf(docCount))) / totalAssets) - * INT_HUNDRED)); - } - unTagsList.add(data); - } - return unTagsList; - } - - /** - * Gets the no tags data. - * - * @param tagsMap the tags map - * @param targetTypesList the target types list - * @param assetWithoutTag the asset without tag - * @param emptyOrUnkownAssets the empty or unkown assets - * @return the no tags data - */ - private Map getNoTagsData(Map tagsMap,List targetTypesList, Map assetWithoutTag, Map emptyOrUnkownAssets){ - for (String resourceType : targetTypesList) { - Long assetWithoutTagLong = 0l; - Long emptyOrUnkownAssetsLong = 0l; - resourceType = resourceType.replaceAll("\'", ""); - if (assetWithoutTag.containsKey(resourceType)) { - assetWithoutTagLong = assetWithoutTag.get(resourceType); - } - if (emptyOrUnkownAssets.containsKey(resourceType)) { - emptyOrUnkownAssetsLong = emptyOrUnkownAssets.get(resourceType); - } - tagsMap.put(resourceType, emptyOrUnkownAssetsLong + assetWithoutTagLong); - } - return tagsMap; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.pacman.api.compliance.service; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import org.apache.commons.lang.StringUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Service; + +import com.google.common.collect.HashMultimap; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import com.tmobile.pacman.api.commons.Constants; +import com.tmobile.pacman.api.commons.exception.DataException; +import com.tmobile.pacman.api.commons.exception.ServiceException; +import com.tmobile.pacman.api.commons.repo.ElasticSearchRepository; +import com.tmobile.pacman.api.compliance.domain.Request; +import com.tmobile.pacman.api.compliance.domain.ResponseWithCount; +import com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest; +import com.tmobile.pacman.api.compliance.repository.ComplianceRepository; +import com.tmobile.pacman.api.compliance.repository.TaggingRepository; + +/** + * The Class TaggingServiceImpl. + */ +@Service +public class TaggingServiceImpl implements TaggingService, Constants { + + /** The mandatory tags. */ + @Value("${tagging.mandatoryTags}") + private String mandatoryTags; + + /** The repository. */ + @Autowired + private TaggingRepository repository; + + /** The complaince repository. */ + @Autowired + private ComplianceRepository complainceRepository; + + /** The elastic search repository. */ + @Autowired + private ElasticSearchRepository elasticSearchRepository; + + /** The logger. */ + protected final Log logger = LogFactory.getLog(getClass()); + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.service.TaggingService#getUnTaggedAssetsByApplication(com.tmobile.pacman.api.compliance.domain.Request) + */ + @Override + public ResponseWithCount getUnTaggedAssetsByApplication(Request request) throws ServiceException { + String assetGroup = request.getAg(); + String searchText = request.getSearchtext(); + int from = request.getFrom(); + int size = request.getSize(); + + List> masterDetailList = new ArrayList<>(); + LinkedHashMap app; + JsonArray buckets; + try { + buckets = repository.getUntaggedIssuesByapplicationFromES(assetGroup, getMandatoryTags(), searchText, from, + size); + } catch (DataException e) { + throw new ServiceException(e); + } + JsonObject tagsObj = null; + JsonObject bucketsTags = null; + JsonObject tagsJson = null; + + JsonElement tagsDocId = null; + String tags = null; + String tagName = null; + int total = 0; + for (int i = 0; i < buckets.size(); i++) { + total = buckets.size(); + app = new LinkedHashMap<>(); + app.put("application", buckets.get(i).getAsJsonObject().get("key").getAsString()); + tagsObj = (JsonObject) buckets.get(i).getAsJsonObject().get("tags"); + bucketsTags = (JsonObject) tagsObj.get("buckets"); + Iterator it = bucketsTags.keySet().iterator(); + + while (it.hasNext()) { + tags = it.next(); + tagsJson = (JsonObject) bucketsTags.get(tags); + tagsDocId = tagsJson.get("doc_count"); + StringBuilder sb = new StringBuilder(tags); + sb.setCharAt(0, Character.toLowerCase(sb.charAt(0))); + tagName = sb.toString(); + app.put(tagName + "Untagged", tagsDocId.getAsLong()); + } + masterDetailList.add(app); + } + + if (masterDetailList.isEmpty()) { + throw new ServiceException(NO_DATA_FOUND); + } + + if (from >= masterDetailList.size()) { + throw new ServiceException("From exceeds the size of list"); + } + + int endIndex = 0; + + if ((from + size) > masterDetailList.size()) { + endIndex = masterDetailList.size(); + } else { + endIndex = from + size; + } + List> subDetailList; + + if (from == 0 && size == 0) { + subDetailList = masterDetailList; + } else { + subDetailList = masterDetailList.subList(from, endIndex); + } + if (buckets.size() > 0) { + return new ResponseWithCount(subDetailList, total); + } else { + throw new ServiceException("No records found!!"); + } + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.service.TaggingService#getTaggingSummary(java.lang.String) + */ + public Map getTaggingSummary(String assetGroup) throws ServiceException { + List mandatoryTagsList = new ArrayList<>(); + String ruleMandatoryTags = getMandatoryTags(); + if (!StringUtils.isEmpty(ruleMandatoryTags)) { + mandatoryTagsList = Arrays.asList(ruleMandatoryTags.split(",")); + } + Map totalMap = new HashMap<>(); + List> unTagsList = new ArrayList<>(); + Map tagMap; + try { + tagMap = complainceRepository.getTagging(assetGroup, null); + } catch (DataException e) { + throw new ServiceException(e); + } + unTagsList = getUnTaggedListData(unTagsList, assetGroup, mandatoryTagsList, tagMap); + totalMap.put("untaggedList", unTagsList); + totalMap.put("overallCompliance", tagMap.get("compliance")); + + return totalMap; + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.service.TaggingService#getUntaggingByTargetTypes(com.tmobile.pacman.api.compliance.domain.UntaggedTargetTypeRequest) + */ + public List> getUntaggingByTargetTypes(UntaggedTargetTypeRequest request) + throws ServiceException { + long assetCount ; + long untaggedCount ; + long taggedCount ; + double compliancePercentage; + String type; + + List tagsList = new ArrayList<>(Arrays.asList(mandatoryTags.split(","))); + List> targetTypes; + try { + targetTypes = repository.getRuleTargetTypesFromDbByPolicyId(TAGGIG_POLICY); + } catch (DataException e) { + throw new ServiceException(e); + } + if (targetTypes.isEmpty()) { + throw new ServiceException(NO_DATA_FOUND); + } + + Map filterTags = request.getFilter(); + + List> unTagsList = new ArrayList<>(); + Map assetCountByTypes = complainceRepository.getTotalAssetCount(request.getAg(), null); + Map untaggedCountMap = getUntaggedTargetTypeIssues(request, tagsList); + // process records to format the response + for (Map targetType : targetTypes) { + type = targetType.get(TARGET_TYPE).toString(); + + Map data = new HashMap<>(); + if (null != filterTags && !filterTags.isEmpty() && !filterTags.get(TARGET_TYPE).isEmpty() + && (!type.equalsIgnoreCase(filterTags.get(TARGET_TYPE)))) { + continue; + } + assetCount = (null != assetCountByTypes.get(type)) ? Long.parseLong(assetCountByTypes.get(type).toString()) + : 0l; + if (assetCount > 0) { + untaggedCount = getUntaggedAsset(untaggedCountMap, type); + if (untaggedCount > assetCount) { + untaggedCount = assetCount; + } + taggedCount = assetCount - untaggedCount; + compliancePercentage = (double) (taggedCount * INT_HUNDRED) / assetCount; + compliancePercentage = Math.floor(compliancePercentage); + + data.put("name", type); + data.put("untagged", untaggedCount); + data.put("tagged", taggedCount); + data.put("assetCount", assetCount); + data.put(COMP_PERCENTAGE, compliancePercentage); + unTagsList.add(data); + } + } + if (unTagsList.isEmpty()) { + throw new ServiceException(NO_DATA_FOUND); + } + return unTagsList; + } + + /* (non-Javadoc) + * @see com.tmobile.pacman.api.compliance.service.TaggingService#taggingByApplication(java.lang.String, java.lang.String) + */ + @Override + public List> taggingByApplication(String assetGroup, String targetType) throws ServiceException { + List> taggsApplication = new ArrayList<>(); + List tagsList = new ArrayList<>(); + tagsList.add(""); + tagsList.add("unknown"); + Map tagsMap = new HashMap<>(); + Map mustTermsFilter = new HashMap<>(); + String targetTypes = complainceRepository.getTargetTypeForAG(assetGroup, null); + List targetTypesList = new ArrayList<>(Arrays.asList(targetTypes.split(","))); + Map mustNotFilter = new HashMap<>(); + HashMultimap shouldFilter = HashMultimap.create(); + String aggsEntityType = "_entitytype.keyword"; + mustTermsFilter.put("tags.Application.keyword", tagsList); + Map mustFilter = new HashMap<>(); + mustFilter.put("latest", true); + Map assetWithoutTag; + Map emptyOrUnkownAssets; + Long emptyOrUnkownAssetsLong; + Long assetWithoutTagLong = 0l; + String type = null; + if (!StringUtils.isEmpty(targetType)) { + type = "'" + targetType + "'"; + if (targetTypesList.contains(type)) { + assetWithoutTag = getAssetCountWithoutApplicationTag(assetGroup, targetType); + try { + emptyOrUnkownAssetsLong = elasticSearchRepository + .getTotalDocumentCountForIndexAndTypeWithMustNotTermsFilter(assetGroup, targetType, + mustFilter, null, null, null, mustTermsFilter, null, null); + } catch (Exception e) { + throw new ServiceException(e); + } + if (assetWithoutTag.containsKey(targetType)) { + assetWithoutTagLong = assetWithoutTag.get(targetType); + } + tagsMap.put(targetType, emptyOrUnkownAssetsLong + assetWithoutTagLong); + } + } else { + assetWithoutTag = getAssetCountWithoutApplicationTag(assetGroup, null); + try { + emptyOrUnkownAssets = elasticSearchRepository.getTotalDistributionForIndexAndType(assetGroup, null, + mustFilter, mustNotFilter, shouldFilter, aggsEntityType, TEN_THOUSAND, mustTermsFilter); + } catch (Exception e) { + throw new ServiceException(e); + } + getNoTagsData(tagsMap, targetTypesList, assetWithoutTag, emptyOrUnkownAssets); + } + taggsApplication.add(tagsMap); + return taggsApplication; + } + + /** + * Gets the mandatory tags. + * + * @return the mandatory tags + * @throws ServiceException the service exception + */ + private String getMandatoryTags() throws ServiceException { + String mand = "mandatoryTags"; + String mandatoryTags = null; + char ch = '"'; + String mandTags = ch + "" + mand + "" + ch; + JsonObject paramObj = null; + JsonObject paramDet = null; + JsonArray array = null; + JsonParser parser = new JsonParser(); + List> ruleParams; + try { + ruleParams = repository.getRuleParamsFromDbByPolicyId(TAGGIG_POLICY); + } catch (DataException e) { + throw new ServiceException(e); + } + for (Map params : ruleParams) { + String rParams = params.get("ruleParams").toString(); + paramObj = parser.parse(rParams).getAsJsonObject(); + array = paramObj.get("params").getAsJsonArray(); + + for (JsonElement jsonElement : array) { + + paramDet = jsonElement.getAsJsonObject(); + if (paramDet.get("key").toString().equals(mandTags)) { + mandatoryTags = paramDet.get("value").getAsString(); + } + } + } + return mandatoryTags; + } + + /** + * Gets the untagged asset. + * + * @param bucketMap the bucket map + * @param type the type + * @return the untagged asset + */ + private long getUntaggedAsset(Map bucketMap, String type) { + if (bucketMap.get(type) != null) { + return bucketMap.get(type); + } else { + return 0; + } + } + + /** + * Gets the asset count without application tag. + * + * @param assetGroup the asset group + * @param targetType the target type + * @return the asset count without application tag + * @throws ServiceException the service exception + */ + private Map getAssetCountWithoutApplicationTag(String assetGroup, String targetType) + throws ServiceException { + Map assetWithoutTagsMap = new HashMap<>(); + String responseJson; + try { + responseJson = repository.getTaggingByApplication(assetGroup, targetType); + } catch (DataException e) { + throw new ServiceException(e); + } + JsonParser jsonParser = new JsonParser(); + JsonObject resultJson = jsonParser.parse(responseJson).getAsJsonObject(); + if (StringUtils.isEmpty(targetType)) { + JsonObject aggs = (JsonObject) resultJson.get(AGGREGATIONS); + JsonObject name = (JsonObject) aggs.get("NAME"); + JsonArray buckets = name.get(BUCKETS).getAsJsonArray(); + // convert Json Array to Map object + for (JsonElement bucket : buckets) { + assetWithoutTagsMap.put(bucket.getAsJsonObject().get("key").getAsString(), bucket.getAsJsonObject() + .get(DOC_COUNT).getAsLong()); + } + } else { + if(resultJson.has(COUNT)){ + assetWithoutTagsMap.put(targetType, resultJson.get(COUNT).getAsLong()); + } + } + return assetWithoutTagsMap; + } + + /** + * Gets the untagged target type issues. + * + * @param request the request + * @param tagsList the tags list + * @return the untagged target type issues + * @throws ServiceException the service exception + */ + private Map getUntaggedTargetTypeIssues(UntaggedTargetTypeRequest request, List tagsList) + throws ServiceException { + JsonParser parser = new JsonParser(); + Map untaggedCountMap = new HashMap<>(); + String responseDetails; + try { + responseDetails = repository.getUntaggedTargetTypeIssues(request, tagsList); + } catch (DataException e) { + throw new ServiceException(e); + } + JsonObject responseJson = parser.parse(responseDetails).getAsJsonObject(); + JsonObject aggs = (JsonObject) responseJson.get(AGGREGATIONS); + JsonObject name = (JsonObject) aggs.get("NAME"); + JsonArray buckets = name.get(BUCKETS).getAsJsonArray(); + // convert Json Array to Map object + for (JsonElement bucket : buckets) { + untaggedCountMap.put(bucket.getAsJsonObject().get("key").getAsString(), + bucket.getAsJsonObject().get(DOC_COUNT).getAsLong()); + } + return untaggedCountMap; + } + + /** + * Gets the total assets. + * + * @param tagMap the tag map + * @return the total assets + */ + private long getTotalAssets(Map tagMap){ + Long totalAssets = 0l; + for (Map.Entry asset : tagMap.entrySet()) { + if ("assets".equalsIgnoreCase(asset.getKey())) { + totalAssets = asset.getValue(); + } + } + return totalAssets; + } + + /** + * Gets the un tagged list data. + * + * @param unTagsList the un tags list + * @param assetGroup the asset group + * @param mandatoryTagsList the mandatory tags list + * @param tagMap the tag map + * @return the un tagged list data + * @throws ServiceException the service exception + */ + private List> getUnTaggedListData(List> unTagsList,String assetGroup,List mandatoryTagsList, Map tagMap) throws ServiceException{ + Long docCount; + for (String mandatoryTag : mandatoryTagsList) { + Map data = new HashMap<>(); + Long totalAssets = getTotalAssets(tagMap); + try { + docCount = repository.getUntaggedIssues(assetGroup, mandatoryTag); + } catch (DataException e) { + throw new ServiceException(e); + } + data.put("name", mandatoryTag); + data.put("untagged", docCount); + data.put("tagged", (totalAssets - docCount)); + + if (totalAssets < docCount) { + totalAssets = docCount; + } + + if (docCount == 0 && totalAssets == 0) { + data.put(COMP_PERCENTAGE, INT_HUNDRED); + } + + if (totalAssets > 0) { + data.put( + COMP_PERCENTAGE, + Math.floor(((totalAssets - Double.parseDouble(String.valueOf(docCount))) / totalAssets) + * INT_HUNDRED)); + } + unTagsList.add(data); + } + return unTagsList; + } + + /** + * Gets the no tags data. + * + * @param tagsMap the tags map + * @param targetTypesList the target types list + * @param assetWithoutTag the asset without tag + * @param emptyOrUnkownAssets the empty or unkown assets + * @return the no tags data + */ + private Map getNoTagsData(Map tagsMap,List targetTypesList, Map assetWithoutTag, Map emptyOrUnkownAssets){ + for (String resourceType : targetTypesList) { + Long assetWithoutTagLong = 0l; + Long emptyOrUnkownAssetsLong = 0l; + resourceType = resourceType.replaceAll("\'", ""); + if (assetWithoutTag.containsKey(resourceType)) { + assetWithoutTagLong = assetWithoutTag.get(resourceType); + } + if (emptyOrUnkownAssets.containsKey(resourceType)) { + emptyOrUnkownAssetsLong = emptyOrUnkownAssets.get(resourceType); + } + tagsMap.put(resourceType, emptyOrUnkownAssetsLong + assetWithoutTagLong); + } + return tagsMap; + } +} diff --git a/api/pacman-api-config/src/main/resources/application.yml b/api/pacman-api-config/src/main/resources/application.yml index fc1cea553..1e0b0be2c 100644 --- a/api/pacman-api-config/src/main/resources/application.yml +++ b/api/pacman-api-config/src/main/resources/application.yml @@ -15,7 +15,7 @@ spring: maximum-pool-size: 10 connection-timeout: 5000 profiles: - active: ${CONFIG_SOURCE:native} + active: ${CONFIG_SOURCE:jdbc} security: user: name: user diff --git a/api/pacman-api-config/src/main/resources/shared/application.yml b/api/pacman-api-config/src/main/resources/shared/application.yml index 865b92392..c061198bb 100644 --- a/api/pacman-api-config/src/main/resources/shared/application.yml +++ b/api/pacman-api-config/src/main/resources/shared/application.yml @@ -1,42 +1,41 @@ -logging: - config: classpath:spring-logback.xml - esLoggingLevel: WARN - consoleLoggingLevel: INFO - esHost: ${LOGGING_ES_HOST_NAME} - esPort: ${LOGGING_ES_PORT} - -elastic-search: - host: ${ES_HOST_NAME} - port: ${ES_PORT} - clusterName : ${ES_CLUSTER_NAME} - port-admin : ${ES_PORT_ADMIN} - host-heimdall: ${ES_HEIMDALL_HOST_NAME} - port-heimdall: ${ES_HEIMDALL_PORT} - clusterName-heimdall : ${ES_HEIMDALL_CLUSTER_NAME} - port-admin-heimdall : ${ES_HEIMDALL_PORT_ADMIN} - update-host: ${ES_UPDATE_HOST} - update-port: ${ES_UPDATE_PORT} - update-clusterName : ${ES_UPDATE_CLUSTER_NAME} - -formats: - date : yyyy-MM-dd'T'HH:mm:ss.SSSZ - -ldap: - naming: - context-factory: com.sun.jndi.ldap.LdapCtxFactory - authentication: simple - ad: - provider-url: ${LDAP_AD_PROVIDER_URL} - domain: ${LDAP_AD_DOMAIN} - search-base: ${LDAP_AD_SEARCH_BASE} - nt: - provider-url: ${LDAP_NT_PROVIDER_URL} - domain: ${LDAP_NT_DOMAIN} - search-base: ${LDAP_NT_SEARCH_BASE} - -redshift: - url: ${REDSHIFT_URL} - userName: ${REDSHIFT_USER_NAME} - password: ${REDSHIFT_PASSWORD} - - \ No newline at end of file +logging: + config: classpath:spring-logback.xml + esLoggingLevel: WARN + consoleLoggingLevel: INFO + esHost: ${LOGGING_ES_HOST_NAME} + esPort: ${LOGGING_ES_PORT} + +elastic-search: + host: ${ES_HOST_NAME} + port: ${ES_PORT} + clusterName : ${ES_CLUSTER_NAME} + port-admin : ${ES_PORT_ADMIN} + host-heimdall: ${ES_HEIMDALL_HOST_NAME} + port-heimdall: ${ES_HEIMDALL_PORT} + clusterName-heimdall : ${ES_HEIMDALL_CLUSTER_NAME} + port-admin-heimdall : ${ES_HEIMDALL_PORT_ADMIN} + update-host: ${ES_UPDATE_HOST} + update-port: ${ES_UPDATE_PORT} + update-clusterName : ${ES_UPDATE_CLUSTER_NAME} + +formats: + date : yyyy-MM-dd'T'HH:mm:ss.SSSZ + +ldap: + naming: + context-factory: com.sun.jndi.ldap.LdapCtxFactory + authentication: simple + ad: + provider-url: ${LDAP_AD_PROVIDER_URL} + domain: ${LDAP_AD_DOMAIN} + search-base: ${LDAP_AD_SEARCH_BASE} + nt: + provider-url: ${LDAP_NT_PROVIDER_URL} + domain: ${LDAP_NT_DOMAIN} + search-base: ${LDAP_NT_SEARCH_BASE} + +redshift: + url: ${REDSHIFT_URL} + userName: ${REDSHIFT_USER_NAME} + password: ${REDSHIFT_PASSWORD} + diff --git a/api/pacman-api-config/src/main/resources/shared/notification-service.yml b/api/pacman-api-config/src/main/resources/shared/notification-service.yml index 49bb14092..7c4fa8383 100644 --- a/api/pacman-api-config/src/main/resources/shared/notification-service.yml +++ b/api/pacman-api-config/src/main/resources/shared/notification-service.yml @@ -1,32 +1,44 @@ -server: - servlet: - context-path: /api/notifications -remind: - cron: 0 0 0 * * * - email: - text: "Hey, {0}! We''ve missed you here on Pacman. It''s time to check your compliance, Pacman team" - subject: Pacman reminder - -backup: - cron: 0 0 12 * * * - email: - text: "Howdy, {0}. Your account backup is ready.\r\n\r\nCheers,\r\nPiggyMetrics team" - subject: PiggyMetrics account backup - attachment: backup.json - -spring: - freemarker: - suffix: .html - mail: - host: ${MAIL_SERVER:localhost} - port: 25 - protocol: smtp - defaultEncoding: UTF-8 - -cron: - frequency: - weekly-report-sync-trigger: 0 0 9 ? * MON * - -template: - digest-mail: - url: https://s3.amazonaws.com/${PACMAN_S3:s3}/index.html \ No newline at end of file +server: + servlet: + context-path: /api/notifications +remind: + cron: 0 0 0 * * * + email: + text: "Hey, {0}! We''ve missed you here on Pacman. It''s time to check your compliance, Pacman team" + subject: Pacman reminder + +backup: + cron: 0 0 12 * * * + email: + text: "Howdy, {0}. Your account backup is ready.\r\n\r\nCheers,\r\nPiggyMetrics team" + subject: PiggyMetrics account backup + attachment: backup.json + +spring: + freemarker: + suffix: .html +cron: + frequency: + weekly-report-sync-trigger: 0 0 9 ? * MON * + +template: + digest-mail: + url: https://s3.amazonaws.com/${PACMAN_S3:s3}/index.html + +mail: + host: ${MAIL_SERVER:localhost} + port: ${MAIL_SERVER_PORT:25} + protocol: ${MAIL_PROTOCOL:smtp} + defaultEncoding: UTF-8 + username: ${MAIL_SENDER_ADDRESS} + password: ${MAIL_SERVER_PWD} + properties: + mail: + smtp: + auth: ${MAIL_SMTP_AUTH:true} + ssl: + trust: ${MAIL_SERVER:localhost} + starttls: + enable: ${MAIL_SMTP_SSL_ENABLE:true} + test-connection: ${MAIL_SMTP_SSL_TEST_CONNECTION:false} + \ No newline at end of file diff --git a/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/NotificationApplication.java b/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/NotificationApplication.java index 18c71a891..03d553c2c 100644 --- a/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/NotificationApplication.java +++ b/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/NotificationApplication.java @@ -25,8 +25,6 @@ @SpringBootApplication //@EnableResourceServer -//@EnableHystrix -//@EnableHystrixDashboard @EnableFeignClients @EnableConfigurationProperties @Configuration diff --git a/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/controller/NotificationController.java b/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/controller/NotificationController.java index 73f4151ee..667d27bf8 100644 --- a/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/controller/NotificationController.java +++ b/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/controller/NotificationController.java @@ -1,144 +1,184 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.pacman.api.notification.controller; - -import java.util.Map; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import com.google.common.base.Strings; -import com.tmobile.pacman.api.commons.Constants; -import com.tmobile.pacman.api.commons.utils.ResponseUtils; -import com.tmobile.pacman.api.notification.dto.MailMessageRequestBody; -import com.tmobile.pacman.api.notification.dto.MailTemplateRequestBody; -import com.tmobile.pacman.api.notification.service.MailService; -import com.tmobile.pacman.api.notification.service.NotificationService; - -import io.swagger.annotations.ApiOperation; -import io.swagger.annotations.ApiParam; -import io.swagger.annotations.ApiResponse; -import io.swagger.annotations.ApiResponses; - -@RestController -@PreAuthorize("@securityService.hasPermission(authentication, 'ROLE_USER')") -public class NotificationController implements Constants -{ - private final Logger log = LoggerFactory.getLogger(getClass()); - - @Autowired - private MailService mailService; - - @Autowired - private NotificationService notificationService; - - @ApiResponses(value = { - @ApiResponse(code = 200, message = "Successfully sent the email"), - @ApiResponse(code = 401, message = "You are not authorized to view the resource"), - @ApiResponse(code = 403, message = "Accessing the resource you were trying to reach is forbidden"), - @ApiResponse(code = 404, message = "The resource you were trying to reach is not found"), - @ApiResponse(code = 417, message = "Expectation Failed"), - @ApiResponse(code = 408, message = "operation timed out") - } - ) - - @ApiOperation(value = "Send a Text Email", response = ResponseEntity.class) - @RequestMapping(value = "/send-plain-text-mail", method = RequestMethod.POST, consumes = "application/json") - public ResponseEntity sendTextMail(@ApiParam(value = "Provide Mail Message Request Body", required = true) final @RequestBody MailMessageRequestBody mailMessageRequestBody) { - try { - mailService.prepareAndSendMail(mailMessageRequestBody.getFrom(), - mailMessageRequestBody.getTo(), - mailMessageRequestBody.getSubject(), - mailMessageRequestBody.getMailBodyAsString(), - mailMessageRequestBody.getPlaceholderValues(), mailMessageRequestBody.getAttachmentUrl(), true); - return new ResponseEntity<>(HttpStatus.OK); - } catch (Exception exception) { - log.error(EXE_EMAIL_SEND, exception.getMessage()); - return new ResponseEntity<>(HttpStatus.FORBIDDEN); - } - } - - @ApiOperation(value = "Send an Email with Template", response = ResponseEntity.class) - @RequestMapping(value = "/send-mail-with-template", method = RequestMethod.POST) - public ResponseEntity sendMailWithTemplate(@ApiParam(value = "Provide Mail Template Request Body", required = true) final @RequestBody MailTemplateRequestBody mailTemplateRequestBody) { - try { - mailService.prepareAndSendMail(mailTemplateRequestBody.getFrom(), - mailTemplateRequestBody.getTo(), - mailTemplateRequestBody.getSubject(), - mailTemplateRequestBody.getMailBodyAsString(), - mailTemplateRequestBody.getPlaceholderValues(), mailTemplateRequestBody.getAttachmentUrl(), false); - return new ResponseEntity<>(HttpStatus.OK); - } catch (Exception exception) { - log.error(EXE_EMAIL_SEND , exception.getMessage()); - return new ResponseEntity<>(HttpStatus.FORBIDDEN); - } - } - - - @ApiOperation(value = "Unsubscribe Digest Mail Report", response = ResponseEntity.class) - @RequestMapping(value = "/unsubscribe-digest-mail", method = RequestMethod.GET) - public ResponseEntity unsubscribeDigestMail(@RequestParam(name="mailId") String mailId) { - Map response = notificationService.unsubscribeDigestMail(mailId.toLowerCase()); - return ResponseUtils.buildSucessResponse(response); - } - - /** - * - * @param mailDetails - * @return - */ - public ResponseEntity sendTextMailFallBack(final @RequestBody Map mailDetails) { - return new ResponseEntity<>(HttpStatus.REQUEST_TIMEOUT); - } - - - /** - * - * @param assetGroup - * @param ruleId - * @return - * API description: asssetGroup is mandatory & ruleId is optional - * If API receives assetGroup as request parameter, it gives issues count of all open issues and unknown issues for all the rules. - * If API receives both assetGroup and ruleId as request parameter,it gives issues count of all open issues and unknown issues for that rule. - */ - @RequestMapping(path = "/cache", method = RequestMethod.GET) - public ResponseEntity getDeviceDetails(@RequestParam(name="deviceId") String deviceId) - { - if (Strings.isNullOrEmpty(deviceId)) - { - return ResponseUtils.buildFailureResponse(new Exception("Device Id is mandatory")); - } - try { - return ResponseUtils.buildSucessResponse(notificationService.getDeviceDetails(deviceId)); - } catch (Exception e) { - return ResponseUtils.buildFailureResponse(e); - } - - } - - - -} - +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.pacman.api.notification.controller; + +import java.util.Map; + +import org.apache.commons.lang3.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import com.google.common.base.Strings; +import com.tmobile.pacman.api.commons.Constants; +import com.tmobile.pacman.api.commons.utils.ResponseUtils; +import com.tmobile.pacman.api.notification.dto.MailMessageRequestBody; +import com.tmobile.pacman.api.notification.dto.MailTemplateRequestBody; +import com.tmobile.pacman.api.notification.service.MailService; +import com.tmobile.pacman.api.notification.service.NotificationService; + +import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; +import io.swagger.annotations.ApiResponse; +import io.swagger.annotations.ApiResponses; + +@RestController +@PreAuthorize("@securityService.hasPermission(authentication, 'ROLE_USER')") +public class NotificationController implements Constants +{ + private final Logger log = LoggerFactory.getLogger(getClass()); + + /** The from mail address. */ + @Value("${spring.mail.username}") + private String fromAddress; + + @Autowired + private MailService mailService; + + @Autowired + private NotificationService notificationService; + + @ApiResponses(value = { + @ApiResponse(code = 200, message = "Successfully sent the email"), + @ApiResponse(code = 401, message = "You are not authorized to view the resource"), + @ApiResponse(code = 403, message = "Accessing the resource you were trying to reach is forbidden"), + @ApiResponse(code = 404, message = "The resource you were trying to reach is not found"), + @ApiResponse(code = 417, message = "Expectation Failed"), + @ApiResponse(code = 408, message = "operation timed out") + } + ) + + @ApiOperation(value = "Send a Text Email", response = ResponseEntity.class) + @RequestMapping(value = "/send-plain-text-mail", method = RequestMethod.POST, consumes = "application/json") + public ResponseEntity sendTextMail(@ApiParam(value = "Provide Mail Message Request Body", required = true) final @RequestBody MailMessageRequestBody mailMessageRequestBody) { + try { + log.info("fromAddress==sendMailWithTemplate from config {}",fromAddress); + log.info("mailTemplateRequestBody.getFrom()===sendMailWithTemplate from param {}",mailMessageRequestBody.getFrom()); + + mailService.prepareAndSendMail("",mailMessageRequestBody.getFrom(), + mailMessageRequestBody.getTo(), + mailMessageRequestBody.getSubject(), + mailMessageRequestBody.getMailBodyAsString(), + mailMessageRequestBody.getPlaceholderValues(), mailMessageRequestBody.getAttachmentUrl(), true); + return new ResponseEntity<>(HttpStatus.OK); + } catch (Exception exception) { + log.error(EXE_EMAIL_SEND, exception); + try { + log.info("fromAddress==sendMailWithTemplate from catch block from config {}",fromAddress); + log.info("mailTemplateRequestBody.getFrom() from catch block===sendMailWithTemplate from param {}",mailMessageRequestBody.getFrom()); + + mailService.prepareAndSendMail(mailMessageRequestBody.getFrom(),fromAddress, + mailMessageRequestBody.getTo(), + mailMessageRequestBody.getSubject(), + mailMessageRequestBody.getMailBodyAsString(), + mailMessageRequestBody.getPlaceholderValues(), mailMessageRequestBody.getAttachmentUrl(), true); + return new ResponseEntity<>(HttpStatus.OK); + } catch (Exception e) { + log.error(EXE_EMAIL_SEND, e); + return new ResponseEntity<>(HttpStatus.FORBIDDEN); + } + } + } + + @ApiOperation(value = "Send an Email with Template", response = ResponseEntity.class) + @RequestMapping(value = "/send-mail-with-template", method = RequestMethod.POST) + public ResponseEntity sendMailWithTemplate(@ApiParam(value = "Provide Mail Template Request Body", required = true) final @RequestBody MailTemplateRequestBody mailTemplateRequestBody) { + try { + + log.info("fromAddress==sendMailWithTemplate from config {}",fromAddress); + log.info("mailTemplateRequestBody.getFrom()===sendMailWithTemplate from param {}",mailTemplateRequestBody.getFrom()); + + mailService.prepareAndSendMail("",mailTemplateRequestBody.getFrom(), + mailTemplateRequestBody.getTo(), + mailTemplateRequestBody.getSubject(), + mailTemplateRequestBody.getMailBodyAsString(), + mailTemplateRequestBody.getPlaceholderValues(), mailTemplateRequestBody.getAttachmentUrl(), false); + return new ResponseEntity<>(HttpStatus.OK); + } catch (Exception exception) { + log.error(EXE_EMAIL_SEND , exception); + try { + + log.info("fromAddress in catch block==sendMailWithTemplate from config {}",fromAddress); + log.info("mailTemplateRequestBody.getFrom() in catch block===sendMailWithTemplate from param {}",mailTemplateRequestBody.getFrom()); + + mailService.prepareAndSendMail(mailTemplateRequestBody.getFrom(),fromAddress, + mailTemplateRequestBody.getTo(), + mailTemplateRequestBody.getSubject(), + mailTemplateRequestBody.getMailBodyAsString(), + mailTemplateRequestBody.getPlaceholderValues(), mailTemplateRequestBody.getAttachmentUrl(), false); + return new ResponseEntity<>(HttpStatus.OK); + } catch (Exception e) { + log.error(EXE_EMAIL_SEND , e); + return new ResponseEntity<>(HttpStatus.FORBIDDEN); + } + } + } + + + @ApiOperation(value = "Unsubscribe Digest Mail Report", response = ResponseEntity.class) + @RequestMapping(value = "/unsubscribe-digest-mail", method = RequestMethod.GET) + public ResponseEntity unsubscribeDigestMail(@RequestParam(name="mailId") String mailId) { + Map response = notificationService.unsubscribeDigestMail(mailId.toLowerCase()); + return ResponseUtils.buildSucessResponse(response); + } + + /** + * + * @param mailDetails + * @return + */ + public ResponseEntity sendTextMailFallBack(final @RequestBody Map mailDetails) { + return new ResponseEntity<>(HttpStatus.REQUEST_TIMEOUT); + } + + + /** + * + * @param assetGroup + * @param ruleId + * @return + * API description: asssetGroup is mandatory & ruleId is optional + * If API receives assetGroup as request parameter, it gives issues count of all open issues and unknown issues for all the rules. + * If API receives both assetGroup and ruleId as request parameter,it gives issues count of all open issues and unknown issues for that rule. + */ + @RequestMapping(path = "/cache", method = RequestMethod.GET) + public ResponseEntity getDeviceDetails(@RequestParam(name="deviceId") String deviceId) + { + if (Strings.isNullOrEmpty(deviceId)) + { + return ResponseUtils.buildFailureResponse(new Exception("Device Id is mandatory")); + } + try { + return ResponseUtils.buildSucessResponse(notificationService.getDeviceDetails(deviceId)); + } catch (Exception e) { + return ResponseUtils.buildFailureResponse(e); + } + + } + + + +} + diff --git a/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/service/MailService.java b/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/service/MailService.java index 517c435d2..611e7ebd7 100644 --- a/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/service/MailService.java +++ b/api/pacman-api-notifications/src/main/java/com/tmobile/pacman/api/notification/service/MailService.java @@ -1,184 +1,193 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.pacman.api.notification.service; - -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringReader; -import java.io.StringWriter; -import java.io.Writer; -import java.net.HttpURLConnection; -import java.net.URL; -import java.util.List; -import java.util.Map; -import java.util.UUID; - -import org.apache.commons.io.FileUtils; -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringUtils; -import org.apache.commons.validator.routines.UrlValidator; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.core.io.ByteArrayResource; -import org.springframework.core.io.ClassPathResource; -import org.springframework.mail.javamail.JavaMailSender; -import org.springframework.mail.javamail.MimeMessageHelper; -import org.springframework.mail.javamail.MimeMessagePreparator; -import org.springframework.stereotype.Service; - -import com.esotericsoftware.minlog.Log; - -import freemarker.template.Configuration; -import freemarker.template.DefaultObjectWrapper; -import freemarker.template.Template; - -@Service -public class MailService { - - private JavaMailSender mailSender; - private MailContentBuilderService mailContentBuilderService; - - @Autowired - public MailService(JavaMailSender mailSender, MailContentBuilderService mailContentBuilderService) { - this.mailSender = mailSender; - this.mailContentBuilderService = mailContentBuilderService; - } - - public void prepareAndSendMail(String from, List to, String subject, String mailMessageUrlOrBody, Map placeholderValues, final String attachmentUrl, final Boolean isPlainMessage) throws Exception { - mailSender.send(buildMimeMessagePreparator(from, to, subject, mailMessageUrlOrBody, placeholderValues, attachmentUrl, isPlainMessage)); - } - - public void prepareTemplateAndSendMail(String from, List to, String subject, String mailMessageUrlOrBody, Map placeholderValues, final String attachmentUrl, final Boolean isPlainMessage) throws Exception { - mailSender.send(prepareTemplateBuildMimeMessagePreparator(from, to, subject, mailMessageUrlOrBody, placeholderValues, attachmentUrl, isPlainMessage)); - } - - public void prepareTemplateAndSendMail(String from, List to, String subject, String mailContent , final String attachmentUrl) throws Exception { - mailSender.send(buildMimeMessagePreparator(from, to, subject, mailContent, attachmentUrl)); - } - - private MimeMessagePreparator buildMimeMessagePreparator(String from, List to, String subject, String mailMessageUrlOrBody, Map placeholderValues, final String attachmentUrl, final Boolean isPlainMessage) { - MimeMessagePreparator messagePreparator = mimeMessage -> { - MimeMessageHelper messageHelper = new MimeMessageHelper(mimeMessage, true); - messageHelper.setFrom(from); - String[] toMailList = to.toArray(new String[to.size()]); - messageHelper.setTo(toMailList); - messageHelper.setSubject(subject); - if(StringUtils.isNotEmpty(attachmentUrl) && isHttpUrl(attachmentUrl)) { - URL url = new URL(attachmentUrl); - String filename = url.getFile(); - byte fileContent [] = getFileContent(url); - messageHelper.addAttachment(filename, new ByteArrayResource(fileContent)); - } - String content = StringUtils.EMPTY; - if(isPlainMessage) { - content = mailContentBuilderService.buildPlainTextMail(mailMessageUrlOrBody, placeholderValues); - } else { - if(!isHttpUrl(mailMessageUrlOrBody)) { - File template = new ClassPathResource("templates/".concat(mailMessageUrlOrBody).concat(".html")).getFile(); - content = mailContentBuilderService.buildPlainTextMail(FileUtils.readFileToString(template, "UTF-8"), placeholderValues); - } else { - String mailBody = mailContentBuilderService.getRemoteMailContent(mailMessageUrlOrBody); - content = mailContentBuilderService.buildPlainTextMail(mailBody, placeholderValues); - } - } - messageHelper.setText(content, true); - }; - return messagePreparator; - } - - private MimeMessagePreparator prepareTemplateBuildMimeMessagePreparator(String from, List to, String subject, String mailMessageUrlOrBody, Map templateModelValues, final String attachmentUrl, final Boolean isPlainMessage) { - MimeMessagePreparator messagePreparator = mimeMessage -> { - MimeMessageHelper messageHelper = new MimeMessageHelper(mimeMessage, true); - messageHelper.setFrom(from); - String[] toMailList = to.toArray(new String[to.size()]); - messageHelper.setTo(toMailList); - messageHelper.setSubject(subject); - if(StringUtils.isNotEmpty(attachmentUrl) && isHttpUrl(attachmentUrl)) { - URL url = new URL(attachmentUrl); - String filename = url.getFile(); - byte fileContent [] = getFileContent(url); - messageHelper.addAttachment(filename, new ByteArrayResource(fileContent)); - } - String content = StringUtils.EMPTY; - if(isPlainMessage) { - content = mailContentBuilderService.buildPlainTextMail(mailMessageUrlOrBody, templateModelValues); - } else { - if(!isHttpUrl(mailMessageUrlOrBody)) { - File template = new ClassPathResource("templates/".concat(mailMessageUrlOrBody).concat(".html")).getFile(); - content = mailContentBuilderService.buildPlainTextMail(FileUtils.readFileToString(template, "UTF-8"), templateModelValues); - } else { - content = processTemplate(mailMessageUrlOrBody, templateModelValues); - } - } - messageHelper.setText(content, true); - }; - return messagePreparator; - } - - private MimeMessagePreparator buildMimeMessagePreparator(String from, List to, String subject, String mailContent , final String attachmentUrl) { - MimeMessagePreparator messagePreparator = mimeMessage -> { - MimeMessageHelper messageHelper = new MimeMessageHelper(mimeMessage, true); - messageHelper.setFrom(from); - String[] toMailList = to.toArray(new String[to.size()]); - messageHelper.setTo(toMailList); - messageHelper.setSubject(subject); - messageHelper.setText(mailContent, true); - if(StringUtils.isNotEmpty(attachmentUrl) && isHttpUrl(attachmentUrl)) { - URL url = new URL(attachmentUrl); - String filename = url.getFile(); - byte fileContent [] = getFileContent(url); - messageHelper.addAttachment(filename, new ByteArrayResource(fileContent)); - } - }; - return messagePreparator; - } - - - @SuppressWarnings("deprecation") - public String processTemplate(String templateUrl, Map model) { - try { - if(templateUrl != null) { - String mailBody = mailContentBuilderService.getRemoteMailContent(templateUrl); - Configuration cfg = new Configuration(); - cfg.setObjectWrapper(new DefaultObjectWrapper()); - Template t = new Template(UUID.randomUUID().toString(), new StringReader(mailBody), cfg); - Writer out = new StringWriter(); - t.process(model, out); - return out.toString(); - } - } catch (Exception exception) { - Log.error(exception.getMessage()); - } - return null; - } - - private byte[] getFileContent(URL attachmentUrl) throws IOException { - HttpURLConnection connection = (HttpURLConnection) attachmentUrl.openConnection(); - InputStream inputStream = connection.getInputStream(); - /* String filename = attachmentUrl.getFile(); - filename = filename.substring(filename.lastIndexOf('/') + 1);*/ - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - IOUtils.copy(inputStream, baos); - inputStream.close(); - baos.close(); - return baos.toByteArray(); - } - - private boolean isHttpUrl(String url) { - return new UrlValidator().isValid(url); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.pacman.api.notification.service; + +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringReader; +import java.io.StringWriter; +import java.io.Writer; +import java.net.HttpURLConnection; +import java.net.URL; +import java.util.List; +import java.util.Map; +import java.util.UUID; + +import org.apache.commons.io.FileUtils; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.validator.routines.UrlValidator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.io.ByteArrayResource; +import org.springframework.core.io.ClassPathResource; +import org.springframework.mail.javamail.JavaMailSender; +import org.springframework.mail.javamail.MimeMessageHelper; +import org.springframework.mail.javamail.MimeMessagePreparator; +import org.springframework.stereotype.Service; + +import com.esotericsoftware.minlog.Log; + +import freemarker.template.Configuration; +import freemarker.template.DefaultObjectWrapper; +import freemarker.template.Template; + +@Service +public class MailService { + + + private final Logger log = LoggerFactory.getLogger(getClass()); + private JavaMailSender mailSender; + private MailContentBuilderService mailContentBuilderService; + + @Autowired + public MailService(JavaMailSender mailSender, MailContentBuilderService mailContentBuilderService) { + this.mailSender = mailSender; + this.mailContentBuilderService = mailContentBuilderService; + } + + public void prepareAndSendMail(String cc,String from, List to, String subject, String mailMessageUrlOrBody, Map placeholderValues, final String attachmentUrl, final Boolean isPlainMessage) throws Exception { + mailSender.send(buildMimeMessagePreparator(cc,from, to, subject, mailMessageUrlOrBody, placeholderValues, attachmentUrl, isPlainMessage)); + } + + public void prepareTemplateAndSendMail(String from, List to, String subject, String mailMessageUrlOrBody, Map placeholderValues, final String attachmentUrl, final Boolean isPlainMessage) throws Exception { + mailSender.send(prepareTemplateBuildMimeMessagePreparator(from, to, subject, mailMessageUrlOrBody, placeholderValues, attachmentUrl, isPlainMessage)); + } + + public void prepareTemplateAndSendMail(String from, List to, String subject, String mailContent , final String attachmentUrl) throws Exception { + mailSender.send(buildMimeMessagePreparator(from, to, subject, mailContent, attachmentUrl)); + } + + private MimeMessagePreparator buildMimeMessagePreparator(String cc,String from, List to, String subject, String mailMessageUrlOrBody, Map placeholderValues, final String attachmentUrl, final Boolean isPlainMessage) { + MimeMessagePreparator messagePreparator = mimeMessage -> { + MimeMessageHelper messageHelper = new MimeMessageHelper(mimeMessage, true); + messageHelper.setFrom(from); + + if(!StringUtils.isEmpty(cc)){ + messageHelper.setCc(cc); + } + + String[] toMailList = to.toArray(new String[to.size()]); + messageHelper.setTo(toMailList); + messageHelper.setSubject(subject); + if(StringUtils.isNotEmpty(attachmentUrl) && isHttpUrl(attachmentUrl)) { + URL url = new URL(attachmentUrl); + String filename = url.getFile(); + byte fileContent [] = getFileContent(url); + messageHelper.addAttachment(filename, new ByteArrayResource(fileContent)); + } + String content = StringUtils.EMPTY; + if(isPlainMessage) { + content = mailContentBuilderService.buildPlainTextMail(mailMessageUrlOrBody, placeholderValues); + } else { + if(!isHttpUrl(mailMessageUrlOrBody)) { + File template = new ClassPathResource("templates/".concat(mailMessageUrlOrBody).concat(".html")).getFile(); + content = mailContentBuilderService.buildPlainTextMail(FileUtils.readFileToString(template, "UTF-8"), placeholderValues); + } else { + String mailBody = mailContentBuilderService.getRemoteMailContent(mailMessageUrlOrBody); + content = mailContentBuilderService.buildPlainTextMail(mailBody, placeholderValues); + } + } + messageHelper.setText(content, true); + }; + return messagePreparator; + } + + private MimeMessagePreparator prepareTemplateBuildMimeMessagePreparator(String from, List to, String subject, String mailMessageUrlOrBody, Map templateModelValues, final String attachmentUrl, final Boolean isPlainMessage) { + MimeMessagePreparator messagePreparator = mimeMessage -> { + MimeMessageHelper messageHelper = new MimeMessageHelper(mimeMessage, true); + messageHelper.setFrom(from); + String[] toMailList = to.toArray(new String[to.size()]); + messageHelper.setTo(toMailList); + messageHelper.setSubject(subject); + if(StringUtils.isNotEmpty(attachmentUrl) && isHttpUrl(attachmentUrl)) { + URL url = new URL(attachmentUrl); + String filename = url.getFile(); + byte fileContent [] = getFileContent(url); + messageHelper.addAttachment(filename, new ByteArrayResource(fileContent)); + } + String content = StringUtils.EMPTY; + if(isPlainMessage) { + content = mailContentBuilderService.buildPlainTextMail(mailMessageUrlOrBody, templateModelValues); + } else { + if(!isHttpUrl(mailMessageUrlOrBody)) { + File template = new ClassPathResource("templates/".concat(mailMessageUrlOrBody).concat(".html")).getFile(); + content = mailContentBuilderService.buildPlainTextMail(FileUtils.readFileToString(template, "UTF-8"), templateModelValues); + } else { + content = processTemplate(mailMessageUrlOrBody, templateModelValues); + } + } + messageHelper.setText(content, true); + }; + return messagePreparator; + } + + private MimeMessagePreparator buildMimeMessagePreparator(String from, List to, String subject, String mailContent , final String attachmentUrl) { + MimeMessagePreparator messagePreparator = mimeMessage -> { + MimeMessageHelper messageHelper = new MimeMessageHelper(mimeMessage, true); + messageHelper.setFrom(from); + String[] toMailList = to.toArray(new String[to.size()]); + messageHelper.setTo(toMailList); + messageHelper.setSubject(subject); + messageHelper.setText(mailContent, true); + if(StringUtils.isNotEmpty(attachmentUrl) && isHttpUrl(attachmentUrl)) { + URL url = new URL(attachmentUrl); + String filename = url.getFile(); + byte fileContent [] = getFileContent(url); + messageHelper.addAttachment(filename, new ByteArrayResource(fileContent)); + } + }; + return messagePreparator; + } + + + @SuppressWarnings("deprecation") + public String processTemplate(String templateUrl, Map model) { + try { + if(templateUrl != null) { + String mailBody = mailContentBuilderService.getRemoteMailContent(templateUrl); + Configuration cfg = new Configuration(); + cfg.setObjectWrapper(new DefaultObjectWrapper()); + Template t = new Template(UUID.randomUUID().toString(), new StringReader(mailBody), cfg); + Writer out = new StringWriter(); + t.process(model, out); + return out.toString(); + } + } catch (Exception exception) { + Log.error(exception.getMessage()); + } + return null; + } + + private byte[] getFileContent(URL attachmentUrl) throws IOException { + HttpURLConnection connection = (HttpURLConnection) attachmentUrl.openConnection(); + InputStream inputStream = connection.getInputStream(); + /* String filename = attachmentUrl.getFile(); + filename = filename.substring(filename.lastIndexOf('/') + 1);*/ + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + IOUtils.copy(inputStream, baos); + inputStream.close(); + baos.close(); + return baos.toByteArray(); + } + + private boolean isHttpUrl(String url) { + return new UrlValidator().isValid(url); + } +} diff --git a/api/pacman-api-notifications/src/test/java/com/tmobile/pacman/api/asset/controller/NotificationControllerTest.java b/api/pacman-api-notifications/src/test/java/com/tmobile/pacman/api/asset/controller/NotificationControllerTest.java index ee5621c19..75638aa3f 100644 --- a/api/pacman-api-notifications/src/test/java/com/tmobile/pacman/api/asset/controller/NotificationControllerTest.java +++ b/api/pacman-api-notifications/src/test/java/com/tmobile/pacman/api/asset/controller/NotificationControllerTest.java @@ -1,202 +1,202 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.pacman.api.asset.controller; - -import static org.mockito.Matchers.anyBoolean; -import static org.mockito.Matchers.anyList; -import static org.mockito.Matchers.anyMap; -import static org.mockito.Matchers.anyString; -import static org.mockito.Matchers.eq; -import static org.mockito.Mockito.doNothing; -import static org.mockito.Mockito.doThrow; -import static org.mockito.Mockito.times; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; -import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; -import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; - -import org.apache.commons.lang.StringUtils; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.mockito.runners.MockitoJUnitRunner; -import org.springframework.http.MediaType; -import org.springframework.test.web.servlet.MockMvc; -import org.springframework.test.web.servlet.setup.MockMvcBuilders; - -import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.common.collect.Lists; -import com.google.common.collect.Maps; -import com.tmobile.pacman.api.notification.controller.NotificationController; -import com.tmobile.pacman.api.notification.dto.MailMessageRequestBody; -import com.tmobile.pacman.api.notification.dto.MailTemplateRequestBody; -import com.tmobile.pacman.api.notification.service.MailService; -import com.tmobile.pacman.api.notification.service.NotificationService; - -@RunWith(MockitoJUnitRunner.class) -public class NotificationControllerTest { - - private MockMvc mockMvc; - - @Mock - private MailService mailService; - - @Mock - private NotificationService notificationService; - - @InjectMocks - private NotificationController notificationController; - - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - mockMvc = MockMvcBuilders.standaloneSetup(notificationController).build(); - } - - @SuppressWarnings("unchecked") - @Test - public void prepareAndSendMailTest() throws Exception { - MailMessageRequestBody mailMessageRequestBody = buildMailMessageRequestBody(); - byte[] mailMessageRequestBodyContent = toJson(mailMessageRequestBody); - doNothing().when(mailService).prepareAndSendMail(anyString(), anyList(), anyString(), anyString(), anyMap(), - anyString(), anyBoolean()); - mockMvc.perform(post("/send-plain-text-mail").content(mailMessageRequestBodyContent) - .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)).andExpect(status().isOk()); - - verify(mailService, times(1)).prepareAndSendMail(mailMessageRequestBody.getFrom(), - mailMessageRequestBody.getTo(), mailMessageRequestBody.getSubject(), - mailMessageRequestBody.getMailBodyAsString(), mailMessageRequestBody.getPlaceholderValues(), - mailMessageRequestBody.getAttachmentUrl(), true); - } - - @SuppressWarnings("unchecked") - @Test - public void prepareAndSendMailExceptionTest() throws Exception { - MailMessageRequestBody mailMessageRequestBody = buildMailMessageRequestBody(); - byte[] mailMessageRequestBodyContent = toJson(mailMessageRequestBody); - doThrow(Exception.class).when(mailService).prepareAndSendMail(anyString(), anyList(), anyString(), anyString(), - anyMap(), anyString(), anyBoolean()); - mockMvc.perform(post("/send-plain-text-mail").content(mailMessageRequestBodyContent) - .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)) - .andExpect(status().isForbidden()); - - } - - @SuppressWarnings("unchecked") - @Test - public void sendMailWithTemplateTest() throws Exception { - MailTemplateRequestBody mailTemplateRequestBody = buildMailTemplateRequestBody(); - byte[] mailTemplateRequestBodyContent = toJson(mailTemplateRequestBody); - doNothing().when(mailService).prepareAndSendMail(anyString(), anyList(), anyString(), anyString(), anyMap(), - anyString(), anyBoolean()); - mockMvc.perform(post("/send-mail-with-template").content(mailTemplateRequestBodyContent) - .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)).andExpect(status().isOk()); - - verify(mailService, times(1)).prepareAndSendMail(mailTemplateRequestBody.getFrom(), - mailTemplateRequestBody.getTo(), mailTemplateRequestBody.getSubject(), - mailTemplateRequestBody.getMailBodyAsString(), mailTemplateRequestBody.getPlaceholderValues(), - mailTemplateRequestBody.getAttachmentUrl(), false); - } - - @SuppressWarnings("unchecked") - @Test - public void sendMailWithTemplateExceptionTest() throws Exception { - MailTemplateRequestBody mailTemplateRequestBody = buildMailTemplateRequestBody(); - byte[] mailTemplateRequestBodyContent = toJson(mailTemplateRequestBody); - doThrow(Exception.class).when(mailService).prepareAndSendMail(anyString(), anyList(), anyString(), anyString(), - anyMap(), anyString(), anyBoolean()); - mockMvc.perform(post("/send-mail-with-template").content(mailTemplateRequestBodyContent) - .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)) - .andExpect(status().isForbidden()); - - } - - @Test - public void unsubscribeDigestMailTest() throws Exception { - when(notificationService.unsubscribeDigestMail(anyString())).thenReturn(Maps.newHashMap()); - mockMvc.perform(get("/unsubscribe-digest-mail") - .param("mailId", StringUtils.EMPTY)) - .andExpect(status().isOk()); - } - - - @Test - public void sendTextMailFallBack() throws Exception { - //doNothing().when(notificationController).sendTextMailFallBack(anyMap()); - notificationController.sendTextMailFallBack(Maps.newHashMap()); - //verify(notificationController, times(1)).sendTextMailFallBack(Maps.newHashMap()); - } - - @Test - public void getDeviceDetailsNotFoundTest() throws Exception { - when(notificationService.getDeviceDetails(eq("device123"))).thenReturn(Maps.newHashMap()); - mockMvc.perform(get("/cache") - .param("deviceId", StringUtils.EMPTY)) - .andExpect(status().isExpectationFailed()); - } - - @Test - public void getDeviceDetailsTest() throws Exception { - when(notificationService.getDeviceDetails(eq("device123"))).thenReturn(Maps.newHashMap()); - mockMvc.perform(get("/cache") - .param("deviceId", "deviceId123")) - .andExpect(status().isOk()); - } - - @SuppressWarnings("unchecked") - @Test - public void getDeviceDetailsExceptionTest() throws Exception { - when(notificationService.getDeviceDetails("device123")).thenThrow(Exception.class); - mockMvc.perform(get("/cache") - .param("deviceId", "device123")) - .andExpect(status().isExpectationFailed()); - } - - - - - - private MailTemplateRequestBody buildMailTemplateRequestBody() { - MailTemplateRequestBody mailTemplateRequestBody = new MailTemplateRequestBody(); - mailTemplateRequestBody.setAttachmentUrl("attachmentUrl"); - mailTemplateRequestBody.setFrom("from"); - mailTemplateRequestBody.setMailBodyAsString("mailBodyAsString"); - mailTemplateRequestBody.setPlaceholderValues(Maps.newHashMap()); - mailTemplateRequestBody.setSubject("subject"); - mailTemplateRequestBody.setTo(Lists.newArrayList()); - return mailTemplateRequestBody; - } - - private MailMessageRequestBody buildMailMessageRequestBody() { - MailMessageRequestBody mailMessageRequestBody = new MailMessageRequestBody(); - mailMessageRequestBody.setAttachmentUrl("attachmentUrl"); - mailMessageRequestBody.setFrom("from"); - mailMessageRequestBody.setMailBodyAsString("mailBodyAsString"); - mailMessageRequestBody.setPlaceholderValues(Maps.newHashMap()); - mailMessageRequestBody.setSubject("subject"); - mailMessageRequestBody.setTo(Lists.newArrayList()); - return mailMessageRequestBody; - } - - private byte[] toJson(Object r) throws Exception { - ObjectMapper map = new ObjectMapper(); - return map.writeValueAsString(r).getBytes(); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.pacman.api.asset.controller; + +import static org.mockito.Matchers.anyBoolean; +import static org.mockito.Matchers.anyList; +import static org.mockito.Matchers.anyMap; +import static org.mockito.Matchers.anyString; +import static org.mockito.Matchers.eq; +import static org.mockito.Mockito.doNothing; +import static org.mockito.Mockito.doThrow; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +import org.apache.commons.lang.StringUtils; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.mockito.runners.MockitoJUnitRunner; +import org.springframework.http.MediaType; +import org.springframework.test.web.servlet.MockMvc; +import org.springframework.test.web.servlet.setup.MockMvcBuilders; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.common.collect.Lists; +import com.google.common.collect.Maps; +import com.tmobile.pacman.api.notification.controller.NotificationController; +import com.tmobile.pacman.api.notification.dto.MailMessageRequestBody; +import com.tmobile.pacman.api.notification.dto.MailTemplateRequestBody; +import com.tmobile.pacman.api.notification.service.MailService; +import com.tmobile.pacman.api.notification.service.NotificationService; + +@RunWith(MockitoJUnitRunner.class) +public class NotificationControllerTest { + + private MockMvc mockMvc; + + @Mock + private MailService mailService; + + @Mock + private NotificationService notificationService; + + @InjectMocks + private NotificationController notificationController; + + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + mockMvc = MockMvcBuilders.standaloneSetup(notificationController).build(); + } + + @SuppressWarnings("unchecked") + @Test + public void prepareAndSendMailTest() throws Exception { + MailMessageRequestBody mailMessageRequestBody = buildMailMessageRequestBody(); + byte[] mailMessageRequestBodyContent = toJson(mailMessageRequestBody); + doNothing().when(mailService).prepareAndSendMail(anyString(),anyString(), anyList(), anyString(), anyString(), anyMap(), + anyString(), anyBoolean()); + mockMvc.perform(post("/send-plain-text-mail").content(mailMessageRequestBodyContent) + .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)).andExpect(status().isOk()); + + verify(mailService, times(1)).prepareAndSendMail("",mailMessageRequestBody.getFrom(), + mailMessageRequestBody.getTo(), mailMessageRequestBody.getSubject(), + mailMessageRequestBody.getMailBodyAsString(), mailMessageRequestBody.getPlaceholderValues(), + mailMessageRequestBody.getAttachmentUrl(), true); + } + + @SuppressWarnings("unchecked") + @Test + public void prepareAndSendMailExceptionTest() throws Exception { + MailMessageRequestBody mailMessageRequestBody = buildMailMessageRequestBody(); + byte[] mailMessageRequestBodyContent = toJson(mailMessageRequestBody); + doThrow(Exception.class).when(mailService).prepareAndSendMail(anyString(),anyString(), anyList(), anyString(), anyString(), + anyMap(), anyString(), anyBoolean()); + mockMvc.perform(post("/send-plain-text-mail").content(mailMessageRequestBodyContent) + .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)) + .andExpect(status().isForbidden()); + + } + + @SuppressWarnings("unchecked") + @Test + public void sendMailWithTemplateTest() throws Exception { + MailTemplateRequestBody mailTemplateRequestBody = buildMailTemplateRequestBody(); + byte[] mailTemplateRequestBodyContent = toJson(mailTemplateRequestBody); + doNothing().when(mailService).prepareAndSendMail(anyString(),anyString(), anyList(), anyString(), anyString(), anyMap(), + anyString(), anyBoolean()); + mockMvc.perform(post("/send-mail-with-template").content(mailTemplateRequestBodyContent) + .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)).andExpect(status().isOk()); + + verify(mailService, times(1)).prepareAndSendMail("",mailTemplateRequestBody.getFrom(), + mailTemplateRequestBody.getTo(), mailTemplateRequestBody.getSubject(), + mailTemplateRequestBody.getMailBodyAsString(), mailTemplateRequestBody.getPlaceholderValues(), + mailTemplateRequestBody.getAttachmentUrl(), false); + } + + @SuppressWarnings("unchecked") + @Test + public void sendMailWithTemplateExceptionTest() throws Exception { + MailTemplateRequestBody mailTemplateRequestBody = buildMailTemplateRequestBody(); + byte[] mailTemplateRequestBodyContent = toJson(mailTemplateRequestBody); + doThrow(Exception.class).when(mailService).prepareAndSendMail(anyString(),anyString(), anyList(), anyString(), anyString(), + anyMap(), anyString(), anyBoolean()); + mockMvc.perform(post("/send-mail-with-template").content(mailTemplateRequestBodyContent) + .contentType(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON)) + .andExpect(status().isForbidden()); + + } + + @Test + public void unsubscribeDigestMailTest() throws Exception { + when(notificationService.unsubscribeDigestMail(anyString())).thenReturn(Maps.newHashMap()); + mockMvc.perform(get("/unsubscribe-digest-mail") + .param("mailId", StringUtils.EMPTY)) + .andExpect(status().isOk()); + } + + + @Test + public void sendTextMailFallBack() throws Exception { + //doNothing().when(notificationController).sendTextMailFallBack(anyMap()); + notificationController.sendTextMailFallBack(Maps.newHashMap()); + //verify(notificationController, times(1)).sendTextMailFallBack(Maps.newHashMap()); + } + + @Test + public void getDeviceDetailsNotFoundTest() throws Exception { + when(notificationService.getDeviceDetails(eq("device123"))).thenReturn(Maps.newHashMap()); + mockMvc.perform(get("/cache") + .param("deviceId", StringUtils.EMPTY)) + .andExpect(status().isExpectationFailed()); + } + + @Test + public void getDeviceDetailsTest() throws Exception { + when(notificationService.getDeviceDetails(eq("device123"))).thenReturn(Maps.newHashMap()); + mockMvc.perform(get("/cache") + .param("deviceId", "deviceId123")) + .andExpect(status().isOk()); + } + + @SuppressWarnings("unchecked") + @Test + public void getDeviceDetailsExceptionTest() throws Exception { + when(notificationService.getDeviceDetails("device123")).thenThrow(Exception.class); + mockMvc.perform(get("/cache") + .param("deviceId", "device123")) + .andExpect(status().isExpectationFailed()); + } + + + + + + private MailTemplateRequestBody buildMailTemplateRequestBody() { + MailTemplateRequestBody mailTemplateRequestBody = new MailTemplateRequestBody(); + mailTemplateRequestBody.setAttachmentUrl("attachmentUrl"); + mailTemplateRequestBody.setFrom("from"); + mailTemplateRequestBody.setMailBodyAsString("mailBodyAsString"); + mailTemplateRequestBody.setPlaceholderValues(Maps.newHashMap()); + mailTemplateRequestBody.setSubject("subject"); + mailTemplateRequestBody.setTo(Lists.newArrayList()); + return mailTemplateRequestBody; + } + + private MailMessageRequestBody buildMailMessageRequestBody() { + MailMessageRequestBody mailMessageRequestBody = new MailMessageRequestBody(); + mailMessageRequestBody.setAttachmentUrl("attachmentUrl"); + mailMessageRequestBody.setFrom("from"); + mailMessageRequestBody.setMailBodyAsString("mailBodyAsString"); + mailMessageRequestBody.setPlaceholderValues(Maps.newHashMap()); + mailMessageRequestBody.setSubject("subject"); + mailMessageRequestBody.setTo(Lists.newArrayList()); + return mailMessageRequestBody; + } + + private byte[] toJson(Object r) throws Exception { + ObjectMapper map = new ObjectMapper(); + return map.writeValueAsString(r).getBytes(); + } +} diff --git a/api/pacman-api-statistics/pom.xml b/api/pacman-api-statistics/pom.xml index efd43f0bf..1602ab3e6 100644 --- a/api/pacman-api-statistics/pom.xml +++ b/api/pacman-api-statistics/pom.xml @@ -95,16 +95,6 @@ test - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix - - - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix-dashboard - - com.jayway.jsonpath json-path diff --git a/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/StatisticsApplication.java b/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/StatisticsApplication.java index 3e81850cf..cc07a1627 100644 --- a/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/StatisticsApplication.java +++ b/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/StatisticsApplication.java @@ -37,8 +37,6 @@ @EnableFeignClients @Configuration @EnableCaching -/*@EnableHystrix -@EnableHystrixDashboard*/ @EnableResourceServer @ComponentScan(basePackages = "com.tmobile.pacman") public class StatisticsApplication implements WebMvcConfigurer { diff --git a/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/controller/StatisticsController.java b/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/controller/StatisticsController.java index c6b3f8dec..c0c2dd438 100644 --- a/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/controller/StatisticsController.java +++ b/api/pacman-api-statistics/src/main/java/com/tmobile/pacman/api/statistics/controller/StatisticsController.java @@ -34,7 +34,6 @@ import org.springframework.web.bind.annotation.RestController; import com.google.common.base.Strings; -import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import com.tmobile.pacman.api.commons.Constants; import com.tmobile.pacman.api.commons.utils.ResponseUtils; import com.tmobile.pacman.api.statistics.StatsConstants; @@ -62,7 +61,7 @@ public class StatisticsController implements Constants { * utilization for last 7 days for given assetGroup. */ @RequestMapping(path = "/v1/cpu-utilization", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getCPUUtilization(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { return ResponseUtils.buildFailureResponse(new Exception(StatsConstants.ERR_MSG_AG_MANDATORY)); @@ -87,7 +86,7 @@ public ResponseEntity getCPUUtilization(@RequestParam("ag") String asset * utilization for last 7 days for given assetGroup. */ @RequestMapping(path = "/v1/network-utilization", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getNetworkUtilization(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { return ResponseUtils.buildFailureResponse(new Exception(StatsConstants.ERR_MSG_AG_MANDATORY)); @@ -112,7 +111,7 @@ public ResponseEntity getNetworkUtilization(@RequestParam("ag") String a * utilization for last 7 days for given assetGroup. */ @RequestMapping(path = "/v1/disk-utilization", method = RequestMethod.GET) - @HystrixCommand + public ResponseEntity getDiskUtilization(@RequestParam("ag") String assetGroup) { if (Strings.isNullOrEmpty(assetGroup)) { return ResponseUtils.buildFailureResponse(new Exception(StatsConstants.ERR_MSG_AG_MANDATORY)); @@ -135,7 +134,7 @@ public ResponseEntity getDiskUtilization(@RequestParam("ag") String asse */ @RequestMapping(path = "/v1/statsdetails", method = RequestMethod.GET) @ResponseBody - @HystrixCommand + public ResponseEntity getStatsDetails() { ResponseVO response; try { @@ -155,7 +154,7 @@ public ResponseEntity getStatsDetails() { */ @RequestMapping(path = "/v1/autofixstats", method = RequestMethod.GET) @ResponseBody - @HystrixCommand + public ResponseEntity getAutofixStats() { Map>> response = new HashMap<>(); try { diff --git a/commons/pac-api-commons/pom.xml b/commons/pac-api-commons/pom.xml index 17d199b9c..ed34ddc2b 100644 --- a/commons/pac-api-commons/pom.xml +++ b/commons/pac-api-commons/pom.xml @@ -96,12 +96,6 @@ org.springframework.cloud spring-cloud-starter-bus-amqp - - - org.springframework.cloud - spring-cloud-starter-netflix-hystrix - - org.springframework.boot spring-boot-starter-test diff --git a/commons/pac-batch-commons/pom.xml b/commons/pac-batch-commons/pom.xml index cb069b796..e20fb0022 100644 --- a/commons/pac-batch-commons/pom.xml +++ b/commons/pac-batch-commons/pom.xml @@ -24,7 +24,7 @@ com.amazonaws aws-java-sdk-bom - 1.11.264 + 1.11.432 pom import diff --git a/commons/pac-batch-commons/src/main/java/com/tmobile/pacman/commons/PacmanSdkConstants.java b/commons/pac-batch-commons/src/main/java/com/tmobile/pacman/commons/PacmanSdkConstants.java index cad7138df..1b45e9745 100644 --- a/commons/pac-batch-commons/src/main/java/com/tmobile/pacman/commons/PacmanSdkConstants.java +++ b/commons/pac-batch-commons/src/main/java/com/tmobile/pacman/commons/PacmanSdkConstants.java @@ -78,7 +78,7 @@ public interface PacmanSdkConstants { String Role_IDENTIFYING_STRING="roleIdentifyingString"; /** The mendetory tags key. */ - String MENDETORY_TAGS_KEY="mandatoryTags"; + String MANDATORY_TAGS_KEY="mandatoryTags"; /** The splitter char. */ String SPLITTER_CHAR="splitterChar"; diff --git a/emailTemplates/pacman-v2-email-template/html.handlebars b/emailTemplates/pacman-v2-email-template/html.handlebars index c9421a67d..ff1a9e082 100644 --- a/emailTemplates/pacman-v2-email-template/html.handlebars +++ b/emailTemplates/pacman-v2-email-template/html.handlebars @@ -5,6 +5,7 @@ + Issue Details @@ -123,10 +124,11 @@ .title{ margin-bottom: 0.7em; font-family: 'Exo 2', sans-serif; + font-weight: 700; } .container{ - width: 16em; + width: 100%; margin-bottom: 1.5em; display: inline-block; vertical-align: top; @@ -155,6 +157,7 @@ .header{ font-family: 'Exo 2', sans-serif; margin-top: 1.5em; + font-weight: 700; } .text{ @@ -211,7 +214,7 @@ .header-text{ text-align: center; - padding: 0.5em; + height: 0.5em; background-color: #20384b; } @@ -227,85 +230,70 @@
Hi
- Please find below the details of the issue requested by you +
Please find below the details of the issue requested by you
+
${statusName}
+
${severityName}
+
${targetTypeName}
+
${ruleCategoryName}
+
-
-
  • Description
  • -
  • ${descname}
  • -
      -
    • Resource ID
    • -
    • ${resourceIdname}
    • -
      -
      -
    • Account ID
    • -
    • ${accountIdname}
    • +
    • Policy Violated
    • +
    • ${policyViolated}
    • -
    • Region
    • -
    • ${regionname}
    • +
    • Policy Description
    • +
    • ${policyDescription}
    • -
    • Severity
    • -
    • ${sevname}
    • +
    • Violation Reason
    • +
    • ${violationReason}
    • -
    • Account Name
    • -
    • ${accountname}
    • +
    • Resource Id
    • +
    • ${resourceId}
    • -
    • Target Type
    • -
    • ${targetname}
    • +
    • Creation Date
    • +
    • ${createdOn}
    • -
    • Rule Category
    • -
    • ${categoryname}
    • +
    • Last Modified Date
    • +
    • ${lastModifiedDate}
    • -
      -
    • Created On
    • -
    • ${createdname}
    • -
      -
      -
    • Modified On
    • -
    • ${modifiedname}
    • -
      -
      -
    • Policy Name
    • -
    • ${policyNameVal}
    • -
    - For more details, please click here + For more details on this violation, please click here diff --git a/emailTemplates/pacman-v2-email-template/rsz_t-mobile_white.png b/emailTemplates/pacman-v2-email-template/rsz_t-mobile_white.png deleted file mode 100644 index 817e2334a..000000000 Binary files a/emailTemplates/pacman-v2-email-template/rsz_t-mobile_white.png and /dev/null differ diff --git a/installer/core/__init__.py b/installer/core/__init__.py index 9f8f7505b..1168dba70 100644 --- a/installer/core/__init__.py +++ b/installer/core/__init__.py @@ -2,8 +2,17 @@ def autoload(config_path, sys_args): + """ + This is the initial method which checks for python version and starts execution. + If python version is less than 3.4 then it stops the execution and warn the user + + Args: + config_path (str): This is the path to the main configuration/settings file + sys_args (dict): CLI Arguments supplied to the command + """ python_version_info = sys.version_info - if python_version_info.major >= 3 and python_version_info.minor >= 5: + + if python_version_info.major >= 3 and python_version_info.minor >= 4: from core.kernel import Kernel # Run the command from command list Kernel(config_path).run(sys_args) diff --git a/installer/core/command.py b/installer/core/command.py index a0a1bfc95..4667cef5c 100644 --- a/installer/core/command.py +++ b/installer/core/command.py @@ -7,6 +7,15 @@ class Command: + """ + This Base class identify and validate a command. If no valid command is found then lists the availabe commands + + Attributes: + commands_dir_path (str): System commands directory where system commands are present + custom_commands_dir_path (str): Custom commands directory where user defined commands are present + mandatory_args (list): Mandatory arguments passed to CLI + optional_args (list): Optional arguments passed to CLI + """ base_dir = 'commands' valid_arg_keys = ["--" + K.CATEGORY_FIELD_NAME, "--dry-run"] @@ -16,6 +25,18 @@ def __init__(self): self.parent_dir_name = self.commands_dir_path.split(os.sep)[-2] def get_command_class_instance(self, sys_argv): + """ + Based on the command provided in the CLI identify the class instance corresponding to the command + + Args: + sys_argv (dict): CLI Arguments supplied to the command + + Returns: + command_class_instance (Command Instance): + Returns commands/install::Install instance for install command + Returns commands/destroy::Destroy instance for destroy command + Returns commands/status::Status instance for status command + """ command_class = self.get_command_class_from_cli(sys_argv) self.mandatory_args = command_class.MANDATORY_ARGS @@ -27,6 +48,18 @@ def get_command_class_instance(self, sys_argv): return command_class_instance def get_command_class_from_cli(self, sys_argv): + """ + Based on the command provided in the CLI identify the class corresponding to the command + + Args: + sys_argv (dict): CLI Arguments supplied to the command + + Returns: + command_class (class): + Returns commands/install::Install class for install command + Returns commands/destroy::Destroy class for destroy command + Returns commands/status::Status class for status command + """ command_name = sys_argv[1] if len(sys_argv) > 1 else None valid_command = self.get_and_validate_command(command_name) @@ -41,6 +74,15 @@ def get_command_class_from_cli(self, sys_argv): return command_class def get_optional_args(self, sys_argv): + """ + Identify the optional aruments supplied by the user for the command + + Args: + sys_argv (dict): CLI Arguments supplied to the command + + Returns: + args_set (list): List of optional arguments supplied to the command + """ args_list = sys_argv[2:] args_set = [] @@ -60,6 +102,7 @@ def _get_formatted_args(self, args_set): return [(arg[0].split('--')[1], arg[1])for arg in args_set] def exit_system_showing_valid_commands(self): + """If the given command is not valid or if no command is supplied then exit execution with displaying the available commands""" print("**** Command Not Found *****\nValid Commands are") for item in self. get_valid_commands(): print(" %s" % item) @@ -72,6 +115,12 @@ def get_and_validate_command(self, command_name): return valid_commands.get(command_name, None) def get_valid_commands(self): + """ + Get all available valid commands + + Returns: + commands_dict (dict): Available valid commands + """ core_command_file_names = get_dir_file_names(self.commands_dir_path) core_command_names = self.get_filtered_command_names(core_command_file_names) commands_dict = {name: {'type': "core"} for name in core_command_names} @@ -83,6 +132,12 @@ def get_valid_commands(self): return commands_dict def get_filtered_command_names(self, file_names): + """ + Get the command names from the files + + Args: + file_names (list): List of file names of commands + """ def f1(x): return not x.startswith('__') @@ -99,14 +154,34 @@ def f4(x): lambda x: all(f(x) for f in [f1, f2, f3, f4]), file_names))) def get_core_commands_dir_path(self): + """ + To get absolute path of the system comamnd + + Returns: + path (str): Absolute path of the command + """ return os.path.join(os.path.abspath( os.path.dirname(__file__)), self.base_dir) def get_custom_commands_dir_path(self): + """ + To get absolute path of the user based comamnd + + Returns: + path (str): Absolute path of the command + """ return os.path.join(Settings.BASE_APP_DIR, "custom", self.base_dir) def validate_optional_args(self, args_set): + """ + Validate optional arguments supplied to the main command name + + Args: + args_set (dict): Dict with key as parameter name and value as its value + Returns: + boolean: If valid arguments then True else False + """ for (key, val) in args_set: if not (key.startswith('--') and key in self.valid_arg_keys): return False @@ -114,6 +189,6 @@ def validate_optional_args(self, args_set): return True def exit_system_showing_valid_optional_args(self): - # TODO- @sajeer + """Exit the execution as the optional parameter supplied is invalid""" print("Optional arguments supplied are not valid") sys.exit() diff --git a/installer/core/commands/__init__.py b/installer/core/commands/__init__.py index 7c025e443..4484909b9 100644 --- a/installer/core/commands/__init__.py +++ b/installer/core/commands/__init__.py @@ -7,6 +7,17 @@ class BaseCommand(metaclass=ABCMeta): + """ + Base command class for all core and user based commands. One should inherit from this class to treat that as a comamnd + + Attributes: + terraform_with_targets (boolean): Identify whether complete installation or partial installation is required + OPTIONAL_ARGS (dict): Optional arguments + MANDATORY_ARGS (dict): Mandatory arguments + category_field_name (str): category field name which used used to identify the resources to be installed/destroyed + Ex: --tags=deploy, tags is the category field name + dry_run (boolean): This argument controls whether actual process is to be run or not + """ OPTIONAL_ARGS = {} MANDATORY_ARGS = {} category_field_name = K.CATEGORY_FIELD_NAME @@ -14,6 +25,12 @@ class BaseCommand(metaclass=ABCMeta): dry_run = False def __init__(self, args): + """ + Constructor method for install + + Args: + args (List): List of key- value pair of args supplied to the command + """ self.args = args self.resource_tags_list = [v for (k, v) in args if k == self.category_field_name] @@ -22,10 +39,38 @@ def __init__(self, args): self.dry_run = True if any([x[1] for x in args if x[0] == "dry-run"]) else self.dry_run + def get_complete_resources(self, input_instance, need_instance=True): + """ + This returns all the resources present in the common configurations + + Returns: + resources_to_process (list): List of all resources + """ + resource_keys_to_process = self.get_resource_keys_to_process(None, None) + resources_to_process = self.get_resources_from_the_keys(resource_keys_to_process, input_instance, need_instance) + + return resources_to_process + def get_resources_to_process(self, input_instance, need_instance=True): - resources_to_process = [] - resource_keys_to_process = self.get_resource_keys_to_process() + """ + This returns the resources to be processed currently. This can either be full resources or part of resources + + Returns: + resources_to_process (list): List of resources + """ + resource_keys_to_process = self.get_resource_keys_to_process(self.resource_tags_list, self.category_field_name) + resources_to_process = self.get_resources_from_the_keys(resource_keys_to_process, input_instance, need_instance) + return resources_to_process + + def get_resources_from_the_keys(self, resource_keys_to_process, input_instance, need_instance): + """ + This returns the resources to be processed based on the key which is the filename + + Returns: + resources_to_process (list): List of resources + """ + resources_to_process = [] for resource in resource_keys_to_process: try: resource = Settings.RESOURCES_FOLDER + '.' + resource @@ -47,13 +92,19 @@ def get_resources_to_process(self, input_instance, need_instance=True): return resources_to_process - def get_resource_keys_to_process(self): + def get_resource_keys_to_process(self, resource_tags_list, category_field_name): + """ + This returns the keys for the resources from the resource list supplied in PROCESS_RESOURCES + + Returns: + resource_keys_to_process (list): List of resource's keys + """ resource_keys_to_process = [] - if self.resource_tags_list: + if resource_tags_list: for resource, attrs in Settings.PROCESS_RESOURCES.items(): for attr, val in attrs.items(): - if attr == self.category_field_name: - if any(x in val for x in self.resource_tags_list): + if attr == category_field_name: + if any(x in val for x in resource_tags_list): resource_keys_to_process.append(resource) else: resource_keys_to_process = Settings.PROCESS_RESOURCES.keys() @@ -67,6 +118,12 @@ def check_pre_requisites(self): pass def read_input(self): + """ + This returns the input read from the provider input class instance + + Returns: + input_instancce (object): Provider Input instance + """ input_instancce = self.input_class() input_instancce.read_input() diff --git a/installer/core/commands/destroy.py b/installer/core/commands/destroy.py index 435b9a91a..3899de7e5 100644 --- a/installer/core/commands/destroy.py +++ b/installer/core/commands/destroy.py @@ -4,11 +4,31 @@ class Destroy(BaseCommand): + """ + Base install class which identify actual provide destroy class and execute destruction + Attributes: + terraform_with_targets (Boolean): Identify whether complete installation or partial installation is required + validation_class (class): Provider validation class for validating inputs (aws validator) + input_class (class): Provider input class + destroy_class (class): Provider desttoy class + """ def __init__(self, args): + """ + Constructor method for destroy + + Args: + args (List): List of key- value pair of args supplied to the command + """ super().__init__(args) def execute(self, provider): + """ + Execution method which read inputs, initialises, validate and execute desroy + + Args: + provider (str): Provider name based on which the corresponding classes are retrieved + """ self.initialize_classes(provider) input_instance = self.read_input() @@ -27,6 +47,12 @@ def execute(self, provider): print(K.RESOURCES_EMPTY) def initialize_classes(self, provider): + """ + Identify and initialize the classes required for execution + + Args: + provider (str): Provider name based on which corresponding classes are retrieved + """ self.validation_class = getattr(importlib.import_module( provider.provider_module + '.validate'), 'SystemDestroyValidation') self.input_class = getattr(importlib.import_module( diff --git a/installer/core/commands/install.py b/installer/core/commands/install.py index 76964bca1..621f8f472 100644 --- a/installer/core/commands/install.py +++ b/installer/core/commands/install.py @@ -5,13 +5,34 @@ class Install(BaseCommand): + """ + Base install class which identify actual provide install class and execute installation + + Attributes: + terraform_with_targets (Boolean): Identify whether complete installation or partial installation is required + validation_class (class): Provider validation class for validating inputs (aws validator) + input_class (class): Provider input class + install_class (class): Provider install class + """ terraform_with_targets = False def __init__(self, args): + """ + Constructor method for install + + Args: + args (List): List of key- value pair of args supplied to the command + """ self.terraform_with_targets = False super().__init__(args) def execute(self, provider): + """ + Execution method which read inputs, initialises, validate and execute install + + Args: + provider (str): Provider name based on which the corresponding classes are retrieved + """ self.initialize_classes(provider) input_instance = self.read_input() @@ -30,6 +51,12 @@ def execute(self, provider): print(K.RESOURCES_EMPTY) def initialize_classes(self, provider): + """ + Identify and initialize the classes required for execution + + Args: + provider (str): Provider name based on which corresponding classes are retrieved + """ self.validation_class = getattr(importlib.import_module( provider.provider_module + '.validate'), 'SystemInstallValidation') self.input_class = getattr(importlib.import_module( diff --git a/installer/core/commands/status.py b/installer/core/commands/status.py index 941dd0483..994fddd0a 100644 --- a/installer/core/commands/status.py +++ b/installer/core/commands/status.py @@ -8,14 +8,35 @@ class Status(BaseCommand, MsgMixin): + """ + Actual status class which display the current status of install/destroy + + Attributes: + terraform_with_targets (Boolean): Identify whether complete installation or partial installation is required. + default to False + input_class (class): Provider input class + """ + terraform_with_targets = False def __init__(self, args): + """ + Constructor method for status + + Args: + args (List): List of key- value pair of args supplied to the command + """ self.terraform_with_targets = False super().__init__(args) logging.disable(logging.ERROR) def execute(self, provider): + """ + Execution method which read inputs, initialises, validate and execute status command + + Args: + provider (str): Provider name based on which the corresponding classes are retrieved + """ py_terraform = PyTerraform() self.initialize_classes(provider) input_instance = self.read_input() @@ -28,7 +49,7 @@ def execute(self, provider): if not status and not terraform_outputs: print(K.NO_STATUS_OUTPUT) else: - print(self.BCYAN_ANSI +"\n%s" % K.CURRENT_STATUS_MSG + self.RESET_ANSI) + print(self.BCYAN_ANSI + "\n%s" % K.CURRENT_STATUS_MSG + self.RESET_ANSI) if terraform_outputs: print("\t%s" % K.CURRENTLY_INSTALLED_RESOURCES) for item in terraform_outputs: @@ -52,5 +73,11 @@ def execute(self, provider): self.display_op_msg(display_op_list) def initialize_classes(self, provider): + """ + Identify and initialize the classes required for execution + + Args: + provider (str): Provider name based on which corresponding classes are retrieved + """ self.input_class = getattr(importlib.import_module( provider.provider_module + '.input'), 'SystemStatusInput') diff --git a/installer/core/config/__init__.py b/installer/core/config/__init__.py index 7464e572c..30c218dc1 100644 --- a/installer/core/config/__init__.py +++ b/installer/core/config/__init__.py @@ -5,19 +5,39 @@ class Settings: + """Framework settings config class which reads all the required variables from common and local configurations""" @classmethod def load_setings(cls, config_path): + """ + Load settings variables from the given configuration path file + + Args: + config_path (path): Path of the main configuration file + """ cls.set_class_attributes(config_path) cls.check_available_attrs_present() cls.set_system_required_settings() @classmethod def is_setting_variable(cls, setting): + """ + Identify setting variable by checking the case. A variable will be considered as a settings only if its variable name + contians uppercase letters + + Args: + setting (str): Variable name + """ return True if setting.isupper() and not setting.startswith("__") and not setting.endswith("__") else False @classmethod def set_class_attributes(cls, config): + """ + Identify the setting variables and attach that to as class property of this class + + Args: + config (str): Config file + """ config_module = importlib.import_module(config) for setting in dir(config_module): @@ -26,27 +46,54 @@ def set_class_attributes(cls, config): @classmethod def set_system_required_settings(cls): + """Framework related mandatory variables are set at this method""" setattr(cls, 'TERRAFORM_DIR', os.path.join(cls.DATA_DIR, 'terraform')) setattr(cls, 'OUTPUT_DIR', os.path.join(cls.DATA_DIR, 'output')) + setattr(cls, 'OUTPUT_STATUS_DIR', os.path.join(cls.DATA_DIR, 'output', 'status')) setattr(cls, 'PYTHON_INTERPRETER', sys.executable) @classmethod def check_available_attrs_present(cls): + """Check required Settings variables are available else exit the execution""" if not cls.check_required_dirs_are_available(): sys.exit() @classmethod def get(cls, attr, default=None): + """ + Return the setting variable value else default value if there is any + + Args: + default (any): Default value if the settings variable is not set + + Returns: + any: Value assigned to the setting variable + """ return getattr(cls, attr, default) @classmethod def set(cls, attr, value): + """ + Set the valiue of setting variable with the value passed + + Args: + value (any): Value passed to assign + + Returns: + value (any): Value assigned to the setting variable + """ setattr(cls, attr, value) return cls.get(attr) @classmethod def check_required_dirs_are_available(cls): + """ + Framework requires some mandatory directories. This method check whether all required dirs are available or not + + Returns: + Boolean: Return True if all required dirs available else False + """ errors = [] if cls.get('LOG_DIR', None) is None: errors.append(K.LOG_DIR_SETTINGS_NOT_FOUND) diff --git a/installer/core/constants.py b/installer/core/constants.py index 5e2aedf29..76f70fdd4 100644 --- a/installer/core/constants.py +++ b/installer/core/constants.py @@ -98,8 +98,8 @@ DESTROY_STATUS_ERROR = 'DESTROY_STATUS_ERROR' STATUS_CODE_MSGS = { - 'APPLY_STATUS_COMPLETED' : "All resources are created/uodated successfully!", - 'APPLY_STATUS_ERROR' : "All resources are not created/uodated successfully. Apply encountered error(s)", + 'APPLY_STATUS_COMPLETED': "All resources are created/uodated successfully!", + 'APPLY_STATUS_ERROR': "All resources are not created/uodated successfully. Apply encountered error(s)", 'DESTROY_STATUS_COMPLETED': "All resources are destroyed successfully!", 'DESTROY_STATUS_ERROR': "All resources are not destroyed successfully. Destroy encountered error(s)" } diff --git a/installer/core/kernel.py b/installer/core/kernel.py index 49ae1269c..acec79878 100644 --- a/installer/core/kernel.py +++ b/installer/core/kernel.py @@ -10,7 +10,16 @@ class Executor(MsgMixin): + """ + This executes the the command which is provided in the CLI + """ def execute(self, command_class_instance): + """ + Initialize and execute the command using the command class object + + Args: + command_class_instance (Command obj): This object is decides the logic behind running the command + """ self.initialize() self.execute_command(command_class_instance) @@ -18,9 +27,21 @@ def initialize(self): pass def execute_command(self, command_class_instance): + """ + Execute the command using the command class object + + Args: + command_class_instance (Command obj): This object is decides the logic behind running the command + """ command_class_instance.execute(self.provider) def do_pre_requisite_check(self): + """ + Before the execution starts, it checks for the pre-requisite. It would return either true or false + + Returns: + Boolean: If the pre-requisite check passes then returns True else False + """ if self.is_another_process_running(): return False @@ -32,6 +53,12 @@ def do_pre_requisite_check(self): return False def is_another_process_running(self): + """ + This method checks whether another Command is running currently + + Returns: + Boolean: If another process is running then it returns True else False + """ if exists_teraform_lock(): self.warn_another_process_running() return True @@ -39,6 +66,12 @@ def is_another_process_running(self): return False def _check_tools_are_available(self): + """ + Based on the settings variable TOOLS_REQUIRED, this method do validate all the tools + + Returns: + Boolean: Return True if all tools are available else False + """ self.show_step_heading(K.TOOLS_CHECK_STARTED) tools_required = Settings.TOOLS_REQUIRED tools_available = True @@ -59,6 +92,12 @@ def _check_tools_are_available(self): return True def _check_python_packages_are_available(self): + """ + Based on the settings variable PYTHON_PACKAGES_REQUIRED, this method do validate all the python packages + + Returns: + Boolean: Return True if all python packages are available else False + """ self.show_step_heading(K.PIP_CHECK_STARTED) error = False for item in Settings.PYTHON_PACKAGES_REQUIRED: @@ -78,6 +117,12 @@ def _check_python_packages_are_available(self): return True def _module_available(self, item): + """ + Based on the settings variable PYTHON_PACKAGES_REQUIRED, this method do validate all the python modules inside a package + + Returns: + Boolean: Return True if all python modules are available else False + """ module_name = item try: if type(item) is tuple: @@ -94,9 +139,22 @@ def _module_available(self, item): class Kernel(Command, Executor): + """ + Kernel module where the actual execution begins. Here system validation is done and settings/configurations are loaded. + Starts running command if everything is successful + + Attributes: + provider (Provider obj): The provider object which can be AWS, Azure etc + """ errors = [] def __init__(self, config_path): + """ + Constructor for the Kernel class, which do system validations and initialises Object attributes + + Args: + config_path (str): This is the path to the main configuration/settings file + """ self.load_settings(config_path) provider_name = Settings.get('PROVIDER', None) self.provider = Provider(provider_name) @@ -104,10 +162,17 @@ def __init__(self, config_path): super().__init__() def do_system_validation(self): + """Here the check for valid provider is done and passes the check if it is validelse exit the execution""" if not self.provider.valid: self.exit_with_provider_not_found() def run(self, sys_args): + """ + Actual execution of the command is started from here + + Args: + sys_args (dict): CLI Arguments supplied to the command + """ self.show_loading_messsage() Settings.set('running_command', ' '.join(sys_args)) try: @@ -120,4 +185,10 @@ def run(self, sys_args): SysLog().write_error_log(str(e)) def load_settings(self, config_path): + """ + Load all the main and local configurations into the system + + Args: + config_path (str): This is the path to the main configuration/settings file + """ Settings.load_setings(config_path) diff --git a/installer/core/lib/python_terraform/__init__.py b/installer/core/lib/python_terraform/__init__.py index ceaab48b0..28b69a2fd 100644 --- a/installer/core/lib/python_terraform/__init__.py +++ b/installer/core/lib/python_terraform/__init__.py @@ -9,7 +9,6 @@ import tempfile - try: # Python 2.7+ from logging import NullHandler except ImportError: @@ -31,10 +30,10 @@ class IsNotFlagged: class TerraformCommandError(subprocess.CalledProcessError): - def __init__(self, ret_code, cmd, out, err): - super(TerraformCommandError, self).__init__(ret_code, cmd) - self.out = out - self.err = err + def __init__(self, ret_code, cmd, out, err): + super(TerraformCommandError, self).__init__(ret_code, cmd) + self.out = out + self.err = err class Tfstate(object): @@ -139,7 +138,7 @@ def apply(self, dir_or_plan=None, input=False, skip_plan=False, no_color=IsFlagg default = kwargs default['input'] = input default['no_color'] = no_color - default['auto-approve'] = (skip_plan == True) + default['auto-approve'] = True option_dict = self._generate_default_options(default) args = self._generate_default_args(dir_or_plan) return self.cmd('apply', *args, **option_dict) @@ -379,7 +378,7 @@ def output(self, *args, **kwargs): name_provided = (len(args) > 0) kwargs['json'] = IsFlagged if not kwargs.get('capture_output', True) is True: - raise ValueError('capture_output is required for this method') + raise ValueError('capture_output is required for this method') ret, out, err = self.output_cmd(*args, **kwargs) diff --git a/installer/core/log.py b/installer/core/log.py index 239d58f84..44f00876b 100644 --- a/installer/core/log.py +++ b/installer/core/log.py @@ -7,6 +7,16 @@ class SysLog: + """ + Main logger to log the execution process at different stages in specific log files + + Attributes: + line_lenght (int): Starting/Ending messaage length + error_log (path): Path of the error log file + debug_log (path): Path of the debug log file + terraform_install_log (path): Path of terraform apply log file + terraform_destroy_log (path): Path of terraform destroy log file + """ line_lenght = 100 def __init__(self): @@ -16,7 +26,13 @@ def __init__(self): self.terraform_destroy_log = os.path.join(Settings.LOG_DIR, 'terraform_destroy.log') def write_error_log(self, msg, with_trace=True): + """ + Write message with traceback to error log file + Args: + msg (str): Error message + with_trace (Boolean): Decides whether to add trace to the log file + """ with open(self.error_log, 'a+') as logfile: logfile.write('Running Command: %s\n' % Settings.running_command) if with_trace: @@ -27,11 +43,23 @@ def write_error_log(self, msg, with_trace=True): self.write_debug_log(msg) def write_debug_log(self, msg): + """ + Write debug message to debug log file + + Args: + msg (str): Debug message + """ now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') with open(self.debug_log, 'a+') as logfile: logfile.write("%s: %s\n" % (now, msg)) def debug_started(self, command): + """ + Write debug start message to debug log file + + Args: + command (str): Command name supplied for the execution + """ now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') lines = [ "%s\n" % ("*" * self.line_lenght), @@ -44,6 +72,12 @@ def debug_started(self, command): logfile.writelines(lines) def write_terraform_init_log(self, response): + """ + Write terraform init command response to install log + + Args: + response (str): Response of terraform init command + """ head_msg = "Terraform Init is done" with open(self.terraform_install_log, 'a+') as logfile: logfile.write(self._write_header(head_msg)) @@ -52,6 +86,12 @@ def write_terraform_init_log(self, response): self.write_debug_log(K.TERRAFORM_INIT_COMPLETED) def write_terraform_plan_log(self, response): + """ + Write terraform plan command response to install log + + Args: + response (str): Response of terraform plan command + """ head_msg = "Terraform Plan is done" with open(self.terraform_install_log, 'a+') as logfile: logfile.write(self._write_header(head_msg)) @@ -60,6 +100,12 @@ def write_terraform_plan_log(self, response): self.write_debug_log(K.TERRAFORM_PLAN_COMPLETED) def write_terraform_apply_log_header(self): + """ + Write terraform apply command response to install log + + Args: + response (str): Response of terraform apply command + """ with open(self.terraform_install_log, 'a+') as logfile: logfile.write("*" * 100) logfile.write("\n*** Terraform Apply Started") @@ -68,6 +114,12 @@ def write_terraform_apply_log_header(self): self.write_debug_log(K.TERRAFORM_APPLY_STARTED) def write_terraform_destroy_log_header(self): + """ + Write terraform destroy command response to destroy log + + Args: + response (str): Response of terraform destroy command + """ with open(self.terraform_destroy_log, 'a+') as logfile: logfile.write("*" * 100) logfile.write("\n*** Terraform Destroy Started ***") @@ -76,13 +128,34 @@ def write_terraform_destroy_log_header(self): self.write_debug_log(K.TERRAFORM_DESTROY_STARTED) def _write_header(self, head_msg=None): + """ + Return the write_header message for printing title of the log + + Args: + head_msg (str): Message to be written if any + + Returns: + header (str): A text to be printed on the header + """ now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') header = "\n%s\nDateTime: %s \nMessage: %s \n" % ("*" * 100, now, head_msg) return header def get_terraform_install_log_file(self): + """ + Return terraform install log file path + + Returns: + terraform_install_log (path): Terraform install log file path + """ return self.terraform_install_log def get_terraform_destroy_log_file(self): + """ + Return terraform destroy log file path + + Returns: + terraform_destroy_log (path): Terraform destroy log file path + """ return self.terraform_destroy_log diff --git a/installer/core/mixins.py b/installer/core/mixins.py index e22268d53..40d4c9680 100644 --- a/installer/core/mixins.py +++ b/installer/core/mixins.py @@ -10,6 +10,9 @@ class MsgMixin(metaclass=ABCMeta): + """ + This is message mixins class used by almost all classes to display message on the command window + """ column_length = 115 TITLE_ANSI = "\033[95m" BOLD_ANSI = "\033[1m" @@ -27,6 +30,7 @@ class MsgMixin(metaclass=ABCMeta): BMAGENTA = "\u001b[35;1m" def show_loading_messsage(self): + """This function is called to display the title/initial message when the execution starts""" print(self.BMAGENTA) if os.path.exists(Settings.LOADER_FILE_PATH): with open(Settings.LOADER_FILE_PATH, "r") as f: @@ -46,10 +50,19 @@ def show_loading_messsage(self): print("%s %s %s" % (surrounding_char * pre_hash_count, Settings.SETUP_DESCRIPTION, surrounding_char * post_hash_count)) print(surrounding_char * column_length) - print(self.RESET_ANSI) def _get_pre_and_post_char_length(self, message, column_length): + """ + Find the number fo prefix and suffix characters to be printed to keep that line with same column length + + Args: + message (str): Message to be displayed on the ;line + column_length (int): Number of characters to be displayed on the line + + Returns: + pre_hash_count, post_hash_count (int, int): Number of chars to print + """ pre_hash_count = math.ceil(int(column_length - len(message) - 2) / 2) post_hash_count = math.floor(int(column_length - len(message) - 2) / 2) @@ -83,6 +96,12 @@ def show_step_finish(self, end_heading, write_log=True, color=""): print(color + end_heading + self.RESET_ANSI) def show_step_inner_messaage(self, message, status, error_msg=None): + """ + Show an inner message + + Args: + message (str): Message to be displayed on the line + """ dot_len = self.column_length - len(message) - 30 print_message = "\t%s %s [%s]" % (message, self._get_line_dots_in_color(dot_len), self._get_status_in_color(status)) SysLog().write_debug_log(print_message) @@ -116,29 +135,64 @@ def _get_heading_message_in_color(self, message, color=None): return color + message + self.RESET_ANSI def _input_message_in_color(self, message): + """ + Show an inner message in pale yellow color + + Args: + message (str): Message to be displayed on the line + """ return self.WARN_ANSI + message + self.RESET_ANSI def show_step_inner_error(self, message): + """ + Show message as sep message i.e with a tab prefix to display error + + Args: + message (str): Message to be displayed on the line + """ print_message = "\t%s" % self._get_error_msg_in_color(message) SysLog().write_error_log(print_message) print(print_message) def show_step_inner_warning(self, message): + """ + Show message as sep message i.e with a tab prefix to display warning + + Args: + message (str): Message to be displayed on the line + """ print_message = "\t%s" % message SysLog().write_debug_log(print_message) - print(self.WARN_ANSI + print_message + self.RESET_ANSI) + print(self.WARN_ANSI + print_message + self.RESET_ANSI) def show_progress_start_message(self, message): + """ + Start message when a dot progress process is running + + Args: + message (str): Message to be displayed on the line + """ progress_bracket = self.BGREEN_ANSI + "[. ]" + self.RESET_ANSI sys.stdout.write("\r\t%s %s\b\b\b\b" % (message, progress_bracket)) def erase_printed_line(self): + """ + Erase already printed previous line only + """ sys.stdout.flush() blank_line = " " * self.column_length sys.stdout.write("\r%s\r" % blank_line) sys.stdout.flush() def show_progress_message(self, message, time_delay): + """ + Dot progress message display during the execution + + Args: + message (str): Message to be displayed on the line + time_delay (int): Number of seconds to make delay to print next dot + """ + self.erase_printed_line() self.show_progress_start_message(message) sys.stdout.write(self.BGREEN_ANSI) sys.stdout.flush() @@ -154,6 +208,12 @@ def show_progress_message(self, message, time_delay): sleep(time_delay) def display_op_msg(self, display_op_list): + """ + Display output message at the end of process execution + + Args: + display_op_list (list): List of key, value pairs to be displayed + """ if display_op_list: result_title = "OUTPUT" column_length = self.column_length - 10 @@ -180,10 +240,26 @@ def stdout_flush(self): sys.stdout.flush() def get_duration(self, time_delta): + """ + Find the duration as minute and seconds and returns it + + Args: + time_delta(delta time): time difference + + Returns: + duration (str): Duration in minute and seconds. Ex: 6m 34s + """ duration = datetime(1, 1, 1) + time_delta return "%sm %ss" % (duration.minute, duration.second) def display_process_duration(self, start_time, end_time, step=True): + """ + Display how much time required to execute the process + + Args: + Start ttime (int): Starting timestamp of the process + end_time (int): Ending timestamp of the process + """ time_delta = end_time - start_time duration = self.get_duration(time_delta) message = "\t" if step else "" @@ -191,6 +267,7 @@ def display_process_duration(self, start_time, end_time, step=True): print(message) def warn_another_process_running(self): + """Warn the userr if already another process is running and user tries to execute anothe command""" message = self.BERROR_ANSI + K.ANOTHER_PROCESS_RUNNING + self.RESET_ANSI print("\t%s\n" % message) diff --git a/installer/core/providers/aws/__init__.py b/installer/core/providers/aws/__init__.py index 610c94ea1..5d5ffcde0 100644 --- a/installer/core/providers/aws/__init__.py +++ b/installer/core/providers/aws/__init__.py @@ -10,14 +10,47 @@ class BaseAction(MsgMixin): + """ + This Base class for AWS Install and Destroy classes. + + Attributes: + check_dependent_resources (boolean): Check the resources added to DEPENDS_ON should be checked or not + total_resources_count (int): Total number of resources to be installed/destroyed + input (instance): Input instance to AWS install/destroy provider + tf_outputs (dict): Terraform output dict + """ check_dependent_resources = True - resource_count = 0 + total_resources_count = 0 def __init__(self, input=None): self.input = input self.tf_outputs = PyTerraform.load_terraform_output_from_json_file() + self.clear_status_dir_files() + + def clear_status_dir_files(self): + """ + Clear the files in status directory after installation. These files are used to get the count of installed + resources during installation + """ + item = os.walk(Settings.OUTPUT_STATUS_DIR).__next__() + for f in item[2]: # First arg is root, second arg is dirs and 3rd arg is files + if str(f) != ".gitignore": + os.unlink(os.path.join(Settings.OUTPUT_STATUS_DIR, f)) + + def files_count_in_output_status_dir(self): + """ + Total number of files present in the status directory. This number is used to identify as the number of + installed resources + + Returns: + files_count (int): Number of files present in the direcotry + """ + path, dirs, files = os.walk(Settings.OUTPUT_STATUS_DIR).__next__() + + return len(files) def _create_terraform_provider_file(self): + """Terraform provider file is created as part of installation/destruction execution""" terraform_provider_file = get_terraform_provider_file() provider_script = { 'provider': { @@ -33,11 +66,13 @@ def _create_terraform_provider_file(self): json.dump(provider_script, jsonfile, indent=4) def _delete_terraform_provider_file(self): + """Terraform provider file which is created as part of installation/destruction is removed after the execution""" terraform_provider_file = get_terraform_provider_file() if os.path.isfile(terraform_provider_file): os.remove(terraform_provider_file) def _delete_all_terraform_files(self): + """"Delete all terraform files before terraform regeneration if the install is done on all resources""" for file in os.listdir(Settings.TERRAFORM_DIR): if file.endswith(".tf"): file_abs_path = os.path.join(Settings.TERRAFORM_DIR, file) @@ -47,6 +82,15 @@ def validate_resources(self, resources): return self.validate_resource_existence(resources) def validate_resource_existence(self, resources): + """ + Check whether the resource to be created as part of installation is already exists in AWS + + Args: + resources (list): Resources to be installed + + Returns: + can_continue_installation (boolean): True if any resource already present in AWS else False + """ can_continue_installation = True if not Settings.get('SKIP_RESOURCE_EXISTENCE_CHECK', False): self.show_step_heading(K.RESOURCE_EXISTS_CHECK_STARTED) @@ -58,6 +102,7 @@ def validate_resource_existence(self, resources): self.show_progress_start_message("Checking resource existence for %s" % resource_class.__name__) exists, checked_details = resource.check_exists_before(self.input, self.tf_outputs) self.erase_printed_line() + self.total_resources_count += 1 if exists: can_continue_installation = False @@ -70,10 +115,35 @@ def validate_resource_existence(self, resources): else: self.show_step_finish(K.RESOURCE_EXISTS_CHECK_FAILED, color=self.ERROR_ANSI) self.stdout_flush() + else: + self._load_total_resources_count(resources) return can_continue_installation + def _load_total_resources_count(self, resources): + """ + Find the number of real terraform resources to be created/destroyed + + Args: + resources (list): All kind of resources to be installed/destroyed including data resources + """ + self.total_resources_count = 0 + for resource in resources: + resource_class = resource.__class__ + if TerraformResource in inspect.getmro(resource_class): + self.total_resources_count += 1 + def validate_arguments(self, resources, terraform_with_targets): + """ + Validate all arguments of all terraform resources + + Args: + resources (list): All kind of resources to be installed/destroyed including data resources + terraform_with_targets (boolean): True if subset of all resources to be installed else False + + Returns: + key_msg (dict): Dict contains error messages if anny else empty dict + """ key_msg = {} if not terraform_with_targets: resource_id_with_depends_on = {} @@ -89,6 +159,16 @@ def validate_arguments(self, resources, terraform_with_targets): return key_msg def validate_depends_on_resources(self, resource_id_with_depends_on, key_msg): + """ + Validate resources availability for the DEPENDS_ON attribute + + Args: + resource_id_with_depends_on (str): Resource ID for which the depends on resources to be validated + key_msg (dict): Dict contains error messages if anny else empty dict + + Returns: + key_msg (dict): Dict contains error messages if anny else empty dict + """ if self.check_dependent_resources: install_resource_keys = resource_id_with_depends_on.keys() @@ -107,9 +187,27 @@ def validate_depends_on_resources(self, resource_id_with_depends_on, key_msg): return key_msg def _get_depends_key(self, resource): + """ + Get resource id of the dependent resource + + Args: + resource (object): terraform resource + + Returns: + resource_id (str): Resource ID + """ return str(resource.get_resource_id()) def _get_terraform_output_count(self, prev_count): + """ + Get current terraform resources count by calling the output command + + Args: + prev_count (int): Previous count obtained before the current instant + + Returns: + count (int): Current resources count + """ try: output = PyTerraform.load_terraform_output() return len(output) diff --git a/installer/core/providers/aws/boto3/aws_lambda.py b/installer/core/providers/aws/boto3/aws_lambda.py index e4e2002b5..e8fa321f3 100644 --- a/installer/core/providers/aws/boto3/aws_lambda.py +++ b/installer/core/providers/aws/boto3/aws_lambda.py @@ -2,6 +2,17 @@ def get_lambda_client(access_key, secret_key, region): + """ + Returns the client object for AWS Lambda + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: Lambda Client Obj + """ return boto3.client( "lambda", region_name=region, @@ -10,6 +21,18 @@ def get_lambda_client(access_key, secret_key, region): def check_function_exists(function_name, access_key, secret_key, region): + """ + Checks the passed lambda function exists or not + + Args: + function_name (str): AWS Lambda function name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + boolean: True if Lambda exists else False + """ client = get_lambda_client(access_key, secret_key, region) try: response = client.get_function(FunctionName=function_name) diff --git a/installer/core/providers/aws/boto3/batch.py b/installer/core/providers/aws/boto3/batch.py index c0e865932..3f668b5d9 100644 --- a/installer/core/providers/aws/boto3/batch.py +++ b/installer/core/providers/aws/boto3/batch.py @@ -2,6 +2,17 @@ def get_batch_client(access_key, secret_key, region): + """ + Returns the client object for AWS Batch + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS Batch Client Obj + """ return boto3.client( 'batch', region_name=region, @@ -10,6 +21,18 @@ def get_batch_client(access_key, secret_key, region): def get_compute_environments(compute_envs, access_key, secret_key, region): + """ + Returns AWS Batch compute envs list with all details + + Args: + compute_envs (list): List of compute env names + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + envs (list): List of all Batch compute envs with all details + """ client = get_batch_client(access_key, secret_key, region) response = client.describe_compute_environments( @@ -20,25 +43,79 @@ def get_compute_environments(compute_envs, access_key, secret_key, region): def check_compute_env_exists(compute_env, access_key, secret_key, region): + """ + Check whether the given compute env name already exists in AWS account + + Args: + compute_env (str): Compute env name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ if len(get_compute_environments([compute_env], access_key, secret_key, region)): return True else: return False +def get_job_definitions(job_def_name, access_key, secret_key, region): + """ + Get all job definition versions with details + + Args: + job_def_name (str): Job definiiton name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + jobDefinitions (list): List of all job definitions with details + """ + response = client.describe_job_definitions( + jobDefinitionName=job_def_name, + status='ACTIVE' + ) + + return response['jobDefinitions'] + + def check_job_definition_exists(job_def_name, access_key, secret_key, region): + """ + Check whether the given job definiiton exists in AWS Batch + + Args: + job_def_name (str): Job definiiton name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if it already exists else False + """ client = get_batch_client(access_key, secret_key, region) try: - response = client.describe_job_definitions( - jobDefinitionName=job_def_name, - status='ACTIVE' - ) - return True if len(response['jobDefinitions']) else False + job_definitions = get_job_definitions(job_def_name, access_key, secret_key, region) + return True if len(job_definitions) else False except: return False def check_job_queue_exists(job_queue_name, access_key, secret_key, region): + """ + Check whether the given job queue exists in AWS Batch + + Args: + job_queue_name (str): Job Queue name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if it already exists else False + """ client = get_batch_client(access_key, secret_key, region) try: response = client.describe_job_queues( diff --git a/installer/core/providers/aws/boto3/cloudwatch_event.py b/installer/core/providers/aws/boto3/cloudwatch_event.py index ec0edd969..f71aca407 100644 --- a/installer/core/providers/aws/boto3/cloudwatch_event.py +++ b/installer/core/providers/aws/boto3/cloudwatch_event.py @@ -2,6 +2,17 @@ def get_event_client(access_key, secret_key, region): + """ + Returns the client object for AWS Events + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS Cloudwatch Event Client Obj + """ return boto3.client( "events", region_name=region, @@ -10,6 +21,18 @@ def get_event_client(access_key, secret_key, region): def check_rule_exists(rule_name, access_key, secret_key, region): + """ + Check wheter the given cloudwatch rule already exists in AWS account + + Args: + rule_name (str): Cloudwatch rule name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_event_client(access_key, secret_key, region) try: response = client.describe_rule(Name=rule_name) diff --git a/installer/core/providers/aws/boto3/cloudwatch_log.py b/installer/core/providers/aws/boto3/cloudwatch_log.py index 17d8ab1f0..582ecd88f 100644 --- a/installer/core/providers/aws/boto3/cloudwatch_log.py +++ b/installer/core/providers/aws/boto3/cloudwatch_log.py @@ -2,6 +2,17 @@ def get_logs_client(access_key, secret_key, region): + """ + Returns the client object for AWS Cloudwatch Log + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS Cloudwatch Event Log Obj + """ return boto3.client( "logs", region_name=region, @@ -10,6 +21,18 @@ def get_logs_client(access_key, secret_key, region): def check_log_group_exists(log_group_name, access_key, secret_key, region): + """ + Check wheter the given cloudwatch log group already exists in AWS account + + Args: + log_group_name (str): Cloudwatch log group name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_logs_client(access_key, secret_key, region) try: response = client.describe_log_groups(logGroupNamePrefix=log_group_name) diff --git a/installer/core/providers/aws/boto3/ecr.py b/installer/core/providers/aws/boto3/ecr.py index b3ecc1f3c..50f31f4f6 100644 --- a/installer/core/providers/aws/boto3/ecr.py +++ b/installer/core/providers/aws/boto3/ecr.py @@ -2,6 +2,17 @@ def get_ecr_client(access_key, secret_key, region): + """ + Returns the client object for AWS ECR (Elastic COntainer Repository) + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS ECR Object + """ return boto3.client( "ecr", region_name=region, @@ -10,9 +21,21 @@ def get_ecr_client(access_key, secret_key, region): def check_ecr_exists(repo_name, access_key, secret_key, region): + """ + Check wheter the given ECR already exists in AWS account + + Args: + repo_name (str): Repository name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_ecr_client(access_key, secret_key, region) try: - response = client.describe_repositories(Names=[repo_name]) - return True if len(response['repositoryNames']) else False + response = client.describe_repositories(repositoryNames=[repo_name]) + return True if len(response['repositories']) else False except: return False diff --git a/installer/core/providers/aws/boto3/ecs.py b/installer/core/providers/aws/boto3/ecs.py index e77c3a1e8..49c4c6873 100644 --- a/installer/core/providers/aws/boto3/ecs.py +++ b/installer/core/providers/aws/boto3/ecs.py @@ -2,6 +2,17 @@ def get_ecs_client(access_key, secret_key, region): + """ + Returns the client object for AWS ECS + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS ECS Object + """ return boto3.client( "ecs", region_name=region, @@ -9,7 +20,16 @@ def get_ecs_client(access_key, secret_key, region): aws_secret_access_key=secret_key) -def delete_task_definition(access_key, secret_key, region, task_definition): +def deregister_task_definition(access_key, secret_key, region, task_definition): + """ + Deregister all revisions of a given task definition from ECS + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + task_definition (str): Task definition name + """ client = get_ecs_client(access_key, secret_key, region) # We need to get the list of all Active revisions of the given task definition # So we cannot use describe_task_definition which return the latest one only @@ -19,16 +39,40 @@ def delete_task_definition(access_key, secret_key, region, task_definition): client.deregister_task_definition(taskDefinition=task_def) -def check_ecs_cluster_exists(cluster_name, access_key, secret_key, region): +def check_ecs_cluster_exists(cluster, access_key, secret_key, region): + """ + Check wheter the given ECS cluster already exists in AWS account + + Args: + cluster (str): Repository name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_ecs_client(access_key, secret_key, region) try: - response = client.describe_clusters(Names=[cluster_name]) + response = client.describe_clusters(Names=[cluster]) return True if len(response['clusters']) else False except: return False def check_ecs_task_definition_exists(task_definition, access_key, secret_key, region): + """ + Check wheter the given ECS Task definition already exists in AWS account + + Args: + task_definition (str): Task Definition Name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_ecs_client(access_key, secret_key, region) try: response = client.describe_task_definition(taskDefinition=task_definition) @@ -37,29 +81,103 @@ def check_ecs_task_definition_exists(task_definition, access_key, secret_key, re return False -def check_ecs_service_exists(service_name, cluster_name, access_key, secret_key, region): +def check_ecs_service_exists(service_name, cluster, access_key, secret_key, region): + """ + Check wheter the given ECS CLuster service already exists in AWS account + + Args: + service_name (str): ECS CLuster service name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_ecs_client(access_key, secret_key, region) try: - response = client.describe_services(services=[service_name], cluster=cluster_name) + response = client.describe_services(services=[service_name], cluster=cluster) return True if len(response['services']) else False except: return False -def get_all_task_arns(cluster_name, access_key, secret_key, region): +def get_all_task_arns(cluster, access_key, secret_key, region): + """ + Get all task arns in a given cluster + + Args: + cluster (str): Cluster name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + taskArns (list): List of all task arns + """ client = get_ecs_client(access_key, secret_key, region) try: - response = client.list_tasks(cluster=cluster_name) - except: + response = client.list_tasks(cluster=cluster) + except Exception as e: return [] return response['taskArns'] -def stop_all_services_in_a_cluster(cluster_name, access_key, secret_key, region): - task_arns = get_all_task_arns(cluster_name, access_key, secret_key, region) +def stop_all_tasks_in_a_cluster(cluster, access_key, secret_key, region): + """ + Terminate all tasks in a given cluster + + Args: + cluster (str): Cluster name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + """ + task_arns = get_all_task_arns(cluster, access_key, secret_key, region) client = get_ecs_client(access_key, secret_key, region) for task_arn in task_arns: - client.stop_task(task=task_arn, cluster=cluster_name) + client.stop_task(task=task_arn, cluster=cluster) + + +def delete_cluster(cluster, access_key, secret_key, region): + """ + Delete a cluster from AWS ECS + + Args: + cluster (str): Cluster name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + boolean: True if cluster get deleted else False + """ + client = get_ecs_client(access_key, secret_key, region) + + try: + client.delete_cluster(cluster=cluster) + return True + except Exception as e: + return False + + +def delete_container_instances(cluster, access_key, secret_key, region): + """ + Delete all contianer instances(Ec2) from a cluster + + Args: + cluster (str): Cluster name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + """ + client = get_ecs_client(access_key, secret_key, region) + container_arns = client.list_container_instances(cluster=cluster)['containerInstanceArns'] + for container_arn in container_arns: + try: + client.deregister_container_instance(cluster=cluster, containerInstance=container_arn, force=True) + except: + pass diff --git a/installer/core/providers/aws/boto3/elb.py b/installer/core/providers/aws/boto3/elb.py index dfcea9b7f..e24ad555b 100644 --- a/installer/core/providers/aws/boto3/elb.py +++ b/installer/core/providers/aws/boto3/elb.py @@ -2,6 +2,17 @@ def get_elbv2_client(access_key, secret_key, region): + """ + Returns the client object for AWS ELB + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS ELB Object + """ return boto3.client( "elbv2", region_name=region, @@ -10,6 +21,18 @@ def get_elbv2_client(access_key, secret_key, region): def check_alb_exists(alb_name, access_key, secret_key, region): + """ + Check wheter the given ALB already exists in the AWS Account + + Args: + alb_name (str): Load balancer name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_elbv2_client(access_key, secret_key, region) try: response = client.describe_load_balancers(Names=[alb_name]) @@ -19,6 +42,18 @@ def check_alb_exists(alb_name, access_key, secret_key, region): def check_target_group_exists(tg_name, access_key, secret_key, region): + """ + Check wheter the given Target group already exists in the AWS Account + + Args: + tg_name (str): Target group name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_elbv2_client(access_key, secret_key, region) try: response = client.describe_target_groups(Names=[tg_name]) diff --git a/installer/core/providers/aws/boto3/es.py b/installer/core/providers/aws/boto3/es.py index ec39f6c6f..f77771d83 100644 --- a/installer/core/providers/aws/boto3/es.py +++ b/installer/core/providers/aws/boto3/es.py @@ -2,6 +2,17 @@ def get_es_client(access_key, secret_key, region): + """ + Returns the client object for AWS Elasticsearch + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS Elasticsearch Object + """ return boto3.client( 'es', region_name=region, @@ -10,6 +21,18 @@ def get_es_client(access_key, secret_key, region): def check_es_domain_exists(domain_name, access_key, secret_key, region): + """ + Check wheter the given ES Domain already exists in the AWS Account + + Args: + domain_name (str): ES Domain name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_es_client(access_key, secret_key, region) try: response = client.describe_elasticsearch_domain( diff --git a/installer/core/providers/aws/boto3/iam.py b/installer/core/providers/aws/boto3/iam.py index 29abf8aed..ffb0c6d65 100644 --- a/installer/core/providers/aws/boto3/iam.py +++ b/installer/core/providers/aws/boto3/iam.py @@ -2,6 +2,16 @@ def get_iam_client(access_key, secret_key): + """ + Returns the client object for AWS IAM + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + obj: AWS IAM Object + """ return boto3.client( 'iam', aws_access_key_id=access_key, @@ -9,6 +19,16 @@ def get_iam_client(access_key, secret_key): def get_iam_resource(access_key, secret_key): + """ + Returns the Resource client object for AWS IAM + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + obj: AWS IAM Resource Object + """ return boto3.resource( 'iam', aws_access_key_id=access_key, @@ -16,6 +36,16 @@ def get_iam_resource(access_key, secret_key): def get_user_name(access_key, secret_key): + """ + Returns the username of the given user credentails + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + user_name (str): AWS IAM User name + """ iam = get_iam_resource(access_key, secret_key) user_name = iam.CurrentUser().user_name @@ -23,10 +53,31 @@ def get_user_name(access_key, secret_key): def get_aws_account_user(access_key, secret_key): + """ + Returns the user details of the current user + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + obj: AWS IAM User + """ return get_iam_resource.CurrentUser(access_key, secret_key) def get_iam_user_policy_names(access_key, secret_key, user_name): + """ + Returns the policy names of the current user has + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + user_name (str): AWS user name + + Returns: + policy_names (list): List of policy names the current user has + """ iam_client = get_iam_client(access_key, secret_key) attached_policies = iam_client.list_attached_user_policies(UserName=user_name)['AttachedPolicies'] attached_policy_names = [policy['PolicyName'] for policy in attached_policies] @@ -36,6 +87,16 @@ def get_iam_user_policy_names(access_key, secret_key, user_name): def get_group_managed_policy_names(iam_client, groups): + """ + Returns the group managed policy names of the current user + + Args: + iam_client (obj): IAM client obj + groups (list): User groups + + Returns: + policy_names (list): List of group managed policy names the current user has + """ policy_names = [] for group in groups: attached_policies = iam_client.list_attached_group_policies(GroupName=group['GroupName'])['AttachedPolicies'] @@ -45,6 +106,16 @@ def get_group_managed_policy_names(iam_client, groups): def get_group_policy_names(iam_client, groups): + """ + Returns the group policy names of the current user + + Args: + iam_client (obj): IAM client obj + groups (list): User groups + + Returns: + policy_names (list): List of group policy names the current user has + """ policy_names = [] for group in groups: group_policy_names = iam_client.list_group_policies(GroupName=group['GroupName'])['PolicyNames'] @@ -54,6 +125,17 @@ def get_group_policy_names(iam_client, groups): def get_user_group_policy_names(access_key, secret_key, user_name): + """ + Returns all group user policies of a user + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + user_name (str): AWS user name + + Returns: + policy_names (list): List of all goup policy names the current user has + """ iam_client = get_iam_client(access_key, secret_key) groups = iam_client.list_groups_for_user(UserName=user_name)['Groups'] group_managed_policy_names = get_group_managed_policy_names(iam_client, groups) @@ -63,6 +145,16 @@ def get_user_group_policy_names(access_key, secret_key, user_name): def get_all_policy_names(access_key, secret_key): + """ + Returns all group and user policies of a user + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + policy_names (list): List of all goup policy names and user policy names the current user has + """ iam = get_iam_resource(access_key, secret_key) user_name = iam.CurrentUser().user_name @@ -73,6 +165,18 @@ def get_all_policy_names(access_key, secret_key): def create_iam_service_linked_role(access_key, secret_key, service_name, desc): + """ + Create AWS ES service linked role + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + service_name (str): Service name + desc (str): Descsription + + Returns: + Set: True if created else false with error + """ role_name = "AWSServiceRoleForAmazonElasticsearchService" iam_client = get_iam_client(access_key, secret_key) try: @@ -86,6 +190,17 @@ def create_iam_service_linked_role(access_key, secret_key, service_name, desc): def check_role_exists(role_name, access_key, secret_key): + """ + Check wheter the given IAM role already exists in the AWS Account + + Args: + role_name (str): Role name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + Boolean: True if env exists else False + """ iam_client = get_iam_client(access_key, secret_key) try: role = iam_client.get_role(RoleName=role_name) @@ -95,6 +210,17 @@ def check_role_exists(role_name, access_key, secret_key): def check_policy_exists(policy_name, access_key, secret_key, account_id): + """ + Check wheter the given IAM policy already exists in the AWS Account + + Args: + policy_name (str): Policy name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + Boolean: True if env exists else False + """ iam_client = get_iam_client(access_key, secret_key) policy_arn = "arn:aws:iam::%s:policy/%s" % (str(account_id), policy_name) @@ -106,6 +232,17 @@ def check_policy_exists(policy_name, access_key, secret_key, account_id): def check_instance_profile_exists(instance_profile_name, access_key, secret_key): + """ + Check wheter the given IAM instance profile already exists in the AWS Account + + Args: + instance_profile_name (str): Instance profile name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + Boolean: True if env exists else False + """ iam_client = get_iam_client(access_key, secret_key) try: profile = iam_client.get_instance_profile(InstanceProfileName=instance_profile_name) diff --git a/installer/core/providers/aws/boto3/rds.py b/installer/core/providers/aws/boto3/rds.py index 30e547edc..f78e533f8 100644 --- a/installer/core/providers/aws/boto3/rds.py +++ b/installer/core/providers/aws/boto3/rds.py @@ -2,6 +2,17 @@ def get_rds_client(access_key, secret_key, region): + """ + Returns the client object for AWS RDS + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS RDS Object + """ return boto3.client( 'rds', region_name=region, @@ -10,6 +21,18 @@ def get_rds_client(access_key, secret_key, region): def check_rds_instance_exists(instance_identifier, access_key, secret_key, region): + """ + Check wheter the given RDS Instance already exists in the AWS Account + + Args: + instance_identifier (str): RDS instance identifier + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_rds_client(access_key, secret_key, region) try: response = client.describe_db_instances( @@ -21,6 +44,18 @@ def check_rds_instance_exists(instance_identifier, access_key, secret_key, regio def check_rds_option_group_exists(name, access_key, secret_key, region): + """ + Check wheter the given RDS Option Group already exists in the AWS Account + + Args: + name (str): RDS Option Group name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_rds_client(access_key, secret_key, region) try: response = client.describe_option_groups( @@ -32,6 +67,18 @@ def check_rds_option_group_exists(name, access_key, secret_key, region): def check_rds_parameter_group_exists(name, access_key, secret_key, region): + """ + Check wheter the given RDS Parameter Group already exists in the AWS Account + + Args: + name (str): RDS Parameter Group name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_rds_client(access_key, secret_key, region) try: response = client.describe_db_parameter_groups( @@ -43,6 +90,18 @@ def check_rds_parameter_group_exists(name, access_key, secret_key, region): def check_rds_subnet_group_exists(name, access_key, secret_key, region): + """ + Check wheter the given RDS SUbnet Group already exists in the AWS Account + + Args: + name (str): RDS Subnet Group name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_rds_client(access_key, secret_key, region) try: response = client.describe_db_subnet_groups( diff --git a/installer/core/providers/aws/boto3/redshift.py b/installer/core/providers/aws/boto3/redshift.py index c84e2eb2b..df1e0bc02 100644 --- a/installer/core/providers/aws/boto3/redshift.py +++ b/installer/core/providers/aws/boto3/redshift.py @@ -2,6 +2,17 @@ def get_redshift_client(access_key, secret_key, region): + """ + Returns the client object for AWS Redshift + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS Redshift Object + """ return boto3.client( 'redshift', region_name=region, @@ -10,6 +21,18 @@ def get_redshift_client(access_key, secret_key, region): def check_redshift_cluster_exists(cluster_identifier, access_key, secret_key, region): + """ + Check wheter the given Redshift cluster already exists in the AWS Account + + Args: + cluster_identifier (str): Redshift cluster identifier + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_redshift_client(access_key, secret_key, region) try: response = client.describe_clusters( @@ -21,6 +44,18 @@ def check_redshift_cluster_exists(cluster_identifier, access_key, secret_key, re def check_redshift_parameter_group_exists(name, access_key, secret_key, region): + """ + Check wheter the given Redshift Parameter Group already exists in the AWS Account + + Args: + name (str): Redshift Parameter Group name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_redshift_client(access_key, secret_key, region) try: response = client.describe_cluster_parameter_groups( @@ -32,6 +67,18 @@ def check_redshift_parameter_group_exists(name, access_key, secret_key, region): def check_redshift_subnet_group_exists(name, access_key, secret_key, region): + """ + Check wheter the given Redshift SUbnet Group already exists in the AWS Account + + Args: + name (str): Redshift Subnet Group name + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_redshift_client(access_key, secret_key, region) try: response = client.describe_cluster_subnet_groups( diff --git a/installer/core/providers/aws/boto3/sts.py b/installer/core/providers/aws/boto3/sts.py index 5de1755cc..e4ffdb83f 100644 --- a/installer/core/providers/aws/boto3/sts.py +++ b/installer/core/providers/aws/boto3/sts.py @@ -2,6 +2,16 @@ def get_sts_client(access_key, secret_key): + """ + Returns AWS sts client object + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + obj: AWS Sts client Object + """ return boto3.client( "sts", aws_access_key_id=access_key, @@ -9,4 +19,14 @@ def get_sts_client(access_key, secret_key): def get_user_account_id(access_key, secret_key): + """ + Returns AWS user account id from the given credentials + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + + Returns: + account_id (str): AWS user account ID + """ return get_sts_client(access_key, secret_key).get_caller_identity().get('Account') diff --git a/installer/core/providers/aws/boto3/vpc.py b/installer/core/providers/aws/boto3/vpc.py index 42370d258..b06ed40cb 100644 --- a/installer/core/providers/aws/boto3/vpc.py +++ b/installer/core/providers/aws/boto3/vpc.py @@ -2,6 +2,17 @@ def get_ec2_client(access_key, secret_key, region): + """ + Returns the client object for AWS EC2 + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + obj: AWS EC2 Client Object + """ return boto3.client( 'ec2', region_name=region, @@ -10,12 +21,36 @@ def get_ec2_client(access_key, secret_key, region): def get_vpc_details(access_key, secret_key, region, vpc_ids): + """ + Find VPC details of all the ids passed to this method + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + vpc_ids (list): List of VOC Ids + + Returns: + VPCS (list): List of all VPC objects + """ response = get_ec2_client(access_key, secret_key, region).describe_vpcs(VpcIds=vpc_ids) return response["Vpcs"] def get_vpc_subnets(access_key, secret_key, region, vpc_ids): + """ + Find all subnets under a VPC + + Args: + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + vpc_ids (list): List of VOC Ids + + Returns: + Subnets (list): List of all subnets object + """ response = get_ec2_client(access_key, secret_key, region).describe_subnets(Filters=[ { 'Name': 'vpc-id', @@ -27,6 +62,19 @@ def get_vpc_subnets(access_key, secret_key, region, vpc_ids): def check_security_group_exists(group_name, vpc_id, access_key, secret_key, region): + """ + Check wheter the given security group already exists in the AWS Account + + Args: + group_name (str): Security group name + vpc_id (str): VPC id under which the group should be searched + access_key (str): AWS Access Key + secret_key (str): AWS Secret Key + region (str): AWS Region + + Returns: + Boolean: True if env exists else False + """ client = get_ec2_client(access_key, secret_key, region) try: response = client.describe_security_groups( diff --git a/installer/core/providers/aws/destroy.py b/installer/core/providers/aws/destroy.py index f136405e0..8c161d783 100644 --- a/installer/core/providers/aws/destroy.py +++ b/installer/core/providers/aws/destroy.py @@ -10,6 +10,16 @@ class Destroy(BaseAction): + """ + AWS provider for destroy command + + Attributes: + executed_with_error (boolean): this is set to True if any error occurs + destroy_start_time (time): Starting time when the execution started + destroy_statuses (dict): Available destroy statuses + exception (Excpetion obj): exception object if occured + terraform_thread (thread): Destroy python threads + """ executed_with_error = False destroy_start_time = datetime.now() destroy_statuses = { @@ -24,6 +34,14 @@ def __init__(self, args, input_obj): super().__init__(input_obj) def execute(self, resources, terraform_with_targets, dry_run): + """ + This is the starting method where destroy begins. This is the actual method called from the main destroy class + + Args: + resources (list): Resources to be destroyed + terraform_with_targets (boolean): If partial destroy is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original destroy should be done + """ error_response = self.validate_arguments(resources, terraform_with_targets) if not error_response: self._create_terraform_provider_file() @@ -33,6 +51,14 @@ def execute(self, resources, terraform_with_targets, dry_run): self.exit_with_validation_errors(error_response) def execute_terraform_destroy(self, resources, terraform_with_targets, dry_run): + """ + Initialises the destroy execution, print the message and call the threads creation method + + Args: + resources (list): Resources to be destroyed + terraform_with_targets (boolean): If partial destroy is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original destroy should be done + """ self.show_step_heading(K.TERRAFORM_DESTROY_STARTED, write_log=False) if not dry_run: @@ -49,30 +75,63 @@ def _cleanup_destroy(self): self._delete_terraform_provider_file() def run_pre_destoy(self, resources): + """ + Call all resource's pre destroy hook if there is any post destroy activity is to be made + + Args: + resources (list): Resources to be destroyed + """ for resource in resources: resource.pre_terraform_destroy() def run_post_destoy(self, resources): + """ + Call all resource's post_destroy hook if there is any post destroy activity is to be made + + Args: + resources (list): Resources to be destroyed + """ for resource in resources: resource.post_terraform_destroy() resource.remove_terraform() def destroy_resources_and_show_progress(self, resources, terraform_with_targets): + """ + Creates 2 thread + 1. For actualy destroy + 2. For displaying the status of destruction + Since python is interpreted language we need to create threads to display the status in one and actual process in another + + Args: + resources (list): Resources to be destroyed + terraform_with_targets (boolean): If partial destroy is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original destroy should be done + """ self.terraform_thread = Thread(target=self.destroy_resources, args=(list(resources), terraform_with_targets)) - display_thread = Thread(target=self.show_progress_status, args=(list(resources), terraform_with_targets)) + progressbar_thread = Thread(target=self.show_progress_status, args=(list(resources), terraform_with_targets)) self.terraform_thread.start() - display_thread.start() + progressbar_thread.start() self.terraform_thread.join() - display_thread.join() + progressbar_thread.join() def destroy_resources(self, resources, terraform_with_targets): + """ + Start destroying the esources by calling PyTerraform class destroy + + Args: + resources (list): Resources to be destroyed + terraform_with_targets (boolean): If partial destroy is to be done (if --tags is supplied) + """ destroy_resources = resources if terraform_with_targets else None self.run_pre_destoy(resources) # May be timeout causes first destroy to be a failure hence attempt as many times as the value in the setting for attempt in range(Settings.DESTROY_NUM_ATTEMPTS): + self.executed_with_error = False + self.exception = None + try: PyTerraform().terraform_destroy(destroy_resources) self.run_post_destoy(resources) @@ -84,10 +143,17 @@ def destroy_resources(self, resources, terraform_with_targets): self.current_destroy_status = self.destroy_statuses.get('execution_finished') def show_progress_status(self, resources, terraform_with_targets): + """ + Show status of the destruction to user by printing messages + + Args: + resources (list): Resources to be destroyed + terraform_with_targets (boolean): If partial destroy is to be done (if --tags is supplied) + """ sleep(1) # To sleep initaially for pre-destroy to process while self.destroy_statuses.get('execution_finished') != self.current_destroy_status and self.terraform_thread.isAlive(): duration = self.CYAN_ANSI + self.get_duration(datetime.now() - self.destroy_start_time) + self.END_ANSI - message = "%s. Time elapsed: %s" % (K.TERRAFORM_DESTROY_RUNNING, duration) + message = "Time elapsed: %s" % duration self.show_progress_message(message, 1.5) self.erase_printed_line() diff --git a/installer/core/providers/aws/input.py b/installer/core/providers/aws/input.py index 39eacb0f2..65fc5d752 100644 --- a/installer/core/providers/aws/input.py +++ b/installer/core/providers/aws/input.py @@ -6,7 +6,10 @@ class SystemInput(MsgMixin, metaclass=ABCMeta): + """Base input class for installation/destruction/status commands. This class reads required input from user for the process to start""" + def read_input(self): + """Read required inputs from user for the process to start""" self.show_step_heading(K.INPUT_READING_STARTED) self.read_aws_access_key() self.read_aws_secret_key() @@ -15,6 +18,7 @@ def read_input(self): self.show_step_finish(K.INPUT_READING_COMPLETED) def read_aws_access_key(self): + """Read AWS access key from user if it is not already set in settings""" settings_access_key = getattr(Settings, 'AWS_ACCESS_KEY', None) if settings_access_key is None or settings_access_key == '': self.aws_access_key = input("\n\t%s" % K.AWS_ACCESS_KEY_INPUT) @@ -26,6 +30,7 @@ def read_aws_access_key(self): self.aws_access_key = settings_access_key def read_aws_secret_key(self): + """Read AWS secret key from user if it is not already set in settings""" settings_secret_key = getattr(Settings, 'AWS_SECRET_KEY', None) if settings_secret_key is None or settings_secret_key == '': self.aws_secret_key = input("\n\t%s" % K.AWS_SECRET_KEY_INPUT) @@ -39,6 +44,7 @@ def read_aws_secret_key(self): self.aws_secret_key = settings_secret_key def read_aws_region(self): + """Read AWS region from user if it is not already set in settings""" settings_region = getattr(Settings, 'AWS_REGION', None) if settings_region is None or settings_region == '': self.aws_region = input("\n\t%s" % K.AWS_REGION_INPUT) @@ -47,22 +53,29 @@ def read_aws_region(self): self.aws_region = settings_region def load_aws_account_id(self): + """Find AWS Account ID from the credentials given""" aws_account_id = get_user_account_id(Settings.AWS_ACCESS_KEY, Settings.AWS_SECRET_KEY) Settings.set('AWS_ACCOUNT_ID', aws_account_id) self.aws_account_id = aws_account_id class SystemInstallInput(SystemInput): + """Input class for installation. This class reads required input from user for the process to start""" + def read_input(self): super().read_input() class SystemDestroyInput(SystemInput): + """Input class for destruction. This class reads required input from user for the process to start""" + def read_input(self): super().read_input() class SystemStatusInput(SystemInput): + """Input class for Status command. This class reads required input from user for the process to start""" + def read_input(self): Settings.set('AWS_ACCESS_KEY', "TempAccessKey") Settings.set('AWS_SECRET_KEY', "TempSecretKey") diff --git a/installer/core/providers/aws/install.py b/installer/core/providers/aws/install.py index a5d16015b..69d2f8b37 100644 --- a/installer/core/providers/aws/install.py +++ b/installer/core/providers/aws/install.py @@ -16,6 +16,17 @@ class Install(BaseAction): + """ + AWS provider for destroy command + + Attributes: + executed_with_error (boolean): this is set to True if any error occurs + FOLDER_EXISTS_ERROR_NO (int): Error number of folder creation failure + install_statuses (dict): Available destroy statuses + terraform_thread (thread): Install python thread + terraform_outputs (dict): Terraform output dict + current_install_status (int): Current install status + """ FOLDER_EXISTS_ERROR_NO = 17 executed_with_error = False install_statuses = { @@ -29,6 +40,7 @@ class Install(BaseAction): } current_install_status = 1 terraform_outputs = {} + terraform_thread = None def __init__(self, args, input_obj, check_dependent_resources=True): self.args = args @@ -37,6 +49,14 @@ def __init__(self, args, input_obj, check_dependent_resources=True): logging.disable(logging.ERROR) # To disable python terraform unwanted warnings def execute(self, resources, terraform_with_targets, dry_run): + """ + This is the starting method where install begins. This is the actual method called from the main install class + + Args: + resources (list): Resources to be installed + terraform_with_targets (boolean): If partial install is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original install should be done + """ error_response = self.validate_arguments(resources, terraform_with_targets) if error_response: return self.exit_with_validation_errors(error_response) @@ -51,25 +71,50 @@ def execute(self, resources, terraform_with_targets, dry_run): raise self.exception def run_tf_execution_and_status_threads(self, resources, terraform_with_targets, dry_run): - thread1 = Thread(target=self.execute_terraform, args=(list(resources), terraform_with_targets, dry_run)) - thread2 = Thread(target=self.show_progress_status, args=(list(resources), terraform_with_targets, dry_run)) - - thread1.start() - thread2.start() - - thread1.join() - thread2.join() - - def execute_terraform(self, resources, terraform_with_targets, dry_run): + """ + Creates 2 thread + 1. For actualy installation + 2. For displaying the status of installation + Since python is interpreted language we need to create threads to display the status in one and actual process in another + + Args: + resources (list): Resources to be installed + terraform_with_targets (boolean): If partial install is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original install should be done + """ + self.terraform_thread = Thread(target=self.create_resources, args=(list(resources), terraform_with_targets, dry_run)) + progressbar_thread = Thread(target=self.show_progress_status, args=(list(resources), terraform_with_targets, dry_run)) + + self.terraform_thread.start() + progressbar_thread.start() + + self.terraform_thread.join() + progressbar_thread.join() + + def create_resources(self, resources, terraform_with_targets, dry_run): + """ + Start installing the resources by calling PyTerraform class destroy + + Args: + resources (list): Resources to be created + terraform_with_targets (boolean): If partial install is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original install should be done + """ try: self.terraform_apply(resources, terraform_with_targets, dry_run) except Exception as e: self.executed_with_error = True self.exception = e - self._cleanup_execute_terraform(dry_run) + self._cleanup_installation_process(dry_run) + + def _cleanup_installation_process(self, dry_run): + """ + Cleanup the process of installation once it is completed - def _cleanup_execute_terraform(self, dry_run): + Args: + dry_run (boolean): Decides whether original install should be done + """ py_terraform = PyTerraform() if not dry_run: @@ -78,8 +123,15 @@ def _cleanup_execute_terraform(self, dry_run): self._delete_terraform_provider_file() self.current_install_status = self.install_statuses.get('execution_finished') - def generate_terraform_files(self, resources, terraform_with_targets): + """ + Generate terraform files for the resources passed + + Args: + resources (list): Resources to be created + terraform_with_targets (boolean): If partial install is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original install should be done + """ if exists_teraform_lock(): self.warn_another_process_running() raise Exception(K.ANOTHER_PROCESS_RUNNING) @@ -106,6 +158,14 @@ def generate_terraform_files(self, resources, terraform_with_targets): self.show_step_finish(K.TERRAFORM_GEN_COMPLETED, color=self.GREEN_ANSI) def terraform_apply(self, resources, terraform_with_targets, dry_run): + """ + Call terraform apply command through PyTerraform class + + Args: + resources (list): Resources to be created + terraform_with_targets (boolean): If partial install is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original install should be done + """ apply_resources = resources if terraform_with_targets else None py_terraform = PyTerraform() @@ -129,6 +189,12 @@ def terraform_apply(self, resources, terraform_with_targets, dry_run): resource.post_terraform_apply() def render_resource_outputs(self, resources): + """ + After installation is completed list down all the outputs to be rendered by calling render_output hook + + Args: + resources (list): Resources created + """ if not self.executed_with_error and self.terraform_outputs: display_op_list = [] for resource in resources: @@ -139,6 +205,7 @@ def render_resource_outputs(self, resources): self.display_op_msg(display_op_list) def _create_terraform_support_dirs(self): + """Create all support directories and files required for installation""" scripts_and_files_dir = get_terraform_scripts_and_files_dir() try: os.mkdir(scripts_and_files_dir) @@ -148,56 +215,99 @@ def _create_terraform_support_dirs(self): raise Exception('Files direcotry creation in Terraform folder failed') def _copy_supporting_files(self): + """Copy all the files from main root file directory and copy them in scripts and files directory inside terraform dir""" scripts_and_files_dir = get_terraform_scripts_and_files_dir() copy_tree(Settings.PROVISIONER_FILES_DIR_TO_COPY, scripts_and_files_dir) def show_progress_status(self, resources, terraform_with_targets, dry_run): + """ + Show the status of installation continously in this thread + + Args: + resources (list): Resources to be created + terraform_with_targets (boolean): If partial install is to be done (if --tags is supplied) + dry_run (boolean): Decides whether original install should be done + """ self.render_terraform_init_progress() self.render_terraform_plan_progress() - self.render_terraform_apply_progress(resources, terraform_with_targets, dry_run) + if not dry_run: + self.render_terraform_apply_progress(resources, terraform_with_targets) + else: + message = "\n" + self.WARN_ANSI + K.TERRAFORM_APPLY_DRY_RUN + self.END_ANSI + "\n" + self.show_step_finish(message, write_log=False) def render_terraform_init_progress(self): + """Show the status of terraform init command execution""" start_time = datetime.now() self.show_step_heading(K.TERRAFORM_INIT_STARTED, write_log=False) - while self.install_statuses.get('tf_init_complete') >= self.current_install_status: + while self.install_statuses.get('tf_init_complete') >= self.current_install_status and self.terraform_thread.isAlive(): self.show_progress_message(K.TERRAFORM_INIT_RUNNING, 0.5) - self.erase_printed_line() - if self.executed_with_error: - self.show_step_finish(K.EXECUTED_WITH_ERROR, color=self.ERROR_ANSI) - else: - self.show_step_finish(K.TERRAFORM_INIT_COMPLETED, write_log=False, color=self.GREEN_ANSI) - end_time = datetime.now() - self.display_process_duration(start_time, end_time) + + self._render_step_trail_message(K.TERRAFORM_INIT_COMPLETED, K.EXECUTED_WITH_ERROR, start_time) def render_terraform_plan_progress(self): + """Show status of terraform plan command execution""" # If Init doesn't end up in error - if not self.executed_with_error: + if not self.executed_with_error and self.terraform_thread.isAlive(): start_time = datetime.now() self.show_step_heading(K.TERRAFORM_PLAN_STARTED, write_log=False) - while self.install_statuses.get('tf_plan_complete') >= self.current_install_status: + while self.install_statuses.get('tf_plan_complete') >= self.current_install_status and self.terraform_thread.isAlive(): self.show_progress_message(K.TERRAFORM_PLAN_RUNNING, 0.7) - self.erase_printed_line() - if self.executed_with_error: - self.show_step_finish(K.EXECUTED_WITH_ERROR, color=self.ERROR_ANSI) - else: - self.show_step_finish(K.TERRAFORM_PLAN_COMPLETED, write_log=False, color=self.GREEN_ANSI) - end_time = datetime.now() - self.display_process_duration(start_time, end_time) - def render_terraform_apply_progress(self, resources, terraform_with_targets, dry_run): + self._render_step_trail_message(K.TERRAFORM_PLAN_COMPLETED, K.EXECUTED_WITH_ERROR, start_time) + + def render_terraform_apply_progress(self, resources, terraform_with_targets): + """ + Show the status of actualy terraform apply + + Args: + resources (list): Resources to be created + terraform_with_targets (boolean): If partial install is to be done (if --tags is supplied) + """ + counter = False # If Plan doesn't end up in error - if not self.executed_with_error: + if not self.executed_with_error and self.terraform_thread.isAlive(): start_time = datetime.now() self.show_step_heading(K.TERRAFORM_APPLY_STARTED, write_log=False) - if dry_run: - self.show_step_finish(K.TERRAFORM_APPLY_DRY_RUN, write_log=False) - else: - while self.install_statuses.get('execution_finished') > self.current_install_status: - self.show_progress_message(K.TERRAFORM_APPLY_RUNNING, 1.5) - self.erase_printed_line() - if self.executed_with_error: - self.show_step_finish(K.EXECUTED_WITH_ERROR, color=self.ERROR_ANSI) + py_terraform = PyTerraform() + output_count = prev_output_count = 0 + + while self.install_statuses.get('execution_finished') > self.current_install_status and self.terraform_thread.isAlive(): + counter = False if counter else True + duration = self.CYAN_ANSI + self.get_duration(datetime.now() - start_time) + self.END_ANSI + if counter: + try: + # output_count = len(py_terraform.load_terraform_output()) # This uses terraform output command + output_count = self.files_count_in_output_status_dir() + prev_output_count = output_count + except: + output_count = prev_output_count else: - self.show_step_finish(K.TERRAFORM_APPLY_COMPLETED, write_log=False, color=self.GREEN_ANSI) - end_time = datetime.now() - self.display_process_duration(start_time, end_time) + output_count = prev_output_count + + duration_msg = ", Time elapsed: %s" % duration + count_msg = self.GREEN_ANSI + str(output_count) + "/" + str(self.total_resources_count) + self.END_ANSI + message = "Resources created: " + count_msg + duration_msg + self.show_progress_message(message, 1.5) + + self.clear_status_dir_files() + self._render_step_trail_message(K.TERRAFORM_APPLY_COMPLETED, K.EXECUTED_WITH_ERROR, start_time) + + def _render_step_trail_message(self, success_msg, error_msg, start_time): + """ + At the end of installation show the status of the execution + + Args: + success_msg (str): Success message to be displayed if isntallation gets completed + error_msg (str): Error messaage if isntallation is not successful + start_time (time): Time at which the Apply started + """ + if self.executed_with_error: + mesage, color, write_log = error_msg, self.ERROR_ANSI, True + else: + mesage, color, write_log = success_msg, self.GREEN_ANSI, False + + self.erase_printed_line() + self.show_step_finish(mesage, write_log=write_log, color=color) + end_time = datetime.now() + self.display_process_duration(start_time, end_time) diff --git a/installer/core/providers/aws/validate.py b/installer/core/providers/aws/validate.py index 67a2820c1..802c76827 100644 --- a/installer/core/providers/aws/validate.py +++ b/installer/core/providers/aws/validate.py @@ -8,10 +8,23 @@ class SystemValidation(MsgMixin, metaclass=ABCMeta): + """ + Base class for system validation + + Attributes: + error_message (str): Error message + full_access_policies (str): Admin access policies with all permissions + """ error_message = None full_access_policies = ["AdministratorAccess"] def validate_vpc_and_cidr_blocks(self): + """ + Check the VPC is correct and the CIDR block provided is also correct + + Returns: + valid or not_valid (str): Configured string for valid and not valid conditions + """ self.error_message = None if Settings.get('VPC', None): vpc_ids = [Settings.VPC['ID']] @@ -35,6 +48,12 @@ def validate_vpc_and_cidr_blocks(self): return K.VALID def validate_subnet_ids(self): + """ + Check the subnets provided are present under the given VPC or not + + Returns: + valid or not_valid (str): Configured string for valid and not valid conditions + """ self.error_message = None if Settings.get('VPC', None): @@ -65,6 +84,12 @@ def validate_subnet_ids(self): return K.VALID def validate_user_policies(self): + """ + Check required policies are present in user policies or not. Required policies are kept in the settings AWS_POLICIES_REQUIRED + + Returns: + boolean: True if all policies are present else False + """ access_key, secret_key = Settings.AWS_ACCESS_KEY, Settings.AWS_SECRET_KEY user_name = iam.get_user_name(access_key, secret_key) @@ -85,6 +110,12 @@ def validate_user_policies(self): return False def _check_group_policies(self, access_key, secret_key, user_name): + """ + Check required policies are present in user-group policies or not. Required policies are kept in the settings AWS_POLICIES_REQUIRED + + Returns: + boolean: True if all policies are present else False + """ group_policy_names = iam.get_user_group_policy_names(access_key, secret_key, user_name) if self._has_full_access_policies(group_policy_names): @@ -100,6 +131,12 @@ def _check_group_policies(self, access_key, secret_key, user_name): return True def _check_user_policies(self, access_key, secret_key, user_name): + """ + This method uses the above methods and validate required policies are present in combine User and Group policies + + Returns: + boolean: True if all policies are present else False + """ user_policy_names = iam.get_iam_user_policy_names(access_key, secret_key, user_name) if self._has_full_access_policies(user_policy_names): @@ -115,10 +152,17 @@ def _check_user_policies(self, access_key, secret_key, user_name): return True def _has_full_access_policies(self, policy_names): + """ + Check if full access policies are present + + Returns: + boolean: True if full access policies are present else False + """ return bool(set(self.full_access_policies).intersection(policy_names)) class SystemInstallValidation(SystemValidation): + """Main class for validating install process""" def validate(self): self.show_step_heading(K.SETTINGS_CHECK_STARTED) @@ -138,5 +182,6 @@ def validate(self): class SystemDestroyValidation(SystemValidation): + """Main class for validating destroy process""" def validate(self): return True diff --git a/installer/core/terraform/__init__.py b/installer/core/terraform/__init__.py index e8aa74a03..59f4f763a 100644 --- a/installer/core/terraform/__init__.py +++ b/installer/core/terraform/__init__.py @@ -11,9 +11,21 @@ class PyTerraform(): + """ + This is the main class which bridges between the python_terraform class and framework system + + Attributes: + log_obj (obj): SysLog object used to write logs + """ log_obj = SysLog() def terraform_init(self): + """ + Run terraform init and raise excpetion if there is any error or response of the command + + Returns: + response (dict): Response after terraform init + """ if exists_teraform_lock(): raise Exception(K.ANOTHER_PROCESS_RUNNING) @@ -32,6 +44,15 @@ def terraform_init(self): return response def terraform_plan(self, resources=None): + """ + Run terraform plan and raise excpetion if there is any error or response of the command + + Args: + resources (list): List of resources if there are targets else None + + Returns: + response (dict): Response after terraform plan + """ if exists_teraform_lock(): raise Exception(K.ANOTHER_PROCESS_RUNNING) @@ -52,6 +73,15 @@ def terraform_plan(self, resources=None): return response def terraform_apply(self, resources=None): + """ + Run terraform apply and raise excpetion if there is any error or response of the command + + Args: + resources (list): List of resources if there are targets else None + + Returns: + response (dict): Response after terraform apply + """ if exists_teraform_lock(): raise Exception(K.ANOTHER_PROCESS_RUNNING) @@ -75,6 +105,15 @@ def terraform_apply(self, resources=None): return response def terraform_destroy(self, resources=None): + """ + Run terraform destroy and raise excpetion if there is any error or response of the command + + Args: + resources (list): List of resources if there are targets else None + + Returns: + response (dict): Response after terraform destroy + """ if exists_teraform_lock(): raise Exception(K.ANOTHER_PROCESS_RUNNING) @@ -98,6 +137,12 @@ def terraform_destroy(self, resources=None): return response def process_destroy_result(self, p): + """ + Store the destroy response and riase exception if there is any + + Args: + p (process obj): process obj of the terraform destroy + """ response = Terraform().return_process_result(p) CMD = Settings.get('running_command', "Terraform Destroy") @@ -109,6 +154,15 @@ def process_destroy_result(self, p): self.write_current_status(CMD, K.DESTROY_STATUS_COMPLETED, K.TERRAFORM_DESTROY_COMPLETED) def terraform_taint(self, resources): + """ + Run terraform taint on the mentioned resources + + Args: + resources (list): List of resources if there are targets else None + + Returns: + response (dict): Response after terraform taint + """ if exists_teraform_lock(): raise Exception(K.ANOTHER_PROCESS_RUNNING) @@ -131,6 +185,15 @@ def terraform_taint(self, resources): return response def get_target_resources(self, resources): + """ + Get list of terraform targets arguments to be supplied to terraform command + + Args: + resources (list): List of resources if there are targets else None + + Returns: + targets (list / none): list of resources to be added as targets if there is any else None + """ if resources: targets = [] for resource in resources: @@ -146,6 +209,15 @@ def get_target_resources(self, resources): return None def get_taint_resources(self, resources): + """ + Get list of terraform resources to be tainted + + Args: + resources (list): List of resources + + Returns: + taint_resources (list): List of resources to be tainted + """ taint_resources = [] for resource in resources: if TerraformResource in inspect.getmro(resource.__class__): @@ -155,6 +227,12 @@ def get_taint_resources(self, resources): @classmethod def save_terraform_output(cls): + """ + Save terraform output to the output file + + Returns: + output_dict (dict): Terraform output + """ tf_output_file = get_terraform_latest_output_file() output_dict = cls.load_terraform_output() @@ -166,6 +244,12 @@ def save_terraform_output(cls): @classmethod def load_terraform_output(cls): + """ + Load terraform output form the output command + + Returns: + output_dict (dict): Terraform output + """ output_dict = {} terraform = Terraform( @@ -186,6 +270,12 @@ def load_terraform_output(cls): @classmethod def load_terraform_output_from_json_file(cls): + """ + Load terraform output form the output file + + Returns: + output_dict (dict): Terraform output + """ tf_output_file = get_terraform_latest_output_file() output_dict = {} if os.path.exists(tf_output_file): @@ -195,6 +285,14 @@ def load_terraform_output_from_json_file(cls): return output_dict def write_current_status(self, command, status_code, description=""): + """ + Write current status for the executed comamnd to status file + + Args: + command (str): Command name + status_code (str): Status of the current execution + description (str): Description of the current command + """ current_status = self.get_current_status() prev_status = None @@ -220,6 +318,12 @@ def write_current_status(self, command, status_code, description=""): @classmethod def get_current_status(self): + """ + Write current status for the executed comamnd to status file + + Returns: + status_dict (dict): Status dict to be written + """ status_file = get_terraform_status_file() status_dict = {} if os.path.exists(status_file): diff --git a/installer/core/terraform/resources/__init__.py b/installer/core/terraform/resources/__init__.py index e655a5e50..0ce08c4b7 100644 --- a/installer/core/terraform/resources/__init__.py +++ b/installer/core/terraform/resources/__init__.py @@ -1,6 +1,6 @@ from core.config import Settings from core.terraform.utils import get_terraform_resource_path -from core.terraform.utils import get_formatted_resource_attr_value +from core.terraform.utils import get_formatted_resource_attr_value, get_resource_created_status_op_file from core.log import SysLog from abc import ABCMeta import json @@ -10,6 +10,17 @@ class BaseTerraformResource(metaclass=ABCMeta): + """ + Abstract Base class for all resource type (terraform resource, data resource etc, variables) + + Attributes: + DEPENDS_ON (list): This defines what are the resources on which the current resource depends on + OUTPUT_LIST (list): List of attributes to be output in terraform + VARIABLES (list): List of variables used in the resource + PROCESS (boolean): Whether to create/destroy resource or not. If true then resource will be created else resource will not be created + and is used as dummy resource which doesn't dod anything + input (input instacne): Input object for install or destroy + """ DEPENDS_ON = [] OUTPUT_LIST = [] VARIABLES = [] @@ -20,11 +31,26 @@ def __init__(self, input): @classmethod def get_resource_id(cls): + """ + This method generate the resource id of the current resource from the class name path + + Returns: + resource_id (str): Resource ID string generated from the class name + """ # return getattr(cls, 'resource_id', '_'.join(cls.__module__.title().lower().split('.')[1:]) + '_' + cls.__name__) return '_'.join(cls.__module__.title().lower().split('.')[1:]) + '_' + cls.__name__ @classmethod def get_input_attr(cls, key): + """ + Find the value of the given attribute of a resource + + Args: + key (str): Attribute name + + Returns: + value (str): Formatted argument value of the given key + """ attrs = cls.available_args.get(key, None) arg_value = getattr(cls, key, None) @@ -38,6 +64,16 @@ def get_input_attr(cls, key): @classmethod def get_output_attr(cls, key, index=False): + """ + Generate terraform output string(reference string) format of the given key. If count is greater than 1 then index is used. + + Args: + key (str): Attribute name + index (int): Index of the resource if the resource count is greater than 0 + + Returns: + output_attr_ref (str): Terraform output reference of the given attribute + """ if getattr(cls, "count", None): output_attr_ref = "%s.*.%s" % (cls.get_terraform_resource_path(), key) output_attr_ref += "" if index is False else "[count.index]" @@ -49,19 +85,46 @@ def get_output_attr(cls, key, index=False): @classmethod def get_output_attr_name(cls, name): + """ + Output key identifier of the given output attribute name + + Args: + name (str): Output Attribute name + + Returns: + key (str): Key identifier for the given output name + """ return "-".join([cls.get_resource_id(), name]) @classmethod def get_terraform_resource_path(cls): + """ + Get path of the resource class + + Returns: + path (str): path of the resource class + """ return get_terraform_resource_path(cls) def get_resource_terraform_file(self): + """ + Get the path of the terraform file created(to be created) for the current resource + + Returns: + path (path): path of terraform file + """ return os.path.join( Settings.TERRAFORM_DIR, self.get_resource_id() + "." + self.tf_file_extension ) def get_resource_dependency_list(self): + """ + Find the dependency resources for the given resource + + Returns: + dependency_list (list): dependency resources path list + """ dependency_list = [] for resource_class in self.DEPENDS_ON: @@ -71,6 +134,15 @@ def get_resource_dependency_list(self): return dependency_list def generate_terraform_script(self, terraform_args_dict): + """ + Build terraform resource configuration as dict to be used to generate json + + Args: + terraform_args_dict (dict): Input resource class args dict supplied + + Returns: + terraform_script_dict (dict): terraform resource configurations + """ terraform_script_dict = { self.terraform_type: { self.resource_instance_name: { @@ -90,6 +162,12 @@ def generate_terraform_script(self, terraform_args_dict): return terraform_script_dict def get_terraform_variables(self): + """ + Find the terraform variables added for the current resource + + Returns: + variables (dict): variables as dict + """ variables = {} for variable_class in self.VARIABLES: @@ -108,6 +186,7 @@ def get_terraform_variables(self): return variables def generate_terraform(self): + """This creates terraform resource""" if self.PROCESS: # Generate the resource terraform file only if the resource is to be processed try: terraform_args_dict = self.get_terraform_resource_args_dict() @@ -119,11 +198,22 @@ def generate_terraform(self): sys.exit() def remove_terraform(self): + """Delete the terraform file of the current resource from terraform directory""" file = self.get_resource_terraform_file() if os.path.isfile(file): os.remove(file) def _get_resource_argument_value(self, arg, attrs): + """ + Find the terraform resource configuration from the class attributes + + Args: + arg (str): Argument name + attrs (dict): attributes of the argument + + Returns: + value (str/None): Formated resource attr value if exists else None + """ if attrs.get('inline_args', False): arg_dict_values = {} for inline_arg, inline_arg_attrs in attrs.get('inline_args', {}).items(): @@ -143,9 +233,25 @@ def _get_resource_argument_value(self, arg, attrs): return None def _get_terraform_argument_key(self, key, attrs): + """ + Find the terraform configuration key from the class attributes ie. if tf_arg_key is supplied then use that else the given attr + + Args: + key (str): Argument name + attrs (dict): attributes of the argument + + Returns: + value (str): argument name + """ return attrs.get('tf_arg_key', key) def get_terraform_resource_args_dict(self): + """ + Generate terraform configuration dict. Iterate over each configuration analyse the attributes and create configuration key with value as dict + + Returns: + terraform_args_dict (dict): Terraform configuration dict + """ self.set_default_available_arguments() terraform_args_dict = {} for arg, attrs in self.available_args.items(): @@ -158,19 +264,32 @@ def get_terraform_resource_args_dict(self): if len(dependency_list) > 0: terraform_args_dict['depends_on'] = dependency_list - provisioners = self.get_provisioners() + provisioners = self.get_provisioners() + self.get_mandatory_provisioners() if provisioners: terraform_args_dict['provisioner'] = provisioners return terraform_args_dict def create_terraform_resource_file(self, terraform_args_dict): + """ + This creates terraform resource file in terraform directory and add the configurations as json + + Args: + terraform_args_dict (dict): Terraform resource configurations + """ terraform_script_dict = self.generate_terraform_script(terraform_args_dict) with open(self.get_resource_terraform_file(), "w") as jsonfile: json.dump(terraform_script_dict, jsonfile, indent=4) def validate_input_args(self): + """ + Validate arguments supplied to the terrafomr resource + + Returns: + success (boolean): Validation is success or not + msg_list (list): List of error messages if there is any error + """ success = True msg_list = [] for arg in self._get_required_arguments(): @@ -185,6 +304,12 @@ def validate_input_args(self): return success, msg_list def _get_required_arguments(self): + """ + Find all the mandatory configurations required by checking required attribute of attributes dict + + Returns: + required_arguments (list): List of arguments/configurations + """ required_arguments = [] for arg, attrs in self.available_args.items(): @@ -202,26 +327,49 @@ def set_default_available_arguments(self): # Set count argument to all resources and use it if requires. So making it optional self.available_args['count'] = {'required': False} + def get_provisioners(self): + """List of all provisioners hook method for the current resource""" + return [] + + def get_mandatory_provisioners(self): + """List of all mandatory provisioners hook method for the current resource""" + return [] + def pre_generate_terraform(self): + """Hook method called before terraform generation""" pass def pre_terraform_apply(self): + """Hook method called before terraform apply""" pass def pre_terraform_destroy(self): + """Hook method called before terraform destroy""" pass def post_terraform_apply(self): + """Hook method called after terraform apply""" pass def post_terraform_destroy(self): + """Hook method called after terraform destroy""" pass def render_output(self, outputs): + """Hook method called to render output""" pass class TerraformResource(BaseTerraformResource, metaclass=ABCMeta): + """ + Main terraform resource class that is used toc create resource in cloud + + Attributes: + terraform_type (str): Terraform resource type + MANDATORY_OUTPUT (str): Mandatory output to be generated + tf_file_extension (str): File extension for the terraform file + tags (list): List of tags to be added + """ terraform_type = 'resource' MANDATORY_OUTPUT = 'id' tf_file_extension = 'tf' @@ -230,12 +378,33 @@ class TerraformResource(BaseTerraformResource, metaclass=ABCMeta): ] def check_exists_before(self, input, outputs): + """ + Factory method to check the existence of a resource + + Returns: + boolean, dict: True if already exists else false with details + """ return False, {'attr': None, 'value': None} def resource_in_tf_output(self, tf_outputs): + """ + Check whether the resource is created as part of this installation + + Args: + tf_outputs (dict): Dict of terraform output + + Returns: + boolean: True if created else False + """ return True if tf_outputs.get(self.get_resource_id(), None) else False def get_terraform_output_list(self): + """ + Output to be done at the terraform + + Returns: + output (dict): Output Dict + """ outputs = {} if getattr(self, 'count', 1) != 0: self.OUTPUT_LIST.append(self.MANDATORY_OUTPUT) @@ -246,53 +415,73 @@ def get_terraform_output_list(self): return outputs - def get_provisioners(self): - return self.get_mandatory_local_exec() - - def get_mandatory_local_exec(self): - local_execs = [] - # local_execs = [{ - # 'local-exec': { - # 'command': self._get_install_start_local_exec_command(), - # 'environment': {'action': "install", 'resource': 'gvvgvvg'} + def get_mandatory_provisioners(self): + """List of all mandatory provisioners hook method for the current resource""" + id_reference = self.get_output_attr('id') + resource_created_status_file = get_resource_created_status_op_file(self.get_resource_id()) - # } - # # , - # # { - # # 'command': _get_install_start_local_exec_command - # # 'working_dir': Settings.TERRAFORM_STATUS_DIR, - # # 'interpreter': "python" - - # # }, - # }] + local_execs = [ + { + 'local-exec': { + 'command': "echo 1 > %s" % resource_created_status_file + } + } + ] return local_execs class TerraformData(BaseTerraformResource, metaclass=ABCMeta): + """ + Terraform data resource Base class + + Attributes: + terraform_type (str): Terraform resource type + tf_file_extension (str): File extension for the terraform file + """ terraform_type = 'data' tf_file_extension = 'tf' @classmethod def get_output_attr(cls, key): + """ + Generate terraform output string(reference string) format of the given key. + + Args: + key (str): Attribute name + + Returns: + output_attr_ref (str): Terraform output reference of the given attribute + """ return "${%s.%s.%s}" % ("data", cls.get_terraform_resource_path(), key) def get_terraform_output_list(self): return None - def get_provisioners(self): - return [] - class BaseTerraformVariable(BaseTerraformResource): + """ + Terraform variable base class + + Attributes: + tf_file_extension (str): File extension for the terraform file + """ tf_file_extension = 'auto.tfvars' def generate_terraform(self): + """This creates terraform variable""" if self.variable_dict_input: lines = json.dumps(self.variable_dict_input, indent=4).split('\n') self.create_terraform_tfvars_file(lines) def create_terraform_tfvars_file(self, lines): + """ + Create terraform tfavars file from the class definition + + Args: + lines (list): List of json content + + """ file = self.get_resource_terraform_file() output_lines = [] with open(file, "w") as fp: @@ -305,6 +494,12 @@ def create_terraform_tfvars_file(self, lines): fp.writelines(output_lines) def get_resource_terraform_file(self): + """ + Get the path of the terraform tfvars file created(to be created) for the current variable + + Returns: + path (path): path of tfvars file + """ return os.path.join( Settings.TERRAFORM_DIR, self.get_resource_id() + "." + self.tf_file_extension @@ -312,8 +507,15 @@ def get_resource_terraform_file(self): @classmethod def length(cls): + """find the number of items in terraform variable list""" return "${length(var.%s)}" % cls.variable_name @classmethod def lookup(cls, key): + """ + Search for the key in the variable with current index + + Args: + kye (str): key name in the var + """ return '${lookup(var.%s[count.index], "%s")}' % (cls.variable_name, key) diff --git a/installer/core/terraform/resources/aws/aws_lambda.py b/installer/core/terraform/resources/aws/aws_lambda.py index 80a0b36fb..b77f290b2 100644 --- a/installer/core/terraform/resources/aws/aws_lambda.py +++ b/installer/core/terraform/resources/aws/aws_lambda.py @@ -4,6 +4,13 @@ class LambdaFunctionResource(TerraformResource): + """ + Base resource class for Terraform AWS Lambda function resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_lambda_function" available_args = { 'function_name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -20,6 +27,17 @@ class LambdaFunctionResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "function_name", 'value': self.get_input_attr('function_name')} exists = False @@ -34,6 +52,13 @@ def check_exists_before(self, input, tf_outputs): class LambdaPermission(TerraformResource): + """ + Base resource class for Terraform AWS Lambda permission resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_lambda_permission" available_args = { 'action': {'required': True}, diff --git a/installer/core/terraform/resources/aws/batch.py b/installer/core/terraform/resources/aws/batch.py index 2755caf0b..673f53f7b 100644 --- a/installer/core/terraform/resources/aws/batch.py +++ b/installer/core/terraform/resources/aws/batch.py @@ -4,6 +4,13 @@ class BatchComputeEnvironmentResource(TerraformResource): + """ + Base resource class for Terraform AWS Batch compute environment resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_batch_compute_environment" available_args = { 'compute_environment_name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -28,6 +35,17 @@ class BatchComputeEnvironmentResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('compute_environment_name')} exists = False @@ -42,6 +60,13 @@ def check_exists_before(self, input, tf_outputs): class BatchJobDefinitionResource(TerraformResource): + """ + Base resource class for Terraform AWS Batch job definition resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_batch_job_definition" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -57,6 +82,17 @@ class BatchJobDefinitionResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -71,6 +107,13 @@ def check_exists_before(self, input, tf_outputs): class BatchJobQueueResource(TerraformResource): + """ + Base resource class for Terraform AWS Batch job queue resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_batch_job_queue" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -80,6 +123,17 @@ class BatchJobQueueResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False diff --git a/installer/core/terraform/resources/aws/cloudwatch.py b/installer/core/terraform/resources/aws/cloudwatch.py index ecc7fedb3..7553543c2 100644 --- a/installer/core/terraform/resources/aws/cloudwatch.py +++ b/installer/core/terraform/resources/aws/cloudwatch.py @@ -5,6 +5,13 @@ class CloudWatchEventRuleResource(TerraformResource): + """ + Base resource class for Terraform AWS Cloudwatch event rule resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_cloudwatch_event_rule" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -17,6 +24,17 @@ class CloudWatchEventRuleResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -42,6 +60,13 @@ class CloudWatchEventTargetResource(TerraformResource): class CloudWatchLogGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS Cloudwatch log group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_cloudwatch_log_group" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '/'}, @@ -51,6 +76,17 @@ class CloudWatchLogGroupResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -65,6 +101,13 @@ def check_exists_before(self, input, tf_outputs): class CloudWatchLogResourcePolicy(TerraformResource): + """ + Base resource class for Terraform AWS Cloudwatch log policy resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_cloudwatch_log_resource_policy" available_args = { 'policy_name': {'required': True, 'prefix': True, 'sep': '/'}, diff --git a/installer/core/terraform/resources/aws/ecr.py b/installer/core/terraform/resources/aws/ecr.py index 604083298..866162ed5 100644 --- a/installer/core/terraform/resources/aws/ecr.py +++ b/installer/core/terraform/resources/aws/ecr.py @@ -4,6 +4,13 @@ class ECRRepository(TerraformResource): + """ + Base resource class for Terraform AWS ECR resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_ecr_repository" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -11,6 +18,17 @@ class ECRRepository(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False diff --git a/installer/core/terraform/resources/aws/ecs.py b/installer/core/terraform/resources/aws/ecs.py index 928d763e1..3bc1c788a 100644 --- a/installer/core/terraform/resources/aws/ecs.py +++ b/installer/core/terraform/resources/aws/ecs.py @@ -4,6 +4,13 @@ class ECSClusterResource(TerraformResource): + """ + Base resource class for Terraform AWS ECS cluster resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_ecs_cluster" setup_time = 600 available_args = { @@ -12,6 +19,17 @@ class ECSClusterResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -26,6 +44,13 @@ def check_exists_before(self, input, tf_outputs): class ECSTaskDefinitionResource(TerraformResource): + """ + Base resource class for Terraform AWS ECS task definition resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_ecs_task_definition" setup_time = 600 available_args = { @@ -41,6 +66,17 @@ class ECSTaskDefinitionResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('family')} exists = False @@ -55,6 +91,13 @@ def check_exists_before(self, input, tf_outputs): class ECSServiceResource(TerraformResource): + """ + Base resource class for Terraform AWS ECS service resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_ecs_service" setup_time = 600 available_args = { diff --git a/installer/core/terraform/resources/aws/elasticsearch.py b/installer/core/terraform/resources/aws/elasticsearch.py index 2d4446e1f..ba4bf6dd9 100644 --- a/installer/core/terraform/resources/aws/elasticsearch.py +++ b/installer/core/terraform/resources/aws/elasticsearch.py @@ -4,6 +4,13 @@ class ElasticsearchDomainResource(TerraformResource): + """ + Base resource class for Terraform AWS ES Domain resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_elasticsearch_domain" OUTPUT_LIST = ['endpoint', 'kibana_endpoint'] setup_time = 600 @@ -53,6 +60,17 @@ class ElasticsearchDomainResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "domain_name", 'value': self.get_input_attr('domain_name')} exists = False @@ -67,6 +85,13 @@ def check_exists_before(self, input, tf_outputs): class ElasticsearchDomainPolicyResource(TerraformResource): + """ + Base resource class for Terraform AWS ES Domain policy resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_elasticsearch_domain_policy" setup_time = 60 available_args = { diff --git a/installer/core/terraform/resources/aws/iam.py b/installer/core/terraform/resources/aws/iam.py index 70305deec..093e69cca 100644 --- a/installer/core/terraform/resources/aws/iam.py +++ b/installer/core/terraform/resources/aws/iam.py @@ -4,6 +4,13 @@ class IAMRoleResource(TerraformResource): + """ + Base resource class for Terraform AWS IAM role resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_iam_role" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '_'}, @@ -20,6 +27,17 @@ class IAMRoleResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -30,6 +48,13 @@ def check_exists_before(self, input, tf_outputs): class IAMRolePolicyResource(TerraformResource): + """ + Base resource class for Terraform AWS IAM role policy resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_iam_policy" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '_'}, @@ -42,6 +67,17 @@ class IAMRolePolicyResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False if not self.resource_in_tf_output(tf_outputs): @@ -51,6 +87,13 @@ def check_exists_before(self, input, tf_outputs): class IAMRolePolicyAttachmentResource(TerraformResource): + """ + Base resource class for Terraform AWS IAM role policy attach resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_iam_role_policy_attachment" available_args = { 'role': {'required': True}, @@ -59,6 +102,13 @@ class IAMRolePolicyAttachmentResource(TerraformResource): class IAMInstanceProfileResource(TerraformResource): + """ + Base resource class for Terraform AWS IAM instance profile resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_iam_instance_profile" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '_'}, @@ -66,6 +116,17 @@ class IAMInstanceProfileResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False if not self.resource_in_tf_output(tf_outputs): @@ -75,6 +136,13 @@ def check_exists_before(self, input, tf_outputs): class IAMPolicyDocumentData(TerraformData): + """ + Base resource class for Terraform Policy document data resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_iam_policy_document" available_args = { 'statement': {'required': True}, @@ -82,6 +150,13 @@ class IAMPolicyDocumentData(TerraformData): class IamServiceLinkedRole(TerraformResource): + """ + Base resource class for Terraform AWS Service linked role resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_iam_service_linked_role" available_args = { 'aws_service_name': {'required': True}, diff --git a/installer/core/terraform/resources/aws/load_balancer.py b/installer/core/terraform/resources/aws/load_balancer.py index 9683af711..97df87fc4 100644 --- a/installer/core/terraform/resources/aws/load_balancer.py +++ b/installer/core/terraform/resources/aws/load_balancer.py @@ -4,6 +4,13 @@ class LoadBalancerResource(TerraformResource): + """ + Base resource class for Terraform AWS ELB resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_lb" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -15,6 +22,17 @@ class LoadBalancerResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -29,6 +47,13 @@ def check_exists_before(self, input, tf_outputs): class ALBListenerResource(TerraformResource): + """ + Base resource class for Terraform AWS ELB listener resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_alb_listener" available_args = { 'load_balancer_arn': {'required': True}, @@ -46,6 +71,13 @@ class ALBListenerResource(TerraformResource): class ALBListenerRuleResource(TerraformResource): + """ + Base resource class for Terraform AWS ELB Listener rule resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_lb_listener_rule" available_args = { 'listener_arn': {'required': True}, @@ -68,6 +100,13 @@ class ALBListenerRuleResource(TerraformResource): class ALBTargetGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS ELB target group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_alb_target_group" available_args = { 'name': {'required': True, 'prefix': True, 'sep': '-'}, @@ -94,6 +133,17 @@ class ALBTargetGroupResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False diff --git a/installer/core/terraform/resources/aws/misc.py b/installer/core/terraform/resources/aws/misc.py index 77679db9b..a3ff51220 100644 --- a/installer/core/terraform/resources/aws/misc.py +++ b/installer/core/terraform/resources/aws/misc.py @@ -2,12 +2,26 @@ class AwsCallerIdData(TerraformData): + """ + Base resource class for Terraform AWS Caller ID data resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_caller_identity" available_args = { } class AwsRegionData(TerraformData): + """ + Base resource class for Terraform AWS region data resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_region" available_args = { } diff --git a/installer/core/terraform/resources/aws/rds.py b/installer/core/terraform/resources/aws/rds.py index d2e2a28b4..f34c55a2e 100644 --- a/installer/core/terraform/resources/aws/rds.py +++ b/installer/core/terraform/resources/aws/rds.py @@ -4,6 +4,13 @@ class RDSResource(TerraformResource): + """ + Base resource class for Terraform AWS RDS resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_db_instance" OUTPUT_LIST = ['endpoint'] setup_time = 600 @@ -27,6 +34,17 @@ class RDSResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "identifier", 'value': self.get_input_attr('identifier')} exists = False @@ -41,6 +59,13 @@ def check_exists_before(self, input, tf_outputs): class RDSOptionGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS RDS option group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_db_option_group" setup_time = 60 available_args = { @@ -54,6 +79,17 @@ class RDSOptionGroupResource(TerraformResource): option_group_description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -68,6 +104,13 @@ def check_exists_before(self, input, tf_outputs): class RDSParameterGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS parameter group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_db_parameter_group" setup_time = 60 available_args = { @@ -80,6 +123,17 @@ class RDSParameterGroupResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -94,6 +148,13 @@ def check_exists_before(self, input, tf_outputs): class RDSSubnetGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS RDS Subnet group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_db_subnet_group" setup_time = 60 available_args = { @@ -106,6 +167,17 @@ class RDSSubnetGroupResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False diff --git a/installer/core/terraform/resources/aws/redshift.py b/installer/core/terraform/resources/aws/redshift.py index 016bbc88d..c42547857 100644 --- a/installer/core/terraform/resources/aws/redshift.py +++ b/installer/core/terraform/resources/aws/redshift.py @@ -4,6 +4,13 @@ class RedshiftClusterResource(TerraformResource): + """ + Base resource class for Terraform AWS Redshift resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_redshift_cluster" OUTPUT_LIST = ['endpoint'] setup_time = 600 @@ -24,6 +31,17 @@ class RedshiftClusterResource(TerraformResource): } def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "cluster_identifier", 'value': self.get_input_attr('cluster_identifier')} exists = False @@ -38,6 +56,13 @@ def check_exists_before(self, input, tf_outputs): class RedshiftParameterGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS Redshift parameter group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_redshift_parameter_group" setup_time = 60 available_args = { @@ -50,6 +75,17 @@ class RedshiftParameterGroupResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False @@ -64,6 +100,13 @@ def check_exists_before(self, input, tf_outputs): class RedshiftSubnetGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS Redshift Subnet group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_redshift_subnet_group" setup_time = 60 available_args = { @@ -76,6 +119,17 @@ class RedshiftSubnetGroupResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False diff --git a/installer/core/terraform/resources/aws/s3.py b/installer/core/terraform/resources/aws/s3.py index 61792d0d1..809ddab05 100644 --- a/installer/core/terraform/resources/aws/s3.py +++ b/installer/core/terraform/resources/aws/s3.py @@ -4,6 +4,13 @@ class S3Bucket(TerraformResource): + """ + Base resource class for Terraform AWS S3 bucket resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_s3_bucket" available_args = { 'bucket': {'required': True, 'prefix': True, 'sep': '-'}, @@ -15,6 +22,13 @@ class S3Bucket(TerraformResource): class S3BucketObject(TerraformResource): + """ + Base resource class for Terraform AWS S3 bucket object resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_s3_bucket_object" skip_source_exists_check = False available_args = { diff --git a/installer/core/terraform/resources/aws/vpc.py b/installer/core/terraform/resources/aws/vpc.py index 77bf8c894..30fcea718 100644 --- a/installer/core/terraform/resources/aws/vpc.py +++ b/installer/core/terraform/resources/aws/vpc.py @@ -4,6 +4,13 @@ class SecurityGroupResource(TerraformResource): + """ + Base resource class for Terraform AWS security group resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "aws_security_group" OUTPUT_LIST = ['id'] setup_time = 600 @@ -35,6 +42,17 @@ class SecurityGroupResource(TerraformResource): description = Settings.RESOURCE_DESCRIPTION def check_exists_before(self, input, tf_outputs): + """ + Check if the resource is already exists in AWS + + Args: + input (instance): input object + tf_outputs (dict): Terraform output dictionary + + Returns: + exists (boolean): True if already exists in AWS else False + checked_details (dict): Status of the existence check + """ checked_details = {'attr': "name", 'value': self.get_input_attr('name')} exists = False diff --git a/installer/core/terraform/resources/misc.py b/installer/core/terraform/resources/misc.py index afa89ca63..50878feec 100644 --- a/installer/core/terraform/resources/misc.py +++ b/installer/core/terraform/resources/misc.py @@ -3,7 +3,14 @@ class NullResource(TerraformResource): + """ + Base resource class for Terraform Null resource + + Attributes: + resource_instance_name (str): Type of resource instance + available_args (dict): Instance configurations + """ resource_instance_name = "null_resource" - setup_time = 60 available_args = { + 'triggers': {'required': False}, } diff --git a/installer/core/terraform/resources/variable.py b/installer/core/terraform/resources/variable.py index 1b098c7af..d2ea517f3 100644 --- a/installer/core/terraform/resources/variable.py +++ b/installer/core/terraform/resources/variable.py @@ -2,6 +2,14 @@ class TerraformVariable(BaseTerraformVariable): + """ + Base resource class for Terraform tfvar variable + + Attributes: + variable_dict_input (dict/none): Var dict values + available_args (dict): Instance configurations + variable_type (str): Define the variable i.e. terraform list var or terraform dict var etc + """ variable_dict_input = None variable_type = None available_args = { diff --git a/installer/core/terraform/utils.py b/installer/core/terraform/utils.py index 1029917e3..d94243158 100644 --- a/installer/core/terraform/utils.py +++ b/installer/core/terraform/utils.py @@ -4,6 +4,12 @@ def get_terraform_provider_file(): + """ + Return terraform provider file path + + Returns: + path: terraform provider file path + """ return os.path.join( Settings.TERRAFORM_DIR, 'provider.tf' @@ -11,6 +17,12 @@ def get_terraform_provider_file(): def get_terraform_scripts_and_files_dir(): + """ + Return path of the terraform supported scripts & file directory + + Returns: + path: Scripts and files directory path + """ return os.path.join( Settings.TERRAFORM_DIR, 'scripts_and_files' @@ -18,6 +30,12 @@ def get_terraform_scripts_and_files_dir(): def get_terraform_scripts_dir(): + """ + Return path of the terraform supported scripts directory + + Returns: + path: Scripts directory path + """ return os.path.join( get_terraform_scripts_and_files_dir(), 'scripts' @@ -25,6 +43,15 @@ def get_terraform_scripts_dir(): def get_terraform_resource_path(resource_class): + """ + File path without extension of the resource terraform file + + Args: + resource_class (class/instance): Resource Base class + + Returns: + resource_path (path): terraform file path + """ resource_path = ".".join( [resource_class.resource_instance_name, resource_class.get_resource_id()]) @@ -32,6 +59,16 @@ def get_terraform_resource_path(resource_class): def get_formatted_resource_attr_value(arg_value, attrs): + """ + Terraform resource attribute formation + + Args: + arg_value (str): Attribute name + attrs (dict): Attribute dictionary + + Returns: + arg_value (str): Value of the resource attribute + """ field_type = attrs.get('type', None) if field_type == 'json': arg_value = json.dumps(arg_value) @@ -44,6 +81,16 @@ def get_formatted_resource_attr_value(arg_value, attrs): def get_prefix_added_attr_value(arg_value, attrs): + """ + Prefix added attribute value for resource attribute if required + + Args: + arg_value (str): Attribute name + attrs (dict): Attribute dictionary + + Returns: + arg_value (str): Value of the resource attribute with prefix + """ if attrs.get('prefix', False): trail_value = "" if arg_value.strip() == "" else arg_value prefix_sep = "" if (Settings.RESOURCE_NAME_PREFIX.strip() == "" or trail_value == "") else attrs.get('sep', "") @@ -54,8 +101,63 @@ def get_prefix_added_attr_value(arg_value, attrs): def get_terraform_latest_output_file(): + """ + Terraform output file where terraform execution output is stored + + Returns: + path: Path of the output file + """ return os.path.join(Settings.OUTPUT_DIR, 'output.json') def get_terraform_status_file(): + """ + Terraform status file where terraform execution status is stored + + Returns: + path: Path of the status file + """ return os.path.join(Settings.OUTPUT_DIR, 'status.json') + + +def _get_resource_status_file_name(resource_id, status): + """ + Resource completion status file name path + + Args: + resource_id (str): Resource ID of the resource + status (str): Extension to be provided + + Returns: + str: Abs path of the status file as string + """ + filename = "op." + resource_id + ".pyform." + str(status) + file_path = os.path.join(Settings.OUTPUT_STATUS_DIR, filename) + + return str(file_path) + + +def get_resource_creating_status_op_file(resource_id): + """ + Resource initialization started status file name path + + Args: + resource_id (str): Resource ID of the resource + + Returns: + str: Abs path of the status file as string + """ + return _get_resource_status_file_name(resource_id, '0') + + +def get_resource_created_status_op_file(resource_id): + """ + Resource creation completed status file name path + + Args: + resource_id (str): Resource ID of the resource + + Returns: + str: Abs path of the status file as string + """ + return _get_resource_status_file_name(resource_id, '1') diff --git a/installer/core/utils.py b/installer/core/utils.py index 78cbd90fc..61884dd32 100644 --- a/installer/core/utils.py +++ b/installer/core/utils.py @@ -5,6 +5,15 @@ def get_sub_dir_names(directory_path): + """ + List subdirs of the given directory path + + Args: + directory_path (path): Path of the directory of which sub dirs to be find out + + Returns: + dirs (list): List of all sub dirs + """ try: dirs = [dir.path.split(os.sep)[-1] for dir in os.scandir(directory_path) if dir.is_dir()] @@ -16,6 +25,15 @@ def get_sub_dir_names(directory_path): def get_dir_file_names(directory_path): + """ + List all files of the given directory path + + Args: + directory_path (path): Path of the directory of which sub dirs to be find out + + Returns: + dirs (list): List of all files in a dir + """ files_only = [f for f in os.listdir(directory_path) if os.path.isfile( os.path.join(directory_path, f))] @@ -27,9 +45,15 @@ def exit_system_safely(): def run_command(command): - ''' - This method runs the bash command provided as argument - ''' + """ + Run a system command + + Args: + command (str): Command to be executed + + Returns: + int, str, str: Return return code, output and error + """ stderr = subprocess.PIPE stdout = subprocess.PIPE command_list = command.split(' ') @@ -44,10 +68,17 @@ def run_command(command): def get_terraform_lock_file(): + """Terraform lock file path""" return os.path.join(Settings.TERRAFORM_DIR, ".terraform.tfstate.lock.info") def exists_teraform_lock(): + """ + Return True if lock file exists + + Returns: + boolean: True if lock file exists else False + """ lock_file = get_terraform_lock_file() return os.path.exists(lock_file) diff --git a/installer/custom/commands/redeploy.py b/installer/custom/commands/redeploy.py index d9f81b23d..e07c42414 100644 --- a/installer/custom/commands/redeploy.py +++ b/installer/custom/commands/redeploy.py @@ -1,22 +1,50 @@ from core.commands import BaseCommand from core.config import Settings from core import constants as K -from threading import Thread +from core.terraform.resources.aws.ecs import ECSTaskDefinitionResource, ECSClusterResource from core.terraform import PyTerraform -from core.providers.aws.boto3.ecs import stop_all_services_in_a_cluster +from core.providers.aws.boto3.ecs import stop_all_tasks_in_a_cluster, deregister_task_definition +from threading import Thread import time import importlib import sys -import pprint -pp = pprint.PrettyPrinter(indent=2) +import inspect +import os class Redeploy(BaseCommand): + """ + This calss is defined to redeploy PacBot which is already installed by Installer command + + Attributes: + validation_class (class): This validate the input and resources + input_class (class): Main class to read input from user + install_class (class): Provider based install class + need_complete_install (boolean): True if complete installation is required else False + + """ def __init__(self, args): args.append((K.CATEGORY_FIELD_NAME, "deploy")) + self.need_complete_install = self._need_complete_installation() + Settings.set('SKIP_RESOURCE_EXISTENCE_CHECK', True) super().__init__(args) + def _need_complete_installation(self): + need_complete_install = False + + redshift_cluster_file = os.path.join(Settings.TERRAFORM_DIR, "datastore_redshift_RedshiftCluster.tf") + if os.path.exists(redshift_cluster_file): + need_complete_install = True + + return need_complete_install + def execute(self, provider): + """ + Command execution starting point + + Args: + provider (string): Provider name like AWS or Azure etc + """ self.initialize_install_classes(provider) if self.check_pre_requisites() is False: @@ -26,6 +54,12 @@ def execute(self, provider): self.re_deploy_pacbot(input_instance) def initialize_install_classes(self, provider): + """ + Initialise classes based on the provider + + Args: + provider (string): Provider name like AWS or Azure etc + """ self.validation_class = getattr(importlib.import_module( provider.provider_module + '.validate'), 'SystemInstallValidation') self.input_class = getattr(importlib.import_module( @@ -34,11 +68,95 @@ def initialize_install_classes(self, provider): provider.provider_module + '.install'), 'Install') def re_deploy_pacbot(self, input_instance): - resources_to_process = self.get_resources_to_process(input_instance) - response = PyTerraform().terraform_taint(resources_to_process) - terraform_with_targets = True # THis should be set as false otherwise dependent resources will not be built - # self.stop_ecs_tasks() + """ + Start method for redeploy + + Args: + input_instance (Input object): User input values + """ + resources_to_taint = self.get_resources_to_process(input_instance) + try: + response = PyTerraform().terraform_taint(resources_to_taint) # If tainted or destroyed already then skip it + except: + pass + + terraform_with_targets = False if self.need_complete_install else True + resources_to_process = self.get_complete_resources(input_instance) if self.need_complete_install else resources_to_taint + + self.run_real_deployment(input_instance, resources_to_process, terraform_with_targets) + def inactivate_required_services_for_redeploy(self, resources_to_process, dry_run): + """ + Before redeploy get started or on redeploy happens stop the tasks and deregister task definition + + Args: + resources_to_process (list): List of resources to be created/updated + only_tasks (boolean): This flasg decides whther to deregister task definition or not + """ + if dry_run: + return + + for resource in resources_to_process: + if self.terraform_thread.isAlive(): + resource_base_classes = inspect.getmro(resource.__class__) + + if ECSTaskDefinitionResource in resource_base_classes: + try: + deregister_task_definition( + Settings.AWS_ACCESS_KEY, + Settings.AWS_SECRET_KEY, + Settings.AWS_REGION, + resource.get_input_attr('family'), + ) + except: + pass + elif ECSClusterResource in resource_base_classes: + cluster_name = resource.get_input_attr('name') + else: + return + + for i in range(3): + if self.terraform_thread.isAlive(): + try: + stop_all_tasks_in_a_cluster( + cluster_name, + Settings.AWS_ACCESS_KEY, + Settings.AWS_SECRET_KEY, + Settings.AWS_REGION + ) + except: + pass + time.sleep(20) + else: + return + + def run_real_deployment(self, input_instance, resources_to_process, terraform_with_targets): + """ + Main thread method which invokes the 2 thread: one for actual execution and another for displaying status + + Args: + input_instance (Input obj): Input object with values read from user + resources_to_process (list): List of resources to be created/updated + terraform_with_targets (boolean): This is True since redeployment is happening + """ + self.terraform_thread = Thread(target=self.run_tf_apply, args=(input_instance, list(resources_to_process), terraform_with_targets)) + stop_related_task_thread = Thread(target=self.inactivate_required_services_for_redeploy, args=(list(resources_to_process), self.dry_run)) + + self.terraform_thread.start() + stop_related_task_thread.start() + + self.terraform_thread.join() + stop_related_task_thread.join() + + def run_tf_apply(self, input_instance, resources_to_process, terraform_with_targets): + """ + Execute the installation of resources by invoking the execute method of provider class + + Args: + input_instance (Input obj): Input object with values read from user + resources_to_process (list): List of resources to be created/updated + terraform_with_targets (boolean): This is True since redeployment is happening + """ self.install_class( self.args, input_instance, @@ -48,11 +166,3 @@ def re_deploy_pacbot(self, input_instance): terraform_with_targets, self.dry_run ) - - # def stop_ecs_tasks(self): - # stop_all_services_in_a_cluster( - # Settings.RESOURCE_NAME_PREFIX, - # Settings.AWS_ACCESS_KEY, - # Settings.AWS_SECRET_KEY, - # Settings.AWS_REGION - # ) diff --git a/installer/data/output/status/.gitignore b/installer/data/output/status/.gitignore new file mode 100644 index 000000000..f59ec20aa --- /dev/null +++ b/installer/data/output/status/.gitignore @@ -0,0 +1 @@ +* \ No newline at end of file diff --git a/installer/files/pacbot-SubmitRuleExecutionJob.zip b/installer/files/pacbot-SubmitRuleExecutionJob.zip index 55afb6ea3..8b3a7b635 100644 Binary files a/installer/files/pacbot-SubmitRuleExecutionJob.zip and b/installer/files/pacbot-SubmitRuleExecutionJob.zip differ diff --git a/installer/files/scripts/build_pacbot.py b/installer/files/scripts/build_pacbot.py index a04871a2a..7dd108b41 100644 --- a/installer/files/scripts/build_pacbot.py +++ b/installer/files/scripts/build_pacbot.py @@ -8,12 +8,17 @@ class Buildpacbot(object): + """ + Build PacBot services + + Attributes: + mvn_build_command (str): Maven build command to be executed + mvn_clean_command (str): Maven clean command to be executed + archive_type (str): Archive format + html_handlebars_uri (str): file to make public after uploading to s3 + """ mvn_build_command = "mvn install -DskipTests=true -Dmaven.javadoc.skip=true -B -V" mvn_clean_command = "mvn clean" - npm_install = "npm install" - bower_install = "bower install --allow-root" - type_script_install = "npm install typescript@'>=2.1.0 <2.4.0'" - ng_build = "ng build --env=prod --output-hashing=all" archive_type = "zip" # What type of archive is required html_handlebars_uri = '' @@ -41,6 +46,15 @@ def build_api_and_ui_apps(self, aws_access_key, aws_secret_key, region, bucket, self._clean_up_all() def upload_ui_files_to_s3(self, aws_access_key, aws_secret_key, region, bucket): + """ + Upload email template files to s3 from codebase + + Args: + aws_access_key (str): AWS access key + aws_secret_key (str): AWS secret key + region (str): AWS region + bucket (str): S3 bucket name + """ print("Uploading Email templates to S3...............\n") self.write_to_debug_log("Uploading email teamplate files to S3...") folder_to_upload = "pacman-v2-email-template" @@ -56,11 +70,10 @@ def upload_ui_files_to_s3(self, aws_access_key, aws_secret_key, region, bucket): s3_client = s3 = boto3.client('s3', region_name=region, aws_access_key_id=aws_access_key, aws_secret_access_key=aws_secret_key) for file_name in files_to_upload: file_path = os.path.join(local_folder_path, file_name) - extra_args = {} + extra_args = {'ACL': 'public-read'} # To make this public key = folder_to_upload + '/' + file_name if file_name == 'html.handlebars': - extra_args = {'ACL': 'public-read'} # To make this public self.html_handlebars_uri = '%s/%s/%s' % (s3_client.meta.endpoint_url, bucket, key) # To be added in config.ts s3_client.upload_file(file_path, bucket, key, ExtraArgs=extra_args) @@ -69,9 +82,17 @@ def upload_ui_files_to_s3(self, aws_access_key, aws_secret_key, region, bucket): print("Email templates upload to S3 completed!!!\n") def run_bash_command(self, command, exec_dir): - ''' - This method runs the bash command provided as argument - ''' + """ + Run bash command supplied to be run + + Args: + command (str): Command to run + exec_dir (path): from which dir the command to be run + + Returns: + stdout (str): Response from command prompt + stderr (str): Error occured if any + """ command = command + ' &>>' + self.maven_build_log os.chdir(exec_dir) p = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE) @@ -85,6 +106,16 @@ def run_bash_command(self, command, exec_dir): return stdout, stderr def build_jar_and_ui_from_code(self, aws_access_key, aws_secret_key, region, bucket, s3_key_prefix): + """ + Build jars and upload to S3 + + Args: + aws_access_key (str): AWS access key + aws_secret_key (str): AWS secret key + region (str): AWS region + bucket (str): S3 bucket name + s3_key_prefix (str): Under which folder this has be uploaded + """ webapp_dir = self._get_web_app_directory() self._update_variables_in_ui_config(webapp_dir) self.build_api_job_jars(self.codebase_root_dir) @@ -100,36 +131,25 @@ def build_api_job_jars(self, working_dir): self.write_to_debug_log("Build Completed...") def upload_jar_files(self, working_dir, aws_access_key, aws_secret_key, region, bucket, s3_key_prefix): - api_folders = [ - "pacman-api-admin.jar", - "pacman-api-asset.jar", - "pacman-api-compliance.jar", - "config.jar", - "pacman-api-notification.jar", - "pacman-api-statistics.jar", - "pacman-api-auth.jar" + folders = [ + os.path.join(working_dir, "dist", "api"), + os.path.join(working_dir, "dist", "jobs"), ] - jobs_folder = [ - "pacman-aws-inventory-jar-with-dependencies.jar", - "data-shipper-jar-with-dependencies.jar", - "rule-engine.jar", - "pac-managed-rules.jar" - ] - s3_client = s3 = boto3.client('s3', region_name=region, aws_access_key_id=aws_access_key, aws_secret_access_key=aws_secret_key) - - for jarfile in api_folders: - copy_file_from = working_dir + "/dist/api/" + jarfile - s3_jar_file_key = str(os.path.join(s3_key_prefix, jarfile)) - self.write_to_debug_log("JAR File: %s, Uploading to S3..." % s3_jar_file_key) - s3_client.upload_file(copy_file_from, bucket, s3_jar_file_key) - self.write_to_debug_log("JAR File: %s, Uploaded to S3" % s3_jar_file_key) - - for jarfile in jobs_folder: - copy_file_from = working_dir + "/dist/jobs/" + jarfile - s3_jar_file_key = str(os.path.join(s3_key_prefix, jarfile)) - self.write_to_debug_log("JAR File: %s, Uploading to S3..." % s3_jar_file_key) - s3_client.upload_file(copy_file_from, bucket, s3_jar_file_key) - self.write_to_debug_log("JAR File: %s, Uploaded to S3" % s3_jar_file_key) + s3_client = s3 = boto3.client( + 's3', + region_name=region, + aws_access_key_id=aws_access_key, + aws_secret_access_key=aws_secret_key) + + for folder in folders: + if os.path.exists(folder): + files = os.walk(folder).__next__()[2] + for jarfile in files: + copy_file_from = os.path.join(folder, jarfile) + s3_jar_file_key = str(os.path.join(s3_key_prefix, jarfile)) + self.write_to_debug_log("JAR File: %s, Uploading to S3..." % s3_jar_file_key) + s3_client.upload_file(copy_file_from, bucket, s3_jar_file_key) + self.write_to_debug_log("JAR File: %s, Uploaded to S3" % s3_jar_file_key) def _get_web_app_directory(self): return os.path.join(self.codebase_root_dir, "webapp") @@ -185,6 +205,9 @@ def write_to_debug_log(self, msg): if __name__ == "__main__": + """ + This script is executed from the provisioner of terraform resource to build pacbot app + """ api_domain_url = os.getenv('APPLICATION_DOMAIN') pacbot_code_dir = os.getenv('PACBOT_CODE_DIR') dist_files_upload_dir = os.getenv('DIST_FILES_UPLOAD_DIR') diff --git a/installer/files/scripts/create_docker_image_and_push_to_ecr.py b/installer/files/scripts/create_docker_image_and_push_to_ecr.py index 73ad42500..0b9ac4603 100644 --- a/installer/files/scripts/create_docker_image_and_push_to_ecr.py +++ b/installer/files/scripts/create_docker_image_and_push_to_ecr.py @@ -5,6 +5,19 @@ def build_and_push_docker_image(provider_json_file, ecr_repo, docker_file, docker_file_dir, log_file): + """ + Build docket image and push that to the ECR repo. + + Args: + provider_json_file (path): Path of the terraform provider file to get aws credentials + docker_file (str): Docker file name + ecr_repo (str): AWS ECR repo url + docker_file_dir (path): Abs Path of folder where docker file is present + log_file (path): Log file path + + Raises: + If failed to push image to ECR + """ write_to_debug_log(log_file, "Docker image creation and push to ecr repo: %s is started" % str(ecr_repo)) aws_access_key, aws_secret_key, region_name = get_provider_credentials("aws", provider_json_file) @@ -23,6 +36,15 @@ def build_and_push_docker_image(provider_json_file, ecr_repo, docker_file, docke def delete_docker_images_from_local(docker_file_abs_path): + """ + Delete docker image from local installer machine + + Args: + docker_file_abs_path (path): Abs path of docker file + + Raises: + If failed to push image to ECR + """ docker_client = Client(base_url='unix://var/run/docker.sock') # Delete original image @@ -46,6 +68,9 @@ def delete_docker_images_from_local(docker_file_abs_path): if __name__ == "__main__": + """ + This script is executed from the provisioner of terraform resource to create docker image and push it + """ provider_json_file = os.getenv('PROVIDER_FILE') ecr_repo = os.getenv('ECR_REPOSITORY') docker_file = os.getenv('DOCKER_FILE') diff --git a/installer/files/scripts/sql_replace_placeholder.py b/installer/files/scripts/sql_replace_placeholder.py index 561bd9400..8eaf9b36c 100644 --- a/installer/files/scripts/sql_replace_placeholder.py +++ b/installer/files/scripts/sql_replace_placeholder.py @@ -1,29 +1,53 @@ import os -def replace_placeholder_with_values(aws_region, aws_account_id, es_host, es_port, sql_file): +def replace_placeholder_with_values(env_variables, sql_file): + """ + Iterate over each line in the SQL file and replace any variables which is found in the + env_variables dict so that all variables values get expanded with correct one + + Args: + env_variables (dict): Dict containing only required env variables + sql_file (str): File path where the SQL file is present + """ with open(sql_file, 'r') as f: lines = f.readlines() for idx, line in enumerate(lines): - if "SET @region='$region';" in line: - lines[idx] = line.replace("@region='$region'", "@region='" + aws_region + "'") - if "SET @account='$account';" in line: - lines[idx] = line.replace("@account='$account'", "@account='" + aws_account_id + "'") - if "SET @eshost='$eshost';" in line: - lines[idx] = line.replace("@eshost='$eshost'", "@eshost='" + es_host + "'") - if "SET @esport='$esport';" in line: - lines[idx] = line.replace("@esport='$esport'", "@esport='" + es_port + "'") + for key, value in env_variables.items(): + compare_str = "SET @%s='$%s'" % (key, key) + if compare_str in line: + replace = compare_str + replace_with = "SET @%s='%s'" % (key, value) + lines[idx] = line.replace(replace, replace_with) + break with open(sql_file, 'w') as f: f.writelines(lines) +def get_env_variables_and_values(env_dict): + """ + This method get all the environment variables which starts with ENV_ and create a dict with + the key as the name after ENV_ and value as the environment value + + Args: + env_dict (dict): This is the real enviorment variable dict + + Returns: + env_variables (dict): Dict containing only required env variables + """ + env_variables = {} + for key, value in env_dict.items(): + if key.startswith('ENV_'): + var_key = key.split('ENV_')[1] + env_variables[var_key] = value + + return env_variables + + if __name__ == "__main__": - aws_region = os.getenv('AWS_REGION') - aws_account_id = os.getenv('AWS_ACCOUNT_ID') - es_host = os.getenv('ES_HOST') - es_port = os.getenv('ES_PORT') + env_variables = get_env_variables_and_values(dict(os.environ.items())) sql_file = os.getenv('SQL_FILE_PATH') - replace_placeholder_with_values(aws_region, aws_account_id, es_host, es_port, sql_file) + replace_placeholder_with_values(env_variables, sql_file) diff --git a/installer/files/scripts/utils.py b/installer/files/scripts/utils.py index eb9acdaf2..00fa75b4a 100644 --- a/installer/files/scripts/utils.py +++ b/installer/files/scripts/utils.py @@ -6,6 +6,18 @@ def get_provider_credentials(provider, provider_json_file): + """ + From terraform provider file identify the credentials and return it + + Args: + provider (str): Provider name of terraform + provider_json_file (path): Json Provider file abs path + + Returns: + aws_access_key (str): AWS access key + aws_secret_key (str): AWS secret key + region_name (str): AWS region name + """ if provider == "aws": # TODO- write now we are supporting AWS only with open(provider_json_file, 'r') as jsonfile: data = json.load(jsonfile) @@ -18,7 +30,18 @@ def get_provider_credentials(provider, provider_json_file): def get_docker_push_aws_auth_config(aws_access_key, aws_secret_key, region_name, log_file): - + """ + Return AWS auth config for pushing docker image to ECR + + Args: + aws_access_key (str): AWS access key + aws_secret_key (str): AWS secret key + region_name (str): AWS region name + log_file (path): Log file path + + Returns: + auth_config_payload (dict): AWS auth config + """ ecr = boto3.client( 'ecr', region_name=region_name, @@ -34,10 +57,23 @@ def get_docker_push_aws_auth_config(aws_access_key, aws_secret_key, region_name, auth_config_payload = {'username': username, 'password': password} write_to_log_file(log_file, " " * 10 + "Auth token has been generated!!!") + return auth_config_payload def build_docker_image(docker_file_dir, docker_file, repository, log_file): + """ + Build docker image from the given docker file + + Args: + docker_file_dir (path): Docker file dir + docker_file (path): Docker file + repository (str): Repo name + log_file (path): Log file path + + Returns: + auth_config_payload (dict): AWS auth config + """ docker_client = Client(base_url='unix://var/run/docker.sock') write_to_debug_log(log_file, "Creating Docker image: %s ..." % str(repository)) @@ -52,15 +88,30 @@ def build_docker_image(docker_file_dir, docker_file, repository, log_file): f.write("%s %s\n" % (" " * 10, str(item))) write_to_debug_log(log_file, "Docker image: %s has been created locally!!!" % str(repository)) + return docker_client def write_to_log_file(log_file, message): + """ + Write log to the given file + + Args: + message (str): Message to be logged + log_file (path): Log file path + """ with open(log_file, 'a') as f: f.write(message + "\n") def write_to_debug_log(debug_log_file, msg): + """ + Write log to the debug file + + Args: + message (str): Message to be logged + debug_log_file (path): Debug Log file path + """ now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') with open(debug_log_file, 'a+') as logfile: logfile.write("%s: %s\n" % (now, msg)) diff --git a/installer/resources/batch/env.py b/installer/resources/batch/env.py index 546f03b82..c6287d38e 100644 --- a/installer/resources/batch/env.py +++ b/installer/resources/batch/env.py @@ -1,11 +1,11 @@ from core.terraform.resources.aws.batch import BatchComputeEnvironmentResource -from resources.iam.ecs_role import ECSRoleInstanceProfile -from resources.iam.batch_role import BatchRole, BatchIAMRolePolicyAttach -from resources.vpc.security_group import InfraSecurityGroupResource from core.config import Settings from core.providers.aws.boto3.vpc import get_ec2_client from core.providers.aws.boto3.batch import get_compute_environments from core.mixins import MsgMixin +from resources.iam.ecs_role import ECSRoleInstanceProfile +from resources.iam.batch_role import BatchRole, BatchIAMRolePolicyAttach +from resources.vpc.security_group import InfraSecurityGroupResource import boto3 import os import sys @@ -58,13 +58,6 @@ def pre_generate_terraform(self): print(MsgMixin.BERROR_ANSI + message + MsgMixin.RESET_ANSI) sys.exit() - def pre_terraform_destroy(self): - warn_msg = "Batch Jobs are running, please try after it gets completed OR manually cancel the jobs" - if self.check_batch_jobs_running(): - message = "\n\t ** %s **\n" % warn_msg - print(MsgMixin.BERROR_ANSI + message + MsgMixin.RESET_ANSI) - sys.exit() - def post_terraform_destroy(self): ec2_client = get_ec2_client(self.input.aws_access_key, self.input.aws_secret_key, self.input.aws_region) ec2_key_pair = self.get_input_attr('ec2_key_pair') diff --git a/installer/resources/batch/job.py b/installer/resources/batch/job.py index 019c227fd..a15a13b04 100644 --- a/installer/resources/batch/job.py +++ b/installer/resources/batch/job.py @@ -1,11 +1,12 @@ from core.terraform.resources.aws.batch import BatchJobDefinitionResource, BatchJobQueueResource -from core.providers.aws.boto3.ecs import delete_task_definition +from core.providers.aws.boto3.ecs import deregister_task_definition +from core.config import Settings from resources.datastore.es import ESDomain from resources.batch.env import RuleEngineBatchJobEnv from resources.batch.ecr import RuleEngineEcrRepository from resources.data.aws_info import AwsAccount from resources.pacbot_app.alb import ApplicationLoadBalancer -from core.config import Settings +from resources.batch import utils import json import shutil @@ -36,13 +37,18 @@ class SubmitAndRuleEngineJobDefinition(BatchJobDefinitionResource): }) def post_terraform_destroy(self): - delete_task_definition( + deregister_task_definition( Settings.AWS_ACCESS_KEY, Settings.AWS_SECRET_KEY, Settings.AWS_REGION, self.get_input_attr('name') ) + def pre_terraform_destroy(self): + compute_env = RuleEngineBatchJobEnv.get_input_attr('compute_environment_name') + job_definition = self.get_input_attr('name') + utils.remove_batch_job_related_resources(compute_env, job_definition) + class RuleEngineJobQueue(BatchJobQueueResource): name = "rule-engine" diff --git a/installer/resources/batch/utils.py b/installer/resources/batch/utils.py new file mode 100644 index 000000000..3d980699c --- /dev/null +++ b/installer/resources/batch/utils.py @@ -0,0 +1,49 @@ +from core.providers.aws.boto3 import batch +from core.providers.aws.boto3 import ecs +from core.config import Settings + + +def remove_batch_job_related_resources(compute_env_name, job_definition_name): + deregister_ecs_task_definition_of_batch_job(job_definition_name) + ecs_cluster = get_ecs_cluster_from_compute_env(compute_env_name) + if ecs_cluster: + ecs.stop_all_tasks_in_a_cluster( + ecs_cluster, + Settings.AWS_ACCESS_KEY, + Settings.AWS_SECRET_KEY, + Settings.AWS_REGION) + + ecs.delete_container_instances( + ecs_cluster, + Settings.AWS_ACCESS_KEY, + Settings.AWS_SECRET_KEY, + Settings.AWS_REGION) + + ecs.delete_cluster( + ecs_cluster, + Settings.AWS_ACCESS_KEY, + Settings.AWS_SECRET_KEY, + Settings.AWS_REGION) + + +def deregister_ecs_task_definition_of_batch_job(task_definition_name): + ecs.deregister_task_definition( + Settings.AWS_ACCESS_KEY, + Settings.AWS_SECRET_KEY, + Settings.AWS_REGION, + task_definition_name + ) + + +def get_ecs_cluster_from_compute_env(compute_env_name): + response = batch.get_compute_environments( + [compute_env_name], + Settings.AWS_ACCESS_KEY, + Settings.AWS_SECRET_KEY, + Settings.AWS_REGION + ) + + if response: + return response[0]['ecsClusterArn'] + + return None diff --git a/installer/resources/lambda_rule_engine/function.py b/installer/resources/lambda_rule_engine/function.py index b1a47cc0d..2f6d6b34a 100644 --- a/installer/resources/lambda_rule_engine/function.py +++ b/installer/resources/lambda_rule_engine/function.py @@ -44,7 +44,7 @@ class RuleEngineEventRules(CloudWatchEventRuleResource): VARIABLES = [RulesListVariable] DEPENDS_ON = [RuleEngineLambdaFunction] available_args = { - 'name': {'required': True,}, + 'name': {'required': True}, 'schedule_expression': {'required': True}, 'event_pattern': {'required': False}, 'role_arn ': {'required': False}, diff --git a/installer/resources/lambda_rule_engine/utils.py b/installer/resources/lambda_rule_engine/utils.py index e65ecf36c..b630c0cf9 100644 --- a/installer/resources/lambda_rule_engine/utils.py +++ b/installer/resources/lambda_rule_engine/utils.py @@ -3,6 +3,12 @@ def get_rule_engine_cloudwatch_rules_var(): + """ + Read cloudwatch rule details from the json file and build dict with required details + + Returns: + variable_dict_input (list): List of dict of rule details used to generate terraform variable file + """ with open("resources/lambda_rule_engine/files/rule_engine_cloudwatch_rules.json", "r") as fp: data = fp.read() data = data.replace("role/pacman_ro", "role/" + BaseRole.get_input_attr('name')) diff --git a/installer/resources/lambda_submit/function.py b/installer/resources/lambda_submit/function.py index e3636318f..42d43674e 100644 --- a/installer/resources/lambda_submit/function.py +++ b/installer/resources/lambda_submit/function.py @@ -2,7 +2,6 @@ from core.terraform.resources.aws.cloudwatch import CloudWatchEventRuleResource, CloudWatchEventTargetResource from resources.datastore.es import ESDomain from resources.datastore.db import MySQLDatabase -from resources.datastore.redshift import RedshiftCluster from resources.iam.lambda_role import LambdaRole from resources.iam.base_role import BaseRole from resources.s3.bucket import BucketStorage @@ -23,7 +22,8 @@ class SubmitJobLambdaFunction(LambdaFunctionResource): environment = { 'variables': { 'JOB_QUEUE': BatchJobsQueue.get_input_attr('name'), - 'JOB_DEFINITION': SubmitAndRuleEngineJobDefinition.get_input_attr('name') + 'JOB_DEFINITION': SubmitAndRuleEngineJobDefinition.get_input_attr('name'), + 'CONFIG_URL': ApplicationLoadBalancer.get_api_base_url() + "/config/batch,inventory/prd/latest" } } @@ -70,21 +70,21 @@ class DataCollectorCloudWatchEventTarget(CloudWatchEventTargetResource): 'jobType': "jar", 'jobDesc': "AWS-Data-Collection", 'environmentVariables': [ - {'name': "REDSHIFT_INFO", 'value': RedshiftCluster.get_redshift_info()}, - {'name': "REDSHIFT_URL", 'value': RedshiftCluster.get_redshift_url()} + {'name': "CONFIG_URL", 'value': ApplicationLoadBalancer.get_api_base_url() + "/config/batch,inventory/prd/latest"} ], 'params': [ {'encrypt': False, 'key': "package_hint", 'value': "com.tmobile.cso.pacman"}, + {'encrypt': False, 'key': "config_creds", 'value': "dXNlcjpwYWNtYW4="}, {'encrypt': False, 'key': "accountinfo", 'value': AwsAccount.get_output_attr('account_id')}, - {'encrypt': False, 'key': "base-account", 'value': AwsAccount.get_output_attr('account_id')}, - {'encrypt': False, 'key': "discovery-role", 'value': BaseRole.get_output_attr('name')}, - {'encrypt': False, 'key': "s3", 'value': BucketStorage.get_output_attr('bucket')}, - {'encrypt': False, 'key': "s3-data", 'value': "inventory"}, # TODO: need to be changed with s3obj class - {'encrypt': False, 'key': "s3-processed", 'value': "backup"}, - {'encrypt': False, 'key': "s3-role", 'value': BaseRole.get_output_attr('name')}, - {'encrypt': False, 'key': "s3-region", 'value': AwsRegion.get_output_attr('name')}, - {'encrypt': False, 'key': "file-path", 'value': "/home/ec2-user/data"}, - {'encrypt': False, 'key': "base-region", 'value': AwsRegion.get_output_attr('name')} + # {'encrypt': False, 'key': "base-account", 'value': AwsAccount.get_output_attr('account_id')}, + # {'encrypt': False, 'key': "discovery-role", 'value': BaseRole.get_output_attr('name')}, + # {'encrypt': False, 'key': "s3", 'value': BucketStorage.get_output_attr('bucket')}, + # {'encrypt': False, 'key': "s3-data", 'value': "inventory"}, # TODO: need to be changed with s3obj class + # {'encrypt': False, 'key': "s3-processed", 'value': "backup"}, + # {'encrypt': False, 'key': "s3-role", 'value': BaseRole.get_output_attr('name')}, + # {'encrypt': False, 'key': "s3-region", 'value': AwsRegion.get_output_attr('name')}, + # {'encrypt': False, 'key': "file-path", 'value': "/home/ec2-user/data"}, + # {'encrypt': False, 'key': "base-region", 'value': AwsRegion.get_output_attr('name')} ] }) @@ -99,21 +99,21 @@ class DataShipperCloudWatchEventTarget(CloudWatchEventTargetResource): 'jobType': "jar", 'jobDesc': "Ship aws data periodically from redshfit to ES", 'environmentVariables': [ - {'name': "ES_HOST", 'value': ESDomain.get_output_attr('endpoint')}, - {'name': "RDS_DB_URL", 'value': MySQLDatabase.get_rds_db_url()}, - {'name': "REDSHIFT_DB_URL", 'value': RedshiftCluster.get_redshift_url()}, - {'name': "ES_PORT", 'value': "80"}, + # {'name': "ES_HOST", 'value': ESDomain.get_output_attr('endpoint')}, + # {'name': "RDS_DB_URL", 'value': MySQLDatabase.get_rds_db_url()}, + # {'name': "ES_PORT", 'value': "80"}, + # {'name': "STAT_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('statistics')}, + {'name': "CONFIG_URL", 'value': ApplicationLoadBalancer.get_api_base_url() + "/config/batch,data-shipper/prd/latest"}, {'name': "ASSET_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('asset')}, {'name': "CMPL_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('compliance')}, - {'name': "STAT_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('statistics')}, {'name': "AUTH_API_URL", 'value': ApplicationLoadBalancer.get_api_version_url('auth')}, ], 'params': [ {'encrypt': False, 'key': "package_hint", 'value': "com.tmobile"}, {'encrypt': False, 'key': "datasource", 'value': "aws"}, - {'encrypt': False, 'key': "redshiftinfo", 'value': RedshiftCluster.get_redshift_info()}, - {'encrypt': False, 'key': "rdsinfo", 'value': MySQLDatabase.get_rds_info()}, - {'encrypt': False, 'key': "apiauthinfo", 'value': "MjJlMTQ5MjItODdkNy00ZWU0LWE0NzAtZGEwYmIxMGQ0NWQzOmNzcldwYzVwN0pGRjR2RVpCa3dHQ0FoNjdrR1FHd1h2NDZxdWc3djVad3RLZw=="} + {'encrypt': False, 'key': "config_creds", 'value': "dXNlcjpwYWNtYW4="}, + {'encrypt': False, 'key': "apiauthinfo", + 'value': "MjJlMTQ5MjItODdkNy00ZWU0LWE0NzAtZGEwYmIxMGQ0NWQzOmNzcldwYzVwN0pGRjR2RVpCa3dHQ0FoNjdrR1FHd1h2NDZxdWc3djVad3RLZw=="} ] }) diff --git a/installer/resources/pacbot_app/alb.py b/installer/resources/pacbot_app/alb.py index 0b20be3a4..d6a2e8ea5 100644 --- a/installer/resources/pacbot_app/alb.py +++ b/installer/resources/pacbot_app/alb.py @@ -5,7 +5,7 @@ class ApplicationLoadBalancer(LoadBalancerResource): name = "" - internal = True + internal = Settings.get('MAKE_ALB_INTERNAL', True) load_balancer_type = "application" security_groups = [InfraSecurityGroupResource.get_output_attr('id')] subnets = Settings.get('VPC')['SUBNETS'] diff --git a/installer/resources/pacbot_app/alb_listener_rules.py b/installer/resources/pacbot_app/alb_listener_rules.py index 01bfc9e2d..de426bdc8 100644 --- a/installer/resources/pacbot_app/alb_listener_rules.py +++ b/installer/resources/pacbot_app/alb_listener_rules.py @@ -35,10 +35,9 @@ class ComplianceALBListenerRule(ALBListenerRuleResource, BaseLR): condition_values = [PATH_PREFIX + "compliance*"] -# TODO: Commenting this out to use it in future -# class NotificationsALBListenerRule(ALBListenerRuleResource, BaseLR): -# action_target_group_arn = tg.NotificationsALBTargetGroup.get_output_attr('arn') -# condition_values = [PATH_PREFIX + "notifications*"] +class NotificationsALBListenerRule(ALBListenerRuleResource, BaseLR): + action_target_group_arn = tg.NotificationsALBTargetGroup.get_output_attr('arn') + condition_values = [PATH_PREFIX + "notifications*"] class StatisticsALBListenerRule(ALBListenerRuleResource, BaseLR): diff --git a/installer/resources/pacbot_app/alb_target_groups.py b/installer/resources/pacbot_app/alb_target_groups.py index 4378e68c1..ef7c29b8a 100644 --- a/installer/resources/pacbot_app/alb_target_groups.py +++ b/installer/resources/pacbot_app/alb_target_groups.py @@ -35,10 +35,9 @@ class ComplianceALBTargetGroup(ALBTargetGroupResource, BaseTG): path = PATH_PREFIX + "compliance/api.html" -# TODO: Commenting this out to use it in future -# class NotificationsALBTargetGroup(ALBTargetGroupResource, BaseTG): -# name = "notifications" -# path = PATH_PREFIX + "notifications/api.html" +class NotificationsALBTargetGroup(ALBTargetGroupResource, BaseTG): + name = "notifications" + path = PATH_PREFIX + "notifications/api.html" class StatisticsALBTargetGroup(ALBTargetGroupResource, BaseTG): diff --git a/installer/resources/pacbot_app/ecs_services.py b/installer/resources/pacbot_app/ecs_services.py index 10d569250..0674368d4 100644 --- a/installer/resources/pacbot_app/ecs_services.py +++ b/installer/resources/pacbot_app/ecs_services.py @@ -8,7 +8,6 @@ from resources.pacbot_app import alb_listener_rules as alr from resources.pacbot_app.build_ui_and_api import BuildUiAndApis from resources.pacbot_app.import_db import ImportDbSql -from core.providers.aws.boto3.ecs import stop_all_services_in_a_cluster import os @@ -75,13 +74,12 @@ class ComplianceEcsService(BaseEcsService, ECSServiceResource): DEPENDS_ON = [alr.ComplianceALBListenerRule, WaitConfigServiceToUp] -# TODO: Commenting this out to use it in future -# class NotificationsEcsService(ECSServiceResource, BaseEcsService): -# name = "notifications" -# task_definition = td.NotificationsEcsTaskDefinition.get_output_attr('arn') -# load_balancer_target_group_arn = tg.NotificationsALBTargetGroup.get_output_attr('arn') -# load_balancer_container_name = "notifications" -# DEPENDS_ON = [alr.NotificationsALBListenerRule, WaitConfigServiceToUp] +class NotificationsEcsService(BaseEcsService, ECSServiceResource): + name = "notifications" + task_definition = td.NotificationsEcsTaskDefinition.get_output_attr('arn') + load_balancer_target_group_arn = tg.NotificationsALBTargetGroup.get_output_attr('arn') + load_balancer_container_name = "notifications" + DEPENDS_ON = [alr.NotificationsALBListenerRule, WaitConfigServiceToUp] class StatisticsEcsService(BaseEcsService, ECSServiceResource): diff --git a/installer/resources/pacbot_app/ecs_task_defintions.py b/installer/resources/pacbot_app/ecs_task_defintions.py index 26b9ef4da..c3c4210c2 100644 --- a/installer/resources/pacbot_app/ecs_task_defintions.py +++ b/installer/resources/pacbot_app/ecs_task_defintions.py @@ -3,6 +3,7 @@ from resources.pacbot_app.task_def_variables import ContainerDefinitions from resources.pacbot_app.ecr import APIDockerImageBuild, UIDockerImageBuild + container_def = ContainerDefinitions() @@ -42,11 +43,10 @@ class ComplianceEcsTaskDefinition(ECSTaskDefinitionResource, BaseTaskDefinition) DEPENDS_ON = [APIDockerImageBuild] -# TODO: Commenting this out to use it in future -# class NotificationsEcsTaskDefinition(ECSTaskDefinitionResource, BaseTaskDefinition): -# family = "notifications" -# container_definitions = container_def.get_container_definitions('notifications') -# DEPENDS_ON = [APIDockerImageBuild] +class NotificationsEcsTaskDefinition(ECSTaskDefinitionResource, BaseTaskDefinition): + family = "notifications" + container_definitions = container_def.get_container_definitions('notifications') + DEPENDS_ON = [APIDockerImageBuild] class StatisticsEcsTaskDefinition(ECSTaskDefinitionResource, BaseTaskDefinition): diff --git a/installer/resources/pacbot_app/files/DB.sql b/installer/resources/pacbot_app/files/DB.sql index 6bf7a7102..d2de98311 100644 --- a/installer/resources/pacbot_app/files/DB.sql +++ b/installer/resources/pacbot_app/files/DB.sql @@ -23,10 +23,62 @@ SET @region='$region'; SET @account='$account'; SET @eshost='$eshost'; SET @esport='$esport'; - -DROP TABLE IF EXISTS `OmniSearch_Config`; - -CREATE TABLE `OmniSearch_Config` ( +SET @LOGGING_ES_HOST_NAME='$LOGGING_ES_HOST_NAME'; +SET @LOGGING_ES_PORT='$LOGGING_ES_PORT'; +SET @ES_HOST_NAME='$ES_HOST_NAME'; +SET @ES_PORT='$ES_PORT'; +SET @ES_CLUSTER_NAME='$ES_CLUSTER_NAME'; +SET @ES_PORT_ADMIN='$ES_PORT_ADMIN'; +SET @ES_HEIMDALL_HOST_NAME='$ES_HEIMDALL_HOST_NAME'; +SET @ES_HEIMDALL_PORT='$ES_HEIMDALL_PORT'; +SET @ES_HEIMDALL_CLUSTER_NAME='$ES_HEIMDALL_CLUSTER_NAME'; +SET @ES_HEIMDALL_PORT_ADMIN='$ES_HEIMDALL_PORT_ADMIN'; +SET @ES_UPDATE_HOST='$ES_UPDATE_HOST'; +SET @ES_UPDATE_PORT='$ES_UPDATE_PORT'; +SET @ES_UPDATE_CLUSTER_NAME='$ES_UPDATE_CLUSTER_NAME'; +SET @REDSHIFT_URL='$REDSHIFT_URL'; +SET @REDSHIFT_USER_NAME='$REDSHIFT_USER_NAME'; +SET @REDSHIFT_PASSWORD='$REDSHIFT_PASSWORD'; +SET @PACMAN_HOST_NAME='$PACMAN_HOST_NAME'; +SET @RDS_URL='$RDS_URL'; +SET @RDS_USERNAME='$RDS_USERNAME'; +SET @RDS_PASSWORD='$RDS_PASSWORD'; +SET @JOB_BUCKET_REGION='$JOB_BUCKET_REGION'; +SET @RULE_JOB_BUCKET_NAME='$RULE_JOB_BUCKET_NAME'; +SET @JOB_LAMBDA_REGION='$JOB_LAMBDA_REGION'; +SET @JOB_FUNCTION_NAME='$JOB_FUNCTION_NAME'; +SET @JOB_FUNCTION_ARN='$JOB_FUNCTION_ARN'; +SET @RULE_BUCKET_REGION='$RULE_BUCKET_REGION'; +SET @RULE_JOB_BUCKET_NAME='$RULE_JOB_BUCKET_NAME'; +SET @RULE_LAMBDA_REGION='$RULE_LAMBDA_REGION'; +SET @RULE_FUNCTION_NAME='$RULE_FUNCTION_NAME'; +SET @RULE_FUNCTION_ARN='$RULE_FUNCTION_ARN'; +SET @CLOUD_INSIGHTS_TOKEN_URL='$CLOUD_INSIGHTS_TOKEN_URL'; +SET @CLOUD_INSIGHTS_COST_URL='$CLOUD_INSIGHTS_COST_URL'; +SET @SVC_CORP_USER_ID='$SVC_CORP_USER_ID'; +SET @SVC_CORP_PASSWORD='$SVC_CORP_PASSWORD'; +SET @CERTIFICATE_FEATURE_ENABLED='$CERTIFICATE_FEATURE_ENABLED'; +SET @PATCHING_FEATURE_ENABLED='$PATCHING_FEATURE_ENABLED'; +SET @VULNERABILITY_FEATURE_ENABLED='$VULNERABILITY_FEATURE_ENABLED'; +SET @MAIL_SERVER='$MAIL_SERVER'; +SET @PACMAN_S3='$PACMAN_S3'; +SET @DATA_IN_DIR='$DATA_IN_DIR'; +SET @DATA_BKP_DIR='$DATA_BKP_DIR'; +SET @PAC_ROLE='$PAC_ROLE'; +SET @BASE_REGION='$BASE_REGION'; +SET @DATA_IN_S3='$DATA_IN_S3'; +SET @BASE_ACCOUNT='$BASE_ACCOUNT'; +SET @PAC_RO_ROLE='$PAC_RO_ROLE'; +SET @MAIL_SERVER_PORT='$MAIL_SERVER_PORT'; +SET @MAIL_PROTOCOL='$MAIL_PROTOCOL'; +SET @MAIL_SERVER_USER='$MAIL_SERVER_USER'; +SET @MAIL_SERVER_PWD='$MAIL_SERVER_PWD'; +SET @MAIL_SMTP_AUTH='$MAIL_SMTP_AUTH'; +SET @MAIL_SMTP_SSL_ENABLE='$MAIL_SMTP_SSL_ENABLE'; +SET @MAIL_SMTP_SSL_TEST_CONNECTION='$MAIL_SMTP_SSL_TEST_CONNECTION'; + + +CREATE TABLE IF NOT EXISTS `OmniSearch_Config` ( `SEARCH_CATEGORY` varchar(100) COLLATE utf8_bin NOT NULL, `RESOURCE_TYPE` varchar(100) COLLATE utf8_bin NOT NULL, `REFINE_BY_FIELDS` varchar(100) COLLATE utf8_bin DEFAULT NULL, @@ -35,9 +87,7 @@ CREATE TABLE `OmniSearch_Config` ( /*Table structure for table `PacmanSubscriptions` */ -DROP TABLE IF EXISTS `PacmanSubscriptions`; - -CREATE TABLE `PacmanSubscriptions` ( +CREATE TABLE IF NOT EXISTS `PacmanSubscriptions` ( `subscriptionId` bigint(75) NOT NULL AUTO_INCREMENT, `emailId` varchar(100) COLLATE utf8_bin DEFAULT NULL, `subscriptionValue` varchar(100) COLLATE utf8_bin DEFAULT NULL, @@ -48,9 +98,7 @@ CREATE TABLE `PacmanSubscriptions` ( /*Table structure for table `Pacman_Asset_Config` */ -DROP TABLE IF EXISTS `Pacman_Asset_Config`; - -CREATE TABLE `Pacman_Asset_Config` ( +CREATE TABLE IF NOT EXISTS `Pacman_Asset_Config` ( `resourceId` varchar(75) COLLATE utf8_bin NOT NULL, `configType` varchar(75) COLLATE utf8_bin NOT NULL, `config` text COLLATE utf8_bin, @@ -60,9 +108,7 @@ CREATE TABLE `Pacman_Asset_Config` ( /*Table structure for table `cf_AssetGroupDetails` */ -DROP TABLE IF EXISTS `cf_AssetGroupDetails`; - -CREATE TABLE `cf_AssetGroupDetails` ( +CREATE TABLE IF NOT EXISTS `cf_AssetGroupDetails` ( `groupId` varchar(75) COLLATE utf8_bin NOT NULL DEFAULT '', `groupName` varchar(75) COLLATE utf8_bin DEFAULT NULL, `dataSource` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -81,9 +127,7 @@ CREATE TABLE `cf_AssetGroupDetails` ( /*Table structure for table `cf_AssetGroupException` */ -DROP TABLE IF EXISTS `cf_AssetGroupException`; - -CREATE TABLE `cf_AssetGroupException` ( +CREATE TABLE IF NOT EXISTS `cf_AssetGroupException` ( `id_` bigint(20) NOT NULL AUTO_INCREMENT, `groupName` varchar(75) COLLATE utf8_bin DEFAULT NULL, `targetType` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -98,9 +142,7 @@ CREATE TABLE `cf_AssetGroupException` ( /*Table structure for table `cf_AssetGroupOwnerDetails` */ -DROP TABLE IF EXISTS `cf_AssetGroupOwnerDetails`; - -CREATE TABLE `cf_AssetGroupOwnerDetails` ( +CREATE TABLE IF NOT EXISTS `cf_AssetGroupOwnerDetails` ( `ownerId` varchar(100) COLLATE utf8_bin NOT NULL, `ownnerName` varchar(100) COLLATE utf8_bin DEFAULT NULL, `assetGroupName` varchar(100) COLLATE utf8_bin DEFAULT NULL, @@ -110,9 +152,7 @@ CREATE TABLE `cf_AssetGroupOwnerDetails` ( /*Table structure for table `cf_AssetGroupTargetDetails` */ -DROP TABLE IF EXISTS `cf_AssetGroupTargetDetails`; - -CREATE TABLE `cf_AssetGroupTargetDetails` ( +CREATE TABLE IF NOT EXISTS `cf_AssetGroupTargetDetails` ( `id_` varchar(75) COLLATE utf8_bin NOT NULL DEFAULT '', `groupId` varchar(75) COLLATE utf8_bin DEFAULT NULL, `targetType` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -123,18 +163,14 @@ CREATE TABLE `cf_AssetGroupTargetDetails` ( /*Table structure for table `cf_AssetGroupUserRoles` */ -DROP TABLE IF EXISTS `cf_AssetGroupUserRoles`; - -CREATE TABLE `cf_AssetGroupUserRoles` ( +CREATE TABLE IF NOT EXISTS `cf_AssetGroupUserRoles` ( `agUserRoleId` varchar(75) COLLATE utf8_bin NOT NULL, `assetGroupName` varchar(75) COLLATE utf8_bin NOT NULL, `assetGroupRole` int(75) NOT NULL, PRIMARY KEY (`agUserRoleId`,`assetGroupName`,`assetGroupRole`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; -DROP TABLE IF EXISTS `cf_Certificate`; - -CREATE TABLE `cf_Certificate` ( +CREATE TABLE IF NOT EXISTS `cf_Certificate` ( `id_` bigint(20) NOT NULL, `domainName` varchar(75) COLLATE utf8_bin DEFAULT NULL, `certType` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -154,9 +190,7 @@ CREATE TABLE `cf_Certificate` ( /*Table structure for table `cf_Datasource` */ -DROP TABLE IF EXISTS `cf_Datasource`; - -CREATE TABLE `cf_Datasource` ( +CREATE TABLE IF NOT EXISTS `cf_Datasource` ( `dataSourceId` bigint(20) NOT NULL, `dataSourceName` varchar(75) COLLATE utf8_bin DEFAULT NULL, `dataSourceDesc` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -168,9 +202,7 @@ CREATE TABLE `cf_Datasource` ( /*Table structure for table `cf_Domain` */ -DROP TABLE IF EXISTS `cf_Domain`; - -CREATE TABLE `cf_Domain` ( +CREATE TABLE IF NOT EXISTS `cf_Domain` ( `domainName` varchar(75) COLLATE utf8_bin NOT NULL, `domainDesc` varchar(75) COLLATE utf8_bin DEFAULT NULL, `config` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -183,9 +215,7 @@ CREATE TABLE `cf_Domain` ( /*Table structure for table `cf_JobScheduler` */ -DROP TABLE IF EXISTS `cf_JobScheduler`; - -CREATE TABLE `cf_JobScheduler` ( +CREATE TABLE IF NOT EXISTS `cf_JobScheduler` ( `jobId` varchar(75) COLLATE utf8_bin NOT NULL, `jobUUID` varchar(75) COLLATE utf8_bin DEFAULT NULL, `jobName` varchar(150) COLLATE utf8_bin DEFAULT NULL, @@ -203,9 +233,7 @@ CREATE TABLE `cf_JobScheduler` ( /*Table structure for table `cf_Jobs` */ -DROP TABLE IF EXISTS `cf_Jobs`; - -CREATE TABLE `cf_Jobs` ( +CREATE TABLE IF NOT EXISTS `cf_Jobs` ( `jobId` bigint(20) NOT NULL, `rulesetId` bigint(20) DEFAULT NULL, `cronExpression` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -217,9 +245,7 @@ CREATE TABLE `cf_Jobs` ( /*Table structure for table `cf_OwnerDetails` */ -DROP TABLE IF EXISTS `cf_OwnerDetails`; - -CREATE TABLE `cf_OwnerDetails` ( +CREATE TABLE IF NOT EXISTS `cf_OwnerDetails` ( `contactId` varchar(100) COLLATE utf8_bin NOT NULL, `ownerName` varchar(100) COLLATE utf8_bin DEFAULT NULL, `ownerEmail` varchar(100) COLLATE utf8_bin DEFAULT NULL, @@ -229,9 +255,7 @@ CREATE TABLE `cf_OwnerDetails` ( /*Table structure for table `cf_PatchStats_Kernel` */ -DROP TABLE IF EXISTS `cf_PatchStats_Kernel`; - -CREATE TABLE `cf_PatchStats_Kernel` ( +CREATE TABLE IF NOT EXISTS `cf_PatchStats_Kernel` ( `awsaccount` varchar(75) COLLATE utf8_bin DEFAULT NULL, `instanceid` varchar(75) COLLATE utf8_bin NOT NULL, `rectype` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -253,9 +277,7 @@ CREATE TABLE `cf_PatchStats_Kernel` ( /*Table structure for table `cf_Policy` */ -DROP TABLE IF EXISTS `cf_Policy`; - -CREATE TABLE `cf_Policy` ( +CREATE TABLE IF NOT EXISTS `cf_Policy` ( `policyId` varchar(75) COLLATE utf8_bin NOT NULL, `policyName` varchar(200) COLLATE utf8_bin DEFAULT NULL, `policyDesc` text COLLATE utf8_bin, @@ -272,9 +294,7 @@ CREATE TABLE `cf_Policy` ( /*Table structure for table `cf_Rbac` */ -DROP TABLE IF EXISTS `cf_Rbac`; - -CREATE TABLE `cf_Rbac` ( +CREATE TABLE IF NOT EXISTS `cf_Rbac` ( `rbacId` bigint(20) NOT NULL, `rbacType` varchar(75) COLLATE utf8_bin DEFAULT NULL, `userOrGroupId` bigint(20) DEFAULT NULL, @@ -291,9 +311,7 @@ CREATE TABLE `cf_Rbac` ( /*Table structure for table `cf_RemediationCriteria` */ -DROP TABLE IF EXISTS `cf_RemediationCriteria`; - -CREATE TABLE `cf_RemediationCriteria` ( +CREATE TABLE IF NOT EXISTS `cf_RemediationCriteria` ( `action` varchar(200) COLLATE utf8_bin DEFAULT NULL, `matchingString` varchar(200) COLLATE utf8_bin DEFAULT NULL, `subAction` varchar(200) COLLATE utf8_bin DEFAULT NULL @@ -304,9 +322,7 @@ CREATE TABLE `cf_RemediationCriteria` ( /*Table structure for table `cf_RuleInstance` */ -DROP TABLE IF EXISTS `cf_RuleInstance`; - -CREATE TABLE `cf_RuleInstance` ( +CREATE TABLE IF NOT EXISTS `cf_RuleInstance` ( `ruleId` varchar(200) COLLATE utf8_bin NOT NULL, `ruleUUID` varchar(200) COLLATE utf8_bin NOT NULL, `policyId` varchar(200) COLLATE utf8_bin DEFAULT NULL, @@ -333,9 +349,7 @@ CREATE TABLE `cf_RuleInstance` ( /*Table structure for table `cf_SystemConfiguration` */ -DROP TABLE IF EXISTS `cf_SystemConfiguration`; - -CREATE TABLE `cf_SystemConfiguration` ( +CREATE TABLE IF NOT EXISTS `cf_SystemConfiguration` ( `id_` int(11) DEFAULT NULL, `environment` varchar(75) COLLATE utf8_bin NOT NULL, `keyname` varchar(75) COLLATE utf8_bin NOT NULL, @@ -348,9 +362,7 @@ CREATE TABLE `cf_SystemConfiguration` ( /*Table structure for table `cf_Target` */ -DROP TABLE IF EXISTS `cf_Target`; - -CREATE TABLE `cf_Target` ( +CREATE TABLE IF NOT EXISTS `cf_Target` ( `targetName` varchar(75) COLLATE utf8_bin NOT NULL, `targetDesc` varchar(75) COLLATE utf8_bin DEFAULT NULL, `category` varchar(75) COLLATE utf8_bin DEFAULT NULL, @@ -367,9 +379,7 @@ CREATE TABLE `cf_Target` ( /*Table structure for table `cf_pac_updatable_fields` */ -DROP TABLE IF EXISTS `cf_pac_updatable_fields`; - -CREATE TABLE `cf_pac_updatable_fields` ( +CREATE TABLE IF NOT EXISTS `cf_pac_updatable_fields` ( `resourceType` varchar(100) COLLATE utf8_bin DEFAULT NULL, `displayFields` text COLLATE utf8_bin, `updatableFields` longtext COLLATE utf8_bin @@ -378,9 +388,7 @@ CREATE TABLE `cf_pac_updatable_fields` ( /*Table structure for table `oauth_access_token` */ -DROP TABLE IF EXISTS `oauth_access_token`; - -CREATE TABLE `oauth_access_token` ( +CREATE TABLE IF NOT EXISTS `oauth_access_token` ( `token_id` varchar(255) DEFAULT NULL, `token` mediumblob, `authentication_id` varchar(255) NOT NULL, @@ -393,9 +401,7 @@ CREATE TABLE `oauth_access_token` ( /*Table structure for table `oauth_approvals` */ -DROP TABLE IF EXISTS `oauth_approvals`; - -CREATE TABLE `oauth_approvals` ( +CREATE TABLE IF NOT EXISTS `oauth_approvals` ( `userId` varchar(255) DEFAULT NULL, `clientId` varchar(255) DEFAULT NULL, `scope` varchar(255) DEFAULT NULL, @@ -406,9 +412,7 @@ CREATE TABLE `oauth_approvals` ( /*Table structure for table `oauth_client_details` */ -DROP TABLE IF EXISTS `oauth_client_details`; - -CREATE TABLE `oauth_client_details` ( +CREATE TABLE IF NOT EXISTS `oauth_client_details` ( `client_id` varchar(255) NOT NULL, `resource_ids` varchar(255) DEFAULT NULL, `client_secret` varchar(255) DEFAULT NULL, @@ -425,9 +429,7 @@ CREATE TABLE `oauth_client_details` ( /*Table structure for table `oauth_client_owner` */ -DROP TABLE IF EXISTS `oauth_client_owner`; - -CREATE TABLE `oauth_client_owner` ( +CREATE TABLE IF NOT EXISTS `oauth_client_owner` ( `clientId` varchar(75) COLLATE utf8_bin NOT NULL, `user` varchar(75) COLLATE utf8_bin NOT NULL, PRIMARY KEY (`clientId`,`user`) @@ -435,9 +437,7 @@ CREATE TABLE `oauth_client_owner` ( /*Table structure for table `oauth_client_token` */ -DROP TABLE IF EXISTS `oauth_client_token`; - -CREATE TABLE `oauth_client_token` ( +CREATE TABLE IF NOT EXISTS `oauth_client_token` ( `token_id` varchar(255) DEFAULT NULL, `token` mediumblob, `authentication_id` varchar(255) NOT NULL, @@ -448,18 +448,14 @@ CREATE TABLE `oauth_client_token` ( /*Table structure for table `oauth_code` */ -DROP TABLE IF EXISTS `oauth_code`; - -CREATE TABLE `oauth_code` ( +CREATE TABLE IF NOT EXISTS `oauth_code` ( `code` varchar(255) DEFAULT NULL, `authentication` mediumblob ) ENGINE=InnoDB DEFAULT CHARSET=latin1; /*Table structure for table `oauth_refresh_token` */ -DROP TABLE IF EXISTS `oauth_refresh_token`; - -CREATE TABLE `oauth_refresh_token` ( +CREATE TABLE IF NOT EXISTS `oauth_refresh_token` ( `token_id` varchar(255) DEFAULT NULL, `token` mediumblob, `authentication` mediumblob @@ -467,9 +463,7 @@ CREATE TABLE `oauth_refresh_token` ( /*Table structure for table `oauth_user` */ -DROP TABLE IF EXISTS `oauth_user`; - -CREATE TABLE `oauth_user` ( +CREATE TABLE IF NOT EXISTS `oauth_user` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `user_id` varchar(75) DEFAULT NULL, `user_name` varchar(75) DEFAULT NULL, @@ -483,9 +477,7 @@ CREATE TABLE `oauth_user` ( /*Table structure for table `pac_rule_engine_autofix_actions` */ -DROP TABLE IF EXISTS `pac_rule_engine_autofix_actions`; - -CREATE TABLE `pac_rule_engine_autofix_actions` ( +CREATE TABLE IF NOT EXISTS `pac_rule_engine_autofix_actions` ( `resourceId` varchar(100) COLLATE utf8_bin NOT NULL, `lastActionTime` datetime NOT NULL, `action` varchar(100) COLLATE utf8_bin DEFAULT NULL, @@ -494,9 +486,7 @@ CREATE TABLE `pac_rule_engine_autofix_actions` ( /*Table structure for table `pac_v2_projections` */ -DROP TABLE IF EXISTS `pac_v2_projections`; - -CREATE TABLE `pac_v2_projections` ( +CREATE TABLE IF NOT EXISTS `pac_v2_projections` ( `resourceType` varchar(100) COLLATE utf8_bin NOT NULL, `year` decimal(65,0) NOT NULL, `quarter` decimal(65,0) NOT NULL, @@ -507,9 +497,7 @@ CREATE TABLE `pac_v2_projections` ( /*Table structure for table `pac_v2_ruleCategory_weightage` */ -DROP TABLE IF EXISTS `pac_v2_ruleCategory_weightage`; - -CREATE TABLE `pac_v2_ruleCategory_weightage` ( +CREATE TABLE IF NOT EXISTS `pac_v2_ruleCategory_weightage` ( `ruleCategory` varchar(50) COLLATE utf8_bin NOT NULL, `domain` varchar(50) COLLATE utf8_bin NOT NULL, `weightage` bigint(20) DEFAULT NULL, @@ -518,9 +506,7 @@ CREATE TABLE `pac_v2_ruleCategory_weightage` ( /*Table structure for table `pac_v2_ui_download_filters` */ -DROP TABLE IF EXISTS `pac_v2_ui_download_filters`; - -CREATE TABLE `pac_v2_ui_download_filters` ( +CREATE TABLE IF NOT EXISTS `pac_v2_ui_download_filters` ( `serviceId` int(100) NOT NULL AUTO_INCREMENT, `serviceName` varchar(100) COLLATE utf8_bin DEFAULT NULL, `serviceEndpoint` varchar(1000) COLLATE utf8_bin DEFAULT NULL, @@ -529,9 +515,7 @@ CREATE TABLE `pac_v2_ui_download_filters` ( /*Table structure for table `pac_v2_ui_filters` */ -DROP TABLE IF EXISTS `pac_v2_ui_filters`; - -CREATE TABLE `pac_v2_ui_filters` ( +CREATE TABLE IF NOT EXISTS `pac_v2_ui_filters` ( `filterId` int(25) NOT NULL AUTO_INCREMENT, `filterName` varchar(25) COLLATE utf8_bin DEFAULT NULL, PRIMARY KEY (`filterId`) @@ -539,9 +523,7 @@ CREATE TABLE `pac_v2_ui_filters` ( /*Table structure for table `pac_v2_ui_options` */ -DROP TABLE IF EXISTS `pac_v2_ui_options`; - -CREATE TABLE `pac_v2_ui_options` ( +CREATE TABLE IF NOT EXISTS `pac_v2_ui_options` ( `optionId` int(25) NOT NULL AUTO_INCREMENT, `filterId` int(25) NOT NULL, `optionName` varchar(25) COLLATE utf8_bin DEFAULT NULL, @@ -554,9 +536,7 @@ CREATE TABLE `pac_v2_ui_options` ( /*Table structure for table `pac_v2_ui_widget_faqs` */ -DROP TABLE IF EXISTS `pac_v2_ui_widget_faqs`; - -CREATE TABLE `pac_v2_ui_widget_faqs` ( +CREATE TABLE IF NOT EXISTS `pac_v2_ui_widget_faqs` ( `faqId` int(11) NOT NULL AUTO_INCREMENT, `widgetId` int(11) NOT NULL, `widgetName` varchar(50) COLLATE utf8_bin DEFAULT NULL, @@ -569,9 +549,7 @@ CREATE TABLE `pac_v2_ui_widget_faqs` ( /*Table structure for table `pac_v2_ui_widgets` */ -DROP TABLE IF EXISTS `pac_v2_ui_widgets`; - -CREATE TABLE `pac_v2_ui_widgets` ( +CREATE TABLE IF NOT EXISTS `pac_v2_ui_widgets` ( `widgetId` int(11) NOT NULL AUTO_INCREMENT, `pageName` varchar(25) COLLATE utf8_bin DEFAULT NULL, `widgetName` varchar(50) COLLATE utf8_bin DEFAULT NULL, @@ -580,9 +558,7 @@ CREATE TABLE `pac_v2_ui_widgets` ( /*Table structure for table `pac_v2_userpreferences` */ -DROP TABLE IF EXISTS `pac_v2_userpreferences`; - -CREATE TABLE `pac_v2_userpreferences` ( +CREATE TABLE IF NOT EXISTS `pac_v2_userpreferences` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `userId` varchar(100) COLLATE utf8_bin DEFAULT NULL, `defaultAssetGroup` text COLLATE utf8_bin, @@ -592,9 +568,7 @@ CREATE TABLE `pac_v2_userpreferences` ( /*Table structure for table `qartz_BLOB_TRIGGERS` */ -DROP TABLE IF EXISTS `qartz_BLOB_TRIGGERS`; - -CREATE TABLE `qartz_BLOB_TRIGGERS` ( +CREATE TABLE IF NOT EXISTS `qartz_BLOB_TRIGGERS` ( `SCHED_NAME` varchar(120) NOT NULL, `TRIGGER_NAME` varchar(200) NOT NULL, `TRIGGER_GROUP` varchar(200) NOT NULL, @@ -605,9 +579,7 @@ CREATE TABLE `qartz_BLOB_TRIGGERS` ( /*Table structure for table `qartz_CALENDARS` */ -DROP TABLE IF EXISTS `qartz_CALENDARS`; - -CREATE TABLE `qartz_CALENDARS` ( +CREATE TABLE IF NOT EXISTS `qartz_CALENDARS` ( `SCHED_NAME` varchar(120) NOT NULL, `CALENDAR_NAME` varchar(200) NOT NULL, `CALENDAR` blob NOT NULL, @@ -616,9 +588,7 @@ CREATE TABLE `qartz_CALENDARS` ( /*Table structure for table `qartz_CRON_TRIGGERS` */ -DROP TABLE IF EXISTS `qartz_CRON_TRIGGERS`; - -CREATE TABLE `qartz_CRON_TRIGGERS` ( +CREATE TABLE IF NOT EXISTS `qartz_CRON_TRIGGERS` ( `SCHED_NAME` varchar(120) NOT NULL, `TRIGGER_NAME` varchar(200) NOT NULL, `TRIGGER_GROUP` varchar(200) NOT NULL, @@ -629,9 +599,7 @@ CREATE TABLE `qartz_CRON_TRIGGERS` ( /*Table structure for table `qartz_FIRED_TRIGGERS` */ -DROP TABLE IF EXISTS `qartz_FIRED_TRIGGERS`; - -CREATE TABLE `qartz_FIRED_TRIGGERS` ( +CREATE TABLE IF NOT EXISTS `qartz_FIRED_TRIGGERS` ( `SCHED_NAME` varchar(120) NOT NULL, `ENTRY_ID` varchar(95) NOT NULL, `TRIGGER_NAME` varchar(200) NOT NULL, @@ -656,9 +624,7 @@ CREATE TABLE `qartz_FIRED_TRIGGERS` ( /*Table structure for table `qartz_JOB_DETAILS` */ -DROP TABLE IF EXISTS `qartz_JOB_DETAILS`; - -CREATE TABLE `qartz_JOB_DETAILS` ( +CREATE TABLE IF NOT EXISTS `qartz_JOB_DETAILS` ( `SCHED_NAME` varchar(120) NOT NULL, `JOB_NAME` varchar(200) NOT NULL, `JOB_GROUP` varchar(200) NOT NULL, @@ -676,9 +642,7 @@ CREATE TABLE `qartz_JOB_DETAILS` ( /*Table structure for table `qartz_LOCKS` */ -DROP TABLE IF EXISTS `qartz_LOCKS`; - -CREATE TABLE `qartz_LOCKS` ( +CREATE TABLE IF NOT EXISTS `qartz_LOCKS` ( `SCHED_NAME` varchar(120) NOT NULL, `LOCK_NAME` varchar(40) NOT NULL, PRIMARY KEY (`SCHED_NAME`,`LOCK_NAME`) @@ -686,9 +650,7 @@ CREATE TABLE `qartz_LOCKS` ( /*Table structure for table `qartz_PAUSED_TRIGGER_GRPS` */ -DROP TABLE IF EXISTS `qartz_PAUSED_TRIGGER_GRPS`; - -CREATE TABLE `qartz_PAUSED_TRIGGER_GRPS` ( +CREATE TABLE IF NOT EXISTS `qartz_PAUSED_TRIGGER_GRPS` ( `SCHED_NAME` varchar(120) NOT NULL, `TRIGGER_GROUP` varchar(200) NOT NULL, PRIMARY KEY (`SCHED_NAME`,`TRIGGER_GROUP`) @@ -696,9 +658,7 @@ CREATE TABLE `qartz_PAUSED_TRIGGER_GRPS` ( /*Table structure for table `qartz_SCHEDULER_STATE` */ -DROP TABLE IF EXISTS `qartz_SCHEDULER_STATE`; - -CREATE TABLE `qartz_SCHEDULER_STATE` ( +CREATE TABLE IF NOT EXISTS `qartz_SCHEDULER_STATE` ( `SCHED_NAME` varchar(120) NOT NULL, `INSTANCE_NAME` varchar(200) NOT NULL, `LAST_CHECKIN_TIME` bigint(13) NOT NULL, @@ -708,9 +668,7 @@ CREATE TABLE `qartz_SCHEDULER_STATE` ( /*Table structure for table `qartz_SIMPLE_TRIGGERS` */ -DROP TABLE IF EXISTS `qartz_SIMPLE_TRIGGERS`; - -CREATE TABLE `qartz_SIMPLE_TRIGGERS` ( +CREATE TABLE IF NOT EXISTS `qartz_SIMPLE_TRIGGERS` ( `SCHED_NAME` varchar(120) NOT NULL, `TRIGGER_NAME` varchar(200) NOT NULL, `TRIGGER_GROUP` varchar(200) NOT NULL, @@ -722,9 +680,7 @@ CREATE TABLE `qartz_SIMPLE_TRIGGERS` ( /*Table structure for table `qartz_SIMPROP_TRIGGERS` */ -DROP TABLE IF EXISTS `qartz_SIMPROP_TRIGGERS`; - -CREATE TABLE `qartz_SIMPROP_TRIGGERS` ( +CREATE TABLE IF NOT EXISTS `qartz_SIMPROP_TRIGGERS` ( `SCHED_NAME` varchar(120) NOT NULL, `TRIGGER_NAME` varchar(200) NOT NULL, `TRIGGER_GROUP` varchar(200) NOT NULL, @@ -744,9 +700,7 @@ CREATE TABLE `qartz_SIMPROP_TRIGGERS` ( /*Table structure for table `qartz_TRIGGERS` */ -DROP TABLE IF EXISTS `qartz_TRIGGERS`; - -CREATE TABLE `qartz_TRIGGERS` ( +CREATE TABLE IF NOT EXISTS `qartz_TRIGGERS` ( `SCHED_NAME` varchar(120) NOT NULL, `TRIGGER_NAME` varchar(200) NOT NULL, `TRIGGER_GROUP` varchar(200) NOT NULL, @@ -780,8 +734,7 @@ CREATE TABLE `qartz_TRIGGERS` ( /*Table structure for table `qartz_TRIGGERS` */ -DROP TABLE IF EXISTS `oauth_user_role_mapping`; -CREATE TABLE `oauth_user_role_mapping` ( +CREATE TABLE IF NOT EXISTS `oauth_user_role_mapping` ( `userRoleId` varchar(225) DEFAULT NULL, `userId` varchar(225) DEFAULT NULL, `roleId` varchar(225) DEFAULT NULL, @@ -791,15 +744,15 @@ CREATE TABLE `oauth_user_role_mapping` ( `modifiedDate` datetime DEFAULT NULL ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -DROP TABLE IF EXISTS `oauth_user_credentials`; -CREATE TABLE `oauth_user_credentials` ( + +CREATE TABLE IF NOT EXISTS `oauth_user_credentials` ( `id` bigint (75), `password` varchar (225), `type` varchar (225) ); -DROP TABLE IF EXISTS `oauth_user_roles`; -CREATE TABLE `oauth_user_roles` ( + +CREATE TABLE IF NOT EXISTS `oauth_user_roles` ( `roleId` varchar(225) DEFAULT NULL, `roleName` varchar(225) DEFAULT NULL, `roleDesc` varchar(225) DEFAULT NULL, @@ -811,9 +764,7 @@ CREATE TABLE `oauth_user_roles` ( ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -DROP TABLE IF EXISTS `task`; - -CREATE TABLE `task` ( +CREATE TABLE IF NOT EXISTS `task` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `index` varchar(100) DEFAULT NULL, `mappings` longtext, @@ -821,134 +772,205 @@ CREATE TABLE `task` ( PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1; + +CREATE TABLE IF NOT EXISTS `pac_config_relation` ( + `application` varchar(2048) COLLATE utf8_bin NOT NULL, + `parent` varchar(2048) COLLATE utf8_bin NOT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +CREATE TABLE IF NOT EXISTS `pac_config_key_metadata` ( + `cfkey` varchar(200) COLLATE utf8_bin NOT NULL, + `description` varchar(200) COLLATE utf8_bin NOT NULL, + UNIQUE KEY `cfkey` (`cfkey`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +CREATE TABLE IF NOT EXISTS `pac_config_properties` ( + `cfkey` text COLLATE utf8_bin, + `value` text COLLATE utf8_bin, + `application` varchar(200) COLLATE utf8_bin DEFAULT NULL, + `profile` varchar(50) COLLATE utf8_bin DEFAULT NULL, + `label` varchar(50) COLLATE utf8_bin DEFAULT NULL, + `createdBy` varchar(200) COLLATE utf8_bin DEFAULT NULL, + `createdDate` varchar(20) COLLATE utf8_bin DEFAULT NULL, + `modifiedBy` varchar(200) COLLATE utf8_bin DEFAULT NULL, + `modifiedDate` varchar(20) COLLATE utf8_bin DEFAULT NULL +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + + +CREATE TABLE IF NOT EXISTS pacman_field_override +( + resourcetype varchar(50), + _resourceid text, + fieldname varchar(100), + fieldvalue varchar(200), + updatedby varchar(100), + updatedon varchar(50) +); + + +ALTER TABLE `cf_pac_updatable_fields` MODIFY COLUMN `displayFields` longtext; + +-- CREATE TABLE IF NOT EXISTS cf_pac_updatable_fields +-- ( +-- resourceType varchar(100), +-- displayFields longtext, +-- updatableFields longtext +-- ); + + +CREATE TABLE IF NOT EXISTS cf_Aws_Accounts +( + accountName varchar(200), + accountId varchar(200), + accountDesc longtext, + createdBy varchar(100), + createdDate varchar(20), + modifiedBy varchar(100), + modifiedDate varchar(20), + id varchar(100) NOT NULL, + roleCreated varchar(50), + policiesAttached varchar(50), + accountTrustUpdate varchar(50), + baseAccountPolicyUpdate varchar(50), + status varchar(50) +); + + /*Insert task to necessary tables*/ -insert into `task`(`id`,`index`,`mappings`,`data`) values (1,'exceptions','{\"mappings\":{\"sticky_exceptions\":{\"properties\":{\"assetGroup\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"dataSource\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"exceptionName\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"exceptionReason\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"expiryDate\":{\"type\":\"date\"},\"targetTypes\":{\"properties\":{\"name\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"rules\":{\"properties\":{\"ruleId\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"ruleName\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}}}}}}}}}}',NULL),(2,'faqs','{\"mappings\":{\"widgetinfo\":{\"properties\":{\"widgetid\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"widgetname\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}}}},\"faqinfo\":{\"properties\":{\"answer\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"faqid\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"faqname\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"tag\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"widgetid\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}}}}}}','{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w1\"}}\r{\"widgetid\":\"w1\",\"widgetname\":\"compliance overview\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w2\"}}\r{\"widgetid\":\"w2\",\"widgetname\":\"patching\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w3\"}}\r{\"widgetid\":\"w3\",\"widgetname\":\"tagging\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w4\"}}\r{\"widgetid\":\"w4\",\"widgetname\":\"vulnerabilities\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w5\"}}\r{\"widgetid\":\"w5\",\"widgetname\":\"certificates\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w2q7\"}}\r{\"faqid\":\"q7\",\"faqname\":\"How is unpatched count calculated ?\",\"answer\":\"Total assets which does not have updated kernel version.\",\"widgetid\":\"w2\",\"tag\":\"patching\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w3q4\"}}\r{\"faqid\":\"q4\",\"faqname\":\"How is tagging compliance % calculated ?\",\"answer\":\"Tagging compliance is calculated by dividing total taggable assets by total tagged assets.\",\"widgetid\":\"w3\",\"tag\":\"tagging\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w1q1\"}}\r{\"faqid\":\"q1\",\"faqname\":\"What is shown in this graph?\",\"answer\":\"This multi ring donut represents the overall compliance percentage. Policies are grouped into categories like security, governance, cost optimization and tagging. Rings in the donut represents compliance percentage for each of those categories. The rolled up percentage value for a given category is calculated by doing a weighted average of compliance percentage values of individual policies in that category. Weights are assigned based on the importance of the policy. Overall rolled up number in the middle of the donut represents uber compliance percentage for the selected asset group. This value is calculated by doing a simple average of compliance percentage values of the four categories.\",\"widgetid\":\"w1\",\"tag\":\"over-all\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w4q5\"}}\r{\"faqid\":\"q5\",\"faqname\":\"How is vulnerabilities compliance % calculated ?\",\"answer\":\"Vulnerabilities compliance is calculated by dividing total vulnerable assets by total servers, if an asset is not scanned by qualys , then the asset is considered as vulnerable.\",\"widgetid\":\"w4\",\"tag\":\"vulnerabilities\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w5q3\"}}\r{\"faqid\":\"q3\",\"faqname\":\"How is certificates compliance % calculated ?\",\"answer\":\"Total non-expired certificates divided by total certificates\",\"widgetid\":\"w5\",\"tag\":\"certificates\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w3q8\"}}\r{\"faqid\":\"q8\",\"faqname\":\"How is untagged count calculated ?\",\"answer\":\"Total assets which is missing either application/environment tags or both tags.\",\"widgetid\":\"w3\",\"tag\":\"tagging\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w2q2\"}}\r{\"faqid\":\"q2\",\"faqname\":\"How is patching compliance % calculated ?\",\"answer\":\"Total patched resources divided by total running resources\",\"widgetid\":\"w2\",\"tag\":\"patching\"}'); +INSERT IGNORE INTO `task`(`id`,`index`,`mappings`,`data`) values (1,'exceptions','{\"mappings\":{\"sticky_exceptions\":{\"properties\":{\"assetGroup\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"dataSource\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"exceptionName\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"exceptionReason\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"expiryDate\":{\"type\":\"date\"},\"targetTypes\":{\"properties\":{\"name\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"rules\":{\"properties\":{\"ruleId\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"ruleName\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}}}}}}}}}}',NULL),(2,'faqs','{\"mappings\":{\"widgetinfo\":{\"properties\":{\"widgetid\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"widgetname\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}}}},\"faqinfo\":{\"properties\":{\"answer\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"faqid\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"faqname\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"tag\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}},\"widgetid\":{\"type\":\"text\",\"fields\":{\"keyword\":{\"type\":\"keyword\",\"ignore_above\":256}}}}}}}','{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w1\"}}\r{\"widgetid\":\"w1\",\"widgetname\":\"compliance overview\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w2\"}}\r{\"widgetid\":\"w2\",\"widgetname\":\"patching\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w3\"}}\r{\"widgetid\":\"w3\",\"widgetname\":\"tagging\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w4\"}}\r{\"widgetid\":\"w4\",\"widgetname\":\"vulnerabilities\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"widgetinfo\", \"_id\": \"w5\"}}\r{\"widgetid\":\"w5\",\"widgetname\":\"certificates\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w2q7\"}}\r{\"faqid\":\"q7\",\"faqname\":\"How is unpatched count calculated ?\",\"answer\":\"Total assets which does not have updated kernel version.\",\"widgetid\":\"w2\",\"tag\":\"patching\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w3q4\"}}\r{\"faqid\":\"q4\",\"faqname\":\"How is tagging compliance % calculated ?\",\"answer\":\"Tagging compliance is calculated by dividing total taggable assets by total tagged assets.\",\"widgetid\":\"w3\",\"tag\":\"tagging\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w1q1\"}}\r{\"faqid\":\"q1\",\"faqname\":\"What is shown in this graph?\",\"answer\":\"This multi ring donut represents the overall compliance percentage. Policies are grouped into categories like security, governance, cost optimization and tagging. Rings in the donut represents compliance percentage for each of those categories. The rolled up percentage value for a given category is calculated by doing a weighted average of compliance percentage values of individual policies in that category. Weights are assigned based on the importance of the policy. Overall rolled up number in the middle of the donut represents uber compliance percentage for the selected asset group. This value is calculated by doing a simple average of compliance percentage values of the four categories.\",\"widgetid\":\"w1\",\"tag\":\"over-all\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w4q5\"}}\r{\"faqid\":\"q5\",\"faqname\":\"How is vulnerabilities compliance % calculated ?\",\"answer\":\"Vulnerabilities compliance is calculated by dividing total vulnerable assets by total servers, if an asset is not scanned by qualys , then the asset is considered as vulnerable.\",\"widgetid\":\"w4\",\"tag\":\"vulnerabilities\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w5q3\"}}\r{\"faqid\":\"q3\",\"faqname\":\"How is certificates compliance % calculated ?\",\"answer\":\"Total non-expired certificates divided by total certificates\",\"widgetid\":\"w5\",\"tag\":\"certificates\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w3q8\"}}\r{\"faqid\":\"q8\",\"faqname\":\"How is untagged count calculated ?\",\"answer\":\"Total assets which is missing either application/environment tags or both tags.\",\"widgetid\":\"w3\",\"tag\":\"tagging\"}\r{\"index\": {\"_index\": \"faqs\", \"_type\": \"faqinfo\", \"_id\": \"w2q2\"}}\r{\"faqid\":\"q2\",\"faqname\":\"How is patching compliance % calculated ?\",\"answer\":\"Total patched resources divided by total running resources\",\"widgetid\":\"w2\",\"tag\":\"patching\"}'); /*Insert Data Source to necessary tables*/ -INSERT INTO `cf_Datasource`(`dataSourceId`,`dataSourceName`,`dataSourceDesc`,`config`,`createdDate`,`modifiedDate`) VALUES (1,'aws','Amazon WebService','N/A','2017-08-01','2018-03-09'); +INSERT IGNORE INTO `cf_Datasource`(`dataSourceId`,`dataSourceName`,`dataSourceDesc`,`config`,`createdDate`,`modifiedDate`) VALUES (1,'aws','Amazon WebService','N/A','2017-08-01','2018-03-09'); /*Insert Data Asset Group to necessary tables*/ -INSERT INTO cf_AssetGroupDetails (groupId,groupName,dataSource,displayName,groupType,createdBy,createdUser,createdDate,modifiedUser,modifiedDate,description,aliasQuery,isVisible) VALUES ('201','aws','aws','aws all','admin','Cloud Security','','','pacman','03/26/2018 23:00','Asset Group to segregate all data related to aws.','',true); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11501','201','ec2','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11502','201','s3','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11503','201','appelb','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11504','201','asg','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11505','201','classicelb','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11506','201','stack','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11507','201','dynamodb','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11508','201','efs','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11509','201','emr','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11510','201','lambda','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11511','201','nat','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11512','201','eni','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11513','201','rdscluster','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11514','201','rdsdb','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11515','201','redshift','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11516','201','sg','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11517','201','snapshot','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11518','201','subnet','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11519','201','targetgroup','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11520','201','volume','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11521','201','vpc','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11522','201','api','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11523','201','iamuser','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11526','201','iamrole','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11527','201','rdssnapshot','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11528','201','account','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11529','201','checks','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11530','201','kms','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11531','201','phd','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11532','201','cloudfront','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11533','201','cert','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11534','201','wafdomain','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11535','201','corpdomain','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11536','201','elasticip','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11537','201','routetable','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67701','201','internetgateway','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67702','201','launchconfig','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67703','201','networkacl','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67704','201','vpngateway','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67705','201','asgpolicy','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67706','201','snstopic','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67707','201','dhcpoption','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67708','201','peeringconnection','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67709','201','customergateway','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67710','201','vpnconnection','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67711','201','directconnect','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67712','201','virtualinterface','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67713','201','elasticsearch','all','all'); -INSERT INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67714','201','elasticache','all','all'); +INSERT IGNORE INTO cf_AssetGroupDetails (groupId,groupName,dataSource,displayName,groupType,createdBy,createdUser,createdDate,modifiedUser,modifiedDate,description,aliasQuery,isVisible) VALUES ('201','aws','aws','aws all','admin','Cloud Security','','','pacman','03/26/2018 23:00','Asset Group to segregate all data related to aws.','',true); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11501','201','ec2','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11502','201','s3','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11503','201','appelb','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11504','201','asg','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11505','201','classicelb','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11506','201','stack','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11507','201','dynamodb','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11508','201','efs','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11509','201','emr','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11510','201','lambda','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11511','201','nat','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11512','201','eni','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11513','201','rdscluster','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11514','201','rdsdb','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11515','201','redshift','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11516','201','sg','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11517','201','snapshot','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11518','201','subnet','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11519','201','targetgroup','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11520','201','volume','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11521','201','vpc','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11522','201','api','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11523','201','iamuser','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11526','201','iamrole','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11527','201','rdssnapshot','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11528','201','account','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11529','201','checks','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11530','201','kms','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11531','201','phd','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11532','201','cloudfront','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11533','201','cert','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11534','201','wafdomain','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11535','201','corpdomain','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11536','201','elasticip','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('11537','201','routetable','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67701','201','internetgateway','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67702','201','launchconfig','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67703','201','networkacl','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67704','201','vpngateway','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67705','201','asgpolicy','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67706','201','snstopic','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67707','201','dhcpoption','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67708','201','peeringconnection','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67709','201','customergateway','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67710','201','vpnconnection','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67711','201','directconnect','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67712','201','virtualinterface','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67713','201','elasticsearch','all','all'); +INSERT IGNORE INTO cf_AssetGroupTargetDetails (id_,groupId,targetType,attributeName,attributeValue) VALUES ('67714','201','elasticache','all','all'); /*Insert Domain in required table*/ -INSERT INTO cf_Domain (domainName,domainDesc,config,createdDate,modifiedDate,userId) VALUES ('Infra & Platforms','Domain for Infra & Platforms','{}',{d '2018-04-09'},{d '2018-08-03'},'user123'); +INSERT IGNORE INTO cf_Domain (domainName,domainDesc,config,createdDate,modifiedDate,userId) VALUES ('Infra & Platforms','Domain for Infra & Platforms','{}',{d '2018-04-09'},{d '2018-08-03'},'user123'); /*Insert Target data in required table*/ -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('account','Aws Accounts','Other','aws','{"key":"accountid","id":"accountid"}','enabled',null,concat(@eshost,':',@esport,'/aws_account/account'),{d '2017-09-07'},{d '2017-09-07'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('api','api','Application Service','aws','{"key":"accountid,region,id","id":"id"}','enabled',null,concat(@eshost,':',@esport,'/aws_api/api'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('appelb','appelb','Compute','aws','{"key":"accountid,region,loadbalancername","id":"loadbalancername"}','enabled',null,concat(@eshost,':',@esport,'/aws_appelb/appelb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('asg','asg','Compute','aws','{"key":"accountid,region,autoscalinggrouparn","id":"autoscalinggrouparn"}','enabled',null,concat(@eshost,':',@esport,'/aws_asg/asg'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('asgpolicy','ASG Scaling policy','Compute','aws','{"key":"accountid,region,policyname","id":"policyname"}','active',920825,concat(@eshost,':',@esport,'/aws_asgpolicy/asgpolicy'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('cert','Certificates','Other','aws','{"key":"","id":""}','enabled',null,concat(@eshost,':',@esport,'/aws_cert/cert'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('checks','Trusted Advisor Checks','Other','aws','{"key":"accountid,checkid","id":"checkid"}','enabled',null,concat(@eshost,':',@esport,'/aws_checks/checks'),{d '2017-09-27'},{d '2017-09-27'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('classicelb','classicelb','Compute','aws','{"key":"accountid,region,loadbalancername","id":"loadbalancername"}','enabled',null,concat(@eshost,':',@esport,'/aws_classicelb/classicelb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('cloudfront','Cloud Front','Networking & Content Delivery','aws','{"key":"accountid,id","id":"id"}','enabled',null,concat(@eshost,':',@esport,'/aws_cloudfront/cloudfront'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('corpdomain','Internal CORP Domains','Other','aws','{"key":"","id":""}','enabled',null,concat(@eshost,':',@esport,'/aws_corpdomain/corpdomain'),{d '2017-11-13'},{d '2017-11-13'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('customergateway','Customer Gateway','Networking & Content Delivery','aws','{"key":"accountid,region,customergatewayid","id":"customergatewayid"}','active',20433,concat(@eshost,':',@esport,'/aws_customergateway/customergateway'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('dhcpoption','DHCP Option Sets','Networking & Content Delivery','aws','{"key":"accountid,region,dhcpoptionsid","id":"dhcpoptionsid"}','active',20433,concat(@eshost,':',@esport,'/aws_dhcpoption/dhcpoption'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('directconnect','Direct Connect','Networking & Content Delivery','aws','{"key":"accountid,region,connectionid","id":"connectionid"}','active',20433,concat(@eshost,':',@esport,'/aws_directconnect/directconnect'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('dynamodb','dynamodb','Database','aws','{"key":"accountid,region,tablearn","id":"tablearn"}','enabled',null,concat(@eshost,':',@esport,'/aws_dynamodb/dynamodb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('ec2','ec2','Compute','aws','{"key":"accountid,region,instanceid","id":"instanceid"}','enabled',null,concat(@eshost,':',@esport,'/aws_ec2/ec2'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('efs','efs','Storage','aws','{"key":"accountid,region,filesystemid","id":"filesystemid"}','enabled',null,concat(@eshost,':',@esport,'/aws_efs/efs'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('elasticip','Elastic IP','Networking & Content Delivery','aws','{"key":"accountid,region,publicip","id":"publicip"}','active',920825,concat(@eshost,':',@esport,'/aws_elasticip/elasticip'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('elasticsearch','Elasticsearch Service','Analytics','aws','{"key":"accountid,region,domainid","id":"domainid"}','active',20433,concat(@eshost,':',@esport,'/aws_elasticsearch/elasticsearch'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('emr','emr','Analytics','aws','{"key":"accountid,region,id","id":"id"}','enabled',null,concat(@eshost,':',@esport,'/aws_emr/emr'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('eni','eni','Compute','aws','{"key":"accountid,region,networkinterfaceid","id":"networkinterfaceid"}','enabled',null,concat(@eshost,':',@esport,'/aws_eni/eni'),{d '2017-07-13'},{d '2017-07-13'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('iamrole','IAM Role','Identity','aws','{"key":"rolearn","id":"rolearn"}','enabled',null,concat(@eshost,':',@esport,'/aws_iamrole/iamrole'),{d '2017-08-28'},{d '2017-08-28'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('iamuser','IAM User','Identity','aws','{"key":"accountid,username","id":"username"}','enabled',null,concat(@eshost,':',@esport,'/aws_iamuser/iamuser'),{d '2017-08-08'},{d '2017-08-08'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('internetgateway','Internet gate way','Networking & Content Delivery','aws','{"key":"accountid,region,internetgatewayid","id":"internetgatewayid"}','active',920825,concat(@eshost,':',@esport,'/aws_internetgateway/internetgateway'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('kms','KMS','Identity','aws','{"key":"accountid,region,keyid","id":"keyid"}','enabled',null,concat(@eshost,':',@esport,'/aws_kms/kms'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('lambda','lambda','Compute','aws','{"key":"accountid,region,functionarn","id":"functionarn"}','enabled',null,concat(@eshost,':',@esport,'/aws_lambda/lambda'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('launchconfig','ASG Launch Configurations','Compute','aws','{"key":"accountid,region,launchconfigurationname","id":"launchconfigurationname"}','active',920825,concat(@eshost,':',@esport,'/aws_launchconfig/launchconfig'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('nat','nat','Compute','aws','{"key":"accountid,region,natgatewayid","id":"natgatewayid"}','enabled',null,concat(@eshost,':',@esport,'/aws_nat/nat'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('networkacl','Network ACL','Networking & Content Delivery','aws','{"key":"accountid,region,networkaclid","id":"networkaclid"}','active',920825,concat(@eshost,':',@esport,'/aws_networkacl/networkacl'),{d '2017-11-28'},{d '2017-11-28'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('onpremserver','On Premise Linux Servers','Compute','aws','{"key":"name","id":"name"}','active',20433,concat(@eshost,':',@esport,'/aws_onpremserver/onpremserver'),{d '2018-02-23'},{d '2018-02-23'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('peeringconnection','Peering Connection','Networking & Content Delivery','aws','{"key":"accountid,region,vpcpeeringconnectionid","id":"vpcpeeringconnectionid"}','active',20433,concat(@eshost,':',@esport,'/aws_peeringconnection/peeringconnection'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('phd','Personal Dashboard Info','Other','aws','{"key":"accountid,eventarn","id":"eventarn"}','enabled',null,concat(@eshost,':',@esport,'/aws_phd/phd'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('rdscluster','rdscluster','Database','aws','{"key":"accountid,region,dbclusterarn","id":"dbclusterarn"}','enabled',123,concat(@eshost,':',@esport,'/aws_rdscluster/rdscluster'),{d '2017-07-17'},{d '2018-08-03'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('rdsdb','rdsdb','Database','aws','{"key":"accountid,region,dbclusterarn","id":"dbclusterarn"}','enabled',null,concat(@eshost,':',@esport,'/aws_rdsdb/rdsdb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('rdssnapshot','RDS Snapshot','Database','aws','{"key":"accountid,region,dbsnapshotidentifier","id":"dbsnapshotidentifier"}','enabled',null,concat(@eshost,':',@esport,'/aws_rdssnapshot/rdssnapshot'),{d '2017-08-28'},{d '2017-08-28'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('redshift','redshift','Database','aws','{"key":"accountid,region,clusteridentifier","id":"clusteridentifier"}','enabled',20433,concat(@eshost,':',@esport,'/aws_redshift/redshift'),{d '2017-07-17'},{d '2017-09-06'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('routetable','Route Table','Networking & Content Delivery','aws','{"key":"accountid,region,routetableid","id":"routetableid"}','active',920825,concat(@eshost,':',@esport,'/aws_routetable/routetable'),{d '2017-11-28'},{d '2017-11-28'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('s3','s3','Storage','aws','{"key":"accountid,region,name","id":"name"}','enabled',null,concat(@eshost,':',@esport,'/aws_s3/s3'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('sg','sg','Compute','aws','{"key":"accountid,region,groupid","id":"groupid"}','enabled',null,concat(@eshost,':',@esport,'/aws_sg/sg'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('snapshot','snapshot','Compute','aws','{"key":"accountid,region,snapshotid","id":"snapshotid"}','enabled',null,concat(@eshost,':',@esport,'/aws_snapshot/snapshot'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('snstopic','Simple Notification Service topics','Application Services','aws','{"key":"accountid,region,topicarn","id":"topicarn"}','active',20433,concat(@eshost,':',@esport,'/aws_snstopic/snstopic'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('stack','stack','Management Tools','aws','{"key":"accountid,region,stackid","id":"stackid"}','enabled',null,concat(@eshost,':',@esport,'/aws_stack/stack'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('subnet','subnet','Compute','aws','{"key":"accountid,region,subnetid","id":"subnetid"}','enabled',null,concat(@eshost,':',@esport,'/aws_subnet/subnet'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('targetgroup','targetgroup','Compute','aws','{"key":"accountid,region,targetgroupname","id":"targetgroupname"}','enabled',null,concat(@eshost,':',@esport,'/aws_targetgroup/targetgroup'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('virtualinterface','Virtual Interface','Networking & Content Delivery','aws','{"key":"accountid,region,virtualinterfaceid","id":"virtualinterfaceid"}','active',20433,concat(@eshost,':',@esport,'/aws_virtualinterface/virtualinterface'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('volume','volume','Storage','aws','{"key":"accountid,region,volumeid","id":"volumeid"}','enabled',20433,concat(@eshost,':',@esport,'/aws_volume/volume'),{d '2017-07-17'},{d '2017-11-03'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('vpc','vpc','Compute','aws','{"key":"accountid,region,vpcid","id":"vpcid"}','enabled',20433,concat(@eshost,':',@esport,'/aws_vpc/vpc'),{d '2017-07-17'},{d '2017-11-28'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('vpnconnection','VPN Connection','Networking & Content Delivery','aws','{"key":"accountid,region,vpnconnectionid","id":"vpnconnectionid"}','active',20433,concat(@eshost,':',@esport,'/aws_vpnconnection/vpnconnection'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('vpngateway','VPN Gateway','Networking & Content Delivery','aws','{"key":"accountid,region,vpngatewayid","id":"vpngatewayid"}','active',920825,concat(@eshost,':',@esport,'/aws_vpngateway/vpngateway'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('wafdomain','WAF Domains','Other','aws','{"key":"","id":""}','enabled',null,concat(@eshost,':',@esport,'/aws_wafdomain/wafdomain'),{d '2017-11-13'},{d '2017-11-13'},'Infra & Platforms'); -INSERT INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('elasticache','ElastiCache','Database','aws','{"key":"account,region,clustername","id":"arn"}','enabled',null,concat(@eshost,':',@esport,'/aws_elasticache/elasticache'),{d '2017-11-13'},{d '2017-11-13'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('account','Aws Accounts','Other','aws','{"key":"accountid","id":"accountid"}','enabled',null,concat(@eshost,':',@esport,'/aws_account/account'),{d '2017-09-07'},{d '2017-09-07'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('api','api','Application Service','aws','{"key":"accountid,region,id","id":"id"}','enabled',null,concat(@eshost,':',@esport,'/aws_api/api'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('appelb','appelb','Compute','aws','{"key":"accountid,region,loadbalancername","id":"loadbalancername"}','enabled',null,concat(@eshost,':',@esport,'/aws_appelb/appelb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('asg','asg','Compute','aws','{"key":"accountid,region,autoscalinggrouparn","id":"autoscalinggrouparn"}','enabled',null,concat(@eshost,':',@esport,'/aws_asg/asg'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('asgpolicy','ASG Scaling policy','Compute','aws','{"key":"accountid,region,policyname","id":"policyname"}','active',920825,concat(@eshost,':',@esport,'/aws_asgpolicy/asgpolicy'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('cert','Certificates','Other','aws','{"key":"","id":""}','enabled',null,concat(@eshost,':',@esport,'/aws_cert/cert'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('checks','Trusted Advisor Checks','Other','aws','{"key":"accountid,checkid","id":"checkid"}','enabled',null,concat(@eshost,':',@esport,'/aws_checks/checks'),{d '2017-09-27'},{d '2017-09-27'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('classicelb','classicelb','Compute','aws','{"key":"accountid,region,loadbalancername","id":"loadbalancername"}','enabled',null,concat(@eshost,':',@esport,'/aws_classicelb/classicelb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('cloudfront','Cloud Front','Networking & Content Delivery','aws','{"key":"accountid,id","id":"id"}','enabled',null,concat(@eshost,':',@esport,'/aws_cloudfront/cloudfront'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('corpdomain','Internal CORP Domains','Other','aws','{"key":"","id":""}','enabled',null,concat(@eshost,':',@esport,'/aws_corpdomain/corpdomain'),{d '2017-11-13'},{d '2017-11-13'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('customergateway','Customer Gateway','Networking & Content Delivery','aws','{"key":"accountid,region,customergatewayid","id":"customergatewayid"}','active',20433,concat(@eshost,':',@esport,'/aws_customergateway/customergateway'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('dhcpoption','DHCP Option Sets','Networking & Content Delivery','aws','{"key":"accountid,region,dhcpoptionsid","id":"dhcpoptionsid"}','active',20433,concat(@eshost,':',@esport,'/aws_dhcpoption/dhcpoption'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('directconnect','Direct Connect','Networking & Content Delivery','aws','{"key":"accountid,region,connectionid","id":"connectionid"}','active',20433,concat(@eshost,':',@esport,'/aws_directconnect/directconnect'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('dynamodb','dynamodb','Database','aws','{"key":"accountid,region,tablearn","id":"tablearn"}','enabled',null,concat(@eshost,':',@esport,'/aws_dynamodb/dynamodb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('ec2','ec2','Compute','aws','{"key":"accountid,region,instanceid","id":"instanceid"}','enabled',null,concat(@eshost,':',@esport,'/aws_ec2/ec2'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('efs','efs','Storage','aws','{"key":"accountid,region,filesystemid","id":"filesystemid"}','enabled',null,concat(@eshost,':',@esport,'/aws_efs/efs'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('elasticip','Elastic IP','Networking & Content Delivery','aws','{"key":"accountid,region,publicip","id":"publicip"}','active',920825,concat(@eshost,':',@esport,'/aws_elasticip/elasticip'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('elasticsearch','Elasticsearch Service','Analytics','aws','{"key":"accountid,region,domainid","id":"domainid"}','active',20433,concat(@eshost,':',@esport,'/aws_elasticsearch/elasticsearch'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('emr','emr','Analytics','aws','{"key":"accountid,region,id","id":"id"}','enabled',null,concat(@eshost,':',@esport,'/aws_emr/emr'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('eni','eni','Compute','aws','{"key":"accountid,region,networkinterfaceid","id":"networkinterfaceid"}','enabled',null,concat(@eshost,':',@esport,'/aws_eni/eni'),{d '2017-07-13'},{d '2017-07-13'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('iamrole','IAM Role','Identity','aws','{"key":"rolearn","id":"rolearn"}','enabled',null,concat(@eshost,':',@esport,'/aws_iamrole/iamrole'),{d '2017-08-28'},{d '2017-08-28'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('iamuser','IAM User','Identity','aws','{"key":"accountid,username","id":"username"}','enabled',null,concat(@eshost,':',@esport,'/aws_iamuser/iamuser'),{d '2017-08-08'},{d '2017-08-08'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('internetgateway','Internet gate way','Networking & Content Delivery','aws','{"key":"accountid,region,internetgatewayid","id":"internetgatewayid"}','active',920825,concat(@eshost,':',@esport,'/aws_internetgateway/internetgateway'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('kms','KMS','Identity','aws','{"key":"accountid,region,keyid","id":"keyid"}','enabled',null,concat(@eshost,':',@esport,'/aws_kms/kms'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('lambda','lambda','Compute','aws','{"key":"accountid,region,functionarn","id":"functionarn"}','enabled',null,concat(@eshost,':',@esport,'/aws_lambda/lambda'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('launchconfig','ASG Launch Configurations','Compute','aws','{"key":"accountid,region,launchconfigurationname","id":"launchconfigurationname"}','active',920825,concat(@eshost,':',@esport,'/aws_launchconfig/launchconfig'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('nat','nat','Compute','aws','{"key":"accountid,region,natgatewayid","id":"natgatewayid"}','enabled',null,concat(@eshost,':',@esport,'/aws_nat/nat'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('networkacl','Network ACL','Networking & Content Delivery','aws','{"key":"accountid,region,networkaclid","id":"networkaclid"}','active',920825,concat(@eshost,':',@esport,'/aws_networkacl/networkacl'),{d '2017-11-28'},{d '2017-11-28'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('onpremserver','On Premise Linux Servers','Compute','aws','{"key":"name","id":"name"}','active',20433,concat(@eshost,':',@esport,'/aws_onpremserver/onpremserver'),{d '2018-02-23'},{d '2018-02-23'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('peeringconnection','Peering Connection','Networking & Content Delivery','aws','{"key":"accountid,region,vpcpeeringconnectionid","id":"vpcpeeringconnectionid"}','active',20433,concat(@eshost,':',@esport,'/aws_peeringconnection/peeringconnection'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('phd','Personal Dashboard Info','Other','aws','{"key":"accountid,eventarn","id":"eventarn"}','enabled',null,concat(@eshost,':',@esport,'/aws_phd/phd'),{d '2017-10-24'},{d '2017-10-24'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('rdscluster','rdscluster','Database','aws','{"key":"accountid,region,dbclusterarn","id":"dbclusterarn"}','enabled',123,concat(@eshost,':',@esport,'/aws_rdscluster/rdscluster'),{d '2017-07-17'},{d '2018-08-03'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('rdsdb','rdsdb','Database','aws','{"key":"accountid,region,dbclusterarn","id":"dbclusterarn"}','enabled',null,concat(@eshost,':',@esport,'/aws_rdsdb/rdsdb'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('rdssnapshot','RDS Snapshot','Database','aws','{"key":"accountid,region,dbsnapshotidentifier","id":"dbsnapshotidentifier"}','enabled',null,concat(@eshost,':',@esport,'/aws_rdssnapshot/rdssnapshot'),{d '2017-08-28'},{d '2017-08-28'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('redshift','redshift','Database','aws','{"key":"accountid,region,clusteridentifier","id":"clusteridentifier"}','enabled',20433,concat(@eshost,':',@esport,'/aws_redshift/redshift'),{d '2017-07-17'},{d '2017-09-06'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('routetable','Route Table','Networking & Content Delivery','aws','{"key":"accountid,region,routetableid","id":"routetableid"}','active',920825,concat(@eshost,':',@esport,'/aws_routetable/routetable'),{d '2017-11-28'},{d '2017-11-28'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('s3','s3','Storage','aws','{"key":"accountid,region,name","id":"name"}','enabled',null,concat(@eshost,':',@esport,'/aws_s3/s3'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('sg','sg','Compute','aws','{"key":"accountid,region,groupid","id":"groupid"}','enabled',null,concat(@eshost,':',@esport,'/aws_sg/sg'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('snapshot','snapshot','Compute','aws','{"key":"accountid,region,snapshotid","id":"snapshotid"}','enabled',null,concat(@eshost,':',@esport,'/aws_snapshot/snapshot'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('snstopic','Simple Notification Service topics','Application Services','aws','{"key":"accountid,region,topicarn","id":"topicarn"}','active',20433,concat(@eshost,':',@esport,'/aws_snstopic/snstopic'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('stack','stack','Management Tools','aws','{"key":"accountid,region,stackid","id":"stackid"}','enabled',null,concat(@eshost,':',@esport,'/aws_stack/stack'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('subnet','subnet','Compute','aws','{"key":"accountid,region,subnetid","id":"subnetid"}','enabled',null,concat(@eshost,':',@esport,'/aws_subnet/subnet'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('targetgroup','targetgroup','Compute','aws','{"key":"accountid,region,targetgroupname","id":"targetgroupname"}','enabled',null,concat(@eshost,':',@esport,'/aws_targetgroup/targetgroup'),{d '2017-07-17'},{d '2017-07-17'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('virtualinterface','Virtual Interface','Networking & Content Delivery','aws','{"key":"accountid,region,virtualinterfaceid","id":"virtualinterfaceid"}','active',20433,concat(@eshost,':',@esport,'/aws_virtualinterface/virtualinterface'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('volume','volume','Storage','aws','{"key":"accountid,region,volumeid","id":"volumeid"}','enabled',20433,concat(@eshost,':',@esport,'/aws_volume/volume'),{d '2017-07-17'},{d '2017-11-03'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('vpc','vpc','Compute','aws','{"key":"accountid,region,vpcid","id":"vpcid"}','enabled',20433,concat(@eshost,':',@esport,'/aws_vpc/vpc'),{d '2017-07-17'},{d '2017-11-28'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('vpnconnection','VPN Connection','Networking & Content Delivery','aws','{"key":"accountid,region,vpnconnectionid","id":"vpnconnectionid"}','active',20433,concat(@eshost,':',@esport,'/aws_vpnconnection/vpnconnection'),{d '2018-03-26'},{d '2018-03-26'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('vpngateway','VPN Gateway','Networking & Content Delivery','aws','{"key":"accountid,region,vpngatewayid","id":"vpngatewayid"}','active',920825,concat(@eshost,':',@esport,'/aws_vpngateway/vpngateway'),{d '2017-11-29'},{d '2017-11-29'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('wafdomain','WAF Domains','Other','aws','{"key":"","id":""}','enabled',null,concat(@eshost,':',@esport,'/aws_wafdomain/wafdomain'),{d '2017-11-13'},{d '2017-11-13'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('elasticache','ElastiCache','Database','aws','{"key":"account,region,clustername","id":"arn"}','enabled',null,concat(@eshost,':',@esport,'/aws_elasticache/elasticache'),{d '2017-11-13'},{d '2017-11-13'},'Infra & Platforms'); + +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('datastream','Kinesis Datastream','Analytics','aws','{"key":"streamarn","id":"streamarn"}','enabled','123',concat(@eshost,':',@esport,'/aws_datastream/datastream'),{d '2018-10-30'},{d '2018-10-30'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('deliverystream','Kinesis Fireshose','Analytics','aws','{"key":"deliverystreamarn","id":"deliverystreamarn"}','enabled','123',concat(@eshost,':',@esport,'/aws_deliverystream/deliverystream'),{d '2018-10-30'},{d '2018-10-30'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('videostream','Kinesis Videostream','Analytics','aws','{"key":"streamarn","id":"streamarn"}','enabled','123',concat(@eshost,':',@esport,'/aws_videostream/videostream'),{d '2018-10-30'},{d '2018-10-30'},'Infra & Platforms'); +INSERT IGNORE INTO cf_Target (targetName,targetDesc,category,dataSourceName,targetConfig,status,userId,endpoint,createdDate,modifiedDate,domain) VALUES ('reservedinstance','Reserved Instances','Compute','aws','{"key":"instanceid","id":"instanceid"}','','123',concat(@eshost,':',@esport,'/aws_reservedinstance/reservedinstance'),{d '2018-11-01'},{d '2018-11-01'},'Infra & Platforms'); /* Auth Related data */ -insert into `oauth_client_details`(`client_id`,`resource_ids`,`client_secret`,`scope`,`authorized_grant_types`,`web_server_redirect_uri`,`authorities`,`access_token_validity`,`refresh_token_validity`,`additional_information`,`autoapprove`) values ('22e14922-87d7-4ee4-a470-da0bb10d45d3',NULL,'$2a$10$Is6r80wW65hKHUq6Wa8B6O3BLKqGOb5McDGbJUwVwfVvyeJBCf7ta','resource-access','implicit,authorization_code,refresh_token,password,client_credentials',NULL,'ROLE_CLIENT,ROLE_USER',NULL,NULL,NULL,''); -insert into `oauth_user`(`id`,`user_id`,`user_name`,`first_name`,`last_name`,`email`,`created_date`,`modified_date`) values (1,'user@pacbot.org','user','user','','user@pacbot.org','2018-06-26 18:21:56','2018-06-26 18:21:56'),(2,'admin@pacbot.org','admin','admin','','admin@pacbot.org','2018-06-26 18:21:56','2018-06-26 18:21:56'); -insert into `oauth_user_credentials` (`id`, `password`, `type`) values('1','$2a$10$IKXbqqHbMBMa/1Cs3VhjGeye4EKVBen4dPwhTYB24cHgDouravEMa','db'); -insert into `oauth_user_credentials` (`id`, `password`, `type`) values('2','$2a$10$G02s.dXgFAV7oKvYzvL5luq9FaBuzwNHeBLdbpncBazk5APkiVjUq','db'); -insert into `oauth_user_roles`(`roleId`,`roleName`,`roleDesc`,`writePermission`,`owner`,`client`,`createdDate`,`modifiedDate`) values ('1','ROLE_USER','ROLE_USER',0,'asgc','22e14922-87d7-4ee4-a470-da0bb10d45d3','2018-01-23 00:00:00','2018-01-23 00:00:00'),('703','ROLE_ADMIN','ROLE_ADMIN',1,'asgc','22e14922-87d7-4ee4-a470-da0bb10d45d3','2018-03-13 17:26:58','2018-03-13 17:26:58'); -insert into `oauth_user_role_mapping`(`userRoleId`,`userId`,`roleId`,`clientId`,`allocator`,`createdDate`,`modifiedDate`) values ('4747c0cf-63cc-4829-a1e8-f1e957ec5dd6','user@pacbot.org','1','22e14922-87d7-4ee4-a470-da0bb10d45d3','user123','2018-01-09 16:11:47','2018-01-09 16:11:47'),('4747c0cf-63cc-4829-a1e8-f1e957ec5dd7','admin@pacbot.org','1','22e14922-87d7-4ee4-a470-da0bb10d45d3','user123','2018-01-09 16:11:47','2018-01-09 16:11:47'),('f5b2a689-c185-11e8-9c73-12d01119b604','admin@pacbot.org','703','22e14922-87d7-4ee4-a470-da0bb10d45d3','user123','2018-01-09 16:11:47','2018-01-09 16:11:47'); +INSERT IGNORE INTO `oauth_client_details`(`client_id`,`resource_ids`,`client_secret`,`scope`,`authorized_grant_types`,`web_server_redirect_uri`,`authorities`,`access_token_validity`,`refresh_token_validity`,`additional_information`,`autoapprove`) values ('22e14922-87d7-4ee4-a470-da0bb10d45d3',NULL,'$2a$10$Is6r80wW65hKHUq6Wa8B6O3BLKqGOb5McDGbJUwVwfVvyeJBCf7ta','resource-access','implicit,authorization_code,refresh_token,password,client_credentials',NULL,'ROLE_CLIENT,ROLE_USER',NULL,NULL,NULL,''); +INSERT IGNORE INTO `oauth_user`(`id`,`user_id`,`user_name`,`first_name`,`last_name`,`email`,`created_date`,`modified_date`) values (1,'user@pacbot.org','user','user','','user@pacbot.org','2018-06-26 18:21:56','2018-06-26 18:21:56'),(2,'admin@pacbot.org','admin','admin','','admin@pacbot.org','2018-06-26 18:21:56','2018-06-26 18:21:56'); +INSERT IGNORE INTO `oauth_user_credentials` (`id`, `password`, `type`) values('1','$2a$10$IKXbqqHbMBMa/1Cs3VhjGeye4EKVBen4dPwhTYB24cHgDouravEMa','db'); +INSERT IGNORE INTO `oauth_user_credentials` (`id`, `password`, `type`) values('2','$2a$10$G02s.dXgFAV7oKvYzvL5luq9FaBuzwNHeBLdbpncBazk5APkiVjUq','db'); +INSERT IGNORE INTO `oauth_user_roles`(`roleId`,`roleName`,`roleDesc`,`writePermission`,`owner`,`client`,`createdDate`,`modifiedDate`) values ('1','ROLE_USER','ROLE_USER',0,'asgc','22e14922-87d7-4ee4-a470-da0bb10d45d3','2018-01-23 00:00:00','2018-01-23 00:00:00'),('703','ROLE_ADMIN','ROLE_ADMIN',1,'asgc','22e14922-87d7-4ee4-a470-da0bb10d45d3','2018-03-13 17:26:58','2018-03-13 17:26:58'); +INSERT IGNORE INTO `oauth_user_role_mapping`(`userRoleId`,`userId`,`roleId`,`clientId`,`allocator`,`createdDate`,`modifiedDate`) values ('4747c0cf-63cc-4829-a1e8-f1e957ec5dd6','user@pacbot.org','1','22e14922-87d7-4ee4-a470-da0bb10d45d3','user123','2018-01-09 16:11:47','2018-01-09 16:11:47'),('4747c0cf-63cc-4829-a1e8-f1e957ec5dd7','admin@pacbot.org','1','22e14922-87d7-4ee4-a470-da0bb10d45d3','user123','2018-01-09 16:11:47','2018-01-09 16:11:47'),('f5b2a689-c185-11e8-9c73-12d01119b604','admin@pacbot.org','703','22e14922-87d7-4ee4-a470-da0bb10d45d3','user123','2018-01-09 16:11:47','2018-01-09 16:11:47'); /* Display and Update Fields */ -INSERT INTO cf_pac_updatable_fields (resourceType,displayFields,updatableFields) VALUES +INSERT IGNORE INTO cf_pac_updatable_fields (resourceType,displayFields,updatableFields) VALUES ('all_list','_resourceid,tags.Application,tags.Environment,_entitytype',null), ('all_taggable','_resourceid,tags.Application,tags.Environment,_entitytype,targetType,accountid,accountname,region',null), ('all_vulnerable','_resourceid,tags.Application,tags.Environment,_entitytype,accountid,accountname,region',null), @@ -958,326 +980,331 @@ INSERT INTO cf_pac_updatable_fields (resourceType,displayFields,updatableFields /* Rule and Policy Initialisation */ -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AWSCloudTrailConfig_version-1','AWSCloudTrailConfig','Cloudtrail logs provide the audit trail of who did what and when. Cloudtrail is enabled by default on all AWS accounts, this should not be turned off any time','Enable cloudtrail for all regions','','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AWSConfigEnabled_version-1','AWSConfigEnabled','AWS Config records all supported resources that it discovers in the region and maintain a timeline for each of the resource. AWS Config should always be in ''enabled'' stated','Enable AWS Config for each region','','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Amazon-EC2-Reserved-Instance-Lease-Expiration_version-1','Amazon-EC2-Reserved-Instance-Lease-Expiration','Checks for Amazon EC2 Reserved Instances that are scheduled to expire within the next 30 days or have expired in the preceding 30 days. \nReserved Instances do not renew automatically; you can continue using an EC2 instance covered by the reservation without interruption, \nbut you will be charged On-Demand rates. New Reserved Instances can have the same parameters as the expired ones, or you can purchase \nReserved Instances with different parameters.The estimated monthly savings we show is the difference between the On-Demand and\nReserved Instance rates for the same instance type.\n\nAlert Criteria :\nYellow: The Reserved Instance lease expires in less than 30 days.\nYellow: The Reserved Instance lease expired in the preceding 30 days.','Consider purchasing a new Reserved Instance to replace the one that is nearing the end of its term, For more information \nsee How to Purchase Reserved Instances\nBuying Reserved Instances,\nAdditional Resources : Reserved Instances\nInstance Types','','version-1','',710383,{d '2018-05-28'},{d '2018-05-28'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AmazonRDSIdleDBInstancesRule_version-1','AmazonRDSIdleDBInstancesRule','Checks the configuration of your Amazon Relational Database Service (Amazon RDS) for any DB instances that appear to be idle. If a DB instance has not had a connection for a prolonged period of time, you can delete the instance to reduce costs. If persistent storage is needed for data on the instance, you can use lower-cost options such as taking and retaining a DB snapshot. Manually created DB snapshots are retained until you delete them.','Consider taking a snapshot of the idle DB instance and then deleting it,See Deleting a DB Instance with a Final Snapshot','','version-1','',710383,{d '2018-03-15'},{d '2018-03-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-1','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','Protect the API gateway with an API key OR Use a custom authorizers at the gateway level','','version-1','',710383,{d '2017-08-16'},{d '2017-08-16'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-2','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','Protect the API gateway with an API key OR Use a custom authorizers at the gateway level','','version-2','',710383,{d '2017-08-24'},{d '2017-08-24'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-3','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','Protect the API gateway with an API key OR Use a custom authorizers at the gateway level','','version-3','',333523,{d '2017-09-19'},{d '2017-09-19'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-4','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','','','version-4','',76355,{d '2018-04-23'},{d '2018-04-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApplicationTagsShouldBeValid_version-1','ApplicationTagsShouldBeValid','The value of ''Application'' tag of the asset should be one of the application names approved by the cloud intake team. Assets with wrong value for Application tag would generally get orphaned from monitoring, patching, centralized access control, etc. Lot of auomations rely on correct application tag and care should be taken to make sure all assets are tagged with correct value for this tag.','Add correct value for the Application tag.','','version-1','',710383,{d '2017-12-07'},{d '2017-12-07'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AwsRoute53DNSForAccountsRule_version-1','AwsRoute53DNSForAccountsRule','Route 53 service is allowed to be used only in approved accounts. No other accounts should be using Route 53 service. Since Route 53 service is critical service for every application, a controlled environment is required for smooth operations. Also in order stop domain proliferation and enforce best practices, this service is limited only to these two accounts.','Please work with pacbot@t-mobile.com for migration or exceptions','','version-1','',710383,{d '2018-02-16'},{d '2018-02-16'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckAwsActivityInBlacklistedRegion_version-1','CheckAwsActivityInBlacklistedRegion','At T-Mobile we primarily use US regions. Any activity in regions outside of US regions is a violation of policy. It generally indicates malicious and un authorized activity','Reach out to pacbot@t-mobile.com for addressing malicious activity,In case of legitimate workloads please reach out to the same team for exception.','','version-1','',710383,{d '2018-02-16'},{d '2018-02-16'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckEdpRepositoryRule_version-1','CheckEdpRepositoryRule','Every repository should have master and dev branches','','','version-1','',710383,{d '2018-02-28'},{d '2018-02-28'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1','CheckGuardDutyIsEnabledForAllAccount','All the AWS accounts should have guard duty enabled. Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers','','','version-1','',710383,{d '2018-01-19'},{d '2018-01-19'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckInactiveIamUser_version-1','CheckInactiveIamUser','IAM users who have not logged into AWS and have no API activity for 90 days will be considered inactive IAM users and their accounts will be terminated.','Reach out to pacbot@t-mobile.com for exceptions','','version-1','',710383,{d '2018-02-13'},{d '2018-02-13'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckMongoDBPublicAccess_version-1','CheckMongoDBPublicAccess','To prevent data theft and data loss all Mongo DBs should be protected with access control mechanism. ','Disable anonymous access to MongoDB','','version-1','',2689645,{d '2017-09-01'},{d '2017-09-01'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CloudWatchEventsForAllAccounts_version-1','CloudWatchEventsForAllAccounts','Events from all AWS account should be routed to a central event bus so that the events and be processed and analyzed centrally.','','','version-1','',710383,{d '2018-01-18'},{d '2018-01-18'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessForPort27017_version-1','EC2WithPublicAccessForPort27017','Global permission to access the well known services like TCP on port 27017 (Mongo DB) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',2689645,{d '2017-08-24'},{d '2017-08-24'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessForPort9600_version-1','EC2WithPublicAccessForPort9600','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for port 9600,if it find any then its an issue.',null,'','version-1','',2689645,{d '2017-08-23'},{d '2017-08-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessForPort9600_version-2','EC2WithPublicAccessForPort9600','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for port 9600,if it find any then its an issue.',null,'','version-2','',333523,{d '2017-08-30'},{d '2017-08-30'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessSSHPort22_version-1','EC2WithPublicAccessSSHPort22','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for SSH port,if it find any then its an issue.',null,'','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessSSHPort22_version-2','EC2WithPublicAccessSSHPort22','SSH port 22 should not be accessible from internet. Port 22 should be open only to the internal 10.*.*.* network. Further reducing the permitted IP addresses or ranges allowed to communicate to destination hosts on TCP port 22 is recommended. An exposed SSH port 22 pose a great security risk. Dedicated bastion hosts can have port open to internet with appropriate SSH config.','Remove the rule from the security groups that allows inbound access from 0.0.0.0/0.','','version-2','',2689645,{d '2017-08-23'},{d '2017-08-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessSSHPort9600_version-1','EC2WithPublicAccessSSHPort9600','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for port 9600,if it find any then its an issue.',null,'','version-1','',2689645,{d '2017-08-23'},{d '2017-08-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicIPAccess_version-1','EC2WithPublicIPAccess','EC2 instances should not be directly accessible from internet (Except for the servers in DMZ zone). Ideally these instances should be behind firewall (AWS WAF or any other firewall)','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EbsSnapShot_version-1','EbsSnapShot','Depending on the purpose for which the EBS was used, the snapshot might carry sensistive information about our cloud ecosystem or might carry customer PII or CPNI or it could be anything. The cases where we need to make a snpashot public is very rare, those cases have to go through an exception process','Make the snapshot private','','version-1','',710383,{d '2017-08-16'},{d '2017-08-16'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2InstanceScannedByQualys_version-1','Ec2InstanceScannedByQualys','All assets in Cloud should be scanned by Qualys vulnerability assessment tool atleast once a month. It would be ideal to have the Qulays Cloud Agent installed on all the assets. This would eliminate the need to have manual external scans','Install Qualys Cloud Agent on the server or get the asset scanned manually by VMAS team every month','','version-1','',710383,{d '2017-11-14'},{d '2017-11-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2PublicAccessPortWithS5Vulnerability_version-1','Ec2PublicAccessPortWithS5Vulnerability','An Ec2 instance with remotely exploitable vulnerability (S5) should not be open to internet, this instance can be easily compromised from a remote location','Immediately remove the internet access,Apply the vulnerability fix','','version-1','',710383,{d '2018-01-11'},{d '2018-01-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2PublicAccessPortWithTarget_version-1','Ec2PublicAccessPortWithTarget','Global permission to access the well known services running on privileged ports should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-12-22'},{d '2017-12-22'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-2','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule look for the stopped instances which are stopped for more than 60 days.',null,'','version-2','',1205352,{d '2017-11-06'},{d '2017-11-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-3','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule check for the stopped instances which are stopped for more than 60 days.',null,'','version-3','',1205352,{d '2017-11-06'},{d '2017-11-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-4','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule check for the stopped instances for more than 60 days.',null,'','version-4','',1205352,{d '2017-11-06'},{d '2017-11-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-5','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule check for instances stopped for more than 60 days.',null,'','version-5','',1205352,{d '2017-11-13'},{d '2017-11-13'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2StoppedInstanceForLong_version-1','Ec2StoppedInstanceForLong','Stopped EC2 instances still incur cost for the volumes,elastic IP associated with it, potential AWS marketplace license costs as well.','Terminate the EC2 instance if it is no longer required.','','version-1','',710383,{d '2017-08-29'},{d '2017-08-29'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccFTP-DataPort20_version-1','Ec2WithPubAccFTP-DataPort20','Global permission to access the well known services like TCP on port 20 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccPort1434_version-1','Ec2WithPubAccPort1434','Global permission to access the well known services like TCP on port 1434 (SQL Browser) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-07'},{d '2017-09-07'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccSMTPPort25_version-1','Ec2WithPubAccSMTPPort25','Global permission to access the well known services like SMTP on port 25 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccUDP-Port-53_version-1','Ec2WithPubAccUDP-Port-53','Global permission to access the well known services like UDP on port 53 (Nameservers) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessCifsPort445_version-1','Ec2WithPublicAccessCifsPort445','Global permission to access the well known services like TCP on port 445 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-15'},{d '2017-09-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessFtp21port_version-1','Ec2WithPublicAccessFtp21port','Global permission to access the well known services like TCP on port 21 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessMySql4333_version-1','Ec2WithPublicAccessMySql4333','Global permission to access the well known services like TCP on port 4333 (MINISQL Server) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-14'},{d '2017-09-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessMySqlPort3306_version-1','Ec2WithPublicAccessMySqlPort3306','Global permission to access the well known services like TCP on port 3306 (MySQL) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNetBIOSPort137_version-1','Ec2WithPublicAccessNetBIOSPort137','Global permission to access the well known services like TCP on port 137 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-15'},{d '2017-09-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNetBIOSPort138_version-1','Ec2WithPublicAccessNetBIOSPort138','Global permission to access the well known services like TCP on port 138 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-15'},{d '2017-09-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNonWebPorts443_version-1','Ec2WithPublicAccessNonWebPorts443','Global permission to access the well known services like TCP on port 443 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNonWebPorts80_version-1','Ec2WithPublicAccessNonWebPorts80','Global permission to access the well known services like HTTP on port 80 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessPort8080_version-1','Ec2WithPublicAccessPort8080','This rule creates an issue, if the port 8080 is open to internet.',null,null,'version-1',null,null,{d '2018-09-07'},{d '2018-09-07'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessPostgreSqlPort5432_version-1','Ec2WithPublicAccessPostgreSqlPort5432','Global permission to access the well known services like TCP on port 5432 (POSTGRESQL) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessRdpPort3389_version-1','Ec2WithPublicAccessRdpPort3389','RDP port 3389 should not be accessible from internet. Port 3389 should be open only to the internal 10.*.*.* network. Further reducing the permitted IP addresses or ranges allowed to communicate to destination hosts on RDP port 3389 is recommended. An exposed RDP port 3389 pose a great security risk.','Remove the rule from the security groups that allows inbound access from 0.0.0.0/0.','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessRpcPort135_version-1','Ec2WithPublicAccessRpcPort135','Global permission to access the well known services like TCP on port 135 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessSmbPort445_version-1','Ec2WithPublicAccessSmbPort445','Global permission to access the well known services like TCP on port 445 should not be allowed','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessSql1433_version-1','Ec2WithPublicAccessSql1433','Global permission to access the well known services like TCP on port 1433 (SQL Server) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessTelnetPort23_version-1','Ec2WithPublicAccessTelnetPort23','Global permission to access the well known services like TCP/UDP on port 23 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessVncPort5500_version-1','Ec2WithPublicAccessVncPort5500','Global permission to access the well known services like TCP on port 5500 (VNC) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-14'},{d '2017-09-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessVncServerPort5900_version-1','Ec2WithPublicAccessVncServerPort5900','Global permission to access the well known services like TCP on port 5900 (VNC) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-14'},{d '2017-09-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithSeverityVulnerability_version-1','Ec2WithSeverityVulnerability','If an EC2 Instance having S5, S4 and S3 vulnerability report it as an issue with severity high, medium and low respectively','','','version-1','',710383,{d '2018-03-08'},{d '2018-03-08'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EveryProjectShouldHaveMasterBranch-Asif_version-1','EveryProjectShouldHaveMasterBranch-Asif','EveryProjectShouldHaveMasterBranch-Asif','','','version-1','',1205352,{d '2018-05-10'},{d '2018-05-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EveryProjectShouldHaveRepository_version-1','EveryProjectShouldHaveRepository','Every project should have a repository','','','version-1','',710383,{d '2018-03-27'},{d '2018-03-27'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_GuardDutyFindingsExists_version-1','GuardDutyFindingsExists','Amazon GuardDuty is a managed threat detection service that continuously monitors your VPC flow logs, CloudTrail event logs and DNS logs for malicious or unauthorized behavior. When GuardDuty detects a suspicious or unexpected behavior in your AWS account, it generates a finding. A finding is a notification that contains information about a potential security threat identified by the GuardDuty service. The finding details includes data about the finding actor, the AWS resource(s) involved in the suspicious activity, the time when the activity occurred and so on.','Follow the step by step guide line provided for each finding from the Guard Duty console,Please reach out to pacbot@t-mobile.com in case of any queries about how to fix a finding','','version-1','',710383,{d '2018-02-12'},{d '2018-02-12'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamAccessKeyRotatedInEvery90Days_version-1','IamAccessKeyRotatedInEvery90Days','Access keys of IAM accounts should be rotated every 90 days in order to decrease the likelihood of accidental exposures and protect AWS resources against unauthorized access','Rotate the access keys every 90 days','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamIdentityProviderWithADFS_version-1','IamIdentityProviderWithADFS','All the AWS accounts should use CORP ADFS identity provider.','','','version-1','',710383,{d '2018-01-15'},{d '2018-01-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamPasswordPolicy_version-1','IamPasswordPolicy','Enforce a strong password policy on IAM console authentications. By default AWS does not configure the maximal strength password complexity policy on your behalf.','Log into your AWS console,Go to the IAM service,On the left menu select Password Policy which should be the bottom option,Set the Minimum Password Length form field to 12 (or higher) and Select each of the checkboxes so that all four required complexity options are selected,Depending on your corporate policy you may wish to allow users to change their own passwords,We recommend that you permit users to do so,Apply your new password policy and you have satisfied this security remediation','','version-1','',710383,{d '2018-01-08'},{d '2018-01-08'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamWithPermanentAccessKeysExceptServiceAccount_version-1','IamWithPermanentAccessKeysExceptServiceAccount','Every AWS account is configured one IAM Identity provider. This identity provider is required for logging into AWS with CORP AD account','Add the CORP AD ADFS provider configuration back to the AWS account','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IdleLoadBalancerRule_version-1','IdleLoadBalancerRule','Checks your Elastic Load Balancing configuration for load balancers that are not actively used. Any load balancer that is configured accrues charges. If a load balancer has no associated back-end instances or if network traffic is severely limited, the load balancer is not being used effectively.','If your load balancer has no active back-end instance then consider registering instances or deleting your load balancer, See Registering Your Amazon EC2 Instances with Your Load Balancer or Delete Your Load Balancer,If your load balancer has had a low request count then consider deleting your load balancer. ','','version-1','',710383,{d '2018-02-25'},{d '2018-02-25'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunMemorySize_version-1','LambdaFunMemorySize','This rule checks, If the given lambda function''s memory size exceeds more than 512 Mb, then its an issue.',null,'','version-1','',710383,{d '2017-09-05'},{d '2017-09-05'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunThrottleInvocationsRule_version-1','LambdaFunThrottleInvocationsRule','Lambda function throttle invocations should not exceed the threshold','Review the code and design and inspect if there is any problem with the logic. If it known and expected behaviour please request for an exception.','','version-1','',710383,{d '2017-10-13'},{d '2017-10-13'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1','LambdaFunWithAdmin-OrIamPrivileges','Lambda functions should not have administrative permissions (Managed Policy : AdministratorAccess). Least privileges should be granted to lambda functions. Also IAM privileges should never be granted to lambda functions. (Exceptional cases has to be reviewed and prior whitelisting would be required.)','Remove AdministratorAccess policy associated with lambda functions,Remove IAM privileges associated with the lambda function','','version-1','',710383,{d '2018-02-15'},{d '2018-02-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-2','LambdaFunWithAdmin-OrIamPrivileges','Lambda functions should not have administrative permissions (Managed Policy : AdministratorAccess). Least privileges should be granted to lambda functions. Also IAM privileges should never be granted to lambda functions. (Exceptional cases has to be reviewed and prior whitelisting would be required.)','','','version-2','',76355,{d '2018-04-23'},{d '2018-04-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaInvocationRule_version-1','LambdaInvocationRule','AWS Lambda is cheap but is pay per use. An errant lambda function calling itself, cyclic lambda function calls bentween functions can result is huge bills. Any lambda functions that is going to exceed 1 million executions a day should be reviewed.','Review the code and design and inspect if there is any problem with the logic. If it known and expected behaviour please request for an exception.','','version-1','',1205352,{d '2017-09-15'},{d '2017-09-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaWithVPC_version-1','LambdaWithVPC','This rule checks for lambda which are associated with any VPC, if so then creates an issue.',null,'','version-1','',710383,{d '2017-10-26'},{d '2017-10-26'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Lambdacost_version-1','Lambdacost','AWS Lambda is cheap but is pay per use. An errant lambda function calling itself, cyclic lambda function calls bentween functions can result is huge bills. Any lambda functions that is going to exceed 25 dollars should be reviewed.','Review the code and design and inspect if there is any problem with the logic. If it known and expected behaviour please request for an exception.','','version-1','',1205352,{d '2017-09-15'},{d '2017-09-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LowUtilizationAmazonEC2InstancesRule_version-1','LowUtilizationAmazonEC2InstancesRule','Checks the Amazon Elastic Compute Cloud (Amazon EC2) instances that were running at any time during the last 14 days and alerts you if the daily CPU utilization was 10% or less and network I/O was 5 MB or less on 4 or more days. Running instances generate hourly usage charges. Although some scenarios can result in low utilization by design, you can often lower your costs by managing the number and size of your instances. \nAn instance had 10% or less daily average CPU utilization and 5 MB or less network I/O on at least 4 of the previous 14 days','Consider stopping or terminating instances that have low utilization, or scale the number of instances by using Auto Scaling.','','version-1','',710383,{d '2018-03-12'},{d '2018-03-12'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Non-role-task-members_version-1','Non-role-task-members','Only roles can be a member of a task\nAny task group (t_*) that contains a memberof which is not a role (r_*)','','','version-1','',710383,{d '2018-05-23'},{d '2018-05-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_NonAdminAccountsWithIAMFullAccess_version-1','NonAdminAccountsWithIAMFullAccess','As per AWS policy management standards, only the role named ''Admin'' have access to IAM. No other AWS role is supposed have IAM access.','Remove the IAM privilleges from that role.','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_NonStandardRegionRule_version-1','NonStandardRegionRule','T-Mobile using resources some standard region (us-est/west). As part of this rule if the resource finds non-standard region it should report as violation.',null,null,'version-1',null,null,{d '2018-08-30'},{d '2018-08-30'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Onprem-asset-scanned-by-qualys-API_version-1','Onprem-asset-scanned-by-qualys-API','Onprem assets should be scanned by Qualys vulnerability assessment tool atleast once a month. It would be ideal to have the Qulays Cloud Agent installed on all the assets. This would eliminate the need to have manual external scans','','','version-1','',710383,{d '2018-05-14'},{d '2018-05-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RdsSnapshotWithPublicAccess_version-1','RdsSnapshotWithPublicAccess','A RDS snapshot may contain sensitive or customer information. No RDS snapshot should be made public from our accounts. There are very rare cases where this might be required. Those cases have to go through exception process. ','Make the snapshot private','','version-1','',710383,{d '2017-08-16'},{d '2017-08-16'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RedShiftPublicAccess_version-1','RedShiftPublicAccess','A Redshift snapshot may contain sensitive or customer information. No RDS snapshot should be made public from our accounts. There are very rare cases where this might be required. Those cases have to go through exception process. ','Make the snapshot private','','version-1','',710383,{d '2017-10-09'},{d '2017-10-09'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-complies-with-a-branching-strategy_version-1','Repository-complies-with-a-branching-strategy','This policy checks that repository in Bitbucket follows a matured branching strategy - \n1.Repository should either follow git flow workflow\n2.Or repository should follow trunck based workflow\n3. Or repository follws feature branch based workflow','Follow gitflow workflow branching strategy (https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow), Follow trunk or forking based branching strategy (https://www.atlassian.com/git/tutorials/comparing-workflows/forking-workflow), Follow feature branch based workflow (https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow)','','version-1','',710383,{d '2018-04-05'},{d '2018-04-05'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-complies-with-a-branching-strategy_version-2','Repository-complies-with-a-branching-strategy','This policy checks that repository in Bit-bucket follows a mature branching strategy \n1. Repository follows git flow workflow\n2. Or repository follows trunk based workflow \n3. Or repository follows feature branch based workflow','','','version-2','',1205352,{d '2018-06-14'},{d '2018-06-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-complies-with-trunk-based-strategy_version-1','Repository-complies-with-trunk-based-strategy','This policy checks that repository in Bitbucket follows trunk branching strategy\n\n1. Repository should only have a master branch\n2. Repository should only have Feature branches other than Master branch','If there are branches other than Feature, Merge and delete the branches, In future only create feature branches.','','version-1','',710383,{d '2018-04-05'},{d '2018-04-05'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-should-not-have-stale-branch_version-1','Repository-should-not-have-stale-branch','This policy checks if branches in a repository, other than master/develop/release are not active for more than two weeks','','','version-1','',1205352,{d '2018-04-06'},{d '2018-04-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-should-not-have-stale-branch_version-2','Repository-should-not-have-stale-branch','This policy checks if branches, other than master/develop/release had a commit in the last two weeks','','','version-2','',1205352,{d '2018-05-23'},{d '2018-05-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RepositoryCompliesWithTruckBasedStrategy_version-1','RepositoryCompliesWithTruckBasedStrategy','Repository should only have a master branch','','','version-1','',710383,{d '2018-03-27'},{d '2018-03-27'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RepositoryShouldNotHaveMoreBranches_version-1','RepositoryShouldNotHaveMoreBranches','Every Repository should not have more than branches at a time','','','version-1','',710383,{d '2018-03-27'},{d '2018-03-27'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Respository-Policy_version-1','Respository-Policy','This policy checks that repository in Bitbucket follows git flow branching strategy - \n1.Repo should have exactly 1 master branch\n2.Repo should have exactly 1 develop branch\n3.Repo should have branches prefixed with /hotfix, /release ,/feature, /bugfix ','Follow gitflow workflow branching strategy (https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow)','','version-1','',1205352,{d '2018-03-27'},{d '2018-03-27'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_S3-apptag-policy-by-Asif_version-1','S3-apptag-policy-by-Asif','S3-apptag-policy-by-Asif','','','version-1','',1205352,{d '2018-06-18'},{d '2018-06-18'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_S3BucketWithGlobalReadPermission_version-1','S3BucketWithGlobalReadPermission','Unprotected S3 buckets are one of the major causes for data theft and intrusions. Except for the S3 buckets used for hosting static website, none of the S3 buckets should be globally accessible for unauthenticated users or for Any AWS Authenticate Users.','S3 buckets should be protected by using the bucket ACL and bucket policies,If you want to share data via S3 buckets to other users,you could create pre-signed URLs which will be valid only for short duration.For all automation related work use the bucket policy and grant access to the required roles.','','version-1','',2689645,{d '2017-08-17'},{d '2017-08-17'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_S3BucketWithGlobalWritePermission_version-1','S3BucketWithGlobalWritePermission','AWS S3 buckets cannot be publicly accessed for WRITE actions in order to protect S3 data from unauthorized users. An S3 bucket that allows WRITE (UPLOAD/DELETE) access to everyone (i.e. anonymous users) can provide attackers the capability to add, delete and replace objects within the bucket, which can lead to S3 data loss or unintended changes to applications using that bucket or possibly a huge bill.','Make the S3 bucket private by applying ACLs or bucket policies','','version-1','',2689645,{d '2017-08-17'},{d '2017-08-17'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_SGWithAnywhereAccess_version-1','SGWithAnywhereAccess','It is best practice to allows required ip ranges and specific port in the security groups that will be used for securing EC2 instances in private subnets.','Edit the security groups and allow only specific IP ranges and ports','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_SSMAgentCheckRule_version-1','SSMAgentCheckRule','This rule checks if EC2 instance has SSM agent with pingstatus as Online, if not its an issue','','','version-1','',710383,{d '2018-05-26'},{d '2018-05-26'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ServiceLimitRule_version-1','ServiceLimitRule','All AWS service limits should be extended from time to time based on the growing needs. Cloudformation execution, Auotscalling or A,B deplymnet for production workloads may fail if the service limit is reached causing downtime. Proactively service limits should be extended when limit thresholds reach 75% or above','Open a case with AWS and increase the service limits','','version-1','',710383,{d '2017-10-17'},{d '2017-10-17'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_SgWithRdpPortHasGlobalAccess_version-1','SgWithRdpPortHasGlobalAccess','Global permission to access the well known services like RDP on port 3389 (Windows RDP) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_TaggingRule_version-1','TaggingRule','All AWS assets should be tagged with following mandatory tags. Application, Environment, Role and Stack. Assets without these mandatory tags will be marked as non-complaint. Below is an example for the tag value pairs.\n\nTag name: Application\nExample value: Rebellion\n\nNotes\nThis value for the application tag should be the approved application name give for the project during the cloud on-boarding process. Unknown applications will be marked for review and possible termination.\n\nTag name: Environment\nExample value: Production or Non Production or Non Production::qat1 or Non Production::dit1 (Refer Naming guide)\n\nNotes\nThe value for environment should distinguish the asset as a Production or Non Production class. You can further qualify Non Production assets using the :: separator. Look at the examples 3 and 4.\n\nTag name: Stack\nExample Value: Apache Httpd\n\nTag name: Role\nExample value: Webserver\n\n \nEach asset should at least have these 4 mandatory tags. You can have additional tags as well.','Add the mandatory tags to the assets,Follow the Cloud Asset Tagging guidelines.','','version-1','',710383,{d '2017-11-02'},{d '2017-11-02'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Underutilized-Amazon-EBS-Volumes_version-1','Underutilized-Amazon-EBS-Volumes','Checks Amazon Elastic Block Store (Amazon EBS) volume configurations and warns when volumes appear to be underused. Charges begin when a volume is created. If a volume remains unattached or has very low write activity (excluding boot volumes) for a period of time, the volume is probably not being used.\n\nAlert Criteria\nYellow: A volume is unattached or had less than 1 IOPS per day for the past 7 days.','Consider creating a snapshot and deleting the volume to reduce costs','','version-1','',710383,{d '2018-05-14'},{d '2018-05-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1','UnderutilizedAmazonRedshiftClustersRule','Checks your Amazon Redshift configuration for clusters that appear to be underutilized. If an Amazon Redshift cluster has not had a connection for a prolonged period of time or is using a low amount of CPU, you can use lower-cost options such as downsizing the cluster or shutting down the cluster and taking a final snapshot. Final snapshots are retained even after you delete your cluster\nAlert Criteria\nYellow: A running cluster has not had a connection in the last 7 days.\nYellow: A running cluster had less than 5% cluster-wide average CPU utilization for 99% of the last 7 days.','Consider shutting down the cluster and taking a final snapshot, or downsizing the cluster\n','','version-1','',710383,{d '2018-03-14'},{d '2018-03-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UntaggedOrUnusedEbsRule_version-1','UntaggedOrUnusedEbsRule','This rule checks the untagged or unused Ebs volume to avoid the cost',null,null,'version-1',null,null,{d '2018-08-21'},{d '2018-08-21'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Unused-Security-group_version-1','Unused-Security-group','Cleaning up un-used security groups is best practice to keep the security groups upto date and relevant.','Delete the unused security groups','','version-1','',710383,{d '2017-10-09'},{d '2017-10-09'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedApplicationElbRule_version-1','UnusedApplicationElbRule','Un-used assets should be terminated promptly for obvious cost saving reasons','Terminate the ELB if it is no longer required','','version-1','',710383,{d '2017-09-28'},{d '2017-09-28'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedClassicElbRule_version-1','UnusedClassicElbRule','Un-used assets should be terminated promptly for obvious cost saving reasons','Terminate the ELB if it is no longer required','','version-1','',710383,{d '2017-09-28'},{d '2017-09-28'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedEBSRule_version-1','UnusedEBSRule','Un-used assets should be terminated promptly for obvious cost saving reasons','Delete the volume if it is no longer required','','version-1','',710383,{d '2017-10-13'},{d '2017-10-13'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedElasticIpRule_version-1','UnusedElasticIpRule','Checks for Elastic IP addresses (EIPs) that are not associated with a running Amazon Elastic Compute Cloud (Amazon EC2) instance. EIPs are static IP addresses designed for dynamic cloud computing. Unlike traditional static IP addresses, EIPs can mask the failure of an instance or Availability Zone by remapping a public IP address to another instance in your account. A nominal charge is imposed for an EIP that is not associated with a running instance.\n','Associate the EIP with a running active instance, or release the unassociated EIP','','version-1','',710383,{d '2018-02-01'},{d '2018-02-01'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_VpcFlowLogsEnabled_version-1','VpcFlowLogsEnabled','VPC flow logs provide vital information for debugging and forensic exercise in case of any incidents. These should be always enabled','Enable VPC flow logs','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_VpcFlowLogsEnabled_version-2','VpcFlowLogsEnabled','This rule checks the VPC flow log enabled for a given VPC id,account & region else its an issue',null,'','version-2','',20433,{d '2017-08-21'},{d '2017-08-21'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_apacheserver-public-access_version-1','apacheserver-public-access','This rule check EC2 private IP can be accessed with port 80 to the public',null,'','version-1','',1205352,{d '2017-08-15'},{d '2017-08-15'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-1','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-10','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-10','',333523,{d '2017-09-28'},{d '2017-09-28'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-11','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-11','',333523,{d '2017-09-29'},{d '2017-09-29'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-12','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-12','',333523,{d '2017-10-10'},{d '2017-10-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-13','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-13','',333523,{d '2017-10-13'},{d '2017-10-13'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-14','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-14','',333523,{d '2017-11-02'},{d '2017-11-02'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-2','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-2','',333523,{d '2017-08-16'},{d '2017-08-16'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-3','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-3','',333523,{d '2017-08-17'},{d '2017-08-17'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-4','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-4','',333523,{d '2017-08-23'},{d '2017-08-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-5','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-5','',333523,{d '2017-08-24'},{d '2017-08-24'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-6','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-6','',333523,{d '2017-08-28'},{d '2017-08-28'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-7','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-7','',333523,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-8','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-8','',333523,{d '2017-09-08'},{d '2017-09-08'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-9','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-9','',333523,{d '2017-09-12'},{d '2017-09-12'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_certificate-expiry-policy_version-1','certificate-expiry-policy','All SSL certificates must be renewed before specified days of the expiry and installed in the corresponding system','Renew and install the certficate before the specified threshold','','version-1','',1205352,{d '2017-10-26'},{d '2017-10-26'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_classicelbmandatory_version-1','classicelbmandatory','This rule checks for Classic ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_cloud-kernel-compliance_version-1','cloud-kernel-compliance','All Linux servers in AWS cloud should be patched as per the quarterly patching criteria published for the entire organization','Patch the operating system as per the criteria defined for the current quarter','','version-1','',1205352,{d '2017-09-14'},{d '2017-09-14'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_dryrundemo_version-1','dryrundemo','Simple policy creation demo','','','version-1','',70245,{d '2018-01-12'},{d '2018-01-12'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ebsmandatorytags_version-1','ebsmandatorytags','This rule checks for EBS mandatory tags maintained for given volume in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ec2deperecatedinstancetype_version-1','ec2deperecatedinstancetype','Deprecated Ec2 instance types (Old generation instance types) should not be used. Using old generation instance types have cost implication, they are not covered in our RI purchase as well','Stop the instance and change the instance type to a newer generation one and start it','','version-1','',1205352,{d '2017-08-11'},{d '2017-08-11'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ec2mandatorytags_version-1','ec2mandatorytags','This rule checks for EC2 mandatory tags maintained for given instance in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ec2publicaccesstoport9200_version-1','ec2publicaccesstoport9200','Global permission to access the well known services like TCP on Port 9200 (Elastic Search) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',1205352,{d '2017-08-23'},{d '2017-08-23'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_es-access_version-1','es-access','This Rule check for EC2 private IP address is accessible internally.',null,'','version-1','',1205352,{d '2017-08-22'},{d '2017-08-22'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_esearch_version-1','esearch','This rule checks for elastic search accessible internally.',null,'','version-1','',1205352,{d '2017-08-22'},{d '2017-08-22'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_lambdamandatorytags_version-1','lambdamandatorytags','This rule checks for Lambda mandatory tags maintained for given function in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_onpremisekernelversion_version-1','onpremisekernelversion','This rule checks for the on-premise servers kernel version is compliant. If it is not compliant it will create an issue.',null,'','version-1','',1205352,{d '2017-08-16'},{d '2017-08-16'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_rdsdb_version-1','rdsdb','A publicly accessible database end-point would be vulnerable to bruteforce login attempts and subsequent data loss. Unauthorised access should be restircted to minimize security risks.','To restrict access to any publicly accessible RDS database instance you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.','','version-1','',1205352,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_s3mandatorytags_version-1','s3mandatorytags','This rule checks for S3 mandatory tags maintained for given bucket in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_serverless-rule_version-1','serverless-rule','Serverless rule',null,'','version-1','',20433,{d '2017-09-06'},{d '2017-09-06'}); -INSERT INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_sgmandatorytags_version-1','sgmandatorytags','This rule checks for Security Group mandatory tags maintained for given SG in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AWSCloudTrailConfig_version-1','AWSCloudTrailConfig','Cloudtrail logs provide the audit trail of who did what and when. Cloudtrail is enabled by default on all AWS accounts, this should not be turned off any time','Enable cloudtrail for all regions','','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AWSConfigEnabled_version-1','AWSConfigEnabled','AWS Config records all supported resources that it discovers in the region and maintain a timeline for each of the resource. AWS Config should always be in ''enabled'' stated','Enable AWS Config for each region','','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Amazon-EC2-Reserved-Instance-Lease-Expiration_version-1','Amazon-EC2-Reserved-Instance-Lease-Expiration','Checks for Amazon EC2 Reserved Instances that are scheduled to expire within the next 30 days or have expired in the preceding 30 days. \nReserved Instances do not renew automatically; you can continue using an EC2 instance covered by the reservation without interruption, \nbut you will be charged On-Demand rates. New Reserved Instances can have the same parameters as the expired ones, or you can purchase \nReserved Instances with different parameters.The estimated monthly savings we show is the difference between the On-Demand and\nReserved Instance rates for the same instance type.\n\nAlert Criteria :\nYellow: The Reserved Instance lease expires in less than 30 days.\nYellow: The Reserved Instance lease expired in the preceding 30 days.','Consider purchasing a new Reserved Instance to replace the one that is nearing the end of its term, For more information \nsee How to Purchase Reserved Instances\nBuying Reserved Instances,\nAdditional Resources : Reserved Instances\nInstance Types','','version-1','',710383,{d '2018-05-28'},{d '2018-05-28'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AmazonRDSIdleDBInstancesRule_version-1','AmazonRDSIdleDBInstancesRule','Checks the configuration of your Amazon Relational Database Service (Amazon RDS) for any DB instances that appear to be idle. If a DB instance has not had a connection for a prolonged period of time, you can delete the instance to reduce costs. If persistent storage is needed for data on the instance, you can use lower-cost options such as taking and retaining a DB snapshot. Manually created DB snapshots are retained until you delete them.','Consider taking a snapshot of the idle DB instance and then deleting it,See Deleting a DB Instance with a Final Snapshot','','version-1','',710383,{d '2018-03-15'},{d '2018-03-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-1','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','Protect the API gateway with an API key OR Use a custom authorizers at the gateway level','','version-1','',710383,{d '2017-08-16'},{d '2017-08-16'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-2','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','Protect the API gateway with an API key OR Use a custom authorizers at the gateway level','','version-2','',710383,{d '2017-08-24'},{d '2017-08-24'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-3','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','Protect the API gateway with an API key OR Use a custom authorizers at the gateway level','','version-3','',333523,{d '2017-09-19'},{d '2017-09-19'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApiGatewayProtected_version-4','ApiGatewayProtected','AWS API gateway resources are by default publicly accessible, all of the API resources should be protected by a Authorizer or a API key. Unprotected API''s can lead to data leaks and security breaches.','','','version-4','',76355,{d '2018-04-23'},{d '2018-04-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ApplicationTagsShouldBeValid_version-1','ApplicationTagsShouldBeValid','The value of ''Application'' tag of the asset should be one of the application names approved by the cloud intake team. Assets with wrong value for Application tag would generally get orphaned from monitoring, patching, centralized access control, etc. Lot of auomations rely on correct application tag and care should be taken to make sure all assets are tagged with correct value for this tag.','Add correct value for the Application tag.','','version-1','',710383,{d '2017-12-07'},{d '2017-12-07'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_AwsRoute53DNSForAccountsRule_version-1','AwsRoute53DNSForAccountsRule','Route 53 service is allowed to be used only in approved accounts. No other accounts should be using Route 53 service. Since Route 53 service is critical service for every application, a controlled environment is required for smooth operations. Also in order stop domain proliferation and enforce best practices, this service is limited only to these two accounts.','Please work with pacbot@t-mobile.com for migration or exceptions','','version-1','',710383,{d '2018-02-16'},{d '2018-02-16'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckAwsActivityInBlacklistedRegion_version-1','CheckAwsActivityInBlacklistedRegion','At T-Mobile we primarily use US regions. Any activity in regions outside of US regions is a violation of policy. It generally indicates malicious and un authorized activity','Reach out to pacbot@t-mobile.com for addressing malicious activity,In case of legitimate workloads please reach out to the same team for exception.','','version-1','',710383,{d '2018-02-16'},{d '2018-02-16'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckEdpRepositoryRule_version-1','CheckEdpRepositoryRule','Every repository should have master and dev branches','','','version-1','',710383,{d '2018-02-28'},{d '2018-02-28'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1','CheckGuardDutyIsEnabledForAllAccount','All the AWS accounts should have guard duty enabled. Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers','','','version-1','',710383,{d '2018-01-19'},{d '2018-01-19'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckInactiveIamUser_version-1','CheckInactiveIamUser','IAM users who have not logged into AWS and have no API activity for 90 days will be considered inactive IAM users and their accounts will be terminated.','Reach out to pacbot@t-mobile.com for exceptions','','version-1','',710383,{d '2018-02-13'},{d '2018-02-13'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CheckMongoDBPublicAccess_version-1','CheckMongoDBPublicAccess','To prevent data theft and data loss all Mongo DBs should be protected with access control mechanism. ','Disable anonymous access to MongoDB','','version-1','',2689645,{d '2017-09-01'},{d '2017-09-01'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_CloudWatchEventsForAllAccounts_version-1','CloudWatchEventsForAllAccounts','Events from all AWS account should be routed to a central event bus so that the events and be processed and analyzed centrally.','','','version-1','',710383,{d '2018-01-18'},{d '2018-01-18'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessForPort27017_version-1','EC2WithPublicAccessForPort27017','Global permission to access the well known services like TCP on port 27017 (Mongo DB) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',2689645,{d '2017-08-24'},{d '2017-08-24'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessForPort9600_version-1','EC2WithPublicAccessForPort9600','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for port 9600,if it find any then its an issue.',null,'','version-1','',2689645,{d '2017-08-23'},{d '2017-08-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessForPort9600_version-2','EC2WithPublicAccessForPort9600','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for port 9600,if it find any then its an issue.',null,'','version-2','',333523,{d '2017-08-30'},{d '2017-08-30'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessSSHPort22_version-1','EC2WithPublicAccessSSHPort22','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for SSH port,if it find any then its an issue.',null,'','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessSSHPort22_version-2','EC2WithPublicAccessSSHPort22','SSH port 22 should not be accessible from internet. Port 22 should be open only to the internal 10.*.*.* network. Further reducing the permitted IP addresses or ranges allowed to communicate to destination hosts on TCP port 22 is recommended. An exposed SSH port 22 pose a great security risk. Dedicated bastion hosts can have port open to internet with appropriate SSH config.','Remove the rule from the security groups that allows inbound access from 0.0.0.0/0.','','version-2','',2689645,{d '2017-08-23'},{d '2017-08-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicAccessSSHPort9600_version-1','EC2WithPublicAccessSSHPort9600','This rule checks for EC2 instance which has IP address and looks for any of SG group has CIDR IP to 0.0.0.0 for port 9600,if it find any then its an issue.',null,'','version-1','',2689645,{d '2017-08-23'},{d '2017-08-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EC2WithPublicIPAccess_version-1','EC2WithPublicIPAccess','EC2 instances should not be directly accessible from internet (Except for the servers in DMZ zone). Ideally these instances should be behind firewall (AWS WAF or any other firewall)','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-08-18'},{d '2017-08-18'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EbsSnapShot_version-1','EbsSnapShot','Depending on the purpose for which the EBS was used, the snapshot might carry sensistive information about our cloud ecosystem or might carry customer PII or CPNI or it could be anything. The cases where we need to make a snpashot public is very rare, those cases have to go through an exception process','Make the snapshot private','','version-1','',710383,{d '2017-08-16'},{d '2017-08-16'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2InstanceScannedByQualys_version-1','Ec2InstanceScannedByQualys','All assets in Cloud should be scanned by Qualys vulnerability assessment tool atleast once a month. It would be ideal to have the Qulays Cloud Agent installed on all the assets. This would eliminate the need to have manual external scans','Install Qualys Cloud Agent on the server or get the asset scanned manually by VMAS team every month','','version-1','',710383,{d '2017-11-14'},{d '2017-11-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2PublicAccessPortWithS5Vulnerability_version-1','Ec2PublicAccessPortWithS5Vulnerability','An Ec2 instance with remotely exploitable vulnerability (S5) should not be open to internet, this instance can be easily compromised from a remote location','Immediately remove the internet access,Apply the vulnerability fix','','version-1','',710383,{d '2018-01-11'},{d '2018-01-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2PublicAccessPortWithTarget_version-1','Ec2PublicAccessPortWithTarget','Global permission to access the well known services running on privileged ports should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-12-22'},{d '2017-12-22'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-2','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule look for the stopped instances which are stopped for more than 60 days.',null,'','version-2','',1205352,{d '2017-11-06'},{d '2017-11-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-3','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule check for the stopped instances which are stopped for more than 60 days.',null,'','version-3','',1205352,{d '2017-11-06'},{d '2017-11-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-4','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule check for the stopped instances for more than 60 days.',null,'','version-4','',1205352,{d '2017-11-06'},{d '2017-11-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2SoppedInstanceForLong_version-5','Ec2SoppedInstanceForLong','EC2 Stopped Instances rule check for instances stopped for more than 60 days.',null,'','version-5','',1205352,{d '2017-11-13'},{d '2017-11-13'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2StoppedInstanceForLong_version-1','Ec2StoppedInstanceForLong','Stopped EC2 instances still incur cost for the volumes,elastic IP associated with it, potential AWS marketplace license costs as well.','Terminate the EC2 instance if it is no longer required.','','version-1','',710383,{d '2017-08-29'},{d '2017-08-29'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccFTP-DataPort20_version-1','Ec2WithPubAccFTP-DataPort20','Global permission to access the well known services like TCP on port 20 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccPort1434_version-1','Ec2WithPubAccPort1434','Global permission to access the well known services like TCP on port 1434 (SQL Browser) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-07'},{d '2017-09-07'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccSMTPPort25_version-1','Ec2WithPubAccSMTPPort25','Global permission to access the well known services like SMTP on port 25 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPubAccUDP-Port-53_version-1','Ec2WithPubAccUDP-Port-53','Global permission to access the well known services like UDP on port 53 (Nameservers) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessCifsPort445_version-1','Ec2WithPublicAccessCifsPort445','Global permission to access the well known services like TCP on port 445 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-15'},{d '2017-09-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessFtp21port_version-1','Ec2WithPublicAccessFtp21port','Global permission to access the well known services like TCP on port 21 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-10-20'},{d '2017-10-20'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessMySql4333_version-1','Ec2WithPublicAccessMySql4333','Global permission to access the well known services like TCP on port 4333 (MINISQL Server) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-14'},{d '2017-09-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessMySqlPort3306_version-1','Ec2WithPublicAccessMySqlPort3306','Global permission to access the well known services like TCP on port 3306 (MySQL) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNetBIOSPort137_version-1','Ec2WithPublicAccessNetBIOSPort137','Global permission to access the well known services like TCP on port 137 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-15'},{d '2017-09-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNetBIOSPort138_version-1','Ec2WithPublicAccessNetBIOSPort138','Global permission to access the well known services like TCP on port 138 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-15'},{d '2017-09-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNonWebPorts443_version-1','Ec2WithPublicAccessNonWebPorts443','Global permission to access the well known services like TCP on port 443 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessNonWebPorts80_version-1','Ec2WithPublicAccessNonWebPorts80','Global permission to access the well known services like HTTP on port 80 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessPort8080_version-1','Ec2WithPublicAccessPort8080','This rule creates an issue, if the port 8080 is open to internet.',null,null,'version-1',null,null,{d '2018-09-07'},{d '2018-09-07'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessPostgreSqlPort5432_version-1','Ec2WithPublicAccessPostgreSqlPort5432','Global permission to access the well known services like TCP on port 5432 (POSTGRESQL) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessRdpPort3389_version-1','Ec2WithPublicAccessRdpPort3389','RDP port 3389 should not be accessible from internet. Port 3389 should be open only to the internal 10.*.*.* network. Further reducing the permitted IP addresses or ranges allowed to communicate to destination hosts on RDP port 3389 is recommended. An exposed RDP port 3389 pose a great security risk.','Remove the rule from the security groups that allows inbound access from 0.0.0.0/0.','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessRpcPort135_version-1','Ec2WithPublicAccessRpcPort135','Global permission to access the well known services like TCP on port 135 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessSmbPort445_version-1','Ec2WithPublicAccessSmbPort445','Global permission to access the well known services like TCP on port 445 should not be allowed','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessSql1433_version-1','Ec2WithPublicAccessSql1433','Global permission to access the well known services like TCP on port 1433 (SQL Server) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessTelnetPort23_version-1','Ec2WithPublicAccessTelnetPort23','Global permission to access the well known services like TCP/UDP on port 23 should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessVncPort5500_version-1','Ec2WithPublicAccessVncPort5500','Global permission to access the well known services like TCP on port 5500 (VNC) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-14'},{d '2017-09-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithPublicAccessVncServerPort5900_version-1','Ec2WithPublicAccessVncServerPort5900','Global permission to access the well known services like TCP on port 5900 (VNC) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-09-14'},{d '2017-09-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Ec2WithSeverityVulnerability_version-1','Ec2WithSeverityVulnerability','If an EC2 Instance having S5, S4 and S3 vulnerability report it as an issue with severity high, medium and low respectively','','','version-1','',710383,{d '2018-03-08'},{d '2018-03-08'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EveryProjectShouldHaveMasterBranch-Asif_version-1','EveryProjectShouldHaveMasterBranch-Asif','EveryProjectShouldHaveMasterBranch-Asif','','','version-1','',1205352,{d '2018-05-10'},{d '2018-05-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_EveryProjectShouldHaveRepository_version-1','EveryProjectShouldHaveRepository','Every project should have a repository','','','version-1','',710383,{d '2018-03-27'},{d '2018-03-27'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_GuardDutyFindingsExists_version-1','GuardDutyFindingsExists','Amazon GuardDuty is a managed threat detection service that continuously monitors your VPC flow logs, CloudTrail event logs and DNS logs for malicious or unauthorized behavior. When GuardDuty detects a suspicious or unexpected behavior in your AWS account, it generates a finding. A finding is a notification that contains information about a potential security threat identified by the GuardDuty service. The finding details includes data about the finding actor, the AWS resource(s) involved in the suspicious activity, the time when the activity occurred and so on.','Follow the step by step guide line provided for each finding from the Guard Duty console,Please reach out to pacbot@t-mobile.com in case of any queries about how to fix a finding','','version-1','',710383,{d '2018-02-12'},{d '2018-02-12'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamAccessKeyRotatedInEvery90Days_version-1','IamAccessKeyRotatedInEvery90Days','Access keys of IAM accounts should be rotated every 90 days in order to decrease the likelihood of accidental exposures and protect AWS resources against unauthorized access','Rotate the access keys every 90 days','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamIdentityProviderWithADFS_version-1','IamIdentityProviderWithADFS','All the AWS accounts should use CORP ADFS identity provider.','','','version-1','',710383,{d '2018-01-15'},{d '2018-01-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamPasswordPolicy_version-1','IamPasswordPolicy','Enforce a strong password policy on IAM console authentications. By default AWS does not configure the maximal strength password complexity policy on your behalf.','Log into your AWS console,Go to the IAM service,On the left menu select Password Policy which should be the bottom option,Set the Minimum Password Length form field to 12 (or higher) and Select each of the checkboxes so that all four required complexity options are selected,Depending on your corporate policy you may wish to allow users to change their own passwords,We recommend that you permit users to do so,Apply your new password policy and you have satisfied this security remediation','','version-1','',710383,{d '2018-01-08'},{d '2018-01-08'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IamWithPermanentAccessKeysExceptServiceAccount_version-1','IamWithPermanentAccessKeysExceptServiceAccount','Every AWS account is configured one IAM Identity provider. This identity provider is required for logging into AWS with CORP AD account','Add the CORP AD ADFS provider configuration back to the AWS account','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_IdleLoadBalancerRule_version-1','IdleLoadBalancerRule','Checks your Elastic Load Balancing configuration for load balancers that are not actively used. Any load balancer that is configured accrues charges. If a load balancer has no associated back-end instances or if network traffic is severely limited, the load balancer is not being used effectively.','If your load balancer has no active back-end instance then consider registering instances or deleting your load balancer, See Registering Your Amazon EC2 Instances with Your Load Balancer or Delete Your Load Balancer,If your load balancer has had a low request count then consider deleting your load balancer. ','','version-1','',710383,{d '2018-02-25'},{d '2018-02-25'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunMemorySize_version-1','LambdaFunMemorySize','This rule checks, If the given lambda function''s memory size exceeds more than 512 Mb, then its an issue.',null,'','version-1','',710383,{d '2017-09-05'},{d '2017-09-05'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunThrottleInvocationsRule_version-1','LambdaFunThrottleInvocationsRule','Lambda function throttle invocations should not exceed the threshold','Review the code and design and inspect if there is any problem with the logic. If it known and expected behaviour please request for an exception.','','version-1','',710383,{d '2017-10-13'},{d '2017-10-13'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1','LambdaFunWithAdmin-OrIamPrivileges','Lambda functions should not have administrative permissions (Managed Policy : AdministratorAccess). Least privileges should be granted to lambda functions. Also IAM privileges should never be granted to lambda functions. (Exceptional cases has to be reviewed and prior whitelisting would be required.)','Remove AdministratorAccess policy associated with lambda functions,Remove IAM privileges associated with the lambda function','','version-1','',710383,{d '2018-02-15'},{d '2018-02-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-2','LambdaFunWithAdmin-OrIamPrivileges','Lambda functions should not have administrative permissions (Managed Policy : AdministratorAccess). Least privileges should be granted to lambda functions. Also IAM privileges should never be granted to lambda functions. (Exceptional cases has to be reviewed and prior whitelisting would be required.)','','','version-2','',76355,{d '2018-04-23'},{d '2018-04-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaInvocationRule_version-1','LambdaInvocationRule','AWS Lambda is cheap but is pay per use. An errant lambda function calling itself, cyclic lambda function calls bentween functions can result is huge bills. Any lambda functions that is going to exceed 1 million executions a day should be reviewed.','Review the code and design and inspect if there is any problem with the logic. If it known and expected behaviour please request for an exception.','','version-1','',1205352,{d '2017-09-15'},{d '2017-09-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LambdaWithVPC_version-1','LambdaWithVPC','This rule checks for lambda which are associated with any VPC, if so then creates an issue.',null,'','version-1','',710383,{d '2017-10-26'},{d '2017-10-26'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Lambdacost_version-1','Lambdacost','AWS Lambda is cheap but is pay per use. An errant lambda function calling itself, cyclic lambda function calls bentween functions can result is huge bills. Any lambda functions that is going to exceed 25 dollars should be reviewed.','Review the code and design and inspect if there is any problem with the logic. If it known and expected behaviour please request for an exception.','','version-1','',1205352,{d '2017-09-15'},{d '2017-09-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_LowUtilizationAmazonEC2InstancesRule_version-1','LowUtilizationAmazonEC2InstancesRule','Checks the Amazon Elastic Compute Cloud (Amazon EC2) instances that were running at any time during the last 14 days and alerts you if the daily CPU utilization was 10% or less and network I/O was 5 MB or less on 4 or more days. Running instances generate hourly usage charges. Although some scenarios can result in low utilization by design, you can often lower your costs by managing the number and size of your instances. \nAn instance had 10% or less daily average CPU utilization and 5 MB or less network I/O on at least 4 of the previous 14 days','Consider stopping or terminating instances that have low utilization, or scale the number of instances by using Auto Scaling.','','version-1','',710383,{d '2018-03-12'},{d '2018-03-12'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Non-role-task-members_version-1','Non-role-task-members','Only roles can be a member of a task\nAny task group (t_*) that contains a memberof which is not a role (r_*)','','','version-1','',710383,{d '2018-05-23'},{d '2018-05-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_NonAdminAccountsWithIAMFullAccess_version-1','NonAdminAccountsWithIAMFullAccess','As per AWS policy management standards, only the role named ''Admin'' have access to IAM. No other AWS role is supposed have IAM access.','Remove the IAM privilleges from that role.','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_NonStandardRegionRule_version-1','NonStandardRegionRule','T-Mobile using resources some standard region (us-est/west). As part of this rule if the resource finds non-standard region it should report as violation.',null,null,'version-1',null,null,{d '2018-08-30'},{d '2018-08-30'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Onprem-asset-scanned-by-qualys-API_version-1','Onprem-asset-scanned-by-qualys-API','Onprem assets should be scanned by Qualys vulnerability assessment tool atleast once a month. It would be ideal to have the Qulays Cloud Agent installed on all the assets. This would eliminate the need to have manual external scans','','','version-1','',710383,{d '2018-05-14'},{d '2018-05-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RdsSnapshotWithPublicAccess_version-1','RdsSnapshotWithPublicAccess','A RDS snapshot may contain sensitive or customer information. No RDS snapshot should be made public from our accounts. There are very rare cases where this might be required. Those cases have to go through exception process. ','Make the snapshot private','','version-1','',710383,{d '2017-08-16'},{d '2017-08-16'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RedShiftPublicAccess_version-1','RedShiftPublicAccess','A Redshift snapshot may contain sensitive or customer information. No RDS snapshot should be made public from our accounts. There are very rare cases where this might be required. Those cases have to go through exception process. ','Make the snapshot private','','version-1','',710383,{d '2017-10-09'},{d '2017-10-09'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-complies-with-a-branching-strategy_version-1','Repository-complies-with-a-branching-strategy','This policy checks that repository in Bitbucket follows a matured branching strategy - \n1.Repository should either follow git flow workflow\n2.Or repository should follow trunck based workflow\n3. Or repository follws feature branch based workflow','Follow gitflow workflow branching strategy (https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow), Follow trunk or forking based branching strategy (https://www.atlassian.com/git/tutorials/comparing-workflows/forking-workflow), Follow feature branch based workflow (https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow)','','version-1','',710383,{d '2018-04-05'},{d '2018-04-05'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-complies-with-a-branching-strategy_version-2','Repository-complies-with-a-branching-strategy','This policy checks that repository in Bit-bucket follows a mature branching strategy \n1. Repository follows git flow workflow\n2. Or repository follows trunk based workflow \n3. Or repository follows feature branch based workflow','','','version-2','',1205352,{d '2018-06-14'},{d '2018-06-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-complies-with-trunk-based-strategy_version-1','Repository-complies-with-trunk-based-strategy','This policy checks that repository in Bitbucket follows trunk branching strategy\n\n1. Repository should only have a master branch\n2. Repository should only have Feature branches other than Master branch','If there are branches other than Feature, Merge and delete the branches, In future only create feature branches.','','version-1','',710383,{d '2018-04-05'},{d '2018-04-05'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-should-not-have-stale-branch_version-1','Repository-should-not-have-stale-branch','This policy checks if branches in a repository, other than master/develop/release are not active for more than two weeks','','','version-1','',1205352,{d '2018-04-06'},{d '2018-04-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Repository-should-not-have-stale-branch_version-2','Repository-should-not-have-stale-branch','This policy checks if branches, other than master/develop/release had a commit in the last two weeks','','','version-2','',1205352,{d '2018-05-23'},{d '2018-05-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RepositoryCompliesWithTruckBasedStrategy_version-1','RepositoryCompliesWithTruckBasedStrategy','Repository should only have a master branch','','','version-1','',710383,{d '2018-03-27'},{d '2018-03-27'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_RepositoryShouldNotHaveMoreBranches_version-1','RepositoryShouldNotHaveMoreBranches','Every Repository should not have more than branches at a time','','','version-1','',710383,{d '2018-03-27'},{d '2018-03-27'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Respository-Policy_version-1','Respository-Policy','This policy checks that repository in Bitbucket follows git flow branching strategy - \n1.Repo should have exactly 1 master branch\n2.Repo should have exactly 1 develop branch\n3.Repo should have branches prefixed with /hotfix, /release ,/feature, /bugfix ','Follow gitflow workflow branching strategy (https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow)','','version-1','',1205352,{d '2018-03-27'},{d '2018-03-27'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_S3-apptag-policy-by-Asif_version-1','S3-apptag-policy-by-Asif','S3-apptag-policy-by-Asif','','','version-1','',1205352,{d '2018-06-18'},{d '2018-06-18'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_S3BucketWithGlobalReadPermission_version-1','S3BucketWithGlobalReadPermission','Unprotected S3 buckets are one of the major causes for data theft and intrusions. Except for the S3 buckets used for hosting static website, none of the S3 buckets should be globally accessible for unauthenticated users or for Any AWS Authenticate Users.','S3 buckets should be protected by using the bucket ACL and bucket policies,If you want to share data via S3 buckets to other users,you could create pre-signed URLs which will be valid only for short duration.For all automation related work use the bucket policy and grant access to the required roles.','','version-1','',2689645,{d '2017-08-17'},{d '2017-08-17'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_S3BucketWithGlobalWritePermission_version-1','S3BucketWithGlobalWritePermission','AWS S3 buckets cannot be publicly accessed for WRITE actions in order to protect S3 data from unauthorized users. An S3 bucket that allows WRITE (UPLOAD/DELETE) access to everyone (i.e. anonymous users) can provide attackers the capability to add, delete and replace objects within the bucket, which can lead to S3 data loss or unintended changes to applications using that bucket or possibly a huge bill.','Make the S3 bucket private by applying ACLs or bucket policies','','version-1','',2689645,{d '2017-08-17'},{d '2017-08-17'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_SGWithAnywhereAccess_version-1','SGWithAnywhereAccess','It is best practice to allows required ip ranges and specific port in the security groups that will be used for securing EC2 instances in private subnets.','Edit the security groups and allow only specific IP ranges and ports','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_SSMAgentCheckRule_version-1','SSMAgentCheckRule','This rule checks if EC2 instance has SSM agent with pingstatus as Online, if not its an issue','','','version-1','',710383,{d '2018-05-26'},{d '2018-05-26'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ServiceLimitRule_version-1','ServiceLimitRule','All AWS service limits should be extended from time to time based on the growing needs. Cloudformation execution, Auotscalling or A,B deplymnet for production workloads may fail if the service limit is reached causing downtime. Proactively service limits should be extended when limit thresholds reach 75% or above','Open a case with AWS and increase the service limits','','version-1','',710383,{d '2017-10-17'},{d '2017-10-17'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_SgWithRdpPortHasGlobalAccess_version-1','SgWithRdpPortHasGlobalAccess','Global permission to access the well known services like RDP on port 3389 (Windows RDP) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_TaggingRule_version-1','TaggingRule','All AWS assets should be tagged with following mandatory tags. Application, Environment, Role and Stack. Assets without these mandatory tags will be marked as non-complaint. Below is an example for the tag value pairs.\n\nTag name: Application\nExample value: Rebellion\n\nNotes\nThis value for the application tag should be the approved application name give for the project during the cloud on-boarding process. Unknown applications will be marked for review and possible termination.\n\nTag name: Environment\nExample value: Production or Non Production or Non Production::qat1 or Non Production::dit1 (Refer Naming guide)\n\nNotes\nThe value for environment should distinguish the asset as a Production or Non Production class. You can further qualify Non Production assets using the :: separator. Look at the examples 3 and 4.\n\nTag name: Stack\nExample Value: Apache Httpd\n\nTag name: Role\nExample value: Webserver\n\n \nEach asset should at least have these 4 mandatory tags. You can have additional tags as well.','Add the mandatory tags to the assets,Follow the Cloud Asset Tagging guidelines.','','version-1','',710383,{d '2017-11-02'},{d '2017-11-02'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Underutilized-Amazon-EBS-Volumes_version-1','Underutilized-Amazon-EBS-Volumes','Checks Amazon Elastic Block Store (Amazon EBS) volume configurations and warns when volumes appear to be underused. Charges begin when a volume is created. If a volume remains unattached or has very low write activity (excluding boot volumes) for a period of time, the volume is probably not being used.\n\nAlert Criteria\nYellow: A volume is unattached or had less than 1 IOPS per day for the past 7 days.','Consider creating a snapshot and deleting the volume to reduce costs','','version-1','',710383,{d '2018-05-14'},{d '2018-05-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1','UnderutilizedAmazonRedshiftClustersRule','Checks your Amazon Redshift configuration for clusters that appear to be underutilized. If an Amazon Redshift cluster has not had a connection for a prolonged period of time or is using a low amount of CPU, you can use lower-cost options such as downsizing the cluster or shutting down the cluster and taking a final snapshot. Final snapshots are retained even after you delete your cluster\nAlert Criteria\nYellow: A running cluster has not had a connection in the last 7 days.\nYellow: A running cluster had less than 5% cluster-wide average CPU utilization for 99% of the last 7 days.','Consider shutting down the cluster and taking a final snapshot, or downsizing the cluster\n','','version-1','',710383,{d '2018-03-14'},{d '2018-03-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UntaggedOrUnusedEbsRule_version-1','UntaggedOrUnusedEbsRule','This rule checks the untagged or unused Ebs volume to avoid the cost',null,null,'version-1',null,null,{d '2018-08-21'},{d '2018-08-21'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_Unused-Security-group_version-1','Unused-Security-group','Cleaning up un-used security groups is best practice to keep the security groups upto date and relevant.','Delete the unused security groups','','version-1','',710383,{d '2017-10-09'},{d '2017-10-09'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedApplicationElbRule_version-1','UnusedApplicationElbRule','Un-used assets should be terminated promptly for obvious cost saving reasons','Terminate the ELB if it is no longer required','','version-1','',710383,{d '2017-09-28'},{d '2017-09-28'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedClassicElbRule_version-1','UnusedClassicElbRule','Un-used assets should be terminated promptly for obvious cost saving reasons','Terminate the ELB if it is no longer required','','version-1','',710383,{d '2017-09-28'},{d '2017-09-28'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedEBSRule_version-1','UnusedEBSRule','Un-used assets should be terminated promptly for obvious cost saving reasons','Delete the volume if it is no longer required','','version-1','',710383,{d '2017-10-13'},{d '2017-10-13'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_UnusedElasticIpRule_version-1','UnusedElasticIpRule','Checks for Elastic IP addresses (EIPs) that are not associated with a running Amazon Elastic Compute Cloud (Amazon EC2) instance. EIPs are static IP addresses designed for dynamic cloud computing. Unlike traditional static IP addresses, EIPs can mask the failure of an instance or Availability Zone by remapping a public IP address to another instance in your account. A nominal charge is imposed for an EIP that is not associated with a running instance.\n','Associate the EIP with a running active instance, or release the unassociated EIP','','version-1','',710383,{d '2018-02-01'},{d '2018-02-01'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_VpcFlowLogsEnabled_version-1','VpcFlowLogsEnabled','VPC flow logs provide vital information for debugging and forensic exercise in case of any incidents. These should be always enabled','Enable VPC flow logs','','version-1','',710383,{d '2017-08-11'},{d '2017-08-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_VpcFlowLogsEnabled_version-2','VpcFlowLogsEnabled','This rule checks the VPC flow log enabled for a given VPC id,account & region else its an issue',null,'','version-2','',20433,{d '2017-08-21'},{d '2017-08-21'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_apacheserver-public-access_version-1','apacheserver-public-access','This rule check EC2 private IP can be accessed with port 80 to the public',null,'','version-1','',1205352,{d '2017-08-15'},{d '2017-08-15'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-1','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-10','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-10','',333523,{d '2017-09-28'},{d '2017-09-28'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-11','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-11','',333523,{d '2017-09-29'},{d '2017-09-29'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-12','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-12','',333523,{d '2017-10-10'},{d '2017-10-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-13','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-13','',333523,{d '2017-10-13'},{d '2017-10-13'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-14','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-14','',333523,{d '2017-11-02'},{d '2017-11-02'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-2','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-2','',333523,{d '2017-08-16'},{d '2017-08-16'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-3','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-3','',333523,{d '2017-08-17'},{d '2017-08-17'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-4','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-4','',333523,{d '2017-08-23'},{d '2017-08-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-5','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-5','',333523,{d '2017-08-24'},{d '2017-08-24'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-6','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-6','',333523,{d '2017-08-28'},{d '2017-08-28'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-7','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-7','',333523,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-8','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-8','',333523,{d '2017-09-08'},{d '2017-09-08'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_applicationelb_version-9','applicationelb','This rule checks for Application ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-9','',333523,{d '2017-09-12'},{d '2017-09-12'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_certificate-expiry-policy_version-1','certificate-expiry-policy','All SSL certificates must be renewed before specified days of the expiry and installed in the corresponding system','Renew and install the certficate before the specified threshold','','version-1','',1205352,{d '2017-10-26'},{d '2017-10-26'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_classicelbmandatory_version-1','classicelbmandatory','This rule checks for Classic ELB mandatory tags maintained for given LB in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_cloud-kernel-compliance_version-1','cloud-kernel-compliance','All Linux servers in AWS cloud should be patched as per the quarterly patching criteria published for the entire organization','Patch the operating system as per the criteria defined for the current quarter','','version-1','',1205352,{d '2017-09-14'},{d '2017-09-14'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_dryrundemo_version-1','dryrundemo','Simple policy creation demo','','','version-1','',70245,{d '2018-01-12'},{d '2018-01-12'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ebsmandatorytags_version-1','ebsmandatorytags','This rule checks for EBS mandatory tags maintained for given volume in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ec2deperecatedinstancetype_version-1','ec2deperecatedinstancetype','Deprecated Ec2 instance types (Old generation instance types) should not be used. Using old generation instance types have cost implication, they are not covered in our RI purchase as well','Stop the instance and change the instance type to a newer generation one and start it','','version-1','',1205352,{d '2017-08-11'},{d '2017-08-11'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ec2mandatorytags_version-1','ec2mandatorytags','This rule checks for EC2 mandatory tags maintained for given instance in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_ec2publicaccesstoport9200_version-1','ec2publicaccesstoport9200','Global permission to access the well known services like TCP on Port 9200 (Elastic Search) should not be allowed.','Do not allow global access to well known ports of an EC2 instance directly (except for 80 and 443)','','version-1','',1205352,{d '2017-08-23'},{d '2017-08-23'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_es-access_version-1','es-access','This Rule check for EC2 private IP address is accessible internally.',null,'','version-1','',1205352,{d '2017-08-22'},{d '2017-08-22'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_esearch_version-1','esearch','This rule checks for elastic search accessible internally.',null,'','version-1','',1205352,{d '2017-08-22'},{d '2017-08-22'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_lambdamandatorytags_version-1','lambdamandatorytags','This rule checks for Lambda mandatory tags maintained for given function in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_onpremisekernelversion_version-1','onpremisekernelversion','This rule checks for the on-premise servers kernel version is compliant. If it is not compliant it will create an issue.',null,'','version-1','',1205352,{d '2017-08-16'},{d '2017-08-16'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_rdsdb_version-1','rdsdb','A publicly accessible database end-point would be vulnerable to bruteforce login attempts and subsequent data loss. Unauthorised access should be restircted to minimize security risks.','To restrict access to any publicly accessible RDS database instance you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.','','version-1','',1205352,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_s3mandatorytags_version-1','s3mandatorytags','This rule checks for S3 mandatory tags maintained for given bucket in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_serverless-rule_version-1','serverless-rule','Serverless rule',null,'','version-1','',20433,{d '2017-09-06'},{d '2017-09-06'}); +INSERT IGNORE INTO cf_Policy (policyId,policyName,policyDesc,resolution,policyUrl,policyVersion,status,userId,createdDate,modifiedDate) VALUES ('PacMan_sgmandatorytags_version-1','sgmandatorytags','This rule checks for Security Group mandatory tags maintained for given SG in AWS account. If any of the mandatory tags are missing it will create an issue.',null,'','version-1','',1205352,{d '2017-08-10'},{d '2017-08-10'}); /* Rule Initialisation */ - -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_VpcFlowLogsEnabled_version-1_VpcFlowLogsEnabled_vpc','aws_account_should_have_vpclogs_enabled','PacMan_VpcFlowLogsEnabled_version-1','VpcFlowLogsEnabled','vpc','aws','VpcFlowLogsEnabled','{"params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"check-for-vpc-flowlog-enabled","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_VpcFlowLogsEnabled_version-1_VpcFlowLogsEnabled_vpc","autofix":false,"alexaKeyword":"VpcFlowLogsEnabled","ruleRestUrl":"","targetType":"vpc","pac_ds":"aws","policyId":"PacMan_VpcFlowLogsEnabled_version-1","assetGroup":"aws","ruleUUID":"aws_account_should_have_vpclogs_enabled","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_account_should_have_vpclogs_enabled'),'ENABLED','ASGC','VPC flowlogs should be enabled for all VPCs',{d '2017-08-11'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Unused-Security-group_version-1_UnusedSecurityGroup_sg','aws_security_groups_should_not_be_unused','PacMan_Unused-Security-group_version-1','UnusedSecurityGroup','sg','aws','UnusedSecurityGroup','{"params":[{"encrypt":false,"value":"check-for-unused-security-group","key":"ruleKey"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":",","key":"splitterChar"},{"key":"fixKey","value":"unused-sg-auto-fix","isValueNew":true,"encrypt":false},{"key":"esServiceWithSgUrl","value":"/aws/ec2_secgroups/_search,/aws/rdsdb_secgroups/_search,/aws/rdscluster_secgroups/_search,/aws/redshift_secgroups/_search,/aws_lambda/lambda_secgroups/_search,/aws_appelb/appelb_secgroups/_search,/aws_classicelb/classicelb_secgroups/_search,/aws/elasticsearch/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_Unused-Security-group_version-1_UnusedSecurityGroup_sg","autofix":false,"alexaKeyword":"UnusedSecurityGroup","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_Unused-Security-group_version-1","assetGroup":"aws","ruleUUID":"aws_security_groups_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_security_groups_should_not_be_unused'),'ENABLED','ASGC','Security groups should not be in unused state',{d '2017-10-16'},{d '2018-12-18'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedElasticIpRule_version-1_UnusedElasticIpRule_elasticip','aws_elasticip_should_not_be_unused','PacMan_UnusedElasticIpRule_version-1','UnusedElasticIpRule','elasticip','aws-all','UnusedElasticIpRule','{"params":[{"encrypt":false,"value":"check-for-unused-elastic-ip","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"key":"esElasticIpUrl","value":"/aws_elasticip/elasticip/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_UnusedElasticIpRule_version-1_UnusedElasticIpRule_elasticip","autofix":false,"alexaKeyword":"UnusedElasticIpRule","ruleRestUrl":"","targetType":"elasticip","pac_ds":"aws","policyId":"PacMan_UnusedElasticIpRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticip_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticip_should_not_be_unused'),'ENABLED','ASGC','Elastic Ip''s should not be in unused state',{d '2018-02-01'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedEBSRule_version-1_UnusedEbsRule_volume','aws_ebs_volume_should_not_be_unused','PacMan_UnusedEBSRule_version-1','UnusedEbsRule','volume','aws','UnusedEBSRule','{"params":[{"encrypt":false,"value":"check-for-unused-ebs-rule","key":"ruleKey"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"key":"esEbsWithInstanceUrl","value":"/aws/volume_attachments/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_UnusedEBSRule_version-1_UnusedEbsRule_volume","autofix":false,"alexaKeyword":"UnusedEBSRule","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_UnusedEBSRule_version-1","assetGroup":"aws","ruleUUID":"aws_ebs_volume_should_not_be_unused","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ebs_volume_should_not_be_unused'),'ENABLED','ASGC','EBS volumes should not be in unused state',{d '2017-10-13'},{d '2018-11-12'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedClassicElbRule_version-1_UnusedClassicElbRule_classicelb','aws_classic_elb_should_not_be_unused','PacMan_UnusedClassicElbRule_version-1','UnusedClassicElbRule','classicelb','aws','UnusedClassicElbRule','{"params":[{"encrypt":false,"value":"check-for-unused-classic-elb","key":"ruleKey"},{"encrypt":false,"value":"true","key":"threadsafe"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"key":"esClassicElbWithInstanceUrl","value":"/aws/classicelb_instances/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"sdfsd","key":"sdf"}],"ruleId":"PacMan_UnusedClassicElbRule_version-1_UnusedClassicElbRule_classicelb","autofix":false,"alexaKeyword":"UnusedClassicElbRule","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_UnusedClassicElbRule_version-1","assetGroup":"aws","ruleUUID":"aws_classic_elb_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_not_be_unused'),'ENABLED','ASGC','Classic ELB should not be in unused state',{d '2017-09-28'},{d '2018-11-12'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedApplicationElbRule_version-1_UnusedApplicationElbRule_appelb','aws_app_elb_should_not_be_unused','PacMan_UnusedApplicationElbRule_version-1','UnusedApplicationElbRule','appelb','aws','UnusedApplicationElbRule','{"params":[{"encrypt":"false","value":"check-for-unused-application-elb","key":"ruleKey"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"key":"esAppElbWithInstanceUrl","value":"/aws/appelb_instances/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_UnusedApplicationElbRule_version-1_UnusedApplicationElbRule_appelb","autofix":false,"alexaKeyword":"UnusedApplicationElbRule","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_UnusedApplicationElbRule_version-1","assetGroup":"aws","ruleUUID":"aws_app_elb_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_app_elb_should_not_be_unused'),'ENABLED','ASGC','Application ELB should not be in unused state',{d '2017-09-28'},{d '2018-11-12'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UntaggedOrUnusedEbsRule_version-1_version-1_UntaggedOrUnusedEbsRule_volume','aws_ebs_volumes_should_not_be_tagged_and_under_utilized','PacMan_UntaggedOrUnusedEbsRule_version-1','UntaggedOrUnusedEbsRule','volume','aws-all','UntaggedOrUnusedEbsRule','{"params":[{"key":"ruleKey","value":"check-for-unused-or-untagged-ebs-rule","encrypt":false},{"key":"esEbsWithInstanceUrl","value":"/aws/volume_attachments/_search","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"severity","value":"high","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_UntaggedOrUnusedEbsRule_version-1_version-1_UntaggedOrUnusedEbsRule_volume","autofix":false,"alexaKeyword":"UntaggedOrUnusedEbsRule","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_UntaggedOrUnusedEbsRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_ebs_volumes_should_not_be_tagged_and_under_utilized","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ebs_volumes_should_not_be_tagged_and_under_utilized'),'ENABLED','ASGC','EBS volumes should not be in unused or untagged state',{d '2018-08-22'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1_UnderutilizedAmazonRedshiftClustersRule_redshift','aws_redshift_clusters_should_not_be_under_utilized','PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1','UnderutilizedAmazonRedshiftClustersRule','redshift','aws-all','UnderutilizedAmazonRedshiftClustersRule','{"params":[{"encrypt":false,"value":"check-for-under-utilized-amazon-redshift-clusters","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"G31sQ1E9U","key":"checkId"},{"isValueNew":true,"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1_UnderutilizedAmazonRedshiftClustersRule_redshift","autofix":false,"alexaKeyword":"UnderutilizedAmazonRedshiftClustersRule","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_redshift_clusters_should_not_be_under_utilized","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_clusters_should_not_be_under_utilized'),'ENABLED','ASGC','Amazon Redshift clusters should not be underutilized',{d '2018-03-14'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume','aws_ebs_volume_should_not_be_under_utilized','PacMan_Underutilized-Amazon-EBS-Volumes_version-1','Underutilized EBS Volumes','volume','aws-all','Underutilized Amazon EBS Volumes','{"params":[{"encrypt":false,"value":"check-for-underutilized-EBS-Volumes","key":"ruleKey"},{"encrypt":false,"value":"DAvU99Dc4C","key":"checkId"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume","autofix":false,"alexaKeyword":"Underutilized Amazon EBS Volumes","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_Underutilized-Amazon-EBS-Volumes_version-1","assetGroup":"aws-all","ruleUUID":"aws_ebs_volume_should_not_be_under_utilized","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ebs_volume_should_not_be_under_utilized'),'ENABLED','ASGC','Amazon EBS volumes should not be underutilized ',{d '2018-05-14'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_VpcTaggingRule_vpc','aws_vpc_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','VpcTaggingRule','vpc','aws','VpcTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_VpcTaggingRule_vpc","autofix":false,"alexaKeyword":"VpcTaggingRule","ruleRestUrl":"","targetType":"vpc","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_vpc_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_vpc_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','VPCs should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_VolumeTaggingRule_volume','aws_volume_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','VolumeTaggingRule','volume','aws','VolumeTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_VolumeTaggingRule_volume","autofix":false,"alexaKeyword":"VolumeTaggingRule","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_volume_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_volume_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EBS volumes should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_version-1_ElasticSearchTaggingRule_elasticsearch','aws_elasticsearch_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','ElasticSearchTaggingRule','elasticsearch','aws-all','ElasticSearchTaggingRule','{"params":[{"key":"ruleKey","value":"check-for-missing-mandatory-tags","encrypt":false},{"key":"splitterChar","value":",","encrypt":false},{"key":"severity","value":"high","encrypt":false},{"key":"mandatoryTags","value":"Application,Environment,Stack,Role","encrypt":false},{"key":"ruleCategory","value":"tagging","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_version-1_ElasticSearchTaggingRule_elasticsearch","autofix":false,"alexaKeyword":"ElasticSearchTaggingRule","ruleRestUrl":"","targetType":"elasticsearch","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticsearch_should_be_tagged_with_mandatory_tags","ruleType":"Manage Rule"}','0 0/12 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticsearch_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Elastic search resources should be tagged with mandatory tags ',{d '2018-08-29'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_SubnetTaggingRule_subnet','aws_subnet_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','SubnetTaggingRule','subnet','aws','SubnetTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_SubnetTaggingRule_subnet","autofix":false,"alexaKeyword":"SubnetTaggingRule","ruleRestUrl":"","targetType":"subnet","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_subnet_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_subnet_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Subnets should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_StackTaggingRule_stack','aws_stack_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','StackTaggingRule','stack','aws','StackTaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_StackTaggingRule_stack","autofix":false,"alexaKeyword":"StackTaggingRule","ruleRestUrl":"","targetType":"stack","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_stack_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_stack_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Cloud formation stacks should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot','aws_snapshot_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','SnapshotTaggingRule','snapshot','aws','SnapshotTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"true","key":"threadsafe"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot","autofix":false,"alexaKeyword":"SnapshotTaggingRule","ruleRestUrl":"","targetType":"snapshot","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_snapshot_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_snapshot_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EBS snapshots should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_SgTaggingRule_sg','aws_sg_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','SgTaggingRule','sg','aws','SgTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_SgTaggingRule_sg","autofix":false,"alexaKeyword":"SgTaggingRule","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_sg_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Security groups should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_S3TaggingRule_s3','aws_s3_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','S3TaggingRule','s3','aws','S3TaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_S3TaggingRule_s3","autofix":false,"alexaKeyword":"S3TaggingRule","ruleRestUrl":"","targetType":"s3","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_s3_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_s3_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','S3 should be tagged with mandatory tags',{d '2017-11-02'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_RedshiftTaggingRule_redshift','aws_redshift_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','RedshiftTaggingRule','redshift','aws','RedshiftTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_RedshiftTaggingRule_redshift","autofix":false,"alexaKeyword":"RedshiftTaggingRule","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_redshift_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Redshift should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_RdsdbTaggingRule_rdsdb','aws_rdsdb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','RdsdbTaggingRule','rdsdb','aws','RdsdbTaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_RdsdbTaggingRule_rdsdb","autofix":false,"alexaKeyword":"RdsdbTaggingRule","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_rdsdb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdsdb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','RDS database should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_LambdaTaggingRule_lambda','aws_lambda_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','LambdaTaggingRule','lambda','aws','LambdaTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_LambdaTaggingRule_lambda","autofix":false,"alexaKeyword":"LambdaTaggingRule","ruleRestUrl":"","targetType":"lambda","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_lambda_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_lambda_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Lambda functions should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_KmsTaggingRule_kms','aws_kms_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','KmsTaggingRule','kms','aws','KmsTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_KmsTaggingRule_kms","autofix":false,"alexaKeyword":"KmsTaggingRule","ruleRestUrl":"","targetType":"kms","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_kms_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_kms_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','AWS KMS should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_EmrTaggingRule_emr','aws_emr_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','EmrTaggingRule','emr','aws','EmrTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_EmrTaggingRule_emr","autofix":false,"alexaKeyword":"EmrTaggingRule","ruleRestUrl":"","targetType":"emr","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_emr_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_emr_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','AWS EMR should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_ElasticacheTaggingRule_elasticache','aws_elasticache_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','ElasticacheTaggingRule','elasticache','aws-all','ElasticacheTaggingRule','{"params":[{"key":"ruleKey","value":"check-for-missing-mandatory-tags","encrypt":false},{"key":"splitterChar","value":",","encrypt":false},{"key":"severity","value":"high","encrypt":false},{"key":"mandatoryTags","value":"Application,Environment,Stack,Role","encrypt":false},{"key":"ruleCategory","value":"tagging","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_ElasticacheTaggingRule_elasticache","autofix":false,"alexaKeyword":"ElasticacheTaggingRule","ruleRestUrl":"","targetType":"elasticache","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticache_should_be_tagged_with_mandatory_tags","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticache_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Elasticache should be tagged with mandatory tags ',{d '2018-09-10'},{d '2018-09-10'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_EfsTaggingRule_efs','aws_efs_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','EfsTaggingRule','efs','aws','EfsTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_EfsTaggingRule_efs","autofix":false,"alexaKeyword":"EfsTaggingRule","ruleRestUrl":"","targetType":"efs","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_efs_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_efs_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EFS should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_Ec2TaggingRule_ec2','aws_ec2_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','Ec2TaggingRule','ec2','aws','Ec2TaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_Ec2TaggingRule_ec2","autofix":false,"alexaKeyword":"Ec2TaggingRule","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EC2 instances should be tagged with mandatory tags ',{d '2017-11-02'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_DynamodbTaggingRule_dynamodb','aws_dynamodb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','DynamodbTaggingRule','dynamodb','aws','DynamodbTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_DynamodbTaggingRule_dynamodb","autofix":false,"alexaKeyword":"DynamodbTaggingRule","ruleRestUrl":"","targetType":"dynamodb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_dynamodb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_dynamodb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Dynamo db should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_CloudfrontTaggingRule_cloudfront','aws_cloudfront_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','CloudfrontTaggingRule','cloudfront','aws','CloudfrontTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_CloudfrontTaggingRule_cloudfront","autofix":false,"alexaKeyword":"CloudfrontTaggingRule","ruleRestUrl":"","targetType":"cloudfront","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_cloudfront_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_cloudfront_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Cloudfront should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_ClassicelbTaggingRule_classicelb','aws_classic_elb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','ClassicelbTaggingRule','classicelb','aws','ClassicelbTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_ClassicelbTaggingRule_classicelb","autofix":false,"alexaKeyword":"ClassicelbTaggingRule","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_classic_elb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Classic ELB should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_AsgTaggingRule_asg','aws_asg_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','AsgTaggingRule','asg','aws','AsgTaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_AsgTaggingRule_asg","autofix":false,"alexaKeyword":"AsgTaggingRule","ruleRestUrl":"","targetType":"asg","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_asg_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_asg_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Auto scaling groups should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_AppelbTaggingRule_appelb','aws_app_elb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','AppelbTaggingRule','appelb','aws','AppelbTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_AppelbTaggingRule_appelb","autofix":false,"alexaKeyword":"AppelbTaggingRule","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_app_elb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_app_elb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Application ELB should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_SQS_Public_Access_Rule_version-1_SQS_Public_access_rule_sqs','aws_sqs_should_not_have_public_access','PacMan_SQS_Public_Access_Rule_version-1','SQS_Public_access_rule','sqs','aws-all','sqs public access','{"params":[{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"ruleKey","value":"check-for-sqs-public-access","isValueNew":true,"encrypt":false},{"key":"threadsafe","value":"true","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_SQS_Public_Access_Rule_version-1_SQS_Public_access_rule_sqs","autofix":false,"alexaKeyword":"sqs public access","ruleRestUrl":"","targetType":"sqs","pac_ds":"aws","policyId":"PacMan_SQS_Public_Access_Rule_version-1","assetGroup":"aws-all","ruleUUID":"aws_sqs_should_not_have_public_access","ruleType":"Manage Rule"}','0 0/2 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sqs_should_not_have_public_access'),'ENABLED','ASGC','Non-White listed SQS resources should not be publicly accessible',{d '2018-11-10'},{d '2018-11-14'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_SGWithAnywhereAccess_version-1_SgWithSshPort22OpenToInternetAccess_sg','aws_sg_should_not_have_public_access_with_port22','PacMan_SGWithAnywhereAccess_version-1','SgWithSshPort22OpenToInternetAccess','sg','aws-all','SgWithSshPort22OpenToInternetAccess','{"params":[{"key":"ruleKey","value":"check-for-security-group-global-access","encrypt":false},{"key":"severity","value":"high","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","encrypt":false},{"key":"portToCheck","value":"22","encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_SGWithAnywhereAccess_version-1_SgWithSshPort22OpenToInternetAccess_sg","autofix":false,"alexaKeyword":"SgWithSshPort22OpenToInternetAccess","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_SGWithAnywhereAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_sg_should_not_have_public_access_with_port22","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_not_have_public_access_with_port22'),'ENABLED','ASGC','Security group with SSH port 22 should not be open to the internet',{d '2018-10-01'},{d '2018-11-02'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_SGWithAnywhereAccess_version-1_SgWithAnywhereAccess_sg','aws_sg_should_not_have_anywhere_access_with_anyport','PacMan_SGWithAnywhereAccess_version-1','SgWithAnywhereAccess','sg','aws','SgWithAnywhereAccess','{"params":[{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"workerThreadCount","value":"50","isValueNew":true,"encrypt":false},{"key":"portToCheck","value":"ANY","isValueNew":true,"encrypt":false},{"key":"ruleKey","value":"check-for-security-group-global-access","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_SGWithAnywhereAccess_version-1_SgWithAnywhereAccess_sg","autofix":false,"alexaKeyword":"SgWithAnywhereAccess","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_SGWithAnywhereAccess_version-1","assetGroup":"aws","ruleUUID":"aws_sg_should_not_have_anywhere_access_with_anyport","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_not_have_anywhere_access_with_anyport'),'ENABLED','ASGC','Unapproved security groups should not have inbound rule allowing 0.0.0.0/0 for any port.',{d '2017-08-11'},{d '2018-11-08'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ServiceLimitRule_version-1_ServiceLimitRule_account','aws_account_service_limit_rule','PacMan_ServiceLimitRule_version-1','ServiceLimitRule','account','aws','ServiceLimitRule','{"params":[{"encrypt":false,"value":"check-for-service-limit","key":"ruleKey"},{"encrypt":false,"value":"true","key":"threadsafe"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"medium","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"eW7HH0l7J9","key":"checkId"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ServiceLimitRule_version-1_ServiceLimitRule_account","autofix":false,"alexaKeyword":"ServiceLimitRule","ruleRestUrl":"","targetType":"account","pac_ds":"aws","policyId":"PacMan_ServiceLimitRule_version-1","assetGroup":"aws","ruleUUID":"aws_account_service_limit_rule","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_account_service_limit_rule'),'ENABLED','ASGC','AWS service limits should be upgraded to match growing needs',{d '2017-10-17'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_S3GlobalAccess_version-1_S3BucketShouldnotpubliclyaccessble_s3','aws_s3_should_not_be_publicly_accessible','PacMan_S3GlobalAccess_version-1','S3BucketShouldnotpubliclyaccessble','s3','aws-all','s3GlobalAccess','{"params":[{"key":"apiKeyValue","value":"***REMOVED***","encrypt":true},{"key":"apiKeyName","value":"R8JVrYZEmOdl65dBftXTFQ","encrypt":true},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","encrypt":false},{"key":"apiGWURL","value":"","encrypt":false},{"key":"ruleKey","value":"check-for-s3-global-access","isValueNew":true,"encrypt":false},{"key":"checkId","value":"Pfx0RwqBli","isValueNew":true,"encrypt":false},{"key":"roleIdentifyingString","value":"role/pac_ro","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"s3-global-access-fix","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_S3GlobalAccess_version-1_S3BucketShouldnotpubliclyaccessble_s3","autofix":false,"alexaKeyword":"s3GlobalAccess","ruleRestUrl":"","targetType":"s3","pac_ds":"aws","policyId":"PacMan_S3GlobalAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_s3_should_not_be_publicly_accessible","ruleType":"ManageRule"}','0 0/2 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_s3_should_not_be_publicly_accessible'),'ENABLED','ASGC','Non whitelisted S3 buckets should not be publicly accessible ',{d '2018-10-09'},{d '2018-12-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_RedShiftPublicAccess_version-1_RedShiftPublicAccess_redshift','aws_redshift_should_not_be_publicly_accessible','PacMan_RedShiftPublicAccess_version-1','RedShiftPublicAccess','redshift','aws','RedShift','{"params":[{"encrypt":false,"value":"check-for-redshift-public-access","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"critical","key":"severity"},{"key":"cidrIp","value":"0.0.0.0/0","isValueNew":true,"encrypt":false},{"key":"esRedshiftSgURL","value":"/aws/redshift_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"internetGateWay","value":"igw","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-redshift","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_RedShiftPublicAccess_version-1_RedShiftPublicAccess_redshift","autofix":false,"alexaKeyword":"RedShift","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_RedShiftPublicAccess_version-1","assetGroup":"aws","ruleUUID":"aws_redshift_should_not_be_publicly_accessible","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_should_not_be_publicly_accessible'),'ENABLED','ASGC','Redshift attached Security Group should not be publicly accessible',{d '2017-10-09'},{d '2018-12-10'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_RdsSnapshotWithPublicAccess_version-1_RdsSnapshotWithPublicAccess_rdssnapshot','aws_rdssnapshot_should_not_be_there_in_non_standard_region','PacMan_RdsSnapshotWithPublicAccess_version-1','RdsSnapshotWithPublicAccess','rdssnapshot','aws','RdsSnapshotWithPublicAccess','{"params":[{"encrypt":"false","value":"check-for-rds-snapshot-with-public-access","key":"ruleKey"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"rSs93HQwa1","key":"checkId"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_RdsSnapshotWithPublicAccess_version-1_RdsSnapshotWithPublicAccess_rdssnapshot","autofix":false,"alexaKeyword":"RdsSnapshotWithPublicAccess","ruleRestUrl":"","targetType":"rdssnapshot","pac_ds":"aws","policyId":"PacMan_RdsSnapshotWithPublicAccess_version-1","assetGroup":"aws","ruleUUID":"aws_rdssnapshot_should_not_be_there_in_non_standard_region","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdssnapshot_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','RDS snapshot should not be publicly accessible',{d '2017-08-31'},{d '2018-12-10'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_rdsdb_version-1_RdsDbPublicAccess_rdsdb','aws_rdsdb_should_not_be_publicly_accessible','PacMan_rdsdb_version-1','RdsDbPublicAccess','rdsdb','aws','rdsdb','{"params":[{"encrypt":false,"value":"check-for-rds-db-public-access","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"critical","key":"severity"},{"key":"cidrIp","value":"0.0.0.0/0","isValueNew":true,"encrypt":false},{"key":"esRdsDbSgUrl","value":"/aws/rdsdb_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"internetGateWay","value":"igw","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-rdsdb","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_rdsdb_version-1_RdsDbPublicAccess_rdsdb","autofix":false,"alexaKeyword":"rdsdb","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_rdsdb_version-1","assetGroup":"aws","ruleUUID":"aws_rdsdb_should_not_be_publicly_accessible","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdsdb_should_not_be_publicly_accessible'),'ENABLED','ASGC','RDS database endpoints should not be publicly accessible',{d '2017-10-09'},{d '2018-12-10'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_VpcWithNonStandardRule_vpc','aws_vpc_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','VpcWithNonStandardRule','vpc','aws-all','VpcWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_VpcWithNonStandardRule_vpc","autofix":false,"alexaKeyword":"VpcWithNonStandardRule","ruleRestUrl":"","targetType":"vpc","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_vpc_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_vpc_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','VPC resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_VolumeWithNonStandardRegion_volume','aws_volume_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','VolumeWithNonStandardRegion','volume','aws-all','VolumeWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_VolumeWithNonStandardRegion_volume","autofix":false,"alexaKeyword":"VolumeWithNonStandardRegion","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_volume_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_volume_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','EBS Volume should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SubnetWithNonStandardRegion_subnet','aws_subnet_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SubnetWithNonStandardRegion','subnet','aws-all','SubnetWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SubnetWithNonStandardRegion_subnet","autofix":false,"alexaKeyword":"SubnetWithNonStandardRegion","ruleRestUrl":"","targetType":"subnet","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_subnet_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_subnet_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Subnet should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_StackWithNonStandardRegion_stack','aws_stack_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','StackWithNonStandardRegion','stack','aws-all','StackWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_StackWithNonStandardRegion_stack","autofix":false,"alexaKeyword":"StackWithNonStandardRegion","ruleRestUrl":"","targetType":"stack","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_stack_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_stack_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Stack should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SnstopicWithNonStandardRegion_snstopic','aws_snstopic_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SnstopicWithNonStandardRegion','snstopic','aws-all','SnstopicWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SnstopicWithNonStandardRegion_snstopic","autofix":false,"alexaKeyword":"SnstopicWithNonStandardRegion","ruleRestUrl":"","targetType":"snstopic","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_snstopic_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_snstopic_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Snstopic should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SnapshotWithNonStandardRegion_snapshot','aws_snapshot_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SnapshotWithNonStandardRegion','snapshot','aws-all','SnapshotWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SnapshotWithNonStandardRegion_snapshot","autofix":false,"alexaKeyword":"SnapshotWithNonStandardRegion","ruleRestUrl":"","targetType":"snapshot","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_snapshot_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_snapshot_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Snapshot should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SgWithNonStandardRegion_sg','aws_sg_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SgWithNonStandardRegion','sg','aws-all','SgWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SgWithNonStandardRegion_sg","autofix":false,"alexaKeyword":"SgWithNonStandardRegion","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_sg_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Security group should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_S3WithNonStandardRegion_s3','aws_s3_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','S3WithNonStandardRegion','s3','aws-all','S3WithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_S3WithNonStandardRegion_s3","autofix":false,"alexaKeyword":"S3WithNonStandardRegion","ruleRestUrl":"","targetType":"s3","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_s3_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_s3_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','S3 should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_ResourceWithNonStandardRule_ec2','aws_ec2_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ResourceWithNonStandardRule','ec2','aws-all','Ec2WithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_ResourceWithNonStandardRule_ec2","autofix":false,"alexaKeyword":"Ec2WithNonStandardRegion","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_ec2_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','EC2 instance should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_RdsSnapshotWithNonStandardRegion_rdssnapshot','aws_rdssnapshot_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','RdsSnapshotWithNonStandardRegion','rdssnapshot','aws-all','RdsSnapshotWithNonStandardRegion','{"params":[{"key":"threadsafe","value":"true","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_RdsSnapshotWithNonStandardRegion_rdssnapshot","autofix":false,"alexaKeyword":"RdsSnapshotWithNonStandardRegion","ruleRestUrl":"","targetType":"rdssnapshot","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_rdssnapshot_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdssnapshot_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','RDS Snapshot should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_LaunchconfigWithNonStandardRegion_launchconfig','aws_launchconfig_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','LaunchconfigWithNonStandardRegion','launchconfig','aws-all','LaunchconfigWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_LaunchconfigWithNonStandardRegion_launchconfig","autofix":false,"alexaKeyword":"LaunchconfigWithNonStandardRegion","ruleRestUrl":"","targetType":"launchconfig","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_launchconfig_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_launchconfig_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Launchconfig should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_LambdaWithNonStandardRegion_lambda','aws_lambda_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','LambdaWithNonStandardRegion','lambda','aws-all','LambdaWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_LambdaWithNonStandardRegion_lambda","autofix":false,"alexaKeyword":"LambdaWithNonStandardRegion","ruleRestUrl":"","targetType":"lambda","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_lambda_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_lambda_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Lambda should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_ClassicelbWithNonStandardRegion_classicelb','aws_classicelb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ClassicelbWithNonStandardRegion','classicelb','aws-all','ClassicelbWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_ClassicelbWithNonStandardRegion_classicelb","autofix":false,"alexaKeyword":"ClassicelbWithNonStandardRegion","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_classicelb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classicelb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Classicelb should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_AsgWithNonStandardRegion_asg','aws_asg_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','AsgWithNonStandardRegion','asg','aws-all','AsgWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_AsgWithNonStandardRegion_asg","autofix":false,"alexaKeyword":"AsgWithNonStandardRegion","ruleRestUrl":"","targetType":"asg","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_asg_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_asg_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Asg should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_RedshiftWithNonStandardRule_redshift','aws_redshift_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','RedshiftWithNonStandardRule','redshift','aws-all','RedshiftWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_RedshiftWithNonStandardRule_redshift","autofix":false,"alexaKeyword":"RedshiftWithNonStandardRule","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_redshift_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Redshift resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_RdsdbWithNonStandardRule_rdsdb','aws_rdsdb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','RdsdbWithNonStandardRule','rdsdb','aws-all','RdsdbWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_RdsdbWithNonStandardRule_rdsdb","autofix":false,"alexaKeyword":"RdsdbWithNonStandardRule","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_rdsdb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdsdb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Rdsdb resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_KmsWithNonStandardRule_kms','aws_kms_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','KmsWithNonStandardRule','kms','aws-all','KmsWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_KmsWithNonStandardRule_kms","autofix":false,"alexaKeyword":"KmsWithNonStandardRule","ruleRestUrl":"","targetType":"kms","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_kms_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_kms_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','KMS resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_EniWithNonStandardRule_eni','aws_eni_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','EniWithNonStandardRule','eni','aws-all','EniWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_EniWithNonStandardRule_eni","autofix":false,"alexaKeyword":"EniWithNonStandardRule","ruleRestUrl":"","targetType":"eni","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_eni_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_eni_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Eni resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_EmrWithNonStandardRule_emr','aws_emr_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','EmrWithNonStandardRule','emr','aws-all','EmrWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_EmrWithNonStandardRule_emr","autofix":false,"alexaKeyword":"EmrWithNonStandardRule","ruleRestUrl":"","targetType":"emr","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_emr_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_emr_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Emr resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ElasticsearchWithNonStandardRule_elasticsearch','aws_elasticsearch_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ElasticsearchWithNonStandardRule','elasticsearch','aws-all','ElasticsearchWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ElasticsearchWithNonStandardRule_elasticsearch","autofix":false,"alexaKeyword":"ElasticsearchWithNonStandardRule","ruleRestUrl":"","targetType":"elasticsearch","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticsearch_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticsearch_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Elasticsearch resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ElasticipWithNonStandardRule_elasticip','aws_elasticip_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ElasticipWithNonStandardRule','elasticip','aws-all','ElasticipWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ElasticipWithNonStandardRule_elasticip","autofix":false,"alexaKeyword":"ElasticipWithNonStandardRule","ruleRestUrl":"","targetType":"elasticip","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticip_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticip_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Elasticip resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ElasticacheWithNonStandardRule_elasticache','aws_elasticahe_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ElasticacheWithNonStandardRule','elasticache','aws-all','ElasticacheWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ElasticacheWithNonStandardRule_elasticache","autofix":false,"alexaKeyword":"ElasticacheWithNonStandardRule","ruleRestUrl":"","targetType":"elasticache","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticahe_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticahe_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Elasticache resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_EfsWithNonStandardRule_efs','aws_efs_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','EfsWithNonStandardRule','efs','aws-all','EfsWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_EfsWithNonStandardRule_efs","autofix":false,"alexaKeyword":"EfsWithNonStandardRule","ruleRestUrl":"","targetType":"efs","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_efs_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_efs_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Efs resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_DynamodbWithNonStandardRule_dynamodb','aws_dynamodb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','DynamodbWithNonStandardRule','dynamodb','aws-all','DynamodbWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_DynamodbWithNonStandardRule_dynamodb","autofix":false,"alexaKeyword":"DynamodbWithNonStandardRule","ruleRestUrl":"","targetType":"dynamodb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_dynamodb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_dynamodb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Dynamodb should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_AppelbWithNonStandardRule_appelb','aws_app_elb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','AppelbWithNonStandardRule','appelb','aws-all','AppelbWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_AppelbWithNonStandardRule_appelb","autofix":false,"alexaKeyword":"AppelbWithNonStandardRule","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_app_elb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_app_elb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Appelb resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ApiWithNonStandardRule_api','aws_api_resource_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ApiWithNonStandardRule','api','aws-all','ApiWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ApiWithNonStandardRule_api","autofix":false,"alexaKeyword":"ApiWithNonStandardRule","ruleRestUrl":"","targetType":"api","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_api_resource_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_api_resource_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','API resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonAdminAccountsWithIAMFullAccess_version-1_IAMAccessGrantForNonAdminAccountRule_iamrole','aws_non_admin_iam_role_should_not_have_iam_full_access','PacMan_NonAdminAccountsWithIAMFullAccess_version-1','IAMAccessGrantForNonAdminAccountRule','iamrole','aws','IAMAccessGrantForNonAdminAccountRule','{"assetGroup":"aws","policyId":"PacMan_NonAdminAccountsWithIAMFullAccess_version-1","environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleUUID":"aws_non_admin_iam_role_should_not_have_iam_full_access","ruleType":"ManageRule","pac_ds":"aws","targetType":"iamrole","params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"Admin","key":"adminRolesToCompare"},{"encrypt":"false","value":"check-non-admin-accounts-for-iamfullccess","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"high","key":"severity"}],"ruleId":"PacMan_NonAdminAccountsWithIAMFullAccess_version-1_IAMAccessGrantForNonAdminAccountRule_iamrole","autofix":false,"alexaKeyword":"IAMAccessGrantForNonAdminAccountRule","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_non_admin_iam_role_should_not_have_iam_full_access'),'ENABLED','710383','Non Admin IAM roles should not have full IAM access',{d '2017-08-31'},{d '2018-02-09'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1_LambdaFunWithAdminOrIamPrivileges_lambda','aws_lambda_function_should_not_have_administrative_privilege','PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1','LambdaFunWithAdminOrIamPrivileges','lambda','aws-all','LambdaFunWithAdmin-OrIamPrivileges','{"params":[{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"check-for-lambda-fun-with-admin-or-IAM-privileges","key":"ruleKey"},{"encrypt":false,"value":"PacMan_NonAdminAccountsWithIAMFullAccess_version-1_IAMAccessGrantForNonAdminAccountRule_iamrole","key":"nonAdminAccntsWithIAMFullAccessRuleId"},{"key":"esNonAdminAccntsWithIAMFullAccessUrl","value":"/aws/issue_iamrole/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1_LambdaFunWithAdminOrIamPrivileges_lambda","autofix":false,"alexaKeyword":"LambdaFunWithAdmin-OrIamPrivileges","ruleRestUrl":"","targetType":"lambda","pac_ds":"aws","policyId":"PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1","assetGroup":"aws-all","ruleUUID":"aws_lambda_function_should_not_have_administrative_privilege","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_lambda_function_should_not_have_administrative_privilege'),'ENABLED','ASGC','Lambda functions should not have administrative permissions',{d '2018-02-15'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_IdleLoadBalancerRule_version-1_IdleLoadbalancerRule_classicelb','aws_classic_elb_should_not_be_in_idle_state','PacMan_IdleLoadBalancerRule_version-1','IdleLoadbalancerRule','classicelb','aws-all','IdleLoadBalancer','{"params":[{"encrypt":false,"value":"check-for-idle-load-balancers","key":"ruleKey"},{"encrypt":false,"value":"hjLMh88uM8","key":"checkId"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_IdleLoadBalancerRule_version-1_IdleLoadbalancerRule_classicelb","autofix":false,"alexaKeyword":"IdleLoadBalancer","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_IdleLoadBalancerRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_classic_elb_should_not_be_in_idle_state","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_not_be_in_idle_state'),'ENABLED','ASGC','Loadbalncer''s should not be idle ',{d '2018-02-25'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_IamPasswordPolicy_version-1_IamPasswordPolicy_account','aws_accounts_should_follow_iam_password_policy','PacMan_IamPasswordPolicy_version-1','IamPasswordPolicy','account','aws-all','IamPasswordPolicy','{"assetGroup":"aws-all","policyId":"PacMan_IamPasswordPolicy_version-1","environmentVariables":[],"ruleUUID":"aws_accounts_should_follow_iam_password_policy","ruleType":"ManageRule","pac_ds":"aws","targetType":"account","params":[{"encrypt":false,"value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":false,"value":"check-iam-password-policy","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"90","key":"maxPasswordAge"},{"encrypt":false,"value":"true","key":"requireSymbols"},{"encrypt":false,"value":"true","key":"requireNumbers"},{"encrypt":false,"value":"true","key":"requireUppercaseCharacters"},{"encrypt":false,"value":"true","key":"requireLowercaseCharacters"},{"encrypt":false,"value":"true","key":"allowUsersToChangePassword"},{"encrypt":false,"value":"true","key":"expirePasswords"},{"encrypt":false,"value":"false","key":"hardExpiry"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"14","key":"minPasswordLength"},{"encrypt":false,"value":"24","key":"lastPasswordsToRemember"},{"encrypt":false,"value":"iam-password-policy-fix","key":"fixKey"}],"ruleId":"PacMan_IamPasswordPolicy_version-1_IamPasswordPolicy_account","autofix":false,"alexaKeyword":"IamPasswordPolicy","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_accounts_should_follow_iam_password_policy'),'ENABLED','1205352','All AWS accounts should follow the IAM password policy',{d '2018-01-08'},{d '2018-06-29'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_IamAccessKeyRotatedInEvery90Days_version-1_IamAccessKeyRotatedInEvery90Days_iamuser','aws_iam_keys_should_be_rotated_every_target_period','PacMan_IamAccessKeyRotatedInEvery90Days_version-1','IamAccessKeyRotatedInEvery90Days','iamuser','aws','IamAccessKeyRotatedInEvery90Days','{"assetGroup":"aws","policyId":"PacMan_IamAccessKeyRotatedInEvery90Days_version-1","environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleUUID":"aws_iam_keys_should_be_rotated_every_target_period","ruleType":"ManageRule","pac_ds":"aws","targetType":"iamuser","params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"check-for-accesskeys-rotated-in-every-90-days","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"security","key":"ruleCategory"}],"ruleId":"PacMan_IamAccessKeyRotatedInEvery90Days_version-1_IamAccessKeyRotatedInEvery90Days_iamuser","autofix":false,"alexaKeyword":"IamAccessKeyRotatedInEvery90Days","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iam_keys_should_be_rotated_every_target_period'),'ENABLED','1205352','IAM accesskey must be rotated every 90 days',{d '2017-08-30'},{d '2018-01-05'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_GuardDutyFindingsExists_version-1_GuardDutyFindingsExists_ec2','aws_ec2_should_not_have_guardduty_findings','PacMan_GuardDutyFindingsExists_version-1','GuardDutyFindingsExists','ec2','aws-all','GuardDutyFindingsExists','{"params":[{"encrypt":false,"value":"check-guard-duty-findings-exists","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"key":"esGuardDutyUrl","value":"/guardduty/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_GuardDutyFindingsExists_version-1_GuardDutyFindingsExists_ec2","autofix":false,"alexaKeyword":"GuardDutyFindingsExists","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_GuardDutyFindingsExists_version-1","assetGroup":"aws-all","ruleUUID":"aws_ec2_should_not_have_guardduty_findings","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_have_guardduty_findings'),'ENABLED','ASGC','EC2 instance should not have guard duty findings',{d '2018-02-12'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ElbWithPublicAccess_version-1_ClassicElbWithPublicAccess_classicelb','aws_classic_elb_should_not_be_publicly_accessible','PacMan_ElbWithPublicAccess_version-1','ClassicElbWithPublicAccess','classicelb','aws-all','ClassicElbWithPublicAccess','{"params":[{"key":"ruleKey","value":"check-for-elb-public-access","encrypt":false},{"key":"internetGateWay","value":"igw","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","encrypt":false},{"key":"esElbWithSGUrl","value":"/aws/classicelb_secgroups/_search","encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-classicelb","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ElbWithPublicAccess_version-1_ClassicElbWithPublicAccess_classicelb","autofix":false,"alexaKeyword":"ClassicElbWithPublicAccess","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_ElbWithPublicAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_classic_elb_should_not_be_publicly_accessible","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_not_be_publicly_accessible'),'ENABLED','ASGC','ClassicELB should not be exposed to internet',{d '2018-10-12'},{d '2018-12-10'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ElbWithPublicAccess_version-1_ApplicationElbWithPublicAccess_appelb','aws_application_elb_should_not_be_publicly_accessible','PacMan_ElbWithPublicAccess_version-1','ApplicationElbWithPublicAccess','appelb','aws-all','ApplicationElbWithPublicAccess','{"params":[{"key":"ruleKey","value":"check-for-elb-public-access","encrypt":false},{"key":"internetGateWay","value":"igw","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","encrypt":false},{"key":"esElbWithSGUrl","value":"/aws/appelb_secgroups/_search","encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-appelb","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ElbWithPublicAccess_version-1_ApplicationElbWithPublicAccess_appelb","autofix":false,"alexaKeyword":"ApplicationElbWithPublicAccess","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_ElbWithPublicAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_application_elb_should_not_be_publicly_accessible","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_application_elb_should_not_be_publicly_accessible'),'ENABLED','ASGC','Application ELB should not be exposed to internet',{d '2018-10-11'},{d '2018-12-10'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ElasticSearchPublicAccess_version-1_ElasticSearchPublicAccessRule_elasticsearch','aws_elasticsearch_endpoint_should_not_be_publicly_accessible','PacMan_ElasticSearchPublicAccess_version-1','ElasticSearchPublicAccessRule','elasticsearch','aws-all','ElasticSearchPublicAccessRule','{"params":[{"key":"ruleKey","value":"check-for-elastic-search-public-access","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"internetGateWay","value":"igw","isValueNew":true,"encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-elasticsearch","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ElasticSearchPublicAccess_version-1_ElasticSearchPublicAccessRule_elasticsearch","autofix":false,"alexaKeyword":"ElasticSearchPublicAccessRule","ruleRestUrl":"","targetType":"elasticsearch","pac_ds":"aws","policyId":"PacMan_ElasticSearchPublicAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticsearch_endpoint_should_not_be_publicly_accessible","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticsearch_endpoint_should_not_be_publicly_accessible'),'ENABLED','ASGC','Elastic Search endpoint should not be open to internet',{d '2018-10-10'},{d '2018-12-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_EC2WithPublicIPAccess_version-1_Ec2WithPublicAccess_ec2','aws_ec2_should_not_be_publicly_accessible_with_any_port','PacMan_EC2WithPublicIPAccess_version-1','Ec2WithPublicAccess','ec2','aws','Ec2WithPublicAccess','{"params":[{"encrypt":"false","value":"igw","key":"internetGateWay"},{"encrypt":"false","value":"check-for-ec2-public-access","key":"ruleKey"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esEc2SgURL","value":"/aws/ec2_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esSubnetURL","value":"/aws_subnet/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"ec2-global-access-fix","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_EC2WithPublicIPAccess_version-1_Ec2WithPublicAccess_ec2","autofix":false,"alexaKeyword":"Ec2WithPublicAccess","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_EC2WithPublicIPAccess_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_publicly_accessible_with_any_port","ruleType":"ManageRule"}','0 0/2 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_publicly_accessible_with_any_port'),'ENABLED','ASGC','EC2 instances should not have any publicly accessible ports',{d '2017-08-18'},{d '2018-12-10'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_EC2WithPublicAccessSSHPort22_version-2_EC2WithPublicAccessForConfiguredPort22_ec2','aws_ec2_should_not_be_publicly_accessible_on_port22','PacMan_EC2WithPublicAccessSSHPort22_version-2','EC2WithPublicAccessForConfiguredPort22','ec2','aws','EC2WithPublicAccessForConfiguredPort22','{"params":[{"encrypt":false,"value":"igw","key":"internetGateWay"},{"encrypt":false,"value":"22","key":"portToCheck"},{"encrypt":false,"value":"check-for-ec2-with-public-access-for-configured-port","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esEc2SgURL","value":"/aws/ec2_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esSubnetURL","value":"/aws_subnet/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_EC2WithPublicAccessSSHPort22_version-2_EC2WithPublicAccessForConfiguredPort22_ec2","autofix":false,"alexaKeyword":"EC2WithPublicAccessForConfiguredPort22","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_EC2WithPublicAccessSSHPort22_version-2","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_publicly_accessible_on_port22","ruleType":"ManageRule"}','0 0/2 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_publicly_accessible_on_port22'),'ENABLED','ASGC','EC2 instances should not be publicly accessible on SSH port 22',{d '2017-08-23'},{d '2018-11-09'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Ec2WithPublicAccessNonWebPorts80_version-1_Ec2WithPublicAccessNonWebPort80_ec2','aws_ec2_should_not_be_publicly_accessible_on_port80','PacMan_Ec2WithPublicAccessNonWebPorts80_version-1','Ec2WithPublicAccessNonWebPort80','ec2','aws','Ec2WithPublicAccessNonWebPort80','{"params":[{"encrypt":"false","value":"igw","key":"internetGateWay"},{"encrypt":"false","value":"80","key":"portToCheck"},{"encrypt":"false","value":"check-for-ec2-with-public-access-for-configured-port","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esEc2SgURL","value":"/aws/ec2_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esSubnetURL","value":"/aws_subnet/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_Ec2WithPublicAccessNonWebPorts80_version-1_Ec2WithPublicAccessNonWebPort80_ec2","autofix":false,"alexaKeyword":"Ec2WithPublicAccessNonWebPort80","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_Ec2WithPublicAccessNonWebPorts80_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_publicly_accessible_on_port80","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_publicly_accessible_on_port80'),'ENABLED','ASGC','EC2 instances should not be publicly accessible on port 80 ',{d '2017-09-06'},{d '2018-09-28'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Ec2StoppedInstanceForLong_version-1_Ec2StoppedInstanceForLong_ec2','aws_ec2_should_not_be_stopped_state_for_too_long','PacMan_Ec2StoppedInstanceForLong_version-1','Ec2StoppedInstanceForLong','ec2','aws','Ec2StoppedInstanceForLong','{"params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"true","key":"threadsafe"},{"encrypt":"false","value":"check-for-stopped-instance-for-long","key":"ruleKey"},{"encrypt":false,"value":"90","key":"targetstoppedDuration"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_Ec2StoppedInstanceForLong_version-1_Ec2StoppedInstanceForLong_ec2","autofix":false,"alexaKeyword":"Ec2StoppedInstanceForLong","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_Ec2StoppedInstanceForLong_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_stopped_state_for_too_long","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_stopped_state_for_too_long'),'ENABLED','ASGC','EC2 instances should not be in stopped state for more than 60 days',{d '2017-08-29'},{d '2018-11-12'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ec2deperecatedinstancetype_version-1_ec2deprecatedinstancetype_ec2','aws_ec2_instances_should_not_use_deprecates_instance_types','PacMan_ec2deperecatedinstancetype_version-1','ec2deprecatedinstancetype','ec2','aws','ec2deprecatedinstancetype','{"params":[{"encrypt":false,"value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":false,"value":"m1,m2,t1,c1,c2","key":"deprecatedInstanceType"},{"encrypt":false,"value":"true","key":"threadsafe"},{"encrypt":false,"value":"check-for-deprecated-instance-type","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"medium","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"governance","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_ec2deperecatedinstancetype_version-1_ec2deprecatedinstancetype_ec2","autofix":false,"alexaKeyword":"ec2deprecatedinstancetype","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_ec2deperecatedinstancetype_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_instances_should_not_use_deprecates_instance_types","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_instances_should_not_use_deprecates_instance_types'),'ENABLED','ASGC','Deprecated EC2 instances types should not be used to launch instances',{d '2017-08-11'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_EbsSnapShot_version-1_EbsSnapShot_snapshot','aws_ec2_instances_should_not_use_deprecates_instance_types','PacMan_EbsSnapShot_version-1','EbsSnapShot','snapshot','aws','EbsSnapShot','{"params":[{"encrypt":false,"value":"check-for-ebs-snapshot-with-public-access","key":"ruleKey"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"ePs02jT06w","key":"checkId"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_EbsSnapShot_version-1_EbsSnapShot_snapshot","autofix":false,"alexaKeyword":"EbsSnapShot","ruleRestUrl":"","targetType":"snapshot","pac_ds":"aws","policyId":"PacMan_EbsSnapShot_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_instances_should_not_use_deprecates_instance_types","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_instances_should_not_use_deprecates_instance_types'),'ENABLED','ASGC','EBS snapshots should not be publicly accessible',{d '2017-08-16'},{d '2018-09-19'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_CheckInactiveIamUser_version-1_CheckInactiveIamUser_iamuser','aws_iam_users_should_not_be_inactive_for_than_target_period','PacMan_CheckInactiveIamUser_version-1','CheckInactiveIamUser','iamuser','aws-all','CheckInactiveIamUser','{"assetGroup":"aws-all","policyId":"PacMan_CheckInactiveIamUser_version-1","environmentVariables":[],"ruleUUID":"aws_iam_users_should_not_be_inactive_for_than_target_period","ruleType":"ManageRule","pac_ds":"aws","targetType":"iamuser","params":[{"encrypt":false,"value":"90","key":"pwdInactiveDuration"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"check-for-inactive-iam-users","key":"ruleKey"},{"encrypt":false,"value":"true","key":"threadsafe"}],"ruleId":"PacMan_CheckInactiveIamUser_version-1_CheckInactiveIamUser_iamuser","autofix":false,"alexaKeyword":"CheckInactiveIamUser","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iam_users_should_not_be_inactive_for_than_target_period'),'ENABLED','710383','IAM users should not be inactive for more than 90 days',{d '2018-02-13'},{d '2018-02-13'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1_CheckGuardDutyIsEnabledForAllAccount_account','aws_guardduty_should_be_enabled','PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1','CheckGuardDutyIsEnabledForAllAccount','account','aws-all','CheckGuardDutyIsEnabledForAllAccount','{"params":[{"encrypt":false,"value":"check-guard-duty-enabled-for-all-accounts","key":"ruleKey"},{"encrypt":false,"value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1_CheckGuardDutyIsEnabledForAllAccount_account","autofix":false,"alexaKeyword":"CheckGuardDutyIsEnabledForAllAccount","ruleRestUrl":"","targetType":"account","pac_ds":"aws","policyId":"PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1","assetGroup":"aws-all","ruleUUID":"aws_guardduty_should_be_enabled","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_guardduty_should_be_enabled'),'ENABLED','ASGC','AWS Guard Duty service should be enabled on all regions of all AWS accounts',{d '2018-01-19'},{d '2018-08-31'},null,null); -INSERT INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_AmazonRDSIdleDBInstancesRule_version-1_AmazonRDSIdleDBInstancesRule_rdsdb','aws_rds_instances_should_not_tbe_idle_state','PacMan_AmazonRDSIdleDBInstancesRule_version-1','AmazonRDSIdleDBInstancesRule','rdsdb','aws-all','AmazonRDSIdleDBInstancesRule','{"params":[{"encrypt":false,"value":"Ti39halfu8","key":"checkId"},{"encrypt":false,"value":"check-for-amazon-RDS-idle-DB-instances","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_AmazonRDSIdleDBInstancesRule_version-1_AmazonRDSIdleDBInstancesRule_rdsdb","autofix":false,"alexaKeyword":"AmazonRDSIdleDBInstancesRule","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_AmazonRDSIdleDBInstancesRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_rds_instances_should_not_tbe_idle_state","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rds_instances_should_not_tbe_idle_state'),'ENABLED','ASGC','Amazon RDS DB instances should not be idle',{d '2018-03-15'},{d '2018-09-19'},null,null); - + +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_VpcFlowLogsEnabled_version-1_VpcFlowLogsEnabled_vpc','aws_account_should_have_vpclogs_enabled','PacMan_VpcFlowLogsEnabled_version-1','VpcFlowLogsEnabled','vpc','aws','VpcFlowLogsEnabled','{"params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"check-for-vpc-flowlog-enabled","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_VpcFlowLogsEnabled_version-1_VpcFlowLogsEnabled_vpc","autofix":false,"alexaKeyword":"VpcFlowLogsEnabled","ruleRestUrl":"","targetType":"vpc","pac_ds":"aws","policyId":"PacMan_VpcFlowLogsEnabled_version-1","assetGroup":"aws","ruleUUID":"aws_account_should_have_vpclogs_enabled","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_account_should_have_vpclogs_enabled'),'ENABLED','ASGC','VPC flowlogs should be enabled for all VPCs',{d '2017-08-11'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Unused-Security-group_version-1_UnusedSecurityGroup_sg','aws_security_groups_should_not_be_unused','PacMan_Unused-Security-group_version-1','UnusedSecurityGroup','sg','aws','UnusedSecurityGroup','{"params":[{"encrypt":false,"value":"check-for-unused-security-group","key":"ruleKey"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":",","key":"splitterChar"},{"key":"fixKey","value":"unused-sg-auto-fix","isValueNew":true,"encrypt":false},{"key":"esServiceWithSgUrl","value":"/aws/ec2_secgroups/_search,/aws/rdsdb_secgroups/_search,/aws/rdscluster_secgroups/_search,/aws/redshift_secgroups/_search,/aws_lambda/lambda_secgroups/_search,/aws_appelb/appelb_secgroups/_search,/aws_classicelb/classicelb_secgroups/_search,/aws/elasticsearch/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_Unused-Security-group_version-1_UnusedSecurityGroup_sg","autofix":false,"alexaKeyword":"UnusedSecurityGroup","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_Unused-Security-group_version-1","assetGroup":"aws","ruleUUID":"aws_security_groups_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_security_groups_should_not_be_unused'),'ENABLED','ASGC','Security groups should not be in unused state',{d '2017-10-16'},{d '2018-12-18'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedElasticIpRule_version-1_UnusedElasticIpRule_elasticip','aws_elasticip_should_not_be_unused','PacMan_UnusedElasticIpRule_version-1','UnusedElasticIpRule','elasticip','aws-all','UnusedElasticIpRule','{"params":[{"encrypt":false,"value":"check-for-unused-elastic-ip","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"key":"esElasticIpUrl","value":"/aws_elasticip/elasticip/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_UnusedElasticIpRule_version-1_UnusedElasticIpRule_elasticip","autofix":false,"alexaKeyword":"UnusedElasticIpRule","ruleRestUrl":"","targetType":"elasticip","pac_ds":"aws","policyId":"PacMan_UnusedElasticIpRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticip_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticip_should_not_be_unused'),'ENABLED','ASGC','Elastic Ip''s should not be in unused state',{d '2018-02-01'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedEBSRule_version-1_UnusedEbsRule_volume','aws_ebs_volume_should_not_be_unused','PacMan_UnusedEBSRule_version-1','UnusedEbsRule','volume','aws','UnusedEBSRule','{"params":[{"encrypt":false,"value":"check-for-unused-ebs-rule","key":"ruleKey"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"key":"esEbsWithInstanceUrl","value":"/aws/volume_attachments/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_UnusedEBSRule_version-1_UnusedEbsRule_volume","autofix":false,"alexaKeyword":"UnusedEBSRule","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_UnusedEBSRule_version-1","assetGroup":"aws","ruleUUID":"aws_ebs_volume_should_not_be_unused","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ebs_volume_should_not_be_unused'),'ENABLED','ASGC','EBS volumes should not be in unused state',{d '2017-10-13'},{d '2018-11-12'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedClassicElbRule_version-1_UnusedClassicElbRule_classicelb','aws_classic_elb_should_not_be_unused','PacMan_UnusedClassicElbRule_version-1','UnusedClassicElbRule','classicelb','aws','UnusedClassicElbRule','{"params":[{"encrypt":false,"value":"check-for-unused-classic-elb","key":"ruleKey"},{"encrypt":false,"value":"true","key":"threadsafe"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"key":"esClassicElbWithInstanceUrl","value":"/aws/classicelb_instances/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"sdfsd","key":"sdf"}],"ruleId":"PacMan_UnusedClassicElbRule_version-1_UnusedClassicElbRule_classicelb","autofix":false,"alexaKeyword":"UnusedClassicElbRule","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_UnusedClassicElbRule_version-1","assetGroup":"aws","ruleUUID":"aws_classic_elb_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_not_be_unused'),'ENABLED','ASGC','Classic ELB should not be in unused state',{d '2017-09-28'},{d '2018-11-12'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnusedApplicationElbRule_version-1_UnusedApplicationElbRule_appelb','aws_app_elb_should_not_be_unused','PacMan_UnusedApplicationElbRule_version-1','UnusedApplicationElbRule','appelb','aws','UnusedApplicationElbRule','{"params":[{"encrypt":"false","value":"check-for-unused-application-elb","key":"ruleKey"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"},{"key":"esAppElbWithInstanceUrl","value":"/aws/appelb_instances/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_UnusedApplicationElbRule_version-1_UnusedApplicationElbRule_appelb","autofix":false,"alexaKeyword":"UnusedApplicationElbRule","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_UnusedApplicationElbRule_version-1","assetGroup":"aws","ruleUUID":"aws_app_elb_should_not_be_unused","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_app_elb_should_not_be_unused'),'ENABLED','ASGC','Application ELB should not be in unused state',{d '2017-09-28'},{d '2018-11-12'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UntaggedOrUnusedEbsRule_version-1_version-1_UntaggedOrUnusedEbsRule_volume','aws_ebs_volumes_should_not_be_tagged_and_under_utilized','PacMan_UntaggedOrUnusedEbsRule_version-1','UntaggedOrUnusedEbsRule','volume','aws-all','UntaggedOrUnusedEbsRule','{"params":[{"key":"ruleKey","value":"check-for-unused-or-untagged-ebs-rule","encrypt":false},{"key":"esEbsWithInstanceUrl","value":"/aws/volume_attachments/_search","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"severity","value":"high","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_UntaggedOrUnusedEbsRule_version-1_version-1_UntaggedOrUnusedEbsRule_volume","autofix":false,"alexaKeyword":"UntaggedOrUnusedEbsRule","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_UntaggedOrUnusedEbsRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_ebs_volumes_should_not_be_tagged_and_under_utilized","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ebs_volumes_should_not_be_tagged_and_under_utilized'),'ENABLED','ASGC','EBS volumes should not be in unused or untagged state',{d '2018-08-22'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1_UnderutilizedAmazonRedshiftClustersRule_redshift','aws_redshift_clusters_should_not_be_under_utilized','PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1','UnderutilizedAmazonRedshiftClustersRule','redshift','aws-all','UnderutilizedAmazonRedshiftClustersRule','{"params":[{"encrypt":false,"value":"check-for-under-utilized-amazon-redshift-clusters","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"G31sQ1E9U","key":"checkId"},{"isValueNew":true,"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1_UnderutilizedAmazonRedshiftClustersRule_redshift","autofix":false,"alexaKeyword":"UnderutilizedAmazonRedshiftClustersRule","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_UnderutilizedAmazonRedshiftClustersRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_redshift_clusters_should_not_be_under_utilized","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_clusters_should_not_be_under_utilized'),'ENABLED','ASGC','Amazon Redshift clusters should not be underutilized',{d '2018-03-14'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume','aws_ebs_volume_should_not_be_under_utilized','PacMan_Underutilized-Amazon-EBS-Volumes_version-1','Underutilized EBS Volumes','volume','aws-all','Underutilized Amazon EBS Volumes','{"params":[{"encrypt":false,"value":"check-for-underutilized-EBS-Volumes","key":"ruleKey"},{"encrypt":false,"value":"DAvU99Dc4C","key":"checkId"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume","autofix":false,"alexaKeyword":"Underutilized Amazon EBS Volumes","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_Underutilized-Amazon-EBS-Volumes_version-1","assetGroup":"aws-all","ruleUUID":"aws_ebs_volume_should_not_be_under_utilized","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ebs_volume_should_not_be_under_utilized'),'ENABLED','ASGC','Amazon EBS volumes should not be underutilized ',{d '2018-05-14'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_VpcTaggingRule_vpc','aws_vpc_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','VpcTaggingRule','vpc','aws','VpcTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_VpcTaggingRule_vpc","autofix":false,"alexaKeyword":"VpcTaggingRule","ruleRestUrl":"","targetType":"vpc","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_vpc_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_vpc_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','VPCs should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_VolumeTaggingRule_volume','aws_volume_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','VolumeTaggingRule','volume','aws','VolumeTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_VolumeTaggingRule_volume","autofix":false,"alexaKeyword":"VolumeTaggingRule","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_volume_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_volume_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EBS volumes should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_version-1_ElasticSearchTaggingRule_elasticsearch','aws_elasticsearch_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','ElasticSearchTaggingRule','elasticsearch','aws-all','ElasticSearchTaggingRule','{"params":[{"key":"ruleKey","value":"check-for-missing-mandatory-tags","encrypt":false},{"key":"splitterChar","value":",","encrypt":false},{"key":"severity","value":"high","encrypt":false},{"key":"mandatoryTags","value":"Application,Environment,Stack,Role","encrypt":false},{"key":"ruleCategory","value":"tagging","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_version-1_ElasticSearchTaggingRule_elasticsearch","autofix":false,"alexaKeyword":"ElasticSearchTaggingRule","ruleRestUrl":"","targetType":"elasticsearch","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticsearch_should_be_tagged_with_mandatory_tags","ruleType":"Manage Rule"}','0 0/12 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticsearch_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Elastic search resources should be tagged with mandatory tags ',{d '2018-08-29'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_SubnetTaggingRule_subnet','aws_subnet_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','SubnetTaggingRule','subnet','aws','SubnetTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_SubnetTaggingRule_subnet","autofix":false,"alexaKeyword":"SubnetTaggingRule","ruleRestUrl":"","targetType":"subnet","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_subnet_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_subnet_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Subnets should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_StackTaggingRule_stack','aws_stack_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','StackTaggingRule','stack','aws','StackTaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_StackTaggingRule_stack","autofix":false,"alexaKeyword":"StackTaggingRule","ruleRestUrl":"","targetType":"stack","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_stack_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_stack_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Cloud formation stacks should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot','aws_snapshot_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','SnapshotTaggingRule','snapshot','aws','SnapshotTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"true","key":"threadsafe"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot","autofix":false,"alexaKeyword":"SnapshotTaggingRule","ruleRestUrl":"","targetType":"snapshot","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_snapshot_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_snapshot_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EBS snapshots should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_SgTaggingRule_sg','aws_sg_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','SgTaggingRule','sg','aws','SgTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_SgTaggingRule_sg","autofix":false,"alexaKeyword":"SgTaggingRule","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_sg_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Security groups should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_S3TaggingRule_s3','aws_s3_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','S3TaggingRule','s3','aws','S3TaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_S3TaggingRule_s3","autofix":false,"alexaKeyword":"S3TaggingRule","ruleRestUrl":"","targetType":"s3","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_s3_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_s3_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','S3 should be tagged with mandatory tags',{d '2017-11-02'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_RedshiftTaggingRule_redshift','aws_redshift_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','RedshiftTaggingRule','redshift','aws','RedshiftTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_RedshiftTaggingRule_redshift","autofix":false,"alexaKeyword":"RedshiftTaggingRule","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_redshift_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Redshift should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_RdsdbTaggingRule_rdsdb','aws_rdsdb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','RdsdbTaggingRule','rdsdb','aws','RdsdbTaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_RdsdbTaggingRule_rdsdb","autofix":false,"alexaKeyword":"RdsdbTaggingRule","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_rdsdb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdsdb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','RDS database should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_LambdaTaggingRule_lambda','aws_lambda_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','LambdaTaggingRule','lambda','aws','LambdaTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_LambdaTaggingRule_lambda","autofix":false,"alexaKeyword":"LambdaTaggingRule","ruleRestUrl":"","targetType":"lambda","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_lambda_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_lambda_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Lambda functions should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_KmsTaggingRule_kms','aws_kms_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','KmsTaggingRule','kms','aws','KmsTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_KmsTaggingRule_kms","autofix":false,"alexaKeyword":"KmsTaggingRule","ruleRestUrl":"","targetType":"kms","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_kms_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_kms_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','AWS KMS should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_EmrTaggingRule_emr','aws_emr_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','EmrTaggingRule','emr','aws','EmrTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_EmrTaggingRule_emr","autofix":false,"alexaKeyword":"EmrTaggingRule","ruleRestUrl":"","targetType":"emr","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_emr_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_emr_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','AWS EMR should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_ElasticacheTaggingRule_elasticache','aws_elasticache_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','ElasticacheTaggingRule','elasticache','aws-all','ElasticacheTaggingRule','{"params":[{"key":"ruleKey","value":"check-for-missing-mandatory-tags","encrypt":false},{"key":"splitterChar","value":",","encrypt":false},{"key":"severity","value":"high","encrypt":false},{"key":"mandatoryTags","value":"Application,Environment,Stack,Role","encrypt":false},{"key":"ruleCategory","value":"tagging","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_ElasticacheTaggingRule_elasticache","autofix":false,"alexaKeyword":"ElasticacheTaggingRule","ruleRestUrl":"","targetType":"elasticache","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticache_should_be_tagged_with_mandatory_tags","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticache_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Elasticache should be tagged with mandatory tags ',{d '2018-09-10'},{d '2018-09-10'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_EfsTaggingRule_efs','aws_efs_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','EfsTaggingRule','efs','aws','EfsTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_EfsTaggingRule_efs","autofix":false,"alexaKeyword":"EfsTaggingRule","ruleRestUrl":"","targetType":"efs","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_efs_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_efs_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EFS should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_Ec2TaggingRule_ec2','aws_ec2_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','Ec2TaggingRule','ec2','aws','Ec2TaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_Ec2TaggingRule_ec2","autofix":false,"alexaKeyword":"Ec2TaggingRule","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','EC2 instances should be tagged with mandatory tags ',{d '2017-11-02'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_DynamodbTaggingRule_dynamodb','aws_dynamodb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','DynamodbTaggingRule','dynamodb','aws','DynamodbTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_DynamodbTaggingRule_dynamodb","autofix":false,"alexaKeyword":"DynamodbTaggingRule","ruleRestUrl":"","targetType":"dynamodb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_dynamodb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_dynamodb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Dynamo db should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_CloudfrontTaggingRule_cloudfront','aws_cloudfront_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','CloudfrontTaggingRule','cloudfront','aws','CloudfrontTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_CloudfrontTaggingRule_cloudfront","autofix":false,"alexaKeyword":"CloudfrontTaggingRule","ruleRestUrl":"","targetType":"cloudfront","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_cloudfront_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_cloudfront_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Cloudfront should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_ClassicelbTaggingRule_classicelb','aws_classic_elb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','ClassicelbTaggingRule','classicelb','aws','ClassicelbTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_ClassicelbTaggingRule_classicelb","autofix":false,"alexaKeyword":"ClassicelbTaggingRule","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_classic_elb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Classic ELB should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_AsgTaggingRule_asg','aws_asg_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','AsgTaggingRule','asg','aws','AsgTaggingRule','{"params":[{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_AsgTaggingRule_asg","autofix":false,"alexaKeyword":"AsgTaggingRule","ruleRestUrl":"","targetType":"asg","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_asg_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_asg_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Auto scaling groups should be tagged with mandatory tags ',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_TaggingRule_version-1_AppelbTaggingRule_appelb','aws_app_elb_should_be_tagged_with_mandatory_tags','PacMan_TaggingRule_version-1','AppelbTaggingRule','appelb','aws','AppelbTaggingRule','{"params":[{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"check-for-missing-mandatory-tags","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"encrypt":false,"value":"Application,Environment,Stack,Role","key":"mandatoryTags"},{"isValueNew":true,"encrypt":false,"value":"tagging","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_TaggingRule_version-1_AppelbTaggingRule_appelb","autofix":false,"alexaKeyword":"AppelbTaggingRule","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_TaggingRule_version-1","assetGroup":"aws","ruleUUID":"aws_app_elb_should_be_tagged_with_mandatory_tags","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_app_elb_should_be_tagged_with_mandatory_tags'),'ENABLED','ASGC','Application ELB should be tagged with mandatory tags',{d '2017-11-03'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_SQS_Public_Access_Rule_version-1_SQS_Public_access_rule_sqs','aws_sqs_should_not_have_public_access','PacMan_SQS_Public_Access_Rule_version-1','SQS_Public_access_rule','sqs','aws-all','sqs public access','{"params":[{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"ruleKey","value":"check-for-sqs-public-access","isValueNew":true,"encrypt":false},{"key":"threadsafe","value":"true","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_SQS_Public_Access_Rule_version-1_SQS_Public_access_rule_sqs","autofix":false,"alexaKeyword":"sqs public access","ruleRestUrl":"","targetType":"sqs","pac_ds":"aws","policyId":"PacMan_SQS_Public_Access_Rule_version-1","assetGroup":"aws-all","ruleUUID":"aws_sqs_should_not_have_public_access","ruleType":"Manage Rule"}','0 0/2 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sqs_should_not_have_public_access'),'ENABLED','ASGC','Non-White listed SQS resources should not be publicly accessible',{d '2018-11-10'},{d '2018-11-14'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_SGWithAnywhereAccess_version-1_SgWithSshPort22OpenToInternetAccess_sg','aws_sg_should_not_have_public_access_with_port22','PacMan_SGWithAnywhereAccess_version-1','SgWithSshPort22OpenToInternetAccess','sg','aws-all','SgWithSshPort22OpenToInternetAccess','{"params":[{"key":"ruleKey","value":"check-for-security-group-global-access","encrypt":false},{"key":"severity","value":"high","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","encrypt":false},{"key":"portToCheck","value":"22","encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_SGWithAnywhereAccess_version-1_SgWithSshPort22OpenToInternetAccess_sg","autofix":false,"alexaKeyword":"SgWithSshPort22OpenToInternetAccess","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_SGWithAnywhereAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_sg_should_not_have_public_access_with_port22","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_not_have_public_access_with_port22'),'ENABLED','ASGC','Security group with SSH port 22 should not be open to the internet',{d '2018-10-01'},{d '2018-11-02'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_SGWithAnywhereAccess_version-1_SgWithAnywhereAccess_sg','aws_sg_should_not_have_anywhere_access_with_anyport','PacMan_SGWithAnywhereAccess_version-1','SgWithAnywhereAccess','sg','aws','SgWithAnywhereAccess','{"params":[{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"workerThreadCount","value":"50","isValueNew":true,"encrypt":false},{"key":"portToCheck","value":"ANY","isValueNew":true,"encrypt":false},{"key":"ruleKey","value":"check-for-security-group-global-access","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_SGWithAnywhereAccess_version-1_SgWithAnywhereAccess_sg","autofix":false,"alexaKeyword":"SgWithAnywhereAccess","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_SGWithAnywhereAccess_version-1","assetGroup":"aws","ruleUUID":"aws_sg_should_not_have_anywhere_access_with_anyport","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_not_have_anywhere_access_with_anyport'),'ENABLED','ASGC','Unapproved security groups should not have inbound rule allowing 0.0.0.0/0 for any port.',{d '2017-08-11'},{d '2018-11-08'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ServiceLimitRule_version-1_ServiceLimitRule_account','aws_account_service_limit_rule','PacMan_ServiceLimitRule_version-1','ServiceLimitRule','account','aws','ServiceLimitRule','{"params":[{"encrypt":false,"value":"check-for-service-limit","key":"ruleKey"},{"encrypt":false,"value":"true","key":"threadsafe"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"medium","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"eW7HH0l7J9","key":"checkId"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ServiceLimitRule_version-1_ServiceLimitRule_account","autofix":false,"alexaKeyword":"ServiceLimitRule","ruleRestUrl":"","targetType":"account","pac_ds":"aws","policyId":"PacMan_ServiceLimitRule_version-1","assetGroup":"aws","ruleUUID":"aws_account_service_limit_rule","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_account_service_limit_rule'),'ENABLED','ASGC','AWS service limits should be upgraded to match growing needs',{d '2017-10-17'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_S3GlobalAccess_version-1_S3BucketShouldnotpubliclyaccessble_s3','aws_s3_should_not_be_publicly_accessible','PacMan_S3GlobalAccess_version-1','S3BucketShouldnotpubliclyaccessble','s3','aws-all','s3GlobalAccess','{"params":[{"key":"apiKeyValue","value":"***REMOVED***","encrypt":true},{"key":"apiKeyName","value":"R8JVrYZEmOdl65dBftXTFQ","encrypt":true},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","encrypt":false},{"key":"apiGWURL","value":"","encrypt":false},{"key":"ruleKey","value":"check-for-s3-global-access","isValueNew":true,"encrypt":false},{"key":"checkId","value":"Pfx0RwqBli","isValueNew":true,"encrypt":false},{"key":"roleIdentifyingString","value":"role/pac_ro","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"s3-global-access-fix","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_S3GlobalAccess_version-1_S3BucketShouldnotpubliclyaccessble_s3","autofix":false,"alexaKeyword":"s3GlobalAccess","ruleRestUrl":"","targetType":"s3","pac_ds":"aws","policyId":"PacMan_S3GlobalAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_s3_should_not_be_publicly_accessible","ruleType":"ManageRule"}','0 0/2 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_s3_should_not_be_publicly_accessible'),'ENABLED','ASGC','Non whitelisted S3 buckets should not be publicly accessible ',{d '2018-10-09'},{d '2018-12-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_RedShiftPublicAccess_version-1_RedShiftPublicAccess_redshift','aws_redshift_should_not_be_publicly_accessible','PacMan_RedShiftPublicAccess_version-1','RedShiftPublicAccess','redshift','aws','RedShift','{"params":[{"encrypt":false,"value":"check-for-redshift-public-access","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"critical","key":"severity"},{"key":"cidrIp","value":"0.0.0.0/0","isValueNew":true,"encrypt":false},{"key":"esRedshiftSgURL","value":"/aws/redshift_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"internetGateWay","value":"igw","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-redshift","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_RedShiftPublicAccess_version-1_RedShiftPublicAccess_redshift","autofix":false,"alexaKeyword":"RedShift","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_RedShiftPublicAccess_version-1","assetGroup":"aws","ruleUUID":"aws_redshift_should_not_be_publicly_accessible","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_should_not_be_publicly_accessible'),'ENABLED','ASGC','Redshift attached Security Group should not be publicly accessible',{d '2017-10-09'},{d '2018-12-10'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_RdsSnapshotWithPublicAccess_version-1_RdsSnapshotWithPublicAccess_rdssnapshot','aws_rdssnapshot_should_not_be_there_in_non_standard_region','PacMan_RdsSnapshotWithPublicAccess_version-1','RdsSnapshotWithPublicAccess','rdssnapshot','aws','RdsSnapshotWithPublicAccess','{"params":[{"encrypt":"false","value":"check-for-rds-snapshot-with-public-access","key":"ruleKey"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"rSs93HQwa1","key":"checkId"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_RdsSnapshotWithPublicAccess_version-1_RdsSnapshotWithPublicAccess_rdssnapshot","autofix":false,"alexaKeyword":"RdsSnapshotWithPublicAccess","ruleRestUrl":"","targetType":"rdssnapshot","pac_ds":"aws","policyId":"PacMan_RdsSnapshotWithPublicAccess_version-1","assetGroup":"aws","ruleUUID":"aws_rdssnapshot_should_not_be_there_in_non_standard_region","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdssnapshot_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','RDS snapshot should not be publicly accessible',{d '2017-08-31'},{d '2018-12-10'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_rdsdb_version-1_RdsDbPublicAccess_rdsdb','aws_rdsdb_should_not_be_publicly_accessible','PacMan_rdsdb_version-1','RdsDbPublicAccess','rdsdb','aws','rdsdb','{"params":[{"encrypt":false,"value":"check-for-rds-db-public-access","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"critical","key":"severity"},{"key":"cidrIp","value":"0.0.0.0/0","isValueNew":true,"encrypt":false},{"key":"esRdsDbSgUrl","value":"/aws/rdsdb_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"internetGateWay","value":"igw","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-rdsdb","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_rdsdb_version-1_RdsDbPublicAccess_rdsdb","autofix":false,"alexaKeyword":"rdsdb","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_rdsdb_version-1","assetGroup":"aws","ruleUUID":"aws_rdsdb_should_not_be_publicly_accessible","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdsdb_should_not_be_publicly_accessible'),'ENABLED','ASGC','RDS database endpoints should not be publicly accessible',{d '2017-10-09'},{d '2018-12-10'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_VpcWithNonStandardRule_vpc','aws_vpc_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','VpcWithNonStandardRule','vpc','aws-all','VpcWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_VpcWithNonStandardRule_vpc","autofix":false,"alexaKeyword":"VpcWithNonStandardRule","ruleRestUrl":"","targetType":"vpc","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_vpc_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_vpc_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','VPC resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_VolumeWithNonStandardRegion_volume','aws_volume_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','VolumeWithNonStandardRegion','volume','aws-all','VolumeWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_VolumeWithNonStandardRegion_volume","autofix":false,"alexaKeyword":"VolumeWithNonStandardRegion","ruleRestUrl":"","targetType":"volume","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_volume_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_volume_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','EBS Volume should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SubnetWithNonStandardRegion_subnet','aws_subnet_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SubnetWithNonStandardRegion','subnet','aws-all','SubnetWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SubnetWithNonStandardRegion_subnet","autofix":false,"alexaKeyword":"SubnetWithNonStandardRegion","ruleRestUrl":"","targetType":"subnet","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_subnet_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_subnet_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Subnet should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_StackWithNonStandardRegion_stack','aws_stack_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','StackWithNonStandardRegion','stack','aws-all','StackWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_StackWithNonStandardRegion_stack","autofix":false,"alexaKeyword":"StackWithNonStandardRegion","ruleRestUrl":"","targetType":"stack","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_stack_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_stack_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Stack should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SnstopicWithNonStandardRegion_snstopic','aws_snstopic_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SnstopicWithNonStandardRegion','snstopic','aws-all','SnstopicWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SnstopicWithNonStandardRegion_snstopic","autofix":false,"alexaKeyword":"SnstopicWithNonStandardRegion","ruleRestUrl":"","targetType":"snstopic","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_snstopic_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_snstopic_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Snstopic should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SnapshotWithNonStandardRegion_snapshot','aws_snapshot_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SnapshotWithNonStandardRegion','snapshot','aws-all','SnapshotWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SnapshotWithNonStandardRegion_snapshot","autofix":false,"alexaKeyword":"SnapshotWithNonStandardRegion","ruleRestUrl":"","targetType":"snapshot","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_snapshot_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_snapshot_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Snapshot should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_SgWithNonStandardRegion_sg','aws_sg_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','SgWithNonStandardRegion','sg','aws-all','SgWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_SgWithNonStandardRegion_sg","autofix":false,"alexaKeyword":"SgWithNonStandardRegion","ruleRestUrl":"","targetType":"sg","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_sg_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_sg_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Security group should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_S3WithNonStandardRegion_s3','aws_s3_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','S3WithNonStandardRegion','s3','aws-all','S3WithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_S3WithNonStandardRegion_s3","autofix":false,"alexaKeyword":"S3WithNonStandardRegion","ruleRestUrl":"","targetType":"s3","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_s3_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_s3_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','S3 should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_ResourceWithNonStandardRule_ec2','aws_ec2_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ResourceWithNonStandardRule','ec2','aws-all','Ec2WithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_ResourceWithNonStandardRule_ec2","autofix":false,"alexaKeyword":"Ec2WithNonStandardRegion","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_ec2_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','EC2 instance should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_RdsSnapshotWithNonStandardRegion_rdssnapshot','aws_rdssnapshot_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','RdsSnapshotWithNonStandardRegion','rdssnapshot','aws-all','RdsSnapshotWithNonStandardRegion','{"params":[{"key":"threadsafe","value":"true","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_RdsSnapshotWithNonStandardRegion_rdssnapshot","autofix":false,"alexaKeyword":"RdsSnapshotWithNonStandardRegion","ruleRestUrl":"","targetType":"rdssnapshot","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_rdssnapshot_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdssnapshot_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','RDS Snapshot should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_LaunchconfigWithNonStandardRegion_launchconfig','aws_launchconfig_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','LaunchconfigWithNonStandardRegion','launchconfig','aws-all','LaunchconfigWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_LaunchconfigWithNonStandardRegion_launchconfig","autofix":false,"alexaKeyword":"LaunchconfigWithNonStandardRegion","ruleRestUrl":"","targetType":"launchconfig","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_launchconfig_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_launchconfig_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Launchconfig should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_LambdaWithNonStandardRegion_lambda','aws_lambda_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','LambdaWithNonStandardRegion','lambda','aws-all','LambdaWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_LambdaWithNonStandardRegion_lambda","autofix":false,"alexaKeyword":"LambdaWithNonStandardRegion","ruleRestUrl":"","targetType":"lambda","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_lambda_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_lambda_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Lambda should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_ClassicelbWithNonStandardRegion_classicelb','aws_classicelb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ClassicelbWithNonStandardRegion','classicelb','aws-all','ClassicelbWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_ClassicelbWithNonStandardRegion_classicelb","autofix":false,"alexaKeyword":"ClassicelbWithNonStandardRegion","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_classicelb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classicelb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Classicelb should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_version-1_AsgWithNonStandardRegion_asg','aws_asg_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','AsgWithNonStandardRegion','asg','aws-all','AsgWithNonStandardRegion','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_version-1_AsgWithNonStandardRegion_asg","autofix":false,"alexaKeyword":"AsgWithNonStandardRegion","ruleRestUrl":"","targetType":"asg","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_asg_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_asg_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Asg should have standard region',{d '2018-08-30'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_RedshiftWithNonStandardRule_redshift','aws_redshift_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','RedshiftWithNonStandardRule','redshift','aws-all','RedshiftWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_RedshiftWithNonStandardRule_redshift","autofix":false,"alexaKeyword":"RedshiftWithNonStandardRule","ruleRestUrl":"","targetType":"redshift","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_redshift_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_redshift_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Redshift resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_RdsdbWithNonStandardRule_rdsdb','aws_rdsdb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','RdsdbWithNonStandardRule','rdsdb','aws-all','RdsdbWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_RdsdbWithNonStandardRule_rdsdb","autofix":false,"alexaKeyword":"RdsdbWithNonStandardRule","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_rdsdb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rdsdb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Rdsdb resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_KmsWithNonStandardRule_kms','aws_kms_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','KmsWithNonStandardRule','kms','aws-all','KmsWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_KmsWithNonStandardRule_kms","autofix":false,"alexaKeyword":"KmsWithNonStandardRule","ruleRestUrl":"","targetType":"kms","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_kms_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_kms_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','KMS resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_EniWithNonStandardRule_eni','aws_eni_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','EniWithNonStandardRule','eni','aws-all','EniWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_EniWithNonStandardRule_eni","autofix":false,"alexaKeyword":"EniWithNonStandardRule","ruleRestUrl":"","targetType":"eni","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_eni_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_eni_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Eni resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_EmrWithNonStandardRule_emr','aws_emr_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','EmrWithNonStandardRule','emr','aws-all','EmrWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_EmrWithNonStandardRule_emr","autofix":false,"alexaKeyword":"EmrWithNonStandardRule","ruleRestUrl":"","targetType":"emr","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_emr_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_emr_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Emr resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ElasticsearchWithNonStandardRule_elasticsearch','aws_elasticsearch_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ElasticsearchWithNonStandardRule','elasticsearch','aws-all','ElasticsearchWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ElasticsearchWithNonStandardRule_elasticsearch","autofix":false,"alexaKeyword":"ElasticsearchWithNonStandardRule","ruleRestUrl":"","targetType":"elasticsearch","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticsearch_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticsearch_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Elasticsearch resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ElasticipWithNonStandardRule_elasticip','aws_elasticip_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ElasticipWithNonStandardRule','elasticip','aws-all','ElasticipWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ElasticipWithNonStandardRule_elasticip","autofix":false,"alexaKeyword":"ElasticipWithNonStandardRule","ruleRestUrl":"","targetType":"elasticip","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticip_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticip_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Elasticip resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ElasticacheWithNonStandardRule_elasticache','aws_elasticahe_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ElasticacheWithNonStandardRule','elasticache','aws-all','ElasticacheWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ElasticacheWithNonStandardRule_elasticache","autofix":false,"alexaKeyword":"ElasticacheWithNonStandardRule","ruleRestUrl":"","targetType":"elasticache","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticahe_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticahe_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Elasticache resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_EfsWithNonStandardRule_efs','aws_efs_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','EfsWithNonStandardRule','efs','aws-all','EfsWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_EfsWithNonStandardRule_efs","autofix":false,"alexaKeyword":"EfsWithNonStandardRule","ruleRestUrl":"","targetType":"efs","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_efs_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_efs_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Efs resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_DynamodbWithNonStandardRule_dynamodb','aws_dynamodb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','DynamodbWithNonStandardRule','dynamodb','aws-all','DynamodbWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_DynamodbWithNonStandardRule_dynamodb","autofix":false,"alexaKeyword":"DynamodbWithNonStandardRule","ruleRestUrl":"","targetType":"dynamodb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_dynamodb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_dynamodb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Dynamodb should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_AppelbWithNonStandardRule_appelb','aws_app_elb_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','AppelbWithNonStandardRule','appelb','aws-all','AppelbWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_AppelbWithNonStandardRule_appelb","autofix":false,"alexaKeyword":"AppelbWithNonStandardRule","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_app_elb_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_app_elb_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','Appelb resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonStandardRegionRule_version-1_ApiWithNonStandardRule_api','aws_api_resource_should_not_be_there_in_non_standard_region','PacMan_NonStandardRegionRule_version-1','ApiWithNonStandardRule','api','aws-all','ApiWithNonStandardRule','{"params":[{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"check-for-non-standard-region-rule","encrypt":false},{"key":"severity","value":"low","encrypt":false},{"key":"ruleCategory","value":"governance","encrypt":false},{"key":"standardRegions","value":"us-west-2,us-east-1,us-east-2,us-west-1","encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_NonStandardRegionRule_version-1_ApiWithNonStandardRule_api","autofix":false,"alexaKeyword":"ApiWithNonStandardRule","ruleRestUrl":"","targetType":"api","pac_ds":"aws","policyId":"PacMan_NonStandardRegionRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_api_resource_should_not_be_there_in_non_standard_region","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_api_resource_should_not_be_there_in_non_standard_region'),'ENABLED','ASGC','API resource should have standard region',{d '2018-10-03'},{d '2018-10-03'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_NonAdminAccountsWithIAMFullAccess_version-1_IAMAccessGrantForNonAdminAccountRule_iamrole','aws_non_admin_iam_role_should_not_have_iam_full_access','PacMan_NonAdminAccountsWithIAMFullAccess_version-1','IAMAccessGrantForNonAdminAccountRule','iamrole','aws','IAMAccessGrantForNonAdminAccountRule','{"assetGroup":"aws","policyId":"PacMan_NonAdminAccountsWithIAMFullAccess_version-1","environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleUUID":"aws_non_admin_iam_role_should_not_have_iam_full_access","ruleType":"ManageRule","pac_ds":"aws","targetType":"iamrole","params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"Admin","key":"adminRolesToCompare"},{"encrypt":"false","value":"check-non-admin-accounts-for-iamfullccess","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"high","key":"severity"}],"ruleId":"PacMan_NonAdminAccountsWithIAMFullAccess_version-1_IAMAccessGrantForNonAdminAccountRule_iamrole","autofix":false,"alexaKeyword":"IAMAccessGrantForNonAdminAccountRule","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_non_admin_iam_role_should_not_have_iam_full_access'),'ENABLED','710383','Non Admin IAM roles should not have full IAM access',{d '2017-08-31'},{d '2018-02-09'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1_LambdaFunWithAdminOrIamPrivileges_lambda','aws_lambda_function_should_not_have_administrative_privilege','PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1','LambdaFunWithAdminOrIamPrivileges','lambda','aws-all','LambdaFunWithAdmin-OrIamPrivileges','{"params":[{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"check-for-lambda-fun-with-admin-or-IAM-privileges","key":"ruleKey"},{"encrypt":false,"value":"PacMan_NonAdminAccountsWithIAMFullAccess_version-1_IAMAccessGrantForNonAdminAccountRule_iamrole","key":"nonAdminAccntsWithIAMFullAccessRuleId"},{"key":"esNonAdminAccntsWithIAMFullAccessUrl","value":"/aws/issue_iamrole/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1_LambdaFunWithAdminOrIamPrivileges_lambda","autofix":false,"alexaKeyword":"LambdaFunWithAdmin-OrIamPrivileges","ruleRestUrl":"","targetType":"lambda","pac_ds":"aws","policyId":"PacMan_LambdaFunWithAdmin-OrIamPrivileges_version-1","assetGroup":"aws-all","ruleUUID":"aws_lambda_function_should_not_have_administrative_privilege","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_lambda_function_should_not_have_administrative_privilege'),'ENABLED','ASGC','Lambda functions should not have administrative permissions',{d '2018-02-15'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_IdleLoadBalancerRule_version-1_IdleLoadbalancerRule_classicelb','aws_classic_elb_should_not_be_in_idle_state','PacMan_IdleLoadBalancerRule_version-1','IdleLoadbalancerRule','classicelb','aws-all','IdleLoadBalancer','{"params":[{"encrypt":false,"value":"check-for-idle-load-balancers","key":"ruleKey"},{"encrypt":false,"value":"hjLMh88uM8","key":"checkId"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_IdleLoadBalancerRule_version-1_IdleLoadbalancerRule_classicelb","autofix":false,"alexaKeyword":"IdleLoadBalancer","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_IdleLoadBalancerRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_classic_elb_should_not_be_in_idle_state","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_not_be_in_idle_state'),'ENABLED','ASGC','Loadbalncer''s should not be idle ',{d '2018-02-25'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_IamPasswordPolicy_version-1_IamPasswordPolicy_account','aws_accounts_should_follow_iam_password_policy','PacMan_IamPasswordPolicy_version-1','IamPasswordPolicy','account','aws-all','IamPasswordPolicy','{"assetGroup":"aws-all","policyId":"PacMan_IamPasswordPolicy_version-1","environmentVariables":[],"ruleUUID":"aws_accounts_should_follow_iam_password_policy","ruleType":"ManageRule","pac_ds":"aws","targetType":"account","params":[{"encrypt":false,"value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":false,"value":"check-iam-password-policy","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"90","key":"maxPasswordAge"},{"encrypt":false,"value":"true","key":"requireSymbols"},{"encrypt":false,"value":"true","key":"requireNumbers"},{"encrypt":false,"value":"true","key":"requireUppercaseCharacters"},{"encrypt":false,"value":"true","key":"requireLowercaseCharacters"},{"encrypt":false,"value":"true","key":"allowUsersToChangePassword"},{"encrypt":false,"value":"true","key":"expirePasswords"},{"encrypt":false,"value":"false","key":"hardExpiry"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"14","key":"minPasswordLength"},{"encrypt":false,"value":"24","key":"lastPasswordsToRemember"},{"encrypt":false,"value":"iam-password-policy-fix","key":"fixKey"}],"ruleId":"PacMan_IamPasswordPolicy_version-1_IamPasswordPolicy_account","autofix":false,"alexaKeyword":"IamPasswordPolicy","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_accounts_should_follow_iam_password_policy'),'ENABLED','1205352','All AWS accounts should follow the IAM password policy',{d '2018-01-08'},{d '2018-06-29'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_IamAccessKeyRotatedInEvery90Days_version-1_IamAccessKeyRotatedInEvery90Days_iamuser','aws_iam_keys_should_be_rotated_every_target_period','PacMan_IamAccessKeyRotatedInEvery90Days_version-1','IamAccessKeyRotatedInEvery90Days','iamuser','aws','IamAccessKeyRotatedInEvery90Days','{"assetGroup":"aws","policyId":"PacMan_IamAccessKeyRotatedInEvery90Days_version-1","environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleUUID":"aws_iam_keys_should_be_rotated_every_target_period","ruleType":"ManageRule","pac_ds":"aws","targetType":"iamuser","params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"check-for-accesskeys-rotated-in-every-90-days","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"security","key":"ruleCategory"}],"ruleId":"PacMan_IamAccessKeyRotatedInEvery90Days_version-1_IamAccessKeyRotatedInEvery90Days_iamuser","autofix":false,"alexaKeyword":"IamAccessKeyRotatedInEvery90Days","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iam_keys_should_be_rotated_every_target_period'),'ENABLED','1205352','IAM accesskey must be rotated every 90 days',{d '2017-08-30'},{d '2018-01-05'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_GuardDutyFindingsExists_version-1_GuardDutyFindingsExists_ec2','aws_ec2_should_not_have_guardduty_findings','PacMan_GuardDutyFindingsExists_version-1','GuardDutyFindingsExists','ec2','aws-all','GuardDutyFindingsExists','{"params":[{"encrypt":false,"value":"check-guard-duty-findings-exists","key":"ruleKey"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"key":"esGuardDutyUrl","value":"/guardduty/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_GuardDutyFindingsExists_version-1_GuardDutyFindingsExists_ec2","autofix":false,"alexaKeyword":"GuardDutyFindingsExists","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_GuardDutyFindingsExists_version-1","assetGroup":"aws-all","ruleUUID":"aws_ec2_should_not_have_guardduty_findings","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_have_guardduty_findings'),'ENABLED','ASGC','EC2 instance should not have guard duty findings',{d '2018-02-12'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ElbWithPublicAccess_version-1_ClassicElbWithPublicAccess_classicelb','aws_classic_elb_should_not_be_publicly_accessible','PacMan_ElbWithPublicAccess_version-1','ClassicElbWithPublicAccess','classicelb','aws-all','ClassicElbWithPublicAccess','{"params":[{"key":"ruleKey","value":"check-for-elb-public-access","encrypt":false},{"key":"internetGateWay","value":"igw","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","encrypt":false},{"key":"esElbWithSGUrl","value":"/aws/classicelb_secgroups/_search","encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-classicelb","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ElbWithPublicAccess_version-1_ClassicElbWithPublicAccess_classicelb","autofix":false,"alexaKeyword":"ClassicElbWithPublicAccess","ruleRestUrl":"","targetType":"classicelb","pac_ds":"aws","policyId":"PacMan_ElbWithPublicAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_classic_elb_should_not_be_publicly_accessible","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_classic_elb_should_not_be_publicly_accessible'),'ENABLED','ASGC','ClassicELB should not be exposed to internet',{d '2018-10-12'},{d '2018-12-10'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ElbWithPublicAccess_version-1_ApplicationElbWithPublicAccess_appelb','aws_application_elb_should_not_be_publicly_accessible','PacMan_ElbWithPublicAccess_version-1','ApplicationElbWithPublicAccess','appelb','aws-all','ApplicationElbWithPublicAccess','{"params":[{"key":"ruleKey","value":"check-for-elb-public-access","encrypt":false},{"key":"internetGateWay","value":"igw","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","encrypt":false},{"key":"esElbWithSGUrl","value":"/aws/appelb_secgroups/_search","encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-appelb","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ElbWithPublicAccess_version-1_ApplicationElbWithPublicAccess_appelb","autofix":false,"alexaKeyword":"ApplicationElbWithPublicAccess","ruleRestUrl":"","targetType":"appelb","pac_ds":"aws","policyId":"PacMan_ElbWithPublicAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_application_elb_should_not_be_publicly_accessible","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_application_elb_should_not_be_publicly_accessible'),'ENABLED','ASGC','Application ELB should not be exposed to internet',{d '2018-10-11'},{d '2018-12-10'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ElasticSearchPublicAccess_version-1_ElasticSearchPublicAccessRule_elasticsearch','aws_elasticsearch_endpoint_should_not_be_publicly_accessible','PacMan_ElasticSearchPublicAccess_version-1','ElasticSearchPublicAccessRule','elasticsearch','aws-all','ElasticSearchPublicAccessRule','{"params":[{"key":"ruleKey","value":"check-for-elastic-search-public-access","encrypt":false},{"key":"severity","value":"critical","encrypt":false},{"key":"ruleCategory","value":"security","encrypt":false},{"key":"internetGateWay","value":"igw","isValueNew":true,"encrypt":false},{"key":"cidrIp","value":"0.0.0.0/0","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"publicly-accessible-elasticsearch","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_ElasticSearchPublicAccess_version-1_ElasticSearchPublicAccessRule_elasticsearch","autofix":false,"alexaKeyword":"ElasticSearchPublicAccessRule","ruleRestUrl":"","targetType":"elasticsearch","pac_ds":"aws","policyId":"PacMan_ElasticSearchPublicAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_elasticsearch_endpoint_should_not_be_publicly_accessible","ruleType":"Manage Rule"}','0 0/6 * * ? *','','','Manage Rule',concat('arn:aws:events:',@region,':',@account,':rule/aws_elasticsearch_endpoint_should_not_be_publicly_accessible'),'ENABLED','ASGC','Elastic Search endpoint should not be open to internet',{d '2018-10-10'},{d '2018-12-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_EC2WithPublicIPAccess_version-1_Ec2WithPublicAccess_ec2','aws_ec2_should_not_be_publicly_accessible_with_any_port','PacMan_EC2WithPublicIPAccess_version-1','Ec2WithPublicAccess','ec2','aws','Ec2WithPublicAccess','{"params":[{"encrypt":"false","value":"igw","key":"internetGateWay"},{"encrypt":"false","value":"check-for-ec2-public-access","key":"ruleKey"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esEc2SgURL","value":"/aws/ec2_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esSubnetURL","value":"/aws_subnet/_search","isValueNew":true,"encrypt":false},{"key":"cidripv6","value":"::/0","isValueNew":true,"encrypt":false},{"key":"defaultCidrIp","value":"10.0.0.0/8","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"ec2-global-access-fix","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_EC2WithPublicIPAccess_version-1_Ec2WithPublicAccess_ec2","autofix":false,"alexaKeyword":"Ec2WithPublicAccess","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_EC2WithPublicIPAccess_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_publicly_accessible_with_any_port","ruleType":"ManageRule"}','0 0/2 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_publicly_accessible_with_any_port'),'ENABLED','ASGC','EC2 instances should not have any publicly accessible ports',{d '2017-08-18'},{d '2018-12-10'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_EC2WithPublicAccessSSHPort22_version-2_EC2WithPublicAccessForConfiguredPort22_ec2','aws_ec2_should_not_be_publicly_accessible_on_port22','PacMan_EC2WithPublicAccessSSHPort22_version-2','EC2WithPublicAccessForConfiguredPort22','ec2','aws','EC2WithPublicAccessForConfiguredPort22','{"params":[{"encrypt":false,"value":"igw","key":"internetGateWay"},{"encrypt":false,"value":"22","key":"portToCheck"},{"encrypt":false,"value":"check-for-ec2-with-public-access-for-configured-port","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esEc2SgURL","value":"/aws/ec2_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esSubnetURL","value":"/aws_subnet/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_EC2WithPublicAccessSSHPort22_version-2_EC2WithPublicAccessForConfiguredPort22_ec2","autofix":false,"alexaKeyword":"EC2WithPublicAccessForConfiguredPort22","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_EC2WithPublicAccessSSHPort22_version-2","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_publicly_accessible_on_port22","ruleType":"ManageRule"}','0 0/2 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_publicly_accessible_on_port22'),'ENABLED','ASGC','EC2 instances should not be publicly accessible on SSH port 22',{d '2017-08-23'},{d '2018-11-09'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Ec2WithPublicAccessNonWebPorts80_version-1_Ec2WithPublicAccessNonWebPort80_ec2','aws_ec2_should_not_be_publicly_accessible_on_port80','PacMan_Ec2WithPublicAccessNonWebPorts80_version-1','Ec2WithPublicAccessNonWebPort80','ec2','aws','Ec2WithPublicAccessNonWebPort80','{"params":[{"encrypt":"false","value":"igw","key":"internetGateWay"},{"encrypt":"false","value":"80","key":"portToCheck"},{"encrypt":"false","value":"check-for-ec2-with-public-access-for-configured-port","key":"ruleKey"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"0.0.0.0/0","key":"cidrIp"},{"key":"esEc2SgURL","value":"/aws/ec2_secgroups/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableAssociationsURL","value":"/aws_routetable/routetable_associations/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableRoutesURL","value":"/aws_routetable/routetable_routes/_search","isValueNew":true,"encrypt":false},{"key":"esRoutetableURL","value":"/aws_routetable/routetable/_search","isValueNew":true,"encrypt":false},{"key":"esSgRulesUrl","value":"/aws_sg/sg_rules/_search","isValueNew":true,"encrypt":false},{"key":"esSubnetURL","value":"/aws_subnet/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_Ec2WithPublicAccessNonWebPorts80_version-1_Ec2WithPublicAccessNonWebPort80_ec2","autofix":false,"alexaKeyword":"Ec2WithPublicAccessNonWebPort80","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_Ec2WithPublicAccessNonWebPorts80_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_publicly_accessible_on_port80","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_publicly_accessible_on_port80'),'ENABLED','ASGC','EC2 instances should not be publicly accessible on port 80 ',{d '2017-09-06'},{d '2018-09-28'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_Ec2StoppedInstanceForLong_version-1_Ec2StoppedInstanceForLong_ec2','aws_ec2_should_not_be_stopped_state_for_too_long','PacMan_Ec2StoppedInstanceForLong_version-1','Ec2StoppedInstanceForLong','ec2','aws','Ec2StoppedInstanceForLong','{"params":[{"encrypt":"false","value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":"false","value":"true","key":"threadsafe"},{"encrypt":"false","value":"check-for-stopped-instance-for-long","key":"ruleKey"},{"encrypt":false,"value":"90","key":"targetstoppedDuration"},{"encrypt":false,"value":"governance","key":"ruleCategory"},{"encrypt":false,"value":"low","key":"severity"}],"environmentVariables":[{"encrypt":false,"value":"123","key":"abc"}],"ruleId":"PacMan_Ec2StoppedInstanceForLong_version-1_Ec2StoppedInstanceForLong_ec2","autofix":false,"alexaKeyword":"Ec2StoppedInstanceForLong","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_Ec2StoppedInstanceForLong_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_should_not_be_stopped_state_for_too_long","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_should_not_be_stopped_state_for_too_long'),'ENABLED','ASGC','EC2 instances should not be in stopped state for more than 60 days',{d '2017-08-29'},{d '2018-11-12'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_ec2deperecatedinstancetype_version-1_ec2deprecatedinstancetype_ec2','aws_ec2_instances_should_not_use_deprecates_instance_types','PacMan_ec2deperecatedinstancetype_version-1','ec2deprecatedinstancetype','ec2','aws','ec2deprecatedinstancetype','{"params":[{"encrypt":false,"value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":false,"value":"m1,m2,t1,c1,c2","key":"deprecatedInstanceType"},{"encrypt":false,"value":"true","key":"threadsafe"},{"encrypt":false,"value":"check-for-deprecated-instance-type","key":"ruleKey"},{"encrypt":false,"value":",","key":"splitterChar"},{"encrypt":false,"value":"medium","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"governance","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_ec2deperecatedinstancetype_version-1_ec2deprecatedinstancetype_ec2","autofix":false,"alexaKeyword":"ec2deprecatedinstancetype","ruleRestUrl":"","targetType":"ec2","pac_ds":"aws","policyId":"PacMan_ec2deperecatedinstancetype_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_instances_should_not_use_deprecates_instance_types","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_instances_should_not_use_deprecates_instance_types'),'ENABLED','ASGC','Deprecated EC2 instances types should not be used to launch instances',{d '2017-08-11'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_EbsSnapShot_version-1_EbsSnapShot_snapshot','aws_ec2_instances_should_not_use_deprecates_instance_types','PacMan_EbsSnapShot_version-1','EbsSnapShot','snapshot','aws','EbsSnapShot','{"params":[{"encrypt":false,"value":"check-for-ebs-snapshot-with-public-access","key":"ruleKey"},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"ePs02jT06w","key":"checkId"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_EbsSnapShot_version-1_EbsSnapShot_snapshot","autofix":false,"alexaKeyword":"EbsSnapShot","ruleRestUrl":"","targetType":"snapshot","pac_ds":"aws","policyId":"PacMan_EbsSnapShot_version-1","assetGroup":"aws","ruleUUID":"aws_ec2_instances_should_not_use_deprecates_instance_types","ruleType":"ManageRule"}','0 0/23 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_ec2_instances_should_not_use_deprecates_instance_types'),'ENABLED','ASGC','EBS snapshots should not be publicly accessible',{d '2017-08-16'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_CheckInactiveIamUser_version-1_CheckInactiveIamUser_iamuser','aws_iam_users_should_not_be_inactive_for_than_target_period','PacMan_CheckInactiveIamUser_version-1','CheckInactiveIamUser','iamuser','aws-all','CheckInactiveIamUser','{"assetGroup":"aws-all","policyId":"PacMan_CheckInactiveIamUser_version-1","environmentVariables":[],"ruleUUID":"aws_iam_users_should_not_be_inactive_for_than_target_period","ruleType":"ManageRule","pac_ds":"aws","targetType":"iamuser","params":[{"encrypt":false,"value":"90","key":"pwdInactiveDuration"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"},{"encrypt":false,"value":"check-for-inactive-iam-users","key":"ruleKey"},{"encrypt":false,"value":"true","key":"threadsafe"}],"ruleId":"PacMan_CheckInactiveIamUser_version-1_CheckInactiveIamUser_iamuser","autofix":false,"alexaKeyword":"CheckInactiveIamUser","ruleRestUrl":""}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iam_users_should_not_be_inactive_for_than_target_period'),'ENABLED','710383','IAM users should not be inactive for more than 90 days',{d '2018-02-13'},{d '2018-02-13'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1_CheckGuardDutyIsEnabledForAllAccount_account','aws_guardduty_should_be_enabled','PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1','CheckGuardDutyIsEnabledForAllAccount','account','aws-all','CheckGuardDutyIsEnabledForAllAccount','{"params":[{"encrypt":false,"value":"check-guard-duty-enabled-for-all-accounts","key":"ruleKey"},{"encrypt":false,"value":"role/pac_ro","key":"roleIdentifyingString"},{"encrypt":false,"value":"high","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1_CheckGuardDutyIsEnabledForAllAccount_account","autofix":false,"alexaKeyword":"CheckGuardDutyIsEnabledForAllAccount","ruleRestUrl":"","targetType":"account","pac_ds":"aws","policyId":"PacMan_CheckGuardDutyIsEnabledForAllAccount_version-1","assetGroup":"aws-all","ruleUUID":"aws_guardduty_should_be_enabled","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_guardduty_should_be_enabled'),'ENABLED','ASGC','AWS Guard Duty service should be enabled on all regions of all AWS accounts',{d '2018-01-19'},{d '2018-08-31'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_AmazonRDSIdleDBInstancesRule_version-1_AmazonRDSIdleDBInstancesRule_rdsdb','aws_rds_instances_should_not_tbe_idle_state','PacMan_AmazonRDSIdleDBInstancesRule_version-1','AmazonRDSIdleDBInstancesRule','rdsdb','aws-all','AmazonRDSIdleDBInstancesRule','{"params":[{"encrypt":false,"value":"Ti39halfu8","key":"checkId"},{"encrypt":false,"value":"check-for-amazon-RDS-idle-DB-instances","key":"ruleKey"},{"encrypt":false,"value":"low","key":"severity"},{"isValueNew":true,"encrypt":false,"value":"costOptimization","key":"ruleCategory"},{"key":"esServiceURL","value":"/aws_checks/checks_resources/_search","isValueNew":true,"encrypt":false}],"environmentVariables":[],"ruleId":"PacMan_AmazonRDSIdleDBInstancesRule_version-1_AmazonRDSIdleDBInstancesRule_rdsdb","autofix":false,"alexaKeyword":"AmazonRDSIdleDBInstancesRule","ruleRestUrl":"","targetType":"rdsdb","pac_ds":"aws","policyId":"PacMan_AmazonRDSIdleDBInstancesRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_rds_instances_should_not_tbe_idle_state","ruleType":"ManageRule"}','0 0/12 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_rds_instances_should_not_tbe_idle_state'),'ENABLED','ASGC','Amazon RDS DB instances should not be idle',{d '2018-03-15'},{d '2018-09-19'},null,null); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_EC2-RunInstance-iam-role-with-unapproved-access_version-1_ec2-runInstance-iam-role-with-unapproved-access_iamrole','aws_iamrole_shouldnothave_ec2runinstance_privilege','PacMan_EC2-RunInstance-iam-role-with-unapproved-access_version-1','ec2-runInstance-iam-role-with-unapproved-access','iamrole','aws-all','ec2-runInstance-iam-role-with-unapproved-access','{"params":[{"key":"roleIdentifyingString","value":"role/pac_ro","encrypt":false},{"key":"splitterChar","value":",","encrypt":false},{"key":"unApprovedIamActions","value":"ec2:*,*,ec2:RunInstances","encrypt":false},{"key":"ruleKey","value":"iam-role-with-unapproved-access","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"iam-role-with-unapproved-access-autofix","isValueNew":true,"encrypt":false},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_EC2-RunInstance-iam-role-with-unapproved-access_version-1_ec2-runInstance-iam-role-with-unapproved-access_iamrole","autofix":false,"alexaKeyword":"ec2-runInstance-iam-role-with-unapproved-access","ruleRestUrl":"","targetType":"iamrole","pac_ds":"aws","policyId":"PacMan_EC2-RunInstance-iam-role-with-unapproved-access_version-1","assetGroup":"aws-all","ruleUUID":"aws_iamrole_shouldnothave_ec2runinstance_privilege","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iamrole_shouldnothave_ec2runinstance_privilege'),'ENABLED','asgc','Non-White listed IAM Role should not have EC2 RunInstance privilege',{d '2019-02-08'},{d '2019-02-23'},'critical','security'); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_IAMRoleNetworkPrivilegesRule_version-1_IAMRoleNetworkPrivilegesRule_iamrole','aws_iamrole_shouldnothave_network_privileges','PacMan_IAMRoleNetworkPrivilegesRule_version-1','IAMRoleNetworkPrivilegesRule','iamrole','aws-all','networkprivileges','{"params":[{"key":"ruleKey","value":"iam-role-with-unapproved-access","isValueNew":true,"encrypt":false},{"key":"roleIdentifyingString","value":"role/pac_ro","isValueNew":true,"encrypt":false},{"key":"unApprovedIamActions","value":"ec2:CreateDefaultSubnet,ec2:CreateDefaultVpc,ec2:CreateInternetGateway,ec2:CreateSubnet,ec2:CreateVpc,ec2:CreateVpcEndpoint,ec2:CreateVpcEndpointConnectionNotification,ec2:CreateVpcEndpointServiceConfiguration,ec2:CreateVpcPeeringConnection,ec2:CreateVpnConnection,ec2:CreateVpnConnectionRoute,ec2:CreateVpnGateway,ec2:ModifySubnetAttribute,ec2:ModifyVpcAttribute,ec2:ModifyVpcEndpoint,ec2:ModifyVpcEndpointConnectionNotification,ec2:ModifyVpcEndpointServiceConfiguration,ec2:ModifyVpcEndpointServicePermissions,ec2:ModifyVpcPeeringConnectionOptions,ec2:ModifyVpcTenancy,ec2:MoveAddressToVpc,ec2:AttachInternetGateway,ec2:CreateEgressOnlyInternetGateway,ec2:AttachVpnGateway.ec2:*,*","isValueNew":true,"encrypt":false},{"key":"splitterChar","value":",","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"iam-role-with-unapproved-access-autofix","isValueNew":true,"encrypt":false},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_IAMRoleNetworkPrivilegesRule_version-1_IAMRoleNetworkPrivilegesRule_iamrole","autofix":false,"alexaKeyword":"networkprivileges","ruleRestUrl":"","targetType":"iamrole","pac_ds":"aws","policyId":"PacMan_IAMRoleNetworkPrivilegesRule_version-1","assetGroup":"aws-all","ruleUUID":"aws_iamrole_shouldnothave_network_privileges","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iamrole_shouldnothave_network_privileges'),'ENABLED','asgc','Non-white listed IAM Roles should not have core networking privileges',{d '2019-02-06'},{d '2019-02-26'},'critical','security'); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_UnapprovedIamRoleWithLambdaAccess_version-1_UnapprovedIamRoleLambdaAccess_iamrole','aws_iamrole_shouldnothave_lambda_privilege','PacMan_UnapprovedIamRoleWithLambdaAccess_version-1','UnapprovedIamRoleLambdaAccess','iamrole','aws-all','UnapprovedIamRoleWithLambdaAccess','{"params":[{"key":"ruleKey","value":"iam-role-with-unapproved-access","encrypt":false},{"key":"roleIdentifyingString","value":"role/pac_ro","encrypt":false},{"key":"unApprovedIamActions","value":"lambda:CreateFunction,lambda:Create*,*,lambda:*","encrypt":false},{"key":"splitterChar","value":",","encrypt":false},{"key":"fixKey","value":"iam-role-with-unapproved-access-autofix","isValueNew":true,"encrypt":false},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_UnapprovedIamRoleWithLambdaAccess_version-1_UnapprovedIamRoleLambdaAccess_iamrole","autofix":false,"alexaKeyword":"UnapprovedIamRoleWithLambdaAccess","ruleRestUrl":"","targetType":"iamrole","pac_ds":"aws","policyId":"PacMan_UnapprovedIamRoleWithLambdaAccess_version-1","assetGroup":"aws-all","ruleUUID":"aws_iamrole_shouldnothave_lambda_privilege","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iamrole_shouldnothave_lambda_privilege'),'ENABLED','asgc','Non-white listed IAM Role Should not have Lambda privilege',{d '2019-02-07'},{d '2019-02-23'},'critical','security'); +INSERT IGNORE INTO cf_RuleInstance (ruleId,ruleUUID,policyId,ruleName,targetType,assetGroup,alexaKeyword,ruleParams,ruleFrequency,ruleExecutable,ruleRestUrl,ruleType,ruleArn,status,userId,displayName,createdDate,modifiedDate,severity,category) VALUES ('PacMan_core-networking-iam-user-with-unapproved-access_version-1_core-networking-iam-user-with-unapproved-access_iamuser','aws_iamuser_shouldnothave_corenetwork_privileges','PacMan_core-networking-iam-user-with-unapproved-access_version-1','core-networking-iam-user-with-unapproved-access','iamuser','aws-all','core-networking-iam-user-with-unapproved-access','{"params":[{"key":"roleIdentifyingString","value":"role/pac_ro","encrypt":false},{"key":"unApprovedIamActions","value":"ec2:CreateDefaultSubnet,ec2:CreateDefaultVpc,ec2:CreateInternetGateway,ec2:CreateSubnet,ec2:CreateVpc,ec2:CreateVpcEndpoint,ec2:CreateVpcEndpointConnectionNotification,ec2:CreateVpcEndpointServiceConfiguration,ec2:CreateVpcPeeringConnection,ec2:CreateVpnConnection,ec2:CreateVpnConnectionRoute,ec2:CreateVpnGateway,ec2:ModifySubnetAttribute,ec2:ModifyVpcAttribute,ec2:ModifyVpcEndpoint,ec2:ModifyVpcEndpointConnectionNotification,ec2:ModifyVpcEndpointServiceConfiguration,ec2:ModifyVpcEndpointServicePermissions,ec2:ModifyVpcPeeringConnectionOptions,ec2:ModifyVpcTenancy,ec2:MoveAddressToVpc,ec2:AttachInternetGateway,ec2:CreateEgressOnlyInternetGateway,ec2:AttachVpnGateway.ec2:*,*","encrypt":false},{"key":"splitterChar","value":",","encrypt":false},{"key":"ruleKey","value":"iam-user-with-unapproved-access","isValueNew":true,"encrypt":false},{"key":"fixKey","value":"iam-user-with-unapproved-access-autofix","isValueNew":true,"encrypt":false},{"encrypt":false,"value":"critical","key":"severity"},{"encrypt":false,"value":"security","key":"ruleCategory"}],"environmentVariables":[],"ruleId":"PacMan_core-networking-iam-user-with-unapproved-access_version-1_core-networking-iam-user-with-unapproved-access_iamuser","autofix":false,"alexaKeyword":"core-networking-iam-user-with-unapproved-access","ruleRestUrl":"","targetType":"iamuser","pac_ds":"aws","policyId":"PacMan_core-networking-iam-user-with-unapproved-access_version-1","assetGroup":"aws-all","ruleUUID":"aws_iamuser_shouldnothave_corenetwork_privileges","ruleType":"ManageRule"}','0 0/6 * * ? *','','','ManageRule',concat('arn:aws:events:',@region,':',@account,':rule/aws_iamuser_shouldnothave_corenetwork_privileges'),'ENABLED','asgc','Non-White listed IAM users should not have core networking privileges',{d '2019-02-12'},{d '2019-02-23'},'critical','security'); + + /* Omni Seach Configuration */ -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','All','accountname,region,tags.Application,tags.Environment,tags.Stack,tags.Role','_resourceid,searchcategory,tags[],accountname,_entitytype'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','api','','region,name'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','appelb','scheme,vpcid,type','region,scheme,vpcid,type'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','asg','healthchecktype','region,healthchecktype'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','asgpolicy','policytype,adjustmenttype','region,autoscalinggroupname,policytype'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','cert','',''); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','checks','',''); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','classicelb','scheme,vpcid','region,scheme,vpcid'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','cloudfront','status,enabled,priceclass,httpversion,ipv6enabled','domainname,status,httpversion,aliases'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','corpdomain','',''); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','dynamodb','tablestatus','region,tablestatus'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','ec2 ','availabilityzone,statename,instancetype,imageid,platform,subnetid','availabilityzone,privateipaddress,statename,instancetype'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','efs','performancemode,lifecyclestate','region,performancemode,lifecyclestate'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','elasticip','','networkinterfaceid,privateipaddress,region'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','emr','instancecollectiontype,releaselabel','region,instancecollectiontype,releaselabel'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','eni','status,sourcedestcheck,vpcid,subnetid','region,privateipaddress,status,vpcid,subnetid'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','iamrole','','description'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','iamuser','passwordresetrequired,mfaenabled',''); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','internetgateway','','region'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','kms','keystate,keyenabled,keyusage,rotationstatus','region,keystate'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','lambda','memorysize,runtime,timeout','region,runtime'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','launchconfig','instancetype,ebsoptimized,instancemonitoringenabled','instancetype,region'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','nat','vpcid,subnetid,state','region,vpcid,subnetid,state'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','networkacl','vpcid,isdefault','vpcid,region'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','onpremserver','os,used_for,u_business_service,location,company,firewall_status,u_patching_director,install_staus','ip_address,os,os_version,comapny'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','phd','',''); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','rdscluster','multiaz,engine,engineversion','region,engine,engineversion'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','rdsdb','dbinstanceclass,dbinstancestatus,engine,engineversion,licensemodel,multiaz,publiclyaccessible','region,engine,engineversion'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','rdssnapshot','snapshottype,encrypted,engine,engineversion,storagetype','vpcid,availabilityzone,engine,engineversion'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','redshift','nodetype,publiclyaccessible','region,nodetype,vpcid'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','routetable','vpcid','vpcid,region'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','s3','versionstatus','region,creationdate,versionstatus'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','sg','vpcid','region,vpcid'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','snapshot','encrypted,state','region,volumeid,state'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','stack','disablerollback,status','region,status'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','subnet','vpcid,availabilityzone,defaultforaz,state','availabilityzone,cidrblock,state'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','targetgroup','','region,vpcid,protocol,port'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','volume','volumetype,availabilityzone,encrypted,state','volumetype,availabilityzone,state'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','vpc','','region,cidrblock,state'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','vpngateway','state,type','region,state,type'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','elasticache','engine,nodetype,engineversion','region,engine'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','wafdomain','',''); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Policy Violations','All','severity,policyId','_id,issueid,resourceid,severity,_entitytype,_resourceid'); -INSERT INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Vulnerabilities','All','severity,category,vulntype','qid,vulntype,category,_entitytype,_resourceid'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','All','accountname,region,tags.Application,tags.Environment,tags.Stack,tags.Role','_resourceid,searchcategory,tags[],accountname,_entitytype'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','api','','region,name'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','appelb','scheme,vpcid,type','region,scheme,vpcid,type'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','asg','healthchecktype','region,healthchecktype'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','asgpolicy','policytype,adjustmenttype','region,autoscalinggroupname,policytype'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','cert','',''); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','checks','',''); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','classicelb','scheme,vpcid','region,scheme,vpcid'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','cloudfront','status,enabled,priceclass,httpversion,ipv6enabled','domainname,status,httpversion,aliases'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','corpdomain','',''); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','dynamodb','tablestatus','region,tablestatus'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','ec2 ','availabilityzone,statename,instancetype,imageid,platform,subnetid','availabilityzone,privateipaddress,statename,instancetype'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','efs','performancemode,lifecyclestate','region,performancemode,lifecyclestate'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','elasticip','','networkinterfaceid,privateipaddress,region'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','emr','instancecollectiontype,releaselabel','region,instancecollectiontype,releaselabel'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','eni','status,sourcedestcheck,vpcid,subnetid','region,privateipaddress,status,vpcid,subnetid'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','iamrole','','description'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','iamuser','passwordresetrequired,mfaenabled',''); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','internetgateway','','region'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','kms','keystate,keyenabled,keyusage,rotationstatus','region,keystate'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','lambda','memorysize,runtime,timeout','region,runtime'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','launchconfig','instancetype,ebsoptimized,instancemonitoringenabled','instancetype,region'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','nat','vpcid,subnetid,state','region,vpcid,subnetid,state'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','networkacl','vpcid,isdefault','vpcid,region'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','onpremserver','os,used_for,u_business_service,location,company,firewall_status,u_patching_director,install_staus','ip_address,os,os_version,comapny'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','phd','',''); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','rdscluster','multiaz,engine,engineversion','region,engine,engineversion'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','rdsdb','dbinstanceclass,dbinstancestatus,engine,engineversion,licensemodel,multiaz,publiclyaccessible','region,engine,engineversion'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','rdssnapshot','snapshottype,encrypted,engine,engineversion,storagetype','vpcid,availabilityzone,engine,engineversion'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','redshift','nodetype,publiclyaccessible','region,nodetype,vpcid'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','routetable','vpcid','vpcid,region'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','s3','versionstatus','region,creationdate,versionstatus'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','sg','vpcid','region,vpcid'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','snapshot','encrypted,state','region,volumeid,state'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','stack','disablerollback,status','region,status'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','subnet','vpcid,availabilityzone,defaultforaz,state','availabilityzone,cidrblock,state'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','targetgroup','','region,vpcid,protocol,port'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','volume','volumetype,availabilityzone,encrypted,state','volumetype,availabilityzone,state'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','vpc','','region,cidrblock,state'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','vpngateway','state,type','region,state,type'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','elasticache','engine,nodetype,engineversion','region,engine'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Assets','wafdomain','',''); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Policy Violations','All','severity,policyId','_id,issueid,resourceid,severity,_entitytype,_resourceid'); +INSERT IGNORE INTO OmniSearch_Config (SEARCH_CATEGORY,RESOURCE_TYPE,REFINE_BY_FIELDS,RETURN_FIELDS) VALUES ('Vulnerabilities','All','severity,category,vulntype','qid,vulntype,category,_entitytype,_resourceid'); /* RUle Category Weightage */ -INSERT INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('costOptimization','Infra & Platforms',20); -INSERT INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('governance','Infra & Platforms',20); -INSERT INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('security','Infra & Platforms',50); -INSERT INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('tagging','Infra & Platforms',10); +INSERT IGNORE INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('costOptimization','Infra & Platforms',20); +INSERT IGNORE INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('governance','Infra & Platforms',20); +INSERT IGNORE INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('security','Infra & Platforms',50); +INSERT IGNORE INTO pac_v2_ruleCategory_weightage (ruleCategory,domain,weightage) VALUES ('tagging','Infra & Platforms',10); /* UI FIlter */ -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (1,'Issue'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (2,'vulnerbility'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (3,'asset'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (4,'compliance'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (5,'tagging'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (6,'certificates'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (7,'patching'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (8,'AssetListing'); -INSERT INTO pac_v2_ui_filters (filterId,filterName) VALUES (9,'digitaldev'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (1,'Issue'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (2,'vulnerbility'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (3,'asset'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (4,'compliance'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (5,'tagging'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (6,'certificates'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (7,'patching'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (8,'AssetListing'); +INSERT IGNORE INTO pac_v2_ui_filters (filterId,filterName) VALUES (9,'digitaldev'); /* UI Filter Options */ -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (1,1,'Policy','policyId.keyword','/compliance/v1/filters/policies?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (2,1,'Rule','ruleId.keyword','/compliance/v1/filters/rules?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (3,1,'Region','region.keyword','/compliance/v1/filters/regions?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (4,1,'AccountName','accountid.keyword','/compliance/v1/filters/accounts?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (5,1,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (6,1,'Environment','tags.Environment.keyword','/compliance/v1/filters/environment?ag=aws&application=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (7,2,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (8,2,'Environment','tags.Environment.keyword','/compliance/v1/filters/environment?ag=aws&application=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (9,3,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (12,4,'Resource Type','targetType.keyword','/compliance/v1/filters/targettype?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (13,8,'Application ','application ','/compliance/v1/filters/application?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (14,8,'Environment ','environment ','/compliance/v1/filters/environment?ag=aws&application=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (15,8,'Resource Type','resourceType ','/compliance/v1/filters/targettype?ag=aws'); -INSERT INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (16,9,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (1,1,'Policy','policyId.keyword','/compliance/v1/filters/policies?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (2,1,'Rule','ruleId.keyword','/compliance/v1/filters/rules?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (3,1,'Region','region.keyword','/compliance/v1/filters/regions?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (4,1,'AccountName','accountid.keyword','/compliance/v1/filters/accounts?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (5,1,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (6,1,'Environment','tags.Environment.keyword','/compliance/v1/filters/environment?ag=aws&application=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (7,2,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (8,2,'Environment','tags.Environment.keyword','/compliance/v1/filters/environment?ag=aws&application=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (9,3,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (12,4,'Resource Type','targetType.keyword','/compliance/v1/filters/targettype?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (13,8,'Application ','application ','/compliance/v1/filters/application?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (14,8,'Environment ','environment ','/compliance/v1/filters/environment?ag=aws&application=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (15,8,'Resource Type','resourceType ','/compliance/v1/filters/targettype?ag=aws'); +INSERT IGNORE INTO pac_v2_ui_options (optionId,filterId,optionName,optionValue,optionURL) VALUES (16,9,'Application','tags.Application.keyword','/compliance/v1/filters/application?ag=aws'); /* UI Widgets */ -INSERT INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (1,'Tagging','TaggingSummary'); -INSERT INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (2,'Tagging','Total Tag Compliance'); -INSERT INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (3,'Tagging','Tagging Compliance Trend'); -INSERT INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (4,'ComplianceOverview','OverallCompliance,tagging,patching,vulnerabilites'); +INSERT IGNORE INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (1,'Tagging','TaggingSummary'); +INSERT IGNORE INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (2,'Tagging','Total Tag Compliance'); +INSERT IGNORE INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (3,'Tagging','Tagging Compliance Trend'); +INSERT IGNORE INTO pac_v2_ui_widgets (widgetId,pageName,widgetName) VALUES (4,'ComplianceOverview','OverallCompliance,tagging,patching,vulnerabilites'); /* UI Widgets faqs */ -INSERT INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (1,1,'Tagging Summary','How overall Compliance% calculated ?','Total assets which has Application and Environment tag devided by total taggable Assets.'); -INSERT INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (2,1,'Tagging Summary','How an AssetGroup Un-tagged count calculted ?','Total assets which is missing application,Environment tag.'); -INSERT INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (3,4,'OverallCompliance,tagging,patching,vulnerabilites','How overall % calculated ?','It''s average of patching,certificates,tagging,vulnerbilites and other policies percentage'); -INSERT INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (7,4,'OverallCompliance,tagging,patching,vulnerabilites','How patching % calculated ?','total patched running ec2 instances /total running ec2 instances'); -INSERT INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (8,4,'OverallCompliance,tagging,patching,vulnerabilites','How tagging % calculated ?','total tagged assets /total assets'); -INSERT INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (9,4,'OverallCompliance,tagging,patching,vulnerabilites','How vulnerabilities % calculated ?','total vulnerable ec2 assets/total ec2 assets. '); -INSERT INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (10,4,'OverallCompliance,tagging,patching,vulnerabilites','How other policies % calculated',null); +INSERT IGNORE INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (1,1,'Tagging Summary','How overall Compliance% calculated ?','Total assets which has Application and Environment tag devided by total taggable Assets.'); +INSERT IGNORE INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (2,1,'Tagging Summary','How an AssetGroup Un-tagged count calculted ?','Total assets which is missing application,Environment tag.'); +INSERT IGNORE INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (3,4,'OverallCompliance,tagging,patching,vulnerabilites','How overall % calculated ?','It''s average of patching,certificates,tagging,vulnerbilites and other policies percentage'); +INSERT IGNORE INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (7,4,'OverallCompliance,tagging,patching,vulnerabilites','How patching % calculated ?','total patched running ec2 instances /total running ec2 instances'); +INSERT IGNORE INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (8,4,'OverallCompliance,tagging,patching,vulnerabilites','How tagging % calculated ?','total tagged assets /total assets'); +INSERT IGNORE INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (9,4,'OverallCompliance,tagging,patching,vulnerabilites','How vulnerabilities % calculated ?','total vulnerable ec2 assets/total ec2 assets. '); +INSERT IGNORE INTO pac_v2_ui_widget_faqs (faqId,widgetId,widgetName,faqName,faqAnswer) VALUES (10,4,'OverallCompliance,tagging,patching,vulnerabilites','How other policies % calculated',null); -INSERT INTO pac_v2_ui_download_filters (serviceId,serviceName,serviceEndpoint) VALUES +INSERT IGNORE INTO pac_v2_ui_download_filters (serviceId,serviceName,serviceEndpoint) VALUES (1,'Violations','/api/compliance/v1/issues'), (2,'NonComplaincePolicies','/api/compliance/v1/noncompliancepolicy'), (3,'PatchingDetails','/api/compliance/v1/patching/detail'), @@ -1292,3 +1319,352 @@ INSERT INTO pac_v2_ui_download_filters (serviceId,serviceName,serviceEndpoint) V (12,'PullRequestAssetsByState','/api/devstandards/v1/pullrequests/asset/bystates'), (13,'PullRequestAsstesByAge','/api/devstandards/v1/pullrequests/assets/openstate'), (14,'ApplicationOrRepositoryDistribution','/api/devstandards/v1/repositories/assets/repositoryorapplicationdistribution'); + + +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('application','root'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('batch','application'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('api','application'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('compliance-service','api'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('asset-service','api'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('notification-service','api'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('statistics-service','api'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('auth-service','api'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('dev-standards-service','api'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('admin-service','api'); +INSERT IGNORE INTO pac_config_relation (`application`,`parent`) VALUES ('magenta-skill','api'); +INSERT IGNORE INTO pac_config_relation (application,parent) VALUES ('data-shipper','batch'); +INSERT IGNORE INTO pac_config_relation (application,parent) VALUES ('inventory','batch'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('admin.api-role','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('admin.push.notification.pollinterval.milliseconds','description'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[0].name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[0].url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[0].version','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[1].name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[1].url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[1].version','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[2].name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[2].url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[2].version','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[3].name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[3].url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[3].version','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[4].name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[4].url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[4].version','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[5].name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[5].url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[5].version','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[6].name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[6].url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('api.services[6].version','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('application.cors.allowed.domains','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('auth.active','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('aws.access-key','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('aws.secret-key','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.activedirectory.client-id','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.activedirectory.client-secret','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.activedirectory.scope','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.activedirectory.scopeDesc','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.activedirectory.state','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.activedirectory.tenant-id','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.authorizeEndpoint','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.id-token.claims.email','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.id-token.claims.first-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.id-token.claims.last-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.id-token.claims.user-id','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.id-token.claims.user-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.issuer','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('azure.public-key','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('base.account',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('branch.maxBranchAge','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('cloudinsights.corp-password','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('cloudinsights.corp-user-id','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('cloudinsights.costurl','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('cloudinsights.tokenurl','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('cron.frequency.weekly-report-sync-trigger','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('date.format','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('days-range.age','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('discovery.role',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.admin-host','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.clusterName','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.clusterName-heimdall','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.dev-ingest-host','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.dev-ingest-port','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.host','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.host-heimdall','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.port','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.port-admin','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.port-admin-heimdall','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.port-heimdall','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.update-clusterName','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.update-host','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('elastic-search.update-port','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('endpoints.refresh.sensitive','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('features.certificate.enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('features.patching.enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('features.vulnerability.enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('formats.date','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('hystrix.command.default.execution.isolation.thread.timeoutInMilliseconds','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('hystrix.shareSecurityContext','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('job.lambda.action-disabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('job.lambda.action-enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('job.lambda.function-arn','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('job.lambda.function-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('job.lambda.principal','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('job.lambda.target-id','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('job.s3.bucket-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.ad.domain','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.ad.provider-url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.ad.search-base','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.baseDn','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.connectionTimeout','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.domain','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.hostList','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.naming.authentication','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.naming.context-factory','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.nt.domain','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.nt.provider-url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.nt.search-base','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.port','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('ldap.responseTimeout','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('logging.config','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('logging.consoleLoggingLevel','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('logging.esHost','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('logging.esLoggingLevel','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('logging.esPort','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('magenta.cache.name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('magenta.default-background','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('magenta.error-background','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('magenta.goodbye-background','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('magenta.goodbye-greeting','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('magenta.welcome-background','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('magenta.welcome-greeting','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('management.endpoints.web.exposure.include','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('management.health.rabbit.enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('management.security.enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('monitoring.contextRootNames','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('pacman.api.oauth2.client-id','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('pacman.api.oauth2.client-secret','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('pacman.service-password','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('pacman.service-user','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('pacman.url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('projections.assetgroups','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('projections.targetTypes','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('redshift.password','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('redshift.url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('redshift.userName','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('remind.cron','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('remind.email.subject','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('remind.email.text','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule-engine.invoke.url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule.lambda.action-disabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule.lambda.action-enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule.lambda.function-arn','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule.lambda.function-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule.lambda.principal','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule.lambda.target-id','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('rule.s3.bucket-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('security.basic.enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('security.oauth2.resource.user-info-uri','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('server.context-path','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('server.contextPath','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('server.servlet.context-path','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.dns.name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.url.admin','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.url.asset','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.url.auth','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.url.compliance','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.url.devstandards','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.url.pac_auth','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('service.url.statistics','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.boot.admin.client.instance.health-url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.boot.admin.client.instance.management-url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.boot.admin.client.instance.service-url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.boot.admin.client.password','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.boot.admin.client.url[0]','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.boot.admin.client.username','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.cache.cache-names','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.cache.caffeine.spec','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.cloud.bus.enabled','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.datasource.driver-class-name','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.datasource.password','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.datasource.url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.datasource.username','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.jpa.hibernate.naming.physical-strategy','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.defaultEncoding','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.host','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.port','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.protocol','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.sleuth.sampler.probability',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.zipkin.baseUrl',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.zipkin.sender.type',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('swagger.auth.whitelist','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('tagging.mandatoryTags','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('target-types.categories','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('template.digest-mail.url','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('time.zone',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('vulnerability.summary.severity','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('vulnerability.types','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('s3.role',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('s3.region',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('s3.processed',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('s3.data',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('s3',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('region.ignore',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('file.path',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('base.region',''); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.username','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.password','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.properties.mail.smtp.auth','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.properties.mail.smtp.ssl.trust','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.properties.mail.smtp.starttls.enable','Description PlaceHolder'); +INSERT IGNORE INTO pac_config_key_metadata (`cfkey`,`description`) VALUES ('spring.mail.test-connection','Description PlaceHolder'); + +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('logging.config','classpath:spring-logback.xml','application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('logging.esLoggingLevel','WARN','application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('logging.consoleLoggingLevel','INFO','application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('logging.esHost',concat(@LOGGING_ES_HOST_NAME,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('logging.esPort',concat(@LOGGING_ES_PORT,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.host',concat(@ES_HOST_NAME,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.port',concat(@ES_PORT,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.clusterName',concat(@ES_CLUSTER_NAME,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.port-admin',concat(@ES_PORT_ADMIN,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.host-heimdall',concat(@ES_HEIMDALL_HOST_NAME,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.port-heimdall',concat(@ES_HEIMDALL_PORT,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.clusterName-heimdall',concat(@ES_HEIMDALL_CLUSTER_NAME,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.port-admin-heimdall',concat(@ES_HEIMDALL_PORT_ADMIN,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.update-host',concat(@ES_UPDATE_HOST,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.update-port',concat(@ES_UPDATE_PORT,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.update-clusterName',concat(@ES_UPDATE_CLUSTER_NAME,''),'application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('formats.date','yyyy-MM-dd\'T\'HH:mm:ss.SSSZ','application','prd','latest',NULL,NULL,NULL,NULL); + + + +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('ldap.naming.context-factory','com.sun.jndi.ldap.LdapCtxFactory','application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('ldap.naming.authentication','simple','application','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('service.dns.name',concat(@PACMAN_HOST_NAME,''),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('service.url.compliance',concat(@PACMAN_HOST_NAME,'/api/compliance'),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('service.url.asset',concat(@PACMAN_HOST_NAME,'/api/asset'),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('service.url.statistics',concat(@PACMAN_HOST_NAME,'/api/statistics'),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('service.url.devstandards',concat(@PACMAN_HOST_NAME,'/api/devstandards'),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('service.url.auth',concat(@PACMAN_HOST_NAME,'/api/auth'),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('service.url.admin',concat(@PACMAN_HOST_NAME,'/api/admin'),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('endpoints.refresh.sensitive','false','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('hystrix.command.default.execution.isolation.thread.timeoutInMilliseconds','100000','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('application.cors.allowed.domains','all','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('monitoring.contextRootNames','asset,compliance,statistics,devstandards,auth,admin','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('auth.active','db','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.cache.cache-names','trends,compliance,assets,trendsvuln','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.cache.caffeine.spec','maximumSize=500, expireAfterWrite=6h','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.datasource.url',concat(@RDS_URL,''),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.datasource.username',concat(@RDS_USERNAME,''),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.datasource.password',concat(@RDS_PASSWORD,''),'api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.datasource.driver-class-name','com.mysql.jdbc.Driver','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.cloud.bus.enabled','false','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[0].name','Admin Service','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[0].url','${PACMAN_HOST_NAME:http://localhost:8080}/api/admin/v2/api-docs','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[0].version','2','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[1].name','Auth Service','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[1].url','${PACMAN_HOST_NAME:http://localhost:8080}/api/auth/v2/api-docs','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[1].version','2','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[2].name','Asset Service','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[2].url','${PACMAN_HOST_NAME:http://localhost:8080}/api/asset/v2/api-docs','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[2].version','2','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[3].name','Notification Service','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[3].url','${PACMAN_HOST_NAME:http://localhost:8080}/api/notifications/v2/api-docs','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[3].version','2','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[4].name','Compliance Service','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[4].url','${PACMAN_HOST_NAME:http://localhost:8080}/api/compliance/v2/api-docs','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[4].version','2','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[5].name','Statistics Service','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[5].url','${PACMAN_HOST_NAME:http://localhost:8080}/api/statistics/v2/api-docs','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('api.services[5].version','2','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('tagging.mandatoryTags','Application,Environment','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('vulnerability.types','ec2,onpremserver','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('vulnerability.summary.severity','5','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('swagger.auth.whitelist','/configuration/security,/swagger-ui.html,/api.html,/webjars/**,/user,/public/**,/api.html,/css/styles.js,/js/swagger.js,/js/swagger-ui.js,/js/swagger-oauth.js,/images/pacman_logo.svg,/images/favicon-32x32.png,/images/favicon-16x16.png,/images/favicon.ico,/docs/v1/api.html,/v2/api-docs/**,/v2/swagger.json,/webjars/springfox-swagger-ui/css/**,/webjars/springfox-swagger-ui/js/**,/configuration/ui,/swagger-resources/**,/configuration/**,/imgs/**,/css/**,/css/font/**,/proxy*/**,/hystrix/monitor/**,/hystrix/**/images/pacman_logo.svg,/images/favicon-32x32.png,/images/favicon-16x16.png,/images/favicon.ico,/docs/v1/api.html,/v2/api-docs/**,/v2/swagger.json,/webjars/springfox-swagger-ui/css/**,/webjars/springfox-swagger-ui/js/**,/configuration/ui,/swagger-resources/**,/configuration/**,/imgs/**,/css/**,/css/font/**,/proxy*/**,/hystrix/monitor/**,/hystrix/**,/refresh','api','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('server.servlet.context-path','/api/admin','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('aws.access-key','','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('aws.secret-key','','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('admin.api-role','ROLE_ADMIN2, ROLE_ADMIN','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.s3.bucket-region',concat(@JOB_BUCKET_REGION,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.s3.bucket-name',concat(@RULE_JOB_BUCKET_NAME,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.lambda.region',concat(@JOB_LAMBDA_REGION,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.lambda.target-id','jobTargetId','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.lambda.function-name',concat(@JOB_FUNCTION_NAME,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.lambda.function-arn',concat(@JOB_FUNCTION_ARN,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.lambda.principal','events.amazonaws.com','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.lambda.action-enabled','lambda:InvokeFunction','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('job.lambda.action-disabled','lambda:DisableInvokeFunction','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.s3.bucket-region',concat(@RULE_BUCKET_REGION,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.s3.bucket-name',concat(@RULE_JOB_BUCKET_NAME,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.lambda.region',concat(@RULE_LAMBDA_REGION,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.lambda.target-id','ruleTargetId','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.lambda.function-name',concat(@RULE_FUNCTION_NAME,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.lambda.function-arn',concat(@RULE_FUNCTION_ARN,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.lambda.principal','events.amazonaws.com','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.lambda.action-enabled','lambda:InvokeFunction','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule.lambda.action-disabled','lambda:DisableInvokeFunction','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('management.security.enabled','false','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('security.basic.enabled','false','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('security.oauth2.client.user-authorization-uri',concat(@PACMAN_HOST_NAME,'/api/auth/oauth/authorize'),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.dev-ingest-host',concat(@ES_UPDATE_HOST,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.dev-ingest-port',concat(@ES_UPDATE_PORT,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.port',concat(@ES_UPDATE_PORT,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('elastic-search.host',concat(@ES_UPDATE_HOST,''),'admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('target-types.categories','Compute,Developer Tools,Analytics,Application Services,Storage,Management Tools,Messaging,Artificial Intelligence,Database,Business Productivity,Security,Identity & Compliance,Networking & Content Delivery,Contact Center,Internet Of Things,Desktop & App Streaming,Desktop & App Streaming,Migration,Mobile Services,Game Development,Contact Center,Application Integration','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('pacman.api.oauth2.client-id','22e14922-87d7-4ee4-a470-da0bb10d45d3','admin-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('server.servlet.context-path','/api/asset','asset-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('cloudinsights.tokenurl',concat(@CLOUD_INSIGHTS_TOKEN_URL,''),'asset-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('cloudinsights.costurl',concat(@CLOUD_INSIGHTS_COST_URL,''),'asset-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('cloudinsights.corp-user-id',concat(@SVC_CORP_USER_ID,''),'asset-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('cloudinsights.corp-password',concat(@SVC_CORP_PASSWORD,''),'asset-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('server.servlet.context-path','/api/auth','auth-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('pacman.api.oauth2.client-id','22e14922-87d7-4ee4-a470-da0bb10d45d3','auth-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('pacman.api.oauth2.client-secret','csrWpc5p7JFF4vEZBkwGCAh67kGQGwXv46qug7v5ZwtKg','auth-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('server.servlet.context-path','/api/compliance','compliance-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('rule-engine.invoke.url','submitRuleExecutionJob','compliance-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('projections.assetgroups','cloud-vm,onprem-vm,all-vm','compliance-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('projections.targetTypes','onpremserver,ec2','compliance-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('features.certificate.enabled',concat(@CERTIFICATE_FEATURE_ENABLED,''),'compliance-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('features.patching.enabled',concat(@PATCHING_FEATURE_ENABLED,''),'compliance-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties(`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('features.vulnerability.enabled',concat(@VULNERABILITY_FEATURE_ENABLED,''),'compliance-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('server.servlet.context-path','/api/notifications','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('remind.cron','0 0 0 * * *','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('remind.email.text','Hey, {0}! We\'ve missed you here on Pacman. It\'s time to check your compliance, Pacman team','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('remind.email.subject','Pacman reminder','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('backup.cron','0 0 12 * * *','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('backup.email.text','Howdy, {0}. Your account backup is ready.\r\n\r\nCheers,\r\nPiggyMetrics team','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('backup.email.subject','PiggyMetrics account backup','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('backup.email.attachment','backup.json','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.freemarker.suffix','.html','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.host',concat(@MAIL_SERVER,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.port',concat(@MAIL_SERVER_PORT, ''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.protocol',concat(@MAIL_PROTOCOL,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.defaultEncoding','UTF-8','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('cron.frequency.weekly-report-sync-trigger','0 0 9 ? * MON *','notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('template.digest-mail.url',concat('https://s3.amazonaws.com/',@PACMAN_S3,'/index.html'),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('server.servlet.context-path','/api/statistics','statistics-service','prd','latest',NULL,NULL,NULL,NULL); + +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('region.ignore','us-gov-west-1,cn-north-1,cn-northwest-1','inventory','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('file.path','/home/ec2-user/data','inventory','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('spring.datasource.url',concat(@RDS_URL,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('spring.datasource.username',concat(@RDS_USERNAME,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('spring.datasource.password',concat(@RDS_PASSWORD,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('s3.data',concat(@DATA_IN_DIR,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('s3.processed',concat(@DATA_BKP_DIR,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('s3.role',concat(@PAC_ROLE,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('s3.region',concat(@BASE_REGION,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('s3',concat(@DATA_IN_S3,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('base.account',concat(@BASE_ACCOUNT,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('base.region',concat(@BASE_REGION,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('discovery.role',concat(@PAC_RO_ROLE,''),'inventory','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('elastic-search.host',concat(@ES_HOST_NAME,''),'batch','prd','latest',null,null,null,null); +INSERT IGNORE INTO pac_config_properties (cfkey,value,application,profile,label,createdBy,createdDate,modifiedBy,modifiedDate) VALUES ('elastic-search.port',concat(@ES_PORT,''),'batch','prd','latest',null,null,null,null); + +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.username',concat(@MAIL_SERVER_USER,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.password',concat(@MAIL_SERVER_PWD,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.properties.mail.smtp.auth',concat(@MAIL_SMTP_AUTH,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.properties.mail.smtp.ssl.trust',concat(@MAIL_SERVER,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.properties.mail.smtp.starttls.enable',concat(@MAIL_SMTP_SSL_ENABLE,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); +INSERT IGNORE INTO pac_config_properties (`cfkey`,`value`,`application`,`profile`,`label`,`createdBy`,`createdDate`,`modifiedBy`,`modifiedDate`) VALUES ('spring.mail.test-connection',concat(@MAIL_SMTP_SSL_TEST_CONNECTION,''),'notification-service','prd','latest',NULL,NULL,NULL,NULL); diff --git a/installer/resources/pacbot_app/import_db.py b/installer/resources/pacbot_app/import_db.py index 377652805..45a89be18 100644 --- a/installer/resources/pacbot_app/import_db.py +++ b/installer/resources/pacbot_app/import_db.py @@ -4,13 +4,26 @@ from resources.datastore.db import MySQLDatabase from resources.datastore.es import ESDomain from resources.data.aws_info import AwsAccount, AwsRegion +from resources.pacbot_app.cloudwatch_log_groups import UiCloudWatchLogGroup, ApiCloudWatchLogGroup +from resources.pacbot_app.ecr import APIEcrRepository, UIEcrRepository +from resources.data.aws_info import AwsRegion +from resources.pacbot_app.alb import ApplicationLoadBalancer +from resources.datastore.es import ESDomain +from resources.iam.ecs_role import ECSRole +from resources.iam.base_role import BaseRole +from resources.lambda_submit.function import SubmitJobLambdaFunction +from resources.lambda_rule_engine.function import RuleEngineLambdaFunction +from resources.s3.bucket import BucketStorage + from shutil import copy2 import os class ReplaceSQLPlaceHolder(NullResource): - DEPENDS_ON = [MySQLDatabase, ESDomain] dest_file = os.path.join(get_terraform_scripts_and_files_dir(), 'DB_With_Values.sql') + triggers = {'version': "1.1"} + + DEPENDS_ON = [MySQLDatabase, ESDomain] def get_provisioners(self): script = os.path.join(get_terraform_scripts_dir(), 'sql_replace_placeholder.py') @@ -22,11 +35,61 @@ def get_provisioners(self): 'local-exec': { 'command': script, 'environment': { - 'AWS_REGION': AwsRegion.get_output_attr('name'), - 'AWS_ACCOUNT_ID': AwsAccount.get_output_attr('account_id'), - 'ES_HOST': ESDomain.get_http_url(), - 'ES_PORT': ESDomain.get_es_port(), - 'SQL_FILE_PATH': self.dest_file + 'SQL_FILE_PATH': self.dest_file, + 'ENV_region': AwsRegion.get_output_attr('name'), + 'ENV_account': AwsAccount.get_output_attr('account_id'), + 'ENV_eshost': ESDomain.get_http_url(), + 'ENV_esport': ESDomain.get_es_port(), + 'ENV_LOGGING_ES_HOST_NAME': ESDomain.get_output_attr('endpoint'), + 'ENV_LOGGING_ES_PORT': str(ESDomain.get_es_port()), + 'ENV_ES_HOST_NAME': ESDomain.get_output_attr('endpoint'), + 'ENV_ES_PORT': str(ESDomain.get_es_port()), + 'ENV_ES_CLUSTER_NAME': ESDomain.get_input_attr('domain_name'), + 'ENV_ES_PORT_ADMIN': str(ESDomain.get_es_port()), + 'ENV_ES_HEIMDALL_HOST_NAME': ESDomain.get_output_attr('endpoint'), + 'ENV_ES_HEIMDALL_PORT': str(ESDomain.get_es_port()), + 'ENV_ES_HEIMDALL_CLUSTER_NAME': ESDomain.get_input_attr('domain_name'), + 'ENV_ES_HEIMDALL_PORT_ADMIN': str(ESDomain.get_es_port()), + 'ENV_ES_UPDATE_HOST': ESDomain.get_output_attr('endpoint'), + 'ENV_ES_UPDATE_PORT': str(ESDomain.get_es_port()), + 'ENV_ES_UPDATE_CLUSTER_NAME': ESDomain.get_input_attr('domain_name'), + 'ENV_PACMAN_HOST_NAME': ApplicationLoadBalancer.get_http_url(), + 'ENV_RDS_URL': MySQLDatabase.get_rds_db_url(), + 'ENV_RDS_USERNAME': MySQLDatabase.get_input_attr('username'), + 'ENV_RDS_PASSWORD': MySQLDatabase.get_input_attr('password'), + 'ENV_JOB_BUCKET_REGION': AwsRegion.get_output_attr('name'), + 'ENV_RULE_JOB_BUCKET_NAME': BucketStorage.get_output_attr('bucket'), + 'ENV_JOB_LAMBDA_REGION': AwsRegion.get_output_attr('name'), + 'ENV_JOB_FUNCTION_NAME': SubmitJobLambdaFunction.get_input_attr('function_name'), + 'ENV_JOB_FUNCTION_ARN': SubmitJobLambdaFunction.get_output_attr('arn'), + 'ENV_RULE_BUCKET_REGION': AwsRegion.get_output_attr('name'), + 'ENV_RULE_JOB_BUCKET_NAME': BucketStorage.get_output_attr('bucket'), + 'ENV_RULE_LAMBDA_REGION': AwsRegion.get_output_attr('name'), + 'ENV_RULE_FUNCTION_NAME': RuleEngineLambdaFunction.get_input_attr('function_name'), + 'ENV_RULE_FUNCTION_ARN': RuleEngineLambdaFunction.get_output_attr('arn'), + 'ENV_CLOUD_INSIGHTS_TOKEN_URL': "http://localhost", + 'ENV_CLOUD_INSIGHTS_COST_URL': "http://localhost", + 'ENV_SVC_CORP_USER_ID': "testid", + 'ENV_SVC_CORP_PASSWORD': "password", + 'ENV_CERTIFICATE_FEATURE_ENABLED': "false", + 'ENV_PATCHING_FEATURE_ENABLED': "false", + 'ENV_VULNERABILITY_FEATURE_ENABLED': "false", + 'ENV_MAIL_SERVER': Settings.MAIL_SERVER, + 'ENV_PACMAN_S3': "pacman-email-templates", + 'ENV_DATA_IN_DIR': "inventory", + 'ENV_DATA_BKP_DIR': "backup", + 'ENV_PAC_ROLE': BaseRole.get_input_attr('name'), + 'ENV_BASE_REGION': AwsRegion.get_output_attr('name'), + 'ENV_DATA_IN_S3': BucketStorage.get_output_attr('bucket'), + 'ENV_BASE_ACCOUNT': AwsAccount.get_output_attr('account_id'), + 'ENV_PAC_RO_ROLE': BaseRole.get_input_attr('name'), + 'ENV_MAIL_SERVER_PORT': Settings.MAIL_SERVER_PORT, + 'ENV_MAIL_PROTOCOL': Settings.MAIL_PROTOCOL, + 'ENV_MAIL_SERVER_USER': Settings.MAIL_SERVER_USER, + 'ENV_MAIL_SERVER_PWD': Settings.MAIL_SERVER_PWD, + 'ENV_MAIL_SMTP_AUTH': Settings.MAIL_SMTP_AUTH, + 'ENV_MAIL_SMTP_SSL_ENABLE': Settings.MAIL_SMTP_SSL_ENABLE, + 'ENV_MAIL_SMTP_SSL_TEST_CONNECTION': Settings.MAIL_SMTP_SSL_TEST_CONNECTION, }, 'interpreter': [Settings.PYTHON_INTERPRETER] } @@ -41,6 +104,8 @@ def pre_generate_terraform(self): class ImportDbSql(NullResource): + triggers = {'version': "1.1"} + DEPENDS_ON = [MySQLDatabase, ReplaceSQLPlaceHolder] def get_provisioners(self): diff --git a/installer/resources/pacbot_app/task_def_variables.py b/installer/resources/pacbot_app/task_def_variables.py index 16b3b1be3..02f665968 100644 --- a/installer/resources/pacbot_app/task_def_variables.py +++ b/installer/resources/pacbot_app/task_def_variables.py @@ -2,49 +2,32 @@ from resources.pacbot_app.ecr import APIEcrRepository, UIEcrRepository from resources.data.aws_info import AwsRegion from resources.pacbot_app.alb import ApplicationLoadBalancer -from resources.datastore.es import ESDomain from resources.datastore.db import MySQLDatabase -from resources.datastore.redshift import RedshiftCluster -from resources.iam.ecs_role import ECSRole -from resources.lambda_submit.function import SubmitJobLambdaFunction -from resources.lambda_rule_engine.function import RuleEngineLambdaFunction from core.config import Settings -from resources.s3.bucket import BucketStorage import json class ContainerDefinitions: + """Friend class for getting the container definitions of each service""" ui_image = UIEcrRepository.get_output_attr('repository_url') + ":" + "latest" api_image = APIEcrRepository.get_output_attr('repository_url') + ":" + "latest" ui_cw_log_group = UiCloudWatchLogGroup.get_output_attr('name') api_cw_log_group = ApiCloudWatchLogGroup.get_output_attr('name') CONFIG_PASSWORD = "pacman" CONFIG_SERVER_URL = ApplicationLoadBalancer.get_api_server_url('config') - ES_CLUSTER_NAME = ESDomain.get_input_attr('domain_name') - ES_HEIMDALL_HOST_NAME = ESDomain.get_output_attr('endpoint') - ES_HEIMDALL_PORT = str(ESDomain.get_es_port()) - ES_HOST_NAME = ESDomain.get_output_attr('endpoint') - ES_PORT = str(ESDomain.get_es_port()) - LOGGING_ES_HOST_NAME = ESDomain.get_output_attr('endpoint') - LOGGING_ES_PORT = str(ESDomain.get_es_port()) PACMAN_HOST_NAME = ApplicationLoadBalancer.get_http_url() RDS_USERNAME = MySQLDatabase.get_input_attr('username') RDS_PASSWORD = MySQLDatabase.get_input_attr('password') RDS_URL = MySQLDatabase.get_rds_db_url() - REDSHIFT_URL = RedshiftCluster.get_redshift_url() - REDSHIFT_USER_NAME = RedshiftCluster.get_input_attr('master_username') - REDSHIFT_PASSWORD = RedshiftCluster.get_input_attr('master_password') - ES_UPDATE_HOST = ESDomain.get_output_attr('endpoint') - ES_UPDATE_PORT = str(ESDomain.get_es_port()) - ES_UPDATE_CLUSTER_NAME = ESDomain.get_input_attr('domain_name') - LDAP_DOMAIN = "http://localhost" - LDAP_PORT = "389" - LDAP_BASEDN = "http://localhost" - LDAP_HOSTLIST = "http://localhost" - LDAP_RESPONSETIMEOUT = "60" - LDAP_CONNECTIONTIMEOUT = "60" def get_container_definitions_without_env_vars(self, container_name): + """ + This method returns the basic common container definitioons for all task definitions + + Returns: + container_definitions (dict): Container definitions + """ + memory = 1024 if container_name == "nginx" else 3072 return { 'name': container_name, "image": self.ui_image if container_name == 'nginx' else self.api_image, @@ -57,7 +40,7 @@ def get_container_definitions_without_env_vars(self, container_name): "hostPort": 80 } ], - "memory": 1024, + "memory": memory, "networkMode": "awsvpc", "logConfiguration": { "logDriver": "awslogs", @@ -70,6 +53,12 @@ def get_container_definitions_without_env_vars(self, container_name): } def get_container_definitions(self, container_name): + """ + This method find complete container definitions for a task definiiton and returns it + + Returns: + container_definitions (json): Josn data of complete Container definitions + """ definitions = self.get_container_definitions_without_env_vars(container_name) env_vars = self._get_env_vars_for_container_service(container_name) if env_vars: @@ -78,6 +67,12 @@ def get_container_definitions(self, container_name): return json.dumps([definitions]) def _get_env_vars_for_container_service(self, container_name): + """ + Dynamically call the function based on the container name to get all environment variables + + Returns: + env_variables (list): List of dict of env variables + """ def function_not_found(): return None fun_name = "get_%s_container_env_vars" % container_name.replace('-', '_') @@ -88,7 +83,11 @@ def function_not_found(): def get_config_container_env_vars(self): return [ {'name': "JAR_FILE", 'value': "config.jar"}, - {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD} + {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD}, + {'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD}, + {'name': "RDS_URL", 'value': self.RDS_URL}, + {'name': "RDS_USERNAME", 'value': self.RDS_USERNAME}, + {'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME}, ] def get_admin_container_env_vars(self): @@ -96,36 +95,8 @@ def get_admin_container_env_vars(self): {'name': "JAR_FILE", 'value': "pacman-api-admin.jar"}, {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD}, {'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL}, - {'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME}, - {'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME}, - {'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT}, - {'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME}, - {'name': "ES_PORT", 'value': self.ES_PORT}, - {'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME}, - {'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT}, {'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME}, - {'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD}, - {'name': "RDS_URL", 'value': self.RDS_URL}, - {'name': "RDS_USERNAME", 'value': self.RDS_USERNAME}, - {'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST}, - {'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT}, - {'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME}, - {'name': "SECURITY_USERNAME", 'value': "admin"}, - {'name': "SECURITY_PASSWORD", 'value': "admin@123"}, - {'name': "ACCESS_KEY", 'value': "test_key_1"}, - {'name': "SECRET_KEY", 'value': "test_key_2"}, - {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('admin')}, - {'name': "ADMIN_SERVER", 'value': "http://localhost/pacmonitor"}, - {'name': "ROLE_ARN", 'value': ECSRole.get_output_attr('arn')}, - {'name': "JOB_FUNCTION_NAME", 'value': SubmitJobLambdaFunction.get_input_attr('function_name')}, - {'name': "JOB_FUNCTION_ARN", 'value': SubmitJobLambdaFunction.get_output_attr('arn')}, - {'name': "JOB_LAMBDA_REGION", 'value': AwsRegion.get_output_attr('name')}, - {'name': "JOB_BUCKET_REGION", 'value': AwsRegion.get_output_attr('name')}, - {'name': "RULE_FUNCTION_NAME", 'value': RuleEngineLambdaFunction.get_input_attr('function_name')}, - {'name': "RULE_FUNCTION_ARN", 'value': RuleEngineLambdaFunction.get_output_attr('arn')}, - {'name': "RULE_BUCKET_REGION", 'value': AwsRegion.get_output_attr('name')}, - {'name': "RULE_LAMBDA_REGION", 'value': AwsRegion.get_output_attr('name')}, - {'name': "RULE_JOB_BUCKET_NAME", 'value': BucketStorage.get_output_attr('bucket')} + {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('admin')} ] def get_compliance_container_env_vars(self): @@ -133,32 +104,8 @@ def get_compliance_container_env_vars(self): {'name': "JAR_FILE", 'value': "pacman-api-compliance.jar"}, {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD}, {'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL}, - {'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME}, - {'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME}, - {'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT}, - {'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME}, - {'name': "ES_PORT", 'value': self.ES_PORT}, - {'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME}, - {'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT}, {'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME}, - {'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD}, - {'name': "RDS_URL", 'value': self.RDS_URL}, - {'name': "RDS_USERNAME", 'value': self.RDS_USERNAME}, - {'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL}, - {'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME}, - {'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD}, - {'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST}, - {'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT}, - {'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME}, - {'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN}, - {'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN}, - {'name': "LDAP_PORT", 'value': self.LDAP_PORT}, - {'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT}, - {'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT}, - {'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST}, - {'name': "CERTIFICATE_FEATURE_ENABLED", 'value': "false"}, - {'name': "PATCHING_FEATURE_ENABLED", 'value': "false"}, - {'name': "VULNERABILITY_FEATURE_ENABLED", 'value': "false"} + {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('compliance')} ] def get_notifications_container_env_vars(self): @@ -166,29 +113,8 @@ def get_notifications_container_env_vars(self): {'name': "JAR_FILE", 'value': "pacman-api-notification.jar"}, {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD}, {'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL}, - {'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME}, - {'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME}, - {'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT}, - {'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME}, - {'name': "ES_PORT", 'value': self.ES_PORT}, - {'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME}, - {'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT}, {'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME}, - {'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD}, - {'name': "RDS_URL", 'value': self.RDS_URL}, - {'name': "RDS_USERNAME", 'value': self.RDS_USERNAME}, - {'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL}, - {'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME}, - {'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD}, - {'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST}, - {'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT}, - {'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME}, - {'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN}, - {'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN}, - {'name': "LDAP_PORT", 'value': self.LDAP_PORT}, - {'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT}, - {'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT}, - {'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST} + {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('notifications')} ] def get_statistics_container_env_vars(self): @@ -196,29 +122,8 @@ def get_statistics_container_env_vars(self): {'name': "JAR_FILE", 'value': "pacman-api-statistics.jar"}, {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD}, {'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL}, - {'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME}, - {'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME}, - {'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT}, - {'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME}, - {'name': "ES_PORT", 'value': self.ES_PORT}, - {'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME}, - {'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT}, {'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME}, - {'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD}, - {'name': "RDS_URL", 'value': self.RDS_URL}, - {'name': "RDS_USERNAME", 'value': self.RDS_USERNAME}, - {'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL}, - {'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME}, - {'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD}, - {'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST}, - {'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT}, - {'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME}, - {'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN}, - {'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN}, - {'name': "LDAP_PORT", 'value': self.LDAP_PORT}, - {'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT}, - {'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT}, - {'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST} + {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('statistics')} ] def get_asset_container_env_vars(self): @@ -226,33 +131,8 @@ def get_asset_container_env_vars(self): {'name': "JAR_FILE", 'value': "pacman-api-asset.jar"}, {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD}, {'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL}, - {'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME}, - {'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME}, - {'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT}, - {'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME}, - {'name': "ES_PORT", 'value': self.ES_PORT}, - {'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME}, - {'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT}, {'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME}, - {'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD}, - {'name': "RDS_URL", 'value': self.RDS_URL}, - {'name': "RDS_USERNAME", 'value': self.RDS_USERNAME}, - {'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL}, - {'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME}, - {'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD}, - {'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST}, - {'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT}, - {'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME}, - {'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN}, - {'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN}, - {'name': "LDAP_PORT", 'value': self.LDAP_PORT}, - {'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT}, - {'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT}, - {'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST}, - {'name': "CLOUD_INSIGHTS_COST_URL", 'value': "http://localhost"}, - {'name': "CLOUD_INSIGHTS_TOKEN_URL", 'value': "http://localhost"}, - {'name': "SVC_CORP_PASSWORD", 'value': "password"}, - {'name': "SVC_CORP_USER_ID", 'value': "testid"} + {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('asset')} ] def get_auth_container_env_vars(self): @@ -260,29 +140,6 @@ def get_auth_container_env_vars(self): {'name': "JAR_FILE", 'value': "pacman-api-auth.jar"}, {'name': "CONFIG_PASSWORD", 'value': self.CONFIG_PASSWORD}, {'name': "CONFIG_SERVER_URL", 'value': self.CONFIG_SERVER_URL}, - {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('auth')}, - {'name': "ES_CLUSTER_NAME", 'value': self.ES_CLUSTER_NAME}, - {'name': "ES_HEIMDALL_HOST_NAME", 'value': self.ES_HEIMDALL_HOST_NAME}, - {'name': "ES_HEIMDALL_PORT", 'value': self.ES_HEIMDALL_PORT}, - {'name': "ES_HOST_NAME", 'value': self.ES_HOST_NAME}, - {'name': "ES_PORT", 'value': self.ES_PORT}, - {'name': "LOGGING_ES_HOST_NAME", 'value': self.LOGGING_ES_HOST_NAME}, - {'name': "LOGGING_ES_PORT", 'value': self.LOGGING_ES_PORT}, {'name': "PACMAN_HOST_NAME", 'value': self.PACMAN_HOST_NAME}, - {'name': "RDS_PASSWORD", 'value': self.RDS_PASSWORD}, - {'name': "RDS_URL", 'value': self.RDS_URL}, - {'name': "RDS_USERNAME", 'value': self.RDS_USERNAME}, - {'name': "REDSHIFT_URL", 'value': self.REDSHIFT_URL}, - {'name': "REDSHIFT_USER_NAME", 'value': self.REDSHIFT_USER_NAME}, - {'name': "REDSHIFT_PASSWORD", 'value': self.REDSHIFT_PASSWORD}, - {'name': "ES_UPDATE_HOST", 'value': self.ES_UPDATE_HOST}, - {'name': "ES_UPDATE_PORT", 'value': self.ES_UPDATE_PORT}, - {'name': "ES_UPDATE_CLUSTER_NAME", 'value': self.ES_UPDATE_CLUSTER_NAME}, - {'name': "LDAP_DOMAIN", 'value': self.LDAP_DOMAIN}, - {'name': "LDAP_BASEDN", 'value': self.LDAP_BASEDN}, - {'name': "LDAP_PORT", 'value': self.LDAP_PORT}, - {'name': "LDAP_RESPONSETIMEOUT", 'value': self.LDAP_RESPONSETIMEOUT}, - {'name': "LDAP_CONNECTIONTIMEOUT", 'value': self.LDAP_CONNECTIONTIMEOUT}, - {'name': "LDAP_HOSTLIST", 'value': self.LDAP_HOSTLIST}, - {'name': "OAUTH2_CLIENT_ID", 'value': "22e14922-87d7-4ee4-a470-da0bb10d45d3"} + {'name': "DOMAIN_URL", 'value': ApplicationLoadBalancer.get_api_server_url('auth')} ] diff --git a/installer/settings/common.py b/installer/settings/common.py index 5caefb5e2..37790599d 100644 --- a/installer/settings/common.py +++ b/installer/settings/common.py @@ -3,14 +3,16 @@ import sys -# This is commonn configuration should be used in all setup -SETUP_TITLE = "PACBOT" -SETUP_DESCRIPTION = "INFRA SETUP AND DEPLOYMENT" PROVIDER = 'AWS' CURRENT_FILE_PATH = Path(os.path.join(os.path.abspath(os.path.dirname(__file__)))) BASE_APP_DIR = str(CURRENT_FILE_PATH.parent) RESOURCES_FOLDER = 'resources' # Provide only relative path +# This is commonn configuration should be used in all setup +SETUP_TITLE = "PACBOT" +SETUP_DESCRIPTION = "INFRA SETUP AND DEPLOYMENT" +LOADER_FILE_PATH = os.path.join(str(CURRENT_FILE_PATH), "loader") + TOOLS_REQUIRED = { 'Maven': "mvn --version", 'Git': "git --version", @@ -38,7 +40,6 @@ 'vpc.security_group': {'tags': ["security"]}, 'datastore.db': {'tags': ["rds"]}, 'datastore.es': {'tags': ["es"]}, - 'datastore.redshift': {'tags': ["redshift"]}, 'pacbot_app.alb': {'tags': ["infra"]}, 'pacbot_app.alb_target_groups': {'tags': ["infra"]}, 'pacbot_app.alb_listener_rules': {'tags': ["infra"]}, @@ -63,7 +64,7 @@ LOG_DIR = os.path.join(BASE_APP_DIR, 'log') PROVISIONER_FILES_DIR_TO_COPY = os.path.join(BASE_APP_DIR, 'files') -DESTROY_NUM_ATTEMPTS = 2 +DESTROY_NUM_ATTEMPTS = 3 SKIP_RESOURCE_EXISTENCE_CHECK = False RESOURCE_NAME_PREFIX = "pacbot" RESOURCE_DEFAULT_TAG_NAME = "Application" @@ -94,7 +95,17 @@ 'Admin': "admin@pacbot.org / pacman", 'User': "user@pacbot.org / user" } -LOADER_FILE_PATH = os.path.join(str(CURRENT_FILE_PATH), "loader") + +MAKE_ALB_INTERNAL = True + +MAIL_SERVER = "localhost" +MAIL_SERVER_PORT = 25 +MAIL_PROTOCOL = "smtp" +MAIL_SERVER_USER = "" +MAIL_SERVER_PWD = "" +MAIL_SMTP_AUTH = "" +MAIL_SMTP_SSL_ENABLE = "true" +MAIL_SMTP_SSL_TEST_CONNECTION = "false" try: from settings.local import * diff --git a/installer/settings/default.local.py b/installer/settings/default.local.py index 65fdd6992..436116d0e 100644 --- a/installer/settings/default.local.py +++ b/installer/settings/default.local.py @@ -5,8 +5,21 @@ "CIDR_BLOCKS": ["10.0.0.0/16"], "SUBNETS": ["subnet-1", "subnet-2"] } +MAIL_SERVER = "localhost.local" # System reads below data from user if not updated here AWS_ACCESS_KEY = "" AWS_SECRET_KEY = "" AWS_REGION = "" + +MAKE_ALB_INTERNAL = True + +# MAIL Server configuration +MAIL_SERVER = "localhost" +MAIL_SERVER_PORT = 587 +MAIL_PROTOCOL = "smtp" +MAIL_SERVER_USER = "" +MAIL_SERVER_PWD = "" +MAIL_SMTP_AUTH = "" +MAIL_SMTP_SSL_ENABLE = "true" +MAIL_SMTP_SSL_TEST_CONNECTION = "false" diff --git a/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/TaggingRule.java b/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/TaggingRule.java index 3862765e9..8b7afb580 100644 --- a/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/TaggingRule.java +++ b/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/TaggingRule.java @@ -70,7 +70,7 @@ public RuleResult execute(final Map ruleParam, Map missingTags = new HashSet<>(); - String mandatoryTags = ruleParam.get(PacmanSdkConstants.MENDETORY_TAGS_KEY); + String mandatoryTags = ruleParam.get(PacmanSdkConstants.MANDATORY_TAGS_KEY); String tagsSplitter = ruleParam.get(PacmanSdkConstants.SPLITTER_CHAR); String entityId = ruleParam.get(PacmanSdkConstants.RESOURCE_ID); diff --git a/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/UnProtetcedMongoDBAccess.java b/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/UnProtectedMongoDBAccess.java similarity index 96% rename from jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/UnProtetcedMongoDBAccess.java rename to jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/UnProtectedMongoDBAccess.java index 1fdb3e3a3..3c8918708 100644 --- a/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/UnProtetcedMongoDBAccess.java +++ b/jobs/pacman-awsrules/src/main/java/com/tmobile/cloud/awsrules/ec2/UnProtectedMongoDBAccess.java @@ -50,9 +50,9 @@ import com.tmobile.pacman.commons.rule.RuleResult; @PacmanRule(key = "check-for-unprotected-mongodb-access", desc = "Check whether MongoDB is publicly accessible via Internet through port 27017", severity = PacmanSdkConstants.SEV_HIGH, category = PacmanSdkConstants.SECURITY) -public class UnProtetcedMongoDBAccess extends BaseRule { +public class UnProtectedMongoDBAccess extends BaseRule { private static final Logger logger = LoggerFactory - .getLogger(UnProtetcedMongoDBAccess.class); + .getLogger(UnProtectedMongoDBAccess.class); /** * The method will get triggered from Rule Engine with following parameters diff --git a/jobs/pacman-awsrules/src/test/java/com/tmobile/cloud/awsrules/ec2/UnProtetcedMongoDBAccessTest.java b/jobs/pacman-awsrules/src/test/java/com/tmobile/cloud/awsrules/ec2/UnProtetcedMongoDBAccessTest.java index 46bdfc406..c2c98f79e 100644 --- a/jobs/pacman-awsrules/src/test/java/com/tmobile/cloud/awsrules/ec2/UnProtetcedMongoDBAccessTest.java +++ b/jobs/pacman-awsrules/src/test/java/com/tmobile/cloud/awsrules/ec2/UnProtetcedMongoDBAccessTest.java @@ -61,7 +61,7 @@ public class UnProtetcedMongoDBAccessTest { @InjectMocks - UnProtetcedMongoDBAccess unProtetcedMongoDBAccess; + UnProtectedMongoDBAccess unProtetcedMongoDBAccess; HttpClientBuilder httpClientBuilder; diff --git a/jobs/pacman-cloud-discovery/pom.xml b/jobs/pacman-cloud-discovery/pom.xml index 36d2830cf..c1aec841b 100644 --- a/jobs/pacman-cloud-discovery/pom.xml +++ b/jobs/pacman-cloud-discovery/pom.xml @@ -2,68 +2,62 @@ 4.0.0 - - com.tmobile.cloud + com.tmobile.cso.pacman inventory - 1.0.0-SNAPSHOT + 0.0.1-SNAPSHOT inventoryFetch Fetch all aws inventory across accounts - + UTF-8 UTF-8 1.8 - - - redshift - http://redshift-maven-repository.s3-website-us-east-1.amazonaws.com/release - - org.springframework spring-context 4.3.8.RELEASE - - org.apache.logging.log4j - log4j-api - 2.11.0 - - - org.apache.logging.log4j - log4j-core - 2.11.0 - - + com.amazonaws aws-java-sdk - - 1.11.266 + + 1.11.432 - - com.amazon.redshift - redshift-jdbc42 - 1.2.1.1001 + + org.powermock + powermock-module-junit4 + 1.6.4 + test + + + + org.powermock + powermock-api-mockito + 1.6.4 + test + + + org.springframework + spring-test + 4.0.5.RELEASE + test - + + mysql + mysql-connector-java + 5.1.17 + + com.tmobile.cloud batch-commons 1.0.0-SNAPSHOT provided - - ch.qos.logback - logback-core - - - ch.qos.logback - logback-classic - com.amazonaws aws-java-sdk-s3 @@ -158,28 +152,8 @@ - - org.powermock - powermock-module-junit4 - 1.6.4 - test - - - - org.powermock - powermock-api-mockito - 1.6.4 - test - - - org.springframework - spring-test - 4.0.5.RELEASE - test - - + - diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryCollectionJob.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryCollectionJob.java index 4a40c9c61..b31f6b1c5 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryCollectionJob.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryCollectionJob.java @@ -1,57 +1,70 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory; - -import java.util.Arrays; -import java.util.HashMap; -import java.util.Map; - -import com.tmobile.pacman.commons.jobs.PacmanJob; - -/** - * The Class InventoryCollectionJob. - */ -@PacmanJob(methodToexecute="execute",jobName="AWS Data Collector", desc="Job to fetch aws info and load to Redshift" ,priority=5) -public class InventoryCollectionJob { - - /** - * The main method. - * - * @param args the arguments - */ - public static void main(String[] args){ - Map params = new HashMap<>(); - Arrays.asList(args).stream().forEach(obj-> { - for(String param :obj.split("[*]")){ - String[] paramTemp = param.split("="); - params.put(paramTemp[0], paramTemp[1]); - } - }); - execute(params); - } - - /** - * Execute. - * - * @param params the params - */ - public static void execute(Map params){ - if( !(params==null || params.isEmpty())){ - params.forEach((k,v) -> System.setProperty(k, v)); - } - InventoryFetchApplication.main( new String[]{}); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory; + +import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.tmobile.cso.pacman.inventory.config.ConfigUtil; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.pacman.commons.jobs.PacmanJob; + +/** + * The Class InventoryCollectionJob. + */ +@PacmanJob(methodToexecute="execute",jobName="AWS Data Collector", desc="Job to fetch aws info and load to Redshift" ,priority=5) +public class InventoryCollectionJob { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(InventoryCollectionJob.class); + /** + * The main method. + * + * @param args the arguments + */ + public static void main(String[] args){ + Map params = new HashMap<>(); + Arrays.asList(args).stream().forEach(obj-> { + String[] keyValue = obj.split("[:]"); + params.put(keyValue[0], keyValue[1]); + }); + execute(params); + } + + /** + * Execute. + * + * @param params the params + * @return + */ + public static Map execute(Map params){ + if( !(params==null || params.isEmpty())){ + params.forEach((k,v) -> System.setProperty(k, v)); + } + try { + ConfigUtil.setConfigProperties(); + } catch (Exception e) { + log.error("Error fetching config", e); + ErrorManageUtil.uploadError("all", "all", "all", "Error fetching config "+ e.getMessage()); + return ErrorManageUtil.formErrorCode(); + } + return InventoryFetchApplication.main( new String[]{}); + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryConstants.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryConstants.java index 942c12b10..481df1978 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryConstants.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryConstants.java @@ -1,52 +1,84 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory; - - -/** - * The Class InventoryConstants. - */ -public final class InventoryConstants { - - /** - * Instantiates a new inventory constants. - */ - private InventoryConstants() { - - } - - /** The Constant ERROR_PREFIX_CODE. */ - public static final String ERROR_PREFIX_CODE = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""; - - /** The Constant ERROR_PREFIX_EC2. */ - public static final String ERROR_PREFIX_EC2 = "\",\"Message\": \"Exception in fetching info for resource in specific region\" " - + ",\"type\": \"EC2\" , \"region\":\""; - - /** The Constant ACCOUNT. */ - public static final String ACCOUNT = "Account : "; - - /** The Constant ERROR_CAUSE. */ - public static final String ERROR_CAUSE = "\", \"cause\":\""; - - /** The Constant ERROR_EXECUTEQUERY. */ - public static final String ERROR_EXECUTEQUERY = "Error in executeQuery "; - - /** The Constant ERROR_EXECUTEUPDATE. */ - public static final String ERROR_EXECUTEUPDATE = "Error in executeUpdate "; - - /** The Constant REGION_US_WEST_2. */ - public static final String REGION_US_WEST_2 = "us-west-2"; -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory; + + +/** + * The Class InventoryConstants. + */ +public final class InventoryConstants { + + /** + * Instantiates a new inventory constants. + */ + private InventoryConstants() { + + } + + /** The Constant ERROR_PREFIX_CODE. */ + public static final String ERROR_PREFIX_CODE = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""; + + /** The Constant ERROR_PREFIX_EC2. */ + public static final String ERROR_PREFIX_EC2 = "\",\"Message\": \"Exception in fetching info for resource in specific region\" " + + ",\"type\": \"EC2\" , \"region\":\""; + + /** The Constant ACCOUNT. */ + public static final String ACCOUNT = "Account : "; + + /** The Constant ERROR_CAUSE. */ + public static final String ERROR_CAUSE = "\", \"cause\":\""; + + /** The Constant ERROR_EXECUTEQUERY. */ + public static final String ERROR_EXECUTEQUERY = "Error in executeQuery "; + + /** The Constant ERROR_EXECUTEUPDATE. */ + public static final String ERROR_EXECUTEUPDATE = "Error in executeUpdate "; + + /** The Constant REGION_US_WEST_2. */ + public static final String REGION_US_WEST_2 = "us-west-2"; + + /** The Constant SOURCE. */ + public static final String SOURCE = "source"; + + /** The Constant NAME. */ + public static final String NAME = "name"; + + /** The Constant APPLICATION. */ + public static final String APPLICATION = "application"; + + /** The Constant BATCH. */ + public static final String BATCH = "batch"; + + /** The Constant INVENTORY. */ + public static final String INVENTORY = "inventory"; + + public static final String OPEN_ARRAY = "["; + + public static final String CLOSE_ARRAY = "]"; + + + public static final String ACCOUNT_ID = "accountId"; + + public static final String ACCOUNT_NAME = "accountName"; + + public static final String RDS_DB_URL = "spring.datasource.url"; + + /** The rds user. */ + public static final String RDS_USER = "spring.datasource.username"; + + /** The rds pwd. */ + public static final String RDS_PWD = "spring.datasource.password"; +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchApplication.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchApplication.java index 1e142e9e0..ef637ccd9 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchApplication.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchApplication.java @@ -1,45 +1,47 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory; - -import org.springframework.context.ApplicationContext; -import org.springframework.context.annotation.AnnotationConfigApplicationContext; -import org.springframework.context.annotation.ComponentScan; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.PropertySource; - - -/** - * The Class InventoryFetchApplication. - */ -@Configuration -@ComponentScan -@PropertySource("classpath:inventory.properties") -public class InventoryFetchApplication { - - - /** - * The main method. - * - * @param args the arguments - */ - public static void main(String[] args) { - ApplicationContext context = new AnnotationConfigApplicationContext(InventoryFetchApplication.class); - InventoryFetchOrchestrator orchestrator = context.getBean(InventoryFetchOrchestrator.class); - orchestrator.orchestrate(); - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory; + +import java.util.Map; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.annotation.AnnotationConfigApplicationContext; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; + + +/** + * The Class InventoryFetchApplication. + */ +@Configuration +@ComponentScan +public class InventoryFetchApplication { + + + /** + * The main method. + * + * @param args the arguments + * @return + */ + @SuppressWarnings("resource") + public static Map main(String[] args) { + ApplicationContext context = new AnnotationConfigApplicationContext(InventoryFetchApplication.class); + InventoryFetchOrchestrator orchestrator = context.getBean(InventoryFetchOrchestrator.class); + return orchestrator.orchestrate(); + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchOrchestrator.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchOrchestrator.java index 47977a21c..306404670 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchOrchestrator.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/InventoryFetchOrchestrator.java @@ -1,134 +1,141 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory; - -import java.io.File; -import java.text.SimpleDateFormat; -import java.util.Date; -import java.util.HashSet; -import java.util.Set; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Component; - -import com.tmobile.cso.pacman.inventory.dao.DBLoader; -import com.tmobile.cso.pacman.inventory.file.AssetFileGenerator; -import com.tmobile.cso.pacman.inventory.file.S3Uploader; - -/** - * The Class InventoryFetchOrchestrator. - */ -@Component -public class InventoryFetchOrchestrator { - - /** The accounts. */ - private Set accounts; - - /** The skip regions. */ - @Value("${region-ignore}") - private String skipRegions; - - - /** The s 3 bucket. */ - @Value("${s3}") - private String s3Bucket; - - /** The s 3 data. */ - @Value("${s3-data}") - private String s3Data; - - /** The s 3 processed. */ - @Value("${s3-processed}") - private String s3Processed; - - /** The s 3 region. */ - @Value("${s3-region}") - private String s3Region; - - /** The file path. */ - @Value("${file-path}") - private String filePath; - - /** The file generator. */ - @Autowired - AssetFileGenerator fileGenerator; - - /** The db loader. */ - @Autowired - DBLoader dbLoader; - - /** The s 3 uploader. */ - @Autowired - S3Uploader s3Uploader; - - /** The log. */ - private static Logger log = LogManager.getLogger(InventoryFetchOrchestrator.class); - - /** - * Instantiates a new inventory fetch orchestrator. - * - * @param accountInfo the account info - */ - @Autowired - public InventoryFetchOrchestrator(@Value("${accountinfo}") String accountInfo){ - String[] accntNames = accountInfo.split(","); - accounts = new HashSet<>(); - for(String accnt : accntNames){ - accounts.add(accnt); - } - } - - /** - * Orchestrate. - */ - public void orchestrate(){ - try{ - log.info("Start : Create all missing tables in RedShift"); - dbLoader.runScriptFromFile("inventory-tables.sql"); - log.info("End : Create all missing tables in RedShift"); - - log.info("Start : Create all missing views in RedShift"); - dbLoader.runScriptFromFile("inventory-views.sql"); - log.info("End : Create all missing views in RedShift"); - - log.info("Start : Asset Discovery and File Creation"); - fileGenerator.generateFiles(accounts,skipRegions,filePath); - log.info("End : Asset Discovery and File Creation"); - - log.info("Start : Backup Current Files"); - s3Uploader.backUpFiles(s3Bucket, s3Region, s3Data, s3Processed+ File.separator+ new SimpleDateFormat("yyyyMMdd-HHmmss").format(new Date())); - log.info("End : Backup Current Files"); - - log.info("Start : Upload Files to S3"); - s3Uploader.uploadFiles(s3Bucket,s3Data,s3Region,filePath); - log.info("End : Upload Files to S3"); - - log.info("Start : Load Redshift Tables"); - dbLoader.loadFilesToRedshift(s3Bucket,s3Data); - log.info("End : Load Redshift Tables"); - - - }catch(Exception e){ - log.fatal("Asset Discovery Failed" + e); - } - } - - - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory; + +import java.text.SimpleDateFormat; +import java.util.Arrays; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import com.tmobile.cso.pacman.inventory.dao.RDSDBManager; +import com.tmobile.cso.pacman.inventory.file.AssetFileGenerator; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.S3Uploader; + +/** + * The Class InventoryFetchOrchestrator. + */ +@Component +public class InventoryFetchOrchestrator { + + + /** The target types. */ + @Value("${accountinfo:}") + private String accountInfo; + + @Value("${region.ignore}") + private String skipRegions; + + @Value("${s3}") + private String s3Bucket ; + + @Value("${s3.data}") + private String s3Data ; + + @Value("${s3.processed}") + private String s3Processed ; + + @Value("${s3.region}") + private String s3Region ; + + @Value("${file.path}") + private String filePath ; + + /** The accounts. */ + private List> accounts; + + /** The file generator. */ + @Autowired + AssetFileGenerator fileGenerator; + + /** The s 3 uploader. */ + @Autowired + S3Uploader s3Uploader; + + /** The s 3 uploader. */ + @Autowired + RDSDBManager rdsDBManager; + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(InventoryFetchOrchestrator.class); + + /** + * Instantiates a new inventory fetch orchestrator. + * + * @param accountInfo the account info + */ + + private void fetchAccountInfo() { + String accountQuery = "SELECT accountId,accountName,STATUS FROM cf_Aws_Accounts where status = 'onboarded'"; + + // Check DB if account information is available in DB. + + if( accountInfo == null || "".equals(accountInfo)){ + accounts = rdsDBManager.executeQuery(accountQuery); + }else{ + String accountlist = Arrays.asList(accountInfo.split(",")).stream().collect(Collectors.joining("','")); + accounts = rdsDBManager.executeQuery(accountQuery +" AND accountid IN ('"+ accountlist+ "')"); + } + // No info from DB. Okay lets use what parameter we get. + if(accounts.isEmpty()){ + String[] accountArray = accountInfo.split(","); + for(String account : accountArray){ + Map accountMap = new HashMap<>(); + accountMap.put(InventoryConstants.ACCOUNT_ID,account); + accountMap.put(InventoryConstants.ACCOUNT_NAME,""); + accounts.add(accountMap); + } + } + } + + /** + * Orchestrate. + * @return + */ + public Map orchestrate(){ + + try{ + fetchAccountInfo(); + log.info("Inventory Fetch requested for Accounts {}",accounts); + log.info("Start : Asset Discovery and File Creation"); + fileGenerator.generateFiles(accounts,skipRegions,filePath); + log.info("End : Asset Discovery and File Creation"); + + log.info("Start : Backup Current Files"); + s3Uploader.backUpFiles(s3Bucket, s3Region, s3Data, s3Processed+ "/"+ new SimpleDateFormat("yyyyMMdd-HHmmss").format(new Date())); + log.info("End : Backup Current Files"); + + log.info("Start : Upload Files to S3"); + s3Uploader.uploadFiles(s3Bucket,s3Data,s3Region,filePath); + log.info("End : Upload Files to S3"); + + }catch(Exception e){ + log.error("Asset Discovery Failed" , e); + } + + return ErrorManageUtil.formErrorCode(); + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/auth/CredentialProvider.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/auth/CredentialProvider.java index 2e15302d5..2192e2c4d 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/auth/CredentialProvider.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/auth/CredentialProvider.java @@ -1,109 +1,109 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.auth; - -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Component; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicAWSCredentials; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.services.securitytoken.AWSSecurityTokenService; -import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; -import com.amazonaws.services.securitytoken.model.AssumeRoleRequest; -import com.amazonaws.services.securitytoken.model.AssumeRoleResult; - - -/** - * The Class CredentialProvider. - */ -@Component -public class CredentialProvider { - - /** The base account. */ - @Value("${base-account}") - private String baseAccount; - - @Value("${base-region}") - private String baseRegion; - - /** The dev mode. */ - private static boolean devMode = System.getProperty("PIC_DEV_MODE")==null?false:true; - - /** - * Gets the credentials. - * - * @param account the account - * @param roleName the role name - * @return the credentials - */ - public BasicSessionCredentials getCredentials(String account,String roleName){ - - BasicSessionCredentials baseAccntCreds = getBaseAccountCredentials(roleName); - if(baseAccount.equals(account)){ - return baseAccntCreds; - } - AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard().withCredentials( new AWSStaticCredentialsProvider(baseAccntCreds)).withRegion(baseRegion); - AWSSecurityTokenService stsClient = stsBuilder.build(); - AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(account,roleName)).withRoleSessionName("pic-ro-"+account); - AssumeRoleResult assumeResult = stsClient.assumeRole(assumeRequest); - return new BasicSessionCredentials( - assumeResult.getCredentials() - .getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), - assumeResult.getCredentials().getSessionToken()); - } - - /** - * Gets the base account credentials. - * - * @param roleName the role name - * @return the base account credentials - */ - private BasicSessionCredentials getBaseAccountCredentials (String roleName){ - if(devMode){ - String accessKey = System.getProperty("ACCESS_KEY"); - String secretKey = System.getProperty("SECRET_KEY"); - BasicAWSCredentials awsCreds = new BasicAWSCredentials(accessKey, secretKey); - AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard().withCredentials( new AWSStaticCredentialsProvider(awsCreds)).withRegion(baseRegion); - AWSSecurityTokenService sts = stsBuilder.build(); - AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(baseAccount,roleName)).withRoleSessionName("pic-base-ro"); - AssumeRoleResult assumeResult = sts.assumeRole(assumeRequest); - return new BasicSessionCredentials( - assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), - assumeResult.getCredentials().getSessionToken()); - - } - else{ - AWSSecurityTokenService sts = AWSSecurityTokenServiceClientBuilder.defaultClient(); - AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(baseAccount,roleName)).withRoleSessionName("pic-base-ro"); - AssumeRoleResult assumeResult = sts.assumeRole(assumeRequest); - return new BasicSessionCredentials( - assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), - assumeResult.getCredentials().getSessionToken()); - } - } - - /** - * Gets the role arn. - * - * @param accout the accout - * @param role the role - * @return the role arn - */ - private String getRoleArn(String accout, String role){ - return "arn:aws:iam::"+accout+":role/"+role; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.auth; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicAWSCredentials; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.services.securitytoken.AWSSecurityTokenService; +import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; +import com.amazonaws.services.securitytoken.model.AssumeRoleRequest; +import com.amazonaws.services.securitytoken.model.AssumeRoleResult; + + +/** + * The Class CredentialProvider. + */ +@Component +public class CredentialProvider { + + /** The base account. */ + @Value("${base.account}") + private String baseAccount ; + + @Value("${base.region}") + private String baseRegion ; + + /** The dev mode. */ + private static boolean devMode = System.getProperty("PIC_DEV_MODE")==null?false:true; + + /** + * Gets the credentials. + * + * @param account the account + * @param roleName the role name + * @return the credentials + */ + public BasicSessionCredentials getCredentials(String account,String roleName){ + + BasicSessionCredentials baseAccntCreds = getBaseAccountCredentials(baseAccount,baseRegion,roleName); + if(baseAccount.equals(account)){ + return baseAccntCreds; + } + AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard().withCredentials( new AWSStaticCredentialsProvider(baseAccntCreds)).withRegion(baseRegion); + AWSSecurityTokenService stsClient = stsBuilder.build(); + AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(account,roleName)).withRoleSessionName("pic-ro-"+account); + AssumeRoleResult assumeResult = stsClient.assumeRole(assumeRequest); + return new BasicSessionCredentials( + assumeResult.getCredentials() + .getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), + assumeResult.getCredentials().getSessionToken()); + } + + /** + * Gets the base account credentials. + * + * @param roleName the role name + * @return the base account credentials + */ + private BasicSessionCredentials getBaseAccountCredentials (String baseAccount, String baseRegion,String roleName){ + if(devMode){ + String accessKey = System.getProperty("ACCESS_KEY"); + String secretKey = System.getProperty("SECRET_KEY"); + BasicAWSCredentials awsCreds = new BasicAWSCredentials(accessKey, secretKey); + AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard().withCredentials( new AWSStaticCredentialsProvider(awsCreds)).withRegion(baseRegion); + AWSSecurityTokenService sts = stsBuilder.build(); + AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(baseAccount,roleName)).withRoleSessionName("pic-base-ro"); + AssumeRoleResult assumeResult = sts.assumeRole(assumeRequest); + return new BasicSessionCredentials( + assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), + assumeResult.getCredentials().getSessionToken()); + + } + else{ + AWSSecurityTokenService sts = AWSSecurityTokenServiceClientBuilder.defaultClient(); + AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(baseAccount,roleName)).withRoleSessionName("pic-base-ro"); + AssumeRoleResult assumeResult = sts.assumeRole(assumeRequest); + return new BasicSessionCredentials( + assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), + assumeResult.getCredentials().getSessionToken()); + } + } + + /** + * Gets the role arn. + * + * @param accout the accout + * @param role the role + * @return the role arn + */ + private String getRoleArn(String accout, String role){ + return "arn:aws:iam::"+accout+":role/"+role; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/config/ConfigUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/config/ConfigUtil.java new file mode 100644 index 000000000..355e53ba0 --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/config/ConfigUtil.java @@ -0,0 +1,68 @@ +package com.tmobile.cso.pacman.inventory.config; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.util.Util; + +public class ConfigUtil { + + private static Logger log = LoggerFactory.getLogger(ConfigUtil.class); + + private static String configUrl = System.getenv("CONFIG_URL"); + + public static void setConfigProperties() throws Exception { + Properties properties = new Properties(); + properties.putAll(System.getProperties()); + properties.putAll(fetchConfigProperties()); + System.setProperties(properties); + } + + @SuppressWarnings("unchecked") + public static Map fetchConfigProperties() throws Exception { + + Map properties = new HashMap<>(); + String base64Creds = System.getProperty("config_creds"); + + ObjectMapper objectMapper = new ObjectMapper(); + try { + Map appProps = new HashMap<>(); + Map batchProps = new HashMap<>(); + Map invProps = new HashMap<>(); + Map response = objectMapper.readValue(Util.httpGetMethodWithHeaders(configUrl, Util.getHeader(base64Creds)), new TypeReference>(){}); + List> propertySources = (List>)response.get("propertySources"); + for(Map propertySource : propertySources) { + if(propertySource.get(InventoryConstants.NAME).toString().contains(InventoryConstants.APPLICATION)) { + appProps.putAll((Map)propertySource.get(InventoryConstants.SOURCE)); + } + if(propertySource.get(InventoryConstants.NAME).toString().contains(InventoryConstants.BATCH)) { + batchProps.putAll((Map)propertySource.get(InventoryConstants.SOURCE)); + } + if(propertySource.get(InventoryConstants.NAME).toString().contains(InventoryConstants.INVENTORY)) { + invProps.putAll((Map)propertySource.get(InventoryConstants.SOURCE)); + } + properties.putAll(appProps); + properties.putAll(batchProps); + properties.putAll(invProps); + } + } catch (Exception e) { + log.error("Error in fetchConfigProperties",e); + throw e; + } + if(properties.isEmpty()){ + throw new Exception("No config properties fetched from "+configUrl); + } + + log.info("Config are feteched from {}",configUrl); + properties.forEach((k,v)-> log.debug(" {} : {} ",k,v)); + return properties; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/DBLoader.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/DBLoader.java deleted file mode 100644 index e7e8a6ee5..000000000 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/DBLoader.java +++ /dev/null @@ -1,152 +0,0 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.dao; - -import java.io.BufferedReader; -import java.io.DataInputStream; -import java.io.IOException; -import java.io.InputStreamReader; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.core.io.Resource; -import org.springframework.core.io.ResourceLoader; -import org.springframework.stereotype.Component; - -import com.amazonaws.auth.BasicSessionCredentials; -import com.tmobile.cso.pacman.inventory.InventoryFetchOrchestrator; -import com.tmobile.cso.pacman.inventory.auth.CredentialProvider; - - -/** - * The Class DBLoader. - */ -@Component -public class DBLoader { - - /** The resource loader. */ - @Autowired - private ResourceLoader resourceLoader; - - /** The file tableinfo. */ - @Value("${file-tableinfo}") - private String fileTableinfo; - - /** The account. */ - @Value("${base-account}") - private String account; - - /** The thread count. */ - @Value("${file-load-threads}") - private int threadCount; - - /** The role name. */ - @Value("${s3-role}") - private String roleName; - - /** The cred provider. */ - @Autowired - CredentialProvider credProvider; - - /** The log. */ - private static Logger log = LogManager.getLogger(InventoryFetchOrchestrator.class); - - /** - * Load files to redshift. - * - * @param s3Bucket the s 3 bucket - * @param folder the folder - */ - public void loadFilesToRedshift(String s3Bucket, String folder){ - BasicSessionCredentials credentials = credProvider.getCredentials(account,roleName); - String accessKey = credentials.getAWSAccessKeyId(); - String secretKey = credentials.getAWSSecretKey(); - String sessionToken = credentials.getSessionToken(); - - String[] fileTableInfo = fileTableinfo.split(","); - String[] fileTable ; - ExecutorService executor = Executors.newFixedThreadPool(threadCount); - for(String fileTableStr :fileTableInfo){ - fileTable = fileTableStr.split(":"); - String file = fileTable[0].trim(); - String table = fileTable[1].trim(); - executor.execute(()->{ - - try{ - log.debug(" Loading "+file +" >> "+table); - String query = createCopyQuery(table,s3Bucket,folder,file,accessKey,secretKey,sessionToken); - DBManager.executeUpdate(query); - log.debug(" Finished Loading "+file +" >> "+table); - }catch(Exception e) { - log.fatal("{\"errcode\": \"REDSHIFT_LOAD_ERR\" ,\"account\": \"ANY\",\"Message\": \"Exception in loading redshfit table :"+table+"\", \"cause\":\"" +e.getMessage()+"\"}") ; - } - }); - } - executor.shutdown(); - while(!executor.isTerminated()){ - - } - - } - - /** - * Creates the copy query. - * - * @param tableName the table name - * @param s3Bucket the s 3 bucket - * @param folder the folder - * @param fileName the file name - * @param accessKey the access key - * @param secretKey the secret key - * @param sessionToken the session token - * @return the string - */ - private String createCopyQuery(String tableName,String s3Bucket,String folder, String fileName,String accessKey, String secretKey,String sessionToken){ - String queryTemplate = "copy %s from 's3://%s/%s/%s' IGNOREHEADER AS 1 DELIMITER '`' ACCESS_KEY_ID '%s' SECRET_ACCESS_KEY '%s' SESSION_TOKEN '%s'"; - return String.format(queryTemplate, tableName,s3Bucket,folder,fileName,accessKey,secretKey,sessionToken); - } - - /** - * Run script from file. - * - * @param fileName the file name - */ - public void runScriptFromFile(String fileName) { - StringBuilder stringBuilder = new StringBuilder(); - - try { - final Resource fileResource = resourceLoader.getResource("classpath:"+fileName); - - DataInputStream in = new DataInputStream(fileResource.getInputStream()); - BufferedReader br = new BufferedReader(new InputStreamReader(in)); - String strLine = null; - - while ((strLine = br.readLine()) != null) { - stringBuilder.append(strLine); - } - in.close(); - } catch (IOException e) { - log.debug("Unable to create required tables!"); - } - DBManager.executeUpdate(stringBuilder.toString()); - - } - -} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/DBManager.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/DBManager.java deleted file mode 100644 index 67eebf81c..000000000 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/DBManager.java +++ /dev/null @@ -1,164 +0,0 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.dao; - -import java.sql.Connection; -import java.sql.DriverManager; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; -import java.sql.SQLException; -import java.sql.Statement; -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.tmobile.cso.pacman.inventory.InventoryConstants; -import com.tmobile.cso.pacman.inventory.util.Util; - - -/** - * The Class DBManager. - */ -public class DBManager { - - /** The log. */ - private static Logger log = LogManager.getLogger(DBManager.class); - - /** - * Instantiates a new DB manager. - */ - private DBManager(){} - - /** The Constant DBURL. */ - private static final String DBURL = System.getenv("REDSHIFT_URL"); - - /** The Constant MASTERUSERNAME. */ - private static final String MASTERUSERNAME = Util.base64Decode(System.getenv("REDSHIFT_INFO")).split(":")[0] ; - - /** The Constant MASTERUSERPASSWORD. */ - private static final String MASTERUSERPASSWORD = Util.base64Decode(System.getenv("REDSHIFT_INFO")).split(":")[1]; - - /** - * Gets the connection. - * - * @return the connection - * @throws ClassNotFoundException the class not found exception - * @throws SQLException the SQL exception - */ - private static Connection getConnection() throws ClassNotFoundException, SQLException { - Connection conn = null; - Class.forName("com.amazon.redshift.jdbc42.Driver"); - Properties props = new Properties(); - - props.setProperty("user", MASTERUSERNAME); - props.setProperty("password", MASTERUSERPASSWORD); - conn = DriverManager.getConnection(DBURL, props); - return conn ; - } - - - /** - * Execute query. - * - * @param query the query - * @return the list - */ - public static List> executeQuery(String query){ - List > results = new ArrayList<>(); - Connection conn = null; - Statement stmt = null; - ResultSet rs = null; - try{ - conn = getConnection(); - stmt = conn.createStatement(); - rs = stmt.executeQuery(query); - ResultSetMetaData rsmd = rs.getMetaData(); - int columnCount = rsmd.getColumnCount(); - while(rs.next()){ - Map data = new LinkedHashMap<>(); - for(int i=1;i<=columnCount;i++){ - data.put(rsmd.getColumnName(i), rs.getString(i)); - } - results.add(data); - } - rs.close(); - stmt.close(); - conn.close(); - }catch(Exception ex){ - log.error(InventoryConstants.ERROR_EXECUTEQUERY,ex); - }finally{ - try{ - if(rs!=null) - rs.close(); - }catch(Exception ex){ - log.error(InventoryConstants.ERROR_EXECUTEQUERY,ex); - } - try{ - if(stmt!=null) - stmt.close(); - }catch(Exception ex){ - log.error(InventoryConstants.ERROR_EXECUTEQUERY,ex); - }// nothing we can do - try{ - if(conn!=null) - conn.close(); - }catch(Exception ex){ - log.error(InventoryConstants.ERROR_EXECUTEQUERY,ex); - } - } - return results; - } - - /** - * Execute update. - * - * @param query the query - */ - public static void executeUpdate(String query){ - - Connection conn = null; - Statement stmt = null; - try{ - conn = getConnection(); - stmt = conn.createStatement(); - stmt.executeUpdate(query); - - stmt.close(); - conn.close(); - }catch(Exception ex){ - log.error(InventoryConstants.ERROR_EXECUTEUPDATE,ex); - }finally{ - - try{ - if(stmt!=null) - stmt.close(); - }catch(Exception ex){ - log.error(InventoryConstants.ERROR_EXECUTEUPDATE,ex); - }// nothing we can do - try{ - if(conn!=null) - conn.close(); - }catch(Exception ex){ - log.error(InventoryConstants.ERROR_EXECUTEUPDATE,ex); - } - } - } -} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/RDSDBManager.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/RDSDBManager.java new file mode 100644 index 000000000..68fa619aa --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/dao/RDSDBManager.java @@ -0,0 +1,90 @@ +package com.tmobile.cso.pacman.inventory.dao; + +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.ResultSet; +import java.sql.ResultSetMetaData; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + + +/** + * The Class RDSDBManager. + */ +@Component +public class RDSDBManager { + + /** The Constant dbURL. */ + @Value("${spring.datasource.url}") + private String dbUrl ; + + @Value("${spring.datasource.username}") + private String dbUser ; + + @Value("${spring.datasource.password}") + private String dbPassword ; + + private static Logger log = LoggerFactory.getLogger(RDSDBManager.class); + + + /** + * Gets the connection. + * + * @return the connection + * @throws ClassNotFoundException + * the class not found exception + * @throws SQLException + * the SQL exception + */ + private Connection getConnection() throws ClassNotFoundException, SQLException { + Connection conn = null; + Class.forName("com.mysql.jdbc.Driver"); + Properties props = new Properties(); + + props.setProperty("user", dbUser); + props.setProperty("password", dbPassword); + conn = DriverManager.getConnection(dbUrl, props); + + return conn; + } + + /** + * Execute query. + * + * @param query + * the query + * @return the list + */ + public List> executeQuery(String query) { + List> results = new ArrayList<>(); + try( + Connection conn = getConnection(); + Statement stmt = conn.createStatement(); + ResultSet rs = stmt.executeQuery(query);){ + ResultSetMetaData rsmd = rs.getMetaData(); + int columnCount = rsmd.getColumnCount(); + Map data; + while (rs.next()) { + data = new LinkedHashMap<>(); + for (int i = 1; i <= columnCount; i++) { + data.put(rsmd.getColumnName(i), rs.getString(i)); + } + results.add(data); + } + } catch (Exception ex) { + log.error("Error Executing Query",ex); + } + return results; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/AssetFileGenerator.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/AssetFileGenerator.java index 014be3496..9e6aaf88a 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/AssetFileGenerator.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/AssetFileGenerator.java @@ -1,861 +1,930 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.file; - -import java.io.IOException; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Component; - -import com.amazonaws.auth.BasicSessionCredentials; -import com.tmobile.cso.pacman.inventory.auth.CredentialProvider; -import com.tmobile.cso.pacman.inventory.util.ASGInventoryUtil; -import com.tmobile.cso.pacman.inventory.util.DirectConnectionInventoryUtil; -import com.tmobile.cso.pacman.inventory.util.EC2InventoryUtil; -import com.tmobile.cso.pacman.inventory.util.ESInventoryUtil; -import com.tmobile.cso.pacman.inventory.util.ElastiCacheUtil; -import com.tmobile.cso.pacman.inventory.util.InventoryUtil; -import com.tmobile.cso.pacman.inventory.util.SNSInventoryUtil; -import com.tmobile.cso.pacman.inventory.vo.BucketVH; -import com.tmobile.cso.pacman.inventory.vo.CheckVH; - - -/** - * The Class AssetFileGenerator. - */ -@Component -public class AssetFileGenerator { - - /** The log. */ - private static Logger log = LogManager.getLogger(AssetFileGenerator.class); - - /** The cred provider. */ - @Autowired - CredentialProvider credProvider; - - /** The role name. */ - @Value("${discovery-role}") - private String roleName; - - /** The target types. */ - @Value("${target-types:}") - private String targetTypes; - - /** - * Generate files. - * - * @param accounts the accounts - * @param skipRegions the skip regions - * @param filePath the file path - */ - public void generateFiles(Set accounts,String skipRegions,String filePath){ - try { - FileManager.initialise(filePath); - ErrorManageUtil.initialise(); - } catch (IOException e1) { - log.error(e1); - } - Iterator it = accounts.iterator(); - - while(it.hasNext()){ - String account = it.next(); - - log.info("Started Discovery for account "+ account); - BasicSessionCredentials tempCredentials = null; - try{ - tempCredentials = credProvider.getCredentials(account,roleName); - }catch(Exception e){ - log.fatal("{\"errcode\":\"NO_CRED\" , \"account\":\""+account +"\", \"Message\":\"Error getting credentials for account "+account +"\" , \"cause\":\"" +e.getMessage()+"\"}"); - continue; - } - final BasicSessionCredentials temporaryCredentials = tempCredentials; - String expPrefix = "{\"errcode\": \"NO_RES\" ,\"account\": \""+account + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"" ; - String infoPrefix = "Fetching for Account : "+account + " Type : "; - - ExecutorService executor = Executors.newCachedThreadPool(); - - executor.execute(() -> - { - if(!(isTypeInScope("ec2"))) { - return; - } - try{ - log.info(infoPrefix + "EC2"); - FileManager.generateInstanceFiles(InventoryUtil.fetchInstances(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EC2\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "ec2", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("asg"))) { - return; - } - try{ - log.info(infoPrefix + "ASG"); - FileManager.generateAsgFiles(InventoryUtil.fetchAsg(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "ASG\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "asg", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("stack"))) { - return; - } - try{ - log.info(infoPrefix + "Cloud Formation Stack"); - FileManager.generateCloudFormationStackFiles(InventoryUtil.fetchCloudFormationStack(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Stack\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "stack", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("dynamodb"))) { - return; - } - try{ - log.info(infoPrefix + "DynamoDB"); - FileManager.generateDynamoDbFiles(InventoryUtil.fetchDynamoDBTables(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "DynamoDB\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "dynamodb", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("efs"))) { - return; - } - try{ - log.info(infoPrefix + "EFS"); - FileManager.generateEfsFiles(InventoryUtil.fetchEFSInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EFS\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "efs", e.getMessage()); - } - }); - - - executor.execute(() -> - { - if(!(isTypeInScope("emr"))) { - return; - } - try{ - log.info(infoPrefix + "EMR"); - FileManager.generateEmrFiles(InventoryUtil.fetchEMRInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EMR\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "emr", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("lambda"))) { - return; - } - try{ - log.info(infoPrefix + "Lambda"); - FileManager.generateLamdaFiles(InventoryUtil.fetchLambdaInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Lambda\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "lambda", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("classicelb"))) { - return; - } - try{ - log.info(infoPrefix + "Classic ELB"); - FileManager.generateClassicElbFiles( InventoryUtil.fetchClassicElbInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Classic ELB\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "classicelb", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("appelb"))) { - return; - } - try{ - log.info(infoPrefix + "Application ELB"); - FileManager.generateApplicationElbFiles(InventoryUtil.fetchElbInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Application ELB\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "appelb", e.getMessage()); - } - }); - - - executor.execute(() -> - { - if(!(isTypeInScope("targetgroup"))) { - return; - } - try{ - log.info(infoPrefix + "Target Group"); - FileManager.generateTargetGroupFiles(InventoryUtil.fetchTargetGroups(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Target Group\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "targergroup", e.getMessage()); - } - }); - - - - executor.execute(() -> - { - if(!(isTypeInScope("nat"))) { - return; - } - - try{ - log.info(infoPrefix + "Nat Gateway"); - FileManager.generateNatGatewayFiles(InventoryUtil.fetchNATGatewayInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Nat Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "nat", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("rdsdb"))) { - return; - } - - try{ - log.info(infoPrefix + "RDS Instance"); - FileManager.generateRDSInstanceFiles(InventoryUtil.fetchRDSInstanceInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "RDS Instance\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "rdsdb", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("rdscluster"))) { - return; - } - - try{ - log.info(infoPrefix + "RDS Cluster"); - FileManager.generateRDSClusterFiles(InventoryUtil.fetchRDSClusterInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "RDS Cluster\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "rdscluster", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("s3"))) { - return; - } - - try{ - log.info(infoPrefix + "S3"); - Map> s3Map = new HashMap<>(); - s3Map.put(account,InventoryUtil.fetchS3Info(temporaryCredentials, skipRegions,account)); - FileManager.generateS3Files(s3Map); - }catch(Exception e){ - log.error(expPrefix+ "S3\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "s3", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("eni"))) { - return; - } - - try{ - log.info(infoPrefix + "Network Interface"); - FileManager.generateNwInterfaceFiles(InventoryUtil.fetchNetworkIntefaces(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Network Interface\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "eni", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("sg"))) { - return; - } - - try{ - log.info(infoPrefix + "Security Group"); - FileManager.generateSecGroupFile(InventoryUtil.fetchSecurityGroups(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Security Group\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "sg", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("subnet"))) { - return; - } - - try{ - log.info(infoPrefix + "Subnet"); - FileManager.generateSubnetFiles(InventoryUtil.fetchSubnets(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Subnet\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "subnet", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("checks"))) { - return; - } - - try{ - log.info(infoPrefix + "Trusted Advisor Check"); - Map> checkMap = new HashMap<>(); - checkMap.put(account,InventoryUtil.fetchTrusterdAdvisorsChecks(temporaryCredentials,account)); - FileManager.generateTrustedAdvisorFiles(checkMap); - }catch(Exception e){ - log.error(expPrefix+ "Trusted Advisor Check\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "checks", e.getMessage()); - } - }); - - - executor.execute(() -> - { - if(!(isTypeInScope("redshift"))) { - return; - } - - try{ - log.info(infoPrefix + "Redshift"); - FileManager.generateRedshiftFiles(InventoryUtil.fetchRedshiftInfo(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Redshift\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "redshift", e.getMessage()); } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("volume"))) { - return; - } - - try{ - log.info(infoPrefix + "Volume"); - FileManager.generatefetchVolumeFiles(InventoryUtil.fetchVolumetInfo(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Volume\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "volume", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("snapshot"))) { - return; - } - - try{ - log.info(infoPrefix + "Snapshot"); - FileManager.generateSnapshotFiles(InventoryUtil.fetchSnapshots(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "Snapshot\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "snapshot", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("vpc"))) { - return; - } - - try{ - log.info(infoPrefix + "VPC"); - FileManager.generateVpcFiles(InventoryUtil.fetchVpcInfo(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "VPC\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "vpc", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("api"))) { - return; - } - - try{ - log.info(infoPrefix + "ApiGateway"); - FileManager.generateApiGatewayFiles(InventoryUtil.fetchApiGateways(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "API\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "api", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("iamuser"))) { - return; - } - - try{ - log.info(infoPrefix + "IAM User"); - FileManager.generateIamUserFiles(InventoryUtil.fetchIAMUsers(temporaryCredentials,account)); - }catch(Exception e){ - log.error(expPrefix+ "iAM muser\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "iamuser", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("rdssnapshot"))) { - return; - } - - try{ - log.info(infoPrefix + "RDS Snapshot"); - FileManager.generateRDSSnapshotFiles(InventoryUtil.fetchRDSDBSnapshots(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "RDS Snapshot\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "rdssnapshot", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("iamrole"))) { - return; - } - - try{ - log.info(infoPrefix + "IAM Roles"); - FileManager.generateIamRoleFiles(InventoryUtil.fetchIAMRoles(temporaryCredentials,account)); - }catch(Exception e){ - log.error(expPrefix+ "IAM Roles\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "iamrole", e.getMessage()); - } - }); - - - executor.execute(() -> - { - if(!(isTypeInScope("kms"))) { - return; - } - - try{ - log.info(infoPrefix + "KMS"); - FileManager.generateKMSFiles(InventoryUtil.fetchKMSKeys(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "KMS\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "kms", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("cloudfront"))) { - return; - } - - try{ - log.info(infoPrefix + "CloudFront"); - FileManager.generateCloudFrontFiles(InventoryUtil.fetchCloudFrontInfo(temporaryCredentials,account)); - }catch(Exception e){ - log.error(expPrefix+ "CloudFront\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "cloudfront", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("beanstalk"))) { - return; - } - - try{ - log.info(infoPrefix + "EBS"); - FileManager.generateEBSFiles(InventoryUtil.fetchEBSInfo(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EBS\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "beanstalk", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("phd"))) { - return; - } - - try{ - log.info(infoPrefix + "PHD"); - FileManager.generatePHDFiles(InventoryUtil.fetchPHDInfo(temporaryCredentials,account)); - }catch(Exception e){ - log.error(expPrefix+ "PHD\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "phd", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("routetable"))) { - return; - } - - try{ - log.info(infoPrefix + "EC2 Route table"); - FileManager.generateEC2RouteTableFiles(EC2InventoryUtil.fetchRouteTables(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EC2 Route table\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "routetable", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("networkacl"))) { - return; - } - - try{ - log.info(infoPrefix + "EC2 Network Acl"); - FileManager.generateNetworkAclFiles(EC2InventoryUtil.fetchNetworkACL(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EC2 Network Acl\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "networkacl", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("elasticip"))) { - return; - } - - try{ - log.info(infoPrefix + "EC2 Elastic IP"); - FileManager.generateElasticIPFiles(EC2InventoryUtil.fetchElasticIPAddresses(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EC2 Elastic IP\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "elasticip", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("launchconfig"))) { - return; - } - - try{ - log.info(infoPrefix + "ASG Launch Configurations"); - FileManager.generateLaunchConfigurationsFiles(ASGInventoryUtil.fetchLaunchConfigurations(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "ASG Launch Configurations\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "launchconfig", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("internetgw"))) { - return; - } - - try{ - log.info(infoPrefix + "EC2 Internet Gateway"); - FileManager.generateInternetGatewayFiles(EC2InventoryUtil.fetchInternetGateway(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EC2 Internet Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "internetgw", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("vpngw"))) { - return; - } - - try{ - log.info(infoPrefix + "EC2 Vpn Gateway"); - FileManager.generateVPNGatewayFiles(EC2InventoryUtil.fetchVPNGateway(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "EC2 Vpn Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "vpngw", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("asgpolicy"))) { - return; - } - - try{ - log.info(infoPrefix + "ASG Scaling Policy"); - FileManager.generateScalingPolicies(ASGInventoryUtil.fetchScalingPolicies(temporaryCredentials,skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "ASG Scaling Policy\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "asgpolicy", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("snstopic"))) { - return; - } - - try{ - log.info(infoPrefix + "SNS Topics"); - FileManager.generateSNSTopics(SNSInventoryUtil.fetchSNSTopics(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "SNS Topics\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "snstopic", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("egressgateway"))) { - return; - } - - try{ - log.info(infoPrefix + "Egress Gateway"); - FileManager.generateEgressGateway(EC2InventoryUtil.fetchEgressGateway(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "Egress Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "egressgateway", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("dhcpoption"))) { - return; - } - - try{ - log.info(infoPrefix + "Dhcp Options"); - FileManager.generateDhcpOptions(EC2InventoryUtil.fetchDHCPOptions(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "Dhcp Options\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "dhcpoption", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("peeringconnection"))) { - return; - } - - try{ - log.info(infoPrefix + "Peering Connections"); - FileManager.generatePeeringConnections(EC2InventoryUtil.fetchPeeringConnections(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "Peering Connections\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "peeringconnection", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("customergateway"))) { - return; - } - - try{ - log.info(infoPrefix + "Customer Gateway"); - FileManager.generateCustomerGateway(EC2InventoryUtil.fetchCustomerGateway(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "Customer Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "customergateway", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("vpnconnection"))) { - return; - } - - try{ - log.info(infoPrefix + "VPN Connection"); - FileManager.generateVpnConnection(EC2InventoryUtil.fetchVPNConnections(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "VPN Connection\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "vpnconnection", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("directconnect"))) { - return; - } - - try{ - log.info(infoPrefix + "Direct Connection"); - FileManager.generateDirectConnection(DirectConnectionInventoryUtil.fetchDirectConnections(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "Direct Connection\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "directconnect", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("virtualinterface"))) { - return; - } - - try{ - log.info(infoPrefix + "Direct Connection Virtual Interfaces"); - FileManager.generateDirectConnectionVirtualInterfaces(DirectConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "Direct Connection Virtual Interfaces\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "virtualinterface", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("elasticsearch"))) { - return; - } - - try{ - log.info(infoPrefix + "ES Domain"); - FileManager.generateESDomain(ESInventoryUtil.fetchESInfo(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "ES Domain\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "elasticsearch", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("reservedInstance"))) { - return; - } - - try{ - log.info(infoPrefix + "reservedInstance"); - FileManager.generateReservedInstances(EC2InventoryUtil.fetchReservedInstances(temporaryCredentials, skipRegions, account)); - }catch(Exception e){ - log.error(expPrefix+ "reservedInstances\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "reserved instances", e.getMessage()); - } - }); - - - executor.execute(() -> - { - if(!(isTypeInScope("ssm"))) { - return; - } - - try{ - log.info(infoPrefix + "ssm"); - FileManager.generateSsmFiles(EC2InventoryUtil.fetchSSMInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "SSM\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "ssm", e.getMessage()); - } - }); - - executor.execute(() -> - { - if(!(isTypeInScope("elasticache"))) { - return; - } - - try{ - log.info(infoPrefix + "elasticache"); - FileManager.generateElastiCacheFiles(ElastiCacheUtil.fetchElastiCacheInfo(temporaryCredentials, skipRegions,account)); - }catch(Exception e){ - log.error(expPrefix+ "elasticache\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account, "", "elasticache", e.getMessage()); - } - }); - - executor.shutdown(); - while (!executor.isTerminated()) { - - } - - log.info("Completed Discovery for account "+ account); - } - - ErrorManageUtil.writeErrorFile(); - } - - /** - * Checks if is type in scope. - * - * @param type the type - * @return true, if is type in scope - */ - private boolean isTypeInScope(String type){ - if("".equals(targetTypes)){ - return true; - }else{ - List targetTypesList = Arrays.asList(targetTypes.split(",")); - return targetTypesList.contains(type); - } - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import java.io.IOException; +import java.util.Arrays; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import com.amazonaws.auth.BasicSessionCredentials; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.auth.CredentialProvider; +import com.tmobile.cso.pacman.inventory.util.ASGInventoryUtil; +import com.tmobile.cso.pacman.inventory.util.DirectConnectionInventoryUtil; +import com.tmobile.cso.pacman.inventory.util.EC2InventoryUtil; +import com.tmobile.cso.pacman.inventory.util.ESInventoryUtil; +import com.tmobile.cso.pacman.inventory.util.ElastiCacheUtil; +import com.tmobile.cso.pacman.inventory.util.InventoryUtil; +import com.tmobile.cso.pacman.inventory.util.KinesisInventoryUtil; +import com.tmobile.cso.pacman.inventory.util.SNSInventoryUtil; + + +/** + * The Class AssetFileGenerator. + */ +@Component +public class AssetFileGenerator { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(AssetFileGenerator.class); + + /** The cred provider. */ + @Autowired + CredentialProvider credProvider; + + /** The target types. */ + @Value("${target-types:}") + private String targetTypes; + + /** The target types. */ + @Value("${discovery.role}") + private String roleName; + + /** The target types. */ + @Value("${ec2.statenames:running,stopped,stopping}") + private String ec2StatenameFilters; + + + /** + * Generate files. + * + * @param accounts the accounts + * @param skipRegions the skip regions + * @param filePath the file path + */ + public void generateFiles(List> accounts,String skipRegions,String filePath){ + + try { + FileManager.initialise(filePath); + ErrorManageUtil.initialise(); + } catch (IOException e1) { + log.error("Error initialising File ",e1); + } + Iterator> it = accounts.iterator(); + + while(it.hasNext()){ + Map account = it.next(); + String accountId = account.get(InventoryConstants.ACCOUNT_ID); + String accountName = account.get(InventoryConstants.ACCOUNT_NAME); + + log.info("Started Discovery for account {}", accountId); + BasicSessionCredentials tempCredentials = null; + try{ + tempCredentials = credProvider.getCredentials(accountId,roleName); + }catch(Exception e){ + log.error("{\"errcode\":\"NO_CRED\" , \"account\":\""+accountId +"\", \"Message\":\"Error getting credentials for account "+accountId +"\" , \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "all", "all", e.getMessage()); + continue; + } + final BasicSessionCredentials temporaryCredentials = tempCredentials; + String expPrefix = "{\"errcode\": \"NO_RES\" ,\"account\": \""+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"" ; + String infoPrefix = "Fetching for Account : "+accountId + " Type : "; + + ExecutorService executor = Executors.newCachedThreadPool(); + + executor.execute(() -> + { + if(!(isTypeInScope("ec2"))) { + return; + } + try{ + log.info(infoPrefix + "EC2"); + FileManager.generateInstanceFiles(InventoryUtil.fetchInstances(temporaryCredentials,skipRegions,accountId,accountName,ec2StatenameFilters)); + }catch(Exception e){ + log.error(expPrefix+ "EC2\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "ec2", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("asg"))) { + return; + } + try{ + log.info(infoPrefix + "ASG"); + FileManager.generateAsgFiles(InventoryUtil.fetchAsg(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "ASG\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "asg", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("stack"))) { + return; + } + try{ + log.info(infoPrefix + "Cloud Formation Stack"); + FileManager.generateCloudFormationStackFiles(InventoryUtil.fetchCloudFormationStack(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Stack\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "stack", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("dynamodb"))) { + return; + } + try{ + log.info(infoPrefix + "DynamoDB"); + FileManager.generateDynamoDbFiles(InventoryUtil.fetchDynamoDBTables(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "DynamoDB\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "dynamodb", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("efs"))) { + return; + } + try{ + log.info(infoPrefix + "EFS"); + FileManager.generateEfsFiles(InventoryUtil.fetchEFSInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "EFS\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "efs", e.getMessage()); + } + }); + + + executor.execute(() -> + { + if(!(isTypeInScope("emr"))) { + return; + } + try{ + log.info(infoPrefix + "EMR"); + FileManager.generateEmrFiles(InventoryUtil.fetchEMRInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "EMR\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "emr", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("lambda"))) { + return; + } + try{ + log.info(infoPrefix + "Lambda"); + FileManager.generateLamdaFiles(InventoryUtil.fetchLambdaInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Lambda\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "lambda", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("classicelb"))) { + return; + } + try{ + log.info(infoPrefix + "Classic ELB"); + FileManager.generateClassicElbFiles( InventoryUtil.fetchClassicElbInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Classic ELB\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "classicelb", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("appelb"))) { + return; + } + try{ + log.info(infoPrefix + "Application ELB"); + FileManager.generateApplicationElbFiles(InventoryUtil.fetchElbInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Application ELB\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "appelb", e.getMessage()); + } + }); + + + executor.execute(() -> + { + if(!(isTypeInScope("targetgroup"))) { + return; + } + try{ + log.info(infoPrefix + "Target Group"); + FileManager.generateTargetGroupFiles(InventoryUtil.fetchTargetGroups(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Target Group\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "targergroup", e.getMessage()); + } + }); + + + + executor.execute(() -> + { + if(!(isTypeInScope("nat"))) { + return; + } + + try{ + log.info(infoPrefix + "Nat Gateway"); + FileManager.generateNatGatewayFiles(InventoryUtil.fetchNATGatewayInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Nat Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "nat", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("rdsdb"))) { + return; + } + + try{ + log.info(infoPrefix + "RDS Instance"); + FileManager.generateRDSInstanceFiles(InventoryUtil.fetchRDSInstanceInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "RDS Instance\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "rdsdb", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("rdscluster"))) { + return; + } + + try{ + log.info(infoPrefix + "RDS Cluster"); + FileManager.generateRDSClusterFiles(InventoryUtil.fetchRDSClusterInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "RDS Cluster\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "rdscluster", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("s3"))) { + return; + } + + try{ + log.info(infoPrefix + "S3"); + FileManager.generateS3Files(InventoryUtil.fetchS3Info(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "S3\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "s3", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("eni"))) { + return; + } + + try{ + log.info(infoPrefix + "Network Interface"); + FileManager.generateNwInterfaceFiles(InventoryUtil.fetchNetworkIntefaces(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Network Interface\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "eni", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("sg"))) { + return; + } + + try{ + log.info(infoPrefix + "Security Group"); + FileManager.generateSecGroupFile(InventoryUtil.fetchSecurityGroups(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Security Group\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "sg", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("subnet"))) { + return; + } + + try{ + log.info(infoPrefix + "Subnet"); + FileManager.generateSubnetFiles(InventoryUtil.fetchSubnets(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Subnet\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "subnet", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("checks"))) { + return; + } + + try{ + log.info(infoPrefix + "Trusted Advisor Check"); + FileManager.generateTrustedAdvisorFiles(InventoryUtil.fetchTrusterdAdvisorsChecks(temporaryCredentials,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Trusted Advisor Check\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "checks", e.getMessage()); + } + }); + + + executor.execute(() -> + { + if(!(isTypeInScope("redshift"))) { + return; + } + + try{ + log.info(infoPrefix + "Redshift"); + FileManager.generateRedshiftFiles(InventoryUtil.fetchRedshiftInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Redshift\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "redshift", e.getMessage()); } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("volume"))) { + return; + } + + try{ + log.info(infoPrefix + "Volume"); + FileManager.generatefetchVolumeFiles(InventoryUtil.fetchVolumetInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Volume\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "volume", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("snapshot"))) { + return; + } + + try{ + log.info(infoPrefix + "Snapshot"); + FileManager.generateSnapshotFiles(InventoryUtil.fetchSnapshots(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Snapshot\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "snapshot", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("vpc"))) { + return; + } + + try{ + log.info(infoPrefix + "VPC"); + FileManager.generateVpcFiles(InventoryUtil.fetchVpcInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "VPC\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "vpc", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("api"))) { + return; + } + + try{ + log.info(infoPrefix + "ApiGateway"); + FileManager.generateApiGatewayFiles(InventoryUtil.fetchApiGateways(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "API\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "api", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("iamuser"))) { + return; + } + + try{ + log.info(infoPrefix + "IAM User"); + FileManager.generateIamUserFiles(InventoryUtil.fetchIAMUsers(temporaryCredentials,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "iAM muser\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "iamuser", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("rdssnapshot"))) { + return; + } + + try{ + log.info(infoPrefix + "RDS Snapshot"); + FileManager.generateRDSSnapshotFiles(InventoryUtil.fetchRDSDBSnapshots(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "RDS Snapshot\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "rdssnapshot", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("iamrole"))) { + return; + } + + try{ + log.info(infoPrefix + "IAM Roles"); + FileManager.generateIamRoleFiles(InventoryUtil.fetchIAMRoles(temporaryCredentials,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "IAM Roles\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "iamrole", e.getMessage()); + } + }); + + + executor.execute(() -> + { + if(!(isTypeInScope("kms"))) { + return; + } + + try{ + log.info(infoPrefix + "KMS"); + FileManager.generateKMSFiles(InventoryUtil.fetchKMSKeys(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "KMS\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "kms", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("cloudfront"))) { + return; + } + + try{ + log.info(infoPrefix + "CloudFront"); + FileManager.generateCloudFrontFiles(InventoryUtil.fetchCloudFrontInfo(temporaryCredentials,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "CloudFront\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "cloudfront", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("beanstalk"))) { + return; + } + + try{ + log.info(infoPrefix + "beanstalk"); + FileManager.generateEBSFiles(InventoryUtil.fetchEBSInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "beanstalk\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "beanstalk", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("phd"))) { + return; + } + + try{ + log.info(infoPrefix + "PHD"); + FileManager.generatePHDFiles(InventoryUtil.fetchPHDInfo(temporaryCredentials,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "PHD\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "phd", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("routetable"))) { + return; + } + + try{ + log.info(infoPrefix + "EC2 Route table"); + FileManager.generateEC2RouteTableFiles(EC2InventoryUtil.fetchRouteTables(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "EC2 Route table\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "routetable", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("networkacl"))) { + return; + } + + try{ + log.info(infoPrefix + "EC2 Network Acl"); + FileManager.generateNetworkAclFiles(EC2InventoryUtil.fetchNetworkACL(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "EC2 Network Acl\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "networkacl", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("elasticip"))) { + return; + } + + try{ + log.info(infoPrefix + "EC2 Elastic IP"); + FileManager.generateElasticIPFiles(EC2InventoryUtil.fetchElasticIPAddresses(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "EC2 Elastic IP\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "elasticip", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("launchconfig"))) { + return; + } + + try{ + log.info(infoPrefix + "ASG Launch Configurations"); + FileManager.generateLaunchConfigurationsFiles(ASGInventoryUtil.fetchLaunchConfigurations(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "ASG Launch Configurations\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "launchconfig", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("internetgw"))) { + return; + } + + try{ + log.info(infoPrefix + "EC2 Internet Gateway"); + FileManager.generateInternetGatewayFiles(EC2InventoryUtil.fetchInternetGateway(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "EC2 Internet Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "internetgw", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("vpngw"))) { + return; + } + + try{ + log.info(infoPrefix + "EC2 Vpn Gateway"); + FileManager.generateVPNGatewayFiles(EC2InventoryUtil.fetchVPNGateway(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "EC2 Vpn Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "vpngw", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("asgpolicy"))) { + return; + } + + try{ + log.info(infoPrefix + "ASG Scaling Policy"); + FileManager.generateScalingPolicies(ASGInventoryUtil.fetchScalingPolicies(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "ASG Scaling Policy\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "asgpolicy", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("snstopic"))) { + return; + } + + try{ + log.info(infoPrefix + "SNS Topics"); + FileManager.generateSNSTopics(SNSInventoryUtil.fetchSNSTopics(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "SNS Topics\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "snstopic", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("egressgateway"))) { + return; + } + + try{ + log.info(infoPrefix + "Egress Gateway"); + FileManager.generateEgressGateway(EC2InventoryUtil.fetchEgressGateway(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Egress Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "egressgateway", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("dhcpoption"))) { + return; + } + + try{ + log.info(infoPrefix + "Dhcp Options"); + FileManager.generateDhcpOptions(EC2InventoryUtil.fetchDHCPOptions(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Dhcp Options\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "dhcpoption", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("peeringconnection"))) { + return; + } + + try{ + log.info(infoPrefix + "Peering Connections"); + FileManager.generatePeeringConnections(EC2InventoryUtil.fetchPeeringConnections(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Peering Connections\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "peeringconnection", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("customergateway"))) { + return; + } + + try{ + log.info(infoPrefix + "Customer Gateway"); + FileManager.generateCustomerGateway(EC2InventoryUtil.fetchCustomerGateway(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Customer Gateway\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "customergateway", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("vpnconnection"))) { + return; + } + + try{ + log.info(infoPrefix + "VPN Connection"); + FileManager.generateVpnConnection(EC2InventoryUtil.fetchVPNConnections(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "VPN Connection\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "vpnconnection", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("directconnect"))) { + return; + } + + try{ + log.info(infoPrefix + "Direct Connection"); + FileManager.generateDirectConnection(DirectConnectionInventoryUtil.fetchDirectConnections(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Direct Connection\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "directconnect", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("virtualinterface"))) { + return; + } + + try{ + log.info(infoPrefix + "Direct Connection Virtual Interfaces"); + FileManager.generateDirectConnectionVirtualInterfaces(DirectConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "Direct Connection Virtual Interfaces\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "virtualinterface", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("elasticsearch"))) { + return; + } + + try{ + log.info(infoPrefix + "ES Domain"); + FileManager.generateESDomain(ESInventoryUtil.fetchESInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "ES Domain\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "elasticsearch", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("reservedinstance"))) { + return; + } + + try{ + log.info(infoPrefix + "reservedinstance"); + FileManager.generateReservedInstances(EC2InventoryUtil.fetchReservedInstances(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "reservedinstance\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "reservedinstance", e.getMessage()); + } + }); + + + executor.execute(() -> + { + if(!(isTypeInScope("ssm"))) { + return; + } + + try{ + log.info(infoPrefix + "ssm"); + FileManager.generateSsmFiles(EC2InventoryUtil.fetchSSMInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "SSM\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "ssm", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("elasticache"))) { + return; + } + + try{ + log.info(infoPrefix + "elasticache"); + FileManager.generateElastiCacheFiles(ElastiCacheUtil.fetchElastiCacheInfo(temporaryCredentials, skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "elasticache\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "elasticache", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("datastream"))) { + return; + } + + try{ + log.info(infoPrefix + "datastream"); + FileManager.generateKinesisDataStreamFiles(KinesisInventoryUtil.fetchDataStreamInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "datastream\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "datastream", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("sqs"))) { + return; + } + + try{ + log.info(infoPrefix + "sqs"); + FileManager.generateSQSFiles(InventoryUtil.fetchSQSInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "sqs\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "sqs", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("deliverystream"))) { + return; + } + + try{ + log.info(infoPrefix + "deliverystream"); + FileManager.generateKinesisDeliveryStreamFiles(KinesisInventoryUtil.fetchDeliveryStreamInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "deliverystream\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "deliverystream", e.getMessage()); + } + }); + + executor.execute(() -> + { + if(!(isTypeInScope("videostream"))) { + return; + } + + try{ + log.info(infoPrefix + "videostream"); + FileManager.generateKinesisVideoStreamFiles(KinesisInventoryUtil.fetchVideoStreamInfo(temporaryCredentials,skipRegions,accountId,accountName)); + }catch(Exception e){ + log.error(expPrefix+ "videostream\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, "", "videostream", e.getMessage()); + } + }); + + executor.shutdown(); + while (!executor.isTerminated()) { + + } + + log.info("Completed Discovery for accountId "+ accountId); + } + + ErrorManageUtil.writeErrorFile(); + try { + FileManager.finalise(); + ErrorManageUtil.finalise(); + } catch (IOException e) { + log.error("Error Writing File",e); + } + } + + /** + * Checks if is type in scope. + * + * @param type the type + * @return true, if is type in scope + */ + private boolean isTypeInScope(String type){ + if("".equals(targetTypes)){ + return true; + }else{ + List targetTypesList = Arrays.asList(targetTypes.split(",")); + return targetTypesList.contains(type); + } + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtil.java index 7ca05081d..da1b3d71c 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtil.java @@ -1,95 +1,144 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.file; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.tmobile.cso.pacman.inventory.vo.ErrorVH; - - -/** - * The Class ErrorManageUtil. - */ -public class ErrorManageUtil { - - /** The log. */ - private static Logger log = LogManager.getLogger(ErrorManageUtil.class); - - /** The error map. */ - private static Map> errorMap = new HashMap<>(); - - /** - * Instantiates a new error manage util. - */ - private ErrorManageUtil() { - - } - - /** - * Initialise. - */ - public static void initialise(){ - String fieldNames = "loaddate`accountid`type`region`exception\n"; - try { - FileGenerator.writeToFile("load-error.data", fieldNames, false); - } catch (IOException e) { - log.error("Error in Initialise",e); - } - } - - /** - * Upload error. - * - * @param account the account - * @param region the region - * @param type the type - * @param exception the exception - */ - public static synchronized void uploadError(String account, String region, String type, String exception) { - try{ - List errorList = errorMap.get(account); - if(errorList==null){ - errorList = new ArrayList<>(); - errorMap.put(account, errorList); - } - ErrorVH error = new ErrorVH(); - error.setException(exception); - error.setRegion(region); - error.setType(type); - errorList.add(error); - }catch(Exception e){ - log.error("Error in uploadError",e); - } - } - - /** - * Write error file. - */ - public static void writeErrorFile(){ - try{ - FileManager.generateErrorFile(errorMap); - }catch(Exception e){ - log.error("Error in writeErrorFile",e); - } - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import java.io.IOException; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.vo.ErrorVH; + + +/** + * The Class ErrorManageUtil. + */ +public class ErrorManageUtil { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(ErrorManageUtil.class); + + /** The error map. */ + private static Map> errorMap = new HashMap<>(); + + /** + * Instantiates a new error manage util. + */ + private ErrorManageUtil() { + + } + + /** + * Initialise. + */ + public static void initialise(){ + try { + FileGenerator.writeToFile("aws-loaderror.data",InventoryConstants.OPEN_ARRAY, false); + } catch (IOException e) { + log.error("Error in Initialise",e); + } + } + + /** + * Finalise. + */ + public static void finalise(){ + try { + FileGenerator.writeToFile("aws-loaderror.data",InventoryConstants.CLOSE_ARRAY, true); + } catch (IOException e) { + log.error("Error in finalise",e); + } + } + + /** + * Upload error. + * + * @param account the account + * @param region the region + * @param type the type + * @param exception the exception + */ + public static synchronized void uploadError(String account, String region, String type, String exception) { + try{ + List errorList = errorMap.get(account); + if(errorList==null){ + errorList = new ArrayList<>(); + errorMap.put(account, errorList); + } + ErrorVH error = new ErrorVH(); + error.setException(exception); + error.setRegion(region); + error.setType(type); + errorList.add(error); + }catch(Exception e){ + log.error("Error in uploadError",e); + } + } + + /** + * Write error file. + */ + public static void writeErrorFile(){ + try{ + FileManager.generateErrorFile(errorMap); + }catch(Exception e){ + log.error("Error in writeErrorFile",e); + } + } + + public static Map formErrorCode() { + Map errorCode = new HashMap<>(); + errorCode.put("jobName", System.getProperty("jobName")); + + SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + errorCode.put("executionEndDate", sdf.format(new Date())); + + List> errors = new ArrayList<>(); + for(Entry> errorDetail :errorMap.entrySet()) { + Map error = new HashMap<>(); + List> details = new ArrayList<>(); + + error.put("error", "Error while fetching Inventory for account "+errorDetail.getKey()); + for(ErrorVH errorVH : errorDetail.getValue()) { + Map detail = new HashMap<>(); + detail.put("type",errorVH.getType()); + detail.put("region",errorVH.getRegion()); + detail.put("exception",errorVH.getException()); + detail.put("account",errorDetail.getKey()); + details.add(detail); + } + error.put("details",details); + errors.add(error); + } + + errorCode.put("errors", errors); + if(errors.isEmpty()) { + errorCode.put("status","Success"); + } else { + errorCode.put("status","Partial Success"); + } + log.info("Return Info {}",errorCode); + return errorCode; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/FileGenerator.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/FileGenerator.java index ad7de3980..ec040ff5d 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/FileGenerator.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/FileGenerator.java @@ -1,327 +1,365 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.file; - -import java.io.BufferedWriter; -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; -import java.lang.reflect.Field; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.stream.Collectors; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -/** - * The Class FileGenerator. - */ -public class FileGenerator { - - /** - * Instantiates a new file generator. - */ - private FileGenerator() { - - } - - /** The folder name. */ - protected static String folderName ; - - /** The Constant DELIMITER. */ - public static final String DELIMITER ="`"; - - /** The Constant LINESEPARATOR. */ - public static final String LINESEPARATOR ="\n"; - - /** The current date. */ - protected static String currentDate = new SimpleDateFormat("yyyy-MM-dd H:00:00Z").format(new java.util.Date()); - - /** The log. */ - private static Logger log = LogManager.getLogger(FileGenerator.class); - - /** - * Generate file. - * - * @param the generic type - * @param the generic type - * @param fileInfoMap the file info map - * @param fieldNames the field names - * @param fileName the file name - * @return true, if successful - */ - protected static boolean generateFile( Map> fileInfoMap,String fieldNames,String fileName){ - Iterator>> it= fileInfoMap.entrySet().iterator(); - StringBuilder sb = new StringBuilder(); - while(it.hasNext()){ - Entry> entry = it.next(); - List fileInfoList = entry.getValue(); - if(fileInfoList != null) { - for(T fileInfo : fileInfoList){ - String data = getLineData(fieldNames,fileInfo); - if(data != null && !"".equals(data) && !"".equals(data.replaceAll(DELIMITER,""))){ - String[] dataList = data.split(LINESEPARATOR); - for(String currentdata : dataList ){ - String[] arrData = currentdata.split(DELIMITER); - long dataCount = Arrays.asList(arrData).stream().filter(s -> !"".equals(s)).count(); - if(dataCount > 1 || (dataCount == 1 && !fieldNames.contains(DELIMITER))){ // To avoid file where mapping data is empty I'e tags - currentdata = "".equals(currentDate)?entry.getKey()+DELIMITER+currentdata:currentDate+DELIMITER+entry.getKey()+DELIMITER+currentdata; - sb.append(currentdata); - sb.append(LINESEPARATOR); - } - } - } - } - } - } - try { - writeToFile(fileName,sb.toString(),true); - } catch (IOException e) { - log.error("Error in generateFile ",e); - return false; - } - return true; - } - - /** - * Write to file. - * - * @param filename the filename - * @param data the data - * @param appendto the appendto - * @throws IOException Signals that an I/O exception has occurred. - */ - protected static void writeToFile(String filename ,String data,boolean appendto) throws IOException{ - - log.debug("Write to File :"+filename ); - BufferedWriter bw = null ; - try { - bw = new BufferedWriter(new FileWriter(folderName+File.separator+filename,appendto)); - bw.write(data); - bw.flush(); - bw.close(); - } catch (IOException e) { - log.debug("Write to File :"+filename +"failed. Exception below"); - log.error(e); - throw e; - } - finally { - if(bw != null) { - bw.close(); - } - } - } - - /** - * Gets the value. - * - * @param fieldName the field name - * @param obj the obj - * @return the value - */ - private static Object getValue(String fieldName, Object obj){ - Object value = null; - Field field = getField(obj.getClass(),fieldName); - if(null != field) { - field.setAccessible(true); - } - - try { - if(null != field) { - value = field.get(obj); - } - } catch (IllegalArgumentException | IllegalAccessException e) { - log.error("Error in getValue "+e); - } - return value; - - } - - /** - * Gets the line data. - * - * @param fieledNames the fieled names - * @param obj the obj - * @return the line data - */ - @SuppressWarnings("unchecked") - protected static String getLineData(String fieledNames, Object obj){ - List> valueHolder = new ArrayList<>(); - String[] fieldNamesList = fieledNames.split("["+DELIMITER+"]+"); - - for(String fieldName : fieldNamesList){ - String[] fieldNameList = fieldName.split("[.]"); - if(fieldNameList.length == 1){ - Object object = getValue(fieldName,obj); - if(object instanceof List ){ - String objString = ((List) object).stream().map(Object::toString).collect(Collectors.joining(":;")); - addtoValueHolder(valueHolder,objString,0); - }else{ - addtoValueHolder(valueHolder,object,0); - } - }else{ - String endFn= fieldNameList[fieldNameList.length-1]; - List objList = new ArrayList<>(); - objList.add(obj); - for(String fn : fieldNameList){ - int size = objList.size(); - if(size>0){ - for(int i=0;i) objValue).stream().map(Object::toString).collect(Collectors.joining(":;")); - addtoValueHolder(valueHolder,objString,i); - }else{ - addtoValueHolder(valueHolder,objValue,i); - } - }else{ - if(objValue instanceof List){ - objList.clear(); - addtoValueHolder(valueHolder,((List)objValue).size()); - for(Object _listObj : (List)objValue){ - objList.add(_listObj); - } - }else{ - objList.set(i,objValue); - } - } - }else{ - addtoValueHolder(valueHolder,"",i); - } - } - }else{ - addtoValueHolder(valueHolder,"",0); - } - } - } - } - List returnVal = new ArrayList<>(); - - for(List vh : valueHolder ){ - returnVal.add(vh.stream(). - map(objx -> { - if(objx==null){ - return ""; - }else if(objx instanceof java.util.Date) { - SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ssZ"); - return sdf.format(objx); - } - return massageData(objx.toString()); - } - ). - collect(Collectors.joining(DELIMITER))); - } - - return returnVal.stream().collect(Collectors.joining(LINESEPARATOR)); - - } - - /** - * Addto value holder. - * - * @param valueHolder the value holder - * @param value the value - * @param index the index - */ - private static void addtoValueHolder(List> valueHolder, Object value,int index){ - if(valueHolder.isEmpty()){ - List vh = new ArrayList<>(); - valueHolder.add(vh); - } - valueHolder.get(index).add(value); - } - - /** - * Addto value holder. - * - * @param valueHolder the value holder - * @param size the size - */ - private static void addtoValueHolder(List> valueHolder,int size){ - if(valueHolder.isEmpty()){ - List vh = new ArrayList<>(); - valueHolder.add(vh); - } - if(valueHolder.size() != size){ - for(int i=1 ;i vhList = new ArrayList<>(); - vhList.addAll(valueHolder.get(0)); - valueHolder.add(vhList); - } - } - - } - - /** - * Gets the field. - * - * @param clazz the clazz - * @param name the name - * @return the field - */ - private static Field getField(Class clazz, String name) { - Field field = null; - while (clazz != null) { - try { - Field[] fields = clazz.getDeclaredFields(); - for(Field fieldTemp : fields){ - if (fieldTemp .getName().equalsIgnoreCase(name)) { - field = fieldTemp ; - break; - } - } - - } catch (Exception e) { - log.error(e); - } - clazz = clazz.getSuperclass(); - } - return field; - } - - /** - * Massage data. - * - * @param str the str - * @return the string - */ - private static String massageData(String str){ - String temp = str; - temp = temp.replace(DELIMITER, "'"); - temp = temp.replace("\r\n", "[NL]"); - temp = temp.replace("\n", "[NL]"); - return temp; - } - - /** - * Gets the folder name. - * - * @return the folder name - */ - public static String getFolderName(){ - return folderName; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import java.io.BufferedWriter; +import java.io.File; +import java.io.FileWriter; +import java.io.IOException; +import java.lang.reflect.Field; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.databind.ObjectMapper; + +/** + * The Class FileGenerator. + */ +public class FileGenerator { + + /** + * Instantiates a new file generator. + */ + private FileGenerator() { + + } + + /** The folder name. */ + protected static String folderName ; + + /** The Constant DELIMITER. */ + public static final String DELIMITER ="`"; + + /** The Constant LINESEPARATOR. */ + public static final String LINESEPARATOR ="\n"; + + public static final String COMMA =","; + + /** The current date. */ + protected static String currentDate = new SimpleDateFormat("yyyy-MM-dd HH:00:00Z").format(new java.util.Date()); + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(FileGenerator.class); + + /** + * Generate file. + * + * @param the generic type + * @param the generic type + * @param fileInfoMap the file info map + * @param fieldNames the field names + * @param fileName the file name + * @return true, if successful + */ + protected static String generateFile( Map> fileInfoMap,String fieldNames){ + Iterator>> it= fileInfoMap.entrySet().iterator(); + StringBuilder sb = new StringBuilder(); + while(it.hasNext()){ + Entry> entry = it.next(); + List fileInfoList = entry.getValue(); + if(fileInfoList != null) { + for(T fileInfo : fileInfoList){ + String data = getLineData(fieldNames,fileInfo); + if(data != null && !"".equals(data) && !"".equals(data.replaceAll(DELIMITER,""))){ + String[] dataList = data.split(LINESEPARATOR); + for(String currentdata : dataList ){ + String[] arrData = currentdata.split(DELIMITER); + long dataCount = Arrays.asList(arrData).stream().filter(s -> !"".equals(s)).count(); + if(dataCount > 1 || (dataCount == 1 && !fieldNames.contains(DELIMITER))){ // To avoid file where mapping data is empty I'e tags + currentdata = "".equals(currentDate)?entry.getKey()+DELIMITER+currentdata:currentDate+DELIMITER+entry.getKey()+DELIMITER+currentdata; + sb.append(currentdata); + sb.append(LINESEPARATOR); + } + } + } + } + } + } + return sb.toString(); + } + + /** + * Write to file. + * + * @param filename the filename + * @param data the data + * @param appendto the appendto + * @throws IOException Signals that an I/O exception has occurred. + */ + protected static void writeToFile(String filename ,String data,boolean appendto) throws IOException{ + log.debug("Write to File :"+filename ); + BufferedWriter bw = null ; + try { + bw = new BufferedWriter(new FileWriter(folderName+File.separator+filename,appendto)); + bw.write(data); + bw.flush(); + bw.close(); + } catch (IOException e) { + log.error("Write to File :{} failed",filename,e); + throw e; + } + finally { + if(bw != null) { + bw.close(); + } + } + } + + /** + * Gets the value. + * + * @param fieldName the field name + * @param obj the obj + * @return the value + */ + private static Object getValue(String fieldName, Object obj){ + Object value = null; + Field field = getField(obj.getClass(),fieldName); + if(null != field) { + field.setAccessible(true); + } + + try { + if(null != field) { + value = field.get(obj); + } + } catch (IllegalArgumentException | IllegalAccessException e) { + log.error("Error in getValue "+e); + } + return value; + + } + + /** + * Gets the line data. + * + * @param fieledNames the fieled names + * @param obj the obj + * @return the line data + */ + @SuppressWarnings("unchecked") + protected static String getLineData(String fieledNames, Object obj){ + List> valueHolder = new ArrayList<>(); + String[] fieldNamesList = fieledNames.split("["+DELIMITER+"]+"); + + for(String fieldName : fieldNamesList){ + String[] fieldNameList = fieldName.split("[.]"); + if(fieldNameList.length == 1){ + Object object = getValue(fieldName,obj); + if(object instanceof List ){ + String objString = ((List) object).stream().map(Object::toString).collect(Collectors.joining(":;")); + addtoValueHolder(valueHolder,objString,0); + }else{ + addtoValueHolder(valueHolder,object,0); + } + }else{ + String endFn= fieldNameList[fieldNameList.length-1]; + List objList = new ArrayList<>(); + objList.add(obj); + for(String fn : fieldNameList){ + int size = objList.size(); + if(size>0){ + for(int i=0;i) objValue).stream().map(Object::toString).collect(Collectors.joining(":;")); + addtoValueHolder(valueHolder,objString,i); + }else{ + addtoValueHolder(valueHolder,objValue,i); + } + }else{ + if(objValue instanceof List){ + objList.clear(); + addtoValueHolder(valueHolder,((List)objValue).size()); + for(Object _listObj : (List)objValue){ + objList.add(_listObj); + } + }else{ + objList.set(i,objValue); + } + } + }else{ + addtoValueHolder(valueHolder,"",i); + } + } + }else{ + addtoValueHolder(valueHolder,"",0); + } + } + } + } + List returnVal = new ArrayList<>(); + + for(List vh : valueHolder ){ + returnVal.add(vh.stream(). + map(objx -> { + if(objx==null){ + return ""; + }else if(objx instanceof java.util.Date) { + SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ssZ"); + return sdf.format(objx); + } + return massageData(objx.toString()); + } + ). + collect(Collectors.joining(DELIMITER))); + } + + return returnVal.stream().collect(Collectors.joining(LINESEPARATOR)); + + } + + /** + * Addto value holder. + * + * @param valueHolder the value holder + * @param value the value + * @param index the index + */ + private static void addtoValueHolder(List> valueHolder, Object value,int index){ + if(valueHolder.isEmpty()){ + List vh = new ArrayList<>(); + valueHolder.add(vh); + } + valueHolder.get(index).add(value); + } + + /** + * Addto value holder. + * + * @param valueHolder the value holder + * @param size the size + */ + private static void addtoValueHolder(List> valueHolder,int size){ + if(valueHolder.isEmpty()){ + List vh = new ArrayList<>(); + valueHolder.add(vh); + } + if(valueHolder.size() != size){ + for(int i=1 ;i vhList = new ArrayList<>(); + vhList.addAll(valueHolder.get(0)); + valueHolder.add(vhList); + } + } + + } + + /** + * Gets the field. + * + * @param clazz the clazz + * @param name the name + * @return the field + */ + private static Field getField(Class clazz, String name) { + Field field = null; + while (clazz != null) { + try { + Field[] fields = clazz.getDeclaredFields(); + for(Field fieldTemp : fields){ + if (fieldTemp .getName().equalsIgnoreCase(name)) { + field = fieldTemp ; + break; + } + } + + } catch (Exception e) { + log.error("Error getting value for {}",name); + } + clazz = clazz.getSuperclass(); + } + return field; + } + + /** + * Massage data. + * + * @param str the str + * @return the string + */ + private static String massageData(String str){ + String temp = str; + temp = temp.replace(DELIMITER, "'"); + temp = temp.replace("\r\n", "[NL]"); + temp = temp.replace("\n", "[NL]"); + return temp; + } + + /** + * Gets the folder name. + * + * @return the folder name + */ + public static String getFolderName(){ + return folderName; + } + + protected static boolean generateJson( Map> fileInfoMap,String fieldNames,String fileName, String keys){ + + ObjectMapper objectMapper = new ObjectMapper(); + StringBuilder sb = new StringBuilder(); + String[] keysList = keys.split("["+DELIMITER+"]+"); + String dataLines = generateFile(fileInfoMap, fieldNames); + if(dataLines != null && !"".equals(dataLines)){ + String[] dataList = generateFile(fileInfoMap, fieldNames).split(LINESEPARATOR); + for(String data : dataList) { + Map lineDataMap = new HashMap<>(); + String[] lineData = data.split(DELIMITER); + for(int i=0;i> instanceMap) throws IOException { - - String fieldNames =""; - - fieldNames = "instanceId`amiLaunchIndex`architecture`clientToken`ebsOptimized`EnaSupport`Hypervisor`ImageId`InstanceLifecycle`InstanceType`KernelId`KeyName`LaunchTime`Platform`PrivateDnsName`PrivateIpAddress`PublicDnsName`PublicIpAddress`RamdiskId`RootDeviceName`RootDeviceType`SourceDestCheck`SpotInstanceRequestId`SriovNetSupport`StateTransitionReason`SubnetId`VirtualizationType`VpcId`IamInstanceProfile.Arn`IamInstanceProfile.Id`Monitoring.State`Placement.Affinity`Placement.AvailabilityZone`Placement.GroupName`Placement.HostId`Placement.Tenancy`State.Name`State.Code`StateReason.Message`StateReason.Code"; - FileGenerator.generateFile(instanceMap, fieldNames, "instance-info.data"); - - fieldNames = "instanceId`tags.key`tags.value"; - FileGenerator.generateFile(instanceMap, fieldNames, "instance-tags.data"); - - fieldNames = "instanceId`SecurityGroups.groupId`SecurityGroups.groupName"; - FileGenerator.generateFile(instanceMap, fieldNames, "instance-secgroups.data"); - - fieldNames = "instanceId`ProductCodes.ProductCodeId`ProductCodes.ProductCodeType"; - FileGenerator.generateFile(instanceMap, fieldNames, "instance-productcodes.data"); - - fieldNames = "instanceId`BlockDeviceMappings.deviceName`BlockDeviceMappings.ebs.VolumeId`BlockDeviceMappings.ebs.AttachTime`BlockDeviceMappings.ebs.DeleteOnTermination`BlockDeviceMappings.ebs.status"; - FileGenerator.generateFile(instanceMap, fieldNames, "instance-blockdevices.data"); - - fieldNames = "instanceId`NetworkInterfaces.NetworkInterfaceId`NetworkInterfaces.Description"; - FileGenerator.generateFile(instanceMap, fieldNames, "instance-nwinterfaces.data"); - - } - - /** - * Generate nw interface files. - * - * @param nwIntfcMap the nw intfc map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateNwInterfaceFiles(Map> nwIntfcMap) throws IOException { - String fieldNames =""; - fieldNames = "NetworkInterfaceId`Description`MacAddress`OwnerId`PrivateDnsName`PrivateIpAddress`SourceDestCheck`Status`SubnetId`VpcId`association.IpOwnerId`association.PublicDnsName`association.PublicIp`attachment.AttachmentId`attachment.AttachTime`attachment.DeleteOnTermination`attachment.DeviceIndex`attachment.status"; - FileGenerator.generateFile(nwIntfcMap, fieldNames, "nwinterface-info.data"); - - fieldNames = "NetworkInterfaceId`groups.GroupId`groups.GroupName"; - FileGenerator.generateFile(nwIntfcMap, fieldNames, "nwinterface-secgroups.data"); - - fieldNames = "NetworkInterfaceId`Ipv6Addresses.Ipv6Address"; - FileGenerator.generateFile(nwIntfcMap, fieldNames, "nwinterface-ipv6.data"); - - fieldNames = "NetworkInterfaceId`PrivateIpAddresses.Primary`PrivateIpAddresses.PrivateDnsName`PrivateIpAddresses.PrivateIpAddress`PrivateIpAddresses.association.IpOwnerId`PrivateIpAddresses.association.PublicDnsName`PrivateIpAddresses.association.PublicIp"; - FileGenerator.generateFile(nwIntfcMap, fieldNames, "nwinterface-privateIpAddr.data"); - - } - - /** - * Generate asg files. - * - * @param instanceMap the instance map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateAsgFiles(Map> instanceMap) throws IOException { - - String fieldNames; - - fieldNames ="AutoScalingGroupARN`AutoScalingGroupName`AvailabilityZones`CreatedTime`DefaultCooldown`DesiredCapacity`HealthCheckGracePeriod`HealthCheckType`LaunchConfigurationName`MaxSize`MinSize`NewInstancesProtectedFromScaleIn`PlacementGroup`Status`SuspendedProcesses`TargetGroupARNs`TerminationPolicies`VPCZoneIdentifier"; - FileGenerator.generateFile(instanceMap, fieldNames, "asg-info.data"); - - fieldNames ="AutoScalingGroupARN`instances.instanceid"; - FileGenerator.generateFile(instanceMap, fieldNames, "asg-instances.data"); - - fieldNames ="AutoScalingGroupARN`LoadBalancerNames"; - FileGenerator.generateFile(instanceMap, fieldNames, "asg-elb.data"); - - fieldNames ="AutoScalingGroupARN`tags.key`tags.value"; - FileGenerator.generateFile(instanceMap, fieldNames, "asg-tags.data"); - - } - - /** - * Generate cloud formation stack files. - * - * @param fileInofMap the file inof map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateCloudFormationStackFiles(Map> fileInofMap) throws IOException { - String fieldNames; - fieldNames ="StackId`StackName`ChangeSetId`CreationTime`Description`DisableRollback`LastUpdatedTime`RoleARN`StackStatus`StackStatusReason`TimeoutInMinutes"; - FileGenerator.generateFile(fileInofMap, fieldNames, "cloudfrmnstack-info.data"); - fieldNames ="StackId`tags.key`tags.value"; - FileGenerator.generateFile(fileInofMap, fieldNames, "cloudfrmnstack-tags.data"); - - } - - /** - * Generate dynamo db files. - * - * @param dynamoMap the dynamo map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateDynamoDbFiles(Map> dynamoMap) throws IOException { - String fieldNames; - fieldNames ="table.TableArn`table.TableName`table.CreationDateTime`table.ItemCount`table.LatestStreamArn`table.LatestStreamLabel`table.TableSizeBytes`table.TableStatus`table.ProvisionedThroughput.ReadCapacityUnits`table.ProvisionedThroughput.WriteCapacityUnits`table.StreamSpecification.StreamEnabled`table.StreamSpecification.StreamViewType"; - FileGenerator.generateFile(dynamoMap, fieldNames, "dynamodb-tables.data"); - fieldNames ="table.TableArn`tags.key`tags.value"; - FileGenerator.generateFile(dynamoMap, fieldNames, "dynamodb-tables-tags.data"); - } - - /** - * Generate efs files. - * - * @param efsfMap the efsf map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateEfsFiles(Map> efsfMap) throws IOException { - String fieldNames; - fieldNames ="efs.FileSystemId`efs.Name`efs.CreationTime`efs.CreationToken`efs.LifeCycleState`efs.NumberOfMountTargets`efs.OwnerId`efs.PerformanceMode"; - FileGenerator.generateFile(efsfMap, fieldNames, "efs-info.data"); - fieldNames ="efs.FileSystemId`tags.key`tags.value"; - FileGenerator.generateFile(efsfMap, fieldNames, "efs-tags.data"); - - } - - /** - * Generate emr files. - * - * @param fileInofMap the file inof map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateEmrFiles(Map> fileInofMap) throws IOException { - String fieldNames; - fieldNames ="Id`AutoScalingRole`AutoTerminate`InstanceCollectionType`LogUri`MasterPublicDnsName`Name`NormalizedInstanceHours`ReleaseLabel`RequestedAmiVersion`RunningAmiVersion`ScaleDownBehavior`SecurityConfiguration`ServiceRole`TerminationProtected`VisibleToAllUsers"; - FileGenerator.generateFile(fileInofMap, fieldNames, "emr-info.data"); - fieldNames ="Id`tags.key`tags.value"; - FileGenerator.generateFile(fileInofMap, fieldNames, "emr-tags.data"); - - } - - /** - * Generate lamda files. - * - * @param fileInofMap the file inof map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateLamdaFiles(Map> fileInofMap) throws IOException { - String fieldNames; - fieldNames = "lambda.FunctionArn`lambda.CodeSha256`lambda.CodeSize`lambda.Description`lambda.FunctionName`lambda.Handler`lambda.KMSKeyArn`lambda.LastModified`lambda.MemorySize`lambda.Role`lambda.Runtime`lambda.Timeout`lambda.Version`lambda.VpcConfig.VpcId`lambda.VpcConfig.SubnetIds`lambda.VpcConfig.SecurityGroupIds"; - FileGenerator.generateFile(fileInofMap, fieldNames, "lambda-info.data"); - fieldNames ="lambda.FunctionArn`tags.key`tags.value"; - FileGenerator.generateFile(fileInofMap, fieldNames, "lambda-tags.data"); - fieldNames ="lambda.FunctionArn`lambda.vpcConfig.securityGroupIds"; - FileGenerator.generateFile(fileInofMap, fieldNames, "lambda-secgroups.data"); - } - - /** - * Generate classic elb files. - * - * @param elbMap the elb map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateClassicElbFiles(Map> elbMap) throws IOException { - String fieldNames; - fieldNames = "elb.DNSName`elb.AvailabilityZones`elb.CanonicalHostedZoneName`elb.CanonicalHostedZoneNameID`elb.CreatedTime`elb.LoadBalancerName`elb.Scheme`elb.VPCId"; - FileGenerator.generateFile(elbMap, fieldNames, "classicelb-info.data"); - fieldNames = "elb.LoadBalancerName`elb.Instances.InstanceId"; - FileGenerator.generateFile(elbMap, fieldNames, "classicelb-instances.data"); - fieldNames ="elb.LoadBalancerName`tags.key`tags.value"; - FileGenerator.generateFile(elbMap, fieldNames, "classicelb-tags.data"); - fieldNames ="elb.LoadBalancerName`elb.securityGroups"; - FileGenerator.generateFile(elbMap, fieldNames, "classicelb-secgroups.data"); - } - - /** - * Generate application elb files. - * - * @param elbMap the elb map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateApplicationElbFiles(Map> elbMap) throws IOException { - String fieldNames; - fieldNames = "lb.LoadBalancerArn`lb.DNSName`lb.CanonicalHostedZoneID`lb.CreatedTime`lb.LoadBalancerName`lb.Scheme`lb.VPCId`AvailabilityZones`lb.type"; - FileGenerator.generateFile(elbMap, fieldNames, "appelb-info.data"); - fieldNames ="lb.LoadBalancerName`tags.key`tags.value"; - FileGenerator.generateFile(elbMap, fieldNames, "appelb-tags.data"); - fieldNames ="lb.LoadBalancerName`lb.securityGroups"; - FileGenerator.generateFile(elbMap, fieldNames, "appelb-secgroups.data"); - } - - /** - * Generate target group files. - * - * @param targetGrpMap the target grp map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateTargetGroupFiles(Map> targetGrpMap) throws IOException { - String fieldNames; - fieldNames = "trgtGrp.TargetGroupArn`trgtGrp.TargetGroupName`trgtGrp.vpcid`trgtGrp.protocol`trgtGrp.port`trgtGrp.HealthyThresholdCount`trgtGrp.UnhealthyThresholdCount`trgtGrp.HealthCheckIntervalSeconds`trgtGrp.HealthCheckTimeoutSeconds`trgtGrp.LoadBalancerArns"; - FileGenerator.generateFile(targetGrpMap, fieldNames, "targetGroup-info.data"); - - fieldNames = "trgtGrp.TargetGroupName`targets.target.id"; - FileGenerator.generateFile(targetGrpMap, fieldNames, "targetGroup-instances.data"); - - Map> appElbInstanceMap = new HashMap<>(); - Iterator>> it= targetGrpMap.entrySet().iterator(); - - while(it.hasNext()){ - Entry> entry = it.next(); - String accntId= entry.getKey(); - List trgtList = entry.getValue(); - appElbInstanceMap.putIfAbsent(accntId,new ArrayList()); - for(TargetGroupVH trgtGrp : trgtList){ - List elbList = trgtGrp.getTrgtGrp().getLoadBalancerArns(); - for(String elbarn : elbList){ - LoadBalancer elb = new LoadBalancer(); - elb.setLoadBalancerArn(elbarn); - Matcher appMatcher = Pattern.compile("(?<=loadbalancer/(app|net)/)(.*)(?=/)").matcher(elbarn); - if(appMatcher.find()){ - elb.setLoadBalancerName(appMatcher.group()); - LoadBalancerVH elbVH = new LoadBalancerVH(elb); - List instances = new ArrayList<>(); - elbVH.setInstances(instances); - trgtGrp.getTargets().forEach(trgtHealth -> { - instances.add(new com.amazonaws.services.elasticloadbalancing.model.Instance(trgtHealth.getTarget().getId())); - }); - appElbInstanceMap.get(accntId).add(elbVH); - } - } - } - } - fieldNames = "lb.LoadBalancerName`Instances.InstanceId"; - FileGenerator.generateFile(appElbInstanceMap, fieldNames, "appelb-instances.data"); - } - - /** - * Generate nat gateway files. - * - * @param gateWayMap the gate way map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateNatGatewayFiles(Map> gateWayMap) throws IOException { - String fieldNames; - fieldNames = "NatGatewayId`VpcId`SubnetId`State`CreateTime`DeleteTime`FailureCode`FailureMessage"; - FileGenerator.generateFile(gateWayMap, fieldNames, "natgateway-info.data"); - - fieldNames = "NatGatewayId`NatGatewayAddresses.NetworkInterfaceId`NatGatewayAddresses.PrivateIp`NatGatewayAddresses.PublicIp`NatGatewayAddresses.AllocationId"; - FileGenerator.generateFile(gateWayMap, fieldNames, "natgateway-addresses.data"); - } - - /** - * Generate RDS cluster files. - * - * @param rdsclusterMap the rdscluster map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateRDSClusterFiles(Map> rdsclusterMap) throws IOException { - String fieldNames; - fieldNames = "cluster.DBClusterArn`cluster.AllocatedStorage`cluster.AvailabilityZones`cluster.BackupRetentionPeriod`cluster.CharacterSetName`cluster.ClusterCreateTime`cluster.DatabaseName`cluster.DBClusterIdentifier`cluster.DBClusterParameterGroup" - + "`cluster.DbClusterResourceId`cluster.DBSubnetGroup`cluster.EarliestRestorableTime`cluster.Endpoint`cluster.Engine`cluster.EngineVersion`cluster.HostedZoneId`cluster.IAMDatabaseAuthenticationEnabled" - + "`cluster.KmsKeyId`cluster.LatestRestorableTime`cluster.MasterUsername`cluster.MultiAZ`cluster.PercentProgress`cluster.Port`cluster.PreferredBackupWindow`cluster.PreferredMaintenanceWindow`cluster.ReaderEndpoint" - + "`cluster.ReadReplicaIdentifiers`cluster.ReplicationSourceIdentifier`cluster.Status`cluster.StorageEncrypted"; - FileGenerator.generateFile(rdsclusterMap, fieldNames, "rdscluster-info.data"); - - fieldNames = "cluster.DBClusterArn`cluster.VpcSecurityGroups.VpcSecurityGroupId`cluster.VpcSecurityGroups.status"; - FileGenerator.generateFile(rdsclusterMap, fieldNames, "rdscluster-vpcsecgroup.data"); - - fieldNames = "cluster.DBClusterArn`tags.key`tags.value"; - FileGenerator.generateFile(rdsclusterMap, fieldNames, "rdscluster-tags.data"); - } - - /** - * Generate RDS instance files. - * - * @param rdsIntncMap the rds intnc map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateRDSInstanceFiles(Map> rdsIntncMap) throws IOException { - String fieldNames; - fieldNames = "dbinst.DBInstanceArn`dbinst.AllocatedStorage`dbinst.AutoMinorVersionUpgrade`dbinst.AvailabilityZone`dbinst.BackupRetentionPeriod`dbinst.CACertificateIdentifier`dbinst.CharacterSetName`dbinst.CopyTagsToSnapshot" - + "`dbinst.DBClusterIdentifier`dbinst.DBInstanceClass`dbinst.DBInstanceIdentifier`dbinst.DbInstancePort`dbinst.DBInstanceStatus`dbinst.DbiResourceId`dbinst.DBName`dbinst.Endpoint.Address`dbinst.Endpoint.Port`dbinst.Endpoint.HostedZoneID" - + "`dbinst.Engine`dbinst.EngineVersion`dbinst.EnhancedMonitoringResourceArn`dbinst.IAMDatabaseAuthenticationEnabled`dbinst.InstanceCreateTime`dbinst.Iops`dbinst.KmsKeyId`dbinst.LatestRestorableTime`dbinst.LicenseModel`dbinst.MasterUsername`dbinst.MonitoringInterval" - + "`dbinst.MonitoringRoleArn`dbinst.MultiAZ`dbinst.PreferredBackupWindow`dbinst.PreferredMaintenanceWindow`dbinst.PromotionTier`dbinst.PubliclyAccessible`dbinst.SecondaryAvailabilityZone`dbinst.StorageEncrypted`dbinst.StorageType`dbinst.TdeCredentialArn`dbinst.Timezone`dbinst.ReadReplicaDBClusterIdentifiers`dbinst.ReadReplicaDBInstanceIdentifiers`dbinst.ReadReplicaSourceDBInstanceIdentifier"; - FileGenerator.generateFile(rdsIntncMap, fieldNames, "rdsinstance-info.data"); - - fieldNames = "dbinst.DBInstanceArn`dbinst.VpcSecurityGroups.VpcSecurityGroupId`dbinst.VpcSecurityGroups.status"; - FileGenerator.generateFile(rdsIntncMap, fieldNames, "rdsinstance-vpcsecgroup.data"); - - fieldNames = "dbinst.DBInstanceArn`tags.key`tags.value"; - FileGenerator.generateFile(rdsIntncMap, fieldNames, "rdsinstance-tags.data"); - - } - - /** - * Generate S 3 files. - * - * @param bucketMap the bucket map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateS3Files(Map> bucketMap) throws IOException { - String fieldNames; - fieldNames = "bucket.Name`bucket.CreationDate`bucket.owner.displayname`bucket.owner.id`versionStatus`mfaDelete`location"; - FileGenerator.generateFile(bucketMap, fieldNames, "s3-info.data"); - fieldNames = "location`bucket.Name`tags.key`tags.value"; - FileGenerator.generateFile(bucketMap, fieldNames, "s3-tags.data"); - - } - - /** - * Generate sec group file. - * - * @param secGrpMap the sec grp map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateSecGroupFile(Map> secGrpMap) throws IOException { - String fieldNames; - fieldNames = "GroupId`Description`GroupName`OwnerId`vpcid"; - FileGenerator.generateFile(secGrpMap, fieldNames, "secgroup-info.data"); - fieldNames = "GroupId`tags.key`tags.value"; - FileGenerator.generateFile(secGrpMap, fieldNames, "secgroup-tags.data"); - - Map> secGrp = new HashMap<>(); - secGrpMap.forEach((k,v)-> { - List sgruleList = new ArrayList<>(); - v.forEach(sg -> { - String groupId = sg.getGroupId(); - sgruleList.addAll(getRuleInfo(groupId,"inbound",sg.getIpPermissions())); - sgruleList.addAll(getRuleInfo(groupId,"outbound",sg.getIpPermissionsEgress())); - }); - secGrp.put(k,sgruleList); - } - ); - fieldNames = "groupId`type`ipProtocol`fromPort`toPort`cidrIp`cidrIpv6"; - FileGenerator.generateFile(secGrp, fieldNames, "secgroup-rules.data"); - - } - - /** - * Gets the rule info. - * - * @param groupId the group id - * @param type the type - * @param permissions the permissions - * @return the rule info - */ - private static List getRuleInfo(String groupId,String type,List permissions){ - List sgruleList = new ArrayList<>(); - permissions.forEach(obj-> { - String ipProtocol = obj.getIpProtocol(); - Integer fromPort = obj.getFromPort(); - Integer toPort = obj.getToPort(); - String fromPortStr ; - String toPortStr ; - fromPortStr = fromPort==null?"":fromPort==-1?"All":fromPort.toString(); - toPortStr = toPort==null?"":toPort==-1?"All":toPort.toString(); - obj.getIpv4Ranges().forEach(iprange-> { - String cidrIp = iprange.getCidrIp(); - SGRuleVH rule = new SGRuleVH(groupId,type, fromPortStr, toPortStr,"", cidrIp, "-1".equals(ipProtocol)?"All":ipProtocol); - sgruleList.add(rule); - }); - obj.getIpv6Ranges().forEach(iprange-> { - String cidrIpv6 = iprange.getCidrIpv6(); - SGRuleVH rule = new SGRuleVH(groupId,type, fromPortStr, toPortStr,cidrIpv6, "", "-1".equals(ipProtocol)?"All":ipProtocol); - sgruleList.add(rule); - }); - }); - return sgruleList; - - } - - /** - * Generate subnet files. - * - * @param subNetMap the sub net map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateSubnetFiles(Map> subNetMap) throws IOException{ - String fieldNames; - fieldNames = "SubnetId`AssignIpv6AddressOnCreation`AvailabilityZone`AvailableIpAddressCount`CidrBlock`DefaultForAz`MapPublicIpOnLaunch`State`VpcId"; - FileGenerator.generateFile(subNetMap, fieldNames, "subnet-info.data"); - fieldNames = "SubnetId`tags.key`tags.value"; - FileGenerator.generateFile(subNetMap, fieldNames, "subnet-tags.data"); - } - - /** - * Generate trusted advisor files. - * - * @param checksMap the checks map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateTrustedAdvisorFiles(Map> checksMap) throws IOException { - String fieldNames; - fieldNames = "check.Id`check.Category`status`check.name`check.Description"; - FileGenerator.generateFile(checksMap, fieldNames, "checks-info.data"); - - Iterator>> it = checksMap.entrySet().iterator(); - Map> resourceMap = new HashMap<>(); - while(it.hasNext()){ - Entry> entry = it.next(); - String account = entry.getKey(); - List checksValue = entry.getValue(); - List resources = new ArrayList<>(); - checksValue.forEach(obj -> { - resources.addAll(obj.getResources()); - } - ); - resourceMap.put(account, resources); - } - - fieldNames = "checkid`id`status`data"; - FileGenerator.generateFile(resourceMap, fieldNames, "checks-resources-info.data"); - - } - - /** - * Generate redshift files. - * - * @param redShiftMap the red shift map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateRedshiftFiles(Map> redShiftMap) throws IOException { - String fieldNames; - fieldNames = "ClusterIdentifier`AllowVersionUpgrade`AutomatedSnapshotRetentionPeriod`AvailabilityZone`ClusterCreateTime`ClusterPublicKey`ClusterRevisionNumber`ClusterStatus`ClusterSubnetGroupName`ClusterVersion`DBName`ElasticIpStatus`Encrypted`Endpoint.Address`Endpoint.Port`EnhancedVpcRouting`KmsKeyId`MasterUsername`ModifyStatus`NodeType`NumberOfNodes`PreferredMaintenanceWindow`PubliclyAccessible`VpcId"; - FileGenerator.generateFile(redShiftMap, fieldNames, "redshift-info.data"); - - fieldNames = "ClusterIdentifier`VpcSecurityGroups.VpcSecurityGroupId`VpcSecurityGroups.status"; - FileGenerator.generateFile(redShiftMap, fieldNames, "redshfit-secgroup.data"); - - fieldNames = "ClusterIdentifier`tags.key`tags.value"; - FileGenerator.generateFile(redShiftMap, fieldNames, "redshfit-tags.data"); - - } - - /** - * Generatefetch volume files. - * - * @param volumeMap the volume map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generatefetchVolumeFiles(Map> volumeMap) throws IOException { - String fieldNames; - fieldNames = "VolumeId`VolumeType`AvailabilityZone`CreateTime`Encrypted`Iops`KmsKeyId`Size`SnapshotId`State"; - FileGenerator.generateFile(volumeMap, fieldNames, "volume-info.data"); - - fieldNames = "VolumeId`attachments.InstanceId`attachments.AttachTime`attachments.DeleteOnTermination`attachments.Device`attachments.State"; - FileGenerator.generateFile(volumeMap, fieldNames, "volume-attachment.data"); - - fieldNames = "VolumeId`tags.key`tags.value"; - FileGenerator.generateFile(volumeMap, fieldNames, "volume-tags.data"); - } - - /** - * Generate snapshot files. - * - * @param snapshotMap the snapshot map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateSnapshotFiles(Map> snapshotMap) throws IOException { - String fieldNames; - fieldNames = "SnapshotId`Description`VolumeId`VolumeSize`Encrypted`DataEncryptionKeyId" - + "`KmsKeyId`OwnerAlias`OwnerId`Progress`StartTime`State`StateMessage"; - FileGenerator.generateFile(snapshotMap, fieldNames, "snapshot-info.data"); - fieldNames = "SnapshotId`tags.key`tags.value"; - FileGenerator.generateFile(snapshotMap, fieldNames, "snapshot-tags.data"); - } - - /** - * Generate vpc files. - * - * @param vpcMap the vpc map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateVpcFiles(Map> vpcMap) throws IOException { - - String fieldNames; - fieldNames = "vpc.vpcId`vpc.cidrBlock`vpc.dhcpOptionsId`vpc.instanceTenancy`vpc.isDefault`vpc.state`vpc.cidrBlockAssociationSet.cidrBlock`vpc.cidrBlockAssociationSet.cidrBlockState.state`vpc.cidrBlockAssociationSet.cidrBlockState.statusMessage`vpc.cidrBlockAssociationSet.associationId"; - FileGenerator.generateFile(vpcMap, fieldNames, "vpc-info.data"); - fieldNames = "vpc.vpcId`vpc.tags.key`vpc.tags.value"; - FileGenerator.generateFile(vpcMap, fieldNames, "vpc-tags.data"); - fieldNames = "vpcEndPoints.vpcId`vpcEndPoints.vpcEndpointId`vpcEndPoints.serviceName`vpcEndPoints.state`vpcEndPoints.creationTimestamp`vpcEndPoints.publicAccess`vpcEndPoints.policyDocument`vpcEndPoints.routeTableIds"; - FileGenerator.generateFile(vpcMap, fieldNames, "vpc-endpoints.data"); - } - - /** - * Generate api gateway files. - * - * @param apiGatewayMap the api gateway map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateApiGatewayFiles(Map> apiGatewayMap) throws IOException { - String fieldNames; - fieldNames = "Id`Name`Description`CreatedDate`Version"; - FileGenerator.generateFile(apiGatewayMap, fieldNames, "api-info.data"); - } - - /** - * Generate iam user files. - * - * @param userMap the user map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateIamUserFiles(Map> userMap) throws IOException { - String fieldNames; - fieldNames = "user.username`user.userid`user.arn`user.CreateDate`user.path`passwordCreationDate`user.PasswordLastUsed`passwordResetRequired`mfa`groups"; - FileGenerator.generateFile(userMap, fieldNames, "iamuser-info.data"); - fieldNames = "user.username`accessKeys.AccessKeyId`accessKeys.CreateDate`accessKeys.status`accessKeys.lastUsedDate"; - FileGenerator.generateFile(userMap, fieldNames, "iamuser-accesskeys.data"); - - } - - /** - * Generate RDS snapshot files. - * - * @param dbSnapShots the db snap shots - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateRDSSnapshotFiles(Map> dbSnapShots) throws IOException { - - String fieldNames; - fieldNames = "DBSnapshotIdentifier`DBSnapshotArn`DBInstanceIdentifier`Status`snapshotCreateTime`snapshotType" - + "`encrypted`engine`allocatedStorage`port`availabilityZone`vpcId`instanceCreateTime`masterUsername" - + "`engineVersion`licenseModel`iops`optionGroupName`percentProgress`sourceRegion`sourceDBSnapshotIdentifier" - + "`storageType`tdeCredentialArn`kmsKeyId`timezone`iAMDatabaseAuthenticationEnabled"; - FileGenerator.generateFile(dbSnapShots, fieldNames, "rdssnapshot-info.data"); - } - - /** - * Generate iam role files. - * - * @param iamRoleMap the iam role map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateIamRoleFiles(Map> iamRoleMap) throws IOException { - String fieldNames; - fieldNames = "roleName`roleId`arn`description`path`createDate`assumeRolePolicyDocument"; - FileGenerator.generateFile(iamRoleMap, fieldNames, "iamrole-info.data"); - } - - /* Changes by John Start */ - - /** - * Generate KMS files. - * - * @param kmsKeyMap the kms key map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateKMSFiles(Map> kmsKeyMap) throws IOException { - String fieldNames; - fieldNames = "key.keyId`key.arn`key.creationDate`key.aWSAccountId`key.description`key.keyState`key.enabled`key.keyUsage`key.deletionDate`key.validTo" - +"`rotationStatus`alias.aliasName`alias.aliasArn"; - FileGenerator.generateFile(kmsKeyMap, fieldNames, "kms-info.data"); - fieldNames = "key.keyId`tags.tagKey`tags.tagValue"; - FileGenerator.generateFile(kmsKeyMap, fieldNames, "kms-tags.data"); - } - - /** - * Generate cloud front files. - * - * @param cfMap the cf map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateCloudFrontFiles(Map> cfMap) throws IOException { - String fieldNames; - fieldNames = "distSummary.id`distSummary.aRN`distSummary.status`distSummary.lastModifiedTime`distSummary.domainName`distSummary.enabled" - +"`distSummary.comment`distSummary.priceClass`distSummary.webACLId`distSummary.httpVersion`distSummary.isIPV6Enabled`distSummary.viewerCertificate.iAMCertificateId" - +"`distSummary.viewerCertificate.aCMCertificateArn`distSummary.viewerCertificate.cloudFrontDefaultCertificate`distSummary.viewerCertificate.sSLSupportMethod`distSummary.viewerCertificate.minimumProtocolVersion`distSummary.aliases.items"; - FileGenerator.generateFile(cfMap, fieldNames, "cloudfront-info.data"); - fieldNames = "distSummary.id`tags.key`tags.value"; - FileGenerator.generateFile(cfMap, fieldNames, "cloudfront-tags.data"); - } - - /** - * Generate EBS files. - * - * @param ebsMap the ebs map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateEBSFiles(Map> ebsMap) throws IOException { - String fieldNames; - fieldNames = "app.applicationName`app.description`app.dateCreated`app.dateUpdated`env.environmentName`env.environmentId`env.versionLabel`env.solutionStackName" - +"`env.platformArn`env.templateName`env.description`env.endpointURL`env.cNAME`env.dateCreated`env.dateUpdated`env.status`env.abortableOperationInProgress" - +"`env.health`env.healthStatus"; - FileGenerator.generateFile(ebsMap, fieldNames, "ebs-info.data"); - - fieldNames = "app.applicationName`env.environmentId`envResource.instances.id"; - FileGenerator.generateFile(ebsMap, fieldNames,"ebs-instances.data"); - - fieldNames = "app.applicationName`env.environmentId`envResource.autoScalingGroups.name"; - FileGenerator.generateFile(ebsMap, fieldNames,"ebs-asg.data"); - - fieldNames = "app.applicationName`env.environmentId`envResource.loadBalancers.name"; - FileGenerator.generateFile(ebsMap, fieldNames,"ebs-elb.data"); - - } - - /** - * Generate PHD files. - * - * @param phdMap the phd map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generatePHDFiles(Map> phdMap) throws IOException { - String fieldNames; - fieldNames = "eventDetails.event.arn`eventDetails.event.service`eventDetails.event.eventTypeCode`eventDetails.event.eventTypeCategory`eventDetails.event.region`" - +"eventDetails.event.availabilityZone`eventDetails.event.startTime`eventDetails.event.endTime`eventDetails.event.lastUpdatedTime`eventDetails.event.statusCode" - +"`eventDetails.eventDescription.latestDescription`eventDetails.eventMetadata"; - FileGenerator.generateFile(phdMap, fieldNames, "phd-info.data"); - fieldNames = "affectedEntities.eventArn`affectedEntities.entityArn`affectedEntities.awsAccountId`affectedEntities.entityValue`affectedEntities.lastUpdatedTime`affectedEntities.statusCode`affectedEntities.tags"; - FileGenerator.generateFile(phdMap, fieldNames, "phd-affectedentities.data"); - } - - /** - * Generate error file. - * - * @param errorMap the error map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static synchronized void generateErrorFile(Map> errorMap) throws IOException { - String fieldNames; - fieldNames = "region`type`exception"; - FileGenerator.generateFile(errorMap, fieldNames, "load-error.data"); - } - - /** - * Generate EC 2 route table files. - * - * @param routeTableMap the route table map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateEC2RouteTableFiles(Map> routeTableMap) throws IOException { - String fieldNames; - fieldNames = "routeTableId`vpcId"; - FileGenerator.generateFile(routeTableMap, fieldNames, "routetable.data"); - - fieldNames = "routeTableId`routes.destinationCidrBlock`routes.destinationPrefixListId`routes.gatewayId`routes.instanceId`routes.instanceOwnerId`routes.networkInterfaceId`routes.vpcPeeringConnectionId`routes.natGatewayId" - +"`routes.state`routes.origin`routes.destinationIpv6CidrBlock`routes.egressOnlyInternetGatewayId"; - FileGenerator.generateFile(routeTableMap, fieldNames, "routetable-routes.data"); - - fieldNames = "routeTableId`associations.routeTableAssociationId`associations.subnetId`associations.main"; - FileGenerator.generateFile(routeTableMap, fieldNames, "routetable-associations.data"); - - fieldNames = "routeTableId`propagatingVgws.gatewayId"; - FileGenerator.generateFile(routeTableMap, fieldNames, "routetable-propagatingVgws.data"); - - fieldNames = "routeTableId`tags.key`tags.value"; - FileGenerator.generateFile(routeTableMap, fieldNames, "routetable-tags.data"); - } - - /** - * Generate network acl files. - * - * @param networkAclMap the network acl map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateNetworkAclFiles(Map> networkAclMap) throws IOException { - String fieldNames; - fieldNames = "networkAclId`vpcId`isDefault"; - FileGenerator.generateFile(networkAclMap, fieldNames, "networkacl.data"); - - fieldNames = "networkAclId`entries.ruleNumber`entries.protocol`entries.ruleAction`entries.egress`entries.cidrBlock`entries.ipv6CidrBlock`entries.icmpTypeCode.type`entries.icmpTypeCode.code" - +"`entries.portRange.from`entries.portRange.to"; - FileGenerator.generateFile(networkAclMap, fieldNames, "networkacl-entries.data"); - - fieldNames = "networkAclId`associations.networkAclAssociationId`associations.subnetId"; - FileGenerator.generateFile(networkAclMap, fieldNames, "networkacl-associations.data"); - - fieldNames = "networkAclId`tags.key`tags.value"; - FileGenerator.generateFile(networkAclMap, fieldNames, "networkacl-tags.data"); - } - - /** - * Generate elastic IP files. - * - * @param elasticIPMap the elastic IP map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateElasticIPFiles(Map> elasticIPMap) throws IOException { - String fieldNames; - fieldNames = "instanceId`publicIp`allocationId`associationId`domain`networkInterfaceId`networkInterfaceOwnerId`privateIpAddress"; - FileGenerator.generateFile(elasticIPMap, fieldNames, "elasticip.data"); - } - - /** - * Generate launch configurations files. - * - * @param launchConfigurationMap the launch configuration map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateLaunchConfigurationsFiles(Map> launchConfigurationMap) throws IOException { - String fieldNames; - fieldNames = "launchConfigurationName`launchConfigurationARN`imageId`keyName`classicLinkVPCId`userData`instanceType`kernelId`ramdiskId`spotPrice`iamInstanceProfile`createdTime`ebsOptimized`associatePublicIpAddress`placementTenancy" - +"`securityGroups`classicLinkVPCSecurityGroups`instanceMonitoring.enabled"; - FileGenerator.generateFile(launchConfigurationMap, fieldNames, "asg-launchconfig.data"); - - fieldNames = "launchConfigurationName`blockDeviceMappings.virtualName`blockDeviceMappings.deviceName`blockDeviceMappings.noDevice`blockDeviceMappings.ebs.snapshotId`blockDeviceMappings.ebs.volumeSize" - +"`blockDeviceMappings.ebs.volumeType`blockDeviceMappings.ebs.deleteOnTermination`blockDeviceMappings.ebs.iops`blockDeviceMappings.ebs.encrypted"; - FileGenerator.generateFile(launchConfigurationMap, fieldNames, "asg-launchconfig-blockDeviceMappings.data"); - } - - /** - * Generate internet gateway files. - * - * @param internetGatewayMap the internet gateway map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateInternetGatewayFiles(Map> internetGatewayMap) throws IOException { - String fieldNames; - - fieldNames = "internetGatewayId"; - FileGenerator.generateFile(internetGatewayMap, fieldNames, "internetgateway.data"); - - fieldNames = "internetGatewayId`attachments.vpcId`attachments.state"; - FileGenerator.generateFile(internetGatewayMap, fieldNames, "internetgateway-attachments.data"); - - fieldNames = "internetGatewayId`tags.key`tags.value"; - FileGenerator.generateFile(internetGatewayMap, fieldNames, "internetgateway-tags.data"); - } - - /** - * Generate VPN gateway files. - * - * @param vpnGatewayMap the vpn gateway map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateVPNGatewayFiles(Map> vpnGatewayMap) throws IOException { - String fieldNames; - fieldNames = "vpnGatewayId`state`type`availabilityZone`amazonSideAsn"; - FileGenerator.generateFile(vpnGatewayMap, fieldNames, "vpngateway.data"); - - fieldNames = "vpnGatewayId`vpcAttachments.vpcId`vpcAttachments.state"; - FileGenerator.generateFile(vpnGatewayMap, fieldNames, "vpngateway-vpcAttachments.data"); - - fieldNames = "vpnGatewayId`tags.key`tags.value"; - FileGenerator.generateFile(vpnGatewayMap, fieldNames, "vpngateway-tags.data"); - } - - /** - * Generate scaling policies. - * - * @param scalingPolicyMap the scaling policy map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateScalingPolicies(Map> scalingPolicyMap) throws IOException { - String fieldNames; - fieldNames = "policyName`policyARN`autoScalingGroupName`policyType`adjustmentType`minAdjustmentStep`minAdjustmentMagnitude`scalingAdjustment`cooldown`metricAggregationType`estimatedInstanceWarmup"; - FileGenerator.generateFile(scalingPolicyMap, fieldNames, "asg-scalingpolicy.data"); - - fieldNames = "policyName`stepAdjustments.metricIntervalLowerBound`stepAdjustments.metricIntervalUpperBound`stepAdjustments.scalingAdjustment"; - FileGenerator.generateFile(scalingPolicyMap, fieldNames, "asg-scalingpolicy-stepAdjustments.data"); - - fieldNames = "policyName`alarms.alarmName`alarms.alarmARN"; - FileGenerator.generateFile(scalingPolicyMap, fieldNames, "asg-scalingpolicy-alarms.data"); - } - - /** - * Generate SNS topics. - * - * @param subscriptionMap the subscription map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateSNSTopics(Map> subscriptionMap) throws IOException { - String fieldNames; - fieldNames = "topicArn`subscriptionArn`owner`protocol`endpoint"; - FileGenerator.generateFile(subscriptionMap, fieldNames, "sns-topic.data"); - - } - - /** - * Generate egress gateway. - * - * @param egressGatewayMap the egress gateway map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateEgressGateway(Map> egressGatewayMap) throws IOException { - String fieldNames; - fieldNames = "egressOnlyInternetGatewayId`attachments.vpcId`attachments.state"; - FileGenerator.generateFile(egressGatewayMap, fieldNames, "egress-internetgateway.data"); - } - - /** - * Generate dhcp options. - * - * @param dhcpOptionsMap the dhcp options map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateDhcpOptions(Map> dhcpOptionsMap) throws IOException { - String fieldNames; - fieldNames = "dhcpOptionsId`dhcpConfigurations"; - FileGenerator.generateFile(dhcpOptionsMap, fieldNames, "dhcp-options.data"); - - fieldNames = "dhcpOptionsId`tags.key`tags.value"; - FileGenerator.generateFile(dhcpOptionsMap, fieldNames, "dhcp-options-tags.data"); - } - - /** - * Generate peering connections. - * - * @param peeringConnectionMap the peering connection map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generatePeeringConnections(Map> peeringConnectionMap) throws IOException { - String fieldNames; - fieldNames = "vpcPeeringConnectionId`status.code`expirationTime`requesterVpcInfo.ownerId`accepterVpcInfo.ownerId`requesterVpcInfo.vpcId`accepterVpcInfo.vpcId`requesterVpcInfo.cidrBlock`accepterVpcInfo.cidrBlock"+ - "`requesterVpcInfo.peeringOptions.allowDnsResolutionFromRemoteVpc`requesterVpcInfo.peeringOptions.allowEgressFromLocalClassicLinkToRemoteVpc`requesterVpcInfo.peeringOptions.allowEgressFromLocalVpcToRemoteClassicLink"+ - "`accepterVpcInfo.peeringOptions.allowDnsResolutionFromRemoteVpc`accepterVpcInfo.peeringOptions.allowEgressFromLocalClassicLinkToRemoteVpc`accepterVpcInfo.peeringOptions.allowEgressFromLocalVpcToRemoteClassicLink"; - FileGenerator.generateFile(peeringConnectionMap, fieldNames, "peering-connection-info.data"); - - fieldNames = "vpcPeeringConnectionId`tags.key`tags.value"; - FileGenerator.generateFile(peeringConnectionMap, fieldNames, "peering-connection-tags.data"); - } - - /** - * Generate customer gateway. - * - * @param customerGatewayMap the customer gateway map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateCustomerGateway(Map> customerGatewayMap) throws IOException { - String fieldNames; - fieldNames = "customerGatewayId`bgpAsn`ipAddress`state`type"; - FileGenerator.generateFile(customerGatewayMap, fieldNames, "customer-gateway.data"); - - fieldNames = "customerGatewayId`tags.key`tags.value"; - FileGenerator.generateFile(customerGatewayMap, fieldNames, "customer-gateway-tags.data"); - } - - /** - * Generate vpn connection. - * - * @param vpnConnectionMap the vpn connection map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateVpnConnection(Map> vpnConnectionMap) throws IOException { - String fieldNames; - fieldNames = "vpnConnectionId`vpnGatewayId`customerGatewayId`state`category`type`options.staticRoutesOnly"; - FileGenerator.generateFile(vpnConnectionMap, fieldNames, "vpn-connection.data"); - - fieldNames = "vpnConnectionId`routes.source`routes.state`routes.destinationCidrBlock"; - FileGenerator.generateFile(vpnConnectionMap, fieldNames, "vpn-connection-routes.data"); - - fieldNames = "vpnConnectionId`vgwTelemetry.acceptedRouteCount`vgwTelemetry.outsideIpAddress`vgwTelemetry.lastStatusChange`vgwTelemetry.status`vgwTelemetry.statusMessage"; - FileGenerator.generateFile(vpnConnectionMap, fieldNames, "vpn-connection-telemetry.data"); - - fieldNames = "vpnConnectionId`tags.key`tags.value"; - FileGenerator.generateFile(vpnConnectionMap, fieldNames, "vpn-connection-tags.data"); - } - - /** - * Generate direct connection. - * - * @param directConnectionMap the direct connection map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateDirectConnection(Map> directConnectionMap) throws IOException{ - String fieldNames; - fieldNames = "connectionId`connectionName`ownerAccount`connectionState`location`bandwidth`vlan`partnerName`loaIssueTime`lagId`awsDevice"; - FileGenerator.generateFile(directConnectionMap, fieldNames, "direct-connection.data"); - } - - /** - * Generate direct connection virtual interfaces. - * - * @param directConnectionVirtualInterfacesMap the direct connection virtual interfaces map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateDirectConnectionVirtualInterfaces(Map> directConnectionVirtualInterfacesMap) throws IOException { - String fieldNames; - fieldNames = "virtualInterfaceId`ownerAccount`connectionId`location`virtualInterfaceType`virtualInterfaceName" - + "`vlan`asn`amazonSideAsn`authKey`amazonAddress`customerAddress`addressFamily`virtualInterfaceState" - + "`customerRouterConfig`virtualGatewayId`directConnectGatewayId`routeFilterPrefixes.cidr" - + "`bgpPeers.asn`bgpPeers.authKey`bgpPeers.addressFamily`bgpPeers.amazonAddress`bgpPeers.customerAddress`bgpPeers.bgpPeerState`bgpPeers.bgpStatus"; - FileGenerator.generateFile(directConnectionVirtualInterfacesMap, fieldNames, "direct-connection-virtual-interfaces.data"); - } - - /** - * Generate ES domain. - * - * @param esDomainMap the es domain map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateESDomain(Map> esDomainMap) throws IOException { - String fieldNames; - fieldNames = "domain.domainId`domain.domainName`domain.aRN`domain.created`domain.deleted`domain.endpoint`domain.processing`domain.elasticsearchVersion`domain.accessPolicies`domain.endpoints" - + "`domain.elasticsearchClusterConfig.instanceType`domain.elasticsearchClusterConfig.instanceCount`domain.elasticsearchClusterConfig.dedicatedMasterEnabled`domain.elasticsearchClusterConfig.zoneAwarenessEnabled" - + "`domain.elasticsearchClusterConfig.dedicatedMasterType`domain.elasticsearchClusterConfig.dedicatedMasterCount`domain.vPCOptions.vPCId`domain.vPCOptions.subnetIds`domain.vPCOptions.availabilityZones" - + "`domain.vPCOptions.securityGroupIds`domain.advancedOptions"; - FileGenerator.generateFile(esDomainMap, fieldNames, "es-domain-info.data"); - - fieldNames = "domain.domainId`tags.key`tags.value"; - FileGenerator.generateFile(esDomainMap, fieldNames, "es-domain-tags.data"); - } - - /** - * Generate reserved instances. - * - * @param reservedInstancesMap the reserved instances map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateReservedInstances(Map> reservedInstancesMap) throws IOException { - String fieldNames; - fieldNames = "reservedInstancesId`instanceType`availabilityZone`duration`start`end`fixedPrice`instanceCount`productDescription`state`usagePrice`currencyCode" - + "`instanceTenancy`offeringClass`offeringType`scope`recurringCharges.frequency`recurringCharges.amount"; - FileGenerator.generateFile(reservedInstancesMap, fieldNames, "reserved-Instances-info.data"); - - fieldNames = "reservedInstancesId`tags.key`tags.value"; - FileGenerator.generateFile(reservedInstancesMap, fieldNames, "reserved-Instances-tags.data"); - } - - /** - * Generate ssm files. - * - * @param ssmMap the ssm map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateSsmFiles(Map> ssmMap) throws IOException { - String fieldNames; - fieldNames ="instanceId`pingStatus`lastPingDateTime`agentVersion`isLatestVersion`platformType`platformName`platformVersion`activationId`iamRole`registrationDate`resourceType`name`iPAddress`computerName`associationStatus`lastAssociationExecutionDate`lastSuccessfulAssociationExecutionDate"; - FileGenerator.generateFile(ssmMap, fieldNames, "ssm-info.data"); - } - - /** - * Generate elasti cache files. - * - * @param elastiCacheMap the elasti cache map - * @throws IOException Signals that an I/O exception has occurred. - */ - public static void generateElastiCacheFiles(Map> elastiCacheMap) throws IOException { - String fieldNames; - fieldNames ="arn`clusterName`description`noOfNodes`primaryOrConfigEndpoint`availabilityZones`cluster.cacheNodeType`cluster.engine`cluster.engineVersion`cluster.cacheClusterStatus" - + "`cluster.cacheClusterCreateTime`cluster.preferredMaintenanceWindow`cluster.cacheSubnetGroupName`cluster.autoMinorVersionUpgrade`cluster.replicationGroupId`cluster.snapshotRetentionLimit`cluster.snapshotWindow`cluster.authTokenEnabled" - + "`cluster.transitEncryptionEnabled`cluster.atRestEncryptionEnabled`cluster.notificationConfiguration.topicArn`cluster.notificationConfiguration.topicStatus" - + "`securityGroups`parameterGroup"; - FileGenerator.generateFile(elastiCacheMap, fieldNames, "elastiCache-info.data"); - - fieldNames = "clusterName`tags.key`tags.value"; - FileGenerator.generateFile(elastiCacheMap, fieldNames, "elastiCache-tags.data"); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import java.io.File; +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import com.amazonaws.services.apigateway.model.RestApi; +import com.amazonaws.services.autoscaling.model.AutoScalingGroup; +import com.amazonaws.services.autoscaling.model.LaunchConfiguration; +import com.amazonaws.services.autoscaling.model.ScalingPolicy; +import com.amazonaws.services.cloudformation.model.Stack; +import com.amazonaws.services.directconnect.model.Connection; +import com.amazonaws.services.directconnect.model.VirtualInterface; +import com.amazonaws.services.ec2.model.Address; +import com.amazonaws.services.ec2.model.CustomerGateway; +import com.amazonaws.services.ec2.model.DhcpOptions; +import com.amazonaws.services.ec2.model.EgressOnlyInternetGateway; +import com.amazonaws.services.ec2.model.Instance; +import com.amazonaws.services.ec2.model.InternetGateway; +import com.amazonaws.services.ec2.model.IpPermission; +import com.amazonaws.services.ec2.model.NatGateway; +import com.amazonaws.services.ec2.model.NetworkAcl; +import com.amazonaws.services.ec2.model.NetworkInterface; +import com.amazonaws.services.ec2.model.ReservedInstances; +import com.amazonaws.services.ec2.model.RouteTable; +import com.amazonaws.services.ec2.model.SecurityGroup; +import com.amazonaws.services.ec2.model.Snapshot; +import com.amazonaws.services.ec2.model.Subnet; +import com.amazonaws.services.ec2.model.Volume; +import com.amazonaws.services.ec2.model.VpcPeeringConnection; +import com.amazonaws.services.ec2.model.VpnConnection; +import com.amazonaws.services.ec2.model.VpnGateway; +import com.amazonaws.services.elasticloadbalancingv2.model.LoadBalancer; +import com.amazonaws.services.elasticmapreduce.model.Cluster; +import com.amazonaws.services.identitymanagement.model.Role; +import com.amazonaws.services.rds.model.DBSnapshot; +import com.amazonaws.services.simplesystemsmanagement.model.InstanceInformation; +import com.amazonaws.services.sns.model.Topic; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.vo.BucketVH; +import com.tmobile.cso.pacman.inventory.vo.CheckVH; +import com.tmobile.cso.pacman.inventory.vo.ClassicELBVH; +import com.tmobile.cso.pacman.inventory.vo.CloudFrontVH; +import com.tmobile.cso.pacman.inventory.vo.DBClusterVH; +import com.tmobile.cso.pacman.inventory.vo.DBInstanceVH; +import com.tmobile.cso.pacman.inventory.vo.DataStreamVH; +import com.tmobile.cso.pacman.inventory.vo.DeliveryStreamVH; +import com.tmobile.cso.pacman.inventory.vo.DynamoVH; +import com.tmobile.cso.pacman.inventory.vo.EbsVH; +import com.tmobile.cso.pacman.inventory.vo.EfsVH; +import com.tmobile.cso.pacman.inventory.vo.ElastiCacheVH; +import com.tmobile.cso.pacman.inventory.vo.ElasticsearchDomainVH; +import com.tmobile.cso.pacman.inventory.vo.ErrorVH; +import com.tmobile.cso.pacman.inventory.vo.KMSKeyVH; +import com.tmobile.cso.pacman.inventory.vo.LambdaVH; +import com.tmobile.cso.pacman.inventory.vo.LoadBalancerVH; +import com.tmobile.cso.pacman.inventory.vo.PhdVH; +import com.tmobile.cso.pacman.inventory.vo.RedshiftVH; +import com.tmobile.cso.pacman.inventory.vo.Resource; +import com.tmobile.cso.pacman.inventory.vo.SGRuleVH; +import com.tmobile.cso.pacman.inventory.vo.SQSVH; +import com.tmobile.cso.pacman.inventory.vo.TargetGroupVH; +import com.tmobile.cso.pacman.inventory.vo.UserVH; +import com.tmobile.cso.pacman.inventory.vo.VideoStreamVH; +import com.tmobile.cso.pacman.inventory.vo.VpcVH; + +/** + * The Class FileManager. + */ +public class FileManager { + + + /** + * Instantiates a new file manager. + */ + private FileManager() { + + } + + /** + * Initialise. + * + * @param folderName the folder name + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void initialise(String folderName) throws IOException{ + FileGenerator.folderName = folderName; + new File(folderName).mkdirs(); + + FileGenerator.writeToFile("aws-ec2.data",InventoryConstants.OPEN_ARRAY,false); + FileGenerator.writeToFile("aws-ec2-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-ec2-secgroups.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-ec2-productcodes.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-ec2-blockdevices.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-ec2-nwinterfaces.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-eni.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-eni-secgroups.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-eni-ipv6.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-eni-privateipaddr.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-asg.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-asg-instances.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-asg-elb.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-asg-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-stack.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-stack-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-dynamodb.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-dynamodb-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-efs.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-efs-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-emr.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-emr-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-lambda.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-lambda-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-lambda-secgroups.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-classicelb.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-classicelb-instances.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-classicelb-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-classicelb-secgroups.data",InventoryConstants.OPEN_ARRAY,false); + FileGenerator.writeToFile("aws-appelb.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-appelb-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-appelb-instances.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-appelb-secgroups.data",InventoryConstants.OPEN_ARRAY,false); + FileGenerator.writeToFile("aws-targetgroup.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-targetgroup-instances.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-nat.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-nat-addresses.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-rdscluster.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-rdscluster-secgroups.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-rdscluster-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-rdsdb.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-rdsdb-secgroups.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-rdsdb-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-s3.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-s3-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-sg.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-sg-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-sg-rules.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-subnet.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-subnet-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-checks.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-checks-resources.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-redshift.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-redshift-secgroups.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-redshift-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-volume.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-volume-attachments.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-volume-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-snapshot.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-snapshot-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpc.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpc-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpc-endpoints.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-api.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-iamuser.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-iamuser-keys.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-rdssnapshot.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-iamrole.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-kms.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-kms-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-cloudfront.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-cloudfront-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-beanstalk.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-beanstalk-instance.data",InventoryConstants.OPEN_ARRAY,false); + FileGenerator.writeToFile("aws-beanstalk-asg.data",InventoryConstants.OPEN_ARRAY,false); + FileGenerator.writeToFile("aws-beanstalk-elb.data",InventoryConstants.OPEN_ARRAY,false); + FileGenerator.writeToFile("aws-phd.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-phd-entities.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-routetable.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-routetable-routes.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-routetable-associations.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-routetable-propagatingvgws.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-routetable-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-networkacl.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-networkacl-entries.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-networkacl-associations.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-networkacl-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-elasticip.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-launchconfig.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-launchconfig-blockdevicemappings.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-internetgateway-attachments.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-internetgateway.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-internetgateway-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpngateway.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpngateway-vpcattachments.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpngateway-tags.data",InventoryConstants.OPEN_ARRAY, false ); + FileGenerator.writeToFile("aws-asgpolicy.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-asgpolicy-stepadjustments.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-asgpolicy-alarms.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-snstopic.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-egressgateway.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-dhcpoption.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-dhcpoption-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-peeringconnection.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-peeringconnection-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-customergateway.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-customergateway-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpnconnection.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpnconnection-routes.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpnconnection-telemetry.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-vpnconnection-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-directconnect.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-virtualinterface.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-elasticsearch.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-elasticsearch-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-reservedinstance.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-reservedinstance-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-ec2-ssminfo.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-elasticache.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-elasticache-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-datastream.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-datastream-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-sqs.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-sqs-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-deliverystream.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-deliverystream-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-videostream.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-videostream-tags.data",InventoryConstants.OPEN_ARRAY, false); + FileGenerator.writeToFile("aws-elasticache-nodes.data",InventoryConstants.OPEN_ARRAY, false); + + } + + public static void finalise() throws IOException{ + + FileGenerator.writeToFile("aws-ec2.data",InventoryConstants.CLOSE_ARRAY,true); + FileGenerator.writeToFile("aws-ec2-tags.data",InventoryConstants.CLOSE_ARRAY,true); + FileGenerator.writeToFile("aws-ec2-secgroups.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-ec2-productcodes.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-ec2-blockdevices.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-ec2-nwinterfaces.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-eni.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-eni-secgroups.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-eni-ipv6.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-eni-privateipaddr.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-asg.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-asg-instances.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-asg-elb.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-asg-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-stack.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-stack-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-dynamodb.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-dynamodb-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-efs.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-efs-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-emr.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-emr-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-lambda.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-lambda-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-lambda-secgroups.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-classicelb.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-classicelb-instances.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-classicelb-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-classicelb-secgroups.data",InventoryConstants.CLOSE_ARRAY,true); + FileGenerator.writeToFile("aws-appelb.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-appelb-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-appelb-instances.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-appelb-secgroups.data",InventoryConstants.CLOSE_ARRAY,true); + FileGenerator.writeToFile("aws-targetgroup.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-targetgroup-instances.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-nat.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-nat-addresses.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-rdscluster.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-rdscluster-secgroups.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-rdscluster-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-rdsdb.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-rdsdb-secgroups.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-rdsdb-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-s3.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-s3-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-sg.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-sg-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-sg-rules.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-subnet.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-subnet-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-checks.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-checks-resources.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-redshift.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-redshift-secgroups.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-redshift-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-volume.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-volume-attachments.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-volume-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-snapshot.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-snapshot-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpc.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpc-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpc-endpoints.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-api.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-iamuser.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-iamuser-keys.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-rdssnapshot.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-iamrole.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-kms.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-kms-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-cloudfront.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-cloudfront-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-beanstalk.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-beanstalk-instance.data",InventoryConstants.CLOSE_ARRAY,true); + FileGenerator.writeToFile("aws-beanstalk-asg.data",InventoryConstants.CLOSE_ARRAY,true); + FileGenerator.writeToFile("aws-beanstalk-elb.data",InventoryConstants.CLOSE_ARRAY,true); + FileGenerator.writeToFile("aws-phd.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-phd-entities.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-routetable.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-routetable-routes.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-routetable-associations.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-routetable-propagatingvgws.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-routetable-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-networkacl.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-networkacl-entries.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-networkacl-associations.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-networkacl-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-elasticip.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-launchconfig.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-launchconfig-blockdevicemappings.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-internetgateway-attachments.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-internetgateway.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-internetgateway-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpngateway.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpngateway-vpcattachments.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpngateway-tags.data",InventoryConstants.CLOSE_ARRAY, true ); + FileGenerator.writeToFile("aws-asgpolicy.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-asgpolicy-stepadjustments.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-asgpolicy-alarms.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-snstopic.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-egressgateway.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-dhcpoption.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-dhcpoption-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-peeringconnection.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-peeringconnection-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-customergateway.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-customergateway-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpnconnection.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpnconnection-routes.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpnconnection-telemetry.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-vpnconnection-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-directconnect.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-virtualinterface.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-elasticsearch.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-elasticsearch-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-reservedinstance.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-reservedinstance-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-ec2-ssminfo.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-elasticache.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-elasticache-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-datastream.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-datastream-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-sqs.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-sqs-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-deliverystream.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-deliverystream-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-videostream.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-videostream-tags.data",InventoryConstants.CLOSE_ARRAY, true); + FileGenerator.writeToFile("aws-elasticache-nodes.data",InventoryConstants.CLOSE_ARRAY, true); + } + + /** + * Generate instance files. + * + * @param instanceMap the instance map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateInstanceFiles(Map> instanceMap) throws IOException { + String fieldNames =""; + String keys =""; + + fieldNames = "instanceId`amiLaunchIndex`architecture`clientToken`ebsOptimized`EnaSupport`Hypervisor`ImageId`InstanceLifecycle`InstanceType`KernelId`KeyName`LaunchTime`Platform`PrivateDnsName`" + + "PrivateIpAddress`PublicDnsName`PublicIpAddress`RamdiskId`RootDeviceName`RootDeviceType`SourceDestCheck`SpotInstanceRequestId`SriovNetSupport`StateTransitionReason`SubnetId`VirtualizationType`" + + "VpcId`IamInstanceProfile.Arn`IamInstanceProfile.Id`Monitoring.State`Placement.Affinity`Placement.AvailabilityZone`Placement.GroupName`Placement.HostId`Placement.Tenancy`State.Name`State.Code`StateReason.Message`StateReason.Code"; + keys = "discoverydate`accountid`accountname`region`instanceid`amilaunchindex`architecture`clienttoken`ebsoptimized`enasupport`hypervisor" + + "`imageid`instancelifecycle`instancetype`kernelid`keyname`launchtime`platform`privatednsname`privateipaddress`" + + "publicdnsname`publicipaddress`ramdiskid`rootdevicename`rootdevicetype`sourcedestcheck`spotinstancerequestid`" + + "sriovnetsupport`statetransitionreason`subnetid`virtualizationtype`vpcid`iaminstanceprofilearn`iaminstanceprofileid" + + "`monitoringstate`affinity`availabilityzone`groupname`hostid`tenancy`statename`statecode`statereasonmessage`statereasoncode"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-ec2.data",keys); + + fieldNames = "instanceId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`instanceid`key`value"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-ec2-tags.data",keys); + + fieldNames = "instanceId`SecurityGroups.groupId`SecurityGroups.groupName"; + keys = "discoverydate`accountid`accountname`region`instanceid`securitygroupid`securitygroupname"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-ec2-secgroups.data",keys); + + fieldNames = "instanceId`ProductCodes.ProductCodeId`ProductCodes.ProductCodeType"; + keys = "discoverydate`accountid`accountname`region`instanceid`productcodeid`productcodetype"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-ec2-productcodes.data",keys); + + fieldNames = "instanceId`BlockDeviceMappings.deviceName`BlockDeviceMappings.ebs.VolumeId`BlockDeviceMappings.ebs.AttachTime`BlockDeviceMappings.ebs.DeleteOnTermination`BlockDeviceMappings.ebs.status"; + keys = "discoverydate`accountid`accountname`region`instanceid`devicename`volumeid`attachtime`delontermination`status"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-ec2-blockdevices.data",keys); + + fieldNames = "instanceId`NetworkInterfaces.NetworkInterfaceId`NetworkInterfaces.Description"; + keys = "discoverydate`accountid`accountname`region`instanceid`networkinterfaceid`networkinterfacedescription"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-ec2-nwinterfaces.data",keys); + + } + + /** + * Generate nw interface files. + * + * @param nwIntfcMap the nw intfc map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateNwInterfaceFiles(Map> nwIntfcMap) throws IOException { + String fieldNames =""; + String keys =""; + + fieldNames = "NetworkInterfaceId`Description`MacAddress`OwnerId`PrivateDnsName`PrivateIpAddress`SourceDestCheck`Status`SubnetId`VpcId`association.IpOwnerId`association.PublicDnsName`association.PublicIp`attachment.AttachmentId`attachment.AttachTime`attachment.DeleteOnTermination`attachment.DeviceIndex`attachment.status"; + keys = "discoverydate`accountid`accountname`region`networkinterfaceid`description`macaddress`ownerid`" + + "privatednsname`privateipaddress`sourcedestcheck`status`subnetid`vpcid`associationipownerid`associationpubdnsname`associationpubip`attachmentid`attachmentattachtime`attachmentdelontermination`attachmentdeviceindex`attachmentstatus"; + FileGenerator.generateJson(nwIntfcMap, fieldNames, "aws-eni.data",keys); + + fieldNames = "NetworkInterfaceId`groups.GroupId`groups.GroupName"; + keys = "discoverydate`accountid`accountname`region`networkinterfaceid`groupid`groupname"; + FileGenerator.generateJson(nwIntfcMap, fieldNames, "aws-eni-secgroups.data",keys); + + fieldNames = "NetworkInterfaceId`Ipv6Addresses.Ipv6Address"; + keys = "discoverydate`accountid`accountname`region`networkinterfaceid`ipv6address"; + FileGenerator.generateJson(nwIntfcMap, fieldNames, "aws-eni-ipv6.data",keys); + + fieldNames = "NetworkInterfaceId`PrivateIpAddresses.Primary`PrivateIpAddresses.PrivateDnsName`PrivateIpAddresses.PrivateIpAddress`PrivateIpAddresses.association.IpOwnerId`PrivateIpAddresses.association.PublicDnsName`PrivateIpAddresses.association.PublicIp"; + keys = "discoverydate`accountid`accountname`region`networkinterfaceid`privateipaddrprimary`privatednsname`privateipaddress`associpownerid`assocpubdnsname`assocpublicip"; + FileGenerator.generateJson(nwIntfcMap, fieldNames, "aws-eni-privateipaddr.data",keys); + + } + + /** + * Generate asg files. + * + * @param instanceMap the instance map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateAsgFiles(Map> instanceMap) throws IOException { + + String fieldNames; + String keys; + + fieldNames ="AutoScalingGroupARN`AutoScalingGroupName`AvailabilityZones`CreatedTime`DefaultCooldown`DesiredCapacity`HealthCheckGracePeriod`HealthCheckType`LaunchConfigurationName`MaxSize`MinSize`" + + "NewInstancesProtectedFromScaleIn`PlacementGroup`Status`SuspendedProcesses`TargetGroupARNs`TerminationPolicies`VPCZoneIdentifier"; + keys ="discoverydate`accountid`accountname`region`autoscalinggrouparn`autoscalinggroupname`availabilityzones`createdtime`defaultcooldown`desiredcapacity`healthcheckgraceperiod`healthchecktype`" + + "launchconfigurationname`maxsize`minsize`newinstancesprotectedfromscalein`placementgroup`status`suspendedprocesses`targetgrouparns`terminationpolicies`vpczoneidentifier"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-asg.data",keys); + + fieldNames ="AutoScalingGroupARN`instances.instanceid"; + keys ="discoverydate`accountid`accountname`region`autoscalinggrouparn`instancesinstanceid"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-asg-instances.data",keys); + + fieldNames ="AutoScalingGroupARN`LoadBalancerNames"; + keys ="discoverydate`accountid`accountname`region`autoscalinggrouparn`loadbalancernames"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-asg-elb.data",keys); + + fieldNames ="AutoScalingGroupARN`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`autoscalinggrouparn`key`value"; + FileGenerator.generateJson(instanceMap, fieldNames, "aws-asg-tags.data",keys); + + } + + /** + * Generate cloud formation stack files. + * + * @param fileInofMap the file inof map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateCloudFormationStackFiles(Map> fileInofMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="StackId`StackName`ChangeSetId`CreationTime`Description`DisableRollback`LastUpdatedTime`RoleARN`StackStatus`StackStatusReason`TimeoutInMinutes"; + keys ="discoverydate`accountid`accountname`region`stackid`stackname`changesetid`creationtime`description`disablerollback`lastupdatedtime`rolearn`status`statusreason`timeoutinminutes"; + FileGenerator.generateJson(fileInofMap, fieldNames, "aws-stack.data",keys); + fieldNames ="StackId`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`stackid`key`value"; + FileGenerator.generateJson(fileInofMap, fieldNames, "aws-stack-tags.data",keys); + + } + + /** + * Generate dynamo db files. + * + * @param dynamoMap the dynamo map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateDynamoDbFiles(Map> dynamoMap) throws IOException { + String fieldNames; + String keys; + + fieldNames ="table.TableArn`table.TableName`table.CreationDateTime`table.ItemCount`table.LatestStreamArn`table.LatestStreamLabel`table.TableSizeBytes`table.TableStatus`table.ProvisionedThroughput.ReadCapacityUnits`table.ProvisionedThroughput.WriteCapacityUnits`table.StreamSpecification.StreamEnabled`table.StreamSpecification.StreamViewType"; + keys ="discoverydate`accountid`accountname`region`tablearn`tablename`creationdatetime`itemcount`lateststreamarn`lateststreamlabel`tablesizebytes`tablestatus`readcapacityunits`writecapacityunits`streamenabled`streamviewtype"; + FileGenerator.generateJson(dynamoMap, fieldNames, "aws-dynamodb.data",keys); + fieldNames ="table.TableArn`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`tablearn`key`value"; + FileGenerator.generateJson(dynamoMap, fieldNames, "aws-dynamodb-tags.data",keys); + } + + /** + * Generate efs files. + * + * @param efsfMap the efsf map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateEfsFiles(Map> efsfMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="efs.FileSystemId`efs.Name`efs.CreationTime`efs.CreationToken`efs.LifeCycleState`efs.NumberOfMountTargets`efs.OwnerId`efs.PerformanceMode"; + keys ="discoverydate`accountid`accountname`region`filesystemid`name`creationtime`creationtoken`lifecyclestate`noofmounttargets`ownerid`performancemode"; + FileGenerator.generateJson(efsfMap, fieldNames, "aws-efs.data",keys); + fieldNames ="efs.FileSystemId`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`filesystemid`key`value"; + FileGenerator.generateJson(efsfMap, fieldNames, "aws-efs-tags.data",keys); + + } + + /** + * Generate emr files. + * + * @param fileInofMap the file inof map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateEmrFiles(Map> fileInofMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="Id`AutoScalingRole`AutoTerminate`InstanceCollectionType`LogUri`MasterPublicDnsName`Name`NormalizedInstanceHours`ReleaseLabel`RequestedAmiVersion`RunningAmiVersion`ScaleDownBehavior`SecurityConfiguration`ServiceRole`TerminationProtected`VisibleToAllUsers"; + keys ="discoverydate`accountid`accountname`region`id`autoscalingrole`autoterminate`instancecollectiontype`loguri`masterpubdnsname`name`norminstancehours`releaselabel`reqamiversion`runningamiversion`scaledownbehavior`securityconfig`servicerole`terminationprotected`visibletoallusers"; + FileGenerator.generateJson(fileInofMap, fieldNames, "aws-emr.data",keys); + fieldNames ="Id`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`id`key`value"; + FileGenerator.generateJson(fileInofMap, fieldNames, "aws-emr-tags.data",keys); + + } + + /** + * Generate lamda files. + * + * @param fileInofMap the file inof map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateLamdaFiles(Map> fileInofMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "lambda.FunctionArn`lambda.CodeSha256`lambda.CodeSize`lambda.Description`lambda.FunctionName`lambda.Handler`lambda.KMSKeyArn`lambda.LastModified`lambda.MemorySize`lambda.Role`lambda.Runtime`lambda.Timeout`lambda.Version`lambda.VpcConfig.VpcId`lambda.VpcConfig.SubnetIds`lambda.VpcConfig.SecurityGroupIds"; + keys = "discoverydate`accountid`accountname`region`functionarn`codesha256`codesize`description`functionname`handler`kmskeyarn`lastmodified`memorysize`role`runtime`timeout`version`vpcconfigid`vpcconfigsubnetids`vpcconfigsecuritygroupids"; + FileGenerator.generateJson(fileInofMap, fieldNames, "aws-lambda.data",keys); + fieldNames ="lambda.FunctionArn`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`functionarn`key`value"; + FileGenerator.generateJson(fileInofMap, fieldNames, "aws-lambda-tags.data",keys); + fieldNames ="lambda.FunctionArn`lambda.vpcConfig.securityGroupIds"; + keys ="discoverydate`accountid`accountname`region`functionarn`securitygroupid"; + FileGenerator.generateJson(fileInofMap, fieldNames, "aws-lambda-secgroups.data",keys); + } + + /** + * Generate classic elb files. + * + * @param elbMap the elb map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateClassicElbFiles(Map> elbMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "elb.DNSName`elb.AvailabilityZones`elb.CanonicalHostedZoneName`elb.CanonicalHostedZoneNameID`elb.CreatedTime`elb.LoadBalancerName`elb.Scheme`elb.VPCId`elb.subnets"; + keys = "discoverydate`accountid`accountname`region`dnsname`availabilityzones`canonicalhostedzonename`canonicalhostedzonenameid`createdtime`loadbalancername`scheme`vpcid`subnets"; + FileGenerator.generateJson(elbMap, fieldNames, "aws-classicelb.data",keys); + fieldNames = "elb.LoadBalancerName`elb.Instances.InstanceId"; + keys = "discoverydate`accountid`accountname`region`loadbalancername`instanceid"; + FileGenerator.generateJson(elbMap, fieldNames, "aws-classicelb-instances.data",keys); + fieldNames ="elb.LoadBalancerName`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`loadbalancername`key`value"; + FileGenerator.generateJson(elbMap, fieldNames, "aws-classicelb-tags.data",keys); + fieldNames ="elb.LoadBalancerName`elb.securityGroups"; + keys ="discoverydate`accountid`accountname`region`loadbalancername`securitygroupid"; + FileGenerator.generateJson(elbMap, fieldNames, "aws-classicelb-secgroups.data",keys); + } + + /** + * Generate application elb files. + * + * @param elbMap the elb map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateApplicationElbFiles(Map> elbMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "lb.LoadBalancerArn`lb.DNSName`lb.CanonicalHostedZoneID`lb.CreatedTime`lb.LoadBalancerName`lb.Scheme`lb.VPCId`AvailabilityZones`lb.type`subnets"; + keys = "discoverydate`accountid`accountname`region`loadbalancerarn`dnsname`canonicalhostedzoneid`createdtime`loadbalancername`scheme`vpcid`availabilityzones`type`subnets"; + FileGenerator.generateJson(elbMap, fieldNames, "aws-appelb.data",keys); + fieldNames ="lb.LoadBalancerName`tags.key`tags.value"; + keys ="discoverydate`accountid`accountname`region`loadbalancername`key`value"; + FileGenerator.generateJson(elbMap, fieldNames, "aws-appelb-tags.data",keys); + fieldNames ="lb.LoadBalancerName`lb.securityGroups"; + keys ="discoverydate`accountid`accountname`region`loadbalancername`securitygroupid"; + FileGenerator.generateJson(elbMap, fieldNames, "aws-appelb-secgroups.data",keys); + } + + /** + * Generate target group files. + * + * @param targetGrpMap the target grp map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateTargetGroupFiles(Map> targetGrpMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "trgtGrp.TargetGroupArn`trgtGrp.TargetGroupName`trgtGrp.vpcid`trgtGrp.protocol`trgtGrp.port`trgtGrp.HealthyThresholdCount`trgtGrp.UnhealthyThresholdCount`trgtGrp.HealthCheckIntervalSeconds`trgtGrp.HealthCheckTimeoutSeconds`trgtGrp.LoadBalancerArns"; + keys = "discoverydate`accountid`accountname`region`targetgrouparn`targetgroupname`vpcid`protocol`port`healthythresholdcount`unhealthythresholdcount`healthcheckintervalseconds`healthchecktimeoutseconds`loadbalancerarns"; + FileGenerator.generateJson(targetGrpMap, fieldNames, "aws-targetgroup.data",keys); + + fieldNames = "trgtGrp.TargetGroupName`targets.target.id"; + keys = "discoverydate`accountid`accountname`region`targetgrouparn`targetgroupid"; + FileGenerator.generateJson(targetGrpMap, fieldNames, "aws-targetgroup-instances.data",keys); + + Map> appElbInstanceMap = new HashMap<>(); + Iterator>> it= targetGrpMap.entrySet().iterator(); + + while(it.hasNext()){ + Entry> entry = it.next(); + String accntId= entry.getKey(); + List trgtList = entry.getValue(); + appElbInstanceMap.putIfAbsent(accntId,new ArrayList()); + for(TargetGroupVH trgtGrp : trgtList){ + List elbList = trgtGrp.getTrgtGrp().getLoadBalancerArns(); + for(String elbarn : elbList){ + LoadBalancer elb = new LoadBalancer(); + elb.setLoadBalancerArn(elbarn); + Matcher appMatcher = Pattern.compile("(?<=loadbalancer/(app|net)/)(.*)(?=/)").matcher(elbarn); + if(appMatcher.find()){ + elb.setLoadBalancerName(appMatcher.group()); + LoadBalancerVH elbVH = new LoadBalancerVH(elb); + List instances = new ArrayList<>(); + elbVH.setInstances(instances); + trgtGrp.getTargets().forEach(trgtHealth -> { + instances.add(new com.amazonaws.services.elasticloadbalancing.model.Instance(trgtHealth.getTarget().getId())); + }); + appElbInstanceMap.get(accntId).add(elbVH); + } + } + } + } + fieldNames = "lb.LoadBalancerName`Instances.InstanceId"; + keys = "discoverydate`accountid`accountname`region`loadbalancername`instanceid"; + FileGenerator.generateJson(appElbInstanceMap, fieldNames, "aws-appelb-instances.data",keys); + } + + /** + * Generate nat gateway files. + * + * @param gateWayMap the gate way map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateNatGatewayFiles(Map> gateWayMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "NatGatewayId`VpcId`SubnetId`State`CreateTime`DeleteTime`FailureCode`FailureMessage"; + keys = "discoverydate`accountid`accountname`region`natgatewayid`vpcid`subnetid`state`createtime`deletetime`failurecode`failuremessage"; + FileGenerator.generateJson(gateWayMap, fieldNames, "aws-nat.data",keys); + + fieldNames = "NatGatewayId`NatGatewayAddresses.NetworkInterfaceId`NatGatewayAddresses.PrivateIp`NatGatewayAddresses.PublicIp`NatGatewayAddresses.AllocationId"; + keys = "discoverydate`accountid`accountname`region`natgatewayid`networkinterfaceid`privateip`publicip`allocationid"; + FileGenerator.generateJson(gateWayMap, fieldNames, "aws-nat-addresses.data",keys); + } + + /** + * Generate RDS cluster files. + * + * @param rdsclusterMap the rdscluster map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateRDSClusterFiles(Map> rdsclusterMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "cluster.DBClusterArn`cluster.AllocatedStorage`cluster.AvailabilityZones`cluster.BackupRetentionPeriod`cluster.CharacterSetName`cluster.ClusterCreateTime`cluster.DatabaseName`cluster.DBClusterIdentifier`cluster.DBClusterParameterGroup" + + "`cluster.DbClusterResourceId`cluster.DBSubnetGroup`cluster.EarliestRestorableTime`cluster.Endpoint`cluster.Engine`cluster.EngineVersion`cluster.HostedZoneId`cluster.IAMDatabaseAuthenticationEnabled" + + "`cluster.KmsKeyId`cluster.LatestRestorableTime`cluster.MasterUsername`cluster.MultiAZ`cluster.PercentProgress`cluster.Port`cluster.PreferredBackupWindow`cluster.PreferredMaintenanceWindow`cluster.ReaderEndpoint" + + "`cluster.ReadReplicaIdentifiers`cluster.ReplicationSourceIdentifier`cluster.Status`cluster.StorageEncrypted"; + keys = "discoverydate`accountid`accountname`region`dbclusterarn`allocatedstorage`availabilityzones`backupretentionperiod`charactersetname`clustercreatetime`databasename`dbclusteridentifier`dbclusterparametergroup" + + "`dbclusterresourceid`dbsubnetgroup`earliestrestorabletime`endpoint`engine`engineversion`hostedzoneid`iamdatabaseauthenticationenabled" + + "`kmskeyid`latestrestorabletime`masterusername`multiaz`percentprogress`port`preferredbackupwindow`preferredmaintenancewindow`readerendpoint" + + "`readreplicaidentifiers`replicationsourceidentifier`status`storageencrypted"; + FileGenerator.generateJson(rdsclusterMap, fieldNames, "aws-rdscluster.data",keys); + + fieldNames = "cluster.DBClusterArn`cluster.VpcSecurityGroups.VpcSecurityGroupId`cluster.VpcSecurityGroups.status"; + keys = "discoverydate`accountid`accountname`region`dbclusterarn`vpcsecuritygroupid`vpcsecuritygroupstatus"; + FileGenerator.generateJson(rdsclusterMap, fieldNames, "aws-rdscluster-secgroups.data",keys); + + fieldNames = "cluster.DBClusterArn`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`dbclusterarn`key`value"; + FileGenerator.generateJson(rdsclusterMap, fieldNames, "aws-rdscluster-tags.data",keys); + } + + /** + * Generate RDS instance files. + * + * @param rdsIntncMap the rds intnc map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateRDSInstanceFiles(Map> rdsIntncMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "dbinst.DBInstanceArn`dbinst.AllocatedStorage`dbinst.AutoMinorVersionUpgrade`dbinst.AvailabilityZone`dbinst.BackupRetentionPeriod`dbinst.CACertificateIdentifier`dbinst.CharacterSetName`dbinst.CopyTagsToSnapshot" + + "`dbinst.DBClusterIdentifier`dbinst.DBInstanceClass`dbinst.DBInstanceIdentifier`dbinst.DbInstancePort`dbinst.DBInstanceStatus`dbinst.DbiResourceId`dbinst.DBName`dbinst.Endpoint.Address`dbinst.Endpoint.Port`dbinst.Endpoint.HostedZoneID" + + "`dbinst.Engine`dbinst.EngineVersion`dbinst.EnhancedMonitoringResourceArn`dbinst.IAMDatabaseAuthenticationEnabled`dbinst.InstanceCreateTime`dbinst.Iops`dbinst.KmsKeyId`dbinst.LatestRestorableTime`dbinst.LicenseModel`dbinst.MasterUsername`dbinst.MonitoringInterval" + + "`dbinst.MonitoringRoleArn`dbinst.MultiAZ`dbinst.PreferredBackupWindow`dbinst.PreferredMaintenanceWindow`dbinst.PromotionTier`dbinst.PubliclyAccessible`dbinst.SecondaryAvailabilityZone`dbinst.StorageEncrypted`dbinst.StorageType`dbinst.TdeCredentialArn`dbinst.Timezone`dbinst.ReadReplicaDBClusterIdentifiers`dbinst.ReadReplicaDBInstanceIdentifiers`dbinst.ReadReplicaSourceDBInstanceIdentifier`dbinst.dBSubnetGroup.vpcId`subnets`securityGroups"; + + keys = "discoverydate`accountid`accountname`region`dbclusterarn`allocatedstorage`autominorversionupgrade`availabilityzones`backupretentionperiod`cacertificateidentifier`charactersetname`copytagstosnapshot" + + "`dbclusteridentifier`dbinstanceclass`dbinstanceidentifier`dbinstanceport`dbinstancestatus`dbiresourceid`dbname`endpointaddress`endpointport`endpointhostedzoneid" + + "`engine`engineversion`enhancedmonitoringresourcearn`iamdatabaseauthenticationenabled`instancecreatetime`iops`kmskeyid`latestrestorabletime`licensemodel`masterusername`monitoringinterval" + + "`monitoringrolearn`multiaz`preferredbackupwindow`preferredmaintenancewindow`promotiontier`publiclyaccessible`secondaryavailabilityzone`storageencrypted`storagetype`tdecredentialarn`timezone`" + + "readreplicadbclusteridentifiers`readreplicadbinstanceidentifiers`readreplicasourcedbinstanceidentifier`vpcid`subnets`securitygroups"; + FileGenerator.generateJson(rdsIntncMap, fieldNames, "aws-rdsdb.data",keys); + + fieldNames = "dbinst.DBInstanceArn`dbinst.VpcSecurityGroups.VpcSecurityGroupId`dbinst.VpcSecurityGroups.status"; + keys = "discoverydate`accountid`accountname`region`dbclusterarn`vpcsecuritygroupid`vpcsecuritygroupstatus"; + FileGenerator.generateJson(rdsIntncMap, fieldNames, "aws-rdsdb-secgroups.data",keys); + + fieldNames = "dbinst.DBInstanceArn`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`dbclusterarn`key`value"; + FileGenerator.generateJson(rdsIntncMap, fieldNames, "aws-rdsdb-tags.data",keys); + + } + + /** + * Generate S 3 files. + * + * @param bucketMap the bucket map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateS3Files(Map> bucketMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "bucket.Name`bucket.CreationDate`bucket.owner.displayname`bucket.owner.id`versionStatus`mfaDelete`location"; + keys = "discoverydate`accountid`accountname`name`creationdate`ownerdisplayname`ownerid`versionstatus`mfadelete`region"; + FileGenerator.generateJson(bucketMap, fieldNames, "aws-s3.data",keys); + fieldNames = "location`bucket.Name`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`name`key`value"; + FileGenerator.generateJson(bucketMap, fieldNames, "aws-s3-tags.data",keys); + + } + + /** + * Generate sec group file. + * + * @param secGrpMap the sec grp map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateSecGroupFile(Map> secGrpMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "GroupId`Description`GroupName`OwnerId`vpcid"; + keys = "discoverydate`accountid`accountname`region`groupid`description`groupname`ownerid`vpcid"; + FileGenerator.generateJson(secGrpMap, fieldNames, "aws-sg.data",keys); + fieldNames = "GroupId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`groupid`key`value"; + FileGenerator.generateJson(secGrpMap, fieldNames, "aws-sg-tags.data",keys); + + Map> secGrp = new HashMap<>(); + secGrpMap.forEach((k,v)-> { + List sgruleList = new ArrayList<>(); + v.forEach(sg -> { + String groupId = sg.getGroupId(); + sgruleList.addAll(getRuleInfo(groupId,"inbound",sg.getIpPermissions())); + sgruleList.addAll(getRuleInfo(groupId,"outbound",sg.getIpPermissionsEgress())); + }); + secGrp.put(k,sgruleList); + } + ); + fieldNames = "groupId`type`ipProtocol`fromPort`toPort`cidrIp`cidrIpv6"; + keys = "discoverydate`accountid`accountname`region`groupid`type`ipprotocol`fromport`toport`cidrip`cidripv6"; + FileGenerator.generateJson(secGrp, fieldNames, "aws-sg-rules.data",keys); + + } + + /** + * Gets the rule info. + * + * @param groupId the group id + * @param type the type + * @param permissions the permissions + * @return the rule info + */ + private static List getRuleInfo(String groupId,String type,List permissions){ + List sgruleList = new ArrayList<>(); + permissions.forEach(obj-> { + String ipProtocol = obj.getIpProtocol(); + Integer fromPort = obj.getFromPort(); + Integer toPort = obj.getToPort(); + String fromPortStr ; + String toPortStr ; + fromPortStr = fromPort==null?"":fromPort==-1?"All":fromPort.toString(); + toPortStr = toPort==null?"":toPort==-1?"All":toPort.toString(); + obj.getIpv4Ranges().forEach(iprange-> { + String cidrIp = iprange.getCidrIp(); + SGRuleVH rule = new SGRuleVH(groupId,type, fromPortStr, toPortStr,"", cidrIp, "-1".equals(ipProtocol)?"All":ipProtocol); + sgruleList.add(rule); + }); + obj.getIpv6Ranges().forEach(iprange-> { + String cidrIpv6 = iprange.getCidrIpv6(); + SGRuleVH rule = new SGRuleVH(groupId,type, fromPortStr, toPortStr,cidrIpv6, "", "-1".equals(ipProtocol)?"All":ipProtocol); + sgruleList.add(rule); + }); + }); + return sgruleList; + + } + + /** + * Generate subnet files. + * + * @param subNetMap the sub net map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateSubnetFiles(Map> subNetMap) throws IOException{ + String fieldNames; + String keys; + fieldNames = "SubnetId`AssignIpv6AddressOnCreation`AvailabilityZone`AvailableIpAddressCount`CidrBlock`DefaultForAz`MapPublicIpOnLaunch`State`VpcId"; + keys = "discoverydate`accountid`accountname`region`subnetid`assignipv6addressoncreation`availabilityzone`availableipaddresscount`cidrblock`defaultforaz`mappubliciponlaunch`state`vpcid"; + FileGenerator.generateJson(subNetMap, fieldNames, "aws-subnet.data",keys); + fieldNames = "SubnetId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`subnetid`key`value"; + FileGenerator.generateJson(subNetMap, fieldNames, "aws-subnet-tags.data",keys); + } + + /** + * Generate trusted advisor files. + * + * @param checksMap the checks map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateTrustedAdvisorFiles(Map> checksMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "check.Id`check.Category`status`check.name`check.Description"; + keys = "discoverydate`accountid`accountname`checkid`checkcategory`status`checkname`checkdescription"; + FileGenerator.generateJson(checksMap, fieldNames, "aws-checks.data",keys); + + Iterator>> it = checksMap.entrySet().iterator(); + Map> resourceMap = new HashMap<>(); + while(it.hasNext()){ + Entry> entry = it.next(); + String account = entry.getKey(); + List checksValue = entry.getValue(); + List resources = new ArrayList<>(); + checksValue.forEach(obj -> { + resources.addAll(obj.getResources()); + } + ); + resourceMap.put(account, resources); + } + + fieldNames = "checkid`id`status`data"; + keys = "discoverydate`accountid`accountname`checkid`id`status`resourceinfo"; + FileGenerator.generateJson(resourceMap, fieldNames, "aws-checks-resources.data",keys); + + } + + /** + * Generate redshift files. + * + * @param map the red shift map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateRedshiftFiles(Map> map) throws IOException { + String fieldNames; + String keys; + fieldNames = "cluster.ClusterIdentifier`cluster.AllowVersionUpgrade`cluster.AutomatedSnapshotRetentionPeriod`cluster.AvailabilityZone`cluster.ClusterCreateTime`cluster.ClusterPublicKey`" + + "cluster.ClusterRevisionNumber`cluster.ClusterStatus`cluster.ClusterSubnetGroupName`cluster.ClusterVersion`cluster.DBName`cluster.ElasticIpStatus`cluster.Encrypted`cluster.Endpoint.Address`" + + "cluster.Endpoint.Port`cluster.EnhancedVpcRouting`cluster.KmsKeyId`cluster.MasterUsername`cluster.ModifyStatus`cluster.NodeType`cluster.NumberOfNodes`cluster.PreferredMaintenanceWindow`cluster.PubliclyAccessible`cluster.VpcId`subnets"; + keys = "discoverydate`accountid`accountname`region`clusteridentifier`allowversionupgrade`automatedsnapshotretentionperiod`availabilityzone`clustercreatetime`clusterpublickey`" + + "clusterrevisionnumber`clusterstatus`clustersubnetgroupname`clusterversion`dbname`elasticipstatus`encrypted`endpointaddress`endpointport`enhancedvpcrouting`kmskeyid`" + + "masterusername`modifystatus`nodetype`numberofnodes`preferredmaintenancewindow`publiclyaccessible`vpcid`subnets"; + FileGenerator.generateJson(map, fieldNames, "aws-redshift.data",keys); + + fieldNames = "cluster.ClusterIdentifier`cluster.VpcSecurityGroups.VpcSecurityGroupId`cluster.VpcSecurityGroups.status"; + keys = "discoverydate`accountid`accountname`region`clusteridentifier`vpcsecuritygroupid`vpcsecuritygroupstatus"; + FileGenerator.generateJson(map, fieldNames, "aws-redshift-secgroups.data",keys); + + fieldNames = "cluster.ClusterIdentifier`cluster.tags.key`cluster.tags.value"; + keys = "discoverydate`accountid`accountname`region`clusteridentifier`key`value"; + FileGenerator.generateJson(map, fieldNames, "aws-redshift-tags.data",keys); + + } + + /** + * Generatefetch volume files. + * + * @param volumeMap the volume map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generatefetchVolumeFiles(Map> volumeMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "VolumeId`VolumeType`AvailabilityZone`CreateTime`Encrypted`Iops`KmsKeyId`Size`SnapshotId`State"; + keys = "discoverydate`accountid`accountname`region`volumeid`volumetype`availabilityzone`createtime`encrypted`iops`kmskeyid`size`snapshotid`state"; + FileGenerator.generateJson(volumeMap, fieldNames, "aws-volume.data",keys); + + fieldNames = "VolumeId`attachments.InstanceId`attachments.AttachTime`attachments.DeleteOnTermination`attachments.Device`attachments.State"; + keys = "discoverydate`accountid`accountname`region`volumeid`instanceid`attachtime`deleteontermination`device`state"; + FileGenerator.generateJson(volumeMap, fieldNames, "aws-volume-attachments.data",keys); + + fieldNames = "VolumeId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`volumeid`key`value"; + FileGenerator.generateJson(volumeMap, fieldNames, "aws-volume-tags.data",keys); + } + + /** + * Generate snapshot files. + * + * @param snapshotMap the snapshot map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateSnapshotFiles(Map> snapshotMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "SnapshotId`Description`VolumeId`VolumeSize`Encrypted`DataEncryptionKeyId" + + "`KmsKeyId`OwnerAlias`OwnerId`Progress`StartTime`State`StateMessage"; + keys = "discoverydate`accountid`accountname`region`snapshotid`description`volumeid`volumesize`encrypted`dataencryptionkeyid`" + + "kmskeyid`owneralias`ownerid`progress`starttime`state`statemessage"; + FileGenerator.generateJson(snapshotMap, fieldNames, "aws-snapshot.data",keys); + fieldNames = "SnapshotId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`snapshotid`key`value"; + FileGenerator.generateJson(snapshotMap, fieldNames, "aws-snapshot-tags.data",keys); + } + + /** + * Generate vpc files. + * + * @param vpcMap the vpc map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateVpcFiles(Map> vpcMap) throws IOException { + + String fieldNames; + String keys; + fieldNames = "vpc.vpcId`vpc.cidrBlock`vpc.dhcpOptionsId`vpc.instanceTenancy`vpc.isDefault`vpc.state`vpc.cidrBlockAssociationSet.cidrBlock`vpc.cidrBlockAssociationSet.cidrBlockState.state`vpc.cidrBlockAssociationSet.cidrBlockState.statusMessage`vpc.cidrBlockAssociationSet.associationId"; + keys = "discoverydate`accountid`accountname`region`vpcid`cidrblock`dhcpoptionsid`instancetenancy`isdefault`state`cidrblockset`cidrblockstate`cidrblockstatusmessage`cidrblockassociationid"; + FileGenerator.generateJson(vpcMap, fieldNames, "aws-vpc.data",keys); + fieldNames = "vpc.vpcId`vpc.tags.key`vpc.tags.value"; + keys = "discoverydate`accountid`accountname`region`vpcid`key`value"; + FileGenerator.generateJson(vpcMap, fieldNames, "aws-vpc-tags.data",keys); + fieldNames = "vpcEndPoints.vpcId`vpcEndPoints.vpcEndpointId`vpcEndPoints.serviceName`vpcEndPoints.state`vpcEndPoints.creationTimestamp`vpcEndPoints.publicAccess`vpcEndPoints.policyDocument`vpcEndPoints.routeTableIds"; + keys = "discoverydate`accountid`accountname`region`vpcid`vpcendpointid`servicename`state`creationtimestamp`publicaccess`policydocument`routetableids"; + FileGenerator.generateJson(vpcMap, fieldNames, "aws-vpc-endpoints.data",keys); + } + + /** + * Generate api gateway files. + * + * @param apiGatewayMap the api gateway map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateApiGatewayFiles(Map> apiGatewayMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "Id`Name`Description`CreatedDate`Version"; + keys = "discoverydate`accountid`accountname`region`id`name`description`createddate`version"; + FileGenerator.generateJson(apiGatewayMap, fieldNames, "aws-api.data",keys); + } + + /** + * Generate iam user files. + * + * @param userMap the user map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateIamUserFiles(Map> userMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "user.username`user.userid`user.arn`user.CreateDate`user.path`passwordCreationDate`user.PasswordLastUsed`passwordResetRequired`mfa`groups"; + keys = "discoverydate`accountid`accountname`username`userid`arn`createdate`path`passwordcreationdate`passwordlastused`passwordresetrequired`mfaenabled`groups"; + FileGenerator.generateJson(userMap, fieldNames, "aws-iamuser.data",keys); + fieldNames = "user.username`accessKeys.AccessKeyId`accessKeys.CreateDate`accessKeys.status`accessKeys.lastUsedDate"; + keys = "discoverydate`accountid`accountname`username`accesskey`createdate`status`lastuseddate"; + FileGenerator.generateJson(userMap, fieldNames, "aws-iamuser-keys.data",keys); + + } + + /** + * Generate RDS snapshot files. + * + * @param dbSnapShots the db snap shots + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateRDSSnapshotFiles(Map> dbSnapShots) throws IOException { + + String fieldNames; + String keys; + fieldNames = "DBSnapshotIdentifier`DBSnapshotArn`DBInstanceIdentifier`Status`snapshotCreateTime`snapshotType" + + "`encrypted`engine`allocatedStorage`port`availabilityZone`vpcId`instanceCreateTime`masterUsername" + + "`engineVersion`licenseModel`iops`optionGroupName`percentProgress`sourceRegion`sourceDBSnapshotIdentifier" + + "`storageType`tdeCredentialArn`kmsKeyId`timezone`iAMDatabaseAuthenticationEnabled"; + keys = "discoverydate`accountid`accountname`region`dbsnapshotidentifier`dbsnapshotarn`dbinstanceidentifier`status`snapshotcreatetime`snapshottype`" + + "encrypted`engine`allocatedstorage`port`availabilityzone`vpcid`instancecreatetime`masterusername`engineversion`licensemodel`" + + "iops`optiongroupname`percentprogress`sourceregion`sourcedbsnapshotidentifier`storagetype`tdecredentialarn`kmskeyid`timezone`" + + "iamdatabaseauthenticationenabled"; + FileGenerator.generateJson(dbSnapShots, fieldNames, "aws-rdssnapshot.data",keys); + } + + /** + * Generate iam role files. + * + * @param iamRoleMap the iam role map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateIamRoleFiles(Map> iamRoleMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "roleName`roleId`arn`description`path`createDate`assumeRolePolicyDocument"; + keys = "discoverydate`accountid`accountname`rolename`roleid`rolearn`description`path`createdate`assumedpolicydoc"; + FileGenerator.generateJson(iamRoleMap, fieldNames, "aws-iamrole.data",keys); + } + + /* Changes by John Start */ + + /** + * Generate KMS files. + * + * @param kmsKeyMap the kms key map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateKMSFiles(Map> kmsKeyMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "key.keyId`key.arn`key.creationDate`key.aWSAccountId`key.description`key.keyState`key.enabled`key.keyUsage`key.deletionDate`key.validTo" + +"`rotationStatus`alias.aliasName`alias.aliasArn"; + keys = "discoverydate`accountid`accountname`region`keyid`arn`creationdate`awsaccountid`description`keystate`keyenabled`keyusage`deletiondate`validto`" + +"rotationstatus`aliasname`aliasarn"; + FileGenerator.generateJson(kmsKeyMap, fieldNames, "aws-kms.data",keys); + fieldNames = "key.keyId`tags.tagKey`tags.tagValue"; + keys = "discoverydate`accountid`accountname`region`keyid`key`value"; + FileGenerator.generateJson(kmsKeyMap, fieldNames, "aws-kms-tags.data",keys); + } + + /** + * Generate cloud front files. + * + * @param cfMap the cf map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateCloudFrontFiles(Map> cfMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "distSummary.id`distSummary.aRN`distSummary.status`distSummary.lastModifiedTime`distSummary.domainName`distSummary.enabled" + +"`distSummary.comment`distSummary.priceClass`distSummary.webACLId`distSummary.httpVersion`distSummary.isIPV6Enabled`distSummary.viewerCertificate.iAMCertificateId" + +"`distSummary.viewerCertificate.aCMCertificateArn`distSummary.viewerCertificate.cloudFrontDefaultCertificate`distSummary.viewerCertificate.sSLSupportMethod`distSummary.viewerCertificate.minimumProtocolVersion`distSummary.aliases.items"; + keys = "discoverydate`accountid`accountname`id`arn`status`lastmodifiedtime`domainName`enabled`comment`priceclass`webaclid`httpversion`ipv6enabled`viewercertificateid" + +"`viewercertificatearn`viewercertificatedefaultcertificate`viewercertificatesslsupportmethod`viewercertificateminprotocolversion`aliases"; + FileGenerator.generateJson(cfMap, fieldNames, "aws-cloudfront.data",keys); + fieldNames = "distSummary.id`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`id`key`value"; + FileGenerator.generateJson(cfMap, fieldNames, "aws-cloudfront-tags.data",keys); + } + + /** + * Generate EBS files. + * + * @param ebsMap the ebs map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateEBSFiles(Map> ebsMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "app.applicationArn`app.applicationName`app.description`app.dateCreated`app.dateUpdated`app.versions`app.configurationTemplates`env.environmentName`env.environmentId`env.versionLabel`env.solutionStackName" + +"`env.platformArn`env.templateName`env.description`env.endpointURL`env.cNAME`env.dateCreated`env.dateUpdated`env.status`env.abortableOperationInProgress`env.environmentArn" + +"`env.health`env.healthStatus"; + keys = "discoverydate`accountid`accountname`region`applicationarn`applicationname`description`datecreated`dateupdated`versions`configtemplates`env_name`env_id`env_versionlabel`env_solutionstackname" + +"`env_platformarn`env_templatename`env_description`env_endpointurl`env_cname`env_datecreated`env_dateupdated`env_status`env_abortableoperationinprogress`env_arn" + +"`env_health`env_healthstatus"; + FileGenerator.generateJson(ebsMap, fieldNames,"aws-beanstalk.data",keys); + + fieldNames = "app.applicationName`env.environmentArn`envResource.instances.id"; + keys = "discoverydate`accountid`accountname`region`applicationname`env-arn`instanceid"; + FileGenerator.generateJson(ebsMap, fieldNames,"aws-beanstalk-instance.data",keys); + + fieldNames = "app.applicationName`env.environmentArn`envResource.autoScalingGroups.name"; + keys = "discoverydate`accountid`accountname`region`applicationname`env-arn`asgname"; + FileGenerator.generateJson(ebsMap, fieldNames,"aws-beanstalk-asg.data",keys); + + fieldNames = "app.applicationName`env.environmentArn`envResource.loadBalancers.name"; + keys = "discoverydate`accountid`accountname`region`applicationname`env-arn`loadbalancername"; + FileGenerator.generateJson(ebsMap, fieldNames,"aws-beanstalk-elb.data",keys); + + } + + /** + * Generate PHD files. + * + * @param phdMap the phd map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generatePHDFiles(Map> phdMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "eventDetails.event.arn`eventDetails.event.service`eventDetails.event.eventTypeCode`eventDetails.event.eventTypeCategory`eventDetails.event.region`" + +"eventDetails.event.availabilityZone`eventDetails.event.startTime`eventDetails.event.endTime`eventDetails.event.lastUpdatedTime`eventDetails.event.statusCode" + +"`eventDetails.eventDescription.latestDescription`eventDetails.eventMetadata"; + keys = "discoverydate`accountid`accountname`eventarn`eventservice`eventtypecode`eventtypecategory`eventregion`availabilityzone`starttime`endtime`" + +"lastupdatedtime`statuscode`latestdescription`eventmetadata"; + FileGenerator.generateJson(phdMap, fieldNames, "aws-phd.data",keys); + fieldNames = "affectedEntities.eventArn`affectedEntities.entityArn`affectedEntities.awsAccountId`affectedEntities.entityValue`affectedEntities.lastUpdatedTime`affectedEntities.statusCode`affectedEntities.tags"; + keys = "discoverydate`accountid`accountname`eventarn`entityarn`awsaccountid`entityvalue`lastupdatedtime`statuscode`tags"; + FileGenerator.generateJson(phdMap, fieldNames, "aws-phd-entities.data",keys); + } + + /** + * + * @param errorMap the error map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static synchronized void generateErrorFile(Map> errorMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "region`type`exception"; + keys = "discoverydate`accountid`region`type`message"; + FileGenerator.generateJson(errorMap, fieldNames, "aws-loaderror.data",keys); + } + + /** + * Generate EC 2 route table files. + * + * @param routeTableMap the route table map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateEC2RouteTableFiles(Map> routeTableMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "routeTableId`vpcId"; + keys = "discoverydate`accountid`accountname`region`routetableid`vpcid"; + FileGenerator.generateJson(routeTableMap, fieldNames, "aws-routetable.data",keys); + + fieldNames = "routeTableId`routes.destinationCidrBlock`routes.destinationPrefixListId`routes.gatewayId`routes.instanceId`routes.instanceOwnerId`routes.networkInterfaceId`routes.vpcPeeringConnectionId`routes.natGatewayId" + +"`routes.state`routes.origin`routes.destinationIpv6CidrBlock`routes.egressOnlyInternetGatewayId"; + keys = "discoverydate`accountid`accountname`region`routetableid`destinationcidrblock`destinationprefixlistid`gatewayid`instanceid`instanceownerid`networkinterfaceid`vpcpeeringconnectionid`natgatewayid" + +"`state`origin`destinationipv6cidrblock`egressonlyinternetgatewayid"; + FileGenerator.generateJson(routeTableMap, fieldNames, "aws-routetable-routes.data",keys); + + fieldNames = "routeTableId`associations.routeTableAssociationId`associations.subnetId`associations.main"; + keys = "discoverydate`accountid`accountname`region`routetableid`routetableassociationid`subnetid`main"; + FileGenerator.generateJson(routeTableMap, fieldNames, "aws-routetable-associations.data",keys); + + fieldNames = "routeTableId`propagatingVgws.gatewayId"; + keys = "discoverydate`accountid`accountname`region`routetableid`gatewayid"; + FileGenerator.generateJson(routeTableMap, fieldNames, "aws-routetable-propagatingvgws.data",keys); + + fieldNames = "routeTableId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`routetableid`key`value"; + FileGenerator.generateJson(routeTableMap, fieldNames, "aws-routetable-tags.data",keys); + } + + /** + * Generate network acl files. + * + * @param networkAclMap the network acl map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateNetworkAclFiles(Map> networkAclMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "networkAclId`vpcId`isDefault"; + keys = "discoverydate`accountid`accountname`region`networkaclid`vpcid`isdefault"; + FileGenerator.generateJson(networkAclMap, fieldNames, "aws-networkacl.data",keys); + + fieldNames = "networkAclId`entries.ruleNumber`entries.protocol`entries.ruleAction`entries.egress`entries.cidrBlock`entries.ipv6CidrBlock`entries.icmpTypeCode.type`entries.icmpTypeCode.code" + +"`entries.portRange.from`entries.portRange.to"; + keys = "discoverydate`accountid`accountname`region`networkaclid`rulenumber`protocol`ruleaction`egress`cidrblock`ipv6cidrblock`icmptype`icmptypecode`portrangefrom`portrangeto"; + FileGenerator.generateJson(networkAclMap, fieldNames, "aws-networkacl-entries.data",keys); + + fieldNames = "networkAclId`associations.networkAclAssociationId`associations.subnetId"; + keys = "discoverydate`accountid`accountname`region`networkaclid`networkaclassociationid`subnetid"; + FileGenerator.generateJson(networkAclMap, fieldNames, "aws-networkacl-associations.data",keys); + + fieldNames = "networkAclId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`networkaclid`vpcid`key`value"; + FileGenerator.generateJson(networkAclMap, fieldNames, "aws-networkacl-tags.data",keys); + } + + /** + * Generate elastic IP files. + * + * @param elasticIPMap the elastic IP map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateElasticIPFiles(Map> elasticIPMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "instanceId`publicIp`allocationId`associationId`domain`networkInterfaceId`networkInterfaceOwnerId`privateIpAddress"; + keys = "discoverydate`accountid`accountname`region`instanceid`publicip`allocationid`associationid`domain`networkinterfaceid`networkinterfaceownerid`privateipaddress"; + FileGenerator.generateJson(elasticIPMap, fieldNames, "aws-elasticip.data",keys); + } + + /** + * Generate launch configurations files. + * + * @param launchConfigurationMap the launch configuration map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateLaunchConfigurationsFiles(Map> launchConfigurationMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "launchConfigurationName`launchConfigurationARN`imageId`keyName`classicLinkVPCId`userData`instanceType`kernelId`ramdiskId`spotPrice`iamInstanceProfile`createdTime`ebsOptimized`associatePublicIpAddress`placementTenancy" + +"`securityGroups`classicLinkVPCSecurityGroups`instanceMonitoring.enabled"; + keys = "discoverydate`accountid`accountname`region`launchconfigurationname`launchconfigurationarn`imageid`keyname`classiclinkvpcid`userdata`instancetype`kernelid`ramdiskid`spotprice`iaminstanceprofile`createdtime`ebsoptimized`associatepublicipaddress`placementtenancy" + +"`securitygroups`classiclinkvpcsecuritygroups`instancemonitoringenabled"; + FileGenerator.generateJson(launchConfigurationMap, fieldNames, "aws-launchconfig.data",keys); + + fieldNames = "launchConfigurationName`blockDeviceMappings.virtualName`blockDeviceMappings.deviceName`blockDeviceMappings.ebs.snapshotId`blockDeviceMappings.ebs.volumeSize" + +"`blockDeviceMappings.ebs.volumeType`blockDeviceMappings.ebs.deleteOnTermination`blockDeviceMappings.ebs.iops`blockDeviceMappings.ebs.encrypted`blockDeviceMappings.noDevice"; + keys = "discoverydate`accountid`accountname`region`launchconfigurationname`virtualname`devicename`ebssnapshotid`ebsvolumesize" + +"`ebsvolumetype`ebsdeleteontermination`ebsiops`ebsencrypted`nodevice"; + FileGenerator.generateJson(launchConfigurationMap, fieldNames, "aws-launchconfig-blockdevicemappings.data",keys); + } + + /** + * Generate internet gateway files. + * + * @param internetGatewayMap the internet gateway map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateInternetGatewayFiles(Map> internetGatewayMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "internetGatewayId"; + keys = "discoverydate`accountid`accountname`region`internetgatewayid"; + FileGenerator.generateJson(internetGatewayMap, fieldNames, "aws-internetgateway.data",keys); + + fieldNames = "internetGatewayId`attachments.vpcId`attachments.state"; + keys = "discoverydate`accountid`accountname`region`internetgatewayid`vpcid`state"; + FileGenerator.generateJson(internetGatewayMap, fieldNames, "aws-internetgateway-attachments.data",keys); + + fieldNames = "internetGatewayId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`internetgatewayid`key`value"; + FileGenerator.generateJson(internetGatewayMap, fieldNames, "aws-internetgateway-tags.data",keys); + } + + /** + * Generate VPN gateway files. + * + * @param vpnGatewayMap the vpn gateway map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateVPNGatewayFiles(Map> vpnGatewayMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "vpnGatewayId`state`type`availabilityZone`amazonSideAsn"; + keys = "discoverydate`accountid`accountname`region`vpngatewayid`state`type`availabilityzone`amazonsideasn"; + FileGenerator.generateJson(vpnGatewayMap, fieldNames, "aws-vpngateway.data",keys); + + fieldNames = "vpnGatewayId`vpcAttachments.vpcId`vpcAttachments.state"; + keys = "discoverydate`accountid`accountname`region`vpngatewayid`vpcid`state"; + FileGenerator.generateJson(vpnGatewayMap, fieldNames, "aws-vpngateway-vpcattachments.data",keys); + + fieldNames = "vpnGatewayId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`vpngatewayid`key`value"; + FileGenerator.generateJson(vpnGatewayMap, fieldNames, "aws-vpngateway-tags.data",keys); + } + + /** + * Generate scaling policies. + * + * @param scalingPolicyMap the scaling policy map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateScalingPolicies(Map> scalingPolicyMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "policyName`policyARN`autoScalingGroupName`policyType`adjustmentType`minAdjustmentStep`minAdjustmentMagnitude`scalingAdjustment`cooldown`metricAggregationType`estimatedInstanceWarmup"; + keys = "discoverydate`accountid`accountname`region`policyname`policyarn`autoscalinggroupname`policytype`adjustmenttype`minadjustmentstep`minadjustmentmagnitude`scalingadjustment`cooldown`metricaggregationtype`estimatedinstancewarmup"; + FileGenerator.generateJson(scalingPolicyMap, fieldNames, "aws-asgpolicy.data",keys); + + fieldNames = "policyName`stepAdjustments.metricIntervalLowerBound`stepAdjustments.metricIntervalUpperBound`stepAdjustments.scalingAdjustment"; + keys = "discoverydate`accountid`accountname`region`policyname`metricintervallowerbound`metricintervalupperbound`scalingadjustment"; + FileGenerator.generateJson(scalingPolicyMap, fieldNames, "aws-asgpolicy-stepadjustments.data",keys); + + fieldNames = "policyName`alarms.alarmName`alarms.alarmARN"; + keys = "discoverydate`accountid`accountname`region`policyname`alarmname`alarmarn"; + FileGenerator.generateJson(scalingPolicyMap, fieldNames, "aws-asgpolicy-alarms.data",keys); + } + + /** + * Generate SNS topics. + * + * @param topicMap the subscription map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateSNSTopics(Map> topicMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "topicArn"; + keys = "discoverydate`accountid`accountname`region`topicarn"; + FileGenerator.generateJson(topicMap, fieldNames, "aws-snstopic.data",keys); + + } + + /** + * Generate egress gateway. + * + * @param egressGatewayMap the egress gateway map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateEgressGateway(Map> egressGatewayMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "egressOnlyInternetGatewayId`attachments.vpcId`attachments.state"; + keys = "discoverydate`accountid`accountname`region`egressonlyinternetgatewayid`attachmentsvpcid`attachmentsstate"; + FileGenerator.generateJson(egressGatewayMap, fieldNames, "aws-egressgateway.data",keys); + } + + /** + * Generate dhcp options. + * + * @param dhcpOptionsMap the dhcp options map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateDhcpOptions(Map> dhcpOptionsMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "dhcpOptionsId`dhcpConfigurations"; + keys = "discoverydate`accountid`accountname`region`dhcpoptionsid`dhcpconfigurations"; + FileGenerator.generateJson(dhcpOptionsMap, fieldNames, "aws-dhcpoption.data",keys); + + fieldNames = "dhcpOptionsId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`dhcpoptionsid`key`value"; + FileGenerator.generateJson(dhcpOptionsMap, fieldNames, "aws-dhcpoption-tags.data",keys); + } + + /** + * Generate peering connections. + * + * @param peeringConnectionMap the peering connection map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generatePeeringConnections(Map> peeringConnectionMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "vpcPeeringConnectionId`status.code`expirationTime`requesterVpcInfo.ownerId`accepterVpcInfo.ownerId`requesterVpcInfo.vpcId`accepterVpcInfo.vpcId`requesterVpcInfo.cidrBlock`accepterVpcInfo.cidrBlock"+ + "`requesterVpcInfo.peeringOptions.allowDnsResolutionFromRemoteVpc`requesterVpcInfo.peeringOptions.allowEgressFromLocalClassicLinkToRemoteVpc`requesterVpcInfo.peeringOptions.allowEgressFromLocalVpcToRemoteClassicLink"+ + "`accepterVpcInfo.peeringOptions.allowDnsResolutionFromRemoteVpc`accepterVpcInfo.peeringOptions.allowEgressFromLocalClassicLinkToRemoteVpc`accepterVpcInfo.peeringOptions.allowEgressFromLocalVpcToRemoteClassicLink"; + keys = "discoverydate`accountid`accountname`region`vpcpeeringconnectionid`status`expirationtime`requestervpcownerid`acceptervpcownerid`requestervpcid`acceptervpcid`requestervpcinfocidrblock`acceptervpcinfocidrblock"+ + "`requestervpcallowdnsresolutionfromremotevpc`requestervpcallowegressfromlocalclassiclinktoremotevpc`requestervpcallowegressfromlocalvpctoremoteclassiclink"+ + "`acceptervpcallowdnsresolutionfromremotevpc`acceptervpcallowegressfromlocalclassiclinktoremotevpc`acceptervpcallowegressfromlocalvpctoremoteclassiclink"; + FileGenerator.generateJson(peeringConnectionMap, fieldNames, "aws-peeringconnection.data",keys); + + fieldNames = "vpcPeeringConnectionId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`vpcpeeringconnectionid`key`value"; + FileGenerator.generateJson(peeringConnectionMap, fieldNames, "aws-peeringconnection-tags.data",keys); + } + + /** + * Generate customer gateway. + * + * @param customerGatewayMap the customer gateway map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateCustomerGateway(Map> customerGatewayMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "customerGatewayId`bgpAsn`ipAddress`state`type"; + keys = "discoverydate`accountid`accountname`region`customergatewayid`bgpasn`ipaddress`state`type"; + FileGenerator.generateJson(customerGatewayMap, fieldNames, "aws-customergateway.data",keys); + + fieldNames = "customerGatewayId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`customergatewayid`key`value"; + FileGenerator.generateJson(customerGatewayMap, fieldNames, "aws-customergateway-tags.data",keys); + } + + /** + * Generate vpn connection. + * + * @param vpnConnectionMap the vpn connection map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateVpnConnection(Map> vpnConnectionMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "vpnConnectionId`vpnGatewayId`customerGatewayId`state`category`type`options.staticRoutesOnly"; + keys = "discoverydate`accountid`accountname`region`vpnconnectionid`vpngatewayid`customergatewayid`state`category`type`optionsstaticroutesonly"; + FileGenerator.generateJson(vpnConnectionMap, fieldNames, "aws-vpnconnection.data",keys); + + fieldNames = "vpnConnectionId`routes.source`routes.state`routes.destinationCidrBlock"; + keys = "discoverydate`accountid`accountname`region`vpnconnectionid`routessource`routesstate`routesdestinationcidrblock"; + FileGenerator.generateJson(vpnConnectionMap, fieldNames, "aws-vpnconnection-routes.data",keys); + + fieldNames = "vpnConnectionId`vgwTelemetry.acceptedRouteCount`vgwTelemetry.outsideIpAddress`vgwTelemetry.lastStatusChange`vgwTelemetry.status`vgwTelemetry.statusMessage"; + keys = "discoverydate`accountid`accountname`region`vpnconnectionid`acceptedroutecount`outsideipaddress`laststatuschange`status`statusmessage"; + FileGenerator.generateJson(vpnConnectionMap, fieldNames, "aws-vpnconnection-telemetry.data",keys); + + fieldNames = "vpnConnectionId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`vpnconnectionid`key`value"; + FileGenerator.generateJson(vpnConnectionMap, fieldNames, "aws-vpnconnection-tags.data",keys); + } + + /** + * Generate direct connection. + * + * @param directConnectionMap the direct connection map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateDirectConnection(Map> directConnectionMap) throws IOException{ + String fieldNames; + String keys; + fieldNames = "connectionId`connectionName`ownerAccount`connectionState`location`bandwidth`vlan`partnerName`loaIssueTime`lagId`awsDevice"; + keys = "discoverydate`accountid`accountname`region`connectionid`connectionname`owneraccount`connectionstate`location`bandwidth`vlan`partnername`loaissuetime`lagid`awsdevice"; + FileGenerator.generateJson(directConnectionMap, fieldNames, "aws-directconnect.data",keys); + } + + /** + * Generate direct connection virtual interfaces. + * + * @param directConnectionVirtualInterfacesMap the direct connection virtual interfaces map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateDirectConnectionVirtualInterfaces(Map> directConnectionVirtualInterfacesMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "virtualInterfaceId`ownerAccount`connectionId`location`virtualInterfaceType`virtualInterfaceName" + + "`vlan`asn`amazonSideAsn`authKey`amazonAddress`customerAddress`addressFamily`virtualInterfaceState" + + "`customerRouterConfig`virtualGatewayId`directConnectGatewayId`routeFilterPrefixes.cidr" + + "`bgpPeers.asn`bgpPeers.authKey`bgpPeers.addressFamily`bgpPeers.amazonAddress`bgpPeers.customerAddress`bgpPeers.bgpPeerState`bgpPeers.bgpStatus"; + keys = "discoverydate`accountid`accountname`region`virtualinterfaceid`owneraccount`connectionid`location`virtualinterfacetype`virtualinterfacename" + + "`vlan`asn`amazonsideasn`authkey`amazonaddress`customeraddress`addressfamily`virtualinterfacestate" + + "`customerrouterconfig`virtualgatewayid`directconnectgatewayid`routefilterprefixescidr" + + "`bgppeersasn`bgppeersauthkey`bgppeersaddressfamily`bgppeersamazonaddress`bgppeerscustomeraddress`bgppeersbgppeerstate`bgppeersbgpstatus"; + FileGenerator.generateJson(directConnectionVirtualInterfacesMap, fieldNames, "aws-virtualinterface.data",keys); + } + + /** + * Generate ES domain. + * + * @param esDomainMap the es domain map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateESDomain(Map> esDomainMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "domain.domainId`domain.domainName`domain.aRN`domain.created`domain.deleted`domain.endpoint`domain.processing`domain.elasticsearchVersion`domain.accessPolicies`domain.endpoints" + + "`domain.elasticsearchClusterConfig.instanceType`domain.elasticsearchClusterConfig.instanceCount`domain.elasticsearchClusterConfig.dedicatedMasterEnabled`domain.elasticsearchClusterConfig.zoneAwarenessEnabled" + + "`domain.elasticsearchClusterConfig.dedicatedMasterType`domain.elasticsearchClusterConfig.dedicatedMasterCount`domain.vPCOptions.vPCId`domain.vPCOptions.subnetIds`domain.vPCOptions.availabilityZones" + + "`domain.vPCOptions.securityGroupIds`domain.advancedOptions"; + keys = "discoverydate`accountid`accountname`region`domainid`domainname`arn`created`deleted`endpoint`processing`elasticsearchversion`accesspolicies`endpoints" + + "`clusterinstancetype`clusterinstancecount`clusterdedicatedmasterenabled`clusterzoneawarenessenabled" + + "`clusterdedicatedmastertype`clusterdedicatedmastercount`vpcid`subnetid`availabilityzone`securitygroupid`advancedoptions"; + FileGenerator.generateJson(esDomainMap, fieldNames, "aws-elasticsearch.data",keys); + + fieldNames = "domain.domainId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`domainid`key`value"; + FileGenerator.generateJson(esDomainMap, fieldNames, "aws-elasticsearch-tags.data",keys); + } + + /** + * Generate reserved instances. + * + * @param reservedInstancesMap the reserved instances map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateReservedInstances(Map> reservedInstancesMap) throws IOException { + String fieldNames; + String keys; + fieldNames = "reservedInstancesId`instanceType`availabilityZone`duration`start`end`fixedPrice`instanceCount`productDescription`state`usagePrice`currencyCode" + + "`instanceTenancy`offeringClass`offeringType`scope`recurringCharges.frequency`recurringCharges.amount"; + keys = "discoverydate`accountid`accountname`region`instanceid`instancetype`availabilityzone`duration`startdate`enddate`fixedprice`instancecount`productdescription`state`usageprice`currencycode" + + "`instancetenancy`offeringclass`offeringtype`scope`recurringchargesfrequency`recurringchargesamount"; + FileGenerator.generateJson(reservedInstancesMap, fieldNames, "aws-reservedinstance.data",keys); + + fieldNames = "reservedInstancesId`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`instanceid`key`value"; + FileGenerator.generateJson(reservedInstancesMap, fieldNames, "aws-reservedinstance-tags.data",keys); + } + + /** + * Generate ssm files. + * + * @param ssmMap the ssm map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateSsmFiles(Map> ssmMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="instanceId`pingStatus`lastPingDateTime`agentVersion`isLatestVersion`platformType`platformName`platformVersion`activationId`iamRole`registrationDate`resourceType`name`iPAddress`computerName`associationStatus`lastAssociationExecutionDate`lastSuccessfulAssociationExecutionDate"; + keys = "discoverydate`accountid`accountname`region`instanceid`pingstatus`lastpingdatetime`agentversion`islatestversion`platformtype`platformname`platformversion`activationid`iamrole`registrationdate`" + + "resourcetype`name`ipaddress`computername`associationstatus`lastassociationexecutiondate`lastsuccessfulassociationexecutiondate"; + FileGenerator.generateJson(ssmMap, fieldNames, "aws-ec2-ssminfo.data",keys); + } + + /** + * Generate elasti cache files. + * + * @param elastiCacheMap the elasti cache map + * @throws IOException Signals that an I/O exception has occurred. + */ + public static void generateElastiCacheFiles(Map> elastiCacheMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="arn`clusterName`description`noOfNodes`primaryOrConfigEndpoint`availabilityZones`cluster.cacheNodeType`cluster.engine`cluster.engineVersion`cluster.cacheClusterStatus" + + "`cluster.cacheClusterCreateTime`cluster.preferredMaintenanceWindow`cluster.cacheSubnetGroupName`cluster.autoMinorVersionUpgrade`cluster.replicationGroupId`cluster.snapshotRetentionLimit`cluster.snapshotWindow`cluster.authTokenEnabled" + + "`cluster.transitEncryptionEnabled`cluster.atRestEncryptionEnabled`cluster.notificationConfiguration.topicArn`cluster.notificationConfiguration.topicStatus" + + "`securityGroups`parameterGroup`vpc`subnets"; + keys ="discoverydate`accountid`accountname`region`arn`clustername`description`noofnodes`primaryorconfigendpoint`availabilityzones`nodetype`engine`engineversion`clusterstatus" + + "`clustercreatetime`preferredmaintenancewindow`subnetgroupname`autominorversionupgrade`replicationgroupid`snapshotretentionlimit`snapshotwindow`authtokenenabled" + + "`transitencryptionenabled`atrestencryptionenabled`notificationconfigtopicarn`notificationconfigtopicstatus" + + "`securitygroups`parametergroup`vpc`subnets"; + FileGenerator.generateJson(elastiCacheMap, fieldNames, "aws-elasticache.data",keys); + + fieldNames = "clusterName`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`clustername`key`value"; + FileGenerator.generateJson(elastiCacheMap, fieldNames, "aws-elasticache-tags.data",keys); + + fieldNames = "clusterName`nodes.nodeName`nodes.node.cacheNodeStatus`nodes.node.cacheNodeCreateTime`nodes.node.parameterGroupStatus" + + "`nodes.node.endpoint.address`nodes.node.endpoint.port`nodes.node.customerAvailabilityZone`nodes.tags"; + keys = "discoverydate`accountid`accountname`region`clustername`nodeName`status`createdOn`parameterGroupStatus`endPointAddress`endPointPort`availabilityZone`tagStr"; + FileGenerator.generateJson(elastiCacheMap, fieldNames, "aws-elasticache-nodes.data",keys); + + } + + public static void generateKinesisDataStreamFiles(Map> kinesisDataStreamMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="streamDescription.streamARN`streamDescription.streamName`streamDescription.streamStatus`streamDescription.retentionPeriodHours`streamDescription.streamCreationTimestamp`streamDescription.encryptionType`streamDescription.keyId" + + "`streamDescription.enhancedMonitoring.shardLevelMetrics`streamDescription.shards.shardId`streamDescription.shards.parentShardId`streamDescription.shards.adjacentParentShardId`streamDescription.shards.hashKeyRange.startingHashKey`streamDescription.shards.hashKeyRange.endingHashKey" + + "`streamDescription.shards.sequenceNumberRange.startingSequenceNumber`streamDescription.shards.sequenceNumberRange.endingSequenceNumber"; + keys ="discoverydate`accountid`accountname`region`streamarn`streamname`streamstatus`retentionperiodhours`streamcreationtimestamp`encryptiontype`keyid" + + "`enhancedmonitoringshardlevelmetrics`shardid`parentshardid`adjacentparentshardid`startinghashkey`endinghashkey" + + "`startingsequencenumber`endingsequencenumber"; + FileGenerator.generateJson(kinesisDataStreamMap, fieldNames, "aws-datastream.data",keys); + + fieldNames = "streamDescription.streamARN`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`streamarn`key`value"; + FileGenerator.generateJson(kinesisDataStreamMap, fieldNames, "aws-datastream-tags.data",keys); + } + + public static void generateSQSFiles(Map> sqsMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="queueUrl`sqs.QueueArn`sqs.Policy`sqs.ApproximateNumberOfMessagesDelayed`sqs.ReceiveMessageWaitTimeSeconds`sqs.CreatedTimestamp`sqs.DelaySeconds`sqs.MessageRetentionPeriod`sqs.MaximumMessageSize" + + "`sqs.VisibilityTimeout`sqs.ApproximateNumberOfMessages`sqs.ApproximateNumberOfMessagesNotVisible`sqs.LastModifiedTimestamp`sqs.KmsMasterKeyId`sqs.KmsDataKeyReusePeriodSeconds" + + "`sqs.FifoQueue`sqs.ContentBasedDeduplication`sqs.RedrivePolicy"; + keys ="discoverydate`accountid`accountname`region`queueurl`queuearn`policy`approximatenumberofmessagesdelayed`receivemessagewaittimeseconds`createdtimestamp`delayseconds`messageretentionperiod`maximummessagesize" + + "`visibilitytimeout`approximatenumberofmessages`approximatenumberofmessagesnotvisible`lastmodifiedtimestamp`kmsmasterkeyid`kmsdatakeyreuseperiodseconds" + + "`fifoqueue`contentbaseddeduplication`redrivepolicy"; + FileGenerator.generateJson(sqsMap, fieldNames, "aws-sqs.data",keys); + + fieldNames = "sqs.QueueArn`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`queuearn`key`value"; + FileGenerator.generateJson(sqsMap, fieldNames, "aws-sqs-tags.data",keys); + } + + public static void generateKinesisDeliveryStreamFiles(Map> kinesisDeliveryStreamMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="deliveryStreamDescription.deliveryStreamARN`deliveryStreamDescription.deliveryStreamName`deliveryStreamDescription.deliveryStreamStatus`deliveryStreamDescription.deliveryStreamType`deliveryStreamDescription.versionId" + + "`deliveryStreamDescription.createTimestamp`deliveryStreamDescription.lastUpdateTimestamp`deliveryStreamDescription.source.kinesisStreamSourceDescription`destinationDescription"; + keys ="discoverydate`accountid`accountname`region`deliverystreamarn`deliverystreamname`deliverystreamstatus`deliverystreamtype`versionid" + + "`createtimestamp`lastupdatetimestamp`sourcedescription`destinationdescription"; + FileGenerator.generateJson(kinesisDeliveryStreamMap, fieldNames, "aws-deliverystream.data",keys); + + fieldNames = "deliveryStreamDescription.deliveryStreamARN`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`deliverystreamarn`key`value"; + FileGenerator.generateJson(kinesisDeliveryStreamMap, fieldNames, "aws-deliverystream-tags.data",keys); + } + + public static void generateKinesisVideoStreamFiles(Map> kinesisVideoStreamMap) throws IOException { + String fieldNames; + String keys; + fieldNames ="streamInfo.streamARN`streamInfo.deviceName`streamInfo.streamName`streamInfo.mediaType`streamInfo.kmsKeyId" + + "`streamInfo.version`streamInfo.status`streamInfo.creationTime`streamInfo.dataRetentionInHours"; + keys ="discoverydate`accountid`accountname`region`streamarn`devicename`streamname`mediatype`kmskeyid" + + "`version`status`creationtime`dataretentioninhours"; + FileGenerator.generateJson(kinesisVideoStreamMap, fieldNames, "aws-videostream.data",keys); + + fieldNames = "streamInfo.streamARN`tags.key`tags.value"; + keys = "discoverydate`accountid`accountname`region`streamarn`key`value"; + FileGenerator.generateJson(kinesisVideoStreamMap, fieldNames, "aws-videostream-tags.data",keys); + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/S3Uploader.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/S3Uploader.java index 43949cb27..83a53f169 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/S3Uploader.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/file/S3Uploader.java @@ -1,188 +1,190 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.file; - -import java.io.File; -import java.util.stream.Collectors; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Component; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.services.s3.AmazonS3; -import com.amazonaws.services.s3.AmazonS3ClientBuilder; -import com.amazonaws.services.s3.model.DeleteObjectsRequest; -import com.amazonaws.services.s3.model.DeleteObjectsResult; -import com.amazonaws.services.s3.model.ListObjectsV2Request; -import com.amazonaws.services.s3.model.S3ObjectSummary; -import com.amazonaws.services.s3.transfer.MultipleFileUpload; -import com.amazonaws.services.s3.transfer.TransferManager; -import com.amazonaws.services.s3.transfer.TransferManagerBuilder; -import com.tmobile.cso.pacman.inventory.InventoryFetchOrchestrator; -import com.tmobile.cso.pacman.inventory.auth.CredentialProvider; - -/** - * The Class S3Uploader. - */ -@Component -public class S3Uploader { - - /** The log. */ - private static Logger log = LogManager.getLogger(InventoryFetchOrchestrator.class); - - /** The file tableinfo. */ - @Value("${file-tableinfo}") - private String fileTableinfo; - - /** The account. */ - @Value("${base-account}") - private String account; - - /** The role name. */ - @Value("${s3-role}") - private String roleName; - - /** The cred provider. */ - @Autowired - CredentialProvider credProvider; - - /** - * Upload files. - * - * @param s3Bucket the s 3 bucket - * @param dataFolder the data folder - * @param s3Region the s 3 region - * @param filePath the file path - */ - public void uploadFiles(String s3Bucket,String dataFolder, String s3Region,String filePath){ - BasicSessionCredentials credentials = credProvider.getCredentials(account,roleName); - AmazonS3 s3client = AmazonS3ClientBuilder.standard().withRegion(s3Region).withCredentials(new AWSStaticCredentialsProvider(credentials)).build(); - uploadAllFiles(s3client,s3Bucket,dataFolder,filePath); - } - - /** - * Back up files. - * - * @param s3Bucket the s 3 bucket - * @param s3Region the s 3 region - * @param from the from - * @param to the to - */ - public void backUpFiles(String s3Bucket,String s3Region,String from,String to){ - BasicSessionCredentials credentials = credProvider.getCredentials(account,roleName); - AmazonS3 s3client = AmazonS3ClientBuilder.standard().withRegion(s3Region).withCredentials(new AWSStaticCredentialsProvider(credentials)).build(); - copytoBackUp(s3client,s3Bucket,from,to); - deleteFiles(s3client,s3Bucket,from); - } - - /** - * Upload all files. - * - * @param s3client the s 3 client - * @param s3Bucket the s 3 bucket - * @param dataFolderS3 the data folder S 3 - * @param filePath the file path - */ - private void uploadAllFiles(AmazonS3 s3client,String s3Bucket,String dataFolderS3, String filePath){ - - TransferManager xferMgr = TransferManagerBuilder.standard().withS3Client(s3client).build(); - try { - MultipleFileUpload xfer = xferMgr.uploadDirectory(s3Bucket, - dataFolderS3, new File(filePath), false); - - while(!xfer.isDone()){ - try{ - Thread.sleep(3000); - }catch(InterruptedException e){ - log.error("Error in uploadAllFiles",e); - Thread.currentThread().interrupt(); - } - log.debug(" Transfer % Completed :" +xfer.getProgress().getPercentTransferred()); - } - xfer.waitForCompletion(); - - log.info("Transfer completed"); - } catch (Exception e) { - log.fatal("{\"errcode\": \"S3_UPLOAD_ERR\" ,\"account\": \"ANY\",\"Message\": \"Exception in loading files to S3\", \"cause\":\"" +e.getMessage()+"\"}") ; - log.info("Error Uploading files "+e); - } - xferMgr.shutdownNow(); - } - - /** - * Copyto back up. - * - * @param s3client the s 3 client - * @param s3Bucket the s 3 bucket - * @param from the from - * @param to the to - */ - private void copytoBackUp(AmazonS3 s3client,String s3Bucket,String from, String to){ - String[] keys = listKeys(s3client,s3Bucket,from); - String fileName =""; - for(String key:keys){ - try{ - fileName = key.substring(key.lastIndexOf('/')+1); - s3client.copyObject(s3Bucket,key,s3Bucket,to+"/"+fileName); - log.debug(" Copy "+fileName + " to backup folder"); - }catch(Exception e){ - log.info(" Copy "+fileName + "failed",e); - } - } - } - - /** - * Delete files. - * - * @param s3client the s 3 client - * @param s3Bucket the s 3 bucket - * @param folder the folder - */ - private void deleteFiles(AmazonS3 s3client,String s3Bucket,String folder){ - - String[] keys = listKeys(s3client,s3Bucket,folder); - DeleteObjectsRequest multiObjectDeleteRequest = new DeleteObjectsRequest(s3Bucket).withKeys((keys)); - - try{ - DeleteObjectsResult result = s3client.deleteObjects(multiObjectDeleteRequest); - log.debug("Files Deleted " +result.getDeletedObjects().stream().map(obj->obj.getKey()).collect(Collectors.toList())); - }catch(Exception e){ - log.error("Delete Failed",e); - } - } - - /** - * List keys. - * - * @param s3client the s 3 client - * @param s3Bucket the s 3 bucket - * @param folder the folder - * @return the string[] - */ - private String[] listKeys(AmazonS3 s3client,String s3Bucket,String folder){ - try{ - return s3client.listObjectsV2(new ListObjectsV2Request().withBucketName(s3Bucket).withPrefix(folder)).getObjectSummaries().stream().map(S3ObjectSummary::getKey).toArray(String[]::new); - }catch(Exception e){ - log.error("Error in listKeys",e); - } - return new String[0]; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import java.io.File; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.services.s3.AmazonS3; +import com.amazonaws.services.s3.AmazonS3ClientBuilder; +import com.amazonaws.services.s3.model.DeleteObjectsRequest; +import com.amazonaws.services.s3.model.DeleteObjectsResult; +import com.amazonaws.services.s3.model.ListObjectsV2Request; +import com.amazonaws.services.s3.model.S3ObjectSummary; +import com.amazonaws.services.s3.transfer.MultipleFileUpload; +import com.amazonaws.services.s3.transfer.TransferManager; +import com.amazonaws.services.s3.transfer.TransferManagerBuilder; +import com.tmobile.cso.pacman.inventory.InventoryFetchOrchestrator; +import com.tmobile.cso.pacman.inventory.auth.CredentialProvider; + +/** + * The Class S3Uploader. + */ +@Component +public class S3Uploader { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(InventoryFetchOrchestrator.class); + + + /** The account. */ + @Value("${base.account}") + private String account; + + /** The account. */ + @Value("${s3.role}") + private String s3Role; + + /** The cred provider. */ + @Autowired + CredentialProvider credProvider; + + /** + * Upload files. + * + * @param s3Bucket the s 3 bucket + * @param dataFolder the data folder + * @param s3Region the s 3 region + * @param filePath the file path + */ + public void uploadFiles(String s3Bucket,String dataFolder, String s3Region,String filePath){ + BasicSessionCredentials credentials = credProvider.getCredentials(account,s3Role); + AmazonS3 s3client = AmazonS3ClientBuilder.standard().withRegion(s3Region).withCredentials(new AWSStaticCredentialsProvider(credentials)).build(); + uploadAllFiles(s3client,s3Bucket,dataFolder,filePath); + } + + /** + * Back up files. + * + * @param s3Bucket the s 3 bucket + * @param s3Region the s 3 region + * @param from the from + * @param to the to + */ + public void backUpFiles(String s3Bucket,String s3Region,String from,String to){ + BasicSessionCredentials credentials = credProvider.getCredentials(account,s3Role); + AmazonS3 s3client = AmazonS3ClientBuilder.standard().withRegion(s3Region).withCredentials(new AWSStaticCredentialsProvider(credentials)).build(); + log.info("Backing up files from : {} to : {} in bucket : {}",from,to,s3Bucket); + copytoBackUp(s3client,s3Bucket,from,to); + deleteFiles(s3client,s3Bucket,from); + } + + /** + * Upload all files. + * + * @param s3client the s 3 client + * @param s3Bucket the s 3 bucket + * @param dataFolderS3 the data folder S 3 + * @param filePath the file path + */ + private void uploadAllFiles(AmazonS3 s3client,String s3Bucket,String dataFolderS3, String filePath){ + log.info("Uploading files to bucket: {} folder: {}",s3Bucket,dataFolderS3); + TransferManager xferMgr = TransferManagerBuilder.standard().withS3Client(s3client).build(); + try { + MultipleFileUpload xfer = xferMgr.uploadDirectory(s3Bucket, + dataFolderS3, new File(filePath), false); + + while(!xfer.isDone()){ + try{ + Thread.sleep(3000); + }catch(InterruptedException e){ + log.error("Error in uploadAllFiles",e); + ErrorManageUtil.uploadError("all", "all", "all", e.getMessage()); + Thread.currentThread().interrupt(); + } + log.debug(" Transfer % Completed :" +xfer.getProgress().getPercentTransferred()); + } + xfer.waitForCompletion(); + + log.info("Transfer completed"); + } catch (Exception e) { + log.error("{\"errcode\": \"S3_UPLOAD_ERR\" ,\"account\": \"ANY\",\"Message\": \"Exception in loading files to S3\", \"cause\":\"" +e.getMessage()+"\"}") ; + ErrorManageUtil.uploadError("all", "all", "all", e.getMessage()); + } + xferMgr.shutdownNow(); + } + + /** + * Copyto back up. + * + * @param s3client the s 3 client + * @param s3Bucket the s 3 bucket + * @param from the from + * @param to the to + */ + private void copytoBackUp(AmazonS3 s3client,String s3Bucket,String from, String to){ + String[] keys = listKeys(s3client,s3Bucket,from); + String fileName =""; + for(String key:keys){ + try{ + fileName = key.substring(key.lastIndexOf('/')+1); + s3client.copyObject(s3Bucket,key,s3Bucket,to+"/"+fileName); + log.debug(" Copy "+fileName + " to backup folder"); + }catch(Exception e){ + log.info(" Copy "+fileName + "failed",e); + ErrorManageUtil.uploadError("all", "all", "all", e.getMessage()); + } + } + } + + /** + * Delete files. + * + * @param s3client the s 3 client + * @param s3Bucket the s 3 bucket + * @param folder the folder + */ + private void deleteFiles(AmazonS3 s3client,String s3Bucket,String folder){ + + String[] keys = listKeys(s3client,s3Bucket,folder); + DeleteObjectsRequest multiObjectDeleteRequest = new DeleteObjectsRequest(s3Bucket).withKeys((keys)); + + try{ + DeleteObjectsResult result = s3client.deleteObjects(multiObjectDeleteRequest); + log.debug("Files Deleted " +result.getDeletedObjects().stream().map(obj->obj.getKey()).collect(Collectors.toList())); + }catch(Exception e){ + log.error("Delete Failed",e); + ErrorManageUtil.uploadError("all", "all", "all", e.getMessage()); + } + } + + /** + * List keys. + * + * @param s3client the s 3 client + * @param s3Bucket the s 3 bucket + * @param folder the folder + * @return the string[] + */ + private String[] listKeys(AmazonS3 s3client,String s3Bucket,String folder){ + try{ + return s3client.listObjectsV2(new ListObjectsV2Request().withBucketName(s3Bucket).withPrefix(folder)).getObjectSummaries().stream().map(S3ObjectSummary::getKey).toArray(String[]::new); + }catch(Exception e){ + log.error("Error in listKeys",e); + ErrorManageUtil.uploadError("all", "all", "all", e.getMessage()); + } + return new String[0]; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/log/CloudwatchAppender.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/log/CloudwatchAppender.java deleted file mode 100644 index f0f07d490..000000000 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/log/CloudwatchAppender.java +++ /dev/null @@ -1,228 +0,0 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.log; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.Calendar; - -import org.apache.logging.log4j.core.Filter; -import org.apache.logging.log4j.core.Layout; -import org.apache.logging.log4j.core.LogEvent; -import org.apache.logging.log4j.core.appender.AbstractAppender; -import org.apache.logging.log4j.core.appender.AppenderLoggingException; -import org.apache.logging.log4j.core.config.plugins.Plugin; -import org.apache.logging.log4j.core.config.plugins.PluginAttribute; -import org.apache.logging.log4j.core.config.plugins.PluginElement; -import org.apache.logging.log4j.core.config.plugins.PluginFactory; -import org.apache.logging.log4j.core.layout.PatternLayout; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicAWSCredentials; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.services.logs.AWSLogs; -import com.amazonaws.services.logs.AWSLogsClientBuilder; -import com.amazonaws.services.logs.model.CreateLogGroupRequest; -import com.amazonaws.services.logs.model.CreateLogStreamRequest; -import com.amazonaws.services.logs.model.DescribeLogGroupsRequest; -import com.amazonaws.services.logs.model.DescribeLogGroupsResult; -import com.amazonaws.services.logs.model.DescribeLogStreamsRequest; -import com.amazonaws.services.logs.model.DescribeLogStreamsResult; -import com.amazonaws.services.logs.model.InputLogEvent; -import com.amazonaws.services.logs.model.LogGroup; -import com.amazonaws.services.logs.model.LogStream; -import com.amazonaws.services.logs.model.PutLogEventsRequest; -import com.amazonaws.services.logs.model.PutLogEventsResult; -import com.amazonaws.services.logs.model.ResourceNotFoundException; -import com.amazonaws.services.securitytoken.AWSSecurityTokenService; -import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; -import com.amazonaws.services.securitytoken.model.AssumeRoleRequest; -import com.amazonaws.services.securitytoken.model.AssumeRoleResult; - -/** - * The Class CloudwatchAppender. - */ -@Plugin(name = "CloudwatchAppender", category = "Core", elementType = "appender", printObject = true) -public class CloudwatchAppender extends AbstractAppender { - - /** The dev mode. */ - private boolean devMode = System.getProperty("PIC_DEV_MODE")==null?false:true; - - /** The aws log group name. */ - private String awsLogGroupName ; - - /** The aws log stream name. */ - private String awsLogStreamName ; - - /** The sequence token. */ - private String sequenceToken ; - - /** The aws logs client. */ - private AWSLogs awsLogsClient = null; - - /** - * Instantiates a new cloudwatch appender. - * - * @param name the name - * @param filter the filter - * @param layout the layout - * @param logGroup the log group - * @param logStream the log stream - * @param ignoreExceptions the ignore exceptions - */ - protected CloudwatchAppender(String name, Filter filter, Layout layout, String logGroup, String logStream, final boolean ignoreExceptions) { - super(name, filter, layout, ignoreExceptions); - - if(devMode){ - String accessKey = System.getProperty("ACCESS_KEY"); - String secretKey = System.getProperty("SECRET_KEY"); - String baseAccount = System.getProperty("base-account"); - String roleName = System.getProperty("s3-role"); - String region = System.getProperty("base-region"); - - BasicAWSCredentials awsCreds = new BasicAWSCredentials(accessKey, secretKey); - AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard().withCredentials( new AWSStaticCredentialsProvider(awsCreds)).withRegion(region); - AWSSecurityTokenService sts = stsBuilder.build(); - AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn("arn:aws:iam::"+baseAccount+":role/"+roleName).withRoleSessionName("pic-base-log-ro"); - AssumeRoleResult assumeResult = sts.assumeRole(assumeRequest); - BasicSessionCredentials tempCredntials = new BasicSessionCredentials( - assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), - assumeResult.getCredentials().getSessionToken()); - - awsLogsClient = AWSLogsClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(tempCredntials)).withRegion(region).build(); - }else{ - awsLogsClient = AWSLogsClientBuilder.defaultClient(); - } - - awsLogGroupName = logGroup; - awsLogStreamName = logStream; - sequenceToken = createLogGroupAndLogStreamIfNeeded(awsLogGroupName,awsLogStreamName); - - } - - /** - * Creates the appender. - * - * @param name the name - * @param logGroup the log group - * @param logStream the log stream - * @param layout the layout - * @param filter the filter - * @param otherAttribute the other attribute - * @return the cloudwatch appender - */ - @PluginFactory - public static CloudwatchAppender createAppender( - @PluginAttribute("name") String name, - @PluginAttribute("logGroup") String logGroup, - @PluginAttribute("logStream") String logStream, - @PluginElement("Layout") Layout layout, - @PluginElement("Filter") final Filter filter,@PluginAttribute("otherAttribute") String otherAttribute) { - - if (name == null) { - LOGGER.error("No name provided for MyCustomAppenderImp"); - return null; - } - if (layout == null) { - layout = PatternLayout.createDefaultLayout(); - } - - return new CloudwatchAppender(name, filter, layout,logGroup,logStream, true); - - } - - /* (non-Javadoc) - * @see org.apache.logging.log4j.core.Appender#append(org.apache.logging.log4j.core.LogEvent) - */ - public void append(LogEvent event) { - try { - final byte[] logMessage = getLayout().toByteArray(event); - - PutLogEventsRequest putLogEventsRequest = new PutLogEventsRequest(); - putLogEventsRequest.setLogGroupName(awsLogGroupName); - putLogEventsRequest.setLogStreamName(awsLogStreamName); - putLogEventsRequest.setSequenceToken(sequenceToken); - - Calendar calendar = Calendar.getInstance(); - InputLogEvent inputLogEvent = new InputLogEvent(); - inputLogEvent.setMessage(new String(logMessage, "UTF-8")); - inputLogEvent.setTimestamp(calendar.getTimeInMillis()); - ArrayList logEvents = new ArrayList<>(); - logEvents.add(inputLogEvent); - - putLogEventsRequest.setLogEvents(logEvents); - - - try { - PutLogEventsResult putLogEventsResult = awsLogsClient.putLogEvents(putLogEventsRequest); - sequenceToken = putLogEventsResult.getNextSequenceToken(); - - }catch(ResourceNotFoundException ex){ - LOGGER.info(ex); - createLogGroupAndLogStreamIfNeeded(awsLogGroupName,awsLogStreamName); - } - - - } catch (Exception ex) { - if (!ignoreExceptions()) { - throw new AppenderLoggingException(ex); - } - } - } - - /** - * Creates the log group and log stream if needed. - * - * @param logGroupName the log group name - * @param logStreamName the log stream name - * @return the string - */ - private String createLogGroupAndLogStreamIfNeeded(String logGroupName, String logStreamName) { - - final DescribeLogGroupsResult describeLogGroupsResult = awsLogsClient.describeLogGroups(new DescribeLogGroupsRequest().withLogGroupNamePrefix(logGroupName)); - boolean createLogGroup = true; - - if (describeLogGroupsResult != null && describeLogGroupsResult.getLogGroups() != null && !describeLogGroupsResult.getLogGroups().isEmpty()) { - for (final LogGroup lg : describeLogGroupsResult.getLogGroups()) { - if (logGroupName.equals(lg.getLogGroupName())) { - createLogGroup = false; - break; - } - } - } - if (createLogGroup) { - final CreateLogGroupRequest createLogGroupRequest = new CreateLogGroupRequest(logGroupName); - awsLogsClient.createLogGroup(createLogGroupRequest); - } - - - final DescribeLogStreamsRequest describeLogStreamsRequest = new DescribeLogStreamsRequest(logGroupName).withLogStreamNamePrefix(logStreamName); - final DescribeLogStreamsResult describeLogStreamsResult = awsLogsClient.describeLogStreams(describeLogStreamsRequest); - if (describeLogStreamsResult != null && describeLogStreamsResult.getLogStreams() != null && !describeLogStreamsResult.getLogStreams().isEmpty()) { - for (final LogStream logStream : describeLogStreamsResult.getLogStreams()) { - if (logStreamName.equals(logStream.getLogStreamName())) { - return logStream.getUploadSequenceToken(); - } - } - } - - CreateLogStreamRequest createLogStreamRequest = new CreateLogStreamRequest(logGroupName, logStreamName); - awsLogsClient.createLogStream(createLogStreamRequest); - - return null; - - } -} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtil.java index 1f3c12da1..945175772 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtil.java @@ -1,156 +1,156 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.autoscaling.AmazonAutoScaling; -import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; -import com.amazonaws.services.autoscaling.model.AutoScalingGroup; -import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsRequest; -import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; -import com.amazonaws.services.autoscaling.model.DescribeLaunchConfigurationsRequest; -import com.amazonaws.services.autoscaling.model.DescribePoliciesRequest; -import com.amazonaws.services.autoscaling.model.LaunchConfiguration; -import com.amazonaws.services.autoscaling.model.ScalingPolicy; -import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; -import com.tmobile.cso.pacman.inventory.file.FileGenerator; - -/** - * The Class ASGInventoryUtil. - */ -public class ASGInventoryUtil { - - /** The log. */ - private static Logger log = LogManager.getLogger(InventoryUtil.class); - - /** The delimiter. */ - private static String delimiter = FileGenerator.DELIMITER; - - /** The asg max record. */ - private static int asgMaxRecord = 100; - - /** - * Instantiates a new ASG inventory util. - */ - private ASGInventoryUtil(){ - } - - /** - * Fetch launch configurations. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchLaunchConfigurations(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - AmazonAutoScaling asgClient; - Map> launchConfigurationList = new LinkedHashMap<>(); - List launchConfigurationNames = new ArrayList<>(); - - String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"ASG\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ //!skipRegions - List launchConfigurationListTemp = new ArrayList<>(); - asgClient = AmazonAutoScalingClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextToken = null; - DescribeAutoScalingGroupsResult describeResult ; - do{ - describeResult = asgClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withNextToken(nextToken).withMaxRecords(asgMaxRecord)); - for(AutoScalingGroup _asg : describeResult.getAutoScalingGroups()) { - launchConfigurationNames.add(_asg.getLaunchConfigurationName()); - } - nextToken = describeResult.getNextToken(); - }while(nextToken!=null); - List launchConfigurationNamesTemp = new ArrayList<>(); - - for(int i =0 ; i(); - } - - } - - if(!launchConfigurationListTemp.isEmpty() ){ - log.debug("Account : " + account + " Type : ASG Launch Configurations "+region.getName()+" >> " + launchConfigurationListTemp.size()); - launchConfigurationList.put(account+delimiter+region.getName(), launchConfigurationListTemp); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"launchconfig",e.getMessage()); - } - } - return launchConfigurationList; - } - -/** - * Fetch scaling policies. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ -public static Map> fetchScalingPolicies(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - AmazonAutoScaling asgClient; - Map> scalingPolicyList = new LinkedHashMap<>(); - - String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"ASG\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ //!skipRegions - List _scalingPolicyList = new ArrayList<>(); - asgClient = AmazonAutoScalingClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextToken = null; - DescribeAutoScalingGroupsResult describeResult ; - do{ - describeResult = asgClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withNextToken(nextToken).withMaxRecords(asgMaxRecord)); - for(AutoScalingGroup _asg : describeResult.getAutoScalingGroups()) { - _scalingPolicyList.addAll(asgClient.describePolicies(new DescribePoliciesRequest().withAutoScalingGroupName(_asg.getAutoScalingGroupName())).getScalingPolicies()); - } - nextToken = describeResult.getNextToken(); - }while(nextToken!=null); - - if(!_scalingPolicyList.isEmpty() ){ - log.debug("Account : " + account + " Type : ASG Scaling Policy "+region.getName()+" >> " + _scalingPolicyList.size()); - scalingPolicyList.put(account+delimiter+region.getName(), _scalingPolicyList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"asgpolicy",e.getMessage()); - } - } - return scalingPolicyList; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.autoscaling.AmazonAutoScaling; +import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; +import com.amazonaws.services.autoscaling.model.AutoScalingGroup; +import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsRequest; +import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; +import com.amazonaws.services.autoscaling.model.DescribeLaunchConfigurationsRequest; +import com.amazonaws.services.autoscaling.model.DescribePoliciesRequest; +import com.amazonaws.services.autoscaling.model.LaunchConfiguration; +import com.amazonaws.services.autoscaling.model.ScalingPolicy; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; + +/** + * The Class ASGInventoryUtil. + */ +public class ASGInventoryUtil { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(InventoryUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + /** The asg max record. */ + private static int asgMaxRecord = 100; + + /** + * Instantiates a new ASG inventory util. + */ + private ASGInventoryUtil(){ + } + + /** + * Fetch launch configurations. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchLaunchConfigurations(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + AmazonAutoScaling asgClient; + Map> launchConfigurationList = new LinkedHashMap<>(); + List launchConfigurationNames = new ArrayList<>(); + + String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"accountId\": \""+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"ASG\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ //!skipRegions + List launchConfigurationListTemp = new ArrayList<>(); + asgClient = AmazonAutoScalingClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextToken = null; + DescribeAutoScalingGroupsResult describeResult ; + do{ + describeResult = asgClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withNextToken(nextToken).withMaxRecords(asgMaxRecord)); + for(AutoScalingGroup _asg : describeResult.getAutoScalingGroups()) { + launchConfigurationNames.add(_asg.getLaunchConfigurationName()); + } + nextToken = describeResult.getNextToken(); + }while(nextToken!=null); + List launchConfigurationNamesTemp = new ArrayList<>(); + + for(int i =0 ; i(); + } + + } + + if(!launchConfigurationListTemp.isEmpty() ){ + log.debug("Account : " + accountId + " Type : ASG Launch Configurations "+region.getName()+" >> " + launchConfigurationListTemp.size()); + launchConfigurationList.put(accountId+delimiter+accountName+delimiter+region.getName(), launchConfigurationListTemp); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"launchconfig",e.getMessage()); + } + } + return launchConfigurationList; + } + +/** + * Fetch scaling policies. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ +public static Map> fetchScalingPolicies(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + AmazonAutoScaling asgClient; + Map> scalingPolicyList = new LinkedHashMap<>(); + + String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"accountId\": \""+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"ASG\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ //!skipRegions + List _scalingPolicyList = new ArrayList<>(); + asgClient = AmazonAutoScalingClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextToken = null; + DescribeAutoScalingGroupsResult describeResult ; + do{ + describeResult = asgClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withNextToken(nextToken).withMaxRecords(asgMaxRecord)); + for(AutoScalingGroup _asg : describeResult.getAutoScalingGroups()) { + _scalingPolicyList.addAll(asgClient.describePolicies(new DescribePoliciesRequest().withAutoScalingGroupName(_asg.getAutoScalingGroupName())).getScalingPolicies()); + } + nextToken = describeResult.getNextToken(); + }while(nextToken!=null); + + if(!_scalingPolicyList.isEmpty() ){ + log.debug("Account : " + accountId + " Type : ASG Scaling Policy "+region.getName()+" >> " + _scalingPolicyList.size()); + scalingPolicyList.put(accountId+delimiter+accountName+delimiter+region.getName(), _scalingPolicyList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"asgpolicy",e.getMessage()); + } + } + return scalingPolicyList; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtil.java index 350306201..6477ec772 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtil.java @@ -1,118 +1,118 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.directconnect.AmazonDirectConnectClient; -import com.amazonaws.services.directconnect.AmazonDirectConnectClientBuilder; -import com.amazonaws.services.directconnect.model.Connection; -import com.amazonaws.services.directconnect.model.VirtualInterface; -import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; -import com.tmobile.cso.pacman.inventory.file.FileGenerator; - -/** - * The Class DirectConnectionInventoryUtil. - */ -public class DirectConnectionInventoryUtil { - - /** - * Instantiates a new direct connection inventory util. - */ - private DirectConnectionInventoryUtil() { - - } - - /** The log. */ - private static Logger log = LogManager.getLogger(DirectConnectionInventoryUtil.class); - - /** The delimiter. */ - private static String delimiter = FileGenerator.DELIMITER; - - /** - * Fetch direct connections. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchDirectConnections(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - - Map> connectionMap = new LinkedHashMap<>(); - String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Direct Connections\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - AmazonDirectConnectClient directConnectClient = (AmazonDirectConnectClient) AmazonDirectConnectClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List connectionList = directConnectClient.describeConnections().getConnections(); - - if(!connectionList.isEmpty() ) { - log.debug("Account : " + account + " Type : Direct Connections "+ region.getName()+" >> " + connectionList.size()); - connectionMap.put(account+delimiter+region.getName(), connectionList); - } - } - - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"directconnect",e.getMessage()); - } - } - return connectionMap; - } - - /** - * Fetch direct connections virtual interfaces. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchDirectConnectionsVirtualInterfaces(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - - Map> virtualInterfacesMap = new LinkedHashMap<>(); - String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Direct Connections\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - AmazonDirectConnectClient directConnectClient = (AmazonDirectConnectClient) AmazonDirectConnectClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List virtualInterfacesList = directConnectClient.describeVirtualInterfaces().getVirtualInterfaces(); - if(!virtualInterfacesList.isEmpty() ) { - log.debug("Account : " + account + " Type : Direct Connections "+ region.getName()+" >> " + virtualInterfacesList.size()); - virtualInterfacesMap.put(account+delimiter+region.getName(), virtualInterfacesList); - } - } - - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"virtualinterface",e.getMessage()); - } - } - return virtualInterfacesMap; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.directconnect.AmazonDirectConnectClient; +import com.amazonaws.services.directconnect.AmazonDirectConnectClientBuilder; +import com.amazonaws.services.directconnect.model.Connection; +import com.amazonaws.services.directconnect.model.VirtualInterface; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; + +/** + * The Class DirectConnectionInventoryUtil. + */ +public class DirectConnectionInventoryUtil { + + /** + * Instantiates a new direct connection inventory util. + */ + private DirectConnectionInventoryUtil() { + + } + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(DirectConnectionInventoryUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + /** + * Fetch direct connections. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchDirectConnections(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> connectionMap = new LinkedHashMap<>(); + String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"accountId\": \""+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Direct Connections\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + AmazonDirectConnectClient directConnectClient = (AmazonDirectConnectClient) AmazonDirectConnectClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List connectionList = directConnectClient.describeConnections().getConnections(); + + if(!connectionList.isEmpty() ) { + log.debug("Account : " + accountId + " Type : Direct Connections "+ region.getName()+" >> " + connectionList.size()); + connectionMap.put(accountId+delimiter+accountName+delimiter+region.getName(), connectionList); + } + } + + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"directconnect",e.getMessage()); + } + } + return connectionMap; + } + + /** + * Fetch direct connections virtual interfaces. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchDirectConnectionsVirtualInterfaces(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> virtualInterfacesMap = new LinkedHashMap<>(); + String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"accountId\": \""+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Direct Connections\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + AmazonDirectConnectClient directConnectClient = (AmazonDirectConnectClient) AmazonDirectConnectClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List virtualInterfacesList = directConnectClient.describeVirtualInterfaces().getVirtualInterfaces(); + if(!virtualInterfacesList.isEmpty() ) { + log.debug("Account : " + accountId + " Type : Direct Connections "+ region.getName()+" >> " + virtualInterfacesList.size()); + virtualInterfacesMap.put(accountId+delimiter+accountName+delimiter+region.getName(), virtualInterfacesList); + } + } + + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"virtualinterface",e.getMessage()); + } + } + return virtualInterfacesMap; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtil.java index 74551c95f..5c645ad14 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtil.java @@ -1,478 +1,478 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.ec2.AmazonEC2; -import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; -import com.amazonaws.services.ec2.model.Address; -import com.amazonaws.services.ec2.model.CustomerGateway; -import com.amazonaws.services.ec2.model.DescribeEgressOnlyInternetGatewaysRequest; -import com.amazonaws.services.ec2.model.DhcpOptions; -import com.amazonaws.services.ec2.model.EgressOnlyInternetGateway; -import com.amazonaws.services.ec2.model.InternetGateway; -import com.amazonaws.services.ec2.model.NetworkAcl; -import com.amazonaws.services.ec2.model.ReservedInstances; -import com.amazonaws.services.ec2.model.RouteTable; -import com.amazonaws.services.ec2.model.VpcPeeringConnection; -import com.amazonaws.services.ec2.model.VpnConnection; -import com.amazonaws.services.ec2.model.VpnGateway; -import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement; -import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder; -import com.amazonaws.services.simplesystemsmanagement.model.DescribeInstanceInformationRequest; -import com.amazonaws.services.simplesystemsmanagement.model.DescribeInstanceInformationResult; -import com.amazonaws.services.simplesystemsmanagement.model.InstanceInformation; -import com.tmobile.cso.pacman.inventory.InventoryConstants; -import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; -import com.tmobile.cso.pacman.inventory.file.FileGenerator; - -/** - * The Class EC2InventoryUtil. - */ -public class EC2InventoryUtil { - - /** - * Instantiates a new EC 2 inventory util. - */ - private EC2InventoryUtil(){ - } - - /** The log. */ - private static Logger log = LogManager.getLogger(EC2InventoryUtil.class); - - /** The delimiter. */ - private static String delimiter = FileGenerator.DELIMITER; - - /** - * Fetch route tables. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchRouteTables(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> routeTableMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + InventoryConstants.ERROR_PREFIX_EC2 ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List routeTableList = ec2Client.describeRouteTables().getRouteTables(); - - if(!routeTableList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Route table "+ region.getName()+" >> " + routeTableList.size()); - routeTableMap.put(account+delimiter+region.getName(), routeTableList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"routetable",e.getMessage()); - } - } - return routeTableMap; - } - - /** - * Fetch network ACL. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchNetworkACL(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> networkAclMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + InventoryConstants.ERROR_PREFIX_EC2 ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List networkAclList = ec2Client.describeNetworkAcls().getNetworkAcls(); - - if(!networkAclList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Network Acl "+ region.getName()+" >> " + networkAclList.size()); - networkAclMap.put(account+delimiter+region.getName(), networkAclList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"networkacl",e.getMessage()); - } - } - return networkAclMap; - } - - /** - * Fetch elastic IP addresses. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchElasticIPAddresses(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> elasticIPMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + InventoryConstants.ERROR_PREFIX_EC2 ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List
    elasticIPList = ec2Client.describeAddresses().getAddresses(); - - if(!elasticIPList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Elastic IP "+ region.getName()+" >> " + elasticIPList.size()); - elasticIPMap.put(account+delimiter+region.getName(), elasticIPList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"elasticip",e.getMessage()); - } - } - return elasticIPMap; - } - - /** - * Fetch internet gateway. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchInternetGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> internetGatewayMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"internetgateway\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List internetGatewayList = ec2Client.describeInternetGateways().getInternetGateways(); - - if(!internetGatewayList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Internet Gateway "+ region.getName()+" >> " + internetGatewayList.size()); - internetGatewayMap.put(account+delimiter+region.getName(), internetGatewayList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"internetgateway",e.getMessage()); - } - } - return internetGatewayMap; - } - - /** - * Fetch VPN gateway. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchVPNGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> vpnGatewayMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"vpngateway\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List vpnGatewayList = ec2Client.describeVpnGateways().getVpnGateways(); - - if(!vpnGatewayList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 VPN Gateway "+ region.getName()+" >> " + vpnGatewayList.size()); - vpnGatewayMap.put(account+delimiter+region.getName(), vpnGatewayList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"vpngateway",e.getMessage()); - } - } - return vpnGatewayMap; - } - - /** - * Fetch egress gateway. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchEgressGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> egressGatewayMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"egressgateway\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List egressGatewayList = ec2Client.describeEgressOnlyInternetGateways(new DescribeEgressOnlyInternetGatewaysRequest()).getEgressOnlyInternetGateways(); - - if(!egressGatewayList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Egress Gateway "+ region.getName()+" >> " + egressGatewayList.size()); - egressGatewayMap.put(account+delimiter+region.getName(), egressGatewayList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"egressgateway",e.getMessage()); - } - } - return egressGatewayMap; - } - - /** - * Fetch DHCP options. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchDHCPOptions(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> dhcpOptionsMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"dhcpoption\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List dhcpOptionsList = ec2Client.describeDhcpOptions().getDhcpOptions(); - - if(!dhcpOptionsList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 DHCP Options "+ region.getName()+" >> " + dhcpOptionsList.size()); - dhcpOptionsMap.put(account+delimiter+region.getName(), dhcpOptionsList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"dhcpoption",e.getMessage()); - } - } - return dhcpOptionsMap; - } - - /** - * Fetch peering connections. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchPeeringConnections(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> peeringConnectionMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"peeringconnection\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List peeringConnectionList = ec2Client.describeVpcPeeringConnections().getVpcPeeringConnections(); - - if(!peeringConnectionList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Peering Connections "+ region.getName()+" >> " + peeringConnectionList.size()); - peeringConnectionMap.put(account+delimiter+region.getName(), peeringConnectionList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"peeringconnection",e.getMessage()); - } - } - return peeringConnectionMap; - } - - /** - * Fetch customer gateway. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchCustomerGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> customerGatewayMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"customergateway\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List customerGatewayList = ec2Client.describeCustomerGateways().getCustomerGateways(); - - if(!customerGatewayList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Customer Gateway "+ region.getName()+" >> " + customerGatewayList.size()); - customerGatewayMap.put(account+delimiter+region.getName(), customerGatewayList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"customergateway",e.getMessage()); - } - } - return customerGatewayMap; - } - - /** - * Fetch VPN connections. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchVPNConnections(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> vpnConnectionMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"vpnconnection\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List vpnConnectionsList = ec2Client.describeVpnConnections().getVpnConnections(); - if(!vpnConnectionsList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 VPN Connections"+ region.getName()+" >> " + vpnConnectionsList.size()); - vpnConnectionMap.put(account+delimiter+region.getName(), vpnConnectionsList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"vpnconnection",e.getMessage()); - } - } - return vpnConnectionMap; - } - - /** - * Fetch reserved instances. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchReservedInstances(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> reservedInstancesMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + InventoryConstants.ERROR_PREFIX_EC2 ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List reservedInstancesList = ec2Client.describeReservedInstances().getReservedInstances(); - if(!reservedInstancesList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 Reserved Instances"+ region.getName()+" >> " + reservedInstancesList.size()); - reservedInstancesMap.put(account+delimiter+region.getName(), reservedInstancesList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"reservedinstance",e.getMessage()); - } - } - return reservedInstancesMap; - } - - /** - * Fetch SSM info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchSSMInfo(BasicSessionCredentials temporaryCredentials, String skipRegions, String account) { - - Map> ssmInstanceList = new LinkedHashMap<>(); - - AWSSimpleSystemsManagement ssmClient; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE + account - + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"SSM\" , \"region\":\""; - - List ssmInstanceListTemp ; - - for (Region region : RegionUtils.getRegions()) { - try { - if (!skipRegions.contains(region.getName())) { - ssmInstanceListTemp = new ArrayList<>(); - ssmClient = AWSSimpleSystemsManagementClientBuilder.standard() - .withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)) - .withRegion(region.getName()).build(); - String nextToken = null; - DescribeInstanceInformationResult describeInstanceInfoRslt; - do { - describeInstanceInfoRslt = ssmClient.describeInstanceInformation( - new DescribeInstanceInformationRequest().withNextToken(nextToken)); - nextToken = describeInstanceInfoRslt.getNextToken(); - ssmInstanceListTemp.addAll(describeInstanceInfoRslt - .getInstanceInformationList()); - } while (nextToken != null); - if(! ssmInstanceListTemp.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : SSM "+region.getName() + " >> "+ssmInstanceListTemp.size()); - ssmInstanceList.put(account+delimiter+region.getName(), ssmInstanceListTemp); - } - } - - } catch (Exception e) { - log.warn(expPrefix + region.getName() + InventoryConstants.ERROR_CAUSE + e.getMessage() + "\"}"); - ErrorManageUtil.uploadError(account, region.getName(), "SSM", e.getMessage()); - } - } - return ssmInstanceList; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.ec2.AmazonEC2; +import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; +import com.amazonaws.services.ec2.model.Address; +import com.amazonaws.services.ec2.model.CustomerGateway; +import com.amazonaws.services.ec2.model.DescribeEgressOnlyInternetGatewaysRequest; +import com.amazonaws.services.ec2.model.DhcpOptions; +import com.amazonaws.services.ec2.model.EgressOnlyInternetGateway; +import com.amazonaws.services.ec2.model.InternetGateway; +import com.amazonaws.services.ec2.model.NetworkAcl; +import com.amazonaws.services.ec2.model.ReservedInstances; +import com.amazonaws.services.ec2.model.RouteTable; +import com.amazonaws.services.ec2.model.VpcPeeringConnection; +import com.amazonaws.services.ec2.model.VpnConnection; +import com.amazonaws.services.ec2.model.VpnGateway; +import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement; +import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder; +import com.amazonaws.services.simplesystemsmanagement.model.DescribeInstanceInformationRequest; +import com.amazonaws.services.simplesystemsmanagement.model.DescribeInstanceInformationResult; +import com.amazonaws.services.simplesystemsmanagement.model.InstanceInformation; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; + +/** + * The Class EC2InventoryUtil. + */ +public class EC2InventoryUtil { + + /** + * Instantiates a new EC 2 inventory util. + */ + private EC2InventoryUtil(){ + } + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(EC2InventoryUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + /** + * Fetch route tables. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchRouteTables(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> routeTableMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + InventoryConstants.ERROR_PREFIX_EC2 ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List routeTableList = ec2Client.describeRouteTables().getRouteTables(); + + if(!routeTableList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 Route table "+ region.getName()+" >> " + routeTableList.size()); + routeTableMap.put(accountId+delimiter+accountName+delimiter+region.getName(), routeTableList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"routetable",e.getMessage()); + } + } + return routeTableMap; + } + + /** + * Fetch network ACL. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchNetworkACL(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> networkAclMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + InventoryConstants.ERROR_PREFIX_EC2 ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List networkAclList = ec2Client.describeNetworkAcls().getNetworkAcls(); + + if(!networkAclList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 Network Acl "+ region.getName()+" >> " + networkAclList.size()); + networkAclMap.put(accountId+delimiter+accountName+delimiter+region.getName(), networkAclList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"networkacl",e.getMessage()); + } + } + return networkAclMap; + } + + /** + * Fetch elastic IP addresses. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchElasticIPAddresses(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> elasticIPMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + InventoryConstants.ERROR_PREFIX_EC2 ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List
    elasticIPList = ec2Client.describeAddresses().getAddresses(); + + if(!elasticIPList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 Elastic IP "+ region.getName()+" >> " + elasticIPList.size()); + elasticIPMap.put(accountId+delimiter+accountName+delimiter+region.getName(), elasticIPList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"elasticip",e.getMessage()); + } + } + return elasticIPMap; + } + + /** + * Fetch internet gateway. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchInternetGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> internetGatewayMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"internetgateway\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List internetGatewayList = ec2Client.describeInternetGateways().getInternetGateways(); + + if(!internetGatewayList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 Internet Gateway "+ region.getName()+" >> " + internetGatewayList.size()); + internetGatewayMap.put(accountId+delimiter+accountName+delimiter+region.getName(), internetGatewayList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"internetgateway",e.getMessage()); + } + } + return internetGatewayMap; + } + + /** + * Fetch VPN gateway. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchVPNGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> vpnGatewayMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"vpngateway\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List vpnGatewayList = ec2Client.describeVpnGateways().getVpnGateways(); + + if(!vpnGatewayList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 VPN Gateway "+ region.getName()+" >> " + vpnGatewayList.size()); + vpnGatewayMap.put(accountId+delimiter+accountName+delimiter+region.getName(), vpnGatewayList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"vpngateway",e.getMessage()); + } + } + return vpnGatewayMap; + } + + /** + * Fetch egress gateway. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchEgressGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> egressGatewayMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"egressgateway\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List egressGatewayList = ec2Client.describeEgressOnlyInternetGateways(new DescribeEgressOnlyInternetGatewaysRequest()).getEgressOnlyInternetGateways(); + + if(!egressGatewayList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 Egress Gateway "+ region.getName()+" >> " + egressGatewayList.size()); + egressGatewayMap.put(accountId+delimiter+accountName+delimiter+region.getName(), egressGatewayList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"egressgateway",e.getMessage()); + } + } + return egressGatewayMap; + } + + /** + * Fetch DHCP options. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchDHCPOptions(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> dhcpOptionsMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"dhcpoption\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List dhcpOptionsList = ec2Client.describeDhcpOptions().getDhcpOptions(); + + if(!dhcpOptionsList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 DHCP Options "+ region.getName()+" >> " + dhcpOptionsList.size()); + dhcpOptionsMap.put(accountId+delimiter+accountName+delimiter+region.getName(), dhcpOptionsList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"dhcpoption",e.getMessage()); + } + } + return dhcpOptionsMap; + } + + /** + * Fetch peering connections. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchPeeringConnections(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> peeringConnectionMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"peeringconnection\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List peeringConnectionList = ec2Client.describeVpcPeeringConnections().getVpcPeeringConnections(); + + if(!peeringConnectionList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 Peering Connections "+ region.getName()+" >> " + peeringConnectionList.size()); + peeringConnectionMap.put(accountId+delimiter+accountName+delimiter+region.getName(), peeringConnectionList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"peeringconnection",e.getMessage()); + } + } + return peeringConnectionMap; + } + + /** + * Fetch customer gateway. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchCustomerGateway(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> customerGatewayMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"customergateway\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List customerGatewayList = ec2Client.describeCustomerGateways().getCustomerGateways(); + + if(!customerGatewayList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 Customer Gateway "+ region.getName()+" >> " + customerGatewayList.size()); + customerGatewayMap.put(accountId+delimiter+accountName+delimiter+region.getName(), customerGatewayList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"customergateway",e.getMessage()); + } + } + return customerGatewayMap; + } + + /** + * Fetch VPN connections. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchVPNConnections(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> vpnConnectionMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"vpnconnection\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List vpnConnectionsList = ec2Client.describeVpnConnections().getVpnConnections(); + if(!vpnConnectionsList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 VPN Connections"+ region.getName()+" >> " + vpnConnectionsList.size()); + vpnConnectionMap.put(accountId+delimiter+accountName+delimiter+region.getName(), vpnConnectionsList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"vpnconnection",e.getMessage()); + } + } + return vpnConnectionMap; + } + + /** + * Fetch reserved instances. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchReservedInstances(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> reservedInstancesMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + InventoryConstants.ERROR_PREFIX_EC2 ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List reservedInstancesList = ec2Client.describeReservedInstances().getReservedInstances(); + if(!reservedInstancesList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : reservedinstance"+ region.getName()+" >> " + reservedInstancesList.size()); + reservedInstancesMap.put(accountId+delimiter+accountName+delimiter+region.getName(), reservedInstancesList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"reservedinstance",e.getMessage()); + } + } + return reservedInstancesMap; + } + + /** + * Fetch SSM info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchSSMInfo(BasicSessionCredentials temporaryCredentials, String skipRegions, String accountId,String accountName) { + + Map> ssmInstanceList = new LinkedHashMap<>(); + + AWSSimpleSystemsManagement ssmClient; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE + accountId + + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"SSM\" , \"region\":\""; + + List ssmInstanceListTemp ; + + for (Region region : RegionUtils.getRegions()) { + try { + if (!skipRegions.contains(region.getName())) { + ssmInstanceListTemp = new ArrayList<>(); + ssmClient = AWSSimpleSystemsManagementClientBuilder.standard() + .withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)) + .withRegion(region.getName()).build(); + String nextToken = null; + DescribeInstanceInformationResult describeInstanceInfoRslt; + do { + describeInstanceInfoRslt = ssmClient.describeInstanceInformation( + new DescribeInstanceInformationRequest().withNextToken(nextToken)); + nextToken = describeInstanceInfoRslt.getNextToken(); + ssmInstanceListTemp.addAll(describeInstanceInfoRslt + .getInstanceInformationList()); + } while (nextToken != null); + if(! ssmInstanceListTemp.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : SSM "+region.getName() + " >> "+ssmInstanceListTemp.size()); + ssmInstanceList.put(accountId+delimiter+accountName+delimiter+region.getName(), ssmInstanceListTemp); + } + } + + } catch (Exception e) { + log.warn(expPrefix + region.getName() + InventoryConstants.ERROR_CAUSE + e.getMessage() + "\"}"); + ErrorManageUtil.uploadError(accountId, region.getName(), "SSM", e.getMessage()); + } + } + return ssmInstanceList; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtil.java index dee42c0e6..4f6f5be6d 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtil.java @@ -1,117 +1,117 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.elasticsearch.AWSElasticsearch; -import com.amazonaws.services.elasticsearch.AWSElasticsearchClientBuilder; -import com.amazonaws.services.elasticsearch.model.DescribeElasticsearchDomainsRequest; -import com.amazonaws.services.elasticsearch.model.DescribeElasticsearchDomainsResult; -import com.amazonaws.services.elasticsearch.model.DomainInfo; -import com.amazonaws.services.elasticsearch.model.ElasticsearchDomainStatus; -import com.amazonaws.services.elasticsearch.model.ListDomainNamesRequest; -import com.amazonaws.services.elasticsearch.model.ListDomainNamesResult; -import com.amazonaws.services.elasticsearch.model.ListTagsRequest; -import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; -import com.tmobile.cso.pacman.inventory.file.FileGenerator; -import com.tmobile.cso.pacman.inventory.vo.ElasticsearchDomainVH; - -/** - * The Class ESInventoryUtil. - */ -public class ESInventoryUtil { - - /** The log. */ - private static Logger log = LogManager.getLogger(ESInventoryUtil.class); - - /** The delimiter. */ - private static String delimiter = FileGenerator.DELIMITER; - - /** - * Instantiates a new ES inventory util. - */ - private ESInventoryUtil(){ - } - - /** - * Fetch ES info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchESInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> esDomainMap = new LinkedHashMap<>(); - AWSElasticsearch awsEsClient ; - String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"elasticsearch\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ //!skipRegions - awsEsClient = AWSElasticsearchClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List elasticSearchDomains = new ArrayList<>(); - DescribeElasticsearchDomainsResult describeResult ; - ListDomainNamesResult listReuslt = awsEsClient.listDomainNames(new ListDomainNamesRequest()); - List domains = new ArrayList<>(); - for(DomainInfo domain: listReuslt.getDomainNames()){ - domains.add(domain.getDomainName()); - } - - DescribeElasticsearchDomainsRequest describeElasticsearchDomainsRequest ; - int i =0; - List domainsTemp = new ArrayList<>(); - for(String domain : domains){ - domainsTemp.add(domain); - i++; - if(i%5 == 0 || i==domains.size()){ - describeElasticsearchDomainsRequest = new DescribeElasticsearchDomainsRequest(); - describeElasticsearchDomainsRequest.setDomainNames(domainsTemp); - describeResult = awsEsClient.describeElasticsearchDomains(describeElasticsearchDomainsRequest); - for( ElasticsearchDomainStatus domaininfo : describeResult.getDomainStatusList()){ - ElasticsearchDomainVH elasticsearchDomainVH = new ElasticsearchDomainVH(); - elasticsearchDomainVH.setElasticsearchDomainStatus(domaininfo); - elasticsearchDomainVH.setTags(awsEsClient.listTags(new ListTagsRequest().withARN(domaininfo.getARN())).getTagList()); - elasticSearchDomains.add(elasticsearchDomainVH); - } - domainsTemp = new ArrayList<>(); - } - } - - if(!elasticSearchDomains.isEmpty() ) { - log.debug("Account : " + account + " Type : ES Domain "+ region.getName()+" >> " + elasticSearchDomains.size()); - esDomainMap.put(account+delimiter+region.getName(), elasticSearchDomains); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"elasticsearch",e.getMessage()); - } - } - return esDomainMap; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.elasticsearch.AWSElasticsearch; +import com.amazonaws.services.elasticsearch.AWSElasticsearchClientBuilder; +import com.amazonaws.services.elasticsearch.model.DescribeElasticsearchDomainsRequest; +import com.amazonaws.services.elasticsearch.model.DescribeElasticsearchDomainsResult; +import com.amazonaws.services.elasticsearch.model.DomainInfo; +import com.amazonaws.services.elasticsearch.model.ElasticsearchDomainStatus; +import com.amazonaws.services.elasticsearch.model.ListDomainNamesRequest; +import com.amazonaws.services.elasticsearch.model.ListDomainNamesResult; +import com.amazonaws.services.elasticsearch.model.ListTagsRequest; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; +import com.tmobile.cso.pacman.inventory.vo.ElasticsearchDomainVH; + +/** + * The Class ESInventoryUtil. + */ +public class ESInventoryUtil { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(ESInventoryUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + /** + * Instantiates a new ES inventory util. + */ + private ESInventoryUtil(){ + } + + /** + * Fetch ES info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchESInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> esDomainMap = new LinkedHashMap<>(); + AWSElasticsearch awsEsClient ; + String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"accountId\": \""+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"elasticsearch\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ //!skipRegions + awsEsClient = AWSElasticsearchClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List elasticSearchDomains = new ArrayList<>(); + DescribeElasticsearchDomainsResult describeResult ; + ListDomainNamesResult listReuslt = awsEsClient.listDomainNames(new ListDomainNamesRequest()); + List domains = new ArrayList<>(); + for(DomainInfo domain: listReuslt.getDomainNames()){ + domains.add(domain.getDomainName()); + } + + DescribeElasticsearchDomainsRequest describeElasticsearchDomainsRequest ; + int i =0; + List domainsTemp = new ArrayList<>(); + for(String domain : domains){ + domainsTemp.add(domain); + i++; + if(i%5 == 0 || i==domains.size()){ + describeElasticsearchDomainsRequest = new DescribeElasticsearchDomainsRequest(); + describeElasticsearchDomainsRequest.setDomainNames(domainsTemp); + describeResult = awsEsClient.describeElasticsearchDomains(describeElasticsearchDomainsRequest); + for( ElasticsearchDomainStatus domaininfo : describeResult.getDomainStatusList()){ + ElasticsearchDomainVH elasticsearchDomainVH = new ElasticsearchDomainVH(); + elasticsearchDomainVH.setElasticsearchDomainStatus(domaininfo); + elasticsearchDomainVH.setTags(awsEsClient.listTags(new ListTagsRequest().withARN(domaininfo.getARN())).getTagList()); + elasticSearchDomains.add(elasticsearchDomainVH); + } + domainsTemp = new ArrayList<>(); + } + } + + if(!elasticSearchDomains.isEmpty() ) { + log.debug("Account : " + accountId + " Type : ES Domain "+ region.getName()+" >> " + elasticSearchDomains.size()); + esDomainMap.put(accountId+delimiter+accountName+delimiter+region.getName(), elasticSearchDomains); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"elasticsearch",e.getMessage()); + } + } + return esDomainMap; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ElastiCacheUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ElastiCacheUtil.java index bd6525435..f6cea117a 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ElastiCacheUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/ElastiCacheUtil.java @@ -1,182 +1,237 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.elasticache.AmazonElastiCache; -import com.amazonaws.services.elasticache.AmazonElastiCacheClientBuilder; -import com.amazonaws.services.elasticache.model.CacheCluster; -import com.amazonaws.services.elasticache.model.CacheNode; -import com.amazonaws.services.elasticache.model.DescribeCacheClustersRequest; -import com.amazonaws.services.elasticache.model.DescribeCacheClustersResult; -import com.amazonaws.services.elasticache.model.DescribeReplicationGroupsRequest; -import com.amazonaws.services.elasticache.model.DescribeReplicationGroupsResult; -import com.amazonaws.services.elasticache.model.Endpoint; -import com.amazonaws.services.elasticache.model.ReplicationGroup; -import com.tmobile.cso.pacman.inventory.InventoryConstants; -import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; -import com.tmobile.cso.pacman.inventory.file.FileGenerator; -import com.tmobile.cso.pacman.inventory.vo.ElastiCacheVH; - -/** - * The Class ElastiCacheUtil. - */ -public class ElastiCacheUtil { - - /** The log. */ - private static Logger log = LogManager.getLogger(ElastiCacheUtil.class); - - /** The delimiter. */ - private static String delimiter = FileGenerator.DELIMITER; - - /** - * Fetch elasti cache info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchElastiCacheInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - - Map> elastiCache = new LinkedHashMap<>(); - - - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource \" ,\"type\": \"ElastiCache\"" ; - String arnTemplate = "arn:aws:elasticache:%s:%s:cluster:%s"; - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - - List cacheClusterList = new ArrayList<>(); - AmazonElastiCache amazonElastiCache = AmazonElastiCacheClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - - String marker = null; - DescribeCacheClustersResult describeResult ; - DescribeCacheClustersRequest rqst; - - do{ - rqst =new DescribeCacheClustersRequest().withMarker(marker); - rqst.setShowCacheNodeInfo(true); - describeResult = amazonElastiCache.describeCacheClusters(rqst); - cacheClusterList.addAll(describeResult.getCacheClusters()); - marker = describeResult.getMarker(); - - }while(marker!=null); - - - List replicationGroupList = new ArrayList<>(); - marker = null; - DescribeReplicationGroupsResult describeRGResult ; - DescribeReplicationGroupsRequest rgRqst; - - do{ - rgRqst = new DescribeReplicationGroupsRequest().withMarker(marker); - describeRGResult = amazonElastiCache.describeReplicationGroups(rgRqst); - replicationGroupList.addAll(describeRGResult.getReplicationGroups()); - marker = describeResult.getMarker(); - - }while(marker!=null); - - - List elasticacheList = populateVH(cacheClusterList,replicationGroupList); - - for(ElastiCacheVH cacheVH :elasticacheList){ - cacheVH.setArn(String.format(arnTemplate, region.getName(),account,cacheVH.getClusterName())); - cacheVH.setTags(amazonElastiCache.listTagsForResource(new com.amazonaws.services.elasticache.model.ListTagsForResourceRequest(). - withResourceName(String.format(arnTemplate, region.getName(),account,cacheVH.getCluster().getCacheClusterId() ))).getTagList()); - } - - if(!elasticacheList.isEmpty()) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : ElastiCache "+region.getName() + " >> "+elasticacheList.size()); - elastiCache.put(account+delimiter+region.getName(), elasticacheList); - } - } - }catch(Exception e){ - e.printStackTrace(); - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,"","elastiCache",e.getMessage()); - } - } - return elastiCache; - } - - - /** - * Populate VH. - * - * @param cacheClusterList the cache cluster list - * @param replicationGroupList the replication group list - * @return the list - */ - private static List populateVH(List cacheClusterList,List replicationGroupList ){ - - List elasticacheList = new ArrayList<>(); - - Map> cacheMap = cacheClusterList.stream().collect(Collectors.groupingBy(cluster-> cluster.getReplicationGroupId()!=null?cluster.getReplicationGroupId():cluster.getCacheClusterId())); - Map replGrpMap = replicationGroupList.stream().collect(Collectors.toMap(rplGrp -> rplGrp.getReplicationGroupId(),rplGrp->rplGrp)); - - cacheMap.forEach((k,v)->{ - String clusterName = k; - ElastiCacheVH elastiCacheVH = new ElastiCacheVH(); - elastiCacheVH.setClusterName(clusterName); - elastiCacheVH.setAvailabilityZones(v.stream().map(CacheCluster::getPreferredAvailabilityZone).collect(Collectors.toSet()).stream().collect(Collectors.joining(","))); - - CacheCluster cluster = v.get(0); - elastiCacheVH.setSecurityGroups(cluster.getSecurityGroups().stream().map(sg -> sg.getSecurityGroupId()+"("+sg.getStatus()+")").collect(Collectors.joining(","))); - elastiCacheVH.setParameterGroup(cluster.getCacheParameterGroup().getCacheParameterGroupName()+"("+cluster.getCacheParameterGroup().getParameterApplyStatus()+")"); - elastiCacheVH.setCluster(cluster); - String engine = cluster.getEngine(); - - if("memcached".equalsIgnoreCase(engine)){ - elastiCacheVH.setNoOfNodes(cluster.getNumCacheNodes()); - elastiCacheVH.setPrimaryOrConfigEndpoint(cluster.getConfigurationEndpoint().getAddress()+":"+cluster.getConfigurationEndpoint().getPort()); - }else{ - ReplicationGroup rplGrp = replGrpMap.get(clusterName); - Endpoint endPoint ; - if(rplGrp!=null){ - elastiCacheVH.setDescription(rplGrp.getDescription()); - elastiCacheVH.setNoOfNodes(rplGrp.getMemberClusters().size()); - endPoint = rplGrp.getConfigurationEndpoint(); - if(endPoint==null){ - endPoint = rplGrp.getNodeGroups().stream().filter(obj->obj.getPrimaryEndpoint()!=null).map(obj-> obj.getPrimaryEndpoint()).findAny().get(); - } - }else{ - elastiCacheVH.setNoOfNodes(cluster.getNumCacheNodes()); - endPoint = cluster.getCacheNodes().stream().map(CacheNode::getEndpoint).findAny().get(); - } - elastiCacheVH.setPrimaryOrConfigEndpoint(endPoint.getAddress().replaceAll(cluster.getCacheClusterId(), clusterName)+":"+endPoint.getPort()); - } - - elasticacheList.add(elastiCacheVH); - - }); - return elasticacheList; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.elasticache.AmazonElastiCache; +import com.amazonaws.services.elasticache.AmazonElastiCacheClientBuilder; +import com.amazonaws.services.elasticache.model.CacheCluster; +import com.amazonaws.services.elasticache.model.CacheNode; +import com.amazonaws.services.elasticache.model.CacheSubnetGroup; +import com.amazonaws.services.elasticache.model.DescribeCacheClustersRequest; +import com.amazonaws.services.elasticache.model.DescribeCacheClustersResult; +import com.amazonaws.services.elasticache.model.DescribeCacheSubnetGroupsRequest; +import com.amazonaws.services.elasticache.model.DescribeReplicationGroupsRequest; +import com.amazonaws.services.elasticache.model.DescribeReplicationGroupsResult; +import com.amazonaws.services.elasticache.model.Endpoint; +import com.amazonaws.services.elasticache.model.ReplicationGroup; +import com.amazonaws.services.elasticache.model.Subnet; +import com.amazonaws.services.elasticache.model.Tag; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; +import com.tmobile.cso.pacman.inventory.vo.ElastiCacheNodeVH; +import com.tmobile.cso.pacman.inventory.vo.ElastiCacheVH; + +/** + * The Class ElastiCacheUtil. + */ +public class ElastiCacheUtil { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(ElastiCacheUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + /** + * Fetch elasti cache info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchElastiCacheInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> elastiCache = new LinkedHashMap<>(); + + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource \" ,\"type\": \"ElastiCache\"" ; + String arnTemplate = "arn:aws:elasticache:%s:%s:cluster:%s"; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + + List cacheClusterList = new ArrayList<>(); + AmazonElastiCache amazonElastiCache = AmazonElastiCacheClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + + String marker = null; + DescribeCacheClustersResult describeResult ; + DescribeCacheClustersRequest rqst; + + do{ + rqst =new DescribeCacheClustersRequest().withMarker(marker); + rqst.setShowCacheNodeInfo(true); + describeResult = amazonElastiCache.describeCacheClusters(rqst); + cacheClusterList.addAll(describeResult.getCacheClusters()); + marker = describeResult.getMarker(); + + }while(marker!=null); + + + List replicationGroupList = new ArrayList<>(); + marker = null; + DescribeReplicationGroupsResult describeRGResult ; + DescribeReplicationGroupsRequest rgRqst; + + do{ + rgRqst = new DescribeReplicationGroupsRequest().withMarker(marker); + describeRGResult = amazonElastiCache.describeReplicationGroups(rgRqst); + replicationGroupList.addAll(describeRGResult.getReplicationGroups()); + marker = describeResult.getMarker(); + + }while(marker!=null); + + Map> cacheMap = cacheClusterList.stream().collect(Collectors.groupingBy(cluster-> cluster.getReplicationGroupId()!=null?cluster.getReplicationGroupId():cluster.getCacheClusterId())); + Map replGrpMap = replicationGroupList.stream().collect(Collectors.toMap(rplGrp -> rplGrp.getReplicationGroupId(),rplGrp->rplGrp)); + + + List elasticacheList = populateVH(cacheMap,replGrpMap); + + String engine; + String arn ; + for(ElastiCacheVH cacheVH :elasticacheList){ + engine = cacheVH.getCluster().getEngine(); + arn = String.format(arnTemplate, region.getName(),accountId,cacheVH.getCluster().getCacheClusterId()); + cacheVH.setArn(String.format(arnTemplate, region.getName(),accountId,cacheVH.getClusterName())); + + if("memcached".equalsIgnoreCase(engine)){ + cacheVH.setTags(amazonElastiCache.listTagsForResource(new com.amazonaws.services.elasticache.model.ListTagsForResourceRequest(). + withResourceName(arn)).getTagList()); + } + List subnetGroups = amazonElastiCache.describeCacheSubnetGroups( new DescribeCacheSubnetGroupsRequest().withCacheSubnetGroupName(cacheVH.getCluster().getCacheSubnetGroupName())).getCacheSubnetGroups(); + subnetGroups.forEach(cacheGroup-> { + cacheVH.setVpc(cacheGroup.getVpcId()); + cacheVH.setSubnets(cacheGroup.getSubnets().stream().map(Subnet::getSubnetIdentifier).collect(Collectors.toList())); + }); + + List nodeDetails = getNodeDetails(cacheMap,replGrpMap,accountId, arnTemplate, region, + amazonElastiCache, cacheVH); + cacheVH.setNodes(nodeDetails); + } + + if(!elasticacheList.isEmpty()) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : ElastiCache "+region.getName() + " >> "+elasticacheList.size()); + elastiCache.put(accountId+delimiter+accountName+delimiter+region.getName(), elasticacheList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,"","elastiCache",e.getMessage()); + } + } + return elastiCache; + } + + + private static List getNodeDetails(Map> cacheClusterMap,Map replGroupMap ,String accountId, String arnTemplate, Region region, + AmazonElastiCache amazonElastiCache, ElastiCacheVH cacheVH) { + + List nodeDetails = new ArrayList<>(); + String clusterName = cacheVH.getClusterName(); + String engine = cacheVH.getCluster().getEngine(); + List cacheClusters = cacheClusterMap.get(clusterName); + cacheClusters.forEach(cacheCluster -> { + String clusterId = cacheCluster.getCacheClusterId(); + List nodes = cacheCluster.getCacheNodes(); + if(!nodes.isEmpty()){ + for(CacheNode node : nodes){ + ElastiCacheNodeVH nodeVH = new ElastiCacheNodeVH(); + nodeVH.setNode(node); + if("memcached".equalsIgnoreCase(engine)){ + nodeVH.setNodeName(node.getCacheNodeId()); + }else{ + nodeVH.setNodeName(cacheCluster.getCacheClusterId()); + try { + List tags = amazonElastiCache.listTagsForResource(new com.amazonaws.services.elasticache.model.ListTagsForResourceRequest(). + withResourceName(String.format(arnTemplate, region.getName(),accountId,clusterId))).getTagList(); + nodeVH.setTags(tags.stream().map(tag->tag.getKey()+":"+tag.getValue()).collect(Collectors.joining(","))); + } catch (Exception e) { + + } + } + nodeDetails.add(nodeVH); + } + } + }); + + return nodeDetails; + } + + + /** + * Populate VH. + * + * @param cacheClusterList the cache cluster list + * @param replicationGroupList the replication group list + * @return the list + */ + private static List populateVH(Map> cacheMap,Map replGrpMap ){ + + List elasticacheList = new ArrayList<>(); + + cacheMap.forEach((k,v)->{ + String clusterName = k; + ElastiCacheVH elastiCacheVH = new ElastiCacheVH(); + elastiCacheVH.setClusterName(clusterName); + elastiCacheVH.setAvailabilityZones(v.stream().map(CacheCluster::getPreferredAvailabilityZone).collect(Collectors.toSet()).stream().collect(Collectors.joining(","))); + + CacheCluster cluster = v.get(0); + elastiCacheVH.setSecurityGroups(cluster.getSecurityGroups().stream().map(sg -> sg.getSecurityGroupId()+"("+sg.getStatus()+")").collect(Collectors.joining(","))); + elastiCacheVH.setParameterGroup(cluster.getCacheParameterGroup().getCacheParameterGroupName()+"("+cluster.getCacheParameterGroup().getParameterApplyStatus()+")"); + elastiCacheVH.setCluster(cluster); + String engine = cluster.getEngine(); + + if("memcached".equalsIgnoreCase(engine)){ + elastiCacheVH.setNoOfNodes(cluster.getNumCacheNodes()); + elastiCacheVH.setPrimaryOrConfigEndpoint(cluster.getConfigurationEndpoint().getAddress()+":"+cluster.getConfigurationEndpoint().getPort()); + }else{ + ReplicationGroup rplGrp = replGrpMap.get(clusterName); + Endpoint endPoint ; + if(rplGrp!=null){ + elastiCacheVH.setDescription(rplGrp.getDescription()); + elastiCacheVH.setNoOfNodes(rplGrp.getMemberClusters().size()); + endPoint = rplGrp.getConfigurationEndpoint(); + if(endPoint==null){ + endPoint = rplGrp.getNodeGroups().stream().filter(obj->obj.getPrimaryEndpoint()!=null).map(obj-> obj.getPrimaryEndpoint()).findAny().get(); + } + }else{ + elastiCacheVH.setNoOfNodes(cluster.getNumCacheNodes()); + endPoint = cluster.getCacheNodes().stream().map(CacheNode::getEndpoint).findAny().get(); + + } + elastiCacheVH.setPrimaryOrConfigEndpoint(endPoint.getAddress().replaceAll(cluster.getCacheClusterId(), clusterName)+":"+endPoint.getPort()); + } + + elasticacheList.add(elastiCacheVH); + + }); + return elasticacheList; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/InventoryUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/InventoryUtil.java index 37ad03f21..356f29052 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/InventoryUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/InventoryUtil.java @@ -1,1614 +1,1715 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Iterator; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.stream.Collectors; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.springframework.util.CollectionUtils; -import org.springframework.util.StringUtils; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.apigateway.AmazonApiGateway; -import com.amazonaws.services.apigateway.AmazonApiGatewayClientBuilder; -import com.amazonaws.services.apigateway.model.GetRestApisRequest; -import com.amazonaws.services.apigateway.model.GetRestApisResult; -import com.amazonaws.services.apigateway.model.RestApi; -import com.amazonaws.services.autoscaling.AmazonAutoScaling; -import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; -import com.amazonaws.services.autoscaling.model.AutoScalingGroup; -import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsRequest; -import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; -import com.amazonaws.services.cloudformation.AmazonCloudFormation; -import com.amazonaws.services.cloudformation.AmazonCloudFormationClientBuilder; -import com.amazonaws.services.cloudformation.model.DescribeStacksRequest; -import com.amazonaws.services.cloudformation.model.DescribeStacksResult; -import com.amazonaws.services.cloudformation.model.Stack; -import com.amazonaws.services.cloudfront.AmazonCloudFront; -import com.amazonaws.services.cloudfront.AmazonCloudFrontClientBuilder; -import com.amazonaws.services.cloudfront.model.DistributionSummary; -import com.amazonaws.services.cloudfront.model.ListDistributionsRequest; -import com.amazonaws.services.dynamodbv2.AmazonDynamoDB; -import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder; -import com.amazonaws.services.dynamodbv2.model.ListTablesResult; -import com.amazonaws.services.dynamodbv2.model.ListTagsOfResourceRequest; -import com.amazonaws.services.dynamodbv2.model.TableDescription; -import com.amazonaws.services.ec2.AmazonEC2; -import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; -import com.amazonaws.services.ec2.model.DescribeInstancesRequest; -import com.amazonaws.services.ec2.model.DescribeInstancesResult; -import com.amazonaws.services.ec2.model.DescribeNatGatewaysRequest; -import com.amazonaws.services.ec2.model.DescribeNatGatewaysResult; -import com.amazonaws.services.ec2.model.DescribeNetworkInterfacesResult; -import com.amazonaws.services.ec2.model.DescribeSecurityGroupsResult; -import com.amazonaws.services.ec2.model.DescribeSnapshotsRequest; -import com.amazonaws.services.ec2.model.DescribeSubnetsResult; -import com.amazonaws.services.ec2.model.DescribeVolumesResult; -import com.amazonaws.services.ec2.model.DescribeVpcEndpointsRequest; -import com.amazonaws.services.ec2.model.Filter; -import com.amazonaws.services.ec2.model.Instance; -import com.amazonaws.services.ec2.model.NatGateway; -import com.amazonaws.services.ec2.model.NetworkInterface; -import com.amazonaws.services.ec2.model.SecurityGroup; -import com.amazonaws.services.ec2.model.Snapshot; -import com.amazonaws.services.ec2.model.Subnet; -import com.amazonaws.services.ec2.model.Volume; -import com.amazonaws.services.ec2.model.Vpc; -import com.amazonaws.services.ec2.model.VpcEndpoint; -import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalk; -import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalkClientBuilder; -import com.amazonaws.services.elasticbeanstalk.model.ApplicationDescription; -import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentResourcesRequest; -import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentsRequest; -import com.amazonaws.services.elasticbeanstalk.model.EnvironmentDescription; -import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystem; -import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystemClientBuilder; -import com.amazonaws.services.elasticfilesystem.model.DescribeFileSystemsRequest; -import com.amazonaws.services.elasticfilesystem.model.DescribeFileSystemsResult; -import com.amazonaws.services.elasticfilesystem.model.DescribeTagsRequest; -import com.amazonaws.services.elasticfilesystem.model.FileSystemDescription; -import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancing; -import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancingClientBuilder; -import com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersRequest; -import com.amazonaws.services.elasticloadbalancing.model.LoadBalancerDescription; -import com.amazonaws.services.elasticloadbalancing.model.TagDescription; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeLoadBalancersResult; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetGroupsRequest; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetGroupsResult; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetHealthRequest; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetHealthResult; -import com.amazonaws.services.elasticloadbalancingv2.model.LoadBalancer; -import com.amazonaws.services.elasticloadbalancingv2.model.TargetGroup; -import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduce; -import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduceClientBuilder; -import com.amazonaws.services.elasticmapreduce.model.Cluster; -import com.amazonaws.services.elasticmapreduce.model.ClusterSummary; -import com.amazonaws.services.elasticmapreduce.model.DescribeClusterRequest; -import com.amazonaws.services.elasticmapreduce.model.DescribeClusterResult; -import com.amazonaws.services.elasticmapreduce.model.ListClustersRequest; -import com.amazonaws.services.elasticmapreduce.model.ListClustersResult; -import com.amazonaws.services.health.AWSHealth; -import com.amazonaws.services.health.AWSHealthClientBuilder; -import com.amazonaws.services.health.model.AffectedEntity; -import com.amazonaws.services.health.model.DescribeAffectedEntitiesRequest; -import com.amazonaws.services.health.model.DescribeAffectedEntitiesResult; -import com.amazonaws.services.health.model.DescribeEventDetailsRequest; -import com.amazonaws.services.health.model.DescribeEventsRequest; -import com.amazonaws.services.health.model.DescribeEventsResult; -import com.amazonaws.services.health.model.EntityFilter; -import com.amazonaws.services.health.model.Event; -import com.amazonaws.services.health.model.EventDetails; -import com.amazonaws.services.identitymanagement.AmazonIdentityManagement; -import com.amazonaws.services.identitymanagement.AmazonIdentityManagementClientBuilder; -import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata; -import com.amazonaws.services.identitymanagement.model.GetAccessKeyLastUsedRequest; -import com.amazonaws.services.identitymanagement.model.GetAccessKeyLastUsedResult; -import com.amazonaws.services.identitymanagement.model.GetLoginProfileRequest; -import com.amazonaws.services.identitymanagement.model.Group; -import com.amazonaws.services.identitymanagement.model.ListAccessKeysRequest; -import com.amazonaws.services.identitymanagement.model.ListGroupsForUserRequest; -import com.amazonaws.services.identitymanagement.model.ListMFADevicesRequest; -import com.amazonaws.services.identitymanagement.model.ListRolesRequest; -import com.amazonaws.services.identitymanagement.model.ListRolesResult; -import com.amazonaws.services.identitymanagement.model.ListUsersRequest; -import com.amazonaws.services.identitymanagement.model.ListUsersResult; -import com.amazonaws.services.identitymanagement.model.LoginProfile; -import com.amazonaws.services.identitymanagement.model.Role; -import com.amazonaws.services.identitymanagement.model.User; -import com.amazonaws.services.kms.AWSKMS; -import com.amazonaws.services.kms.AWSKMSClientBuilder; -import com.amazonaws.services.kms.model.AliasListEntry; -import com.amazonaws.services.kms.model.DescribeKeyRequest; -import com.amazonaws.services.kms.model.DescribeKeyResult; -import com.amazonaws.services.kms.model.GetKeyRotationStatusRequest; -import com.amazonaws.services.kms.model.KeyListEntry; -import com.amazonaws.services.kms.model.ListResourceTagsRequest; -import com.amazonaws.services.lambda.AWSLambda; -import com.amazonaws.services.lambda.AWSLambdaClientBuilder; -import com.amazonaws.services.lambda.model.FunctionConfiguration; -import com.amazonaws.services.lambda.model.ListFunctionsRequest; -import com.amazonaws.services.lambda.model.ListFunctionsResult; -import com.amazonaws.services.lambda.model.ListTagsRequest; -import com.amazonaws.services.rds.AmazonRDS; -import com.amazonaws.services.rds.AmazonRDSClientBuilder; -import com.amazonaws.services.rds.model.DBCluster; -import com.amazonaws.services.rds.model.DBInstance; -import com.amazonaws.services.rds.model.DBSnapshot; -import com.amazonaws.services.rds.model.DescribeDBClustersRequest; -import com.amazonaws.services.rds.model.DescribeDBClustersResult; -import com.amazonaws.services.rds.model.DescribeDBInstancesRequest; -import com.amazonaws.services.rds.model.DescribeDBInstancesResult; -import com.amazonaws.services.rds.model.DescribeDBSnapshotsRequest; -import com.amazonaws.services.rds.model.DescribeDBSnapshotsResult; -import com.amazonaws.services.rds.model.ListTagsForResourceRequest; -import com.amazonaws.services.redshift.AmazonRedshift; -import com.amazonaws.services.redshift.AmazonRedshiftClientBuilder; -import com.amazonaws.services.redshift.model.DescribeClustersRequest; -import com.amazonaws.services.redshift.model.DescribeClustersResult; -import com.amazonaws.services.s3.AmazonS3; -import com.amazonaws.services.s3.AmazonS3ClientBuilder; -import com.amazonaws.services.s3.model.AmazonS3Exception; -import com.amazonaws.services.s3.model.Bucket; -import com.amazonaws.services.s3.model.BucketTaggingConfiguration; -import com.amazonaws.services.s3.model.BucketVersioningConfiguration; -import com.amazonaws.services.s3.model.Tag; -import com.amazonaws.services.s3.model.TagSet; -import com.amazonaws.services.support.AWSSupport; -import com.amazonaws.services.support.AWSSupportClientBuilder; -import com.amazonaws.services.support.model.DescribeTrustedAdvisorCheckResultRequest; -import com.amazonaws.services.support.model.DescribeTrustedAdvisorCheckResultResult; -import com.amazonaws.services.support.model.DescribeTrustedAdvisorChecksRequest; -import com.amazonaws.services.support.model.DescribeTrustedAdvisorChecksResult; -import com.amazonaws.services.support.model.RefreshTrustedAdvisorCheckRequest; -import com.amazonaws.services.support.model.TrustedAdvisorCheckDescription; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.tmobile.cso.pacman.inventory.InventoryConstants; -import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; -import com.tmobile.cso.pacman.inventory.file.FileGenerator; -import com.tmobile.cso.pacman.inventory.vo.AccessKeyMetadataVH; -import com.tmobile.cso.pacman.inventory.vo.BucketVH; -import com.tmobile.cso.pacman.inventory.vo.CheckVH; -import com.tmobile.cso.pacman.inventory.vo.ClassicELBVH; -import com.tmobile.cso.pacman.inventory.vo.CloudFrontVH; -import com.tmobile.cso.pacman.inventory.vo.DBClusterVH; -import com.tmobile.cso.pacman.inventory.vo.DBInstanceVH; -import com.tmobile.cso.pacman.inventory.vo.DynamoVH; -import com.tmobile.cso.pacman.inventory.vo.EbsVH; -import com.tmobile.cso.pacman.inventory.vo.EfsVH; -import com.tmobile.cso.pacman.inventory.vo.KMSKeyVH; -import com.tmobile.cso.pacman.inventory.vo.LambdaVH; -import com.tmobile.cso.pacman.inventory.vo.LoadBalancerVH; -import com.tmobile.cso.pacman.inventory.vo.PhdVH; -import com.tmobile.cso.pacman.inventory.vo.Resource; -import com.tmobile.cso.pacman.inventory.vo.TargetGroupVH; -import com.tmobile.cso.pacman.inventory.vo.UserVH; -import com.tmobile.cso.pacman.inventory.vo.VpcEndPointVH; -import com.tmobile.cso.pacman.inventory.vo.VpcVH; - -/** - * The Class InventoryUtil. - */ -public class InventoryUtil { - - /** The log. */ - private static Logger log = LogManager.getLogger(InventoryUtil.class); - - /** The delimiter. */ - private static String delimiter = FileGenerator.DELIMITER; - - /** The asg max record. */ - private static int asgMaxRecord = 100; - - /** - * Instantiates a new inventory util. - */ - private InventoryUtil(){ - } - - - /** - * Fetch instances. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchInstances(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> instanceMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"EC2\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List instanceList = new ArrayList<>(); - DescribeInstancesResult descInstResult ; - String nextToken = null; - do{ - descInstResult = ec2Client.describeInstances(new DescribeInstancesRequest().withNextToken(nextToken)); - descInstResult.getReservations().forEach( - reservation -> instanceList.addAll(reservation.getInstances())); - nextToken = descInstResult.getNextToken(); - }while(nextToken!=null); - - if(!instanceList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EC2 "+ region.getName()+" >> " + instanceList.size()); - instanceMap.put(account+delimiter+region.getName(), instanceList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"ec2",e.getMessage()); - } - } - return instanceMap; - } - - /** - * Fetch network intefaces. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchNetworkIntefaces(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> niMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Network Interface\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeNetworkInterfacesResult descNIRslt = ec2Client.describeNetworkInterfaces(); - List niList = descNIRslt.getNetworkInterfaces(); - if(!niList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : Network Interface " +region.getName()+" >> " + niList.size()); - niMap.put(account+delimiter+region.getName(),niList); - } - - } - }catch(Exception e){ - log.error("Exception fetching Network Interfaces for "+region.getName() + e); - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"eni",e.getMessage()); - } - } - return niMap; - } - - /** - * Fetch security groups. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchSecurityGroups(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> secGrpList = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Security Group\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeSecurityGroupsResult rslt = ec2Client.describeSecurityGroups(); - List secGrpListTemp = rslt.getSecurityGroups(); - if( !secGrpListTemp.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : Security Group "+region.getName()+" >> " + secGrpListTemp.size()); - secGrpList.put(account+delimiter+region.getName(),secGrpListTemp); - } - - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"sg",e.getMessage()); - } - } - return secGrpList; - } - - - /** - * Fetch asg. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchAsg(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - AmazonAutoScaling asgClient; - Map> asgList = new LinkedHashMap<>(); - - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"ASG\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - List asgListTemp = new ArrayList<>(); - asgClient = AmazonAutoScalingClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextToken = null; - DescribeAutoScalingGroupsResult describeResult ; - do{ - describeResult = asgClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withNextToken(nextToken).withMaxRecords(asgMaxRecord)); - asgListTemp.addAll(describeResult.getAutoScalingGroups()); - nextToken = describeResult.getNextToken(); - }while(nextToken!=null); - - if(!asgListTemp.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account + " Type : ASG "+region.getName()+" >> " + asgListTemp.size()); - asgList.put(account+delimiter+region.getName(), asgListTemp); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"asg",e.getMessage()); - } - } - return asgList; - } - - /** - * Fetch cloud formation stack. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchCloudFormationStack(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - AmazonCloudFormation cloudFormClient ; - Map> stacks = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Stack\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - List stacksTemp = new ArrayList<>(); - String nextToken = null; - cloudFormClient = AmazonCloudFormationClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeStacksResult describeResult ; - do{ - describeResult = cloudFormClient.describeStacks(new DescribeStacksRequest().withNextToken(nextToken)); - stacksTemp.addAll(describeResult.getStacks()); - nextToken = describeResult.getNextToken(); - }while(nextToken!=null); - - if(! stacksTemp.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : Cloud Formation Stack "+region.getName() + " >> " + stacksTemp.size()); - stacks.put(account+delimiter+region.getName(), stacksTemp); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"stack",e.getMessage()); - } - } - return stacks; - } - - /** - * Fetch dynamo DB tables. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchDynamoDBTables(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - Map> dynamodbtables = new LinkedHashMap<>(); - - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"DynamoDB\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - AmazonDynamoDB awsClient= AmazonDynamoDBClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - ListTablesResult listTableResult = awsClient.listTables(); - List tables = listTableResult.getTableNames(); - List dynamodbtablesTemp = new ArrayList<>(); - tables.parallelStream().forEach(tblName -> { - TableDescription table = awsClient.describeTable(tblName).getTable(); - List tags = awsClient.listTagsOfResource(new ListTagsOfResourceRequest().withResourceArn( table.getTableArn())).getTags(); - synchronized (dynamodbtablesTemp) { - dynamodbtablesTemp.add(new DynamoVH(table,tags)); - } - - }); - if(!dynamodbtablesTemp.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : DynamoDB "+region.getName() + " >> "+dynamodbtablesTemp.size()); - dynamodbtables.put(account+delimiter+region.getName(), dynamodbtablesTemp); - } - - } - }catch(Exception e){ - if(region.isServiceSupported(AmazonDynamoDB.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"dynamodb",e.getMessage()); - } - } - } - return dynamodbtables; - } - - /** - * Fetch EFS info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchEFSInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - AmazonElasticFileSystem efsClient ; - Map> efsMap = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"EFS\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - efsClient = AmazonElasticFileSystemClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List efsListTemp = new ArrayList<>(); - String nextToken = null; - DescribeFileSystemsResult descRslt ; - do{ - descRslt = efsClient.describeFileSystems(new DescribeFileSystemsRequest().withMarker(nextToken)); - efsListTemp.addAll(descRslt.getFileSystems()); - nextToken = descRslt.getNextMarker(); - }while(nextToken!=null); - - List efsList = new ArrayList<>(); - for(FileSystemDescription efs :efsListTemp ){ - efsList.add( new EfsVH(efs, - efsClient.describeTags(new DescribeTagsRequest().withFileSystemId(efs.getFileSystemId())).getTags())); - } - if(! efsList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account + " Type : EFS "+region.getName() + " >> "+efsList.size()); - efsMap.put(account+delimiter+region.getName(), efsList); - } - } - }catch(Exception e){ - if(region.isServiceSupported(AmazonElasticFileSystem.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"efs",e.getMessage()); - } - } - } - return efsMap; - } - - - /** - * Fetch EMR info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchEMRInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> clusterList = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"EMR\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - AmazonElasticMapReduce emrClient = AmazonElasticMapReduceClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List clusters = new ArrayList<>(); - String marker = null; - ListClustersResult clusterResult ; - do{ - clusterResult = emrClient.listClusters(new ListClustersRequest().withMarker(marker)); - clusters.addAll(clusterResult.getClusters()); - marker = clusterResult.getMarker(); - }while(marker!=null); - - List clustersList = new ArrayList<>(); - clusters.forEach(cluster -> - { - DescribeClusterResult descClstrRslt = emrClient.describeCluster(new DescribeClusterRequest().withClusterId(cluster.getId())); - clustersList.add(descClstrRslt.getCluster()); - }); - - if( !clustersList.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : EMR "+region.getName() + " >> "+clustersList.size()); - clusterList.put(account+delimiter+region.getName(),clustersList); - } - } - }catch(Exception e){ - if(region.isServiceSupported(AmazonElasticMapReduce.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"emr",e.getMessage()); - } - } - } - return clusterList; - } - - /** - * Fetch lambda info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchLambdaInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> functions = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Lambda\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - AWSLambda lamdaClient = AWSLambdaClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - ListFunctionsResult listFnRslt ; - List functionsTemp ; - List lambdaList = new ArrayList<>(); - String nextMarker = null; - do{ - listFnRslt = lamdaClient.listFunctions(new ListFunctionsRequest().withMarker(nextMarker)); - functionsTemp = listFnRslt.getFunctions(); - if( !functionsTemp.isEmpty() ) { - functionsTemp.forEach( function -> { - Map tags = lamdaClient.listTags(new ListTagsRequest().withResource(function.getFunctionArn())).getTags(); - LambdaVH lambda = new LambdaVH(function, tags); - lambdaList.add(lambda); - }); - } - nextMarker = listFnRslt.getNextMarker(); - }while(nextMarker!=null); - - if( !lambdaList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : Lambda " +region.getName() + " >> "+lambdaList.size()); - functions.put(account+delimiter+region.getName(),lambdaList); - } - } - }catch(Exception e){ - if(region.isServiceSupported(AWSLambda.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"lambda",e.getMessage()); - } - } - } - return functions ; - } - - /** - * Fetch classic elb info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchClassicElbInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - - Map> elbList = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Classic ELB\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - AmazonElasticLoadBalancing elbClient = AmazonElasticLoadBalancingClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextMarker = null; - List elbListTemp = new ArrayList<>(); - com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersResult elbDescResult ; - do{ - elbDescResult = elbClient.describeLoadBalancers(new DescribeLoadBalancersRequest().withMarker(nextMarker)); - elbListTemp.addAll(elbDescResult.getLoadBalancerDescriptions()); - nextMarker = elbDescResult.getNextMarker(); - }while(nextMarker!=null); - - List classicElbList = new ArrayList<>(); - if( !elbListTemp.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account + " Type : Classic ELB "+region.getName() + " >> "+elbListTemp.size()); - List elbNames = elbListTemp.stream().map(elb -> { return elb.getLoadBalancerName();}).collect(Collectors.toList()); - List tagDescriptions = new ArrayList<>(); - List elbNamesTemp = new ArrayList<>(); - int i=0; - for(String elbName : elbNames){ - i++; - elbNamesTemp.add(elbName); - if(i%20==0){ - tagDescriptions.addAll(elbClient.describeTags( new com.amazonaws.services.elasticloadbalancing.model.DescribeTagsRequest().withLoadBalancerNames(elbNamesTemp)).getTagDescriptions()); - elbNamesTemp = new ArrayList<>(); - } - - } - if(!elbNamesTemp.isEmpty()) - tagDescriptions.addAll(elbClient.describeTags( new com.amazonaws.services.elasticloadbalancing.model.DescribeTagsRequest().withLoadBalancerNames(elbNamesTemp)).getTagDescriptions()); - - elbListTemp.parallelStream().forEach(elb-> { - List> tagsInfo = tagDescriptions.stream().filter(tag -> tag.getLoadBalancerName().equals( elb.getLoadBalancerName())).map(x-> x.getTags()).collect(Collectors.toList()); - List tags = new ArrayList<>(); - if(!tagsInfo.isEmpty()) - tags = tagsInfo.get(0); - classicElbList.add(new ClassicELBVH(elb,tags)); - }); - elbList.put(account+delimiter+region.getName(),classicElbList); - } - - - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"classicelb",e.getMessage()); - } - } - return elbList; - } - - /** - * Fetch elb info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchElbInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient ; - Map> elbMap = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Application ELB\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - elbClient = com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextMarker = null; - DescribeLoadBalancersResult descElbRslt ; - List elbList = new ArrayList<>(); - do{ - descElbRslt = elbClient.describeLoadBalancers(new com.amazonaws.services.elasticloadbalancingv2.model.DescribeLoadBalancersRequest().withMarker(nextMarker)); - elbList.addAll(descElbRslt.getLoadBalancers()); - nextMarker = descElbRslt.getNextMarker(); - }while(nextMarker!=null); - - if(! elbList.isEmpty() ) { - List elbListTemp = new ArrayList<>(); - List elbArns = elbList.stream().map(LoadBalancer::getLoadBalancerArn).collect(Collectors.toList()); - List tagDescriptions = new ArrayList<>(); - int i = 0; - List elbArnsTemp = new ArrayList<>(); - for(String elbArn : elbArns){ - i++; - elbArnsTemp.add(elbArn); - if(i%20 == 0){ - tagDescriptions.addAll(elbClient.describeTags(new com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsRequest().withResourceArns(elbArnsTemp)).getTagDescriptions()); - elbArnsTemp = new ArrayList<>(); - } - - } - if(!elbArnsTemp.isEmpty()) - tagDescriptions.addAll(elbClient.describeTags(new com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsRequest().withResourceArns(elbArnsTemp)).getTagDescriptions()); - - elbList.parallelStream().forEach(elb-> { - List> tagsInfo = tagDescriptions.stream().filter(tag -> tag.getResourceArn().equals( elb.getLoadBalancerArn())).map(x-> x.getTags()).collect(Collectors.toList()); - List tags = new ArrayList<>(); - if(!tagsInfo.isEmpty()) - tags = tagsInfo.get(0); - LoadBalancerVH elbTemp = new LoadBalancerVH(elb,tags); - elbListTemp.add(elbTemp); - }); - - log.debug(InventoryConstants.ACCOUNT + account +" Type : Application ELB " +region.getName() + " >> "+elbListTemp.size()); - elbMap.put(account+delimiter+region.getName(),elbListTemp); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"appelb",e.getMessage()); - } - } - return elbMap; - } - - /** - * Fetch target groups. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchTargetGroups(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient ; - Map> targetGrpMap = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Target Group\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - elbClient = com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.standard(). - withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextMarker = null; - List targetGrpList = new ArrayList<>(); - do{ - DescribeTargetGroupsResult trgtGrpRslt = elbClient.describeTargetGroups(new DescribeTargetGroupsRequest().withMarker(nextMarker)); - List targetGrpListTemp = trgtGrpRslt.getTargetGroups(); - for(TargetGroup tg : targetGrpListTemp) { - DescribeTargetHealthResult rslt = elbClient.describeTargetHealth(new DescribeTargetHealthRequest().withTargetGroupArn(tg.getTargetGroupArn())); - targetGrpList.add(new TargetGroupVH(tg, rslt.getTargetHealthDescriptions())); - } - nextMarker = trgtGrpRslt.getNextMarker(); - }while(nextMarker!=null); - - if( !targetGrpList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : Target Group " +region.getName() + "-"+targetGrpList.size()); - targetGrpMap.put(account+delimiter+region.getName(), targetGrpList); - } - - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"targetgroup",e.getMessage()); - } - } - return targetGrpMap; - } - - /** - * Fetch NAT gateway info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchNATGatewayInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - Map> natGatwayMap = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Nat Gateway\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeNatGatewaysResult rslt = ec2Client.describeNatGateways(new DescribeNatGatewaysRequest()); - List natGatwayList =rslt.getNatGateways(); - if(! natGatwayList.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account + " Type : Nat Gateway "+region.getName() + " >> "+natGatwayList.size()); - natGatwayMap.put(account+delimiter+region.getName(), natGatwayList); - } - - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"nat",e.getMessage()); - } - } - return natGatwayMap; - } - - /** - * Fetch RDS cluster info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchRDSClusterInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - Map> rdsMap = new LinkedHashMap<>(); - AmazonRDS rdsClient ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"RDS Cluster\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - rdsClient = AmazonRDSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeDBClustersResult rslt ; - String nextMarker = null; - List rdsList = new ArrayList<>(); - do{ - rslt = rdsClient.describeDBClusters( new DescribeDBClustersRequest().withMarker(nextMarker)); - List rdsListTemp = rslt.getDBClusters(); - for(DBCluster cluster : rdsListTemp){ - DBClusterVH vh = new DBClusterVH(cluster,rdsClient.listTagsForResource(new ListTagsForResourceRequest(). - withResourceName(cluster.getDBClusterArn())). - getTagList()); - rdsList.add(vh); - } - nextMarker = rslt.getMarker(); - }while(nextMarker!=null); - - if( !rdsList.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : RDS Cluster "+region.getName() + " >> "+rdsList.size()); - rdsMap.put(account+delimiter+region.getName(), rdsList); - } - } - }catch(Exception e){ - if(region.isServiceSupported(AmazonRDS.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"rdscluster",e.getMessage()); - } - } - } - return rdsMap; - } - - /** - * Fetch RDS instance info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchRDSInstanceInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - Map> dbInstMap = new LinkedHashMap<>(); - AmazonRDS rdsClient ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"RDS Instance\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - rdsClient = AmazonRDSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextMarker = null; - DescribeDBInstancesResult rslt; - List dbInstList = new ArrayList<>(); - do{ - rslt = rdsClient.describeDBInstances(new DescribeDBInstancesRequest().withMarker(nextMarker)); - List dbInstListTemp = rslt.getDBInstances(); - for(DBInstance db : dbInstListTemp){ - DBInstanceVH vh = new DBInstanceVH(db, rdsClient.listTagsForResource(new ListTagsForResourceRequest(). - withResourceName(db.getDBInstanceArn())). - getTagList()); - dbInstList.add(vh); - } - nextMarker = rslt.getMarker(); - }while(nextMarker!=null); - - if(! dbInstList.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : RDS Instance" +region.getName() + " >> "+dbInstList.size()); - dbInstMap.put(account+delimiter+region.getName(), dbInstList); - } - } - }catch(Exception e){ - if(region.isServiceSupported(AmazonRDS.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"rdsdb",e.getMessage()); - } - } - } - return dbInstMap; - } - - /** - * Fetch S 3 info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the list - */ - public static List fetchS3Info(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"S3\" , \"Bucket\":\"" ; - AmazonS3 amazonS3Client ; - List buckets = new ArrayList<>(); - /* A region is needed for the client and setting to us-east-1 is causing issues */ - amazonS3Client = AmazonS3ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(InventoryConstants.REGION_US_WEST_2).build(); - List s3buckets = amazonS3Client.listBuckets(); - log.debug(InventoryConstants.ACCOUNT + account +" Type : S3 "+ " >> "+s3buckets.size()); - Map regionS3map = new HashMap<>(); - for(Region region : RegionUtils.getRegions()){ - if(!skipRegions.contains(region.getName())){ - regionS3map.put(region.getName(), AmazonS3ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build()); - } - } - s3buckets.parallelStream().forEach(bucket -> { - String bucketRegion =""; - BucketVersioningConfiguration versionconfig = null; - List tags = new ArrayList<>(); - try{ - String bucketLocation = amazonS3Client.getBucketLocation(bucket.getName()); - bucketRegion = com.amazonaws.services.s3.model.Region.fromValue(bucketLocation).toAWSRegion().getName(); - AmazonS3 s3Client = regionS3map.get(bucketRegion); - versionconfig = s3Client.getBucketVersioningConfiguration(bucket.getName()); - BucketTaggingConfiguration tagConfig = s3Client.getBucketTaggingConfiguration(bucket.getName()); - if(tagConfig!=null){ - List tagSets = tagConfig.getAllTagSets(); - for(TagSet ts : tagSets){ - Map tagsTemp = ts.getAllTags(); - Iterator> it = tagsTemp.entrySet().iterator(); - while(it.hasNext()){ - Entry tag = it.next(); - tags.add(new Tag(tag.getKey(),tag.getValue())); - } - } - } - buckets.add(new BucketVH(bucket,bucketRegion,versionconfig, tags)); - } - catch(AmazonS3Exception e){ - if("AccessDenied".equals(e.getErrorCode())){ - log.info("Access Denied for bucket " + bucket.getName()); - buckets.add(new BucketVH(bucket,"",versionconfig, tags)); - }else{ - log.info(e); - } - } - catch(Exception e){ - log.warn(expPrefix+ bucket.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,"","s3",e.getMessage()); - } - }); - return buckets; - } - - /** - * Fetch subnets. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchSubnets(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - Map> subnets = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Subnet\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeSubnetsResult rslt = ec2Client.describeSubnets(); - List subnetsTemp =rslt.getSubnets(); - if(! subnetsTemp.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : Subnet "+region.getName() + " >> "+subnetsTemp.size()); - subnets.put(account+delimiter+region.getName(),subnetsTemp); - } - - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"subnet",e.getMessage()); - } - } - - return subnets; - } - - /** - * Fetch trusterd advisors checks. - * - * @param temporaryCredentials the temporary credentials - * @param account the account - * @return the list - */ - public static List fetchTrusterdAdvisorsChecks(BasicSessionCredentials temporaryCredentials,String account ) { - List checkList = new ArrayList<>(); - AWSSupport awsSupportClient = AWSSupportClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion("us-east-1").build(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"Trusted Advisor Check\"" ; - List checkids = new ArrayList<>(); - try{ - DescribeTrustedAdvisorChecksResult rslt = awsSupportClient.describeTrustedAdvisorChecks(new DescribeTrustedAdvisorChecksRequest().withLanguage("en")); - List trstdAdvsrList = rslt.getChecks(); - for(TrustedAdvisorCheckDescription check : trstdAdvsrList){ - try{ - checkids.add(check.getId()); - DescribeTrustedAdvisorCheckResultResult result = - awsSupportClient.describeTrustedAdvisorCheckResult(new DescribeTrustedAdvisorCheckResultRequest().withCheckId(check.getId())); - List metadata = check.getMetadata(); - - if(!"OK".equalsIgnoreCase(result.getResult().getStatus())){ - - CheckVH checkVH = new CheckVH(check,result.getResult().getStatus()); - List resources = new ArrayList<>(); - checkVH.setResources(resources); - // TODO : Raise a ticket with AWS to fix this API issue - if( ("ePs02jT06w".equalsIgnoreCase(check.getId()) || "rSs93HQwa1".equalsIgnoreCase(check.getId())) && !result.getResult().getFlaggedResources().isEmpty() ){ - int dataSize = result.getResult().getFlaggedResources().get(0).getMetadata().size() ; - if(dataSize == metadata.size()+1 && !metadata.contains("Status")){ - metadata.add(0, "Status"); - } - } - - result.getResult().getFlaggedResources().forEach( - rsrc -> { - List data = rsrc.getMetadata(); - StringBuilder resounceInfo = new StringBuilder("{"); - if(data.size() == metadata.size() ){ - - for(int i=0;i> fetchRedshiftInfo(BasicSessionCredentials temporaryCredentials,String skipRegions,String account) { - Map> redshiftMap = new LinkedHashMap<>(); - AmazonRedshift redshiftClient ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Redshift\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - redshiftClient = AmazonRedshiftClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextMarker = null; - DescribeClustersResult result; - List redshiftList = new ArrayList<>(); - do{ - result= redshiftClient.describeClusters(new DescribeClustersRequest().withMarker(nextMarker)); - redshiftList.addAll(result.getClusters()); - nextMarker = result.getMarker(); - }while(nextMarker!=null); - - if(!redshiftList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : Redshift " +region.getName() + " >> "+redshiftList.size()); - redshiftMap.put(account+delimiter+region.getName(),redshiftList); - } - - } - - }catch(Exception e){ - if(region.isServiceSupported(AmazonRedshift.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"redshift",e.getMessage()); - } - } - } - return redshiftMap; - } - - /** - * Fetch volumet info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchVolumetInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - Map> volumeList = new LinkedHashMap<>(); - AmazonEC2 ec2Client ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Volume\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeVolumesResult rslt = ec2Client.describeVolumes(); // No need to paginate as all volumes will be returned. - List volumeListTemp = rslt.getVolumes(); - - if( !volumeListTemp.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : Volume "+region.getName() + " >> "+volumeListTemp.size()); - volumeList.put(account+delimiter+region.getName(),volumeListTemp); - } - } - - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"volume",e.getMessage()); - } - } - return volumeList; - } - - /** - * Fetch snapshots. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchSnapshots(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - Map> snapShots = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Snapshot\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - AmazonEC2 ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List snapShotsList = ec2Client.describeSnapshots(new DescribeSnapshotsRequest().withOwnerIds(account)).getSnapshots();// No need to paginate as all results will be returned - if( !snapShotsList.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : Snapshot " +region.getName() + " >> "+snapShotsList.size()); - snapShots.put(account+delimiter+region.getName(),snapShotsList); - } - } - - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"snapshot",e.getMessage()); - } - } - return snapShots; - } - - /** - * Fetch vpc info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - @SuppressWarnings("rawtypes") - public static Map> fetchVpcInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - Map> vpcMap = new LinkedHashMap<>(); - - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Vpc\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - List vpcList = new ArrayList<>(); - AmazonEC2 ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List tmpVpcList = ec2Client.describeVpcs().getVpcs(); - tmpVpcList.stream().forEach(vpc -> { - VpcVH vpcVH = new VpcVH(); - vpcVH.setVpc(vpc); - List vpcEndPoints = ec2Client.describeVpcEndpoints(new DescribeVpcEndpointsRequest().withFilters(new Filter("vpc-id",Arrays.asList(vpc.getVpcId())))).getVpcEndpoints(); - List vpcEndPointsList = new ArrayList<>(); - vpcEndPoints.stream().forEach(vpcEndPoint -> { - VpcEndPointVH vpcEndPointVH = new VpcEndPointVH(vpcEndPoint); - vpcEndPointVH.setPublicAccess(false); - ObjectMapper mapper = new ObjectMapper(); - Map policyDoc = new HashMap<>(); - try { - policyDoc = mapper.readValue(vpcEndPoint.getPolicyDocument(), new TypeReference>(){}); - Map statement = (Map)((ArrayList)policyDoc.get("Statement")).get(0); - if(statement.get("Effect").equals("Allow") && statement.get("Resource").equals("*")) { - vpcEndPointVH.setPublicAccess(true); - } - } catch (Exception e) { - log.error(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - } - vpcEndPointsList.add(vpcEndPointVH); - }); - vpcVH.setVpcEndPoints(vpcEndPointsList); - vpcList.add(vpcVH); - }); - if(!vpcList.isEmpty()) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : VPC "+region.getName() + " >> "+vpcList.size()); - vpcMap.put(account+delimiter+region.getName(),vpcList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"VPC",e.getMessage()); - } - } - return vpcMap; - } - - /** - * Fetch api gateways. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchApiGateways(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - Map> apiGateWays = new LinkedHashMap<>(); - - AmazonApiGateway apiGatWayClient ; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"API\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - apiGatWayClient = AmazonApiGatewayClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List apiGateWaysList = new ArrayList<>(); - String position = null; - GetRestApisResult rslt ; - do{ - rslt = apiGatWayClient.getRestApis(new GetRestApisRequest().withPosition(position)); - apiGateWaysList.addAll(rslt.getItems()); - position = rslt.getPosition(); - }while(position!=null); - - if( !apiGateWaysList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : ApiGateway "+region.getName() + " >> "+apiGateWaysList.size()); - apiGateWays.put(account+delimiter+region.getName(),apiGateWaysList); - } - - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"api",e.getMessage()); - } - } - return apiGateWays; - } - - /** - * Fetch IAM users. - * - * @param temporaryCredentials the temporary credentials - * @param account the account - * @return the map - */ - public static Map> fetchIAMUsers(BasicSessionCredentials temporaryCredentials,String account) { - - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"IAM\"" ; - - AmazonIdentityManagement iamClient = AmazonIdentityManagementClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(InventoryConstants.REGION_US_WEST_2).build(); - String marker = null; - List users = new ArrayList<>(); - ListUsersResult rslt; - do{ - rslt = iamClient.listUsers(new ListUsersRequest().withMarker(marker)); - users.addAll(rslt.getUsers()); - marker = rslt.getMarker(); - }while(marker!=null); - - List userList = new ArrayList<>(); - Map> iamUsers = new HashMap<>(); - iamUsers.put(account, userList); - users.parallelStream().forEach(user -> { - UserVH userTemp = new UserVH(user); - String userName = user.getUserName(); - List accessKeys = iamClient.listAccessKeys(new ListAccessKeysRequest().withUserName(userName)).getAccessKeyMetadata(); - List accessKeysTemp = new ArrayList<>(); - userTemp.setAccessKeys(accessKeysTemp); - try { - if(!CollectionUtils.isEmpty(accessKeys)){ - accessKeys.stream().forEach(accesskeyInfo -> { - GetAccessKeyLastUsedResult accessKeyLastUsedResult = iamClient.getAccessKeyLastUsed(new GetAccessKeyLastUsedRequest().withAccessKeyId(accesskeyInfo.getAccessKeyId())); - AccessKeyMetadataVH accessKeyVH = new AccessKeyMetadataVH(accesskeyInfo); - accessKeysTemp.add(accessKeyVH); - if(accessKeyLastUsedResult != null) { - accessKeyVH.setLastUsedDate(accessKeyLastUsedResult.getAccessKeyLastUsed().getLastUsedDate()); - - } - }); - } - } - catch (Exception e){ - log.warn(expPrefix+ InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,"","IAM",e.getMessage()); - } - - try{ - LoginProfile logProf = iamClient.getLoginProfile(new GetLoginProfileRequest().withUserName(userName)).getLoginProfile(); - userTemp.setPasswordCreationDate(logProf.getCreateDate()); - userTemp.setPasswordResetRequired(logProf.isPasswordResetRequired()); - }catch (Exception e) { - // Ignore as there may not be login profile for all users - } - List groups = iamClient.listGroupsForUser(new ListGroupsForUserRequest().withUserName(userName)).getGroups(); - List groupsList = new ArrayList<>(); - for(Group grp : groups){ - groupsList.add(grp.getGroupName()); - } - userTemp.setGroups(groupsList); - userTemp.setMfa(!iamClient.listMFADevices(new ListMFADevicesRequest().withUserName(userName)).getMFADevices().isEmpty()); - synchronized (userList) { - userList.add(userTemp); - } - }); - log.debug(InventoryConstants.ACCOUNT + account +" Type : IAM User >> "+userList.size()); - return iamUsers; - } - - /** - * Fetch IAM roles. - * - * @param temporaryCredentials the temporary credentials - * @param account the account - * @return the map - */ - public static Map> fetchIAMRoles(BasicSessionCredentials temporaryCredentials,String account) { - - AmazonIdentityManagement iamClient = AmazonIdentityManagementClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(InventoryConstants.REGION_US_WEST_2).build(); - List roles = new ArrayList<>(); - ListRolesResult rslt; - String marker = null; - do{ - rslt = iamClient.listRoles(new ListRolesRequest().withMarker(marker)); - roles.addAll(rslt.getRoles()); - marker = rslt.getMarker(); - }while(marker!=null); - - log.debug(InventoryConstants.ACCOUNT + account +" Type : IAM Roles >> "+roles.size()); - Map> iamRoles = new HashMap<>(); - iamRoles.put(account, roles); - return iamRoles; - } - - /** - * Fetch RDSDB snapshots. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchRDSDBSnapshots(BasicSessionCredentials temporaryCredentials, String skipRegions,String account){ - Map> snapshots = new LinkedHashMap<>(); - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"RDS Snapshot\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()){ - try{ - if(!skipRegions.contains(region.getName())){ - AmazonRDS rdsClient = AmazonRDSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - DescribeDBSnapshotsResult rslt ; - List snapshotsTemp = new ArrayList<>(); - String marker = null; - do{ - rslt = rdsClient.describeDBSnapshots(new DescribeDBSnapshotsRequest().withIncludePublic(false).withIncludeShared(false).withMarker(marker)); - snapshotsTemp.addAll(rslt.getDBSnapshots()); - marker = rslt.getMarker(); - }while(marker!=null); - - if(! snapshotsTemp.isEmpty() ){ - log.debug(InventoryConstants.ACCOUNT + account +" Type : RDS Snapshot" +region.getName() + " >> "+snapshotsTemp.size()); - snapshots.put(account+delimiter+region.getName(), snapshotsTemp); - } - } - - }catch(Exception e){ - if(region.isServiceSupported(AmazonRDS.ENDPOINT_PREFIX)){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"rdssnapshot",e.getMessage()); - } - } - } - return snapshots; - } - - /** - * Fetch KMS keys. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchKMSKeys(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - - Map> kmsKeys = new LinkedHashMap<>(); - AWSKMS awskms; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"KMS\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - awskms = AWSKMSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List regionKeys = awskms.listKeys().getKeys(); - List regionKeyAliases = awskms.listAliases().getAliases(); - if(!regionKeys.isEmpty()) { - List kmsKeysList = new ArrayList<>(); - for(KeyListEntry key : regionKeys) { - KMSKeyVH kmsKey = new KMSKeyVH(); - try { - DescribeKeyResult result = awskms.describeKey(new DescribeKeyRequest().withKeyId(key.getKeyId())); - kmsKey.setKey(result.getKeyMetadata()); - kmsKey.setTags(awskms.listResourceTags(new ListResourceTagsRequest().withKeyId(key.getKeyId())).getTags()); - } catch (Exception e) { - log.debug(e.getMessage()); - } - try { - kmsKey.setRotationStatus(awskms.getKeyRotationStatus(new GetKeyRotationStatusRequest().withKeyId(key.getKeyId())).getKeyRotationEnabled()); - } catch (Exception e) { - log.debug(e.getMessage()); - } - if(!regionKeyAliases.isEmpty() ) { - for(AliasListEntry alias: regionKeyAliases) { - if(key.getKeyId().equals(alias.getTargetKeyId())) { - kmsKey.setAlias(alias); - break; - } - } - } - kmsKeysList.add(kmsKey); - } - log.debug(InventoryConstants.ACCOUNT + account +" Type : KMSKey "+region.getName() + " >> "+kmsKeysList.size()); - kmsKeys.put(account+delimiter+region.getName(),kmsKeysList); - - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"kms",e.getMessage()); - } - } - return kmsKeys; - } - - /** - * Fetch cloud front info. - * - * @param temporaryCredentials the temporary credentials - * @param account the account - * @return the map - */ - public static Map> fetchCloudFrontInfo(BasicSessionCredentials temporaryCredentials,String account) { - - Map> cloudFront = new LinkedHashMap<>(); - List distributionSummary = new ArrayList<>(); - AmazonCloudFront amazonCloudFront; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource \" ,\"type\": \"CloudFront\"" ; - try{ - amazonCloudFront = AmazonCloudFrontClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(InventoryConstants.REGION_US_WEST_2).build(); - distributionSummary = amazonCloudFront.listDistributions(new ListDistributionsRequest()).getDistributionList().getItems(); - List cloudFrontList = new ArrayList<>(); - for(DistributionSummary ds : distributionSummary) { - CloudFrontVH cf = new CloudFrontVH(); - cf.setDistSummary(ds); - cf.setTags(amazonCloudFront.listTagsForResource(new com.amazonaws.services.cloudfront.model.ListTagsForResourceRequest().withResource(ds.getARN())).getTags().getItems()); - cloudFrontList.add(cf); - } - log.debug(InventoryConstants.ACCOUNT + account +" Type : CloudFront "+ " >> "+cloudFrontList.size()); - cloudFront.put(account,cloudFrontList); - }catch(Exception e){ - log.error(expPrefix+ InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,"","cloudfront",e.getMessage()); - } - return cloudFront; - } - - /** - * Fetch EBS info. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchEBSInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - - Map> ebs = new LinkedHashMap<>(); - - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"EBS\" , \"region\":\"" ; - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - AWSElasticBeanstalk awsElasticBeanstalk = AWSElasticBeanstalkClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - List appDesList = awsElasticBeanstalk.describeApplications().getApplications(); - List ebsList = new ArrayList<>(); - for(ApplicationDescription appDes : appDesList) { - List envDesList = awsElasticBeanstalk.describeEnvironments(new DescribeEnvironmentsRequest().withApplicationName(appDes.getApplicationName())).getEnvironments(); - if(envDesList.isEmpty()) { - EbsVH ebsObj = new EbsVH(); - ebsObj.setApp(appDes); - ebsList.add(ebsObj); - } - else { - for(EnvironmentDescription envDes : envDesList) { - EbsVH ebsObj = new EbsVH(); - ebsObj.setApp(appDes); - ebsObj.setEnv(envDes); - ebsObj.setEnvResource(awsElasticBeanstalk.describeEnvironmentResources(new DescribeEnvironmentResourcesRequest().withEnvironmentId(envDes.getEnvironmentId())).getEnvironmentResources()); - ebsList.add(ebsObj); - } - } - } - if( !ebsList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : EBS "+region.getName() + " >> "+ebsList.size()); - ebs.put(account+delimiter+region.getName(),ebsList); - } - } - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"beanstalk",e.getMessage()); - } - } - return ebs; - } - - /** - * Fetch PHD info. - * - * @param temporaryCredentials the temporary credentials - * @param account the account - * @return the map - */ - public static Map> fetchPHDInfo(BasicSessionCredentials temporaryCredentials,String account) { - - Map> phd = new LinkedHashMap<>(); - AWSHealth awsHealth; - String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+account + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"PHD\"" ; - try{ - awsHealth = AWSHealthClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion("us-east-1").build(); - List phdList = new ArrayList<>(); - List resultEvents = new ArrayList<>(); - String nextToken = ""; - do { - DescribeEventsRequest describeEventsRequest = new DescribeEventsRequest().withMaxResults(100); - if (!StringUtils.isEmpty(nextToken)) { - describeEventsRequest.withNextToken(nextToken); - } - DescribeEventsResult eventsResult = awsHealth.describeEvents(describeEventsRequest); - nextToken = eventsResult.getNextToken(); - resultEvents.addAll(eventsResult.getEvents()); - } while (!StringUtils.isEmpty(nextToken)); - List eventArns = resultEvents.stream().map(Event::getArn).collect(Collectors.toList()); - int eventSize = eventArns.size(); - List eventArnsTemp = new ArrayList<>(); - for(int i =0 ; i successfulEventDetails = awsHealth.describeEventDetails(new DescribeEventDetailsRequest().withEventArns(eventArnsTemp)). getSuccessfulSet(); - List affectedEntities = new ArrayList<>(); - do { - DescribeAffectedEntitiesRequest affectedEntitiesRequest = new DescribeAffectedEntitiesRequest().withMaxResults(100); - if (!StringUtils.isEmpty(nextToken)) { - affectedEntitiesRequest.withNextToken(nextToken); - } - DescribeAffectedEntitiesResult affectedEntitiesResult = awsHealth.describeAffectedEntities(affectedEntitiesRequest.withFilter(new EntityFilter().withEventArns(eventArnsTemp))); - nextToken = affectedEntitiesResult.getNextToken(); - affectedEntities.addAll(affectedEntitiesResult.getEntities()); - } while (!StringUtils.isEmpty(nextToken)); - for(EventDetails eventDetail : successfulEventDetails) { - PhdVH phdObj = new PhdVH(); - phdObj.setEventDetails(eventDetail); - phdObj.setAffectedEntities(affectedEntities.parallelStream().filter(affEntity -> affEntity.getEventArn().equals(eventDetail.getEvent().getArn())).collect(Collectors.toList())); - phdList.add(phdObj); - } - eventArnsTemp = new ArrayList<>(); - } - } - if( !phdList.isEmpty() ) { - log.debug(InventoryConstants.ACCOUNT + account +" Type : PHD "+ " >> "+phdList.size()); - phd.put(account,phdList); - } - }catch(Exception e){ - log.error(expPrefix +", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,"","phd",e.getMessage()); - } - return phd; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Set; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.util.CollectionUtils; +import org.springframework.util.StringUtils; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.apigateway.AmazonApiGateway; +import com.amazonaws.services.apigateway.AmazonApiGatewayClientBuilder; +import com.amazonaws.services.apigateway.model.GetRestApisRequest; +import com.amazonaws.services.apigateway.model.GetRestApisResult; +import com.amazonaws.services.apigateway.model.RestApi; +import com.amazonaws.services.autoscaling.AmazonAutoScaling; +import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; +import com.amazonaws.services.autoscaling.model.AutoScalingGroup; +import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsRequest; +import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; +import com.amazonaws.services.cloudformation.AmazonCloudFormation; +import com.amazonaws.services.cloudformation.AmazonCloudFormationClientBuilder; +import com.amazonaws.services.cloudformation.model.DescribeStacksRequest; +import com.amazonaws.services.cloudformation.model.DescribeStacksResult; +import com.amazonaws.services.cloudformation.model.Stack; +import com.amazonaws.services.cloudfront.AmazonCloudFront; +import com.amazonaws.services.cloudfront.AmazonCloudFrontClientBuilder; +import com.amazonaws.services.cloudfront.model.DistributionList; +import com.amazonaws.services.cloudfront.model.DistributionSummary; +import com.amazonaws.services.cloudfront.model.ListDistributionsRequest; +import com.amazonaws.services.dynamodbv2.AmazonDynamoDB; +import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder; +import com.amazonaws.services.dynamodbv2.model.ListTablesRequest; +import com.amazonaws.services.dynamodbv2.model.ListTablesResult; +import com.amazonaws.services.dynamodbv2.model.ListTagsOfResourceRequest; +import com.amazonaws.services.dynamodbv2.model.TableDescription; +import com.amazonaws.services.ec2.AmazonEC2; +import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; +import com.amazonaws.services.ec2.model.DescribeInstancesRequest; +import com.amazonaws.services.ec2.model.DescribeInstancesResult; +import com.amazonaws.services.ec2.model.DescribeNatGatewaysRequest; +import com.amazonaws.services.ec2.model.DescribeNatGatewaysResult; +import com.amazonaws.services.ec2.model.DescribeNetworkInterfacesResult; +import com.amazonaws.services.ec2.model.DescribeSecurityGroupsResult; +import com.amazonaws.services.ec2.model.DescribeSnapshotsRequest; +import com.amazonaws.services.ec2.model.DescribeSubnetsResult; +import com.amazonaws.services.ec2.model.DescribeVolumesResult; +import com.amazonaws.services.ec2.model.DescribeVpcEndpointsRequest; +import com.amazonaws.services.ec2.model.Filter; +import com.amazonaws.services.ec2.model.Instance; +import com.amazonaws.services.ec2.model.NatGateway; +import com.amazonaws.services.ec2.model.NetworkInterface; +import com.amazonaws.services.ec2.model.SecurityGroup; +import com.amazonaws.services.ec2.model.Snapshot; +import com.amazonaws.services.ec2.model.Subnet; +import com.amazonaws.services.ec2.model.Volume; +import com.amazonaws.services.ec2.model.Vpc; +import com.amazonaws.services.ec2.model.VpcEndpoint; +import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalk; +import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalkClientBuilder; +import com.amazonaws.services.elasticbeanstalk.model.ApplicationDescription; +import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentResourcesRequest; +import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentsRequest; +import com.amazonaws.services.elasticbeanstalk.model.EnvironmentDescription; +import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystem; +import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystemClientBuilder; +import com.amazonaws.services.elasticfilesystem.model.DescribeFileSystemsRequest; +import com.amazonaws.services.elasticfilesystem.model.DescribeFileSystemsResult; +import com.amazonaws.services.elasticfilesystem.model.DescribeTagsRequest; +import com.amazonaws.services.elasticfilesystem.model.FileSystemDescription; +import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancing; +import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancingClientBuilder; +import com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersRequest; +import com.amazonaws.services.elasticloadbalancing.model.LoadBalancerDescription; +import com.amazonaws.services.elasticloadbalancing.model.TagDescription; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeLoadBalancersResult; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetGroupsRequest; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetGroupsResult; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetHealthRequest; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetHealthResult; +import com.amazonaws.services.elasticloadbalancingv2.model.LoadBalancer; +import com.amazonaws.services.elasticloadbalancingv2.model.TargetGroup; +import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduce; +import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduceClientBuilder; +import com.amazonaws.services.elasticmapreduce.model.Cluster; +import com.amazonaws.services.elasticmapreduce.model.ClusterSummary; +import com.amazonaws.services.elasticmapreduce.model.DescribeClusterRequest; +import com.amazonaws.services.elasticmapreduce.model.DescribeClusterResult; +import com.amazonaws.services.elasticmapreduce.model.ListClustersRequest; +import com.amazonaws.services.elasticmapreduce.model.ListClustersResult; +import com.amazonaws.services.health.AWSHealth; +import com.amazonaws.services.health.AWSHealthClientBuilder; +import com.amazonaws.services.health.model.AffectedEntity; +import com.amazonaws.services.health.model.DescribeAffectedEntitiesRequest; +import com.amazonaws.services.health.model.DescribeAffectedEntitiesResult; +import com.amazonaws.services.health.model.DescribeEventDetailsRequest; +import com.amazonaws.services.health.model.DescribeEventsRequest; +import com.amazonaws.services.health.model.DescribeEventsResult; +import com.amazonaws.services.health.model.EntityFilter; +import com.amazonaws.services.health.model.Event; +import com.amazonaws.services.health.model.EventDetails; +import com.amazonaws.services.identitymanagement.AmazonIdentityManagement; +import com.amazonaws.services.identitymanagement.AmazonIdentityManagementClientBuilder; +import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata; +import com.amazonaws.services.identitymanagement.model.GetAccessKeyLastUsedRequest; +import com.amazonaws.services.identitymanagement.model.GetAccessKeyLastUsedResult; +import com.amazonaws.services.identitymanagement.model.GetLoginProfileRequest; +import com.amazonaws.services.identitymanagement.model.Group; +import com.amazonaws.services.identitymanagement.model.ListAccessKeysRequest; +import com.amazonaws.services.identitymanagement.model.ListGroupsForUserRequest; +import com.amazonaws.services.identitymanagement.model.ListMFADevicesRequest; +import com.amazonaws.services.identitymanagement.model.ListRolesRequest; +import com.amazonaws.services.identitymanagement.model.ListRolesResult; +import com.amazonaws.services.identitymanagement.model.ListUsersRequest; +import com.amazonaws.services.identitymanagement.model.ListUsersResult; +import com.amazonaws.services.identitymanagement.model.LoginProfile; +import com.amazonaws.services.identitymanagement.model.Role; +import com.amazonaws.services.identitymanagement.model.User; +import com.amazonaws.services.kms.AWSKMS; +import com.amazonaws.services.kms.AWSKMSClientBuilder; +import com.amazonaws.services.kms.model.AliasListEntry; +import com.amazonaws.services.kms.model.DescribeKeyRequest; +import com.amazonaws.services.kms.model.DescribeKeyResult; +import com.amazonaws.services.kms.model.GetKeyRotationStatusRequest; +import com.amazonaws.services.kms.model.KeyListEntry; +import com.amazonaws.services.kms.model.ListResourceTagsRequest; +import com.amazonaws.services.lambda.AWSLambda; +import com.amazonaws.services.lambda.AWSLambdaClientBuilder; +import com.amazonaws.services.lambda.model.FunctionConfiguration; +import com.amazonaws.services.lambda.model.ListFunctionsRequest; +import com.amazonaws.services.lambda.model.ListFunctionsResult; +import com.amazonaws.services.lambda.model.ListTagsRequest; +import com.amazonaws.services.rds.AmazonRDS; +import com.amazonaws.services.rds.AmazonRDSClientBuilder; +import com.amazonaws.services.rds.model.DBCluster; +import com.amazonaws.services.rds.model.DBInstance; +import com.amazonaws.services.rds.model.DBSnapshot; +import com.amazonaws.services.rds.model.DescribeDBClustersRequest; +import com.amazonaws.services.rds.model.DescribeDBClustersResult; +import com.amazonaws.services.rds.model.DescribeDBInstancesRequest; +import com.amazonaws.services.rds.model.DescribeDBInstancesResult; +import com.amazonaws.services.rds.model.DescribeDBSnapshotsRequest; +import com.amazonaws.services.rds.model.DescribeDBSnapshotsResult; +import com.amazonaws.services.rds.model.ListTagsForResourceRequest; +import com.amazonaws.services.redshift.AmazonRedshift; +import com.amazonaws.services.redshift.AmazonRedshiftClientBuilder; +import com.amazonaws.services.redshift.model.ClusterSubnetGroup; +import com.amazonaws.services.redshift.model.DescribeClusterSubnetGroupsRequest; +import com.amazonaws.services.redshift.model.DescribeClustersRequest; +import com.amazonaws.services.redshift.model.DescribeClustersResult; +import com.amazonaws.services.s3.AmazonS3; +import com.amazonaws.services.s3.AmazonS3ClientBuilder; +import com.amazonaws.services.s3.model.AmazonS3Exception; +import com.amazonaws.services.s3.model.Bucket; +import com.amazonaws.services.s3.model.BucketTaggingConfiguration; +import com.amazonaws.services.s3.model.BucketVersioningConfiguration; +import com.amazonaws.services.s3.model.Tag; +import com.amazonaws.services.s3.model.TagSet; +import com.amazonaws.services.sqs.AmazonSQS; +import com.amazonaws.services.sqs.AmazonSQSClientBuilder; +import com.amazonaws.services.sqs.model.GetQueueAttributesRequest; +import com.amazonaws.services.sqs.model.ListQueueTagsRequest; +import com.amazonaws.services.support.AWSSupport; +import com.amazonaws.services.support.AWSSupportClientBuilder; +import com.amazonaws.services.support.model.DescribeTrustedAdvisorCheckResultRequest; +import com.amazonaws.services.support.model.DescribeTrustedAdvisorCheckResultResult; +import com.amazonaws.services.support.model.DescribeTrustedAdvisorChecksRequest; +import com.amazonaws.services.support.model.DescribeTrustedAdvisorChecksResult; +import com.amazonaws.services.support.model.RefreshTrustedAdvisorCheckRequest; +import com.amazonaws.services.support.model.TrustedAdvisorCheckDescription; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.MapperFeature; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; +import com.tmobile.cso.pacman.inventory.vo.AccessKeyMetadataVH; +import com.tmobile.cso.pacman.inventory.vo.Attribute; +import com.tmobile.cso.pacman.inventory.vo.BucketVH; +import com.tmobile.cso.pacman.inventory.vo.CheckVH; +import com.tmobile.cso.pacman.inventory.vo.ClassicELBVH; +import com.tmobile.cso.pacman.inventory.vo.CloudFrontVH; +import com.tmobile.cso.pacman.inventory.vo.DBClusterVH; +import com.tmobile.cso.pacman.inventory.vo.DBInstanceVH; +import com.tmobile.cso.pacman.inventory.vo.DynamoVH; +import com.tmobile.cso.pacman.inventory.vo.EbsVH; +import com.tmobile.cso.pacman.inventory.vo.EfsVH; +import com.tmobile.cso.pacman.inventory.vo.KMSKeyVH; +import com.tmobile.cso.pacman.inventory.vo.LambdaVH; +import com.tmobile.cso.pacman.inventory.vo.LoadBalancerVH; +import com.tmobile.cso.pacman.inventory.vo.PhdVH; +import com.tmobile.cso.pacman.inventory.vo.RedshiftVH; +import com.tmobile.cso.pacman.inventory.vo.Resource; +import com.tmobile.cso.pacman.inventory.vo.SQS; +import com.tmobile.cso.pacman.inventory.vo.SQSVH; +import com.tmobile.cso.pacman.inventory.vo.TargetGroupVH; +import com.tmobile.cso.pacman.inventory.vo.UserVH; +import com.tmobile.cso.pacman.inventory.vo.VpcEndPointVH; +import com.tmobile.cso.pacman.inventory.vo.VpcVH; + +/** + * The Class InventoryUtil. + */ +public class InventoryUtil { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(InventoryUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + /** The asg max record. */ + private static int asgMaxRecord = 100; + + /** + * Instantiates a new inventory util. + */ + private InventoryUtil(){ + } + + + /** + * Fetch instances. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchInstances(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName,String ec2Filters){ + Map> instanceMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"EC2\" , \"region\":\"" ; + List stateNameFilters = Arrays.asList(ec2Filters.split(",")); + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List instanceList = new ArrayList<>(); + DescribeInstancesResult descInstResult ; + String nextToken = null; + do{ + descInstResult = ec2Client.describeInstances(new DescribeInstancesRequest().withNextToken(nextToken)); + descInstResult.getReservations().forEach( + reservation -> instanceList.addAll(reservation.getInstances().stream().filter(instance->stateNameFilters.contains(instance.getState().getName())).collect(Collectors.toList()))); + nextToken = descInstResult.getNextToken(); + }while(nextToken!=null); + + if(!instanceList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EC2 "+ region.getName()+" >> " + instanceList.size()); + instanceMap.put(accountId+delimiter+accountName+delimiter+region.getName(), instanceList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"ec2",e.getMessage()); + } + } + return instanceMap; + } + + /** + * Fetch network intefaces. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchNetworkIntefaces(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> niMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Network Interface\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeNetworkInterfacesResult descNIRslt = ec2Client.describeNetworkInterfaces(); + List niList = descNIRslt.getNetworkInterfaces(); + if(!niList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : Network Interface " +region.getName()+" >> " + niList.size()); + niMap.put(accountId+delimiter+accountName+delimiter+region.getName(),niList); + } + + } + }catch(Exception e){ + log.error("Exception fetching Network Interfaces for "+region.getName() + e); + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"eni",e.getMessage()); + } + } + return niMap; + } + + /** + * Fetch security groups. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchSecurityGroups(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> secGrpList = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Security Group\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeSecurityGroupsResult rslt = ec2Client.describeSecurityGroups(); + List secGrpListTemp = rslt.getSecurityGroups(); + if( !secGrpListTemp.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Security Group "+region.getName()+" >> " + secGrpListTemp.size()); + secGrpList.put(accountId+delimiter+accountName+delimiter+region.getName(),secGrpListTemp); + } + + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"sg",e.getMessage()); + } + } + return secGrpList; + } + + + /** + * Fetch asg. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchAsg(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + AmazonAutoScaling asgClient; + Map> asgList = new LinkedHashMap<>(); + + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"ASG\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + List asgListTemp = new ArrayList<>(); + asgClient = AmazonAutoScalingClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextToken = null; + DescribeAutoScalingGroupsResult describeResult ; + do{ + describeResult = asgClient.describeAutoScalingGroups(new DescribeAutoScalingGroupsRequest().withNextToken(nextToken).withMaxRecords(asgMaxRecord)); + asgListTemp.addAll(describeResult.getAutoScalingGroups()); + nextToken = describeResult.getNextToken(); + }while(nextToken!=null); + + if(!asgListTemp.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : ASG "+region.getName()+" >> " + asgListTemp.size()); + asgList.put(accountId+delimiter+accountName+delimiter+region.getName(), asgListTemp); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"asg",e.getMessage()); + } + } + return asgList; + } + + /** + * Fetch cloud formation stack. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchCloudFormationStack(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + AmazonCloudFormation cloudFormClient ; + Map> stacks = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Stack\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + List stacksTemp = new ArrayList<>(); + String nextToken = null; + cloudFormClient = AmazonCloudFormationClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeStacksResult describeResult ; + do{ + describeResult = cloudFormClient.describeStacks(new DescribeStacksRequest().withNextToken(nextToken)); + stacksTemp.addAll(describeResult.getStacks()); + nextToken = describeResult.getNextToken(); + }while(nextToken!=null); + + if(! stacksTemp.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Cloud Formation Stack "+region.getName() + " >> " + stacksTemp.size()); + stacks.put(accountId+delimiter+accountName+delimiter+region.getName(), stacksTemp); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"stack",e.getMessage()); + } + } + return stacks; + } + + /** + * Fetch dynamo DB tables. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchDynamoDBTables(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + Map> dynamodbtables = new LinkedHashMap<>(); + + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"DynamoDB\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + AmazonDynamoDB awsClient= AmazonDynamoDBClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String marker = null; + List tables = new ArrayList<>(); + ListTablesResult listTableResult; + do{ + listTableResult = awsClient.listTables(new ListTablesRequest().withExclusiveStartTableName(marker)); + marker = listTableResult.getLastEvaluatedTableName(); + tables.addAll(listTableResult.getTableNames()); + }while(marker!=null); + + List dynamodbtablesTemp = new ArrayList<>(); + tables.parallelStream().forEach(tblName -> { + TableDescription table = awsClient.describeTable(tblName).getTable(); + List tags = awsClient.listTagsOfResource(new ListTagsOfResourceRequest().withResourceArn( table.getTableArn())).getTags(); + synchronized (dynamodbtablesTemp) { + dynamodbtablesTemp.add(new DynamoVH(table,tags)); + } + + }); + if(!dynamodbtablesTemp.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : DynamoDB "+region.getName() + " >> "+dynamodbtablesTemp.size()); + dynamodbtables.put(accountId+delimiter+accountName+delimiter+region.getName(), dynamodbtablesTemp); + } + + } + }catch(Exception e){ + if(region.isServiceSupported(AmazonDynamoDB.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"dynamodb",e.getMessage()); + } + } + } + return dynamodbtables; + } + + /** + * Fetch EFS info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchEFSInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + AmazonElasticFileSystem efsClient ; + Map> efsMap = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"EFS\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + efsClient = AmazonElasticFileSystemClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List efsListTemp = new ArrayList<>(); + String nextToken = null; + DescribeFileSystemsResult descRslt ; + do{ + descRslt = efsClient.describeFileSystems(new DescribeFileSystemsRequest().withMarker(nextToken)); + efsListTemp.addAll(descRslt.getFileSystems()); + nextToken = descRslt.getNextMarker(); + }while(nextToken!=null); + + List efsList = new ArrayList<>(); + for(FileSystemDescription efs :efsListTemp ){ + efsList.add( new EfsVH(efs, + efsClient.describeTags(new DescribeTagsRequest().withFileSystemId(efs.getFileSystemId())).getTags())); + } + if(! efsList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : EFS "+region.getName() + " >> "+efsList.size()); + efsMap.put(accountId+delimiter+accountName+delimiter+region.getName(), efsList); + } + } + }catch(Exception e){ + if(region.isServiceSupported(AmazonElasticFileSystem.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"efs",e.getMessage()); + } + } + } + return efsMap; + } + + + /** + * Fetch EMR info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchEMRInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> clusterList = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"EMR\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + AmazonElasticMapReduce emrClient = AmazonElasticMapReduceClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List clusters = new ArrayList<>(); + String marker = null; + ListClustersResult clusterResult ; + do{ + clusterResult = emrClient.listClusters(new ListClustersRequest().withMarker(marker)); + clusters.addAll(clusterResult.getClusters()); + marker = clusterResult.getMarker(); + }while(marker!=null); + + List clustersList = new ArrayList<>(); + clusters.forEach(cluster -> + { + DescribeClusterResult descClstrRslt = emrClient.describeCluster(new DescribeClusterRequest().withClusterId(cluster.getId())); + clustersList.add(descClstrRslt.getCluster()); + }); + + if( !clustersList.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : EMR "+region.getName() + " >> "+clustersList.size()); + clusterList.put(accountId+delimiter+accountName+delimiter+region.getName(),clustersList); + } + } + }catch(Exception e){ + if(region.isServiceSupported(AmazonElasticMapReduce.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"emr",e.getMessage()); + } + } + } + return clusterList; + } + + /** + * Fetch lambda info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchLambdaInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> functions = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Lambda\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + AWSLambda lamdaClient = AWSLambdaClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + ListFunctionsResult listFnRslt ; + List functionsTemp ; + List lambdaList = new ArrayList<>(); + String nextMarker = null; + do{ + listFnRslt = lamdaClient.listFunctions(new ListFunctionsRequest().withMarker(nextMarker)); + functionsTemp = listFnRslt.getFunctions(); + if( !functionsTemp.isEmpty() ) { + functionsTemp.forEach( function -> { + Map tags = lamdaClient.listTags(new ListTagsRequest().withResource(function.getFunctionArn())).getTags(); + LambdaVH lambda = new LambdaVH(function, tags); + lambdaList.add(lambda); + }); + } + nextMarker = listFnRslt.getNextMarker(); + }while(nextMarker!=null); + + if( !lambdaList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Lambda " +region.getName() + " >> "+lambdaList.size()); + functions.put(accountId+delimiter+accountName+delimiter+region.getName(),lambdaList); + } + } + }catch(Exception e){ + if(region.isServiceSupported(AWSLambda.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"lambda",e.getMessage()); + } + } + } + return functions ; + } + + /** + * Fetch classic elb info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchClassicElbInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + + Map> elbList = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Classic ELB\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + AmazonElasticLoadBalancing elbClient = AmazonElasticLoadBalancingClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextMarker = null; + List elbListTemp = new ArrayList<>(); + com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersResult elbDescResult ; + do{ + elbDescResult = elbClient.describeLoadBalancers(new DescribeLoadBalancersRequest().withMarker(nextMarker)); + elbListTemp.addAll(elbDescResult.getLoadBalancerDescriptions()); + nextMarker = elbDescResult.getNextMarker(); + }while(nextMarker!=null); + + List classicElbList = new ArrayList<>(); + if( !elbListTemp.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : Classic ELB "+region.getName() + " >> "+elbListTemp.size()); + List elbNames = elbListTemp.stream().map(elb -> { return elb.getLoadBalancerName();}).collect(Collectors.toList()); + List tagDescriptions = new ArrayList<>(); + List elbNamesTemp = new ArrayList<>(); + int i=0; + for(String elbName : elbNames){ + i++; + elbNamesTemp.add(elbName); + if(i%20==0){ + tagDescriptions.addAll(elbClient.describeTags( new com.amazonaws.services.elasticloadbalancing.model.DescribeTagsRequest().withLoadBalancerNames(elbNamesTemp)).getTagDescriptions()); + elbNamesTemp = new ArrayList<>(); + } + + } + if(!elbNamesTemp.isEmpty()) + tagDescriptions.addAll(elbClient.describeTags( new com.amazonaws.services.elasticloadbalancing.model.DescribeTagsRequest().withLoadBalancerNames(elbNamesTemp)).getTagDescriptions()); + + elbListTemp.parallelStream().forEach(elb-> { + List> tagsInfo = tagDescriptions.stream().filter(tag -> tag.getLoadBalancerName().equals( elb.getLoadBalancerName())).map(x-> x.getTags()).collect(Collectors.toList()); + List tags = new ArrayList<>(); + if(!tagsInfo.isEmpty()) + tags = tagsInfo.get(0); + synchronized(classicElbList){ + classicElbList.add(new ClassicELBVH(elb,tags)); + } + }); + elbList.put(accountId+delimiter+accountName+delimiter+region.getName(),classicElbList); + } + + + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"classicelb",e.getMessage()); + } + } + return elbList; + } + + /** + * Fetch elb info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchElbInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient ; + Map> elbMap = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Application ELB\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + elbClient = com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextMarker = null; + DescribeLoadBalancersResult descElbRslt ; + List elbList = new ArrayList<>(); + do{ + descElbRslt = elbClient.describeLoadBalancers(new com.amazonaws.services.elasticloadbalancingv2.model.DescribeLoadBalancersRequest().withMarker(nextMarker)); + elbList.addAll(descElbRslt.getLoadBalancers()); + nextMarker = descElbRslt.getNextMarker(); + }while(nextMarker!=null); + + if(! elbList.isEmpty() ) { + List elbListTemp = new ArrayList<>(); + List elbArns = elbList.stream().map(LoadBalancer::getLoadBalancerArn).collect(Collectors.toList()); + List tagDescriptions = new ArrayList<>(); + int i = 0; + List elbArnsTemp = new ArrayList<>(); + for(String elbArn : elbArns){ + i++; + elbArnsTemp.add(elbArn); + if(i%20 == 0){ + tagDescriptions.addAll(elbClient.describeTags(new com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsRequest().withResourceArns(elbArnsTemp)).getTagDescriptions()); + elbArnsTemp = new ArrayList<>(); + } + + } + if(!elbArnsTemp.isEmpty()) + tagDescriptions.addAll(elbClient.describeTags(new com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsRequest().withResourceArns(elbArnsTemp)).getTagDescriptions()); + + elbList.parallelStream().forEach(elb-> { + List> tagsInfo = tagDescriptions.stream().filter(tag -> tag.getResourceArn().equals( elb.getLoadBalancerArn())).map(x-> x.getTags()).collect(Collectors.toList()); + List tags = new ArrayList<>(); + if(!tagsInfo.isEmpty()) + tags = tagsInfo.get(0); + LoadBalancerVH elbTemp = new LoadBalancerVH(elb,tags); + synchronized(elbListTemp){ + elbListTemp.add(elbTemp); + } + }); + + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Application ELB " +region.getName() + " >> "+elbListTemp.size()); + elbMap.put(accountId+delimiter+accountName+delimiter+region.getName(),elbListTemp); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"appelb",e.getMessage()); + } + } + return elbMap; + } + + /** + * Fetch target groups. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchTargetGroups(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient ; + Map> targetGrpMap = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Target Group\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + elbClient = com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.standard(). + withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextMarker = null; + List targetGrpList = new ArrayList<>(); + do{ + DescribeTargetGroupsResult trgtGrpRslt = elbClient.describeTargetGroups(new DescribeTargetGroupsRequest().withMarker(nextMarker)); + List targetGrpListTemp = trgtGrpRslt.getTargetGroups(); + for(TargetGroup tg : targetGrpListTemp) { + DescribeTargetHealthResult rslt = elbClient.describeTargetHealth(new DescribeTargetHealthRequest().withTargetGroupArn(tg.getTargetGroupArn())); + targetGrpList.add(new TargetGroupVH(tg, rslt.getTargetHealthDescriptions())); + } + nextMarker = trgtGrpRslt.getNextMarker(); + }while(nextMarker!=null); + + if( !targetGrpList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Target Group " +region.getName() + "-"+targetGrpList.size()); + targetGrpMap.put(accountId+delimiter+accountName+delimiter+region.getName(), targetGrpList); + } + + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"targetgroup",e.getMessage()); + } + } + return targetGrpMap; + } + + /** + * Fetch NAT gateway info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchNATGatewayInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + Map> natGatwayMap = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Nat Gateway\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeNatGatewaysResult rslt = ec2Client.describeNatGateways(new DescribeNatGatewaysRequest()); + List natGatwayList =rslt.getNatGateways(); + if(! natGatwayList.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId + " Type : Nat Gateway "+region.getName() + " >> "+natGatwayList.size()); + natGatwayMap.put(accountId+delimiter+accountName+delimiter+region.getName(), natGatwayList); + } + + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"nat",e.getMessage()); + } + } + return natGatwayMap; + } + + /** + * Fetch RDS cluster info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchRDSClusterInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + Map> rdsMap = new LinkedHashMap<>(); + AmazonRDS rdsClient ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"RDS Cluster\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + rdsClient = AmazonRDSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeDBClustersResult rslt ; + String nextMarker = null; + List rdsList = new ArrayList<>(); + do{ + rslt = rdsClient.describeDBClusters( new DescribeDBClustersRequest().withMarker(nextMarker)); + List rdsListTemp = rslt.getDBClusters(); + for(DBCluster cluster : rdsListTemp){ + DBClusterVH vh = new DBClusterVH(cluster,rdsClient.listTagsForResource(new ListTagsForResourceRequest(). + withResourceName(cluster.getDBClusterArn())). + getTagList()); + rdsList.add(vh); + } + nextMarker = rslt.getMarker(); + }while(nextMarker!=null); + + if( !rdsList.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : RDS Cluster "+region.getName() + " >> "+rdsList.size()); + rdsMap.put(accountId+delimiter+accountName+delimiter+region.getName(), rdsList); + } + } + }catch(Exception e){ + if(region.isServiceSupported(AmazonRDS.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"rdscluster",e.getMessage()); + } + } + } + return rdsMap; + } + + /** + * Fetch RDS instance info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchRDSInstanceInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + Map> dbInstMap = new LinkedHashMap<>(); + AmazonRDS rdsClient ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"RDS Instance\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + rdsClient = AmazonRDSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextMarker = null; + DescribeDBInstancesResult rslt; + List dbInstList = new ArrayList<>(); + do{ + rslt = rdsClient.describeDBInstances(new DescribeDBInstancesRequest().withMarker(nextMarker)); + List dbInstListTemp = rslt.getDBInstances(); + for(DBInstance db : dbInstListTemp){ + DBInstanceVH vh = new DBInstanceVH(db, rdsClient.listTagsForResource(new ListTagsForResourceRequest(). + withResourceName(db.getDBInstanceArn())). + getTagList(), + db.getDBSubnetGroup().getSubnets().stream().map(subnet -> subnet.getSubnetIdentifier()).collect(Collectors.joining(",")), + db.getVpcSecurityGroups().stream().map(group->group.getVpcSecurityGroupId()+":"+group.getStatus()).collect(Collectors.joining(",")) + ); + dbInstList.add(vh); + } + nextMarker = rslt.getMarker(); + }while(nextMarker!=null); + + if(! dbInstList.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : RDS Instance" +region.getName() + " >> "+dbInstList.size()); + dbInstMap.put(accountId+delimiter+accountName+delimiter+region.getName(), dbInstList); + } + } + }catch(Exception e){ + if(region.isServiceSupported(AmazonRDS.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"rdsdb",e.getMessage()); + } + } + } + return dbInstMap; + } + + /** + * Fetch S 3 info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the list + */ + public static Map> fetchS3Info(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + Map> s3Map = new HashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"S3\" , \"Bucket\":\"" ; + AmazonS3 amazonS3Client ; + List buckets = new ArrayList<>(); + /* A region is needed for the client and setting to us-east-1 is causing issues */ + amazonS3Client = AmazonS3ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(InventoryConstants.REGION_US_WEST_2).build(); + List s3buckets = amazonS3Client.listBuckets(); + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : S3 "+ " >> "+s3buckets.size()); + Map regionS3map = new HashMap<>(); + for(Region region : RegionUtils.getRegions()){ + if(!skipRegions.contains(region.getName())){ + regionS3map.put(region.getName(), AmazonS3ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build()); + } + } + s3buckets.parallelStream().forEach(bucket -> { + String bucketRegion =""; + BucketVersioningConfiguration versionconfig = null; + List tags = new ArrayList<>(); + try{ + String bucketLocation = amazonS3Client.getBucketLocation(bucket.getName()); + bucketRegion = com.amazonaws.services.s3.model.Region.fromValue(bucketLocation).toAWSRegion().getName(); + AmazonS3 s3Client = regionS3map.get(bucketRegion); + versionconfig = s3Client.getBucketVersioningConfiguration(bucket.getName()); + BucketTaggingConfiguration tagConfig = s3Client.getBucketTaggingConfiguration(bucket.getName()); + if(tagConfig!=null){ + List tagSets = tagConfig.getAllTagSets(); + for(TagSet ts : tagSets){ + Map tagsTemp = ts.getAllTags(); + Iterator> it = tagsTemp.entrySet().iterator(); + while(it.hasNext()){ + Entry tag = it.next(); + tags.add(new Tag(tag.getKey(),tag.getValue())); + } + } + } + synchronized(buckets){ + buckets.add(new BucketVH(bucket,bucketRegion,versionconfig, tags)); + } + } + catch(AmazonS3Exception e){ + if("AccessDenied".equals(e.getErrorCode())){ + log.info("Access Denied for bucket " + bucket.getName()); + buckets.add(new BucketVH(bucket,"",versionconfig, tags)); + }else{ + log.info("Exception fetching S3 Bucket",e); + } + } + catch(Exception e){ + log.warn(expPrefix+ bucket.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,"","s3",e.getMessage()); + } + }); + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : S3 >> "+buckets.size()); + if(!buckets.isEmpty()){ + s3Map.put(accountId+delimiter+accountName, buckets); + } + return s3Map; + } + + /** + * Fetch subnets. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchSubnets(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + Map> subnets = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Subnet\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeSubnetsResult rslt = ec2Client.describeSubnets(); + List subnetsTemp =rslt.getSubnets(); + if(! subnetsTemp.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Subnet "+region.getName() + " >> "+subnetsTemp.size()); + subnets.put(accountId+delimiter+accountName+delimiter+region.getName(),subnetsTemp); + } + + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"subnet",e.getMessage()); + } + } + + return subnets; + } + + /** + * Fetch trusterd advisors checks. + * + * @param temporaryCredentials the temporary credentials + * @param accountId the accountId + * @return the list + */ + public static Map> fetchTrusterdAdvisorsChecks(BasicSessionCredentials temporaryCredentials,String accountId,String accountName ) { + Map> checkMap = new HashMap<>(); + List checkList = new ArrayList<>(); + AWSSupport awsSupportClient = AWSSupportClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion("us-east-1").build(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"Trusted Advisor Check\"" ; + List checkids = new ArrayList<>(); + try{ + DescribeTrustedAdvisorChecksResult rslt = awsSupportClient.describeTrustedAdvisorChecks(new DescribeTrustedAdvisorChecksRequest().withLanguage("en")); + List trstdAdvsrList = rslt.getChecks(); + for(TrustedAdvisorCheckDescription check : trstdAdvsrList){ + try{ + checkids.add(check.getId()); + DescribeTrustedAdvisorCheckResultResult result = + awsSupportClient.describeTrustedAdvisorCheckResult(new DescribeTrustedAdvisorCheckResultRequest().withCheckId(check.getId())); + List metadata = check.getMetadata(); + + if(!"OK".equalsIgnoreCase(result.getResult().getStatus())){ + + CheckVH checkVH = new CheckVH(check,result.getResult().getStatus()); + List resources = new ArrayList<>(); + checkVH.setResources(resources); + // TODO : Raise a ticket with AWS to fix this API issue + if( ("ePs02jT06w".equalsIgnoreCase(check.getId()) || "rSs93HQwa1".equalsIgnoreCase(check.getId())) && !result.getResult().getFlaggedResources().isEmpty() ){ + int dataSize = result.getResult().getFlaggedResources().get(0).getMetadata().size() ; + if(dataSize == metadata.size()+1 && !metadata.contains("Status")){ + metadata.add(0, "Status"); + } + } + + result.getResult().getFlaggedResources().forEach( + rsrc -> { + List data = rsrc.getMetadata(); + StringBuilder resounceInfo = new StringBuilder("{"); + if(data.size() == metadata.size() ){ + + for(int i=0;i> fetchRedshiftInfo(BasicSessionCredentials temporaryCredentials,String skipRegions,String accountId,String accountName) { + Map> redshiftMap = new LinkedHashMap<>(); + AmazonRedshift redshiftClient ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Redshift\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + redshiftClient = AmazonRedshiftClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextMarker = null; + DescribeClustersResult result; + List redshiftList = new ArrayList<>(); + do{ + result= redshiftClient.describeClusters(new DescribeClustersRequest().withMarker(nextMarker)); + redshiftList.addAll(result.getClusters()); + nextMarker = result.getMarker(); + }while(nextMarker!=null); + + List redshiftVHList = new ArrayList<>(); + for(com.amazonaws.services.redshift.model.Cluster cluster : redshiftList ){ + RedshiftVH redshift = new RedshiftVH(cluster); + redshiftVHList.add(redshift); + List subnetGroups = redshiftClient.describeClusterSubnetGroups(new DescribeClusterSubnetGroupsRequest().withClusterSubnetGroupName(cluster.getClusterSubnetGroupName())).getClusterSubnetGroups(); + subnetGroups.forEach(subnetGroup-> { + redshift.setSubnets(subnetGroup.getSubnets().stream().map(com.amazonaws.services.redshift.model.Subnet::getSubnetIdentifier).collect(Collectors.toList())); + }); + } + + if(!redshiftVHList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Redshift " +region.getName() + " >> "+redshiftVHList.size()); + redshiftMap.put(accountId+delimiter+accountName+delimiter+region.getName(),redshiftVHList); + } + + } + + }catch(Exception e){ + if(region.isServiceSupported(AmazonRedshift.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"redshift",e.getMessage()); + } + } + } + return redshiftMap; + } + + /** + * Fetch volumet info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchVolumetInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + Map> volumeList = new LinkedHashMap<>(); + AmazonEC2 ec2Client ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Volume\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeVolumesResult rslt = ec2Client.describeVolumes(); // No need to paginate as all volumes will be returned. + List volumeListTemp = rslt.getVolumes(); + + if( !volumeListTemp.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Volume "+region.getName() + " >> "+volumeListTemp.size()); + volumeList.put(accountId+delimiter+accountName+delimiter+region.getName(),volumeListTemp); + } + } + + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"volume",e.getMessage()); + } + } + return volumeList; + } + + /** + * Fetch snapshots. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchSnapshots(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + Map> snapShots = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Snapshot\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + AmazonEC2 ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List snapShotsList = ec2Client.describeSnapshots(new DescribeSnapshotsRequest().withOwnerIds(accountId)).getSnapshots();// No need to paginate as all results will be returned + if( !snapShotsList.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : Snapshot " +region.getName() + " >> "+snapShotsList.size()); + snapShots.put(accountId+delimiter+accountName+delimiter+region.getName(),snapShotsList); + } + } + + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"snapshot",e.getMessage()); + } + } + return snapShots; + } + + /** + * Fetch vpc info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + @SuppressWarnings("rawtypes") + public static Map> fetchVpcInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + Map> vpcMap = new LinkedHashMap<>(); + + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"Vpc\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + List vpcList = new ArrayList<>(); + AmazonEC2 ec2Client = AmazonEC2ClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List tmpVpcList = ec2Client.describeVpcs().getVpcs(); + tmpVpcList.stream().forEach(vpc -> { + VpcVH vpcVH = new VpcVH(); + vpcVH.setVpc(vpc); + List vpcEndPoints = ec2Client.describeVpcEndpoints(new DescribeVpcEndpointsRequest().withFilters(new Filter("vpc-id",Arrays.asList(vpc.getVpcId())))).getVpcEndpoints(); + List vpcEndPointsList = new ArrayList<>(); + vpcEndPoints.stream().forEach(vpcEndPoint -> { + VpcEndPointVH vpcEndPointVH = new VpcEndPointVH(vpcEndPoint); + vpcEndPointVH.setPublicAccess(false); + ObjectMapper mapper = new ObjectMapper(); + Map policyDoc = new HashMap<>(); + try { + policyDoc = mapper.readValue(vpcEndPoint.getPolicyDocument(), new TypeReference>(){}); + Map statement = (Map)((ArrayList)policyDoc.get("Statement")).get(0); + if(statement.get("Effect").equals("Allow") && statement.get("Resource").equals("*")) { + vpcEndPointVH.setPublicAccess(true); + } + } catch (Exception e) { + log.error(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + } + vpcEndPointsList.add(vpcEndPointVH); + }); + vpcVH.setVpcEndPoints(vpcEndPointsList); + vpcList.add(vpcVH); + }); + if(!vpcList.isEmpty()) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : VPC "+region.getName() + " >> "+vpcList.size()); + vpcMap.put(accountId+delimiter+accountName+delimiter+region.getName(),vpcList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"VPC",e.getMessage()); + } + } + return vpcMap; + } + + /** + * Fetch api gateways. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchApiGateways(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + Map> apiGateWays = new LinkedHashMap<>(); + + AmazonApiGateway apiGatWayClient ; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"API\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + apiGatWayClient = AmazonApiGatewayClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List apiGateWaysList = new ArrayList<>(); + String position = null; + GetRestApisResult rslt ; + do{ + rslt = apiGatWayClient.getRestApis(new GetRestApisRequest().withPosition(position)); + apiGateWaysList.addAll(rslt.getItems()); + position = rslt.getPosition(); + }while(position!=null); + + if( !apiGateWaysList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : ApiGateway "+region.getName() + " >> "+apiGateWaysList.size()); + apiGateWays.put(accountId+delimiter+accountName+delimiter+region.getName(),apiGateWaysList); + } + + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"api",e.getMessage()); + } + } + return apiGateWays; + } + + /** + * Fetch IAM users. + * + * @param temporaryCredentials the temporary credentials + * @param accountId the accountId + * @return the map + */ + public static Map> fetchIAMUsers(BasicSessionCredentials temporaryCredentials,String accountId,String accountName) { + + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"IAM\"" ; + + AmazonIdentityManagement iamClient = AmazonIdentityManagementClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(InventoryConstants.REGION_US_WEST_2).build(); + String marker = null; + List users = new ArrayList<>(); + ListUsersResult rslt; + do{ + rslt = iamClient.listUsers(new ListUsersRequest().withMarker(marker)); + users.addAll(rslt.getUsers()); + marker = rslt.getMarker(); + }while(marker!=null); + + List userList = new ArrayList<>(); + Map> iamUsers = new HashMap<>(); + iamUsers.put(accountId+delimiter+accountName, userList); + users.parallelStream().forEach(user -> { + UserVH userTemp = new UserVH(user); + String userName = user.getUserName(); + List accessKeys = iamClient.listAccessKeys(new ListAccessKeysRequest().withUserName(userName)).getAccessKeyMetadata(); + List accessKeysTemp = new ArrayList<>(); + userTemp.setAccessKeys(accessKeysTemp); + try { + if(!CollectionUtils.isEmpty(accessKeys)){ + accessKeys.stream().forEach(accesskeyInfo -> { + GetAccessKeyLastUsedResult accessKeyLastUsedResult = iamClient.getAccessKeyLastUsed(new GetAccessKeyLastUsedRequest().withAccessKeyId(accesskeyInfo.getAccessKeyId())); + AccessKeyMetadataVH accessKeyVH = new AccessKeyMetadataVH(accesskeyInfo); + accessKeysTemp.add(accessKeyVH); + if(accessKeyLastUsedResult != null) { + accessKeyVH.setLastUsedDate(accessKeyLastUsedResult.getAccessKeyLastUsed().getLastUsedDate()); + + } + }); + } + } + catch (Exception e){ + log.warn(expPrefix+ InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,"","IAM",e.getMessage()); + } + + try{ + LoginProfile logProf = iamClient.getLoginProfile(new GetLoginProfileRequest().withUserName(userName)).getLoginProfile(); + userTemp.setPasswordCreationDate(logProf.getCreateDate()); + userTemp.setPasswordResetRequired(logProf.isPasswordResetRequired()); + }catch (Exception e) { + // Ignore as there may not be login profile for all users + } + List groups = iamClient.listGroupsForUser(new ListGroupsForUserRequest().withUserName(userName)).getGroups(); + List groupsList = new ArrayList<>(); + for(Group grp : groups){ + groupsList.add(grp.getGroupName()); + } + userTemp.setGroups(groupsList); + userTemp.setMfa(!iamClient.listMFADevices(new ListMFADevicesRequest().withUserName(userName)).getMFADevices().isEmpty()); + synchronized (userList) { + userList.add(userTemp); + } + }); + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : IAM User >> "+userList.size()); + return iamUsers; + } + + /** + * Fetch IAM roles. + * + * @param temporaryCredentials the temporary credentials + * @param accountId the accountId + * @return the map + */ + public static Map> fetchIAMRoles(BasicSessionCredentials temporaryCredentials,String accountId,String accountName) { + + AmazonIdentityManagement iamClient = AmazonIdentityManagementClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(InventoryConstants.REGION_US_WEST_2).build(); + List roles = new ArrayList<>(); + ListRolesResult rslt; + String marker = null; + do{ + rslt = iamClient.listRoles(new ListRolesRequest().withMarker(marker)); + roles.addAll(rslt.getRoles()); + marker = rslt.getMarker(); + }while(marker!=null); + + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : IAM Roles >> "+roles.size()); + Map> iamRoles = new HashMap<>(); + iamRoles.put(accountId+delimiter+accountName, roles); + return iamRoles; + } + + /** + * Fetch RDSDB snapshots. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchRDSDBSnapshots(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName){ + Map> snapshots = new LinkedHashMap<>(); + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"RDS Snapshot\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()){ + try{ + if(!skipRegions.contains(region.getName())){ + AmazonRDS rdsClient = AmazonRDSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + DescribeDBSnapshotsResult rslt ; + List snapshotsTemp = new ArrayList<>(); + String marker = null; + do{ + rslt = rdsClient.describeDBSnapshots(new DescribeDBSnapshotsRequest().withIncludePublic(false).withIncludeShared(false).withMarker(marker)); + snapshotsTemp.addAll(rslt.getDBSnapshots()); + marker = rslt.getMarker(); + }while(marker!=null); + + if(! snapshotsTemp.isEmpty() ){ + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : RDS Snapshot" +region.getName() + " >> "+snapshotsTemp.size()); + snapshots.put(accountId+delimiter+accountName+delimiter+region.getName(), snapshotsTemp); + } + } + + }catch(Exception e){ + if(region.isServiceSupported(AmazonRDS.ENDPOINT_PREFIX)){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"rdssnapshot",e.getMessage()); + } + } + } + return snapshots; + } + + /** + * Fetch KMS keys. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchKMSKeys(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> kmsKeys = new LinkedHashMap<>(); + AWSKMS awskms; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"KMS\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + awskms = AWSKMSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List regionKeys = awskms.listKeys().getKeys(); + List regionKeyAliases = awskms.listAliases().getAliases(); + if(!regionKeys.isEmpty()) { + List kmsKeysList = new ArrayList<>(); + for(KeyListEntry key : regionKeys) { + KMSKeyVH kmsKey = new KMSKeyVH(); + try { + DescribeKeyResult result = awskms.describeKey(new DescribeKeyRequest().withKeyId(key.getKeyId())); + kmsKey.setKey(result.getKeyMetadata()); + kmsKey.setTags(awskms.listResourceTags(new ListResourceTagsRequest().withKeyId(key.getKeyId())).getTags()); + } catch (Exception e) { + log.debug(e.getMessage()); + } + try { + kmsKey.setRotationStatus(awskms.getKeyRotationStatus(new GetKeyRotationStatusRequest().withKeyId(key.getKeyId())).getKeyRotationEnabled()); + } catch (Exception e) { + log.debug(e.getMessage()); + } + if(!regionKeyAliases.isEmpty() ) { + for(AliasListEntry alias: regionKeyAliases) { + if(key.getKeyId().equals(alias.getTargetKeyId())) { + kmsKey.setAlias(alias); + break; + } + } + } + kmsKeysList.add(kmsKey); + } + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : KMSKey "+region.getName() + " >> "+kmsKeysList.size()); + kmsKeys.put(accountId+delimiter+accountName+delimiter+region.getName(),kmsKeysList); + + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"kms",e.getMessage()); + } + } + return kmsKeys; + } + + /** + * Fetch cloud front info. + * + * @param temporaryCredentials the temporary credentials + * @param accountId the accountId + * @return the map + */ + public static Map> fetchCloudFrontInfo(BasicSessionCredentials temporaryCredentials,String accountId,String accountName) { + + Map> cloudFront = new LinkedHashMap<>(); + List distributionSummary = new ArrayList<>(); + AmazonCloudFront amazonCloudFront; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource \" ,\"type\": \"CloudFront\"" ; + try{ + amazonCloudFront = AmazonCloudFrontClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion("us-east-1").build(); + + String marker = null; + List cloudFrontList = new ArrayList<>(); + DistributionList distributionList ; + do{ + distributionList = amazonCloudFront.listDistributions(new ListDistributionsRequest().withMarker(marker)).getDistributionList(); + distributionSummary = distributionList.getItems(); + marker = distributionList.getNextMarker(); + for(DistributionSummary ds : distributionSummary) { + CloudFrontVH cf = new CloudFrontVH(); + cf.setDistSummary(ds); + cf.setTags(amazonCloudFront.listTagsForResource(new com.amazonaws.services.cloudfront.model.ListTagsForResourceRequest().withResource(ds.getARN())).getTags().getItems()); + cloudFrontList.add(cf); + } + }while(marker!=null); + + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : CloudFront "+ " >> "+cloudFrontList.size()); + cloudFront.put(accountId+delimiter+accountName,cloudFrontList); + }catch(Exception e){ + log.error(expPrefix+ InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,"","cloudfront",e.getMessage()); + } + return cloudFront; + } + + /** + * Fetch EBS info. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchEBSInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> ebs = new LinkedHashMap<>(); + + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"beanstalk\" , \"region\":\"" ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + AWSElasticBeanstalk awsElasticBeanstalk = AWSElasticBeanstalkClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List appDesList = awsElasticBeanstalk.describeApplications().getApplications(); + List ebsList = new ArrayList<>(); + for(ApplicationDescription appDes : appDesList) { + List envDesList = awsElasticBeanstalk.describeEnvironments(new DescribeEnvironmentsRequest().withApplicationName(appDes.getApplicationName())).getEnvironments(); + if(envDesList.isEmpty()) { + EbsVH ebsObj = new EbsVH(); + ebsObj.setApp(appDes); + ebsList.add(ebsObj); + } + else { + for(EnvironmentDescription envDes : envDesList) { + EbsVH ebsObj = new EbsVH(); + ebsObj.setApp(appDes); + ebsObj.setEnv(envDes); + try{ + ebsObj.setEnvResource(awsElasticBeanstalk.describeEnvironmentResources(new DescribeEnvironmentResourcesRequest().withEnvironmentId(envDes.getEnvironmentId())).getEnvironmentResources()); + }catch(Exception e){ + log.debug("Error in fetching resources for enviroment",e); + } + ebsList.add(ebsObj); + } + } + } + if( !ebsList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : beanstalk "+region.getName() + " >> "+ebsList.size()); + ebs.put(accountId+delimiter+accountName+delimiter+region.getName(),ebsList); + } + } + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"beanstalk",e.getMessage()); + } + } + return ebs; + } + + /** + * Fetch PHD info. + * + * @param temporaryCredentials the temporary credentials + * @param accountId the accountId + * @return the map + */ + public static Map> fetchPHDInfo(BasicSessionCredentials temporaryCredentials,String accountId,String accountName) { + + Map> phd = new LinkedHashMap<>(); + AWSHealth awsHealth; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"PHD\"" ; + try{ + awsHealth = AWSHealthClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion("us-east-1").build(); + List phdList = new ArrayList<>(); + List resultEvents = new ArrayList<>(); + String nextToken = ""; + do { + DescribeEventsRequest describeEventsRequest = new DescribeEventsRequest().withMaxResults(100); + if (!StringUtils.isEmpty(nextToken)) { + describeEventsRequest.withNextToken(nextToken); + } + DescribeEventsResult eventsResult = awsHealth.describeEvents(describeEventsRequest); + nextToken = eventsResult.getNextToken(); + resultEvents.addAll(eventsResult.getEvents()); + } while (!StringUtils.isEmpty(nextToken)); + List eventArns = resultEvents.stream().map(Event::getArn).collect(Collectors.toList()); + int eventSize = eventArns.size(); + List eventArnsTemp = new ArrayList<>(); + for(int i =0 ; i successfulEventDetails = awsHealth.describeEventDetails(new DescribeEventDetailsRequest().withEventArns(eventArnsTemp)). getSuccessfulSet(); + List affectedEntities = new ArrayList<>(); + do { + DescribeAffectedEntitiesRequest affectedEntitiesRequest = new DescribeAffectedEntitiesRequest().withMaxResults(100); + if (!StringUtils.isEmpty(nextToken)) { + affectedEntitiesRequest.withNextToken(nextToken); + } + DescribeAffectedEntitiesResult affectedEntitiesResult = awsHealth.describeAffectedEntities(affectedEntitiesRequest.withFilter(new EntityFilter().withEventArns(eventArnsTemp))); + nextToken = affectedEntitiesResult.getNextToken(); + affectedEntities.addAll(affectedEntitiesResult.getEntities()); + } while (!StringUtils.isEmpty(nextToken)); + for(EventDetails eventDetail : successfulEventDetails) { + PhdVH phdObj = new PhdVH(); + phdObj.setEventDetails(eventDetail); + phdObj.setAffectedEntities(affectedEntities.parallelStream().filter(affEntity -> affEntity.getEventArn().equals(eventDetail.getEvent().getArn())).collect(Collectors.toList())); + phdList.add(phdObj); + } + eventArnsTemp = new ArrayList<>(); + } + } + if( !phdList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : PHD "+ " >> "+phdList.size()); + phd.put(accountId+delimiter+accountName,phdList); + } + }catch(Exception e){ + log.error(expPrefix +", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,"","phd",e.getMessage()); + } + return phd; + } + + public static Map> fetchSQSInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + ObjectMapper objectMapper = new ObjectMapper(); + objectMapper.configure(MapperFeature.ACCEPT_CASE_INSENSITIVE_PROPERTIES, true); + Map> sqs = new LinkedHashMap<>(); + AmazonSQS amazonSQS; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"sqs\"" ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + amazonSQS = AmazonSQSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List sqsUrls = amazonSQS.listQueues().getQueueUrls(); + List sqsList = new ArrayList<>(); + for(String queueUrl :sqsUrls ) { + try{ + SQS sqsObj = objectMapper.convertValue(amazonSQS.getQueueAttributes(new GetQueueAttributesRequest(queueUrl,Arrays.asList("All"))).getAttributes(), + SQS.class); + List tags = new ArrayList<>(); + Set> tagEntries = amazonSQS.listQueueTags(new ListQueueTagsRequest(queueUrl)).getTags().entrySet(); + for(Entry entry: tagEntries) { + tags.add(new Attribute(entry.getKey(), entry.getValue())); + } + sqsList.add(new SQSVH(queueUrl,sqsObj,tags)); + }catch(Exception e){ + log.debug("Error fetching info for the queue {}",queueUrl); + } + } + + if( !sqsList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : SQS "+region.getName() + " >> "+sqsList.size()); + sqs.put(accountId+delimiter+accountName+delimiter+region.getName(),sqsList); + } + } + } catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"sqs",e.getMessage()); + } + } + + return sqs; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/KinesisInventoryUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/KinesisInventoryUtil.java new file mode 100644 index 000000000..4ec222db8 --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/KinesisInventoryUtil.java @@ -0,0 +1,186 @@ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.kinesis.AmazonKinesis; +import com.amazonaws.services.kinesis.AmazonKinesisClientBuilder; +import com.amazonaws.services.kinesis.model.DescribeStreamRequest; +import com.amazonaws.services.kinesis.model.ListStreamsResult; +import com.amazonaws.services.kinesis.model.ListTagsForStreamRequest; +import com.amazonaws.services.kinesis.model.ListTagsForStreamResult; +import com.amazonaws.services.kinesis.model.StreamDescription; +import com.amazonaws.services.kinesisfirehose.AmazonKinesisFirehose; +import com.amazonaws.services.kinesisfirehose.AmazonKinesisFirehoseClientBuilder; +import com.amazonaws.services.kinesisfirehose.model.DeliveryStreamDescription; +import com.amazonaws.services.kinesisfirehose.model.DescribeDeliveryStreamRequest; +import com.amazonaws.services.kinesisfirehose.model.ListDeliveryStreamsRequest; +import com.amazonaws.services.kinesisfirehose.model.ListDeliveryStreamsResult; +import com.amazonaws.services.kinesisfirehose.model.ListTagsForDeliveryStreamRequest; +import com.amazonaws.services.kinesisfirehose.model.ListTagsForDeliveryStreamResult; +import com.amazonaws.services.kinesisfirehose.model.Tag; +import com.amazonaws.services.kinesisvideo.AmazonKinesisVideo; +import com.amazonaws.services.kinesisvideo.AmazonKinesisVideoClientBuilder; +import com.amazonaws.services.kinesisvideo.model.ListStreamsRequest; +import com.amazonaws.services.kinesisvideo.model.StreamInfo; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; +import com.tmobile.cso.pacman.inventory.vo.Attribute; +import com.tmobile.cso.pacman.inventory.vo.DataStreamVH; +import com.tmobile.cso.pacman.inventory.vo.DeliveryStreamVH; +import com.tmobile.cso.pacman.inventory.vo.VideoStreamVH; + +public class KinesisInventoryUtil { + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(KinesisInventoryUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + public static Map> fetchDataStreamInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> dataStream = new LinkedHashMap<>(); + AmazonKinesis amazonKinesis; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"datastream\"" ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + amazonKinesis = AmazonKinesisClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + ListStreamsResult listStreamsResult = amazonKinesis.listStreams(); + List streamNamesTemp = listStreamsResult.getStreamNames(); + List streamNames = new ArrayList<>(streamNamesTemp); + while (listStreamsResult.isHasMoreStreams() && !streamNamesTemp.isEmpty()) { + listStreamsResult = amazonKinesis.listStreams(streamNamesTemp.get(streamNamesTemp.size() - 1)); + streamNamesTemp = listStreamsResult.getStreamNames(); + streamNames.addAll(streamNamesTemp); + } + + List dataStreamList = new ArrayList<>(); + for(String streamName : streamNames) { + StreamDescription streamDescription = amazonKinesis.describeStream(new DescribeStreamRequest().withStreamName(streamName)).getStreamDescription(); + ListTagsForStreamResult listTagsForStreamResult = amazonKinesis.listTagsForStream(new ListTagsForStreamRequest().withStreamName(streamName)); + List tagsTemp = listTagsForStreamResult.getTags(); + List tags = new ArrayList<>(tagsTemp); + while (listTagsForStreamResult.isHasMoreTags() && !tagsTemp.isEmpty()) { + listTagsForStreamResult = amazonKinesis.listTagsForStream(new ListTagsForStreamRequest().withExclusiveStartTagKey(tagsTemp.get(tagsTemp.size() - 1).getKey())); + tagsTemp = listTagsForStreamResult.getTags(); + tags.addAll(tagsTemp); + } + dataStreamList.add(new DataStreamVH(streamDescription, tags)); + } + if( !dataStreamList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : datastream "+region.getName() + " >> "+dataStreamList.size()); + dataStream.put(accountId+delimiter+accountName+delimiter+region.getName(),dataStreamList); + } + } + } catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, region.getName(),"datastream",e.getMessage()); + } + } + return dataStream; + } + + public static Map> fetchDeliveryStreamInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> deliveryStream = new LinkedHashMap<>(); + AmazonKinesisFirehose amazonKinesisFirehose; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"deliverystream\"" ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + amazonKinesisFirehose = AmazonKinesisFirehoseClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + ListDeliveryStreamsResult listDeliveryStreamsResult = amazonKinesisFirehose.listDeliveryStreams(new ListDeliveryStreamsRequest().withLimit(100)); + List deliveryStreamNamesTemp = listDeliveryStreamsResult.getDeliveryStreamNames(); + List deliveryStreamNames = new ArrayList<>(deliveryStreamNamesTemp); + while (listDeliveryStreamsResult.isHasMoreDeliveryStreams() && !deliveryStreamNamesTemp.isEmpty()) { + listDeliveryStreamsResult = amazonKinesisFirehose.listDeliveryStreams(new ListDeliveryStreamsRequest().withExclusiveStartDeliveryStreamName(deliveryStreamNamesTemp.get(deliveryStreamNamesTemp.size() - 1)).withLimit(100)); + deliveryStreamNamesTemp = listDeliveryStreamsResult.getDeliveryStreamNames(); + deliveryStreamNames.addAll(deliveryStreamNamesTemp); + } + + List deliveryStreamList = new ArrayList<>(); + for(String deliveryStreamName : deliveryStreamNames) { + DeliveryStreamDescription deliveryStreamDescription = amazonKinesisFirehose.describeDeliveryStream(new DescribeDeliveryStreamRequest().withDeliveryStreamName(deliveryStreamName).withLimit(100)).getDeliveryStreamDescription(); + ListTagsForDeliveryStreamResult listTagsForDeliveryStreamResult = amazonKinesisFirehose.listTagsForDeliveryStream(new ListTagsForDeliveryStreamRequest().withDeliveryStreamName(deliveryStreamName)); + List tagsTemp = listTagsForDeliveryStreamResult.getTags(); + List tags = new ArrayList<>(tagsTemp); + while (listTagsForDeliveryStreamResult.isHasMoreTags() && !tagsTemp.isEmpty()) { + listTagsForDeliveryStreamResult = amazonKinesisFirehose.listTagsForDeliveryStream(new ListTagsForDeliveryStreamRequest().withExclusiveStartTagKey(tagsTemp.get(tagsTemp.size() - 1).getKey())); + tagsTemp = listTagsForDeliveryStreamResult.getTags(); + tags.addAll(tagsTemp); + } + if(deliveryStreamDescription.getDestinations().isEmpty()) { + deliveryStreamList.add(new DeliveryStreamVH(deliveryStreamDescription,null, tags)); + } else { + deliveryStreamList.add(new DeliveryStreamVH(deliveryStreamDescription,deliveryStreamDescription.getDestinations().get(0), tags)); + } + + } + if( !deliveryStreamList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : deliverystream "+region.getName() + " >> "+deliveryStreamList.size()); + deliveryStream.put(accountId+delimiter+accountName+delimiter+region.getName(),deliveryStreamList); + } + } + } catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, region.getName(),"deliverystream",e.getMessage()); + } + } + return deliveryStream; + } + + public static Map> fetchVideoStreamInfo(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> videoStream = new LinkedHashMap<>(); + AmazonKinesisVideo amazonKinesisVideo; + String expPrefix = InventoryConstants.ERROR_PREFIX_CODE+accountId + "\",\"Message\": \"Exception in fetching info for resource\" ,\"type\": \"videoStream\" " ; + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName()) && region.isServiceSupported(AmazonKinesisVideo.ENDPOINT_PREFIX)){ + amazonKinesisVideo = AmazonKinesisVideoClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + List videoStreamListTemp = new ArrayList<>(); + com.amazonaws.services.kinesisvideo.model.ListStreamsResult listStreamsResult; + String nextToken = null; + do{ + listStreamsResult = amazonKinesisVideo.listStreams(new ListStreamsRequest().withNextToken(nextToken)); + videoStreamListTemp.addAll(listStreamsResult.getStreamInfoList()); + nextToken = listStreamsResult.getNextToken(); + }while(nextToken!=null); + + List videoStreamList = new ArrayList<>(); + for(StreamInfo streamInfo : videoStreamListTemp) { + List tags = new ArrayList<>(); + for(Entry entry: amazonKinesisVideo.listTagsForStream(new com.amazonaws.services.kinesisvideo.model.ListTagsForStreamRequest() + .withStreamARN(streamInfo.getStreamARN())).getTags().entrySet()) { + tags.add(new Attribute(entry.getKey(), entry.getValue())); + } + videoStreamList.add(new VideoStreamVH(streamInfo,tags)); + } + + if( !videoStreamList.isEmpty() ) { + log.debug(InventoryConstants.ACCOUNT + accountId +" Type : VideoStream "+region.getName() + " >> "+videoStreamList.size()); + videoStream.put(accountId+delimiter+accountName+delimiter+region.getName(),videoStreamList); + } + } + } catch(Exception e){ + log.warn(expPrefix+ region.getName()+InventoryConstants.ERROR_CAUSE +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId, region.getName(),"videoStream",e.getMessage()); + + } + } + return videoStream; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtil.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtil.java index ef1762229..858bcf5cf 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtil.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtil.java @@ -1,95 +1,96 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.sns.AmazonSNSClient; -import com.amazonaws.services.sns.AmazonSNSClientBuilder; -import com.amazonaws.services.sns.model.ListSubscriptionsRequest; -import com.amazonaws.services.sns.model.ListSubscriptionsResult; -import com.amazonaws.services.sns.model.Subscription; -import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; -import com.tmobile.cso.pacman.inventory.file.FileGenerator; - -/** - * The Class SNSInventoryUtil. - */ -public class SNSInventoryUtil { - - /** - * Instantiates a new SNS inventory util. - */ - private SNSInventoryUtil() { - } - - /** The log. */ - private static Logger log = LogManager.getLogger(SNSInventoryUtil.class); - - /** The delimiter. */ - private static String delimiter = FileGenerator.DELIMITER; - - /** - * Fetch SNS topics. - * - * @param temporaryCredentials the temporary credentials - * @param skipRegions the skip regions - * @param account the account - * @return the map - */ - public static Map> fetchSNSTopics(BasicSessionCredentials temporaryCredentials, String skipRegions,String account) { - - Map> subscriptionMap = new LinkedHashMap<>(); - AmazonSNSClient snsClient ; - String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"account\": \""+account + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"snstopic\" , \"region\":\"" ; - - for(Region region : RegionUtils.getRegions()) { - try{ - if(!skipRegions.contains(region.getName())){ - List subscriptionList = new ArrayList<>(); - snsClient = (AmazonSNSClient) AmazonSNSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); - String nextToken = null; - ListSubscriptionsResult listSubscriptionDefinitionsResult; - do { - listSubscriptionDefinitionsResult = snsClient.listSubscriptions(new ListSubscriptionsRequest().withNextToken(nextToken)); - subscriptionList.addAll(listSubscriptionDefinitionsResult.getSubscriptions()); - nextToken = listSubscriptionDefinitionsResult.getNextToken(); - }while(nextToken!=null); - - if(!subscriptionList.isEmpty() ) { - log.debug("Account : " + account + " Type : SNS Topics "+ region.getName()+" >> " + subscriptionList.size()); - subscriptionMap.put(account+delimiter+region.getName(), subscriptionList); - } - } - - }catch(Exception e){ - log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); - ErrorManageUtil.uploadError(account,region.getName(),"snstopic",e.getMessage()); - } - } - return subscriptionMap; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.sns.AmazonSNSClient; +import com.amazonaws.services.sns.AmazonSNSClientBuilder; +import com.amazonaws.services.sns.model.ListTopicsRequest; +import com.amazonaws.services.sns.model.ListTopicsResult; +import com.amazonaws.services.sns.model.Topic; +import com.tmobile.cso.pacman.inventory.file.ErrorManageUtil; +import com.tmobile.cso.pacman.inventory.file.FileGenerator; + +/** + * The Class SNSInventoryUtil. + */ +public class SNSInventoryUtil { + + /** + * Instantiates a new SNS inventory util. + */ + private SNSInventoryUtil() { + } + + /** The log. */ + private static Logger log = LoggerFactory.getLogger(SNSInventoryUtil.class); + + /** The delimiter. */ + private static String delimiter = FileGenerator.DELIMITER; + + /** + * Fetch SNS topics. + * + * @param temporaryCredentials the temporary credentials + * @param skipRegions the skip regions + * @param accountId the accountId + * @return the map + */ + public static Map> fetchSNSTopics(BasicSessionCredentials temporaryCredentials, String skipRegions,String accountId,String accountName) { + + Map> topicMap = new LinkedHashMap<>(); + AmazonSNSClient snsClient ; + String expPrefix = "{\"errcode\": \"NO_RES_REG\" ,\"accountId\": \""+accountId + "\",\"Message\": \"Exception in fetching info for resource in specific region\" ,\"type\": \"snstopic\" , \"region\":\"" ; + + for(Region region : RegionUtils.getRegions()) { + try{ + if(!skipRegions.contains(region.getName())){ + List topiList = new ArrayList<>(); + snsClient = (AmazonSNSClient) AmazonSNSClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(temporaryCredentials)).withRegion(region.getName()).build(); + String nextToken = null; + ListTopicsResult listTopicResult; + do { + + listTopicResult = snsClient.listTopics(new ListTopicsRequest().withNextToken(nextToken)); + topiList.addAll(listTopicResult.getTopics()); + nextToken = listTopicResult.getNextToken(); + }while(nextToken!=null); + + if(!topiList.isEmpty() ) { + log.debug("Account : " + accountId + " Type : SNS Topics "+ region.getName()+" >> " + topiList.size()); + topicMap.put(accountId+delimiter+accountName+delimiter+region.getName(), topiList); + } + } + + }catch(Exception e){ + log.warn(expPrefix+ region.getName()+"\", \"cause\":\"" +e.getMessage()+"\"}"); + ErrorManageUtil.uploadError(accountId,region.getName(),"snstopic",e.getMessage()); + } + } + return topicMap; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/Util.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/Util.java index 48abfb75e..c4283338c 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/Util.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/util/Util.java @@ -1,41 +1,139 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import java.util.Base64; - -/** - * The Class Util. - */ -public class Util { - - /** - * Instantiates a new util. - */ - private Util() { - - } - - /** - * Base 64 decode. - * - * @param encodedStr the encoded str - * @return the string - */ - public static String base64Decode(String encodedStr) { - return new String(Base64.getDecoder().decode(encodedStr)); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import java.security.KeyManagementException; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.Base64; +import java.util.HashMap; +import java.util.Map; + +import org.apache.http.client.methods.CloseableHttpResponse; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.conn.ssl.NoopHostnameVerifier; +import org.apache.http.entity.ContentType; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.http.ssl.SSLContextBuilder; +import org.apache.http.ssl.TrustStrategy; +import org.apache.http.util.EntityUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The Class Util. + */ +public class Util { + + private static Logger log = LoggerFactory.getLogger(Util.class); + + /** + * Instantiates a new util. + */ + private Util() { + + } + + /** + * Base 64 decode. + * + * @param encodedStr the encoded str + * @return the string + */ + public static String base64Decode(String encodedStr) { + return new String(Base64.getDecoder().decode(encodedStr)); + } + + public static String base64Encode(String str) { + return Base64.getEncoder().encodeToString(str.getBytes()); + } + + public static Map getHeader(String base64Creds){ + Map authToken = new HashMap<>(); + authToken.put("Content-Type", ContentType.APPLICATION_JSON.toString()); + authToken.put("Authorization", "Basic "+base64Creds); + return authToken; + } + + public static String httpGetMethodWithHeaders(String url,Map headers) throws Exception { + String json = null; + + HttpGet get = new HttpGet(url); + CloseableHttpClient httpClient = null; + if (headers != null && !headers.isEmpty()) { + for (Map.Entry entry : headers.entrySet()) { + get.setHeader(entry.getKey(), entry.getValue().toString()); + } + } + try { + httpClient = getHttpClient(); + CloseableHttpResponse res = httpClient.execute(get); + if (res.getStatusLine().getStatusCode() == 200) { + json = EntityUtils.toString(res.getEntity()); + } + } finally { + if (httpClient != null) { + httpClient.close(); + } + } + return json; + } + + private static CloseableHttpClient getHttpClient() { + CloseableHttpClient httpClient = null; + try { + httpClient = HttpClientBuilder.create().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) + .setSSLContext(new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() { + @Override + public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { + return true; + } + }).build()).build(); + } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) { + log.error("Error in HttpUtil post ", e); + } + return httpClient; + } + + public static String httpPostMethodWithHeaders(String url,Map headers) throws Exception { + String json = null; + + HttpPost post = new HttpPost(url); + CloseableHttpClient httpClient = null; + if (headers != null && !headers.isEmpty()) { + for (Map.Entry entry : headers.entrySet()) { + post.setHeader(entry.getKey(), entry.getValue().toString()); + } + } + try { + httpClient = getHttpClient(); + CloseableHttpResponse res = httpClient.execute(post); + if (res.getStatusLine().getStatusCode() == 200) { + json = EntityUtils.toString(res.getEntity()); + } + } finally { + if (httpClient != null) { + httpClient.close(); + } + } + return json; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/AccessKeyMetadataVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/AccessKeyMetadataVH.java index f7b48d10b..4643ad900 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/AccessKeyMetadataVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/AccessKeyMetadataVH.java @@ -1,62 +1,62 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata; - -/** - * The Class AccessKeyMetadataVH. - */ -public class AccessKeyMetadataVH extends AccessKeyMetadata { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 5844918070449531830L; - - /** The last used date. */ - private java.util.Date lastUsedDate; - - /** - * Instantiates a new access key metadata VH. - * - * @param access the access - */ - public AccessKeyMetadataVH(AccessKeyMetadata access){ - this.setAccessKeyId(access.getAccessKeyId()); - this.setCreateDate(access.getCreateDate()); - this.setUserName(access.getUserName()); - this.setStatus(access.getStatus()); - } - - /** - * Gets the last used date. - * - * @return the last used date - */ - public java.util.Date getLastUsedDate() { - return lastUsedDate; - } - - /** - * Sets the last used date. - * - * @param lastUsedDate the new last used date - */ - public void setLastUsedDate(java.util.Date lastUsedDate) { - this.lastUsedDate = lastUsedDate; - } - - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata; + +/** + * The Class AccessKeyMetadataVH. + */ +public class AccessKeyMetadataVH extends AccessKeyMetadata { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 5844918070449531830L; + + /** The last used date. */ + private java.util.Date lastUsedDate; + + /** + * Instantiates a new access key metadata VH. + * + * @param access the access + */ + public AccessKeyMetadataVH(AccessKeyMetadata access){ + this.setAccessKeyId(access.getAccessKeyId()); + this.setCreateDate(access.getCreateDate()); + this.setUserName(access.getUserName()); + this.setStatus(access.getStatus()); + } + + /** + * Gets the last used date. + * + * @return the last used date + */ + public java.util.Date getLastUsedDate() { + return lastUsedDate; + } + + /** + * Sets the last used date. + * + * @param lastUsedDate the new last used date + */ + public void setLastUsedDate(java.util.Date lastUsedDate) { + this.lastUsedDate = lastUsedDate; + } + + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Attribute.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Attribute.java index fc803a5df..5a5176910 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Attribute.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Attribute.java @@ -1,59 +1,59 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - - -/** - * The Class Attribute. - */ -public class Attribute { - - /** The key. */ - private String key; - - /** The value. */ - private String value; - - /** - * Instantiates a new attribute. - * - * @param key the key - * @param value the value - */ - public Attribute(String key, String value){ - this.key= key; - this.value= value; - } - - /** - * Gets the key. - * - * @return the key - */ - public String getKey() { - return key; - } - - /** - * Gets the value. - * - * @return the value - */ - public String getValue() { - return value; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + + +/** + * The Class Attribute. + */ +public class Attribute { + + /** The key. */ + private String key; + + /** The value. */ + private String value; + + /** + * Instantiates a new attribute. + * + * @param key the key + * @param value the value + */ + public Attribute(String key, String value){ + this.key= key; + this.value= value; + } + + /** + * Gets the key. + * + * @return the key + */ + public String getKey() { + return key; + } + + /** + * Gets the value. + * + * @return the value + */ + public String getValue() { + return value; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/BucketVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/BucketVH.java index fdc34aa61..b1a2db79a 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/BucketVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/BucketVH.java @@ -1,60 +1,60 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.s3.model.Bucket; -import com.amazonaws.services.s3.model.BucketVersioningConfiguration; -import com.amazonaws.services.s3.model.Tag; - - -/** - * The Class BucketVH. - */ -public class BucketVH { - - /** The bucket. */ - Bucket bucket; - - /** The tags. */ - List tags ; - - /** The location. */ - String location; - - /** The version status. */ - String versionStatus; - - /** The mfa delete. */ - Boolean mfaDelete; - - /** - * Instantiates a new bucket VH. - * - * @param bucket the bucket - * @param location the location - * @param versionConfig the version config - * @param tags the tags - */ - public BucketVH(Bucket bucket,String location,BucketVersioningConfiguration versionConfig, List tags){ - this.bucket = bucket; - this.location = location; - this.versionStatus = versionConfig==null?"":versionConfig.getStatus(); - this.mfaDelete = versionConfig==null?null:versionConfig.isMfaDeleteEnabled(); - this.tags = tags; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.s3.model.Bucket; +import com.amazonaws.services.s3.model.BucketVersioningConfiguration; +import com.amazonaws.services.s3.model.Tag; + + +/** + * The Class BucketVH. + */ +public class BucketVH { + + /** The bucket. */ + Bucket bucket; + + /** The tags. */ + List tags ; + + /** The location. */ + String location; + + /** The version status. */ + String versionStatus; + + /** The mfa delete. */ + Boolean mfaDelete; + + /** + * Instantiates a new bucket VH. + * + * @param bucket the bucket + * @param location the location + * @param versionConfig the version config + * @param tags the tags + */ + public BucketVH(Bucket bucket,String location,BucketVersioningConfiguration versionConfig, List tags){ + this.bucket = bucket; + this.location = location; + this.versionStatus = versionConfig==null?"":versionConfig.getStatus(); + this.mfaDelete = versionConfig==null?null:versionConfig.isMfaDeleteEnabled(); + this.tags = tags; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CheckVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CheckVH.java index 5951c1a65..9c97bd0b7 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CheckVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CheckVH.java @@ -1,105 +1,105 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.support.model.TrustedAdvisorCheckDescription; - - -/** - * The Class CheckVH. - */ -public class CheckVH { - - /** The check. */ - private TrustedAdvisorCheckDescription check; - - /** The status. */ - private String status; - - /** The resources. */ - private List resources; - - /** - * Instantiates a new check VH. - * - * @param check the check - * @param status the status - */ - public CheckVH(TrustedAdvisorCheckDescription check,String status){ - this.check = check; - this.status = status; - } - - /** - * Gets the resources. - * - * @return the resources - */ - public List getResources() { - return resources; - } - - /** - * Sets the resources. - * - * @param resources the new resources - */ - public void setResources(List resources) { - this.resources = resources; - } - - /** - * Gets the check. - * - * @return the check - */ - public TrustedAdvisorCheckDescription getCheck() { - return check; - } - - /** - * Sets the check. - * - * @param check the new check - */ - public void setCheck(TrustedAdvisorCheckDescription check) { - this.check = check; - } - - /** - * Gets the status. - * - * @return the status - */ - public String getStatus() { - return status; - } - - /** - * Sets the status. - * - * @param status the new status - */ - public void setStatus(String status) { - this.status = status; - } - -} - - - +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.support.model.TrustedAdvisorCheckDescription; + + +/** + * The Class CheckVH. + */ +public class CheckVH { + + /** The check. */ + private TrustedAdvisorCheckDescription check; + + /** The status. */ + private String status; + + /** The resources. */ + private List resources; + + /** + * Instantiates a new check VH. + * + * @param check the check + * @param status the status + */ + public CheckVH(TrustedAdvisorCheckDescription check,String status){ + this.check = check; + this.status = status; + } + + /** + * Gets the resources. + * + * @return the resources + */ + public List getResources() { + return resources; + } + + /** + * Sets the resources. + * + * @param resources the new resources + */ + public void setResources(List resources) { + this.resources = resources; + } + + /** + * Gets the check. + * + * @return the check + */ + public TrustedAdvisorCheckDescription getCheck() { + return check; + } + + /** + * Sets the check. + * + * @param check the new check + */ + public void setCheck(TrustedAdvisorCheckDescription check) { + this.check = check; + } + + /** + * Gets the status. + * + * @return the status + */ + public String getStatus() { + return status; + } + + /** + * Sets the status. + * + * @param status the new status + */ + public void setStatus(String status) { + this.status = status; + } + +} + + + diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ClassicELBVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ClassicELBVH.java index e07da7536..0d9e40a74 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ClassicELBVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ClassicELBVH.java @@ -1,46 +1,46 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.elasticloadbalancing.model.LoadBalancerDescription; -import com.amazonaws.services.elasticloadbalancing.model.Tag; - - -/** - * The Class ClassicELBVH. - */ -public class ClassicELBVH { - - /** The elb. */ - LoadBalancerDescription elb; - - /** The tags. */ - List tags; - - /** - * Instantiates a new classic ELBVH. - * - * @param elb the elb - * @param tags the tags - */ - public ClassicELBVH(LoadBalancerDescription elb,List tags){ - this.elb = elb; - this.tags = tags; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.elasticloadbalancing.model.LoadBalancerDescription; +import com.amazonaws.services.elasticloadbalancing.model.Tag; + + +/** + * The Class ClassicELBVH. + */ +public class ClassicELBVH { + + /** The elb. */ + LoadBalancerDescription elb; + + /** The tags. */ + List tags; + + /** + * Instantiates a new classic ELBVH. + * + * @param elb the elb + * @param tags the tags + */ + public ClassicELBVH(LoadBalancerDescription elb,List tags){ + this.elb = elb; + this.tags = tags; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CloudFrontVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CloudFrontVH.java index 350664da0..7162b202f 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CloudFrontVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/CloudFrontVH.java @@ -1,70 +1,70 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.cloudfront.model.DistributionSummary; -import com.amazonaws.services.cloudfront.model.Tag; - - -/** - * The Class CloudFrontVH. - */ -public class CloudFrontVH { - - /** The dist summary. */ - DistributionSummary distSummary; - - /** The tags. */ - List tags; - - /** - * Gets the dist summary. - * - * @return the dist summary - */ - public DistributionSummary getDistSummary() { - return distSummary; - } - - /** - * Sets the dist summary. - * - * @param distSummary the new dist summary - */ - public void setDistSummary(DistributionSummary distSummary) { - this.distSummary = distSummary; - } - - /** - * Gets the tags. - * - * @return the tags - */ - public List getTags() { - return tags; - } - - /** - * Sets the tags. - * - * @param tags the new tags - */ - public void setTags(List tags) { - this.tags = tags; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.cloudfront.model.DistributionSummary; +import com.amazonaws.services.cloudfront.model.Tag; + + +/** + * The Class CloudFrontVH. + */ +public class CloudFrontVH { + + /** The dist summary. */ + DistributionSummary distSummary; + + /** The tags. */ + List tags; + + /** + * Gets the dist summary. + * + * @return the dist summary + */ + public DistributionSummary getDistSummary() { + return distSummary; + } + + /** + * Sets the dist summary. + * + * @param distSummary the new dist summary + */ + public void setDistSummary(DistributionSummary distSummary) { + this.distSummary = distSummary; + } + + /** + * Gets the tags. + * + * @return the tags + */ + public List getTags() { + return tags; + } + + /** + * Sets the tags. + * + * @param tags the new tags + */ + public void setTags(List tags) { + this.tags = tags; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBClusterVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBClusterVH.java index 103335aa7..e059612a1 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBClusterVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBClusterVH.java @@ -1,64 +1,64 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.rds.model.DBCluster; -import com.amazonaws.services.rds.model.Tag; - - -/** - * The Class DBClusterVH. - */ -public class DBClusterVH { - - /** The cluster. */ - private DBCluster cluster; - - /** The tags. */ - private List tags; - - /** - * Instantiates a new DB cluster VH. - * - * @param cluster the cluster - * @param tags the tags - */ - public DBClusterVH(DBCluster cluster, List tags){ - this.cluster = cluster; - this.tags = tags; - } - - /** - * Gets the cluster. - * - * @return the cluster - */ - public DBCluster getCluster() { - return cluster; - } - - /** - * Gets the tags. - * - * @return the tags - */ - public List getTags() { - return tags; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.rds.model.DBCluster; +import com.amazonaws.services.rds.model.Tag; + + +/** + * The Class DBClusterVH. + */ +public class DBClusterVH { + + /** The cluster. */ + private DBCluster cluster; + + /** The tags. */ + private List tags; + + /** + * Instantiates a new DB cluster VH. + * + * @param cluster the cluster + * @param tags the tags + */ + public DBClusterVH(DBCluster cluster, List tags){ + this.cluster = cluster; + this.tags = tags; + } + + /** + * Gets the cluster. + * + * @return the cluster + */ + public DBCluster getCluster() { + return cluster; + } + + /** + * Gets the tags. + * + * @return the tags + */ + public List getTags() { + return tags; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBInstanceVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBInstanceVH.java index 0f7180ee9..a95eb032a 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBInstanceVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DBInstanceVH.java @@ -1,82 +1,105 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.rds.model.DBInstance; -import com.amazonaws.services.rds.model.Tag; - - -/** - * The Class DBInstanceVH. - */ -public class DBInstanceVH { - - /** The dbinst. */ - private DBInstance dbinst; - - /** The tags. */ - private List tags; - - /** - * Instantiates a new DB instance VH. - * - * @param dbinstance the dbinstance - * @param tags the tags - */ - public DBInstanceVH(DBInstance dbinstance, List tags){ - this.setDbinst(dbinstance); - this.setTags(tags); - } - - /** - * Gets the dbinst. - * - * @return the dbinst - */ - public DBInstance getDbinst() { - return dbinst; - } - - /** - * Sets the dbinst. - * - * @param dbinst the new dbinst - */ - public void setDbinst(DBInstance dbinst) { - this.dbinst = dbinst; - } - - /** - * Gets the tags. - * - * @return the tags - */ - public List getTags() { - return tags; - } - - /** - * Sets the tags. - * - * @param tags the new tags - */ - public void setTags(List tags) { - this.tags = tags; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.rds.model.DBInstance; +import com.amazonaws.services.rds.model.Tag; + + +/** + * The Class DBInstanceVH. + */ +public class DBInstanceVH { + + /** The dbinst. */ + private DBInstance dbinst; + + /** The tags. */ + private List tags; + + /** Subnets associated with the instance */ + private String subnets; + + private String securityGroups; + + public String getSecurityGroups() { + return securityGroups; + } + + public void setSecurityGroups(String securityGroups) { + this.securityGroups = securityGroups; + } + + public String getSubnets() { + return subnets; + } + + public void setSubnets(String subnets) { + this.subnets = subnets; + } + + /** + * Instantiates a new DB instance VH. + * + * @param dbinstance the dbinstance + * @param tags the tags + */ + public DBInstanceVH(DBInstance dbinstance, List tags,String subnets,String securityGroups){ + this.setDbinst(dbinstance); + this.setTags(tags); + this.subnets =subnets; + this.securityGroups = securityGroups; + } + + /** + * Gets the dbinst. + * + * @return the dbinst + */ + public DBInstance getDbinst() { + return dbinst; + } + + /** + * Sets the dbinst. + * + * @param dbinst the new dbinst + */ + public void setDbinst(DBInstance dbinst) { + this.dbinst = dbinst; + } + + /** + * Gets the tags. + * + * @return the tags + */ + public List getTags() { + return tags; + } + + /** + * Sets the tags. + * + * @param tags the new tags + */ + public void setTags(List tags) { + this.tags = tags; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DataStreamVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DataStreamVH.java new file mode 100644 index 000000000..f8dda2ad9 --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DataStreamVH.java @@ -0,0 +1,35 @@ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.kinesis.model.StreamDescription; +import com.amazonaws.services.kinesis.model.Tag; + +public class DataStreamVH { + + private StreamDescription streamDescription; + + private List tags; + + public DataStreamVH(StreamDescription streamDescription, List tags) { + super(); + this.streamDescription = streamDescription; + this.tags = tags; + } + + public StreamDescription getStreamDescription() { + return streamDescription; + } + + public void setStreamDescription(StreamDescription streamDescription) { + this.streamDescription = streamDescription; + } + + public List getTags() { + return tags; + } + + public void setTags(List tags) { + this.tags = tags; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DeliveryStreamVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DeliveryStreamVH.java new file mode 100644 index 000000000..c257f60f5 --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DeliveryStreamVH.java @@ -0,0 +1,48 @@ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.kinesisfirehose.model.DeliveryStreamDescription; +import com.amazonaws.services.kinesisfirehose.model.DestinationDescription; +import com.amazonaws.services.kinesisfirehose.model.Tag; + +public class DeliveryStreamVH { + + private DeliveryStreamDescription deliveryStreamDescription; + + private DestinationDescription destinationDescription; + + private List tags; + + public DeliveryStreamVH(DeliveryStreamDescription deliveryStreamDescription, + DestinationDescription destinationDescription,List tags) { + super(); + this.deliveryStreamDescription = deliveryStreamDescription; + this.destinationDescription = destinationDescription; + this.tags = tags; + } + + public DeliveryStreamDescription getDeliveryStreamDescription() { + return deliveryStreamDescription; + } + + public void setDeliveryStreamDescription(DeliveryStreamDescription deliveryStreamDescription) { + this.deliveryStreamDescription = deliveryStreamDescription; + } + + public DestinationDescription getDestinationDescription() { + return destinationDescription; + } + + public void setDestinationDescription(DestinationDescription destinationDescription) { + this.destinationDescription = destinationDescription; + } + + public List getTags() { + return tags; + } + + public void setTags(List tags) { + this.tags = tags; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DynamoVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DynamoVH.java index e7ca8e32b..e1232c4ba 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DynamoVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/DynamoVH.java @@ -1,46 +1,46 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.dynamodbv2.model.TableDescription; -import com.amazonaws.services.dynamodbv2.model.Tag; - - -/** - * The Class DynamoVH. - */ -public class DynamoVH { - - /** The table. */ - TableDescription table; - - /** The tags. */ - List tags; - - /** - * Instantiates a new dynamo VH. - * - * @param table the table - * @param tags the tags - */ - public DynamoVH(TableDescription table, List tags){ - this.table = table; - this.tags = tags; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.dynamodbv2.model.TableDescription; +import com.amazonaws.services.dynamodbv2.model.Tag; + + +/** + * The Class DynamoVH. + */ +public class DynamoVH { + + /** The table. */ + TableDescription table; + + /** The tags. */ + List tags; + + /** + * Instantiates a new dynamo VH. + * + * @param table the table + * @param tags the tags + */ + public DynamoVH(TableDescription table, List tags){ + this.table = table; + this.tags = tags; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EbsVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EbsVH.java index 13aaebe42..755842508 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EbsVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EbsVH.java @@ -1,91 +1,91 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import com.amazonaws.services.elasticbeanstalk.model.ApplicationDescription; -import com.amazonaws.services.elasticbeanstalk.model.EnvironmentDescription; -import com.amazonaws.services.elasticbeanstalk.model.EnvironmentResourceDescription; - - -/** - * The Class EbsVH. - */ -public class EbsVH { - - /** The app. */ - ApplicationDescription app; - - /** The env. */ - EnvironmentDescription env; - - /** The env resource. */ - EnvironmentResourceDescription envResource; - - /** - * Gets the app. - * - * @return the app - */ - public ApplicationDescription getApp() { - return app; - } - - /** - * Sets the app. - * - * @param app the new app - */ - public void setApp(ApplicationDescription app) { - this.app = app; - } - - /** - * Gets the env. - * - * @return the env - */ - public EnvironmentDescription getEnv() { - return env; - } - - /** - * Sets the env. - * - * @param env the new env - */ - public void setEnv(EnvironmentDescription env) { - this.env = env; - } - - /** - * Gets the env resource. - * - * @return the env resource - */ - public EnvironmentResourceDescription getEnvResource() { - return envResource; - } - - /** - * Sets the env resource. - * - * @param envResource the new env resource - */ - public void setEnvResource(EnvironmentResourceDescription envResource) { - this.envResource = envResource; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import com.amazonaws.services.elasticbeanstalk.model.ApplicationDescription; +import com.amazonaws.services.elasticbeanstalk.model.EnvironmentDescription; +import com.amazonaws.services.elasticbeanstalk.model.EnvironmentResourceDescription; + + +/** + * The Class EbsVH. + */ +public class EbsVH { + + /** The app. */ + ApplicationDescription app; + + /** The env. */ + EnvironmentDescription env; + + /** The env resource. */ + EnvironmentResourceDescription envResource; + + /** + * Gets the app. + * + * @return the app + */ + public ApplicationDescription getApp() { + return app; + } + + /** + * Sets the app. + * + * @param app the new app + */ + public void setApp(ApplicationDescription app) { + this.app = app; + } + + /** + * Gets the env. + * + * @return the env + */ + public EnvironmentDescription getEnv() { + return env; + } + + /** + * Sets the env. + * + * @param env the new env + */ + public void setEnv(EnvironmentDescription env) { + this.env = env; + } + + /** + * Gets the env resource. + * + * @return the env resource + */ + public EnvironmentResourceDescription getEnvResource() { + return envResource; + } + + /** + * Sets the env resource. + * + * @param envResource the new env resource + */ + public void setEnvResource(EnvironmentResourceDescription envResource) { + this.envResource = envResource; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EfsVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EfsVH.java index cfd7de601..19918c2e8 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EfsVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/EfsVH.java @@ -1,46 +1,46 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.elasticfilesystem.model.FileSystemDescription; -import com.amazonaws.services.elasticfilesystem.model.Tag; - - -/** - * The Class EfsVH. - */ -public class EfsVH { - - /** The efs. */ - FileSystemDescription efs; - - /** The tags. */ - List tags; - - /** - * Instantiates a new efs VH. - * - * @param efs the efs - * @param tags the tags - */ - public EfsVH(FileSystemDescription efs, List tags){ - this.efs = efs; - this.tags = tags; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.elasticfilesystem.model.FileSystemDescription; +import com.amazonaws.services.elasticfilesystem.model.Tag; + + +/** + * The Class EfsVH. + */ +public class EfsVH { + + /** The efs. */ + FileSystemDescription efs; + + /** The tags. */ + List tags; + + /** + * Instantiates a new efs VH. + * + * @param efs the efs + * @param tags the tags + */ + public EfsVH(FileSystemDescription efs, List tags){ + this.efs = efs; + this.tags = tags; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElastiCacheNodeVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElastiCacheNodeVH.java new file mode 100644 index 000000000..d7ae1a02e --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElastiCacheNodeVH.java @@ -0,0 +1,42 @@ +package com.tmobile.cso.pacman.inventory.vo; + +import com.amazonaws.services.elasticache.model.CacheNode; + +public class ElastiCacheNodeVH { + + /** The node. */ + CacheNode node; + + /** The tags. */ + String tags; + + + String nodeName ; + + public String getNodeName() { + return nodeName; + } + + public void setNodeName(String nodeName) { + this.nodeName = nodeName; + } + + public CacheNode getNode() { + return node; + } + + public void setNode(CacheNode node) { + this.node = node; + } + + + + public String getTags() { + return tags; + } + + public void setTags(String tags) { + this.tags = tags; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElastiCacheVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElastiCacheVH.java index 4fa046c10..d9a4b36e1 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElastiCacheVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElastiCacheVH.java @@ -1,238 +1,282 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.elasticache.model.CacheCluster; -import com.amazonaws.services.elasticache.model.Tag; - - -/** - * The Class ElastiCacheVH. - */ -public class ElastiCacheVH { - - /** The cluster. */ - CacheCluster cluster; - - /** The tags. */ - List tags; - - /** The cluster name. */ - String clusterName; - - /** The arn. */ - String arn; - - /** The no of nodes. */ - int noOfNodes; - - /** The primary or config endpoint. */ - String primaryOrConfigEndpoint; - - /** The availability zones. */ - String availabilityZones; - - /** The description. */ - String description ; - - /** The security groups. */ - String securityGroups; - - /** The parameter group. */ - String parameterGroup; - - /** - * Gets the arn. - * - * @return the arn - */ - public String getArn() { - return arn; - } - - /** - * Sets the arn. - * - * @param arn the new arn - */ - public void setArn(String arn) { - this.arn = arn; - } - - /** - * Gets the parameter group. - * - * @return the parameter group - */ - public String getParameterGroup() { - return parameterGroup; - } - - /** - * Sets the parameter group. - * - * @param parameterGroup the new parameter group - */ - public void setParameterGroup(String parameterGroup) { - this.parameterGroup = parameterGroup; - } - - /** - * Gets the security groups. - * - * @return the security groups - */ - public String getSecurityGroups() { - return securityGroups; - } - - /** - * Sets the security groups. - * - * @param securityGroups the new security groups - */ - public void setSecurityGroups(String securityGroups) { - this.securityGroups = securityGroups; - } - - /** - * Gets the description. - * - * @return the description - */ - public String getDescription() { - return description; - } - - /** - * Sets the description. - * - * @param description the new description - */ - public void setDescription(String description) { - this.description = description; - } - - /** - * Gets the cluster. - * - * @return the cluster - */ - public CacheCluster getCluster() { - return cluster; - } - - /** - * Sets the cluster. - * - * @param cluster the new cluster - */ - public void setCluster(CacheCluster cluster) { - this.cluster = cluster; - } - - /** - * Gets the cluster name. - * - * @return the cluster name - */ - public String getClusterName() { - return clusterName; - } - - /** - * Sets the cluster name. - * - * @param clusterName the new cluster name - */ - public void setClusterName(String clusterName) { - this.clusterName = clusterName; - } - - /** - * Gets the no of nodes. - * - * @return the no of nodes - */ - public int getNoOfNodes() { - return noOfNodes; - } - - /** - * Sets the no of nodes. - * - * @param noOfNodes the new no of nodes - */ - public void setNoOfNodes(int noOfNodes) { - this.noOfNodes = noOfNodes; - } - - /** - * Gets the primary or config endpoint. - * - * @return the primary or config endpoint - */ - public String getPrimaryOrConfigEndpoint() { - return primaryOrConfigEndpoint; - } - - /** - * Sets the primary or config endpoint. - * - * @param primaryOrConfigEndpoint the new primary or config endpoint - */ - public void setPrimaryOrConfigEndpoint(String primaryOrConfigEndpoint) { - this.primaryOrConfigEndpoint = primaryOrConfigEndpoint; - } - - /** - * Gets the availability zones. - * - * @return the availability zones - */ - public String getAvailabilityZones() { - return availabilityZones; - } - - /** - * Sets the availability zones. - * - * @param availabilityZones the new availability zones - */ - public void setAvailabilityZones(String availabilityZones) { - this.availabilityZones = availabilityZones; - } - - /** - * Gets the tags. - * - * @return the tags - */ - public List getTags() { - return tags; - } - - /** - * Sets the tags. - * - * @param tags the new tags - */ - public void setTags(List tags) { - this.tags = tags; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.elasticache.model.CacheCluster; +import com.amazonaws.services.elasticache.model.Tag; + + +/** + * The Class ElastiCacheVH. + */ +public class ElastiCacheVH { + + /** The cluster. */ + CacheCluster cluster; + + /** The tags. */ + List tags; + + /** The cluster name. */ + String clusterName; + + /** The arn. */ + String arn; + + /** The no of nodes. */ + int noOfNodes; + + /** The primary or config endpoint. */ + String primaryOrConfigEndpoint; + + /** The availability zones. */ + String availabilityZones; + + /** The description. */ + String description ; + + /** The security groups. */ + String securityGroups; + + /** The parameter group. */ + String parameterGroup; + + /** Subenets associated with the Cache Subnet Group **/ + + List subnets; + /** vpc associaged with the cache subnet Group **/ + + String vpc ; + + List nodes; + + List nodeNames; + + /** + * Gets the arn. + * + * @return the arn + */ + public String getArn() { + return arn; + } + + /** + * Sets the arn. + * + * @param arn the new arn + */ + public void setArn(String arn) { + this.arn = arn; + } + + /** + * Gets the parameter group. + * + * @return the parameter group + */ + public String getParameterGroup() { + return parameterGroup; + } + + /** + * Sets the parameter group. + * + * @param parameterGroup the new parameter group + */ + public void setParameterGroup(String parameterGroup) { + this.parameterGroup = parameterGroup; + } + + /** + * Gets the security groups. + * + * @return the security groups + */ + public String getSecurityGroups() { + return securityGroups; + } + + /** + * Sets the security groups. + * + * @param securityGroups the new security groups + */ + public void setSecurityGroups(String securityGroups) { + this.securityGroups = securityGroups; + } + + /** + * Gets the description. + * + * @return the description + */ + public String getDescription() { + return description; + } + + /** + * Sets the description. + * + * @param description the new description + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * Gets the cluster. + * + * @return the cluster + */ + public CacheCluster getCluster() { + return cluster; + } + + /** + * Sets the cluster. + * + * @param cluster the new cluster + */ + public void setCluster(CacheCluster cluster) { + this.cluster = cluster; + } + + /** + * Gets the cluster name. + * + * @return the cluster name + */ + public String getClusterName() { + return clusterName; + } + + /** + * Sets the cluster name. + * + * @param clusterName the new cluster name + */ + public void setClusterName(String clusterName) { + this.clusterName = clusterName; + } + + /** + * Gets the no of nodes. + * + * @return the no of nodes + */ + public int getNoOfNodes() { + return noOfNodes; + } + + /** + * Sets the no of nodes. + * + * @param noOfNodes the new no of nodes + */ + public void setNoOfNodes(int noOfNodes) { + this.noOfNodes = noOfNodes; + } + + /** + * Gets the primary or config endpoint. + * + * @return the primary or config endpoint + */ + public String getPrimaryOrConfigEndpoint() { + return primaryOrConfigEndpoint; + } + + /** + * Sets the primary or config endpoint. + * + * @param primaryOrConfigEndpoint the new primary or config endpoint + */ + public void setPrimaryOrConfigEndpoint(String primaryOrConfigEndpoint) { + this.primaryOrConfigEndpoint = primaryOrConfigEndpoint; + } + + /** + * Gets the availability zones. + * + * @return the availability zones + */ + public String getAvailabilityZones() { + return availabilityZones; + } + + /** + * Sets the availability zones. + * + * @param availabilityZones the new availability zones + */ + public void setAvailabilityZones(String availabilityZones) { + this.availabilityZones = availabilityZones; + } + + /** + * Gets the tags. + * + * @return the tags + */ + public List getTags() { + return tags; + } + + /** + * Sets the tags. + * + * @param tags the new tags + */ + public void setTags(List tags) { + this.tags = tags; + } + + public List getSubnets() { + return subnets; + } + + public void setSubnets(List subnets) { + this.subnets = subnets; + } + + public String getVpc() { + return vpc; + } + + public void setVpc(String vpc) { + this.vpc = vpc; + } + + public List getNodes() { + return nodes; + } + + public void setNodes(List nodes) { + this.nodes = nodes; + } + + public List getNodeNames() { + return nodeNames; + } + + public void setNodeNames(List nodeNames) { + this.nodeNames = nodeNames; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElasticsearchDomainVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElasticsearchDomainVH.java index cc4566e3a..cbe3182eb 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElasticsearchDomainVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ElasticsearchDomainVH.java @@ -1,71 +1,71 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.elasticsearch.model.ElasticsearchDomainStatus; -import com.amazonaws.services.elasticsearch.model.Tag; - - -/** - * The Class ElasticsearchDomainVH. - */ -public class ElasticsearchDomainVH { - - /** The domain. */ - private ElasticsearchDomainStatus domain; - - /** The tags. */ - private List tags; - - /** - * Gets the elasticsearch domain status. - * - * @return the elasticsearch domain status - */ - public ElasticsearchDomainStatus getElasticsearchDomainStatus() { - return domain; - } - - /** - * Sets the elasticsearch domain status. - * - * @param domain the new elasticsearch domain status - */ - public void setElasticsearchDomainStatus( - ElasticsearchDomainStatus domain) { - this.domain = domain; - } - - /** - * Gets the tags. - * - * @return the tags - */ - public List getTags() { - return tags; - } - - /** - * Sets the tags. - * - * @param tags the new tags - */ - public void setTags(List tags) { - this.tags = tags; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.elasticsearch.model.ElasticsearchDomainStatus; +import com.amazonaws.services.elasticsearch.model.Tag; + + +/** + * The Class ElasticsearchDomainVH. + */ +public class ElasticsearchDomainVH { + + /** The domain. */ + private ElasticsearchDomainStatus domain; + + /** The tags. */ + private List tags; + + /** + * Gets the elasticsearch domain status. + * + * @return the elasticsearch domain status + */ + public ElasticsearchDomainStatus getElasticsearchDomainStatus() { + return domain; + } + + /** + * Sets the elasticsearch domain status. + * + * @param domain the new elasticsearch domain status + */ + public void setElasticsearchDomainStatus( + ElasticsearchDomainStatus domain) { + this.domain = domain; + } + + /** + * Gets the tags. + * + * @return the tags + */ + public List getTags() { + return tags; + } + + /** + * Sets the tags. + * + * @param tags the new tags + */ + public void setTags(List tags) { + this.tags = tags; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ErrorVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ErrorVH.java index b1db39a0a..1643ebaa5 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ErrorVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/ErrorVH.java @@ -1,95 +1,95 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - - -/** - * The Class ErrorVH. - */ -public class ErrorVH { - - /** The type. */ - private String type; - - /** The region. */ - private String region; - - /** The exception. */ - private String exception; - - /** - * Gets the type. - * - * @return the type - */ - public String getType() { - return type; - } - - /** - * Sets the type. - * - * @param type the new type - */ - public void setType(String type) { - this.type = type; - } - - /** - * Gets the region. - * - * @return the region - */ - public String getRegion() { - return region; - } - - /** - * Sets the region. - * - * @param region the new region - */ - public void setRegion(String region) { - this.region = region; - } - - /** - * Gets the exception. - * - * @return the exception - */ - public String getException() { - return exception; - } - - /** - * Sets the exception. - * - * @param exception the new exception - */ - public void setException(String exception) { - this.exception = exception; - } - - /* (non-Javadoc) - * @see java.lang.Object#toString() - */ - @Override - public String toString() { - return "ErrorVH [type=" + type + ", region=" + region + ", exception=" - + exception + "]"; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + + +/** + * The Class ErrorVH. + */ +public class ErrorVH { + + /** The type. */ + private String type; + + /** The region. */ + private String region; + + /** The exception. */ + private String exception; + + /** + * Gets the type. + * + * @return the type + */ + public String getType() { + return type; + } + + /** + * Sets the type. + * + * @param type the new type + */ + public void setType(String type) { + this.type = type; + } + + /** + * Gets the region. + * + * @return the region + */ + public String getRegion() { + return region; + } + + /** + * Sets the region. + * + * @param region the new region + */ + public void setRegion(String region) { + this.region = region; + } + + /** + * Gets the exception. + * + * @return the exception + */ + public String getException() { + return exception; + } + + /** + * Sets the exception. + * + * @param exception the new exception + */ + public void setException(String exception) { + this.exception = exception; + } + + /* (non-Javadoc) + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + return "ErrorVH [type=" + type + ", region=" + region + ", exception=" + + exception + "]"; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/KMSKeyVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/KMSKeyVH.java index ce0237f8e..b9643edf7 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/KMSKeyVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/KMSKeyVH.java @@ -1,123 +1,123 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.kms.model.AliasListEntry; -import com.amazonaws.services.kms.model.KeyMetadata; -import com.amazonaws.services.kms.model.Tag; - - -/** - * The Class KMSKeyVH. - */ -public class KMSKeyVH { - - /** The key. */ - KeyMetadata key; - - /** The tags. */ - List tags; - - /** The rotation status. */ - boolean rotationStatus; - - /** The alias. */ - AliasListEntry alias; - - /** - * Gets the key. - * - * @return the key - */ - public KeyMetadata getKey() { - return key; - } - - /** - * Sets the key. - * - * @param key the new key - */ - public void setKey(KeyMetadata key) { - this.key = key; - } - - /** - * Gets the tags. - * - * @return the tags - */ - public List getTags() { - return tags; - } - - /** - * Sets the tags. - * - * @param tags the new tags - */ - public void setTags(List tags) { - this.tags = tags; - } - - /** - * Checks if is rotation status. - * - * @return true, if is rotation status - */ - public boolean isRotationStatus() { - return rotationStatus; - } - - /** - * Sets the rotation status. - * - * @param rotationStatus the new rotation status - */ - public void setRotationStatus(boolean rotationStatus) { - this.rotationStatus = rotationStatus; - } - - /** - * Gets the alias. - * - * @return the alias - */ - public AliasListEntry getAlias() { - return alias; - } - - /** - * Sets the alias. - * - * @param alias the new alias - */ - public void setAlias(AliasListEntry alias) { - this.alias = alias; - } - - /* (non-Javadoc) - * @see java.lang.Object#toString() - */ - @Override - public String toString() { - return "KMSKey [key=" + key + ", tags=" + tags + ", rotationStatus=" - + rotationStatus + ", alias=" + alias + "]"; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.kms.model.AliasListEntry; +import com.amazonaws.services.kms.model.KeyMetadata; +import com.amazonaws.services.kms.model.Tag; + + +/** + * The Class KMSKeyVH. + */ +public class KMSKeyVH { + + /** The key. */ + KeyMetadata key; + + /** The tags. */ + List tags; + + /** The rotation status. */ + boolean rotationStatus; + + /** The alias. */ + AliasListEntry alias; + + /** + * Gets the key. + * + * @return the key + */ + public KeyMetadata getKey() { + return key; + } + + /** + * Sets the key. + * + * @param key the new key + */ + public void setKey(KeyMetadata key) { + this.key = key; + } + + /** + * Gets the tags. + * + * @return the tags + */ + public List getTags() { + return tags; + } + + /** + * Sets the tags. + * + * @param tags the new tags + */ + public void setTags(List tags) { + this.tags = tags; + } + + /** + * Checks if is rotation status. + * + * @return true, if is rotation status + */ + public boolean isRotationStatus() { + return rotationStatus; + } + + /** + * Sets the rotation status. + * + * @param rotationStatus the new rotation status + */ + public void setRotationStatus(boolean rotationStatus) { + this.rotationStatus = rotationStatus; + } + + /** + * Gets the alias. + * + * @return the alias + */ + public AliasListEntry getAlias() { + return alias; + } + + /** + * Sets the alias. + * + * @param alias the new alias + */ + public void setAlias(AliasListEntry alias) { + this.alias = alias; + } + + /* (non-Javadoc) + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + return "KMSKey [key=" + key + ", tags=" + tags + ", rotationStatus=" + + rotationStatus + ", alias=" + alias + "]"; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LambdaVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LambdaVH.java index 252067b6b..072d397df 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LambdaVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LambdaVH.java @@ -1,58 +1,58 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; - -import com.amazonaws.services.lambda.model.FunctionConfiguration; -import com.amazonaws.services.workspaces.model.Tag; - - - -/** - * The Class LambdaVH. - */ -public class LambdaVH { - - /** The lambda. */ - private FunctionConfiguration lambda; - - /** The tags. */ - private List tags; - - /** - * Instantiates a new lambda VH. - * - * @param lambda the lambda - * @param tagsList the tags list - */ - public LambdaVH(FunctionConfiguration lambda,Map tagsList){ - this.lambda = lambda; - this.tags = new ArrayList<>(); - Iterator> it = tagsList.entrySet().iterator(); - while(it.hasNext()){ - Entry entry = it.next(); - Tag tag = new Tag(); - tag.setKey(entry.getKey()); - tag.setValue(entry.getValue()); - tags.add(tag); - } - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import com.amazonaws.services.lambda.model.FunctionConfiguration; +import com.amazonaws.services.workspaces.model.Tag; + + + +/** + * The Class LambdaVH. + */ +public class LambdaVH { + + /** The lambda. */ + private FunctionConfiguration lambda; + + /** The tags. */ + private List tags; + + /** + * Instantiates a new lambda VH. + * + * @param lambda the lambda + * @param tagsList the tags list + */ + public LambdaVH(FunctionConfiguration lambda,Map tagsList){ + this.lambda = lambda; + this.tags = new ArrayList<>(); + Iterator> it = tagsList.entrySet().iterator(); + while(it.hasNext()){ + Entry entry = it.next(); + Tag tag = new Tag(); + tag.setKey(entry.getKey()); + tag.setValue(entry.getValue()); + tags.add(tag); + } + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LoadBalancerVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LoadBalancerVH.java index b39743083..552d4c253 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LoadBalancerVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/LoadBalancerVH.java @@ -1,81 +1,91 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.ArrayList; -import java.util.List; - -import com.amazonaws.services.elasticloadbalancing.model.Instance; -import com.amazonaws.services.elasticloadbalancingv2.model.LoadBalancer; -import com.amazonaws.services.elasticloadbalancingv2.model.Tag; - - -/** - * The Class LoadBalancerVH. - */ -public class LoadBalancerVH { - - /** The availability zones. */ - private List availabilityZones; - - /** The lb. */ - private LoadBalancer lb; - - /** The instances. */ - private List instances; - - /** The tags. */ - private List tags; - - /** - * Instantiates a new load balancer VH. - * - * @param elb the elb - */ - public LoadBalancerVH(LoadBalancer elb){ - lb = elb; - availabilityZones = new ArrayList<>(); - this.instances = new ArrayList<>(); - if(lb.getAvailabilityZones()!=null) - lb.getAvailabilityZones().forEach(e->availabilityZones.add(e.getZoneName())); - } - - /** - * Instantiates a new load balancer VH. - * - * @param elb the elb - * @param tags the tags - */ - public LoadBalancerVH(LoadBalancer elb,List tags){ - lb = elb; - this.tags = tags; - availabilityZones = new ArrayList<>(); - this.instances = new ArrayList<>(); - if(lb.getAvailabilityZones()!=null) - lb.getAvailabilityZones().forEach(e->availabilityZones.add(e.getZoneName())); - } - - /** - * Sets the instances. - * - * @param instances the new instances - */ - public void setInstances( List instances){ - this.instances = instances; - } - -} - +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.ArrayList; +import java.util.List; + +import com.amazonaws.services.elasticloadbalancing.model.Instance; +import com.amazonaws.services.elasticloadbalancingv2.model.LoadBalancer; +import com.amazonaws.services.elasticloadbalancingv2.model.Tag; + + +/** + * The Class LoadBalancerVH. + */ +public class LoadBalancerVH { + + /** The availability zones. */ + private List availabilityZones; + + /** The lb. */ + private LoadBalancer lb; + + /** The instances. */ + private List instances; + + /** The tags. */ + private List tags; + + /** The availability zones. */ + private List subnets; + + + /** + * Instantiates a new load balancer VH. + * + * @param elb the elb + */ + public LoadBalancerVH(LoadBalancer elb){ + lb = elb; + availabilityZones = new ArrayList<>(); + this.instances = new ArrayList<>(); + if(lb.getAvailabilityZones()!=null){ + lb.getAvailabilityZones().forEach(e-> { availabilityZones.add(e.getZoneName()); + subnets.add(e.getSubnetId());}); + } + } + + /** + * Instantiates a new load balancer VH. + * + * @param elb the elb + * @param tags the tags + */ + public LoadBalancerVH(LoadBalancer elb,List tags){ + lb = elb; + this.tags = tags; + availabilityZones = new ArrayList<>(); + subnets = new ArrayList<>(); + this.instances = new ArrayList<>(); + if(lb.getAvailabilityZones()!=null){ + lb.getAvailabilityZones().forEach(e-> { availabilityZones.add(e.getZoneName()); + subnets.add(e.getSubnetId());}); + } + + } + + /** + * Sets the instances. + * + * @param instances the new instances + */ + public void setInstances( List instances){ + this.instances = instances; + } + +} + diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/PhdVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/PhdVH.java index a7b75e6a2..13b990a68 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/PhdVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/PhdVH.java @@ -1,70 +1,70 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.health.model.AffectedEntity; -import com.amazonaws.services.health.model.EventDetails; - - -/** - * The Class PhdVH. - */ -public class PhdVH { - - /** The event details. */ - EventDetails eventDetails ; - - /** The affected entities. */ - List affectedEntities; - - /** - * Gets the event details. - * - * @return the event details - */ - public EventDetails getEventDetails() { - return eventDetails; - } - - /** - * Sets the event details. - * - * @param eventDetails the new event details - */ - public void setEventDetails(EventDetails eventDetails) { - this.eventDetails = eventDetails; - } - - /** - * Gets the affected entities. - * - * @return the affected entities - */ - public List getAffectedEntities() { - return affectedEntities; - } - - /** - * Sets the affected entities. - * - * @param affectedEntities the new affected entities - */ - public void setAffectedEntities(List affectedEntities) { - this.affectedEntities = affectedEntities; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.health.model.AffectedEntity; +import com.amazonaws.services.health.model.EventDetails; + + +/** + * The Class PhdVH. + */ +public class PhdVH { + + /** The event details. */ + EventDetails eventDetails ; + + /** The affected entities. */ + List affectedEntities; + + /** + * Gets the event details. + * + * @return the event details + */ + public EventDetails getEventDetails() { + return eventDetails; + } + + /** + * Sets the event details. + * + * @param eventDetails the new event details + */ + public void setEventDetails(EventDetails eventDetails) { + this.eventDetails = eventDetails; + } + + /** + * Gets the affected entities. + * + * @return the affected entities + */ + public List getAffectedEntities() { + return affectedEntities; + } + + /** + * Sets the affected entities. + * + * @param affectedEntities the new affected entities + */ + public void setAffectedEntities(List affectedEntities) { + this.affectedEntities = affectedEntities; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/RedshiftVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/RedshiftVH.java new file mode 100644 index 000000000..9752d0b55 --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/RedshiftVH.java @@ -0,0 +1,32 @@ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.redshift.model.Cluster; + +public class RedshiftVH { + + Cluster cluster; + List subnets; + + public RedshiftVH(Cluster cluster){ + this.cluster = cluster; + } + + public Cluster getCluster() { + return cluster; + } + + public void setCluster(Cluster cluster) { + this.cluster = cluster; + } + + public List getSubnets() { + return subnets; + } + + public void setSubnets(List subnets) { + this.subnets = subnets; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Resource.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Resource.java index 0deccd9d1..42b906be6 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Resource.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/Resource.java @@ -1,51 +1,51 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - - -/** - * The Class Resource. - */ -public class Resource { - - /** The check id. */ - String checkId; - - /** The id. */ - String id; - - /** The status. */ - String status; - - /** The data. */ - String data; - - /** - * Instantiates a new resource. - * - * @param checkId the check id - * @param id the id - * @param status the status - * @param data the data - */ - public Resource(String checkId, String id,String status,String data){ - this.checkId = checkId; - this.id = id; - this.status = status; - this.data = data; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + + +/** + * The Class Resource. + */ +public class Resource { + + /** The check id. */ + String checkId; + + /** The id. */ + String id; + + /** The status. */ + String status; + + /** The data. */ + String data; + + /** + * Instantiates a new resource. + * + * @param checkId the check id + * @param id the id + * @param status the status + * @param data the data + */ + public Resource(String checkId, String id,String status,String data){ + this.checkId = checkId; + this.id = id; + this.status = status; + this.data = data; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SGRuleVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SGRuleVH.java index 5d779e805..7616a23e1 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SGRuleVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SGRuleVH.java @@ -1,192 +1,192 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - - -/** - * The Class SGRuleVH. - */ -public class SGRuleVH { - - /** The group id. */ - private String groupId; - - /** The from port. */ - private String fromPort; - - /** The to port. */ - private String toPort; - - /** The ip protocol. */ - private String ipProtocol; - - /** The cidr ipv 6. */ - private String cidrIpv6; - - /** The cidr ip. */ - private String cidrIp; - - /** The type. */ - private String type; - - /** - * Instantiates a new SG rule VH. - * - * @param groupId the group id - * @param type the type - * @param fromPort the from port - * @param toPort the to port - * @param cidrIpv6 the cidr ipv 6 - * @param cidrIp the cidr ip - * @param ipProtocol the ip protocol - */ - public SGRuleVH(String groupId,String type,String fromPort,String toPort,String cidrIpv6,String cidrIp,String ipProtocol){ - this.groupId = groupId; - this.fromPort= fromPort; - this.toPort = toPort; - this.ipProtocol = ipProtocol; - this.cidrIp = cidrIp; - this.cidrIpv6 = cidrIpv6; - this.setType(type); - } - - /** - * Gets the group id. - * - * @return the group id - */ - public String getGroupId() { - return groupId; - } - - /** - * Sets the group id. - * - * @param groupId the new group id - */ - public void setGroupId(String groupId) { - this.groupId = groupId; - } - - /** - * Gets the from port. - * - * @return the from port - */ - public String getFromPort() { - return fromPort; - } - - /** - * Sets the from port. - * - * @param fromPort the new from port - */ - public void setFromPort(String fromPort) { - this.fromPort = fromPort; - } - - /** - * Gets the to port. - * - * @return the to port - */ - public String getToPort() { - return toPort; - } - - /** - * Sets the to port. - * - * @param toPort the new to port - */ - public void setToPort(String toPort) { - this.toPort = toPort; - } - - /** - * Gets the ip protocol. - * - * @return the ip protocol - */ - public String getIpProtocol() { - return ipProtocol; - } - - /** - * Sets the ip protocol. - * - * @param ipProtocol the new ip protocol - */ - public void setIpProtocol(String ipProtocol) { - this.ipProtocol = ipProtocol; - } - - /** - * Gets the cidr ipv 6. - * - * @return the cidr ipv 6 - */ - public String getCidrIpv6() { - return cidrIpv6; - } - - /** - * Sets the cidr ipv 6. - * - * @param cidrIpv6 the new cidr ipv 6 - */ - public void setCidrIpv6(String cidrIpv6) { - this.cidrIpv6 = cidrIpv6; - } - - /** - * Gets the cidr ip. - * - * @return the cidr ip - */ - public String getCidrIp() { - return cidrIp; - } - - /** - * Sets the cidr ip. - * - * @param cidrIp the new cidr ip - */ - public void setCidrIp(String cidrIp) { - this.cidrIp = cidrIp; - } - - /** - * Gets the type. - * - * @return the type - */ - public String getType() { - return type; - } - - /** - * Sets the type. - * - * @param type the new type - */ - public void setType(String type) { - this.type = type; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + + +/** + * The Class SGRuleVH. + */ +public class SGRuleVH { + + /** The group id. */ + private String groupId; + + /** The from port. */ + private String fromPort; + + /** The to port. */ + private String toPort; + + /** The ip protocol. */ + private String ipProtocol; + + /** The cidr ipv 6. */ + private String cidrIpv6; + + /** The cidr ip. */ + private String cidrIp; + + /** The type. */ + private String type; + + /** + * Instantiates a new SG rule VH. + * + * @param groupId the group id + * @param type the type + * @param fromPort the from port + * @param toPort the to port + * @param cidrIpv6 the cidr ipv 6 + * @param cidrIp the cidr ip + * @param ipProtocol the ip protocol + */ + public SGRuleVH(String groupId,String type,String fromPort,String toPort,String cidrIpv6,String cidrIp,String ipProtocol){ + this.groupId = groupId; + this.fromPort= fromPort; + this.toPort = toPort; + this.ipProtocol = ipProtocol; + this.cidrIp = cidrIp; + this.cidrIpv6 = cidrIpv6; + this.setType(type); + } + + /** + * Gets the group id. + * + * @return the group id + */ + public String getGroupId() { + return groupId; + } + + /** + * Sets the group id. + * + * @param groupId the new group id + */ + public void setGroupId(String groupId) { + this.groupId = groupId; + } + + /** + * Gets the from port. + * + * @return the from port + */ + public String getFromPort() { + return fromPort; + } + + /** + * Sets the from port. + * + * @param fromPort the new from port + */ + public void setFromPort(String fromPort) { + this.fromPort = fromPort; + } + + /** + * Gets the to port. + * + * @return the to port + */ + public String getToPort() { + return toPort; + } + + /** + * Sets the to port. + * + * @param toPort the new to port + */ + public void setToPort(String toPort) { + this.toPort = toPort; + } + + /** + * Gets the ip protocol. + * + * @return the ip protocol + */ + public String getIpProtocol() { + return ipProtocol; + } + + /** + * Sets the ip protocol. + * + * @param ipProtocol the new ip protocol + */ + public void setIpProtocol(String ipProtocol) { + this.ipProtocol = ipProtocol; + } + + /** + * Gets the cidr ipv 6. + * + * @return the cidr ipv 6 + */ + public String getCidrIpv6() { + return cidrIpv6; + } + + /** + * Sets the cidr ipv 6. + * + * @param cidrIpv6 the new cidr ipv 6 + */ + public void setCidrIpv6(String cidrIpv6) { + this.cidrIpv6 = cidrIpv6; + } + + /** + * Gets the cidr ip. + * + * @return the cidr ip + */ + public String getCidrIp() { + return cidrIp; + } + + /** + * Sets the cidr ip. + * + * @param cidrIp the new cidr ip + */ + public void setCidrIp(String cidrIp) { + this.cidrIp = cidrIp; + } + + /** + * Gets the type. + * + * @return the type + */ + public String getType() { + return type; + } + + /** + * Sets the type. + * + * @param type the new type + */ + public void setType(String type) { + this.type = type; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SQS.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SQS.java new file mode 100644 index 000000000..39b7c4798 --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SQS.java @@ -0,0 +1,172 @@ +package com.tmobile.cso.pacman.inventory.vo; + +public class SQS { + + private String QueueArn; + private String Policy; + private String ApproximateNumberOfMessagesDelayed; + private String ReceiveMessageWaitTimeSeconds; + private String CreatedTimestamp; + private String DelaySeconds; + private String MessageRetentionPeriod; + private String MaximumMessageSize; + private String VisibilityTimeout; + private String ApproximateNumberOfMessages; + private String ApproximateNumberOfMessagesNotVisible; + private String LastModifiedTimestamp; + private String KmsMasterKeyId; + private String KmsDataKeyReusePeriodSeconds; + private String FifoQueue ; + private String ContentBasedDeduplication ; + private String RedrivePolicy ; + + public String getQueueArn() { + return QueueArn; + } + + public void setQueueArn(String queueArn) { + QueueArn = queueArn; + } + + public String getPolicy() { + return Policy; + } + + public void setPolicy(String policy) { + Policy = policy; + } + + public String getApproximateNumberOfMessagesDelayed() { + return ApproximateNumberOfMessagesDelayed; + } + + public void setApproximateNumberOfMessagesDelayed(String approximateNumberOfMessagesDelayed) { + ApproximateNumberOfMessagesDelayed = approximateNumberOfMessagesDelayed; + } + + public String getReceiveMessageWaitTimeSeconds() { + return ReceiveMessageWaitTimeSeconds; + } + + public void setReceiveMessageWaitTimeSeconds(String receiveMessageWaitTimeSeconds) { + ReceiveMessageWaitTimeSeconds = receiveMessageWaitTimeSeconds; + } + + public String getCreatedTimestamp() { + return CreatedTimestamp; + } + + public void setCreatedTimestamp(String createdTimestamp) { + CreatedTimestamp = createdTimestamp; + } + + public String getDelaySeconds() { + return DelaySeconds; + } + + public void setDelaySeconds(String delaySeconds) { + DelaySeconds = delaySeconds; + } + + public String getMessageRetentionPeriod() { + return MessageRetentionPeriod; + } + + public void setMessageRetentionPeriod(String messageRetentionPeriod) { + MessageRetentionPeriod = messageRetentionPeriod; + } + + public String getMaximumMessageSize() { + return MaximumMessageSize; + } + + public void setMaximumMessageSize(String maximumMessageSize) { + MaximumMessageSize = maximumMessageSize; + } + + public String getVisibilityTimeout() { + return VisibilityTimeout; + } + + public void setVisibilityTimeout(String visibilityTimeout) { + VisibilityTimeout = visibilityTimeout; + } + + public String getApproximateNumberOfMessages() { + return ApproximateNumberOfMessages; + } + + public void setApproximateNumberOfMessages(String approximateNumberOfMessages) { + ApproximateNumberOfMessages = approximateNumberOfMessages; + } + + public String getApproximateNumberOfMessagesNotVisible() { + return ApproximateNumberOfMessagesNotVisible; + } + + public void setApproximateNumberOfMessagesNotVisible(String approximateNumberOfMessagesNotVisible) { + ApproximateNumberOfMessagesNotVisible = approximateNumberOfMessagesNotVisible; + } + + public String getLastModifiedTimestamp() { + return LastModifiedTimestamp; + } + + public void setLastModifiedTimestamp(String lastModifiedTimestamp) { + LastModifiedTimestamp = lastModifiedTimestamp; + } + + public String getKmsMasterKeyId() { + return KmsMasterKeyId; + } + + public void setKmsMasterKeyId(String kmsMasterKeyId) { + KmsMasterKeyId = kmsMasterKeyId; + } + + public String getKmsDataKeyReusePeriodSeconds() { + return KmsDataKeyReusePeriodSeconds; + } + + public void setKmsDataKeyReusePeriodSeconds(String kmsDataKeyReusePeriodSeconds) { + KmsDataKeyReusePeriodSeconds = kmsDataKeyReusePeriodSeconds; + } + + public String getFifoQueue() { + return FifoQueue; + } + + public void setFifoQueue(String fifoQueue) { + FifoQueue = fifoQueue; + } + + public String getContentBasedDeduplication() { + return ContentBasedDeduplication; + } + + public void setContentBasedDeduplication(String contentBasedDeduplication) { + ContentBasedDeduplication = contentBasedDeduplication; + } + + public String getRedrivePolicy() { + return RedrivePolicy; + } + + public void setRedrivePolicy(String redrivePolicy) { + RedrivePolicy = redrivePolicy; + } + + @Override + public String toString() { + return "SQS [QueueArn=" + QueueArn + ", Policy=" + Policy + ", ApproximateNumberOfMessagesDelayed=" + + ApproximateNumberOfMessagesDelayed + ", ReceiveMessageWaitTimeSeconds=" + + ReceiveMessageWaitTimeSeconds + ", CreatedTimestamp=" + CreatedTimestamp + ", DelaySeconds=" + + DelaySeconds + ", MessageRetentionPeriod=" + MessageRetentionPeriod + ", MaximumMessageSize=" + + MaximumMessageSize + ", VisibilityTimeout=" + VisibilityTimeout + ", ApproximateNumberOfMessages=" + + ApproximateNumberOfMessages + ", ApproximateNumberOfMessagesNotVisible=" + + ApproximateNumberOfMessagesNotVisible + ", LastModifiedTimestamp=" + LastModifiedTimestamp + + ", KmsMasterKeyId=" + KmsMasterKeyId + ", KmsDataKeyReusePeriodSeconds=" + + KmsDataKeyReusePeriodSeconds + ", FifoQueue=" + FifoQueue + ", ContentBasedDeduplication=" + + ContentBasedDeduplication + ", RedrivePolicy=" + RedrivePolicy + "]"; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SQSVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SQSVH.java new file mode 100644 index 000000000..e2065c6e9 --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/SQSVH.java @@ -0,0 +1,48 @@ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +public class SQSVH { + + private String queueUrl; + + private SQS sqs; + + private List tags; + + public SQSVH(String queueUrl, SQS sqs, List tags) { + super(); + this.queueUrl = queueUrl; + this.sqs = sqs; + this.tags = tags; + } + + public String getQueueUrl() { + return queueUrl; + } + + public void setQueueUrl(String queueUrl) { + this.queueUrl = queueUrl; + } + + public SQS getSqsAttributes() { + return sqs; + } + + public void setSqsAttributes(SQS sqsAttributes) { + this.sqs = sqsAttributes; + } + + public List getTags() { + return tags; + } + + public void setTags(List tags) { + this.tags = tags; + } + + @Override + public String toString() { + return "SQSVH [queueUrl=" + queueUrl + ", sqs=" + sqs + ", tags=" + tags + "]"; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/TargetGroupVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/TargetGroupVH.java index 6e31e75e0..e572e64c4 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/TargetGroupVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/TargetGroupVH.java @@ -1,63 +1,63 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.elasticloadbalancingv2.model.TargetGroup; -import com.amazonaws.services.elasticloadbalancingv2.model.TargetHealthDescription; - - -/** - * The Class TargetGroupVH. - */ -public class TargetGroupVH { - - /** The trgt grp. */ - TargetGroup trgtGrp; - - /** The targets. */ - List targets; - - /** - * Instantiates a new target group VH. - * - * @param trgtGrp the trgt grp - * @param targets the targets - */ - public TargetGroupVH(TargetGroup trgtGrp, List targets){ - this.trgtGrp = trgtGrp; - this.targets = targets; - } - - /** - * Gets the trgt grp. - * - * @return the trgt grp - */ - public TargetGroup getTrgtGrp() { - return trgtGrp; - } - - /** - * Gets the targets. - * - * @return the targets - */ - public List getTargets() { - return targets; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.elasticloadbalancingv2.model.TargetGroup; +import com.amazonaws.services.elasticloadbalancingv2.model.TargetHealthDescription; + + +/** + * The Class TargetGroupVH. + */ +public class TargetGroupVH { + + /** The trgt grp. */ + TargetGroup trgtGrp; + + /** The targets. */ + List targets; + + /** + * Instantiates a new target group VH. + * + * @param trgtGrp the trgt grp + * @param targets the targets + */ + public TargetGroupVH(TargetGroup trgtGrp, List targets){ + this.trgtGrp = trgtGrp; + this.targets = targets; + } + + /** + * Gets the trgt grp. + * + * @return the trgt grp + */ + public TargetGroup getTrgtGrp() { + return trgtGrp; + } + + /** + * Gets the targets. + * + * @return the targets + */ + public List getTargets() { + return targets; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/UserVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/UserVH.java index 7e9f0fbb4..c426646b7 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/UserVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/UserVH.java @@ -1,145 +1,145 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.Date; -import java.util.List; - -import com.amazonaws.services.identitymanagement.model.User; - - -/** - * The Class UserVH. - */ -public class UserVH { - - /** The user. */ - private User user; - - /** The access keys. */ - private List accessKeys; - - /** The password creation date. */ - private Date passwordCreationDate; - - /** The password reset required. */ - private boolean passwordResetRequired; - - /** The groups. */ - private List groups; - - /** The mfa. */ - private boolean mfa; - - /** - * Checks if is mfa. - * - * @return true, if is mfa - */ - public boolean isMfa() { - return mfa; - } - - /** - * Sets the mfa. - * - * @param mfa the new mfa - */ - public void setMfa(boolean mfa) { - this.mfa = mfa; - } - - /** - * Instantiates a new user VH. - * - * @param usr the usr - */ - public UserVH(User usr){ - this.user = usr; - } - - /** - * Sets the access keys. - * - * @param accessKeys the new access keys - */ - public void setAccessKeys(List accessKeys) { - this.accessKeys = accessKeys; - } - - /** - * Sets the password creation date. - * - * @param passwordCreationDate the new password creation date - */ - public void setPasswordCreationDate(Date passwordCreationDate) { - this.passwordCreationDate = passwordCreationDate; - } - - /** - * Sets the password reset required. - * - * @param passwordResetRequired the new password reset required - */ - public void setPasswordResetRequired(boolean passwordResetRequired) { - this.passwordResetRequired = passwordResetRequired; - } - - /** - * Gets the groups. - * - * @return the groups - */ - public List getGroups() { - return groups; - } - - /** - * Sets the groups. - * - * @param groups the new groups - */ - public void setGroups(List groups) { - this.groups = groups; - } - - /** - * Gets the access keys. - * - * @return the access keys - */ - public List getAccessKeys() { - return accessKeys; - } - - /** - * Gets the password creation date. - * - * @return the password creation date - */ - public Date getPasswordCreationDate() { - return passwordCreationDate; - } - - /** - * Checks if is password reset required. - * - * @return true, if is password reset required - */ - public boolean isPasswordResetRequired() { - return passwordResetRequired; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.Date; +import java.util.List; + +import com.amazonaws.services.identitymanagement.model.User; + + +/** + * The Class UserVH. + */ +public class UserVH { + + /** The user. */ + private User user; + + /** The access keys. */ + private List accessKeys; + + /** The password creation date. */ + private Date passwordCreationDate; + + /** The password reset required. */ + private boolean passwordResetRequired; + + /** The groups. */ + private List groups; + + /** The mfa. */ + private boolean mfa; + + /** + * Checks if is mfa. + * + * @return true, if is mfa + */ + public boolean isMfa() { + return mfa; + } + + /** + * Sets the mfa. + * + * @param mfa the new mfa + */ + public void setMfa(boolean mfa) { + this.mfa = mfa; + } + + /** + * Instantiates a new user VH. + * + * @param usr the usr + */ + public UserVH(User usr){ + this.user = usr; + } + + /** + * Sets the access keys. + * + * @param accessKeys the new access keys + */ + public void setAccessKeys(List accessKeys) { + this.accessKeys = accessKeys; + } + + /** + * Sets the password creation date. + * + * @param passwordCreationDate the new password creation date + */ + public void setPasswordCreationDate(Date passwordCreationDate) { + this.passwordCreationDate = passwordCreationDate; + } + + /** + * Sets the password reset required. + * + * @param passwordResetRequired the new password reset required + */ + public void setPasswordResetRequired(boolean passwordResetRequired) { + this.passwordResetRequired = passwordResetRequired; + } + + /** + * Gets the groups. + * + * @return the groups + */ + public List getGroups() { + return groups; + } + + /** + * Sets the groups. + * + * @param groups the new groups + */ + public void setGroups(List groups) { + this.groups = groups; + } + + /** + * Gets the access keys. + * + * @return the access keys + */ + public List getAccessKeys() { + return accessKeys; + } + + /** + * Gets the password creation date. + * + * @return the password creation date + */ + public Date getPasswordCreationDate() { + return passwordCreationDate; + } + + /** + * Checks if is password reset required. + * + * @return true, if is password reset required + */ + public boolean isPasswordResetRequired() { + return passwordResetRequired; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VideoStreamVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VideoStreamVH.java new file mode 100644 index 000000000..39e8945fe --- /dev/null +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VideoStreamVH.java @@ -0,0 +1,34 @@ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.kinesisvideo.model.StreamInfo; + +public class VideoStreamVH { + + private StreamInfo streamInfo; + + private List tags; + + public VideoStreamVH(StreamInfo streamInfo, List tags) { + super(); + this.streamInfo = streamInfo; + this.tags = tags; + } + + public StreamInfo getStreamInfo() { + return streamInfo; + } + + public void setStreamInfo(StreamInfo streamInfo) { + this.streamInfo = streamInfo; + } + + public List getTags() { + return tags; + } + + public void setTags(List tags) { + this.tags = tags; + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcEndPointVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcEndPointVH.java index f62556e2d..caf4e0b42 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcEndPointVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcEndPointVH.java @@ -1,64 +1,64 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import com.amazonaws.services.ec2.model.VpcEndpoint; - - -/** - * The Class VpcEndPointVH. - */ -public class VpcEndPointVH extends VpcEndpoint{ - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = 4770485285110362692L; - - /** The public access. */ - private boolean publicAccess; - - /** - * Checks if is public access. - * - * @return true, if is public access - */ - public boolean isPublicAccess() { - return publicAccess; - } - - /** - * Sets the public access. - * - * @param publicAccess the new public access - */ - public void setPublicAccess(boolean publicAccess) { - this.publicAccess = publicAccess; - } - - /** - * Instantiates a new vpc end point VH. - * - * @param vpcEndpoint the vpc endpoint - */ - public VpcEndPointVH(VpcEndpoint vpcEndpoint) { - this.setCreationTimestamp(vpcEndpoint.getCreationTimestamp()); - this.setPolicyDocument(vpcEndpoint.getPolicyDocument()); - this.setRouteTableIds(vpcEndpoint.getRouteTableIds()); - this.setServiceName(vpcEndpoint.getServiceName()); - this.setState(vpcEndpoint.getState()); - this.setVpcEndpointId(vpcEndpoint.getVpcEndpointId()); - this.setVpcId(vpcEndpoint.getVpcId()); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import com.amazonaws.services.ec2.model.VpcEndpoint; + + +/** + * The Class VpcEndPointVH. + */ +public class VpcEndPointVH extends VpcEndpoint{ + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 4770485285110362692L; + + /** The public access. */ + private boolean publicAccess; + + /** + * Checks if is public access. + * + * @return true, if is public access + */ + public boolean isPublicAccess() { + return publicAccess; + } + + /** + * Sets the public access. + * + * @param publicAccess the new public access + */ + public void setPublicAccess(boolean publicAccess) { + this.publicAccess = publicAccess; + } + + /** + * Instantiates a new vpc end point VH. + * + * @param vpcEndpoint the vpc endpoint + */ + public VpcEndPointVH(VpcEndpoint vpcEndpoint) { + this.setCreationTimestamp(vpcEndpoint.getCreationTimestamp()); + this.setPolicyDocument(vpcEndpoint.getPolicyDocument()); + this.setRouteTableIds(vpcEndpoint.getRouteTableIds()); + this.setServiceName(vpcEndpoint.getServiceName()); + this.setState(vpcEndpoint.getState()); + this.setVpcEndpointId(vpcEndpoint.getVpcEndpointId()); + this.setVpcId(vpcEndpoint.getVpcId()); + } +} diff --git a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcVH.java b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcVH.java index 1ee65863d..6c5d5e909 100644 --- a/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcVH.java +++ b/jobs/pacman-cloud-discovery/src/main/java/com/tmobile/cso/pacman/inventory/vo/VpcVH.java @@ -1,70 +1,70 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.vo; - -import java.util.List; - -import com.amazonaws.services.ec2.model.Vpc; - - -/** - * The Class VpcVH. - */ -public class VpcVH { - - /** The vpc. */ - private Vpc vpc; - - /** The vpc end points. */ - private List vpcEndPoints; - - /** - * Gets the vpc. - * - * @return the vpc - */ - public Vpc getVpc() { - return vpc; - } - - /** - * Sets the vpc. - * - * @param vpc the new vpc - */ - public void setVpc(Vpc vpc) { - this.vpc = vpc; - } - - /** - * Gets the vpc end points. - * - * @return the vpc end points - */ - public List getVpcEndPoints() { - return vpcEndPoints; - } - - /** - * Sets the vpc end points. - * - * @param vpcEndPoints the new vpc end points - */ - public void setVpcEndPoints(List vpcEndPoints) { - this.vpcEndPoints = vpcEndPoints; - } - -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.vo; + +import java.util.List; + +import com.amazonaws.services.ec2.model.Vpc; + + +/** + * The Class VpcVH. + */ +public class VpcVH { + + /** The vpc. */ + private Vpc vpc; + + /** The vpc end points. */ + private List vpcEndPoints; + + /** + * Gets the vpc. + * + * @return the vpc + */ + public Vpc getVpc() { + return vpc; + } + + /** + * Sets the vpc. + * + * @param vpc the new vpc + */ + public void setVpc(Vpc vpc) { + this.vpc = vpc; + } + + /** + * Gets the vpc end points. + * + * @return the vpc end points + */ + public List getVpcEndPoints() { + return vpcEndPoints; + } + + /** + * Sets the vpc end points. + * + * @param vpcEndPoints the new vpc end points + */ + public void setVpcEndPoints(List vpcEndPoints) { + this.vpcEndPoints = vpcEndPoints; + } + +} diff --git a/jobs/pacman-cloud-discovery/src/main/resources/inventory-tables.sql b/jobs/pacman-cloud-discovery/src/main/resources/inventory-tables.sql deleted file mode 100644 index 92049666c..000000000 --- a/jobs/pacman-cloud-discovery/src/main/resources/inventory-tables.sql +++ /dev/null @@ -1,1940 +0,0 @@ - -create table if not exists pd_app_elb_instance ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - loadbalancername varchar(250) , - instanceid varchar(50) -) ; - - -create table if not exists pd_appelb ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - loadbalancerarn varchar(500) , - dnsname varchar(250) , - canonicalhostedzoneid varchar(250) , - createdtime timestamptz , - loadbalancername varchar(250) , - scheme varchar(100) , - vpcid varchar(50) , - availabilityzones varchar(50), - type varchar(20) -) ; - - -create table if not exists pd_asg ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - autoscalinggrouparn varchar(500) , - autoscalinggroupname varchar(250) , - availabilityzones varchar(250) , - createdtime timestamptz , - defaultcooldown int8 , - desiredcapacity int8 , - healthcheckgraceperiod int8 , - healthchecktype varchar(50) , - launchconfigurationname varchar(250) , - maxsize int8 , - minsize int8 , - newinstancesprotectedfromscalein varchar(5) , - placementgroup varchar(100) , - status varchar(100) , - suspendedprocesses varchar(1000) , - targetgrouparns varchar(1000) , - terminationpolicies varchar(500) , - vpczoneidentifier varchar(500) -) ; - - -create table if not exists pd_asg_elb ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - autoscalinggrouparn varchar(500) , - loadbalancernames varchar(100) -) ; - - -create table if not exists pd_asg_instances ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - autoscalinggrouparn varchar(500) , - instancesinstanceid varchar(50) -) ; - - -create table if not exists pd_asg_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - autoscalinggrouparn varchar(500) , - key varchar(250) , - value varchar(1000) -) ; - - -create table if not exists pd_checks ( - discoverydate timestamptz, - accountid varchar(50), - checkid varchar(100) , - checkcategory varchar(50) , - status varchar(50) , - checkname varchar(100) , - checkdescription varchar(max) -) ; - - - -create table if not exists pd_checks_resources ( - discoverydate timestamptz, - accountid varchar(50), - checkid varchar(100) , - id varchar(250) , - status varchar(50), - resourceinfo varchar(max) -) ; - - -create table if not exists pd_checks_resources_attributes ( - discoverydate timestamptz, - accountid varchar(50), - checkid varchar(100) , - resourceid varchar(250) , - key varchar(50) , - value varchar(500) -) ; - - -create table if not exists pd_classicelb ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - dnsname varchar(250) , - availabilityzones varchar(50) , - canonicalhostedzonename varchar(250) , - canonicalhostedzonenameid varchar(250) , - createdtime timestamptz , - loadbalancername varchar(250) , - scheme varchar(100) , - vpcid varchar(50) -) ; - - -create table if not exists pd_classicelb_instances ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - loadbalancername varchar(250) , - instanceid varchar(50) -) ; - - - -create table if not exists pd_cloudfrmnstack ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - stackid varchar(500) , - stackname varchar(250) , - changesetid varchar(500) , - creationtime timestamptz , - description varchar(4000) , - disablerollback varchar(5) , - lastupdatedtime timestamptz , - rolearn varchar(500) , - status varchar(50) , - statusreason varchar(1000) , - timeoutinminutes int8 -) ; - - -create table if not exists pd_cloudfrmnstack_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - stackid varchar(500) , - key varchar(50) , - value varchar(500) -) ; - - - -create table if not exists pd_dynamodb_tables ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - tablearn varchar(500) , - tablename varchar(250) , - creationdatetime timestamptz , - itemcount int8 , - lateststreamarn varchar(500) , - lateststreamlabel varchar(100) , - tablesizebytes int8 , - tablestatus varchar(50) , - readcapacityunits int8 , - writecapacityunits int8 , - streamenabled varchar(5) , - streamviewtype varchar(50) -) ; - -/*table structure for table pd_dynamodb_tables_tags */ - - - -create table if not exists pd_dynamodb_tables_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - tablearn varchar(500) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_efs */ - - - -create table if not exists pd_efs ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - filesystemid varchar(50) , - name varchar(100) , - creationtime timestamptz , - creationtoken varchar(50) , - lifecyclestate varchar(50) , - noofmounttargets int8 , - ownerid varchar(50) , - performancemode varchar(50) -) ; - -/*table structure for table pd_efs_tags */ - - -create table if not exists pd_efs_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - filesystemid varchar(50) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_emr */ - - - -create table if not exists pd_emr ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - id varchar(50) , - autoscalingrole varchar(50) , - autoterminate varchar(5) , - instancecollectiontype varchar(50) , - loguri varchar(500) , - masterpubdnsname varchar(100) , - name varchar(100) , - norminstancehours int8 , - releaselabel varchar(50) , - reqamiversion varchar(10) , - runningamiversion varchar(10) , - scaledownbehavior varchar(50) , - securityconfig varchar(50) , - servicerole varchar(50) , - terminationprotected varchar(5) , - visibletoallusers varchar(5) -) ; - -/*table structure for table pd_emr_tags */ - - - -create table if not exists pd_emr_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - id varchar(50) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_instance */ - - - -create table if not exists pd_instance ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - instanceid varchar(50) , - amilaunchindex int8 , - architecture varchar(100) , - clienttoken varchar(500) , - ebsoptimized varchar(5) , - enasupport varchar(5) , - hypervisor varchar(50) , - imageid varchar(500) , - instancelifecycle varchar(50) , - instancetype varchar(50) , - kernelid varchar(50) , - keyname varchar(500) , - launchtime timestamptz , - platform varchar(50) , - privatednsname varchar(1000) , - privateipaddress varchar(50) , - publicdnsname varchar(1000) , - publicipaddress varchar(100) , - ramdiskid varchar(100) , - rootdevicename varchar(100) , - rootdevicetype varchar(100) , - sourcedestcheck varchar(5) , - spotinstancerequestid varchar(100) , - sriovnetsupport varchar(500) , - statetransitionreason varchar(500) , - subnetid varchar(100) , - virtualizationtype varchar(100) , - vpcid varchar(100) , - iaminstanceprofilearn varchar(500) , - iaminstanceprofileid varchar(100) , - monitoringstate varchar(50) , - affinity varchar(50) , - availabilityzone varchar(500) , - groupname varchar(500) , - hostid varchar(100) , - tenancy varchar(100) , - statename varchar(50) , - statecode int8 , - statereasonmessage varchar(500) , - statereasoncode varchar(100) -) ; - -/*table structure for table pd_instance_blockdevices */ - - - -create table if not exists pd_instance_blockdevices ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - instanceid varchar(50) , - devicename varchar(100) , - volumeid varchar(50) , - attachtime timestamptz , - delontermination varchar(5) , - status varchar(50) -) ; - -/*table structure for table pd_instance_nwinterfaces */ - - - -create table if not exists pd_instance_nwinterfaces ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - instanceid varchar(50) , - networkinterfaceid varchar(50) , - networkinterfacedescription varchar(100) -) ; - -/*table structure for table pd_instance_productcodes */ - - - -create table if not exists pd_instance_productcodes ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - instanceid varchar(50) , - productcodeid varchar(50) , - productcodetype varchar(20) -) ; - -/*table structure for table pd_instance_secgroups */ - - - -create table if not exists pd_instance_secgroups ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - instanceid varchar(50) , - securitygroupid varchar(50) , - securitygroupname varchar(500) -) ; - -/*table structure for table pd_instance_tags */ - - - -create table if not exists pd_instance_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - instanceid varchar(50) , - key varchar(100) , - value varchar(1000) -) ; - -/*table structure for table pd_lamda */ - - - -create table if not exists pd_lamda ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - functionarn varchar(500) , - codesha256 varchar(500) , - codesize int8 , - description varchar(250) , - functionname varchar(250) , - handler varchar(250) , - kmskeyarn varchar(500) , - lastmodified varchar(50) , - memorysize int8 , - role varchar(500) , - runtime varchar(50) , - timeout int8 , - version varchar(20) , - vpcconfigid varchar(500) , - vpcconfigsubnetids varchar(500) , - vpcconfigsecuritygroupids varchar(500) -) ; - -/*table structure for table pd_natgateway */ - - - -create table if not exists pd_natgateway ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - natgatewayid varchar(50) , - vpcid varchar(50) , - subnetid varchar(50) , - state varchar(20) , - createtime timestamptz , - deletetime timestamptz , - failurecode varchar(20) , - failuremessage varchar(50) -) ; - -/*table structure for table pd_natgateway_addresses */ - - - -create table if not exists pd_natgateway_addresses ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - natgatewayid varchar(50) , - networkinterfaceid varchar(50) , - privateip varchar(20) , - publicip varchar(20) , - allocationid varchar(50) -) ; - -/*table structure for table pd_nwinterface */ - - - -create table if not exists pd_nwinterface ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - networkinterfaceid varchar(50) , - description varchar(1000) , - macaddress varchar(50) , - ownerid varchar(50) , - privatednsname varchar(250) , - privateipaddress varchar(20) , - sourcedestcheck varchar(5) , - status varchar(50) , - subnetid varchar(100) , - vpcid varchar(100) , - associationipownerid varchar(100) , - associationpubdnsname varchar(500) , - associationpubip varchar(50) , - attachmentid varchar(100) , - attachmentattachtime timestamptz , - attachmentdelontermination varchar(5) , - attachmentdeviceindex varchar(25) , - attachmentstatus varchar(50) -) ; - - -/*table structure for table pd_nwinterface_ipv */ - - - -create table if not exists pd_nwinterface_ipv ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - networkinterfaceid varchar(50) , - ipv6address varchar(50) -) ; - -/*table structure for table pd_nwinterface_privateipaddr */ - - - -create table if not exists pd_nwinterface_privateipaddr ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - networkinterfaceid varchar(50) , - privateipaddrprimary varchar(50) , - privatednsname varchar(250) , - privateipaddress varchar(20) , - associpownerid varchar(250) , - assocpubdnsname varchar(250) , - assocpublicip varchar(20) -) ; - -/*table structure for table pd_nwinterface_secgroups */ - - - -create table if not exists pd_nwinterface_secgroups ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - networkinterfaceid varchar(50) , - groupid varchar(20) , - groupname varchar(250) -) ; - -/*table structure for table pd_rdscluster */ - - - -create table if not exists pd_rdscluster ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - dbclusterarn varchar(500) , - allocatedstorage int8 , - availabilityzones varchar(50) , - backupretentionperiod int8 , - charactersetname varchar(100) , - clustercreatetime timestamptz , - databasename varchar(100) , - dbclusteridentifier varchar(100) , - dbclusterparametergroup varchar(100) , - dbclusterresourceid varchar(100) , - dbsubnetgroup varchar(500) , - earliestrestorabletime timestamptz , - endpoint varchar(500) , - engine varchar(100) , - engineversion varchar(20) , - hostedzoneid varchar(100) , - iamdatabaseauthenticationenabled varchar(5) , - kmskeyid varchar(500) , - latestrestorabletime timestamptz , - masterusername varchar(100) , - multiaz varchar(100) , - percentprogress varchar(20) , - port int8 , - preferredbackupwindow varchar(100) , - preferredmaintenancewindow varchar(100) , - readerendpoint varchar(250) , - readreplicaidentifiers varchar(500) , - replicationsourceidentifier varchar(500) , - status varchar(50) , - storageencrypted varchar(5) -) ; - -/*table structure for table pd_rdscluster_tags */ - - - -create table if not exists pd_rdscluster_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - dbclusterarn varchar(500) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_rdscluster_vpcsecgroup */ - - - -create table if not exists pd_rdscluster_vpcsecgroup ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - dbclusterarn varchar(500) , - vpcsecuritygroupid varchar(20) , - vpcsecuritygroupstatus varchar(50) -) ; - -/*table structure for table pd_rdsinstance */ - - - -create table if not exists pd_rdsinstance ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - dbclusterarn varchar(500) , - allocatedstorage int8 , - autominorversionupgrade varchar(5) , - availabilityzones varchar(50) , - backupretentionperiod int8 , - cacertificateidentifier varchar(50) , - charactersetname varchar(50) , - copytagstosnapshot varchar(5) , - dbclusteridentifier varchar(250) , - dbinstanceclass varchar(50) , - dbinstanceidentifier varchar(250) , - dbinstanceport int8 , - dbinstancestatus varchar(50) , - dbiresourceid varchar(50) , - dbname varchar(100) , - endpointaddress varchar(250) , - endpointport int8 , - endpointhostedzoneid varchar(20) , - engine varchar(50) , - engineversion varchar(20) , - enhancedmonitoringresourcearn varchar(500) , - iamdatabaseauthenticationenabled varchar(5) , - instancecreatetime timestamptz , - iops int8 , - kmskeyid varchar(250) , - latestrestorabletime timestamptz , - licensemodel varchar(50) , - masterusername varchar(50) , - monitoringinterval int8 , - monitoringrolearn varchar(500) , - multiaz varchar(5) , - preferredbackupwindow varchar(50) , - preferredmaintenancewindow varchar(50) , - promotiontier varchar(50) , - publiclyaccessible varchar(5) , - secondaryavailabilityzone varchar(50) , - storageencrypted varchar(5) , - storagetype varchar(50) , - tdecredentialarn varchar(500) , - timezone varchar(50) , - readreplicadbclusteridentifiers varchar(500) , - readreplicadbinstanceidentifiers varchar(500) , - readreplicasourcedbinstanceidentifier varchar(500) -) ; - -/*table structure for table pd_rdsinstance_tags */ - - - -create table if not exists pd_rdsinstance_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - dbclusterarn varchar(500) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_rdsinstance_vpcsecgroup */ - - - -create table if not exists pd_rdsinstance_vpcsecgroup ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - dbclusterarn varchar(500) , - vpcsecuritygroupid varchar(20) , - vpcsecuritygroupstatus varchar(50) -) ; - -/*table structure for table pd_redshfit_secgroup */ - - - -create table if not exists pd_redshfit_secgroup ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - clusteridentifier varchar(50) , - vpcsecuritygroupid varchar(20) , - vpcsecuritygroupstatus varchar(50) -) ; - -/*table structure for table pd_redshfit_tags */ - - - -create table if not exists pd_redshfit_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - clusteridentifier varchar(50) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_redshift */ - -create table if not exists pd_redshift ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - clusteridentifier varchar(50) , - allowversionupgrade varchar(5) , - automatedsnapshotretentionperiod int8 , - availabilityzone varchar(50) , - clustercreatetime timestamptz , - clusterpublickey varchar(1000) , - clusterrevisionnumber varchar(20) , - clusterstatus varchar(20) , - clustersubnetgroupname varchar(150) , - clusterversion varchar(50) , - dbname varchar(50) , - elasticipstatus varchar(500) , - encrypted varchar(5) , - endpointaddress varchar(500) , - endpointport int8 , - enhancedvpcrouting varchar(100) , - kmskeyid varchar(250) , - masterusername varchar(100) , - modifystatus varchar(50) , - nodetype varchar(50) , - numberofnodes int8 , - preferredmaintenancewindow varchar(50) , - publiclyaccessible varchar(5) , - vpcid varchar(50) -) ; -/*table structure for table pd_s3_tags */ - - - -create table if not exists pd_s3_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - name varchar(150) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_s3bucket */ - - - -create table if not exists pd_s3bucket ( - discoverydate timestamptz, - accountid varchar(50), - name varchar(150) , - creationdate timestamptz , - ownerdisplayname varchar(50) , - ownerid varchar(100) , - versionstatus varchar(20) , - mfadelete varchar(10) , - location varchar(50) -) ; - -/*table structure for table pd_secgroup */ - - - -create table if not exists pd_secgroup ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - groupid varchar(100) , - description varchar(500) , - groupname varchar(250) , - ownerid varchar(100) , - vpcid varchar(50) -) ; - -/*table structure for table pd_secgroup_tags */ - - - -create table if not exists pd_secgroup_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - groupid varchar(50) , - key varchar(100) , - value varchar(1000) -) ; - -/*table structure for table pd_snapshot */ - - - -create table if not exists pd_snapshot ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - snapshotid varchar(100) , - description varchar(500) , - volumeid varchar(50) , - volumesize varchar(20) , - encrypted varchar(5) , - dataencryptionkeyid varchar(250) , - kmskeyid varchar(250) , - owneralias varchar(50) , - ownerid varchar(100) , - progress varchar(20) , - starttime timestamptz , - state varchar(20) , - statemessage varchar(500) -) ; - -/*table structure for table pd_snapshot_tags */ - - - -create table if not exists pd_snapshot_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - snapshotid varchar(100) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_subnet */ - - - -create table if not exists pd_subnet ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - subnetid varchar(100) , - assignipv6addressoncreation varchar(5) , - availabilityzone varchar(150) , - availableipaddresscount varchar(20) , - cidrblock varchar(100) , - defaultforaz varchar(5) , - mappubliciponlaunch varchar(5) , - state varchar(50) , - vpcid varchar(50) -) ; - -/*table structure for table pd_subnet_tags */ - - - -create table if not exists pd_subnet_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - subnetid varchar(100) , - key varchar(500) , - value varchar(1000) -) ; - -/*table structure for table pd_targetgroup */ - - - -create table if not exists pd_targetgroup ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - targetgrouparn varchar(500) , - targetgroupname varchar(100) , - vpcid varchar(150) , - protocol varchar(20) , - port int8 , - healthythresholdcount int8 , - unhealthythresholdcount int8 , - healthcheckintervalseconds int8 , - healthchecktimeoutseconds int8 , - loadbalancerarns varchar(500) -) ; - -/*table structure for table pd_targetgroup_instances */ - - - -create table if not exists pd_targetgroup_instances ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - targetgrouparn varchar(150) , - targetgroupid varchar(50) -) ; - -/*table structure for table pd_volume */ - - - -create table if not exists pd_volume ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - volumeid varchar(150) , - volumetype varchar(50) , - availabilityzone varchar(100) , - createtime timestamptz , - encrypted varchar(5) , - iops int8 , - kmskeyid varchar(250) , - size varchar(20) , - snapshotid varchar(100) , - state varchar(20) -) ; - -/*table structure for table pd_volume_attachment */ - - -create table if not exists pd_volume_attachment ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - volumeid varchar(150) , - instanceid varchar(100) , - attachtime timestamptz , - deleteontermination varchar(5) , - device varchar(50) , - state varchar(20) -) ; - -/*table structure for table pd_volume_tags */ - - - -create table if not exists pd_volume_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - volumeid varchar(150) , - key varchar(50) , - value varchar(500) -) ; - -/*table structure for table pd_vpc */ - - - -create table if not exists pd_vpc -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpcid VARCHAR(150), - cidrblock VARCHAR(50), - dhcpoptionsid VARCHAR(50), - instanceTenancy VARCHAR(50), - isdefault VARCHAR(5), - state VARCHAR(20), - cidrblockset VARCHAR(50), - CidrBlockState VARCHAR(10), - cidrBlockStatusMessage VARCHAR(50), - cidrblockAssociationId VARCHAR(50) -) -; - -/*table structure for table pd_vpc_tags */ - - -create table if not exists pd_vpc_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - vpcid varchar(150) , - key varchar(50) , - value varchar(500) -) ; - - - - -create table if not exists pd_api ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - id varchar(50) , - name varchar(100) , - description varchar(500) , - createddate timestamptz, - version varchar(10) -) ; - -/** 8/28/2017 Changes **/ - - - -create table if not exists pd_iamuser ( - discoverydate timestamptz, - accountid varchar(50), - username varchar(100) , - userid varchar(100) , - arn varchar(500) , - createdate timestamptz, - path varchar(100), - passwordCreationDate timestamptz, - PasswordLastUsed timestamptz, - passwordResetRequired varchar(5), - mfaenabled varchar(5), - groups varchar(500) -) ; - - - -create table if not exists pd_iamuserkeys ( - discoverydate timestamptz, - accountid varchar(50), - username varchar(100) , - accesskey varchar(100) , - createdate timestamptz, - status varchar(20), - lastuseddate timestamptz -) ; - - - - -create table if not exists pd_iamrole ( - discoverydate timestamptz, - accountid varchar(50), - rolename varchar(100) , - roleid varchar(100) , - rolearn varchar(500) , - description varchar(500) , - path varchar(100), - createdate timestamptz, - assumedpolicydoc varchar(4000) -); - - - -create table if not exists pd_classicelb_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - loadbalancername varchar(250) , - key varchar(100) , - value varchar(1000) -) ; - - - -create table if not exists pd_appelb_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - loadbalancername varchar(250) , - key varchar(50) , - value varchar(500) -) ; - - - -create table if not exists pd_lambda_tags ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - functionarn varchar(500) , - key varchar(50) , - value varchar(500) -) ; - - - -create table if not exists pd_rdssnapshot ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - DBSnapshotIdentifier varchar(100), - DBSnapshotArn varchar(500), - DBInstanceIdentifier varchar(100), - Status varchar(50), - snapshotCreateTime timestamptz, - snapshotType varchar(100), - encrypted varchar(5), - engine varchar(100), - allocatedStorage varchar(100), - port varchar(10), - availabilityZone varchar(100), - vpcId varchar(100), - instanceCreateTime timestamptz, - masterUsername varchar(100), - engineVersion varchar(100), - licenseModel varchar(100), - iops varchar(100), - optionGroupName varchar(100), - percentProgress varchar(100), - sourceRegion varchar(15), - sourceDBSnapshotIdentifier varchar(100), - storageType varchar(100), - tdeCredentialArn varchar(500), - kmsKeyId varchar(100), - timezone varchar(50), - iAMDatabaseAuthenticationEnabled varchar(5) -) ; - - -create table if not exists pd_phd -( - discoverydate timestamptz, - accountid varchar(50), - eventarn VARCHAR(500), - eventservice VARCHAR(200), - eventTypeCode VARCHAR(200), - eventTypeCategory VARCHAR(50), - eventregion VARCHAR(50), - availabilityZone VARCHAR(200), - startTime timestamptz, - endTime timestamptz, - lastUpdatedTime timestamptz, - statusCode VARCHAR(20), - latestDescription VARCHAR(max), - eventMetadata VARCHAR(500) -); - -create table if not exists pd_phd_entities -( - discoverydate timestamptz, - accountid varchar(50), - eventArn VARCHAR(500), - entityArn VARCHAR(500), - awsAccountId VARCHAR(50), - entityValue VARCHAR(500), - lastUpdatedTime timestamptz, - statusCode VARCHAR(20), - tags VARCHAR(100) -); - -create table if not exists pd_kms -( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - keyid VARCHAR(100), - arn VARCHAR(500), - creationdate timestamptz, - awsaccountid VARCHAR(50), - description VARCHAR(5000), - keystate VARCHAR(50), - keyenabled VARCHAR(20), - keyusage VARCHAR(100), - deletiondate timestamptz, - validTo timestamptz, - rotationStatus VARCHAR(50), - aliasname VARCHAR(500), - aliasarn VARCHAR(500) -) -; - -create table if not exists pd_kms_tags -( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - keyid VARCHAR(100), - key VARCHAR(50), - value VARCHAR(500) -) -; - -create table if not exists pd_cloudfront -( - discoverydate timestamptz, - accountid varchar(50), - id VARCHAR(100), - arn VARCHAR(500), - status VARCHAR(200), - lastmodifiedtime timestamptz, - domainName VARCHAR(200), - enabled VARCHAR(20), - comment VARCHAR(5000), - priceclass VARCHAR(100), - webaclid VARCHAR(100), - httpversion VARCHAR(100), - ipv6enabled VARCHAR(20), - viewercertificateid VARCHAR(100), - viewercertificatearn VARCHAR(500), - viewercertificatedefaultcertificate VARCHAR(100), - viewercertificatesslsupportmethod VARCHAR(100), - viewercertificateminprotocolversion VARCHAR(100), - aliases VARCHAR(500) -) -; - -create table if not exists pd_cloudfront_tags -( - discoverydate timestamptz, - accountid varchar(50), - id VARCHAR(100), - key VARCHAR(50), - value VARCHAR(500) -) -; - -create table if not exists pd_beanstalk -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - applicationname VARCHAR(50), - description VARCHAR(1000), - datecreated timestamptz, - dateupdated timestamptz, - envname VARCHAR(100), - envid VARCHAR(50), - envversionlabel VARCHAR(100), - envsolutionstackname VARCHAR(500), - envplatformarn VARCHAR(500), - envtemplatename VARCHAR(50), - envdescription VARCHAR(500), - envendpointurl VARCHAR(500), - envcname VARCHAR(100), - envdatecreated timestamptz, - envdateupdated timestamptz, - envstatus VARCHAR(20), - envabortableoperationinprogress VARCHAR(100), - envhealth VARCHAR(100), - envhealthstatus VARCHAR(50) -) -; - -create table if not exists pd_beanstalk_instance -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - applicationname VARCHAR(50), - envid VARCHAR(50), - instanceid VARCHAR(50) -); - -create table if not exists pd_beanstalk_asg -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - applicationname VARCHAR(50), - envid VARCHAR(50), - asgname VARCHAR(200) -); - -create table if not exists pd_beanstalk_elb -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - applicationname VARCHAR(50), - envid VARCHAR(50), - loadbalancername VARCHAR(200) -); - -create table if not exists pd_classicelb_secgroups -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - loadbalancername VARCHAR(50), - securitygroupid varchar(500) -); - -create table if not exists pd_appelb_secgroups -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - loadbalancername VARCHAR(50), - securityGroupId varchar(500) -); - -create table if not exists pd_lambda_secgroups -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - functionarn VARCHAR(500), - securityGroupId varchar(500) -); - - -create table if not exists pd_routetable -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - routeTableId VARCHAR(50), - vpcId VARCHAR(50) -) -; - -create table if not exists pd_routetable_routes -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - routeTableId VARCHAR(50), - destinationcidrblock VARCHAR(1000), - destinationPrefixListId VARCHAR(50), - gatewayId VARCHAR(50), - instanceId VARCHAR(50), - instanceOwnerId VARCHAR(50), - networkInterfaceId VARCHAR(50), - vpcPeeringConnectionId VARCHAR(50), - natGatewayId VARCHAR(50), - state VARCHAR(50), - origin VARCHAR(50), - destinationIpv6CidrBlock VARCHAR(1000), - egressOnlyInternetGatewayId VARCHAR(50) -) -; - -create table if not exists pd_routetable_associations -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - routeTableId VARCHAR(50), - routeTableAssociationId VARCHAR(100), - subnetId VARCHAR(50), - main VARCHAR(10) -) -; - -create table if not exists pd_routetable_propagatingvgws -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - routeTableId VARCHAR(50), - gatewayId VARCHAR(50) -) -; - -create table if not exists pd_routetable_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - routeTableId VARCHAR(50), - key VARCHAR(50), - value VARCHAR(500) -) -; - -create table if not exists pd_networkacl -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - networkAclId VARCHAR(50), - vpcId VARCHAR(50), - isDefault VARCHAR(10) -) -; - -create table if not exists pd_networkacl_entries -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - networkAclId VARCHAR(50), - ruleNumber VARCHAR(50), - protocol VARCHAR(50), - ruleAction VARCHAR(50), - egress VARCHAR(50), - cidrBlock VARCHAR(50), - ipv6CidrBlock VARCHAR(100), - icmpType VARCHAR(50), - icmpTypeCode VARCHAR(50), - portRangeFrom VARCHAR(10), - portRangeTo VARCHAR(10) -) -; - -create table if not exists pd_networkacl_associations -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - networkAclId VARCHAR(50), - networkAclAssociationId VARCHAR(50), - subnetId VARCHAR(50) -) -; - -create table if not exists pd_networkacl_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - networkAclId VARCHAR(50), - key VARCHAR(50), - value VARCHAR(500) -) -; - -create table if not exists pd_elasticip -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - instanceId VARCHAR(50), - publicIp VARCHAR(20), - allocationId VARCHAR(50), - associationId VARCHAR(50), - domain VARCHAR(50), - networkInterfaceId VARCHAR(50), - networkInterfaceOwnerId VARCHAR(50), - privateIpAddress VARCHAR(20) -) -; - -create table if not exists pd_launchconfig -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - launchConfigurationName VARCHAR(250), - launchConfigurationARN VARCHAR(500), - imageId VARCHAR(100), - keyName VARCHAR(250), - classicLinkVPCId VARCHAR(100), - userData VARCHAR(max), - instanceType VARCHAR(100), - kernelId VARCHAR(100), - ramdiskId VARCHAR(100), - spotPrice VARCHAR(100), - iamInstanceProfile VARCHAR(500), - createdTime timestamptz, - ebsOptimized VARCHAR(100), - associatePublicIpAddress VARCHAR(100), - placementTenancy VARCHAR(250), - securityGroups VARCHAR(1000), - classicLinkVPCSecurityGroups VARCHAR(1000), - instanceMonitoringEnabled VARCHAR(10) -) -; - -create table if not exists pd_launchconfig_blockdevicemappings -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - launchConfigurationName VARCHAR(250), - virtualName VARCHAR(500), - deviceName VARCHAR(100), - ebsSnapshotId VARCHAR(250), - ebsVolumeSize VARCHAR(50), - ebsVolumeType VARCHAR(50), - ebsDeleteOnTermination VARCHAR(10), - ebsiops VARCHAR(250), - ebsEncrypted VARCHAR(20), - noDevice VARCHAR(50) -) -; - -create table if not exists pd_internetgateway -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - internetGatewayId VARCHAR(50) -); - -create table if not exists pd_internetgateway_attachments -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - internetGatewayId VARCHAR(50), - vpcId VARCHAR(50), - state VARCHAR(50) -); - -create table if not exists pd_internetgateway_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - internetGatewayId VARCHAR(50), - key VARCHAR(50), - value VARCHAR(500) -) -; - -create table if not exists pd_vpngateway -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpnGatewayId VARCHAR(50), - state VARCHAR(50), - type VARCHAR(50), - availabilityZone VARCHAR(50), - amazonSideAsn INT8 -) -; - -create table if not exists pd_vpngateway_vpcattachments -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpnGatewayId VARCHAR(50), - vpcId VARCHAR(50), - state VARCHAR(50) -) -; - -create table if not exists pd_vpngateway_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpnGatewayId VARCHAR(50), - key VARCHAR(50), - value VARCHAR(500) -) -; - -create table if not exists pd_scalingpolicy -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - policyName VARCHAR(500), - policyARN VARCHAR(1000), - autoScalingGroupName VARCHAR(500), - policyType VARCHAR(50), - adjustmentType VARCHAR(50), - minAdjustmentStep VARCHAR(500), - minAdjustmentMagnitude VARCHAR(500), - scalingAdjustment VARCHAR(500), - cooldown VARCHAR(500), - metricAggregationType VARCHAR(500), - estimatedInstanceWarmup VARCHAR(500) -) -; - -create table if not exists pd_scalingpolicy_stepadjustments -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - policyName VARCHAR(250), - metricIntervalLowerBound VARCHAR(50), - metricIntervalUpperBound VARCHAR(50), - scalingAdjustment VARCHAR(50) -) -; - -create table if not exists pd_scalingpolicy_alarms -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - policyName VARCHAR(250), - alarmName VARCHAR(250), - alarmARN VARCHAR(500) -) -; - - -create table if not exists pd_loaderror -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - type varchar(50), - message varchar(max) -); - - -create table if not exists pd_secgroup_rules ( - discoverydate timestamptz, - accountid varchar(50), - region varchar(15), - groupid varchar(50) , - type varchar(20) , - ipprotocol varchar(50), - fromport varchar(10), - toport varchar(10), - cidrIp varchar(50), - cidrIpv6 varchar(50) -) ; - - - - -create table if not exists pd_sns_topic -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - topicArn VARCHAR(500), - subscriptionArn VARCHAR(500), - owner VARCHAR(50), - protocol VARCHAR(20), - endpoint VARCHAR(500) -) -; - -create table if not exists pd_egress_internetgateway -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - egressOnlyInternetGatewayId VARCHAR(100), - attachmentsVpcId VARCHAR(50), - attachmentsState VARCHAR(10) -) -; - -create table if not exists pd_dhcp_options -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - dhcpOptionsId VARCHAR(50), - dhcpConfigurations VARCHAR(max) -) -; - -create table if not exists pd_dhcp_options_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - dhcpOptionsId VARCHAR(50), - key VARCHAR(100), - value VARCHAR(1000) -) -; - -create table if not exists pd_peering_connection -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpcPeeringConnectionId VARCHAR(50), - status VARCHAR(50), - expirationTime VARCHAR(50), - requesterVpcOwnerId VARCHAR(50), - accepterVpcOwnerId VARCHAR(50), - requesterVpcId VARCHAR(50), - accepterVpcId VARCHAR(50), - requesterVpcInfoCidrBlock VARCHAR(50), - accepterVpcInfoCidrBlock VARCHAR(50), - requesterVpcAllowDnsResolutionFromRemoteVpc VARCHAR(10), - requesterVpcAllowEgressFromLocalClassicLinkToRemoteVpc VARCHAR(10), - requesterVpcAllowEgressFromLocalVpcToRemoteClassicLink VARCHAR(10), - accepterVpcAllowDnsResolutionFromRemoteVpc VARCHAR(10), - accepterVpcAllowEgressFromLocalClassicLinkToRemoteVpc VARCHAR(10), - accepterVpcAllowEgressFromLocalVpcToRemoteClassicLink VARCHAR(10) -) -; - -create table if not exists pd_peering_connection_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpcPeeringConnectionId VARCHAR(50), - key VARCHAR(100), - value VARCHAR(1000) -) -; - -create table if not exists pd_customer_gateway -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - customerGatewayId VARCHAR(50), - bgpAsn VARCHAR(50), - ipAddress VARCHAR(50), - state VARCHAR(10), - type VARCHAR(20) -) -; - -create table if not exists pd_customer_gateway_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - customerGatewayId VARCHAR(50), - key VARCHAR(100), - value VARCHAR(1000) -) -; - -create table if not exists pd_vpn_connection -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpnConnectionId VARCHAR(50), - vpnGatewayId VARCHAR(50), - customerGatewayId VARCHAR(50), - state VARCHAR(10), - category VARCHAR(50), - type VARCHAR(20), - optionsStaticRoutesOnly VARCHAR(50) -) -; - -create table if not exists pd_vpn_connection_routes -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpnConnectionId VARCHAR(50), - routesSource VARCHAR(50), - routesState VARCHAR(20), - routesDestinationCidrBlock VARCHAR(100) -) -; - -create table if not exists pd_vpn_connection_telemetry -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpnConnectionId VARCHAR(50), - acceptedRouteCount VARCHAR(10), - outsideIpAddress VARCHAR(50), - lastStatusChange VARCHAR(50), - status VARCHAR(10), - statusMessage VARCHAR(100) -) -; - -create table if not exists pd_vpn_connection_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - vpnConnectionId VARCHAR(50), - key VARCHAR(100), - value VARCHAR(1000) -) -; - -create table if not exists pd_direct_connect -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - connectionId VARCHAR(50), - connectionName VARCHAR(500), - ownerAccount VARCHAR(50), - connectionState VARCHAR(10), - location VARCHAR(50), - bandwidth VARCHAR(50), - vlan VARCHAR(50), - partnerName VARCHAR(50), - loaIssueTime VARCHAR(50), - lagId VARCHAR(50), - awsDevice VARCHAR(50) -) -; - -create table if not exists pd_virtual_interfaces -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - virtualInterfaceId VARCHAR(50), - ownerAccount VARCHAR(50), - connectionId VARCHAR(50), - location VARCHAR(20), - virtualInterfaceType VARCHAR(20), - virtualInterfaceName VARCHAR(50), - vlan VARCHAR(50), - asn VARCHAR(50), - amazonSideAsn VARCHAR(50), - authKey VARCHAR(200), - amazonAddress VARCHAR(50), - customerAddress VARCHAR(50), - addressFamily VARCHAR(50), - virtualInterfaceState VARCHAR(50), - customerRouterConfig VARCHAR(max), - virtualGatewayId VARCHAR(50), - directConnectGatewayId VARCHAR(50), - routeFilterPrefixesCidr VARCHAR(50), - bgpPeersAsn VARCHAR(50), - bgpPeersAuthkey VARCHAR(100), - bgpPeersAddressFamily VARCHAR(50), - bgpPeersAmazonAddress VARCHAR(50), - bgpPeersCustomerAddress VARCHAR(50), - bgpPeersBgpPeerState VARCHAR(50), - bgpPeersBgpStatus VARCHAR(50) -) -; - -create table if not exists pd_elasticsearch -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - domainId VARCHAR(50), - domainName VARCHAR(500), - aRN VARCHAR(500), - created VARCHAR(50), - deleted VARCHAR(50), - endpoint VARCHAR(1000), - processing VARCHAR(50), - elasticsearchVersion VARCHAR(50), - accessPolicies VARCHAR(max), - endpoints VARCHAR(max), - clusterInstanceType VARCHAR(100), - clusterInstanceCount VARCHAR(10), - clusterDedicatedMasterEnabled VARCHAR(10), - clusterZoneAwarenessEnabled VARCHAR(10), - clusterDedicatedMasterType VARCHAR(100), - clusterDedicatedMasterCount VARCHAR(10), - vPCId VARCHAR(100), - subnetId VARCHAR(500), - availabilityZone VARCHAR(50), - securityGroupId VARCHAR(500), - advancedOptions VARCHAR(max) -) -; - -create table if not exists pd_elasticsearch_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - domainId VARCHAR(50), - key VARCHAR(100), - value VARCHAR(1000) -) -; - -create table if not exists pd_ssm_instance -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - instanceId VARCHAR(50), - pingStatus VARCHAR(50), - lastPingDateTime timestamptz, - agentVersion VARCHAR(50), - isLatestVersion VARCHAR(5), - platformType VARCHAR(50), - platformName VARCHAR(50), - platformVersion VARCHAR(50), - activationId VARCHAR(50), - iamRole VARCHAR(100), - registrationDate timestamptz, - resourceType VARCHAR(50), - name VARCHAR(100), - iPAddress VARCHAR(50), - computerName VARCHAR(100), - associationStatus VARCHAR(50), - lastAssociationExecutionDate timestamptz, - lastSuccessfulAssociationExecutionDate timestamptz -); - -create table if not exists pd_reserved_instance -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - instanceId VARCHAR(50), - instanceType VARCHAR(20), - availabilityZone VARCHAR(20), - duration VARCHAR(10), - startDate timestamptz, - endDate timestamptz, - fixedPrice VARCHAR(20), - instanceCount VARCHAR(10), - productDescription VARCHAR(max), - state VARCHAR(20), - usagePrice VARCHAR(50), - currencyCode VARCHAR(20), - instanceTenancy VARCHAR(50), - offeringClass VARCHAR(50), - offeringType VARCHAR(50), - scope VARCHAR(50), - recurringChargesFrequency VARCHAR(50), - recurringChargesAmount VARCHAR(20) -); - -create table if not exists pd_reserved_instance_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - instanceId VARCHAR(50), - key VARCHAR(100), - value VARCHAR(1000) -) -; - -create table if not exists cf_aws_accounts -( - accountid varchar(20), - accountname varchar(50) -) -; - -create table if not exists pacman_field_override -( - resourcetype varchar(50), - _resourceid varchar(1000), - fieldname varchar(100), - fieldvalue varchar(200), - updatedby varchar(100), - updatedon varchar(50) -) -; - -create table if not exists pd_elasticache -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - arn VARCHAR(500), - clusterName VARCHAR(200), - description VARCHAR(1000), - noofnodes int2, - primaryOrConfigEndpoint VARCHAR(500), - availabilityZones VARCHAR(200), - nodeType VARCHAR(50), - engine VARCHAR(50), - engineVersion VARCHAR(20), - clusterStatus VARCHAR(20), - clusterCreateTime timestamptz, - preferredMaintenanceWindow VARCHAR(50), - subnetGroupName VARCHAR(100), - autoMinorVersionUpgrade VARCHAR(20), - replicationGroupId VARCHAR(100), - snapshotRetentionLimit VARCHAR(50), - snapshotWindow VARCHAR(100), - authTokenEnabled VARCHAR(10), - transitEncryptionEnabled VARCHAR(10), - atRestEncryptionEnabled VARCHAR(10), - notificationConfigTopicArn VARCHAR(500), - notificationConfigTopicStatus VARCHAR(20), - securityGroups VARCHAR(200), - parameterGroup VARCHAR(200) -); - -create table if not exists pd_elasticache_tags -( - discoverydate timestamptz, - accountid VARCHAR(50), - region VARCHAR(15), - clustername VARCHAR(500), - key VARCHAR(100), - value VARCHAR(1000) -) -; \ No newline at end of file diff --git a/jobs/pacman-cloud-discovery/src/main/resources/inventory-views.sql b/jobs/pacman-cloud-discovery/src/main/resources/inventory-views.sql deleted file mode 100644 index 8114c1db9..000000000 --- a/jobs/pacman-cloud-discovery/src/main/resources/inventory-views.sql +++ /dev/null @@ -1,120 +0,0 @@ -create or replace view aws_api as select a.*,b.accountname from (select * from pd_api where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_api group by accountid,region ))a, cf_aws_accounts b where a.accountid = b.accountid(+) ; -create or replace view aws_appelb as select a.*,b.accountname from (select * from pd_appelb where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_appelb group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_appelb_instances as select a.*,b.accountname from (select * from pd_app_elb_instance where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_app_elb_instance group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_appelb_secgroups as select a.*,b.accountname from (select * from pd_appelb_secgroups where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_appelb_secgroups group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_appelb_tags as select a.*,b.accountname from (select * from pd_appelb_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_appelb_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_asg as select a.*,b.accountname from (select * from pd_asg where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_asg group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_asg_elb as select a.*,b.accountname from (select * from pd_asg_elb where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_asg_elb group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_asg_instances as select a.*,b.accountname from (select * from pd_asg_instances where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_asg_instances group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_asg_tags as select a.*,b.accountname from (select * from pd_asg_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_asg_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_asgpolicy as select a.*,b.accountname from (select * from pd_scalingpolicy where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_scalingpolicy group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_asgpolicy_alarms as select a.*,b.accountname from (select * from pd_scalingpolicy_alarms where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_scalingpolicy_alarms group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_asgpolicy_stepadjustments as select a.*,b.accountname from (select * from pd_scalingpolicy_stepadjustments where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_scalingpolicy_stepadjustments group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_beanstalk as select a.*,b.accountname from (select * from pd_beanstalk where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_beanstalk group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_beanstalk_asg as select a.*,b.accountname from (select * from pd_beanstalk_asg where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_beanstalk_asg group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_beanstalk_elb as select a.*,b.accountname from (select * from pd_beanstalk_elb where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_beanstalk_elb group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_beanstalk_instance as select a.*,b.accountname from (select * from pd_beanstalk_instance where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_beanstalk_instance group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_checks as select a.*,b.accountname from (select * from pd_checks where (discoverydate,accountid) in (select max(discoverydate),accountid from pd_checks group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_checks_resources as select a.*,b.accountname from (select * from pd_checks_resources where (discoverydate,accountid) in (select max(discoverydate),accountid from pd_checks_resources group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_classicelb as select a.*,b.accountname from (select * from pd_classicelb where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_classicelb group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_classicelb_instances as select a.*,b.accountname from (select * from pd_classicelb_instances where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_classicelb_instances group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_classicelb_secgroups as select a.*,b.accountname from (select * from pd_classicelb_secgroups where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_classicelb_secgroups group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_classicelb_tags as select a.*,b.accountname from (select * from pd_classicelb_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_classicelb_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_cloudfront as select a.*,b.accountname from (select * from pd_cloudfront where (discoverydate,accountid ) in (select max(discoverydate),accountid from pd_cloudfront group by accountid))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_cloudfront_tags as select a.*,b.accountname from (select * from pd_cloudfront_tags where (discoverydate,accountid ) in (select max(discoverydate),accountid from pd_cloudfront_tags group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_dynamodb as select a.*,b.accountname from (select * from pd_dynamodb_tables where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_dynamodb_tables group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_dynamodb_tags as select a.*,b.accountname from (select * from pd_dynamodb_tables_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_dynamodb_tables_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_ec2 as select a.*,b.accountname from (select * from pd_instance where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_instance group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_ec2_blockdevices as select a.*,b.accountname from (select * from pd_instance_blockdevices where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_instance_blockdevices group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_ec2_nwinterfaces as select a.*,b.accountname from (select * from pd_instance_nwinterfaces where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_instance_nwinterfaces group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_ec2_productcodes as select a.*,b.accountname from (select * from pd_instance_productcodes where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_instance_productcodes group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_ec2_secgroups as select a.*,b.accountname from (select * from pd_instance_secgroups where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_instance_secgroups group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_ec2_tags as select a.*,b.accountname from (select * from pd_instance_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_instance_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_efs as select a.*,b.accountname from (select * from pd_efs where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_efs group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_efs_tags as select a.*,b.accountname from (select * from pd_efs_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_efs_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_elasticip as select a.*,b.accountname from (select * from pd_elasticip where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_elasticip group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_emr as select a.*,b.accountname from (select * from pd_emr where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_emr group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_emr_tags as select a.*,b.accountname from (select * from pd_emr_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_emr_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_eni as select a.*,b.accountname from (select * from pd_nwinterface where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_nwinterface group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_eni_ipv6 as select a.*,b.accountname from (select * from pd_nwinterface_ipv where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_nwinterface_ipv group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_eni_privateipaddr as select a.*,b.accountname from (select * from pd_nwinterface_privateipaddr where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_nwinterface_privateipaddr group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_eni_secgroups as select a.*,b.accountname from (select * from pd_nwinterface_secgroups where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_nwinterface_secgroups group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_iamrole as select a.*,b.accountname from (select * from pd_iamrole where (discoverydate,accountid ) in (select max(discoverydate),accountid from pd_iamrole group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_iamuser as select a.*,b.accountname from (select * from pd_iamuser where (discoverydate,accountid) in (select max(discoverydate),accountid from pd_iamuser group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_internetgateway as select a.*,b.accountname from (select * from pd_internetgateway where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_internetgateway group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_internetgateway_attachments as select a.*,b.accountname from (select * from pd_internetgateway_attachments where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_internetgateway_attachments group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_internetgateway_tags as select a.*,b.accountname from (select * from pd_internetgateway_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_internetgateway_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_kms as select a.*,b.accountname from (select * from pd_kms where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_kms group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_kms_tags as select a.*,b.accountname from (select * from pd_kms_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_kms_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_lambda as select a.*,b.accountname from (select * from pd_lamda where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_lamda group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_lambda_secgroups as select a.*,b.accountname from (select * from pd_lambda_secgroups where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_lambda_secgroups group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_lambda_tags as select a.*,b.accountname from (select * from pd_lambda_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_lambda_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_launchconfig as select a.*,b.accountname from (select * from pd_launchconfig where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_launchconfig group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_launchconfig_blockdevicemappings as select a.*,b.accountname from (select * from pd_launchconfig_blockdevicemappings where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_launchconfig_blockdevicemappings group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_loaderror as select a.*,b.accountname from (select * from pd_loaderror where discoverydate = (select max(discoverydate) from pd_loaderror ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_nat as select a.*,b.accountname from (select * from pd_natgateway where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_natgateway group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_nat_addresses as select a.*,b.accountname from (select * from pd_natgateway_addresses where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_natgateway_addresses group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_networkacl as select a.*,b.accountname from (select * from pd_networkacl where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_networkacl group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_networkacl_associations as select a.*,b.accountname from (select * from pd_networkacl_associations where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_networkacl_associations group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_networkacl_entries as select a.*,b.accountname from (select * from pd_networkacl_entries where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_networkacl_entries group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_networkacl_tags as select a.*,b.accountname from (select * from pd_networkacl_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_networkacl_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_phd as select a.*,b.accountname from (select * from pd_phd where (discoverydate,accountid ) in (select max(discoverydate),accountid from pd_phd group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_phd_entities as select a.*,b.accountname from (select * from pd_phd_entities where (discoverydate,accountid ) in (select max(discoverydate),accountid from pd_phd_entities group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_rdscluster as select a.*,b.accountname from (select * from pd_rdscluster where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_rdscluster group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_rdscluster_secgroups as select a.*,b.accountname from (select * from pd_rdscluster_vpcsecgroup where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_rdscluster_vpcsecgroup group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_rdscluster_tags as select a.*,b.accountname from (select * from pd_rdscluster_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_rdscluster_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_rdsdb as select a.*,b.accountname from (select * from pd_rdsinstance where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_rdsinstance group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_rdsdb_secgroups as select a.*,b.accountname from (select * from pd_rdsinstance_vpcsecgroup where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_rdsinstance_vpcsecgroup group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_rdsdb_tags as select a.*,b.accountname from (select * from pd_rdsinstance_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_rdsinstance_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_rdssnapshot as select a.*,b.accountname from (select * from pd_rdssnapshot where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_rdssnapshot group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_redshift as select a.*,b.accountname from (select * from pd_redshift where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_redshift group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_redshift_secgroups as select a.*,b.accountname from (select * from pd_redshfit_secgroup where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_redshfit_secgroup group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_redshift_tags as select a.*,b.accountname from (select * from pd_redshfit_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_redshfit_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_routetable as select a.*,b.accountname from (select * from pd_routetable where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_routetable group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_routetable_associations as select a.*,b.accountname from (select * from pd_routetable_associations where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_routetable_associations group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_routetable_propagatingvgws as select a.*,b.accountname from (select * from pd_routetable_propagatingvgws where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_routetable_propagatingvgws group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_routetable_routes as select a.*,b.accountname from (select * from pd_routetable_routes where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_routetable_routes group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_routetable_tags as select a.*,b.accountname from (select * from pd_routetable_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_routetable_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_s3 as select a.*,b.accountname from (select * from pd_s3bucket where (discoverydate,accountid ) in (select max(discoverydate),accountid from pd_s3bucket group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_s3_tags as select a.*,b.accountname from (select * from pd_s3_tags where (discoverydate,accountid) in (select max(discoverydate),accountid from pd_s3_tags group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_sg as select a.*,b.accountname from (select * from pd_secgroup where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_secgroup group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_sg_tags as select a.*,b.accountname from (select * from pd_secgroup_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_secgroup_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_snapshot as select a.*,b.accountname from (select * from pd_snapshot where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_snapshot group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_snapshot_tags as select a.*,b.accountname from (select * from pd_snapshot_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_snapshot_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_stack as select a.*,b.accountname from (select * from pd_cloudfrmnstack where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_cloudfrmnstack group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_stack_tags as select a.*,b.accountname from (select * from pd_cloudfrmnstack_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_cloudfrmnstack_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_subnet as select a.*,b.accountname from (select * from pd_subnet where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_subnet group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_subnet_tags as select a.*,b.accountname from (select * from pd_subnet_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_subnet_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_targetgroup as select a.*,b.accountname from (select * from pd_targetgroup where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_targetgroup group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_targetgroup_instances as select a.*,b.accountname from (select * from pd_targetgroup_instances where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_targetgroup_instances group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_volume as select a.*,b.accountname from (select * from pd_volume where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_volume group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_volume_attachments as select a.*,b.accountname from (select * from pd_volume_attachment where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_volume_attachment group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_volume_tags as select a.*,b.accountname from (select * from pd_volume_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_volume_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpc as select a.*,b.accountname from (select * from pd_vpc where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpc group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpc_tags as select a.*,b.accountname from (select * from pd_vpc_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpc_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpngateway as select a.*,b.accountname from (select * from pd_vpngateway where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpngateway group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpngateway_tags as select a.*,b.accountname from (select * from pd_vpngateway_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpngateway_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpngateway_vpcattachments as select a.*,b.accountname from (select * from pd_vpngateway_vpcattachments where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpngateway_vpcattachments group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_sg_rules as select a.*,b.accountname from (select * from pd_secgroup_rules where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_secgroup_rules group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_iamuser_keys as select a.*,b.accountname from (select * from pd_iamuserkeys where (discoverydate,accountid) in (select max(discoverydate),accountid from pd_iamuserkeys group by accountid ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_snstopic as select a.*,b.accountname from (select * from pd_sns_topic where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_sns_topic group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_egressgateway as select a.*,b.accountname from (select * from pd_egress_internetgateway where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_egress_internetgateway group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_dhcpoption as select a.*,b.accountname from (select * from pd_dhcp_options where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_dhcp_options group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_dhcpoption_tags as select a.*,b.accountname from (select * from pd_dhcp_options_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_dhcp_options_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_peeringconnection as select a.*,b.accountname from (select * from pd_peering_connection where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_peering_connection group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_peeringconnection_tags as select a.*,b.accountname from (select * from pd_peering_connection_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_peering_connection_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_customergateway as select a.*,b.accountname from (select * from pd_customer_gateway where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_customer_gateway group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_customergateway_tags as select a.*,b.accountname from (select * from pd_customer_gateway_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_customer_gateway_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpnconnection as select a.*,b.accountname from (select * from pd_vpn_connection where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpn_connection group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpnconnection_routes as select a.*,b.accountname from (select * from pd_vpn_connection_routes where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpn_connection_routes group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpnconnection_telemetry as select a.*,b.accountname from (select * from pd_vpn_connection_telemetry where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpn_connection_telemetry group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_vpnconnection_tags as select a.*,b.accountname from (select * from pd_vpn_connection_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_vpn_connection_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_directconnect as select a.*,b.accountname from (select * from pd_direct_connect where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_direct_connect group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_virtualinterface as select a.*,b.accountname from (select * from pd_virtual_interfaces where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_virtual_interfaces group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_elasticsearch as select a.*,b.accountname from (select * from pd_elasticsearch where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_elasticsearch group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_elasticsearch_tags as select a.*,b.accountname from (select * from pd_elasticsearch_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_elasticsearch_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_ec2_ssminfo as select a.*,b.accountname from (select * from pd_ssm_instance where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_ssm_instance group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_reservedinstance as select a.*,b.accountname from (select * from pd_reserved_instance where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_reserved_instance group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_reservedinstance_tags as select a.*,b.accountname from (select * from pd_reserved_instance_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_reserved_instance_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_elasticache as select a.*,b.accountname from (select * from pd_elasticache where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_elasticache group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; -create or replace view aws_elasticache_tags as select a.*,b.accountname from (select * from pd_elasticache_tags where (discoverydate,accountid,region ) in (select max(discoverydate),accountid,region from pd_elasticache_tags group by accountid,region ))a, cf_aws_accounts b where a.accountid= b.accountid(+) ; diff --git a/jobs/pacman-cloud-discovery/src/main/resources/inventory.properties b/jobs/pacman-cloud-discovery/src/main/resources/inventory.properties deleted file mode 100644 index d46251d96..000000000 --- a/jobs/pacman-cloud-discovery/src/main/resources/inventory.properties +++ /dev/null @@ -1,9 +0,0 @@ -file-tableinfo=appelb-info.data:pd_appelb,appelb-instances.data:pd_app_elb_instance,asg-elb.data:pd_asg_elb,asg-info.data:pd_asg,asg-instances.data:pd_asg_instances,asg-tags.data:pd_asg_tags,checks-info.data:pd_checks,checks-resources-info.data:pd_checks_resources,classicelb-info.data:pd_classicelb,classicelb-instances.data:pd_classicelb_instances,cloudfrmnstack-info.data:pd_cloudfrmnstack,cloudfrmnstack-tags.data:pd_cloudfrmnstack_tags,dynamodb-tables.data:pd_dynamodb_tables,dynamodb-tables-tags.data:pd_dynamodb_tables_tags,efs-info.data:pd_efs,efs-tags.data:pd_efs_tags,emr-info.data:pd_emr,emr-tags.data:pd_emr_tags,instance-blockdevices.data:pd_instance_blockdevices,instance-info.data:pd_instance,instance-nwinterfaces.data:pd_instance_nwinterfaces,instance-productcodes.data:pd_instance_productcodes,instance-secgroups.data:pd_instance_secgroups,instance-tags.data:pd_instance_tags,lambda-info.data:pd_lamda,natgateway-addresses.data:pd_natgateway_addresses,natgateway-info.data:pd_natgateway,nwinterface-info.data:pd_nwinterface,nwinterface-ipv6.data:pd_nwinterface_ipv,nwinterface-privateIpAddr.data:pd_nwinterface_privateIpAddr,nwinterface-secgroups.data:pd_nwinterface_secgroups,rdscluster-info.data:pd_rdscluster,rdscluster-vpcsecgroup.data:pd_rdscluster_vpcsecgroup,rdscluster-tags.data:pd_rdscluster_tags,rdsinstance-info.data:pd_rdsinstance,rdsinstance-tags.data:pd_rdsinstance_tags,rdsinstance-vpcsecgroup.data:pd_rdsinstance_vpcsecgroup,redshfit-secgroup.data:pd_redshfit_secgroup,redshfit-tags.data:pd_redshfit_tags,redshift-info.data:pd_redshift,s3-info.data:pd_s3bucket,s3-tags.data:pd_s3_tags,secgroup-info.data:pd_secgroup,secgroup-tags.data:pd_secgroup_tags,snapshot-info.data:pd_snapshot,snapshot-tags.data:pd_snapshot_tags,subnet-info.data:pd_subnet,subnet-tags.data:pd_subnet_tags,targetGroup-info.data:pd_targetGroup,targetGroup-instances.data:pd_targetGroup_instances,volume-attachment.data:pd_volume_attachment,volume-info.data:pd_volume,volume-tags.data:pd_volume_tags,vpc-info.data:pd_vpc,vpc-tags.data:pd_vpc_tags,iamuser-info.data:pd_iamuser,iamuser-accesskeys.data:pd_iamuserkeys,rdssnapshot-info.data:pd_rdssnapshot,iamrole-info.data:pd_iamrole,classicelb-tags.data:pd_classicelb_tags,appelb-tags.data:pd_appelb_tags,lambda-tags.data:pd_lambda_tags,ebs-asg.data:pd_beanstalk_asg,ebs-elb.data:pd_beanstalk_elb,ebs-info.data:pd_beanstalk,ebs-instances.data:pd_beanstalk_instance,cloudfront-info.data:pd_cloudfront,cloudfront-tags.data:pd_cloudfront_tags,lambda-secgroups.data:pd_lambda_secgroups,kms-info.data:pd_kms,kms-tags.data:pd_kms_tags,classicelb-secgroups.data:pd_classicelb_secgroups,phd-affectedentities.data:pd_phd_entities,phd-info.data:pd_phd,appelb-secgroups.data:pd_appelb_secgroups,routetable.data:pd_routetable,routetable-routes.data:pd_routetable_routes,routetable-associations.data:pd_routetable_associations,routetable-propagatingVgws.data:pd_routetable_propagatingvgws,routetable-tags.data:pd_routetable_tags,networkacl.data:pd_networkacl,networkacl-entries.data:pd_networkacl_entries,networkacl-associations.data:pd_networkacl_associations,networkacl-tags.data:pd_networkacl_tags,elasticip.data:pd_elasticip,asg-launchconfig.data:pd_launchconfig,asg-launchconfig-blockDeviceMappings.data:pd_launchconfig_blockdevicemappings,internetgateway.data:pd_internetgateway,internetgateway-attachments.data:pd_internetgateway_attachments,internetgateway-tags.data:pd_internetgateway_tags,vpngateway.data:pd_vpngateway,vpngateway-vpcAttachments.data:pd_vpngateway_vpcattachments,vpngateway-tags.data:pd_vpngateway_tags,asg-scalingpolicy.data:pd_scalingpolicy,asg-scalingpolicy-stepAdjustments.data:pd_scalingpolicy_stepadjustments,asg-scalingpolicy-alarms.data:pd_scalingpolicy_alarms,load-error.data:pd_loaderror,secgroup-rules.data:pd_secgroup_rules,sns-topic.data:pd_sns_topic,egress-internetgateway.data:pd_egress_internetgateway,dhcp-options.data:pd_dhcp_options,dhcp-options-tags.data:pd_dhcp_options_tags,peering-connection-info.data:pd_peering_connection,peering-connection-tags.data:pd_peering_connection_tags,customer-gateway.data:pd_customer_gateway,customer-gateway-tags.data:pd_customer_gateway_tags,vpn-connection.data:pd_vpn_connection,vpn-connection-routes.data:pd_vpn_connection_routes,vpn-connection-telemetry.data:pd_vpn_connection_telemetry,vpn-connection-tags.data:pd_vpn_connection_tags,direct-connection.data:pd_direct_connect,direct-connection-virtual-interfaces.data:pd_virtual_interfaces,es-domain-info.data:pd_elasticsearch,es-domain-tags.data:pd_elasticsearch_tags,ssm-info.data:pd_ssm_instance,reserved-Instances-info.data:pd_reserved_instance,reserved-Instances-tags.data:pd_reserved_instance_tags,elastiCache-info.data:pd_elasticache,elastiCache-tags.data:pd_elasticache_tags -region-ignore=us-gov-west-1,cn-north-1,cn-northwest-1 -discovery-role=pac_ro -s3-data=data-test -s3-processed=bkp-test -s3-role=pacman -s3-region=us-west-2 -file-load-threads=3 -file-path=/home/ec2-user/data diff --git a/jobs/pacman-cloud-discovery/src/main/resources/log4j2.xml b/jobs/pacman-cloud-discovery/src/main/resources/log4j2.xml deleted file mode 100644 index 8f95498ca..000000000 --- a/jobs/pacman-cloud-discovery/src/main/resources/log4j2.xml +++ /dev/null @@ -1,37 +0,0 @@ - - - - /home/ec2-user/logs - - - - - - [%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n - - - - - - - - [%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/AssetFileGeneratorTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/AssetFileGeneratorTest.java index 72b904927..3e2c31503 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/AssetFileGeneratorTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/AssetFileGeneratorTest.java @@ -1,433 +1,440 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.file; - -import static org.mockito.Matchers.anyObject; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; -import org.springframework.test.util.ReflectionTestUtils; - -import com.amazonaws.auth.BasicSessionCredentials; -import com.tmobile.cso.pacman.inventory.auth.CredentialProvider; -import com.tmobile.cso.pacman.inventory.util.ASGInventoryUtil; -import com.tmobile.cso.pacman.inventory.util.DirectConnectionInventoryUtil; -import com.tmobile.cso.pacman.inventory.util.EC2InventoryUtil; -import com.tmobile.cso.pacman.inventory.util.ESInventoryUtil; -import com.tmobile.cso.pacman.inventory.util.InventoryUtil; -import com.tmobile.cso.pacman.inventory.util.SNSInventoryUtil; - - - -/** - * The Class AssetFileGeneratorTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({FileManager.class,ErrorManageUtil.class,InventoryUtil.class,EC2InventoryUtil.class,SNSInventoryUtil.class,DirectConnectionInventoryUtil.class, - ASGInventoryUtil.class,ESInventoryUtil.class}) -@PowerMockIgnore("javax.management.*") -public class AssetFileGeneratorTest { - - /** The asset file generator. */ - @InjectMocks - AssetFileGenerator assetFileGenerator; - - /** The cred provider. */ - @Mock - CredentialProvider credProvider; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - } - - /** - * Generate files test. - * - * @throws Exception the exception - */ - @SuppressWarnings({"unchecked", "rawtypes"}) - @Test - public void generateFilesTest() throws Exception{ - - mockStatic(FileManager.class); - PowerMockito.doNothing().when(FileManager.class,"initialise",anyString()); - mockStatic(ErrorManageUtil.class); - PowerMockito.doNothing().when(ErrorManageUtil.class,"initialise"); - - ReflectionTestUtils.setField(assetFileGenerator, "targetTypes", "ec2,asg,stack,dynamodb,efs,emr,lambda,classicelb,appelb,targetgroup," - + "nat,rdsdb,rdscluster,s3,eni,sg,subnet,checks,redshift,volume,snapshot,vpc,api,iamuser,rdssnapshot,iamrole,kms,cloudfront,beanstalk,phd," - + "routetable,networkacl,elasticip,launchconfig,internetgw,vpngw,asgpolicy,snstopic,egressgateway,dhcpoption,peeringconnection,customergateway," - + "vpnconnection,directconnect,virtualinterface,elasticsearch,reserved instances,ssm"); - when(credProvider.getCredentials(anyString(), anyString())).thenReturn(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken")); - - mockStatic(InventoryUtil.class); - mockStatic(EC2InventoryUtil.class); - mockStatic(ASGInventoryUtil.class); - mockStatic(DirectConnectionInventoryUtil.class); - mockStatic(ESInventoryUtil.class); - mockStatic(SNSInventoryUtil.class); - - when(InventoryUtil.fetchInstances(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateInstanceFiles",new HashMap<>()); - - when(InventoryUtil.fetchAsg(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateAsgFiles",new HashMap<>()); - - when(InventoryUtil.fetchCloudFormationStack(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateCloudFormationStackFiles",new HashMap<>()); - - when(InventoryUtil.fetchDynamoDBTables(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateDynamoDbFiles",new HashMap<>()); - - when(InventoryUtil.fetchEFSInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateEfsFiles",new HashMap<>()); - - when(InventoryUtil.fetchEMRInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateEmrFiles",new HashMap<>()); - - when(InventoryUtil.fetchLambdaInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateLamdaFiles",new HashMap<>()); - - when(InventoryUtil.fetchClassicElbInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateClassicElbFiles",new HashMap<>()); - - when(InventoryUtil.fetchElbInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateApplicationElbFiles",new HashMap<>()); - - when(InventoryUtil.fetchTargetGroups(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateTargetGroupFiles",new HashMap<>()); - - when(InventoryUtil.fetchNATGatewayInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateNatGatewayFiles",new HashMap<>()); - - when(InventoryUtil.fetchRDSInstanceInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateRDSInstanceFiles",new HashMap<>()); - - when(InventoryUtil.fetchRDSClusterInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateRDSClusterFiles",new HashMap<>()); - - when(InventoryUtil.fetchS3Info(anyObject(), anyString(), anyString())).thenReturn(new ArrayList()); - PowerMockito.doNothing().when(FileManager.class,"generateS3Files",new HashMap<>()); - - when(InventoryUtil.fetchNetworkIntefaces(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateNwInterfaceFiles",new HashMap<>()); - - when(InventoryUtil.fetchSecurityGroups(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateSecGroupFile",new HashMap<>()); - - when(InventoryUtil.fetchSubnets(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateSubnetFiles",new HashMap<>()); - - when(InventoryUtil.fetchTrusterdAdvisorsChecks(anyObject(), anyString())).thenReturn(new ArrayList<>()); - PowerMockito.doNothing().when(FileManager.class,"generateTrustedAdvisorFiles",new HashMap<>()); - - when(InventoryUtil.fetchRedshiftInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateRedshiftFiles",new HashMap<>()); - - when(InventoryUtil.fetchVolumetInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generatefetchVolumeFiles",new HashMap<>()); - - when(InventoryUtil.fetchSnapshots(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateSnapshotFiles",new HashMap<>()); - - when(InventoryUtil.fetchVpcInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateVpcFiles",new HashMap<>()); - - when(InventoryUtil.fetchApiGateways(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateApiGatewayFiles",new HashMap<>()); - - when(InventoryUtil.fetchIAMUsers(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateIamUserFiles",new HashMap<>()); - - when(InventoryUtil.fetchRDSDBSnapshots(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateRDSSnapshotFiles",new HashMap<>()); - - when(InventoryUtil.fetchIAMRoles(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateIamRoleFiles",new HashMap<>()); - - when(InventoryUtil.fetchKMSKeys(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateKMSFiles",new HashMap<>()); - - when(InventoryUtil.fetchCloudFrontInfo(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateCloudFrontFiles",new HashMap<>()); - - when(InventoryUtil.fetchEBSInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateEBSFiles",new HashMap<>()); - - when(InventoryUtil.fetchPHDInfo(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generatePHDFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchRouteTables(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateEC2RouteTableFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchNetworkACL(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateNetworkAclFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchElasticIPAddresses(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateElasticIPFiles",new HashMap<>()); - - when(ASGInventoryUtil.fetchLaunchConfigurations(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateLaunchConfigurationsFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchInternetGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateInternetGatewayFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchVPNGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateVPNGatewayFiles",new HashMap<>()); - - when(ASGInventoryUtil.fetchScalingPolicies(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateScalingPolicies",new HashMap<>()); - - when(SNSInventoryUtil.fetchSNSTopics(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateSNSTopics",new HashMap<>()); - - when(EC2InventoryUtil.fetchEgressGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateEgressGateway",new HashMap<>()); - - when(EC2InventoryUtil.fetchDHCPOptions(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateDhcpOptions",new HashMap<>()); - - when(EC2InventoryUtil.fetchPeeringConnections(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generatePeeringConnections",new HashMap<>()); - - when(EC2InventoryUtil.fetchCustomerGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateCustomerGateway",new HashMap<>()); - - when(EC2InventoryUtil.fetchVPNConnections(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateVpnConnection",new HashMap<>()); - - when(DirectConnectionInventoryUtil.fetchDirectConnections(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateDirectConnection",new HashMap<>()); - - when(DirectConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateDirectConnectionVirtualInterfaces",new HashMap<>()); - - when(ESInventoryUtil.fetchESInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateESDomain",new HashMap<>()); - - when(EC2InventoryUtil.fetchReservedInstances(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateReservedInstances",new HashMap<>()); - - when(EC2InventoryUtil.fetchSSMInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doNothing().when(FileManager.class,"generateSsmFiles",new HashMap<>()); - - List accounts = new ArrayList<>(); - accounts.add("account"); - assetFileGenerator.generateFiles(new HashSet(accounts) , "skipRegions", "filePath"); - - ReflectionTestUtils.setField(assetFileGenerator, "targetTypes", "targetType"); - assetFileGenerator.generateFiles(new HashSet(accounts) , "skipRegions", "filePath"); - } - - /** - * Generate files test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings({"unchecked", "rawtypes"}) - @Test - public void generateFilesTest_Exception() throws Exception{ - - mockStatic(FileManager.class); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"initialise",anyString()); - - ReflectionTestUtils.setField(assetFileGenerator, "targetTypes", "ec2,asg,stack,dynamodb,efs,emr,lambda,classicelb,appelb,targetgroup," - + "nat,rdsdb,rdscluster,s3,eni,sg,subnet,checks,redshift,volume,snapshot,vpc,api,iamuser,rdssnapshot,iamrole,kms,cloudfront,beanstalk,phd," - + "routetable,networkacl,elasticip,launchconfig,internetgw,vpngw,asgpolicy,snstopic,egressgateway,dhcpoption,peeringconnection,customergateway," - + "vpnconnection,directconnect,virtualinterface,elasticsearch,reserved instances,ssm"); - when(credProvider.getCredentials(anyString(), anyString())).thenReturn(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken")); - - mockStatic(InventoryUtil.class); - mockStatic(EC2InventoryUtil.class); - mockStatic(ASGInventoryUtil.class); - mockStatic(DirectConnectionInventoryUtil.class); - mockStatic(ESInventoryUtil.class); - mockStatic(SNSInventoryUtil.class); - mockStatic(ErrorManageUtil.class); - - PowerMockito.doNothing().when(ErrorManageUtil.class,"uploadError",anyString(),anyString(),anyString(),anyString()); - - when(InventoryUtil.fetchInstances(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateInstanceFiles",new HashMap<>()); - - when(InventoryUtil.fetchAsg(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateAsgFiles",new HashMap<>()); - - when(InventoryUtil.fetchCloudFormationStack(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateCloudFormationStackFiles",new HashMap<>()); - - when(InventoryUtil.fetchDynamoDBTables(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDynamoDbFiles",new HashMap<>()); - - when(InventoryUtil.fetchEFSInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEfsFiles",new HashMap<>()); - - when(InventoryUtil.fetchEMRInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEmrFiles",new HashMap<>()); - - when(InventoryUtil.fetchLambdaInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateLamdaFiles",new HashMap<>()); - - when(InventoryUtil.fetchClassicElbInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateClassicElbFiles",new HashMap<>()); - - when(InventoryUtil.fetchElbInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateApplicationElbFiles",new HashMap<>()); - - when(InventoryUtil.fetchTargetGroups(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateTargetGroupFiles",new HashMap<>()); - - when(InventoryUtil.fetchNATGatewayInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateNatGatewayFiles",new HashMap<>()); - - when(InventoryUtil.fetchRDSInstanceInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRDSInstanceFiles",new HashMap<>()); - - when(InventoryUtil.fetchRDSClusterInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRDSClusterFiles",new HashMap<>()); - - when(InventoryUtil.fetchS3Info(anyObject(), anyString(), anyString())).thenReturn(new ArrayList()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateS3Files",new HashMap<>()); - - when(InventoryUtil.fetchNetworkIntefaces(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateNwInterfaceFiles",new HashMap<>()); - - when(InventoryUtil.fetchSecurityGroups(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSecGroupFile",new HashMap<>()); - - when(InventoryUtil.fetchSubnets(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSubnetFiles",new HashMap<>()); - - when(InventoryUtil.fetchTrusterdAdvisorsChecks(anyObject(), anyString())).thenReturn(new ArrayList<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateTrustedAdvisorFiles",new HashMap<>()); - - when(InventoryUtil.fetchRedshiftInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRedshiftFiles",new HashMap<>()); - - when(InventoryUtil.fetchVolumetInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generatefetchVolumeFiles",new HashMap<>()); - - when(InventoryUtil.fetchSnapshots(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSnapshotFiles",new HashMap<>()); - - when(InventoryUtil.fetchVpcInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateVpcFiles",new HashMap<>()); - - when(InventoryUtil.fetchApiGateways(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateApiGatewayFiles",new HashMap<>()); - - when(InventoryUtil.fetchIAMUsers(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateIamUserFiles",new HashMap<>()); - - when(InventoryUtil.fetchRDSDBSnapshots(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRDSSnapshotFiles",new HashMap<>()); - - when(InventoryUtil.fetchIAMRoles(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateIamRoleFiles",new HashMap<>()); - - when(InventoryUtil.fetchKMSKeys(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateKMSFiles",new HashMap<>()); - - when(InventoryUtil.fetchCloudFrontInfo(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateCloudFrontFiles",new HashMap<>()); - - when(InventoryUtil.fetchEBSInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEBSFiles",new HashMap<>()); - - when(InventoryUtil.fetchPHDInfo(anyObject(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generatePHDFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchRouteTables(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEC2RouteTableFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchNetworkACL(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateNetworkAclFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchElasticIPAddresses(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateElasticIPFiles",new HashMap<>()); - - when(ASGInventoryUtil.fetchLaunchConfigurations(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateLaunchConfigurationsFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchInternetGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateInternetGatewayFiles",new HashMap<>()); - - when(EC2InventoryUtil.fetchVPNGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateVPNGatewayFiles",new HashMap<>()); - - when(ASGInventoryUtil.fetchScalingPolicies(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateScalingPolicies",new HashMap<>()); - - when(SNSInventoryUtil.fetchSNSTopics(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSNSTopics",new HashMap<>()); - - when(EC2InventoryUtil.fetchEgressGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEgressGateway",new HashMap<>()); - - when(EC2InventoryUtil.fetchDHCPOptions(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDhcpOptions",new HashMap<>()); - - when(EC2InventoryUtil.fetchPeeringConnections(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generatePeeringConnections",new HashMap<>()); - - when(EC2InventoryUtil.fetchCustomerGateway(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateCustomerGateway",new HashMap<>()); - - when(EC2InventoryUtil.fetchVPNConnections(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateVpnConnection",new HashMap<>()); - - when(DirectConnectionInventoryUtil.fetchDirectConnections(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDirectConnection",new HashMap<>()); - - when(DirectConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDirectConnectionVirtualInterfaces",new HashMap<>()); - - when(ESInventoryUtil.fetchESInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateESDomain",new HashMap<>()); - - when(EC2InventoryUtil.fetchReservedInstances(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateReservedInstances",new HashMap<>()); - - when(EC2InventoryUtil.fetchSSMInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSsmFiles",new HashMap<>()); - - List accounts = new ArrayList<>(); - accounts.add("account"); - assetFileGenerator.generateFiles(new HashSet(accounts) , "skipRegions", "filePath"); - - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; +import org.springframework.test.util.ReflectionTestUtils; + +import com.amazonaws.auth.BasicSessionCredentials; +import com.tmobile.cso.pacman.inventory.InventoryConstants; +import com.tmobile.cso.pacman.inventory.auth.CredentialProvider; +import com.tmobile.cso.pacman.inventory.util.ASGInventoryUtil; +import com.tmobile.cso.pacman.inventory.util.DirectConnectionInventoryUtil; +import com.tmobile.cso.pacman.inventory.util.EC2InventoryUtil; +import com.tmobile.cso.pacman.inventory.util.ESInventoryUtil; +import com.tmobile.cso.pacman.inventory.util.InventoryUtil; +import com.tmobile.cso.pacman.inventory.util.SNSInventoryUtil; + + + +/** + * The Class AssetFileGeneratorTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({FileManager.class,ErrorManageUtil.class,InventoryUtil.class,EC2InventoryUtil.class,SNSInventoryUtil.class,DirectConnectionInventoryUtil.class, + ASGInventoryUtil.class,ESInventoryUtil.class}) +@PowerMockIgnore("javax.management.*") +public class AssetFileGeneratorTest { + + /** The asset file generator. */ + @InjectMocks + AssetFileGenerator assetFileGenerator; + + /** The cred provider. */ + @Mock + CredentialProvider credProvider; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + } + + /** + * Generate files test. + * + * @throws Exception the exception + */ + @SuppressWarnings({"unchecked", "rawtypes"}) + @Test + public void generateFilesTest() throws Exception{ + + mockStatic(FileManager.class); + PowerMockito.doNothing().when(FileManager.class,"initialise",anyString()); + mockStatic(ErrorManageUtil.class); + PowerMockito.doNothing().when(ErrorManageUtil.class,"initialise"); + + ReflectionTestUtils.setField(assetFileGenerator, "targetTypes", "ec2,asg,stack,dynamodb,efs,emr,lambda,classicelb,appelb,targetgroup," + + "nat,rdsdb,rdscluster,s3,eni,sg,subnet,checks,redshift,volume,snapshot,vpc,api,iamuser,rdssnapshot,iamrole,kms,cloudfront,beanstalk,phd," + + "routetable,networkacl,elasticip,launchconfig,internetgw,vpngw,asgpolicy,snstopic,egressgateway,dhcpoption,peeringconnection,customergateway," + + "vpnconnection,directconnect,virtualinterface,elasticsearch,reserved instances,ssm"); + when(credProvider.getCredentials(anyString(), anyString())).thenReturn(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken")); + + mockStatic(InventoryUtil.class); + mockStatic(EC2InventoryUtil.class); + mockStatic(ASGInventoryUtil.class); + mockStatic(DirectConnectionInventoryUtil.class); + mockStatic(ESInventoryUtil.class); + mockStatic(SNSInventoryUtil.class); + + when(InventoryUtil.fetchInstances(anyObject(), anyString(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateInstanceFiles",new HashMap<>()); + + when(InventoryUtil.fetchAsg(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateAsgFiles",new HashMap<>()); + + when(InventoryUtil.fetchCloudFormationStack(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateCloudFormationStackFiles",new HashMap<>()); + + when(InventoryUtil.fetchDynamoDBTables(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateDynamoDbFiles",new HashMap<>()); + + when(InventoryUtil.fetchEFSInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateEfsFiles",new HashMap<>()); + + when(InventoryUtil.fetchEMRInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateEmrFiles",new HashMap<>()); + + when(InventoryUtil.fetchLambdaInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateLamdaFiles",new HashMap<>()); + + when(InventoryUtil.fetchClassicElbInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateClassicElbFiles",new HashMap<>()); + + when(InventoryUtil.fetchElbInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateApplicationElbFiles",new HashMap<>()); + + when(InventoryUtil.fetchTargetGroups(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateTargetGroupFiles",new HashMap<>()); + + when(InventoryUtil.fetchNATGatewayInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateNatGatewayFiles",new HashMap<>()); + + when(InventoryUtil.fetchRDSInstanceInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateRDSInstanceFiles",new HashMap<>()); + + when(InventoryUtil.fetchRDSClusterInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateRDSClusterFiles",new HashMap<>()); + + when(InventoryUtil.fetchS3Info(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap()); + PowerMockito.doNothing().when(FileManager.class,"generateS3Files",new HashMap<>()); + + when(InventoryUtil.fetchNetworkIntefaces(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateNwInterfaceFiles",new HashMap<>()); + + when(InventoryUtil.fetchSecurityGroups(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateSecGroupFile",new HashMap<>()); + + when(InventoryUtil.fetchSubnets(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateSubnetFiles",new HashMap<>()); + + when(InventoryUtil.fetchTrusterdAdvisorsChecks(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateTrustedAdvisorFiles",new HashMap<>()); + + when(InventoryUtil.fetchRedshiftInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateRedshiftFiles",new HashMap<>()); + + when(InventoryUtil.fetchVolumetInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generatefetchVolumeFiles",new HashMap<>()); + + when(InventoryUtil.fetchSnapshots(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateSnapshotFiles",new HashMap<>()); + + when(InventoryUtil.fetchVpcInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateVpcFiles",new HashMap<>()); + + when(InventoryUtil.fetchApiGateways(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateApiGatewayFiles",new HashMap<>()); + + when(InventoryUtil.fetchIAMUsers(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateIamUserFiles",new HashMap<>()); + + when(InventoryUtil.fetchRDSDBSnapshots(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateRDSSnapshotFiles",new HashMap<>()); + + when(InventoryUtil.fetchIAMRoles(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateIamRoleFiles",new HashMap<>()); + + when(InventoryUtil.fetchKMSKeys(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateKMSFiles",new HashMap<>()); + + when(InventoryUtil.fetchCloudFrontInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateCloudFrontFiles",new HashMap<>()); + + when(InventoryUtil.fetchEBSInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateEBSFiles",new HashMap<>()); + + when(InventoryUtil.fetchPHDInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generatePHDFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchRouteTables(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateEC2RouteTableFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchNetworkACL(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateNetworkAclFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchElasticIPAddresses(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateElasticIPFiles",new HashMap<>()); + + when(ASGInventoryUtil.fetchLaunchConfigurations(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateLaunchConfigurationsFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchInternetGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateInternetGatewayFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchVPNGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateVPNGatewayFiles",new HashMap<>()); + + when(ASGInventoryUtil.fetchScalingPolicies(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateScalingPolicies",new HashMap<>()); + + when(SNSInventoryUtil.fetchSNSTopics(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateSNSTopics",new HashMap<>()); + + when(EC2InventoryUtil.fetchEgressGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateEgressGateway",new HashMap<>()); + + when(EC2InventoryUtil.fetchDHCPOptions(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateDhcpOptions",new HashMap<>()); + + when(EC2InventoryUtil.fetchPeeringConnections(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generatePeeringConnections",new HashMap<>()); + + when(EC2InventoryUtil.fetchCustomerGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateCustomerGateway",new HashMap<>()); + + when(EC2InventoryUtil.fetchVPNConnections(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateVpnConnection",new HashMap<>()); + + when(DirectConnectionInventoryUtil.fetchDirectConnections(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateDirectConnection",new HashMap<>()); + + when(DirectConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateDirectConnectionVirtualInterfaces",new HashMap<>()); + + when(ESInventoryUtil.fetchESInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateESDomain",new HashMap<>()); + + when(EC2InventoryUtil.fetchReservedInstances(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateReservedInstances",new HashMap<>()); + + when(EC2InventoryUtil.fetchSSMInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doNothing().when(FileManager.class,"generateSsmFiles",new HashMap<>()); + + List> accounts = new ArrayList<>(); + Map account = new HashMap<>(); + account.put(InventoryConstants.ACCOUNT_ID, "account"); + account.put(InventoryConstants.ACCOUNT_NAME, "accountName"); + accounts.add(account); + assetFileGenerator.generateFiles(accounts , "skipRegions", "filePath"); + + ReflectionTestUtils.setField(assetFileGenerator, "targetTypes", "targetType"); + assetFileGenerator.generateFiles(accounts , "skipRegions", "filePath"); + } + + /** + * Generate files test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings({"unchecked", "rawtypes"}) + @Test + public void generateFilesTest_Exception() throws Exception{ + + mockStatic(FileManager.class); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"initialise",anyString()); + + ReflectionTestUtils.setField(assetFileGenerator, "targetTypes", "ec2,asg,stack,dynamodb,efs,emr,lambda,classicelb,appelb,targetgroup," + + "nat,rdsdb,rdscluster,s3,eni,sg,subnet,checks,redshift,volume,snapshot,vpc,api,iamuser,rdssnapshot,iamrole,kms,cloudfront,beanstalk,phd," + + "routetable,networkacl,elasticip,launchconfig,internetgw,vpngw,asgpolicy,snstopic,egressgateway,dhcpoption,peeringconnection,customergateway," + + "vpnconnection,directconnect,virtualinterface,elasticsearch,reserved instances,ssm"); + when(credProvider.getCredentials(anyString(), anyString())).thenReturn(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken")); + + mockStatic(InventoryUtil.class); + mockStatic(EC2InventoryUtil.class); + mockStatic(ASGInventoryUtil.class); + mockStatic(DirectConnectionInventoryUtil.class); + mockStatic(ESInventoryUtil.class); + mockStatic(SNSInventoryUtil.class); + mockStatic(ErrorManageUtil.class); + + PowerMockito.doNothing().when(ErrorManageUtil.class,"uploadError",anyString(),anyString(),anyString(),anyString()); + + when(InventoryUtil.fetchInstances(anyObject(), anyString(), anyString(), anyString(),anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateInstanceFiles",new HashMap<>()); + + when(InventoryUtil.fetchAsg(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateAsgFiles",new HashMap<>()); + + when(InventoryUtil.fetchCloudFormationStack(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateCloudFormationStackFiles",new HashMap<>()); + + when(InventoryUtil.fetchDynamoDBTables(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDynamoDbFiles",new HashMap<>()); + + when(InventoryUtil.fetchEFSInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEfsFiles",new HashMap<>()); + + when(InventoryUtil.fetchEMRInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEmrFiles",new HashMap<>()); + + when(InventoryUtil.fetchLambdaInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateLamdaFiles",new HashMap<>()); + + when(InventoryUtil.fetchClassicElbInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateClassicElbFiles",new HashMap<>()); + + when(InventoryUtil.fetchElbInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateApplicationElbFiles",new HashMap<>()); + + when(InventoryUtil.fetchTargetGroups(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateTargetGroupFiles",new HashMap<>()); + + when(InventoryUtil.fetchNATGatewayInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateNatGatewayFiles",new HashMap<>()); + + when(InventoryUtil.fetchRDSInstanceInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRDSInstanceFiles",new HashMap<>()); + + when(InventoryUtil.fetchRDSClusterInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRDSClusterFiles",new HashMap<>()); + + when(InventoryUtil.fetchS3Info(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateS3Files",new HashMap<>()); + + when(InventoryUtil.fetchNetworkIntefaces(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateNwInterfaceFiles",new HashMap<>()); + + when(InventoryUtil.fetchSecurityGroups(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSecGroupFile",new HashMap<>()); + + when(InventoryUtil.fetchSubnets(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSubnetFiles",new HashMap<>()); + + when(InventoryUtil.fetchTrusterdAdvisorsChecks(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateTrustedAdvisorFiles",new HashMap<>()); + + when(InventoryUtil.fetchRedshiftInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRedshiftFiles",new HashMap<>()); + + when(InventoryUtil.fetchVolumetInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generatefetchVolumeFiles",new HashMap<>()); + + when(InventoryUtil.fetchSnapshots(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSnapshotFiles",new HashMap<>()); + + when(InventoryUtil.fetchVpcInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateVpcFiles",new HashMap<>()); + + when(InventoryUtil.fetchApiGateways(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateApiGatewayFiles",new HashMap<>()); + + when(InventoryUtil.fetchIAMUsers(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateIamUserFiles",new HashMap<>()); + + when(InventoryUtil.fetchRDSDBSnapshots(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateRDSSnapshotFiles",new HashMap<>()); + + when(InventoryUtil.fetchIAMRoles(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateIamRoleFiles",new HashMap<>()); + + when(InventoryUtil.fetchKMSKeys(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateKMSFiles",new HashMap<>()); + + when(InventoryUtil.fetchCloudFrontInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateCloudFrontFiles",new HashMap<>()); + + when(InventoryUtil.fetchEBSInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEBSFiles",new HashMap<>()); + + when(InventoryUtil.fetchPHDInfo(anyObject(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generatePHDFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchRouteTables(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEC2RouteTableFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchNetworkACL(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateNetworkAclFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchElasticIPAddresses(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateElasticIPFiles",new HashMap<>()); + + when(ASGInventoryUtil.fetchLaunchConfigurations(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateLaunchConfigurationsFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchInternetGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateInternetGatewayFiles",new HashMap<>()); + + when(EC2InventoryUtil.fetchVPNGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateVPNGatewayFiles",new HashMap<>()); + + when(ASGInventoryUtil.fetchScalingPolicies(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateScalingPolicies",new HashMap<>()); + + when(SNSInventoryUtil.fetchSNSTopics(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSNSTopics",new HashMap<>()); + + when(EC2InventoryUtil.fetchEgressGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateEgressGateway",new HashMap<>()); + + when(EC2InventoryUtil.fetchDHCPOptions(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDhcpOptions",new HashMap<>()); + + when(EC2InventoryUtil.fetchPeeringConnections(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generatePeeringConnections",new HashMap<>()); + + when(EC2InventoryUtil.fetchCustomerGateway(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateCustomerGateway",new HashMap<>()); + + when(EC2InventoryUtil.fetchVPNConnections(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateVpnConnection",new HashMap<>()); + + when(DirectConnectionInventoryUtil.fetchDirectConnections(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDirectConnection",new HashMap<>()); + + when(DirectConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateDirectConnectionVirtualInterfaces",new HashMap<>()); + + when(ESInventoryUtil.fetchESInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateESDomain",new HashMap<>()); + + when(EC2InventoryUtil.fetchReservedInstances(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateReservedInstances",new HashMap<>()); + + when(EC2InventoryUtil.fetchSSMInfo(anyObject(), anyString(), anyString(), anyString())).thenReturn(new HashMap<>()); + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateSsmFiles",new HashMap<>()); + + List> accounts = new ArrayList<>(); + Map account = new HashMap<>(); + account.put(InventoryConstants.ACCOUNT_ID, "account"); + account.put(InventoryConstants.ACCOUNT_NAME, "accountName"); + accounts.add(account); + assetFileGenerator.generateFiles(accounts , "skipRegions", "filePath"); + + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtilTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtilTest.java index 84871a0e8..5d80d2d7d 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtilTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/ErrorManageUtilTest.java @@ -1,101 +1,101 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.file; - -import static org.mockito.Matchers.anyBoolean; -import static org.mockito.Matchers.anyMap; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; - -import java.io.IOException; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - - -/** - * The Class ErrorManageUtilTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({FileManager.class,FileGenerator.class}) -@PowerMockIgnore("javax.management.*") -public class ErrorManageUtilTest { - - /** The error manage util. */ - @InjectMocks - ErrorManageUtil errorManageUtil; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - } - - /** - * Initialise test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void initialiseTest() throws Exception{ - - mockStatic(FileGenerator.class); - PowerMockito.doNothing().when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); - errorManageUtil.initialise(); - - PowerMockito.doThrow(new IOException()).when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); - errorManageUtil.initialise(); - } - - /** - * Upload error test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void uploadErrorTest() throws Exception{ - - errorManageUtil.uploadError("account", "region", "type", "exception"); - } - - /** - * Write error file test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void writeErrorFileTest() throws Exception{ - - mockStatic(FileManager.class); - PowerMockito.doNothing().when(FileManager.class,"generateErrorFile",anyMap()); - errorManageUtil.writeErrorFile(); - - PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateErrorFile",anyMap()); - errorManageUtil.writeErrorFile(); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import static org.mockito.Matchers.anyBoolean; +import static org.mockito.Matchers.anyMap; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; + +import java.io.IOException; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + + +/** + * The Class ErrorManageUtilTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({FileManager.class,FileGenerator.class}) +@PowerMockIgnore("javax.management.*") +public class ErrorManageUtilTest { + + /** The error manage util. */ + @InjectMocks + ErrorManageUtil errorManageUtil; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + } + + /** + * Initialise test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void initialiseTest() throws Exception{ + + mockStatic(FileGenerator.class); + PowerMockito.doNothing().when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); + errorManageUtil.initialise(); + + PowerMockito.doThrow(new IOException()).when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); + errorManageUtil.initialise(); + } + + /** + * Upload error test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void uploadErrorTest() throws Exception{ + + errorManageUtil.uploadError("account", "region", "type", "exception"); + } + + /** + * Write error file test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void writeErrorFileTest() throws Exception{ + + mockStatic(FileManager.class); + PowerMockito.doNothing().when(FileManager.class,"generateErrorFile",anyMap()); + errorManageUtil.writeErrorFile(); + + PowerMockito.doThrow(new IOException()).when(FileManager.class,"generateErrorFile",anyMap()); + errorManageUtil.writeErrorFile(); + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/FileManagerTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/FileManagerTest.java index d3ff69170..4bf83e4d2 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/FileManagerTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/file/FileManagerTest.java @@ -1,141 +1,141 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.file; - -import static org.mockito.Matchers.anyBoolean; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; -import static org.powermock.api.mockito.PowerMockito.verifyNew; - -import java.io.File; -import java.util.HashMap; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; - - -/** - * The Class FileManagerTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({FileGenerator.class,File.class}) -@PowerMockIgnore("javax.management.*") -public class FileManagerTest { - - /** The file manager. */ - @InjectMocks - FileManager fileManager; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - } - - /** - * Initialise test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void initialiseTest() throws Exception{ - - File file = PowerMockito.mock(File.class); - PowerMockito.whenNew(File.class).withAnyArguments().thenReturn(file); - when(file,"mkdirs").thenReturn(true); - - mockStatic(FileGenerator.class); - PowerMockito.doNothing().when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); - - fileManager.initialise("src/test/resources/testfolder"); - } - - /** - * Generate files test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void generateFilesTest() throws Exception{ - - mockStatic(FileGenerator.class); - PowerMockito.doNothing().when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); - - fileManager.generateInstanceFiles(new HashMap<>()); - fileManager.generateNwInterfaceFiles(new HashMap<>()); - fileManager.generateAsgFiles(new HashMap<>()); - fileManager.generateCloudFormationStackFiles(new HashMap<>()); - fileManager.generateDynamoDbFiles(new HashMap<>()); - fileManager.generateEfsFiles(new HashMap<>()); - fileManager.generateEmrFiles(new HashMap<>()); - fileManager.generateLamdaFiles(new HashMap<>()); - fileManager.generateClassicElbFiles(new HashMap<>()); - fileManager.generateApplicationElbFiles(new HashMap<>()); - fileManager.generateNatGatewayFiles(new HashMap<>()); - fileManager.generateRDSClusterFiles(new HashMap<>()); - fileManager.generateRDSInstanceFiles(new HashMap<>()); - fileManager.generateS3Files(new HashMap<>()); - fileManager.generateSubnetFiles(new HashMap<>()); - fileManager.generateRedshiftFiles(new HashMap<>()); - fileManager.generatefetchVolumeFiles(new HashMap<>()); - fileManager.generateSnapshotFiles(new HashMap<>()); - fileManager.generateVpcFiles(new HashMap<>()); - fileManager.generateApiGatewayFiles(new HashMap<>()); - fileManager.generateIamUserFiles(new HashMap<>()); - fileManager.generateRDSSnapshotFiles(new HashMap<>()); - fileManager.generateIamRoleFiles(new HashMap<>()); - fileManager.generateKMSFiles(new HashMap<>()); - fileManager.generateCloudFrontFiles(new HashMap<>()); - fileManager.generateEBSFiles(new HashMap<>()); - fileManager.generatePHDFiles(new HashMap<>()); - fileManager.generateErrorFile(new HashMap<>()); - fileManager.generateEC2RouteTableFiles(new HashMap<>()); - fileManager.generateNetworkAclFiles(new HashMap<>()); - fileManager.generateElasticIPFiles(new HashMap<>()); - fileManager.generateLaunchConfigurationsFiles(new HashMap<>()); - fileManager.generateInternetGatewayFiles(new HashMap<>()); - fileManager.generateVPNGatewayFiles(new HashMap<>()); - fileManager.generateScalingPolicies(new HashMap<>()); - fileManager.generateSNSTopics(new HashMap<>()); - fileManager.generateEgressGateway(new HashMap<>()); - fileManager.generateDhcpOptions(new HashMap<>()); - fileManager.generatePeeringConnections(new HashMap<>()); - fileManager.generateCustomerGateway(new HashMap<>()); - fileManager.generateVpnConnection(new HashMap<>()); - fileManager.generateDirectConnection(new HashMap<>()); - fileManager.generateDirectConnectionVirtualInterfaces(new HashMap<>()); - fileManager.generateESDomain(new HashMap<>()); - fileManager.generateReservedInstances(new HashMap<>()); - fileManager.generateSsmFiles(new HashMap<>()); - fileManager.generateTargetGroupFiles(new HashMap<>()); - fileManager.generateSecGroupFile(new HashMap<>()); - fileManager.generateTrustedAdvisorFiles(new HashMap<>()); - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.file; + +import static org.mockito.Matchers.anyBoolean; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; +import static org.powermock.api.mockito.PowerMockito.verifyNew; + +import java.io.File; +import java.util.HashMap; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; + + +/** + * The Class FileManagerTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({FileGenerator.class,File.class}) +@PowerMockIgnore("javax.management.*") +public class FileManagerTest { + + /** The file manager. */ + @InjectMocks + FileManager fileManager; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + } + + /** + * Initialise test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void initialiseTest() throws Exception{ + + File file = PowerMockito.mock(File.class); + PowerMockito.whenNew(File.class).withAnyArguments().thenReturn(file); + when(file,"mkdirs").thenReturn(true); + + mockStatic(FileGenerator.class); + PowerMockito.doNothing().when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); + + fileManager.initialise("src/test/resources/testfolder"); + } + + /** + * Generate files test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void generateFilesTest() throws Exception{ + + mockStatic(FileGenerator.class); + PowerMockito.doNothing().when(FileGenerator.class,"writeToFile",anyString(),anyString(),anyBoolean()); + + fileManager.generateInstanceFiles(new HashMap<>()); + fileManager.generateNwInterfaceFiles(new HashMap<>()); + fileManager.generateAsgFiles(new HashMap<>()); + fileManager.generateCloudFormationStackFiles(new HashMap<>()); + fileManager.generateDynamoDbFiles(new HashMap<>()); + fileManager.generateEfsFiles(new HashMap<>()); + fileManager.generateEmrFiles(new HashMap<>()); + fileManager.generateLamdaFiles(new HashMap<>()); + fileManager.generateClassicElbFiles(new HashMap<>()); + fileManager.generateApplicationElbFiles(new HashMap<>()); + fileManager.generateNatGatewayFiles(new HashMap<>()); + fileManager.generateRDSClusterFiles(new HashMap<>()); + fileManager.generateRDSInstanceFiles(new HashMap<>()); + fileManager.generateS3Files(new HashMap<>()); + fileManager.generateSubnetFiles(new HashMap<>()); + fileManager.generateRedshiftFiles(new HashMap<>()); + fileManager.generatefetchVolumeFiles(new HashMap<>()); + fileManager.generateSnapshotFiles(new HashMap<>()); + fileManager.generateVpcFiles(new HashMap<>()); + fileManager.generateApiGatewayFiles(new HashMap<>()); + fileManager.generateIamUserFiles(new HashMap<>()); + fileManager.generateRDSSnapshotFiles(new HashMap<>()); + fileManager.generateIamRoleFiles(new HashMap<>()); + fileManager.generateKMSFiles(new HashMap<>()); + fileManager.generateCloudFrontFiles(new HashMap<>()); + fileManager.generateEBSFiles(new HashMap<>()); + fileManager.generatePHDFiles(new HashMap<>()); + fileManager.generateErrorFile(new HashMap<>()); + fileManager.generateEC2RouteTableFiles(new HashMap<>()); + fileManager.generateNetworkAclFiles(new HashMap<>()); + fileManager.generateElasticIPFiles(new HashMap<>()); + fileManager.generateLaunchConfigurationsFiles(new HashMap<>()); + fileManager.generateInternetGatewayFiles(new HashMap<>()); + fileManager.generateVPNGatewayFiles(new HashMap<>()); + fileManager.generateScalingPolicies(new HashMap<>()); + fileManager.generateSNSTopics(new HashMap<>()); + fileManager.generateEgressGateway(new HashMap<>()); + fileManager.generateDhcpOptions(new HashMap<>()); + fileManager.generatePeeringConnections(new HashMap<>()); + fileManager.generateCustomerGateway(new HashMap<>()); + fileManager.generateVpnConnection(new HashMap<>()); + fileManager.generateDirectConnection(new HashMap<>()); + fileManager.generateDirectConnectionVirtualInterfaces(new HashMap<>()); + fileManager.generateESDomain(new HashMap<>()); + fileManager.generateReservedInstances(new HashMap<>()); + fileManager.generateSsmFiles(new HashMap<>()); + fileManager.generateTargetGroupFiles(new HashMap<>()); + fileManager.generateSecGroupFile(new HashMap<>()); + fileManager.generateTrustedAdvisorFiles(new HashMap<>()); + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtilTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtilTest.java index bfb5f8cba..fa73e1cf6 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtilTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ASGInventoryUtilTest.java @@ -1,232 +1,232 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.Matchers.anyObject; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionImpl; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.autoscaling.AmazonAutoScaling; -import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; -import com.amazonaws.services.autoscaling.model.AutoScalingGroup; -import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; -import com.amazonaws.services.autoscaling.model.DescribeLaunchConfigurationsResult; -import com.amazonaws.services.autoscaling.model.DescribePoliciesResult; -import com.amazonaws.services.autoscaling.model.LaunchConfiguration; -import com.amazonaws.services.autoscaling.model.ScalingPolicy; - - -/** - * The Class ASGInventoryUtilTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({RegionUtils.class,AmazonAutoScalingClientBuilder.class}) -@PowerMockIgnore("javax.management.*") -public class ASGInventoryUtilTest { - - /** The asg inventory util. */ - @InjectMocks - ASGInventoryUtil asgInventoryUtil; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - - mockStatic(RegionUtils.class); - when(RegionUtils.getRegions()).thenReturn(getRegions()); - } - - /** - * Fetch launch configurations test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchLaunchConfigurationsTest() throws Exception { - - mockStatic(AmazonAutoScalingClientBuilder.class); - AmazonAutoScaling asgClient = PowerMockito.mock(AmazonAutoScaling.class); - AmazonAutoScalingClientBuilder amazonAutoScalingClientBuilder = PowerMockito.mock(AmazonAutoScalingClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonAutoScalingClientBuilder.standard()).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.withCredentials(anyObject())).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.withRegion(anyString())).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.build()).thenReturn(asgClient); - - DescribeAutoScalingGroupsResult autoScalingGroupsResult = new DescribeAutoScalingGroupsResult(); - List asgList = new ArrayList<>(); - AutoScalingGroup autoScalingGroup = new AutoScalingGroup(); - autoScalingGroup.setLaunchConfigurationName("launchConfigurationName"); - asgList.add(autoScalingGroup); - autoScalingGroupsResult.setAutoScalingGroups(asgList); - when(asgClient.describeAutoScalingGroups(anyObject())).thenReturn(autoScalingGroupsResult); - - DescribeLaunchConfigurationsResult launchConfigurationsResult = new DescribeLaunchConfigurationsResult(); - List launchConfigurations = new ArrayList<>(); - launchConfigurations.add(new LaunchConfiguration()); - - launchConfigurationsResult.setLaunchConfigurations(launchConfigurations); - when(asgClient.describeLaunchConfigurations(anyObject())).thenReturn(launchConfigurationsResult); - assertThat(asgInventoryUtil.fetchLaunchConfigurations(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch launch configurations test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchLaunchConfigurationsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(asgInventoryUtil.fetchLaunchConfigurations(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch scaling policies test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchScalingPoliciesTest() throws Exception { - - mockStatic(AmazonAutoScalingClientBuilder.class); - AmazonAutoScaling asgClient = PowerMockito.mock(AmazonAutoScaling.class); - AmazonAutoScalingClientBuilder amazonAutoScalingClientBuilder = PowerMockito.mock(AmazonAutoScalingClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonAutoScalingClientBuilder.standard()).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.withCredentials(anyObject())).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.withRegion(anyString())).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.build()).thenReturn(asgClient); - - DescribeAutoScalingGroupsResult autoScalingGroupsResult = new DescribeAutoScalingGroupsResult(); - List asgList = new ArrayList<>(); - AutoScalingGroup autoScalingGroup = new AutoScalingGroup(); - autoScalingGroup.setAutoScalingGroupName("autoScalingGrpName"); - asgList.add(autoScalingGroup); - autoScalingGroupsResult.setAutoScalingGroups(asgList); - - when(asgClient.describeAutoScalingGroups(anyObject())).thenReturn(autoScalingGroupsResult); - - DescribePoliciesResult policiesResult = new DescribePoliciesResult(); - List scalingPolicies = new ArrayList<>(); - scalingPolicies.add(new ScalingPolicy()); - policiesResult.setScalingPolicies(scalingPolicies); - when(asgClient.describePolicies(anyObject())).thenReturn(policiesResult); - assertThat(asgInventoryUtil.fetchScalingPolicies(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch scaling policies test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchScalingPoliciesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(asgInventoryUtil.fetchScalingPolicies(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Gets the regions. - * - * @return the regions - */ - private List getRegions() { - List regions = new ArrayList<>(); - Region region = new Region(new RegionImpl() { - - @Override - public boolean isServiceSupported(String serviceName) { - return false; - } - - @Override - public boolean hasHttpsEndpoint(String serviceName) { - return false; - } - - @Override - public boolean hasHttpEndpoint(String serviceName) { - return false; - } - - @Override - public String getServiceEndpoint(String serviceName) { - return null; - } - - @Override - public String getPartition() { - return null; - } - - @Override - public String getName() { - return "north"; - } - - @Override - public String getDomain() { - return null; - } - - @Override - public Collection getAvailableEndpoints() { - return null; - } - }); - regions.add(region); - return regions; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionImpl; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.autoscaling.AmazonAutoScaling; +import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; +import com.amazonaws.services.autoscaling.model.AutoScalingGroup; +import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; +import com.amazonaws.services.autoscaling.model.DescribeLaunchConfigurationsResult; +import com.amazonaws.services.autoscaling.model.DescribePoliciesResult; +import com.amazonaws.services.autoscaling.model.LaunchConfiguration; +import com.amazonaws.services.autoscaling.model.ScalingPolicy; + + +/** + * The Class ASGInventoryUtilTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({RegionUtils.class,AmazonAutoScalingClientBuilder.class}) +@PowerMockIgnore("javax.management.*") +public class ASGInventoryUtilTest { + + /** The asg inventory util. */ + @InjectMocks + ASGInventoryUtil asgInventoryUtil; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + + mockStatic(RegionUtils.class); + when(RegionUtils.getRegions()).thenReturn(getRegions()); + } + + /** + * Fetch launch configurations test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchLaunchConfigurationsTest() throws Exception { + + mockStatic(AmazonAutoScalingClientBuilder.class); + AmazonAutoScaling asgClient = PowerMockito.mock(AmazonAutoScaling.class); + AmazonAutoScalingClientBuilder amazonAutoScalingClientBuilder = PowerMockito.mock(AmazonAutoScalingClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonAutoScalingClientBuilder.standard()).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.withCredentials(anyObject())).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.withRegion(anyString())).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.build()).thenReturn(asgClient); + + DescribeAutoScalingGroupsResult autoScalingGroupsResult = new DescribeAutoScalingGroupsResult(); + List asgList = new ArrayList<>(); + AutoScalingGroup autoScalingGroup = new AutoScalingGroup(); + autoScalingGroup.setLaunchConfigurationName("launchConfigurationName"); + asgList.add(autoScalingGroup); + autoScalingGroupsResult.setAutoScalingGroups(asgList); + when(asgClient.describeAutoScalingGroups(anyObject())).thenReturn(autoScalingGroupsResult); + + DescribeLaunchConfigurationsResult launchConfigurationsResult = new DescribeLaunchConfigurationsResult(); + List launchConfigurations = new ArrayList<>(); + launchConfigurations.add(new LaunchConfiguration()); + + launchConfigurationsResult.setLaunchConfigurations(launchConfigurations); + when(asgClient.describeLaunchConfigurations(anyObject())).thenReturn(launchConfigurationsResult); + assertThat(asgInventoryUtil.fetchLaunchConfigurations(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch launch configurations test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchLaunchConfigurationsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(asgInventoryUtil.fetchLaunchConfigurations(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch scaling policies test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchScalingPoliciesTest() throws Exception { + + mockStatic(AmazonAutoScalingClientBuilder.class); + AmazonAutoScaling asgClient = PowerMockito.mock(AmazonAutoScaling.class); + AmazonAutoScalingClientBuilder amazonAutoScalingClientBuilder = PowerMockito.mock(AmazonAutoScalingClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonAutoScalingClientBuilder.standard()).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.withCredentials(anyObject())).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.withRegion(anyString())).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.build()).thenReturn(asgClient); + + DescribeAutoScalingGroupsResult autoScalingGroupsResult = new DescribeAutoScalingGroupsResult(); + List asgList = new ArrayList<>(); + AutoScalingGroup autoScalingGroup = new AutoScalingGroup(); + autoScalingGroup.setAutoScalingGroupName("autoScalingGrpName"); + asgList.add(autoScalingGroup); + autoScalingGroupsResult.setAutoScalingGroups(asgList); + + when(asgClient.describeAutoScalingGroups(anyObject())).thenReturn(autoScalingGroupsResult); + + DescribePoliciesResult policiesResult = new DescribePoliciesResult(); + List scalingPolicies = new ArrayList<>(); + scalingPolicies.add(new ScalingPolicy()); + policiesResult.setScalingPolicies(scalingPolicies); + when(asgClient.describePolicies(anyObject())).thenReturn(policiesResult); + assertThat(asgInventoryUtil.fetchScalingPolicies(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch scaling policies test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchScalingPoliciesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(asgInventoryUtil.fetchScalingPolicies(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Gets the regions. + * + * @return the regions + */ + private List getRegions() { + List regions = new ArrayList<>(); + Region region = new Region(new RegionImpl() { + + @Override + public boolean isServiceSupported(String serviceName) { + return false; + } + + @Override + public boolean hasHttpsEndpoint(String serviceName) { + return false; + } + + @Override + public boolean hasHttpEndpoint(String serviceName) { + return false; + } + + @Override + public String getServiceEndpoint(String serviceName) { + return null; + } + + @Override + public String getPartition() { + return null; + } + + @Override + public String getName() { + return "north"; + } + + @Override + public String getDomain() { + return null; + } + + @Override + public Collection getAvailableEndpoints() { + return null; + } + }); + regions.add(region); + return regions; + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtilTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtilTest.java index 8461471f4..d93cf83bf 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtilTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/DirectConnectionInventoryUtilTest.java @@ -1,211 +1,211 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.Matchers.anyObject; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionImpl; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.directconnect.AmazonDirectConnectClient; -import com.amazonaws.services.directconnect.AmazonDirectConnectClientBuilder; -import com.amazonaws.services.directconnect.model.Connection; -import com.amazonaws.services.directconnect.model.DescribeConnectionsResult; -import com.amazonaws.services.directconnect.model.DescribeVirtualInterfacesResult; -import com.amazonaws.services.directconnect.model.VirtualInterface; - - -/** - * The Class DirectConnectionInventoryUtilTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({RegionUtils.class,AmazonDirectConnectClientBuilder.class}) -@PowerMockIgnore("javax.management.*") -public class DirectConnectionInventoryUtilTest { - - /** The direct connection inventory util. */ - @InjectMocks - DirectConnectionInventoryUtil directConnectionInventoryUtil; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - - mockStatic(RegionUtils.class); - when(RegionUtils.getRegions()).thenReturn(getRegions()); - } - - /** - * Fetch direct connections test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchDirectConnectionsTest() throws Exception { - - mockStatic(AmazonDirectConnectClientBuilder.class); - AmazonDirectConnectClient amazonDirectConnectClient = PowerMockito.mock(AmazonDirectConnectClient.class); - AmazonDirectConnectClientBuilder amazonDirectConnectClientBuilder = PowerMockito.mock(AmazonDirectConnectClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonDirectConnectClientBuilder.standard()).thenReturn(amazonDirectConnectClientBuilder); - when(amazonDirectConnectClientBuilder.withCredentials(anyObject())).thenReturn(amazonDirectConnectClientBuilder); - when(amazonDirectConnectClientBuilder.withRegion(anyString())).thenReturn(amazonDirectConnectClientBuilder); - when(amazonDirectConnectClientBuilder.build()).thenReturn(amazonDirectConnectClient); - - DescribeConnectionsResult describeConnectionsResult = new DescribeConnectionsResult(); - List connections = new ArrayList<>(); - connections.add(new Connection()); - describeConnectionsResult.setConnections(connections); - when(amazonDirectConnectClient.describeConnections()).thenReturn(describeConnectionsResult); - assertThat(directConnectionInventoryUtil.fetchDirectConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch direct connections test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchDirectConnectionsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(directConnectionInventoryUtil.fetchDirectConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch direct connections virtual interfaces test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchDirectConnectionsVirtualInterfacesTest() throws Exception { - - mockStatic(AmazonDirectConnectClientBuilder.class); - AmazonDirectConnectClient amazonDirectConnectClient = PowerMockito.mock(AmazonDirectConnectClient.class); - AmazonDirectConnectClientBuilder amazonDirectConnectClientBuilder = PowerMockito.mock(AmazonDirectConnectClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonDirectConnectClientBuilder.standard()).thenReturn(amazonDirectConnectClientBuilder); - when(amazonDirectConnectClientBuilder.withCredentials(anyObject())).thenReturn(amazonDirectConnectClientBuilder); - when(amazonDirectConnectClientBuilder.withRegion(anyString())).thenReturn(amazonDirectConnectClientBuilder); - when(amazonDirectConnectClientBuilder.build()).thenReturn(amazonDirectConnectClient); - - DescribeVirtualInterfacesResult describeVirtualInterfacesResult = new DescribeVirtualInterfacesResult (); - List virtualInterfaces = new ArrayList<>(); - virtualInterfaces.add(new VirtualInterface()); - describeVirtualInterfacesResult.setVirtualInterfaces(virtualInterfaces); - when(amazonDirectConnectClient.describeVirtualInterfaces()).thenReturn(describeVirtualInterfacesResult); - assertThat(directConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch direct connections virtual interfaces test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchDirectConnectionsVirtualInterfacesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(directConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Gets the regions. - * - * @return the regions - */ - private List getRegions() { - List regions = new ArrayList<>(); - Region region = new Region(new RegionImpl() { - - @Override - public boolean isServiceSupported(String serviceName) { - return false; - } - - @Override - public boolean hasHttpsEndpoint(String serviceName) { - return false; - } - - @Override - public boolean hasHttpEndpoint(String serviceName) { - return false; - } - - @Override - public String getServiceEndpoint(String serviceName) { - return null; - } - - @Override - public String getPartition() { - return null; - } - - @Override - public String getName() { - return "north"; - } - - @Override - public String getDomain() { - return null; - } - - @Override - public Collection getAvailableEndpoints() { - return null; - } - }); - regions.add(region); - return regions; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionImpl; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.directconnect.AmazonDirectConnectClient; +import com.amazonaws.services.directconnect.AmazonDirectConnectClientBuilder; +import com.amazonaws.services.directconnect.model.Connection; +import com.amazonaws.services.directconnect.model.DescribeConnectionsResult; +import com.amazonaws.services.directconnect.model.DescribeVirtualInterfacesResult; +import com.amazonaws.services.directconnect.model.VirtualInterface; + + +/** + * The Class DirectConnectionInventoryUtilTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({RegionUtils.class,AmazonDirectConnectClientBuilder.class}) +@PowerMockIgnore("javax.management.*") +public class DirectConnectionInventoryUtilTest { + + /** The direct connection inventory util. */ + @InjectMocks + DirectConnectionInventoryUtil directConnectionInventoryUtil; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + + mockStatic(RegionUtils.class); + when(RegionUtils.getRegions()).thenReturn(getRegions()); + } + + /** + * Fetch direct connections test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchDirectConnectionsTest() throws Exception { + + mockStatic(AmazonDirectConnectClientBuilder.class); + AmazonDirectConnectClient amazonDirectConnectClient = PowerMockito.mock(AmazonDirectConnectClient.class); + AmazonDirectConnectClientBuilder amazonDirectConnectClientBuilder = PowerMockito.mock(AmazonDirectConnectClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonDirectConnectClientBuilder.standard()).thenReturn(amazonDirectConnectClientBuilder); + when(amazonDirectConnectClientBuilder.withCredentials(anyObject())).thenReturn(amazonDirectConnectClientBuilder); + when(amazonDirectConnectClientBuilder.withRegion(anyString())).thenReturn(amazonDirectConnectClientBuilder); + when(amazonDirectConnectClientBuilder.build()).thenReturn(amazonDirectConnectClient); + + DescribeConnectionsResult describeConnectionsResult = new DescribeConnectionsResult(); + List connections = new ArrayList<>(); + connections.add(new Connection()); + describeConnectionsResult.setConnections(connections); + when(amazonDirectConnectClient.describeConnections()).thenReturn(describeConnectionsResult); + assertThat(directConnectionInventoryUtil.fetchDirectConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch direct connections test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchDirectConnectionsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(directConnectionInventoryUtil.fetchDirectConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch direct connections virtual interfaces test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchDirectConnectionsVirtualInterfacesTest() throws Exception { + + mockStatic(AmazonDirectConnectClientBuilder.class); + AmazonDirectConnectClient amazonDirectConnectClient = PowerMockito.mock(AmazonDirectConnectClient.class); + AmazonDirectConnectClientBuilder amazonDirectConnectClientBuilder = PowerMockito.mock(AmazonDirectConnectClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonDirectConnectClientBuilder.standard()).thenReturn(amazonDirectConnectClientBuilder); + when(amazonDirectConnectClientBuilder.withCredentials(anyObject())).thenReturn(amazonDirectConnectClientBuilder); + when(amazonDirectConnectClientBuilder.withRegion(anyString())).thenReturn(amazonDirectConnectClientBuilder); + when(amazonDirectConnectClientBuilder.build()).thenReturn(amazonDirectConnectClient); + + DescribeVirtualInterfacesResult describeVirtualInterfacesResult = new DescribeVirtualInterfacesResult (); + List virtualInterfaces = new ArrayList<>(); + virtualInterfaces.add(new VirtualInterface()); + describeVirtualInterfacesResult.setVirtualInterfaces(virtualInterfaces); + when(amazonDirectConnectClient.describeVirtualInterfaces()).thenReturn(describeVirtualInterfacesResult); + assertThat(directConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch direct connections virtual interfaces test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchDirectConnectionsVirtualInterfacesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(directConnectionInventoryUtil.fetchDirectConnectionsVirtualInterfaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Gets the regions. + * + * @return the regions + */ + private List getRegions() { + List regions = new ArrayList<>(); + Region region = new Region(new RegionImpl() { + + @Override + public boolean isServiceSupported(String serviceName) { + return false; + } + + @Override + public boolean hasHttpsEndpoint(String serviceName) { + return false; + } + + @Override + public boolean hasHttpEndpoint(String serviceName) { + return false; + } + + @Override + public String getServiceEndpoint(String serviceName) { + return null; + } + + @Override + public String getPartition() { + return null; + } + + @Override + public String getName() { + return "north"; + } + + @Override + public String getDomain() { + return null; + } + + @Override + public Collection getAvailableEndpoints() { + return null; + } + }); + regions.add(region); + return regions; + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtilTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtilTest.java index 78844ead1..b410a5979 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtilTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/EC2InventoryUtilTest.java @@ -1,653 +1,653 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.Matchers.anyObject; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionImpl; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.ec2.AmazonEC2; -import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; -import com.amazonaws.services.ec2.model.Address; -import com.amazonaws.services.ec2.model.CustomerGateway; -import com.amazonaws.services.ec2.model.DescribeAddressesResult; -import com.amazonaws.services.ec2.model.DescribeCustomerGatewaysResult; -import com.amazonaws.services.ec2.model.DescribeDhcpOptionsResult; -import com.amazonaws.services.ec2.model.DescribeEgressOnlyInternetGatewaysResult; -import com.amazonaws.services.ec2.model.DescribeInternetGatewaysResult; -import com.amazonaws.services.ec2.model.DescribeNetworkAclsResult; -import com.amazonaws.services.ec2.model.DescribeReservedInstancesResult; -import com.amazonaws.services.ec2.model.DescribeRouteTablesResult; -import com.amazonaws.services.ec2.model.DescribeVpcPeeringConnectionsResult; -import com.amazonaws.services.ec2.model.DescribeVpnConnectionsResult; -import com.amazonaws.services.ec2.model.DescribeVpnGatewaysResult; -import com.amazonaws.services.ec2.model.DhcpOptions; -import com.amazonaws.services.ec2.model.EgressOnlyInternetGateway; -import com.amazonaws.services.ec2.model.InternetGateway; -import com.amazonaws.services.ec2.model.NetworkAcl; -import com.amazonaws.services.ec2.model.ReservedInstances; -import com.amazonaws.services.ec2.model.RouteTable; -import com.amazonaws.services.ec2.model.VpcPeeringConnection; -import com.amazonaws.services.ec2.model.VpnConnection; -import com.amazonaws.services.ec2.model.VpnGateway; -import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement; -import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder; -import com.amazonaws.services.simplesystemsmanagement.model.DescribeInstanceInformationResult; -import com.amazonaws.services.simplesystemsmanagement.model.InstanceInformation; - - -/** - * The Class EC2InventoryUtilTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({RegionUtils.class,AmazonEC2ClientBuilder.class,AWSSimpleSystemsManagementClientBuilder.class}) -@PowerMockIgnore("javax.management.*") -public class EC2InventoryUtilTest { - - /** The ec 2 inventory util. */ - @InjectMocks - EC2InventoryUtil ec2InventoryUtil; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - - mockStatic(RegionUtils.class); - when(RegionUtils.getRegions()).thenReturn(getRegions()); - } - - /** - * Fetch route tables test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRouteTablesTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeRouteTablesResult describeRouteTablesResult = new DescribeRouteTablesResult(); - List routeTableList = new ArrayList<>(); - routeTableList.add(new RouteTable()); - describeRouteTablesResult.setRouteTables(routeTableList); - when(ec2Client.describeRouteTables()).thenReturn(describeRouteTablesResult); - assertThat(ec2InventoryUtil.fetchRouteTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch route tables test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRouteTablesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchRouteTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch network ACL test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchNetworkACLTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeNetworkAclsResult describeNetworkAclsResult = new DescribeNetworkAclsResult(); - List networkAclList = new ArrayList<>(); - networkAclList.add(new NetworkAcl()); - describeNetworkAclsResult.setNetworkAcls(networkAclList); - when(ec2Client.describeNetworkAcls()).thenReturn(describeNetworkAclsResult); - assertThat(ec2InventoryUtil.fetchNetworkACL(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch network ACL test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchNetworkACLTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchNetworkACL(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch elastic IP addresses test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchElasticIPAddressesTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeAddressesResult describeAddressesResult = new DescribeAddressesResult(); - List
    elasticIPList = new ArrayList<>(); - elasticIPList.add(new Address()); - describeAddressesResult.setAddresses(elasticIPList); - when(ec2Client.describeAddresses()).thenReturn(describeAddressesResult); - assertThat(ec2InventoryUtil.fetchElasticIPAddresses(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch elastic IP addresses test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchElasticIPAddressesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchElasticIPAddresses(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch internet gateway test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchInternetGatewayTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeInternetGatewaysResult describeInternetGatewaysResult = new DescribeInternetGatewaysResult(); - List internetGatewayList = new ArrayList<>(); - internetGatewayList.add(new InternetGateway()); - describeInternetGatewaysResult.setInternetGateways(internetGatewayList); - when(ec2Client.describeInternetGateways()).thenReturn(describeInternetGatewaysResult); - assertThat(ec2InventoryUtil.fetchInternetGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch internet gateway test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchInternetGatewayTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchInternetGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch VPN gateway test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVPNGatewayTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeVpnGatewaysResult describeVpnGatewaysResult = new DescribeVpnGatewaysResult(); - List vpnGatewayList = new ArrayList<>(); - vpnGatewayList.add(new VpnGateway()); - describeVpnGatewaysResult.setVpnGateways(vpnGatewayList); - when(ec2Client.describeVpnGateways()).thenReturn(describeVpnGatewaysResult); - assertThat(ec2InventoryUtil.fetchVPNGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch VPN gateway test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVPNGatewayTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchVPNGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch egress gateway test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchEgressGatewayTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeEgressOnlyInternetGatewaysResult describeEgressOnlyInternetGatewaysResult = new DescribeEgressOnlyInternetGatewaysResult(); - List egressGatewayList = new ArrayList<>(); - egressGatewayList.add(new EgressOnlyInternetGateway()); - describeEgressOnlyInternetGatewaysResult.setEgressOnlyInternetGateways(egressGatewayList); - when(ec2Client.describeEgressOnlyInternetGateways(anyObject())).thenReturn(describeEgressOnlyInternetGatewaysResult); - assertThat(ec2InventoryUtil.fetchEgressGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch egress gateway test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchEgressGatewayTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchEgressGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch DHCP options test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchDHCPOptionsTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeDhcpOptionsResult describeDhcpOptionsResult = new DescribeDhcpOptionsResult(); - List dhcpOptionsList = new ArrayList<>(); - dhcpOptionsList.add(new DhcpOptions()); - describeDhcpOptionsResult.setDhcpOptions(dhcpOptionsList); - when(ec2Client.describeDhcpOptions()).thenReturn(describeDhcpOptionsResult); - assertThat(ec2InventoryUtil.fetchDHCPOptions(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch DHCP options test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchDHCPOptionsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchDHCPOptions(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch peering connections test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchPeeringConnectionsTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeVpcPeeringConnectionsResult describeVpcPeeringConnectionsResult = new DescribeVpcPeeringConnectionsResult(); - List peeringConnectionList = new ArrayList<>(); - peeringConnectionList.add(new VpcPeeringConnection()); - describeVpcPeeringConnectionsResult.setVpcPeeringConnections(peeringConnectionList); - when(ec2Client.describeVpcPeeringConnections()).thenReturn(describeVpcPeeringConnectionsResult); - assertThat(ec2InventoryUtil.fetchPeeringConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch peering connections test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchPeeringConnectionsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchPeeringConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch customer gateway test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchCustomerGatewayTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeCustomerGatewaysResult describeCustomerGatewaysResult = new DescribeCustomerGatewaysResult(); - List customerGatewayList = new ArrayList<>(); - customerGatewayList.add(new CustomerGateway()); - describeCustomerGatewaysResult.setCustomerGateways(customerGatewayList); - when(ec2Client.describeCustomerGateways()).thenReturn(describeCustomerGatewaysResult); - assertThat(ec2InventoryUtil.fetchCustomerGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch customer gateway test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchCustomerGatewayTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchCustomerGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch VPN connections test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVPNConnectionsTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeVpnConnectionsResult describeVpnConnectionsResult = new DescribeVpnConnectionsResult(); - List vpnConnectionsList = new ArrayList<>(); - vpnConnectionsList.add(new VpnConnection()); - describeVpnConnectionsResult.setVpnConnections(vpnConnectionsList); - when(ec2Client.describeVpnConnections()).thenReturn(describeVpnConnectionsResult); - assertThat(ec2InventoryUtil.fetchVPNConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch VPN connections test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVPNConnectionsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchVPNConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch reserved instances test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchReservedInstancesTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeReservedInstancesResult describeReservedInstancesResult = new DescribeReservedInstancesResult(); - List reservedInstancesList = new ArrayList<>(); - reservedInstancesList.add(new ReservedInstances()); - describeReservedInstancesResult.setReservedInstances(reservedInstancesList); - when(ec2Client.describeReservedInstances()).thenReturn(describeReservedInstancesResult); - assertThat(ec2InventoryUtil.fetchReservedInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch reserved instances test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchReservedInstancesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchReservedInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch SSM info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSSMInfoTest() throws Exception { - - mockStatic(AWSSimpleSystemsManagementClientBuilder.class); - AWSSimpleSystemsManagement ssmClient = PowerMockito.mock(AWSSimpleSystemsManagement.class); - AWSSimpleSystemsManagementClientBuilder simpleSystemsManagementClientBuilder = PowerMockito.mock(AWSSimpleSystemsManagementClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(simpleSystemsManagementClientBuilder.standard()).thenReturn(simpleSystemsManagementClientBuilder); - when(simpleSystemsManagementClientBuilder.withCredentials(anyObject())).thenReturn(simpleSystemsManagementClientBuilder); - when(simpleSystemsManagementClientBuilder.withRegion(anyString())).thenReturn(simpleSystemsManagementClientBuilder); - when(simpleSystemsManagementClientBuilder.build()).thenReturn(ssmClient); - - DescribeInstanceInformationResult describeInstanceInfoRslt = new DescribeInstanceInformationResult(); - List ssmInstanceListTemp = new ArrayList<>(); - ssmInstanceListTemp.add(new InstanceInformation()); - describeInstanceInfoRslt.setInstanceInformationList(ssmInstanceListTemp); - when(ssmClient.describeInstanceInformation(anyObject())).thenReturn(describeInstanceInfoRslt); - assertThat(ec2InventoryUtil.fetchSSMInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch SSM info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSSMInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(ec2InventoryUtil.fetchSSMInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Gets the regions. - * - * @return the regions - */ - private List getRegions() { - List regions = new ArrayList<>(); - Region region = new Region(new RegionImpl() { - - @Override - public boolean isServiceSupported(String serviceName) { - return false; - } - - @Override - public boolean hasHttpsEndpoint(String serviceName) { - return false; - } - - @Override - public boolean hasHttpEndpoint(String serviceName) { - return false; - } - - @Override - public String getServiceEndpoint(String serviceName) { - return null; - } - - @Override - public String getPartition() { - return null; - } - - @Override - public String getName() { - return "north"; - } - - @Override - public String getDomain() { - return null; - } - - @Override - public Collection getAvailableEndpoints() { - return null; - } - }); - regions.add(region); - return regions; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionImpl; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.ec2.AmazonEC2; +import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; +import com.amazonaws.services.ec2.model.Address; +import com.amazonaws.services.ec2.model.CustomerGateway; +import com.amazonaws.services.ec2.model.DescribeAddressesResult; +import com.amazonaws.services.ec2.model.DescribeCustomerGatewaysResult; +import com.amazonaws.services.ec2.model.DescribeDhcpOptionsResult; +import com.amazonaws.services.ec2.model.DescribeEgressOnlyInternetGatewaysResult; +import com.amazonaws.services.ec2.model.DescribeInternetGatewaysResult; +import com.amazonaws.services.ec2.model.DescribeNetworkAclsResult; +import com.amazonaws.services.ec2.model.DescribeReservedInstancesResult; +import com.amazonaws.services.ec2.model.DescribeRouteTablesResult; +import com.amazonaws.services.ec2.model.DescribeVpcPeeringConnectionsResult; +import com.amazonaws.services.ec2.model.DescribeVpnConnectionsResult; +import com.amazonaws.services.ec2.model.DescribeVpnGatewaysResult; +import com.amazonaws.services.ec2.model.DhcpOptions; +import com.amazonaws.services.ec2.model.EgressOnlyInternetGateway; +import com.amazonaws.services.ec2.model.InternetGateway; +import com.amazonaws.services.ec2.model.NetworkAcl; +import com.amazonaws.services.ec2.model.ReservedInstances; +import com.amazonaws.services.ec2.model.RouteTable; +import com.amazonaws.services.ec2.model.VpcPeeringConnection; +import com.amazonaws.services.ec2.model.VpnConnection; +import com.amazonaws.services.ec2.model.VpnGateway; +import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement; +import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder; +import com.amazonaws.services.simplesystemsmanagement.model.DescribeInstanceInformationResult; +import com.amazonaws.services.simplesystemsmanagement.model.InstanceInformation; + + +/** + * The Class EC2InventoryUtilTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({RegionUtils.class,AmazonEC2ClientBuilder.class,AWSSimpleSystemsManagementClientBuilder.class}) +@PowerMockIgnore("javax.management.*") +public class EC2InventoryUtilTest { + + /** The ec 2 inventory util. */ + @InjectMocks + EC2InventoryUtil ec2InventoryUtil; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + + mockStatic(RegionUtils.class); + when(RegionUtils.getRegions()).thenReturn(getRegions()); + } + + /** + * Fetch route tables test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRouteTablesTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeRouteTablesResult describeRouteTablesResult = new DescribeRouteTablesResult(); + List routeTableList = new ArrayList<>(); + routeTableList.add(new RouteTable()); + describeRouteTablesResult.setRouteTables(routeTableList); + when(ec2Client.describeRouteTables()).thenReturn(describeRouteTablesResult); + assertThat(ec2InventoryUtil.fetchRouteTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch route tables test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRouteTablesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchRouteTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch network ACL test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchNetworkACLTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeNetworkAclsResult describeNetworkAclsResult = new DescribeNetworkAclsResult(); + List networkAclList = new ArrayList<>(); + networkAclList.add(new NetworkAcl()); + describeNetworkAclsResult.setNetworkAcls(networkAclList); + when(ec2Client.describeNetworkAcls()).thenReturn(describeNetworkAclsResult); + assertThat(ec2InventoryUtil.fetchNetworkACL(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch network ACL test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchNetworkACLTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchNetworkACL(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch elastic IP addresses test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchElasticIPAddressesTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeAddressesResult describeAddressesResult = new DescribeAddressesResult(); + List
    elasticIPList = new ArrayList<>(); + elasticIPList.add(new Address()); + describeAddressesResult.setAddresses(elasticIPList); + when(ec2Client.describeAddresses()).thenReturn(describeAddressesResult); + assertThat(ec2InventoryUtil.fetchElasticIPAddresses(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch elastic IP addresses test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchElasticIPAddressesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchElasticIPAddresses(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch internet gateway test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchInternetGatewayTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeInternetGatewaysResult describeInternetGatewaysResult = new DescribeInternetGatewaysResult(); + List internetGatewayList = new ArrayList<>(); + internetGatewayList.add(new InternetGateway()); + describeInternetGatewaysResult.setInternetGateways(internetGatewayList); + when(ec2Client.describeInternetGateways()).thenReturn(describeInternetGatewaysResult); + assertThat(ec2InventoryUtil.fetchInternetGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch internet gateway test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchInternetGatewayTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchInternetGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch VPN gateway test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVPNGatewayTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeVpnGatewaysResult describeVpnGatewaysResult = new DescribeVpnGatewaysResult(); + List vpnGatewayList = new ArrayList<>(); + vpnGatewayList.add(new VpnGateway()); + describeVpnGatewaysResult.setVpnGateways(vpnGatewayList); + when(ec2Client.describeVpnGateways()).thenReturn(describeVpnGatewaysResult); + assertThat(ec2InventoryUtil.fetchVPNGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch VPN gateway test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVPNGatewayTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchVPNGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch egress gateway test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchEgressGatewayTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeEgressOnlyInternetGatewaysResult describeEgressOnlyInternetGatewaysResult = new DescribeEgressOnlyInternetGatewaysResult(); + List egressGatewayList = new ArrayList<>(); + egressGatewayList.add(new EgressOnlyInternetGateway()); + describeEgressOnlyInternetGatewaysResult.setEgressOnlyInternetGateways(egressGatewayList); + when(ec2Client.describeEgressOnlyInternetGateways(anyObject())).thenReturn(describeEgressOnlyInternetGatewaysResult); + assertThat(ec2InventoryUtil.fetchEgressGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch egress gateway test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchEgressGatewayTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchEgressGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch DHCP options test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchDHCPOptionsTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeDhcpOptionsResult describeDhcpOptionsResult = new DescribeDhcpOptionsResult(); + List dhcpOptionsList = new ArrayList<>(); + dhcpOptionsList.add(new DhcpOptions()); + describeDhcpOptionsResult.setDhcpOptions(dhcpOptionsList); + when(ec2Client.describeDhcpOptions()).thenReturn(describeDhcpOptionsResult); + assertThat(ec2InventoryUtil.fetchDHCPOptions(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch DHCP options test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchDHCPOptionsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchDHCPOptions(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch peering connections test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchPeeringConnectionsTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeVpcPeeringConnectionsResult describeVpcPeeringConnectionsResult = new DescribeVpcPeeringConnectionsResult(); + List peeringConnectionList = new ArrayList<>(); + peeringConnectionList.add(new VpcPeeringConnection()); + describeVpcPeeringConnectionsResult.setVpcPeeringConnections(peeringConnectionList); + when(ec2Client.describeVpcPeeringConnections()).thenReturn(describeVpcPeeringConnectionsResult); + assertThat(ec2InventoryUtil.fetchPeeringConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch peering connections test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchPeeringConnectionsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchPeeringConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch customer gateway test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchCustomerGatewayTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeCustomerGatewaysResult describeCustomerGatewaysResult = new DescribeCustomerGatewaysResult(); + List customerGatewayList = new ArrayList<>(); + customerGatewayList.add(new CustomerGateway()); + describeCustomerGatewaysResult.setCustomerGateways(customerGatewayList); + when(ec2Client.describeCustomerGateways()).thenReturn(describeCustomerGatewaysResult); + assertThat(ec2InventoryUtil.fetchCustomerGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch customer gateway test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchCustomerGatewayTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchCustomerGateway(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch VPN connections test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVPNConnectionsTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeVpnConnectionsResult describeVpnConnectionsResult = new DescribeVpnConnectionsResult(); + List vpnConnectionsList = new ArrayList<>(); + vpnConnectionsList.add(new VpnConnection()); + describeVpnConnectionsResult.setVpnConnections(vpnConnectionsList); + when(ec2Client.describeVpnConnections()).thenReturn(describeVpnConnectionsResult); + assertThat(ec2InventoryUtil.fetchVPNConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch VPN connections test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVPNConnectionsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchVPNConnections(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch reserved instances test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchReservedInstancesTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeReservedInstancesResult describeReservedInstancesResult = new DescribeReservedInstancesResult(); + List reservedInstancesList = new ArrayList<>(); + reservedInstancesList.add(new ReservedInstances()); + describeReservedInstancesResult.setReservedInstances(reservedInstancesList); + when(ec2Client.describeReservedInstances()).thenReturn(describeReservedInstancesResult); + assertThat(ec2InventoryUtil.fetchReservedInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch reserved instances test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchReservedInstancesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchReservedInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch SSM info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSSMInfoTest() throws Exception { + + mockStatic(AWSSimpleSystemsManagementClientBuilder.class); + AWSSimpleSystemsManagement ssmClient = PowerMockito.mock(AWSSimpleSystemsManagement.class); + AWSSimpleSystemsManagementClientBuilder simpleSystemsManagementClientBuilder = PowerMockito.mock(AWSSimpleSystemsManagementClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(simpleSystemsManagementClientBuilder.standard()).thenReturn(simpleSystemsManagementClientBuilder); + when(simpleSystemsManagementClientBuilder.withCredentials(anyObject())).thenReturn(simpleSystemsManagementClientBuilder); + when(simpleSystemsManagementClientBuilder.withRegion(anyString())).thenReturn(simpleSystemsManagementClientBuilder); + when(simpleSystemsManagementClientBuilder.build()).thenReturn(ssmClient); + + DescribeInstanceInformationResult describeInstanceInfoRslt = new DescribeInstanceInformationResult(); + List ssmInstanceListTemp = new ArrayList<>(); + ssmInstanceListTemp.add(new InstanceInformation()); + describeInstanceInfoRslt.setInstanceInformationList(ssmInstanceListTemp); + when(ssmClient.describeInstanceInformation(anyObject())).thenReturn(describeInstanceInfoRslt); + assertThat(ec2InventoryUtil.fetchSSMInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch SSM info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSSMInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(ec2InventoryUtil.fetchSSMInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Gets the regions. + * + * @return the regions + */ + private List getRegions() { + List regions = new ArrayList<>(); + Region region = new Region(new RegionImpl() { + + @Override + public boolean isServiceSupported(String serviceName) { + return false; + } + + @Override + public boolean hasHttpsEndpoint(String serviceName) { + return false; + } + + @Override + public boolean hasHttpEndpoint(String serviceName) { + return false; + } + + @Override + public String getServiceEndpoint(String serviceName) { + return null; + } + + @Override + public String getPartition() { + return null; + } + + @Override + public String getName() { + return "north"; + } + + @Override + public String getDomain() { + return null; + } + + @Override + public Collection getAvailableEndpoints() { + return null; + } + }); + regions.add(region); + return regions; + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtilTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtilTest.java index 263b33f78..178b7dbb9 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtilTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/ESInventoryUtilTest.java @@ -1,187 +1,187 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.Matchers.anyObject; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionImpl; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.autoscaling.AmazonAutoScaling; -import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; -import com.amazonaws.services.elasticsearch.AWSElasticsearch; -import com.amazonaws.services.elasticsearch.AWSElasticsearchClientBuilder; -import com.amazonaws.services.elasticsearch.model.DescribeElasticsearchDomainsResult; -import com.amazonaws.services.elasticsearch.model.DomainInfo; -import com.amazonaws.services.elasticsearch.model.ElasticsearchDomainStatus; -import com.amazonaws.services.elasticsearch.model.ListDomainNamesResult; -import com.amazonaws.services.elasticsearch.model.ListTagsResult; -import com.amazonaws.services.elasticsearch.model.Tag; - - -/** - * The Class ESInventoryUtilTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({RegionUtils.class,AWSElasticsearchClientBuilder.class}) -@PowerMockIgnore("javax.management.*") -public class ESInventoryUtilTest { - - /** The es inventory util. */ - @InjectMocks - ESInventoryUtil esInventoryUtil; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - - mockStatic(RegionUtils.class); - when(RegionUtils.getRegions()).thenReturn(getRegions()); - } - - /** - * Fetch ES info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchESInfoTest() throws Exception { - - mockStatic(AWSElasticsearchClientBuilder.class); - AWSElasticsearch awsEsClient = PowerMockito.mock(AWSElasticsearch.class); - AWSElasticsearchClientBuilder awsElasticsearchClientBuilder = PowerMockito.mock(AWSElasticsearchClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(awsElasticsearchClientBuilder.standard()).thenReturn(awsElasticsearchClientBuilder); - when(awsElasticsearchClientBuilder.withCredentials(anyObject())).thenReturn(awsElasticsearchClientBuilder); - when(awsElasticsearchClientBuilder.withRegion(anyString())).thenReturn(awsElasticsearchClientBuilder); - when(awsElasticsearchClientBuilder.build()).thenReturn(awsEsClient); - - ListDomainNamesResult listDomainResult = new ListDomainNamesResult(); - List domainNames = new ArrayList<>(); - DomainInfo domainInfo = new DomainInfo(); - domainInfo.setDomainName("domain"); - domainNames.add(domainInfo); - listDomainResult.setDomainNames(domainNames); - when(awsEsClient.listDomainNames(anyObject())).thenReturn(listDomainResult); - - DescribeElasticsearchDomainsResult describeResult = new DescribeElasticsearchDomainsResult() ; - List domainStatusList = new ArrayList<>(); - ElasticsearchDomainStatus domainStatus = new ElasticsearchDomainStatus(); - domainStatus.setARN("arn"); - domainStatusList.add(domainStatus); - describeResult.setDomainStatusList(domainStatusList); - when(awsEsClient.describeElasticsearchDomains(anyObject())).thenReturn(describeResult); - ListTagsResult listTagsResult = new ListTagsResult(); - listTagsResult.setTagList(new ArrayList()); - when(awsEsClient.listTags(anyObject())).thenReturn(listTagsResult); - - assertThat(esInventoryUtil.fetchESInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch ES info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchESInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(esInventoryUtil.fetchESInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Gets the regions. - * - * @return the regions - */ - private List getRegions() { - List regions = new ArrayList<>(); - Region region = new Region(new RegionImpl() { - - @Override - public boolean isServiceSupported(String serviceName) { - return false; - } - - @Override - public boolean hasHttpsEndpoint(String serviceName) { - return false; - } - - @Override - public boolean hasHttpEndpoint(String serviceName) { - return false; - } - - @Override - public String getServiceEndpoint(String serviceName) { - return null; - } - - @Override - public String getPartition() { - return null; - } - - @Override - public String getName() { - return "north"; - } - - @Override - public String getDomain() { - return null; - } - - @Override - public Collection getAvailableEndpoints() { - return null; - } - }); - regions.add(region); - return regions; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionImpl; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.autoscaling.AmazonAutoScaling; +import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; +import com.amazonaws.services.elasticsearch.AWSElasticsearch; +import com.amazonaws.services.elasticsearch.AWSElasticsearchClientBuilder; +import com.amazonaws.services.elasticsearch.model.DescribeElasticsearchDomainsResult; +import com.amazonaws.services.elasticsearch.model.DomainInfo; +import com.amazonaws.services.elasticsearch.model.ElasticsearchDomainStatus; +import com.amazonaws.services.elasticsearch.model.ListDomainNamesResult; +import com.amazonaws.services.elasticsearch.model.ListTagsResult; +import com.amazonaws.services.elasticsearch.model.Tag; + + +/** + * The Class ESInventoryUtilTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({RegionUtils.class,AWSElasticsearchClientBuilder.class}) +@PowerMockIgnore("javax.management.*") +public class ESInventoryUtilTest { + + /** The es inventory util. */ + @InjectMocks + ESInventoryUtil esInventoryUtil; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + + mockStatic(RegionUtils.class); + when(RegionUtils.getRegions()).thenReturn(getRegions()); + } + + /** + * Fetch ES info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchESInfoTest() throws Exception { + + mockStatic(AWSElasticsearchClientBuilder.class); + AWSElasticsearch awsEsClient = PowerMockito.mock(AWSElasticsearch.class); + AWSElasticsearchClientBuilder awsElasticsearchClientBuilder = PowerMockito.mock(AWSElasticsearchClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(awsElasticsearchClientBuilder.standard()).thenReturn(awsElasticsearchClientBuilder); + when(awsElasticsearchClientBuilder.withCredentials(anyObject())).thenReturn(awsElasticsearchClientBuilder); + when(awsElasticsearchClientBuilder.withRegion(anyString())).thenReturn(awsElasticsearchClientBuilder); + when(awsElasticsearchClientBuilder.build()).thenReturn(awsEsClient); + + ListDomainNamesResult listDomainResult = new ListDomainNamesResult(); + List domainNames = new ArrayList<>(); + DomainInfo domainInfo = new DomainInfo(); + domainInfo.setDomainName("domain"); + domainNames.add(domainInfo); + listDomainResult.setDomainNames(domainNames); + when(awsEsClient.listDomainNames(anyObject())).thenReturn(listDomainResult); + + DescribeElasticsearchDomainsResult describeResult = new DescribeElasticsearchDomainsResult() ; + List domainStatusList = new ArrayList<>(); + ElasticsearchDomainStatus domainStatus = new ElasticsearchDomainStatus(); + domainStatus.setARN("arn"); + domainStatusList.add(domainStatus); + describeResult.setDomainStatusList(domainStatusList); + when(awsEsClient.describeElasticsearchDomains(anyObject())).thenReturn(describeResult); + ListTagsResult listTagsResult = new ListTagsResult(); + listTagsResult.setTagList(new ArrayList()); + when(awsEsClient.listTags(anyObject())).thenReturn(listTagsResult); + + assertThat(esInventoryUtil.fetchESInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch ES info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchESInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(esInventoryUtil.fetchESInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Gets the regions. + * + * @return the regions + */ + private List getRegions() { + List regions = new ArrayList<>(); + Region region = new Region(new RegionImpl() { + + @Override + public boolean isServiceSupported(String serviceName) { + return false; + } + + @Override + public boolean hasHttpsEndpoint(String serviceName) { + return false; + } + + @Override + public boolean hasHttpEndpoint(String serviceName) { + return false; + } + + @Override + public String getServiceEndpoint(String serviceName) { + return null; + } + + @Override + public String getPartition() { + return null; + } + + @Override + public String getName() { + return "north"; + } + + @Override + public String getDomain() { + return null; + } + + @Override + public Collection getAvailableEndpoints() { + return null; + } + }); + regions.add(region); + return regions; + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/InventoryUtilTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/InventoryUtilTest.java index 5f1bcbac2..dab7e0866 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/InventoryUtilTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/InventoryUtilTest.java @@ -1,1769 +1,1769 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.Matchers.anyObject; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.Date; -import java.util.HashMap; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.amazonaws.AmazonServiceException; -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionImpl; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.apigateway.AmazonApiGateway; -import com.amazonaws.services.apigateway.AmazonApiGatewayClientBuilder; -import com.amazonaws.services.apigateway.model.GetRestApisResult; -import com.amazonaws.services.apigateway.model.RestApi; -import com.amazonaws.services.autoscaling.AmazonAutoScaling; -import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; -import com.amazonaws.services.autoscaling.model.AutoScalingGroup; -import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; -import com.amazonaws.services.cloudformation.AmazonCloudFormation; -import com.amazonaws.services.cloudformation.AmazonCloudFormationClientBuilder; -import com.amazonaws.services.cloudformation.model.DescribeStacksResult; -import com.amazonaws.services.cloudformation.model.Stack; -import com.amazonaws.services.cloudfront.AmazonCloudFront; -import com.amazonaws.services.cloudfront.AmazonCloudFrontClientBuilder; -import com.amazonaws.services.cloudfront.model.DistributionList; -import com.amazonaws.services.cloudfront.model.DistributionSummary; -import com.amazonaws.services.cloudfront.model.ListDistributionsResult; -import com.amazonaws.services.cloudfront.model.Tags; -import com.amazonaws.services.dynamodbv2.AmazonDynamoDB; -import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder; -import com.amazonaws.services.dynamodbv2.model.DescribeTableResult; -import com.amazonaws.services.dynamodbv2.model.ListTablesResult; -import com.amazonaws.services.dynamodbv2.model.ListTagsOfResourceResult; -import com.amazonaws.services.dynamodbv2.model.TableDescription; -import com.amazonaws.services.ec2.AmazonEC2; -import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; -import com.amazonaws.services.ec2.model.DescribeInstancesResult; -import com.amazonaws.services.ec2.model.DescribeNatGatewaysResult; -import com.amazonaws.services.ec2.model.DescribeNetworkInterfacesResult; -import com.amazonaws.services.ec2.model.DescribeSecurityGroupsResult; -import com.amazonaws.services.ec2.model.DescribeSnapshotsResult; -import com.amazonaws.services.ec2.model.DescribeSubnetsResult; -import com.amazonaws.services.ec2.model.DescribeVolumesResult; -import com.amazonaws.services.ec2.model.DescribeVpcEndpointsResult; -import com.amazonaws.services.ec2.model.DescribeVpcsResult; -import com.amazonaws.services.ec2.model.Instance; -import com.amazonaws.services.ec2.model.NatGateway; -import com.amazonaws.services.ec2.model.NetworkInterface; -import com.amazonaws.services.ec2.model.Reservation; -import com.amazonaws.services.ec2.model.SecurityGroup; -import com.amazonaws.services.ec2.model.Snapshot; -import com.amazonaws.services.ec2.model.Subnet; -import com.amazonaws.services.ec2.model.Volume; -import com.amazonaws.services.ec2.model.Vpc; -import com.amazonaws.services.ec2.model.VpcEndpoint; -import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalk; -import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalkClientBuilder; -import com.amazonaws.services.elasticbeanstalk.model.ApplicationDescription; -import com.amazonaws.services.elasticbeanstalk.model.DescribeApplicationsResult; -import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentResourcesResult; -import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentsResult; -import com.amazonaws.services.elasticbeanstalk.model.EnvironmentDescription; -import com.amazonaws.services.elasticbeanstalk.model.EnvironmentResourceDescription; -import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystem; -import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystemClientBuilder; -import com.amazonaws.services.elasticfilesystem.model.DescribeFileSystemsResult; -import com.amazonaws.services.elasticfilesystem.model.DescribeTagsResult; -import com.amazonaws.services.elasticfilesystem.model.FileSystemDescription; -import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancing; -import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancingClientBuilder; -import com.amazonaws.services.elasticloadbalancing.model.LoadBalancerDescription; -import com.amazonaws.services.elasticloadbalancing.model.TagDescription; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeLoadBalancersResult; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetGroupsResult; -import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetHealthResult; -import com.amazonaws.services.elasticloadbalancingv2.model.LoadBalancer; -import com.amazonaws.services.elasticloadbalancingv2.model.TargetGroup; -import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduce; -import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduceClientBuilder; -import com.amazonaws.services.elasticmapreduce.model.Cluster; -import com.amazonaws.services.elasticmapreduce.model.ClusterSummary; -import com.amazonaws.services.elasticmapreduce.model.DescribeClusterResult; -import com.amazonaws.services.elasticmapreduce.model.ListClustersResult; -import com.amazonaws.services.health.AWSHealth; -import com.amazonaws.services.health.AWSHealthClientBuilder; -import com.amazonaws.services.health.model.AffectedEntity; -import com.amazonaws.services.health.model.DescribeAffectedEntitiesResult; -import com.amazonaws.services.health.model.DescribeEventDetailsResult; -import com.amazonaws.services.health.model.DescribeEventsResult; -import com.amazonaws.services.health.model.Event; -import com.amazonaws.services.health.model.EventDetails; -import com.amazonaws.services.identitymanagement.AmazonIdentityManagement; -import com.amazonaws.services.identitymanagement.AmazonIdentityManagementClientBuilder; -import com.amazonaws.services.identitymanagement.model.AccessKeyLastUsed; -import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata; -import com.amazonaws.services.identitymanagement.model.GetAccessKeyLastUsedResult; -import com.amazonaws.services.identitymanagement.model.GetLoginProfileResult; -import com.amazonaws.services.identitymanagement.model.Group; -import com.amazonaws.services.identitymanagement.model.ListAccessKeysResult; -import com.amazonaws.services.identitymanagement.model.ListGroupsForUserResult; -import com.amazonaws.services.identitymanagement.model.ListMFADevicesResult; -import com.amazonaws.services.identitymanagement.model.ListRolesResult; -import com.amazonaws.services.identitymanagement.model.ListUsersResult; -import com.amazonaws.services.identitymanagement.model.LoginProfile; -import com.amazonaws.services.identitymanagement.model.MFADevice; -import com.amazonaws.services.identitymanagement.model.Role; -import com.amazonaws.services.identitymanagement.model.User; -import com.amazonaws.services.kms.AWSKMS; -import com.amazonaws.services.kms.AWSKMSClientBuilder; -import com.amazonaws.services.kms.model.AliasListEntry; -import com.amazonaws.services.kms.model.DescribeKeyResult; -import com.amazonaws.services.kms.model.GetKeyRotationStatusResult; -import com.amazonaws.services.kms.model.KeyListEntry; -import com.amazonaws.services.kms.model.KeyMetadata; -import com.amazonaws.services.kms.model.ListAliasesResult; -import com.amazonaws.services.kms.model.ListKeysResult; -import com.amazonaws.services.kms.model.ListResourceTagsResult; -import com.amazonaws.services.lambda.AWSLambda; -import com.amazonaws.services.lambda.AWSLambdaClientBuilder; -import com.amazonaws.services.lambda.model.FunctionConfiguration; -import com.amazonaws.services.lambda.model.ListFunctionsResult; -import com.amazonaws.services.lambda.model.ListTagsResult; -import com.amazonaws.services.rds.AmazonRDS; -import com.amazonaws.services.rds.AmazonRDSClientBuilder; -import com.amazonaws.services.rds.model.DBCluster; -import com.amazonaws.services.rds.model.DBInstance; -import com.amazonaws.services.rds.model.DBSnapshot; -import com.amazonaws.services.rds.model.DescribeDBClustersResult; -import com.amazonaws.services.rds.model.DescribeDBInstancesResult; -import com.amazonaws.services.rds.model.DescribeDBSnapshotsResult; -import com.amazonaws.services.rds.model.ListTagsForResourceResult; -import com.amazonaws.services.redshift.AmazonRedshift; -import com.amazonaws.services.redshift.AmazonRedshiftClientBuilder; -import com.amazonaws.services.redshift.model.DescribeClustersResult; -import com.amazonaws.services.s3.AmazonS3; -import com.amazonaws.services.s3.AmazonS3ClientBuilder; -import com.amazonaws.services.s3.model.Bucket; -import com.amazonaws.services.s3.model.BucketTaggingConfiguration; -import com.amazonaws.services.s3.model.BucketVersioningConfiguration; -import com.amazonaws.services.s3.model.TagSet; -import com.amazonaws.services.support.AWSSupport; -import com.amazonaws.services.support.AWSSupportClientBuilder; -import com.amazonaws.services.support.model.DescribeTrustedAdvisorCheckResultResult; -import com.amazonaws.services.support.model.DescribeTrustedAdvisorChecksResult; -import com.amazonaws.services.support.model.RefreshTrustedAdvisorCheckResult; -import com.amazonaws.services.support.model.TrustedAdvisorCheckDescription; -import com.amazonaws.services.support.model.TrustedAdvisorCheckResult; -import com.amazonaws.services.support.model.TrustedAdvisorResourceDetail; - - -/** - * The Class InventoryUtilTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({RegionUtils.class,AmazonEC2ClientBuilder.class,AmazonAutoScalingClientBuilder.class,AmazonCloudFormationClientBuilder.class, - AmazonDynamoDBClientBuilder.class,AmazonElasticFileSystemClientBuilder.class,AmazonElasticMapReduceClientBuilder.class,AWSLambdaClientBuilder.class,AmazonElasticLoadBalancingClientBuilder.class, - com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class,AmazonRDSClientBuilder.class,AmazonS3ClientBuilder.class,AmazonRedshiftClientBuilder.class, - AmazonApiGatewayClientBuilder.class,AmazonIdentityManagementClientBuilder.class,AWSKMSClientBuilder.class,AmazonCloudFrontClientBuilder.class,AWSElasticBeanstalkClientBuilder.class, - AWSHealthClientBuilder.class,AWSSupportClientBuilder.class,com.amazonaws.services.s3.model.Region.class}) -@PowerMockIgnore("javax.management.*") -public class InventoryUtilTest { - - /** The inventory util. */ - @InjectMocks - InventoryUtil inventoryUtil; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - - mockStatic(RegionUtils.class); - when(RegionUtils.getRegions()).thenReturn(getRegions()); - } - - /** - * Fetch instances test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchInstancesTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeInstancesResult describeInstancesResult = new DescribeInstancesResult(); - List instanceList = new ArrayList<>(); - instanceList.add(new Instance()); - List reservations = new ArrayList<>(); - Reservation reservation = new Reservation(); - reservation.setInstances(instanceList); - reservations.add(reservation); - describeInstancesResult.setReservations(reservations ); - when(ec2Client.describeInstances(anyObject())).thenReturn(describeInstancesResult); - assertThat(inventoryUtil.fetchInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch instances test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchInstancesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch network interfaces test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchNetworkInterfacesTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeNetworkInterfacesResult describeNetworkInterfacesResult = new DescribeNetworkInterfacesResult(); - List niList = new ArrayList<>(); - niList.add(new NetworkInterface()); - describeNetworkInterfacesResult.setNetworkInterfaces(niList); - when(ec2Client.describeNetworkInterfaces()).thenReturn(describeNetworkInterfacesResult); - assertThat(inventoryUtil.fetchNetworkIntefaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch network intefaces test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchNetworkIntefacesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchNetworkIntefaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch security groups test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSecurityGroupsTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeSecurityGroupsResult describeSecurityGroupsResult = new DescribeSecurityGroupsResult(); - List secGrpList = new ArrayList<>(); - secGrpList.add(new SecurityGroup()); - describeSecurityGroupsResult.setSecurityGroups(secGrpList); - when(ec2Client.describeSecurityGroups()).thenReturn(describeSecurityGroupsResult); - assertThat(inventoryUtil.fetchSecurityGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch security groups test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSecurityGroupsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchSecurityGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch launch configurations test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchLaunchConfigurationsTest() throws Exception { - - mockStatic(AmazonAutoScalingClientBuilder.class); - AmazonAutoScaling asgClient = PowerMockito.mock(AmazonAutoScaling.class); - AmazonAutoScalingClientBuilder amazonAutoScalingClientBuilder = PowerMockito.mock(AmazonAutoScalingClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonAutoScalingClientBuilder.standard()).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.withCredentials(anyObject())).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.withRegion(anyString())).thenReturn(amazonAutoScalingClientBuilder); - when(amazonAutoScalingClientBuilder.build()).thenReturn(asgClient); - - DescribeAutoScalingGroupsResult autoScalingGroupsResult = new DescribeAutoScalingGroupsResult(); - List asgList = new ArrayList<>(); - asgList.add(new AutoScalingGroup()); - autoScalingGroupsResult.setAutoScalingGroups(asgList); - when(asgClient.describeAutoScalingGroups(anyObject())).thenReturn(autoScalingGroupsResult); - assertThat(inventoryUtil.fetchAsg(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch launch configurations test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchLaunchConfigurationsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchAsg(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch cloud formation stack test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchCloudFormationStackTest() throws Exception { - - mockStatic(AmazonCloudFormationClientBuilder.class); - AmazonCloudFormation cloudFormClient = PowerMockito.mock(AmazonCloudFormation.class); - AmazonCloudFormationClientBuilder amazonCloudFormationClientBuilder = PowerMockito.mock(AmazonCloudFormationClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonCloudFormationClientBuilder.standard()).thenReturn(amazonCloudFormationClientBuilder); - when(amazonCloudFormationClientBuilder.withCredentials(anyObject())).thenReturn(amazonCloudFormationClientBuilder); - when(amazonCloudFormationClientBuilder.withRegion(anyString())).thenReturn(amazonCloudFormationClientBuilder); - when(amazonCloudFormationClientBuilder.build()).thenReturn(cloudFormClient); - - DescribeStacksResult describeStacksResult = new DescribeStacksResult(); - List stacks = new ArrayList<>(); - stacks.add(new Stack()); - describeStacksResult.setStacks(stacks); - when(cloudFormClient.describeStacks(anyObject())).thenReturn(describeStacksResult); - assertThat(inventoryUtil.fetchCloudFormationStack(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch cloud formation stack test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchCloudFormationStackTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchCloudFormationStack(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch dynamo DB tables test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchDynamoDBTablesTest() throws Exception { - - mockStatic(AmazonDynamoDBClientBuilder.class); - AmazonDynamoDB awsClient = PowerMockito.mock(AmazonDynamoDB.class); - AmazonDynamoDBClientBuilder amazonDynamoDBClientBuilder = PowerMockito.mock(AmazonDynamoDBClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonDynamoDBClientBuilder.standard()).thenReturn(amazonDynamoDBClientBuilder); - when(amazonDynamoDBClientBuilder.withCredentials(anyObject())).thenReturn(amazonDynamoDBClientBuilder); - when(amazonDynamoDBClientBuilder.withRegion(anyString())).thenReturn(amazonDynamoDBClientBuilder); - when(amazonDynamoDBClientBuilder.build()).thenReturn(awsClient); - - ListTablesResult listTableResult = new ListTablesResult(); - List tables = new ArrayList<>(); - tables.add(new String()); - listTableResult.setTableNames(tables); - when(awsClient.listTables()).thenReturn(listTableResult); - - DescribeTableResult describeTableResult = new DescribeTableResult(); - TableDescription table = new TableDescription(); - table.setTableArn("tableArn"); - describeTableResult.setTable(table); - when(awsClient.describeTable(anyString())).thenReturn(describeTableResult); - - when(awsClient.listTagsOfResource(anyObject())).thenReturn(new ListTagsOfResourceResult()); - assertThat(inventoryUtil.fetchDynamoDBTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch dynamo DB tables test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - public void fetchDynamoDBTablesTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchDynamoDBTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch EFS info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchEFSInfoTest() throws Exception { - - mockStatic(AmazonElasticFileSystemClientBuilder.class); - AmazonElasticFileSystem efsClient = PowerMockito.mock(AmazonElasticFileSystem.class); - AmazonElasticFileSystemClientBuilder amazonElasticFileSystemClientBuilder = PowerMockito.mock(AmazonElasticFileSystemClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonElasticFileSystemClientBuilder.standard()).thenReturn(amazonElasticFileSystemClientBuilder); - when(amazonElasticFileSystemClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticFileSystemClientBuilder); - when(amazonElasticFileSystemClientBuilder.withRegion(anyString())).thenReturn(amazonElasticFileSystemClientBuilder); - when(amazonElasticFileSystemClientBuilder.build()).thenReturn(efsClient); - - DescribeFileSystemsResult describeFileSystemsResult = new DescribeFileSystemsResult(); - List efsList = new ArrayList<>(); - FileSystemDescription fileSystemDescription = new FileSystemDescription(); - fileSystemDescription.setFileSystemId("fileSystemId"); - efsList.add(fileSystemDescription); - describeFileSystemsResult.setFileSystems(efsList); - when(efsClient.describeFileSystems(anyObject())).thenReturn(describeFileSystemsResult); - when(efsClient.describeTags(anyObject())).thenReturn(new DescribeTagsResult()); - assertThat(inventoryUtil.fetchEFSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch EFS info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchEFSInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchEFSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch EMR info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchEMRInfoTest() throws Exception { - - mockStatic(AmazonElasticMapReduceClientBuilder.class); - AmazonElasticMapReduce emrClient = PowerMockito.mock(AmazonElasticMapReduce.class); - AmazonElasticMapReduceClientBuilder amazonElasticFileSystemClientBuilder = PowerMockito.mock(AmazonElasticMapReduceClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonElasticFileSystemClientBuilder.standard()).thenReturn(amazonElasticFileSystemClientBuilder); - when(amazonElasticFileSystemClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticFileSystemClientBuilder); - when(amazonElasticFileSystemClientBuilder.withRegion(anyString())).thenReturn(amazonElasticFileSystemClientBuilder); - when(amazonElasticFileSystemClientBuilder.build()).thenReturn(emrClient); - - ListClustersResult listClustersResult = new ListClustersResult(); - List clusters = new ArrayList<>(); - ClusterSummary clusterSummary = new ClusterSummary(); - clusterSummary.setId("id"); - clusters.add(clusterSummary); - listClustersResult.setClusters(clusters); - when(emrClient.listClusters(anyObject())).thenReturn(listClustersResult); - - DescribeClusterResult describeClusterResult = new DescribeClusterResult(); - describeClusterResult.setCluster(new Cluster()); - when(emrClient.describeCluster(anyObject())).thenReturn(describeClusterResult); - assertThat(inventoryUtil.fetchEMRInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch EMR info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchEMRInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchEMRInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch lambda info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchLambdaInfoTest() throws Exception { - - mockStatic(AWSLambdaClientBuilder.class); - AWSLambda lamdaClient = PowerMockito.mock(AWSLambda.class); - AWSLambdaClientBuilder awsLambdaClientBuilder = PowerMockito.mock(AWSLambdaClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(awsLambdaClientBuilder.standard()).thenReturn(awsLambdaClientBuilder); - when(awsLambdaClientBuilder.withCredentials(anyObject())).thenReturn(awsLambdaClientBuilder); - when(awsLambdaClientBuilder.withRegion(anyString())).thenReturn(awsLambdaClientBuilder); - when(awsLambdaClientBuilder.build()).thenReturn(lamdaClient); - - ListFunctionsResult listFunctionsResult = new ListFunctionsResult(); - List functions = new ArrayList<>(); - FunctionConfiguration functionConfiguration = new FunctionConfiguration(); - functionConfiguration.setFunctionArn("functionArn"); - functions.add(functionConfiguration); - listFunctionsResult.setFunctions(functions); - when(lamdaClient.listFunctions(anyObject())).thenReturn(listFunctionsResult); - - ListTagsResult listTagsResult = new ListTagsResult(); - listTagsResult.setTags(new HashMap<>()); - when(lamdaClient.listTags(anyObject())).thenReturn(listTagsResult); - assertThat(inventoryUtil.fetchLambdaInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch lambda info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchLambdaInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchLambdaInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch classic elb info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchClassicElbInfoTest() throws Exception { - - mockStatic(AmazonElasticLoadBalancingClientBuilder.class); - AmazonElasticLoadBalancing elbClient = PowerMockito.mock(AmazonElasticLoadBalancing.class); - AmazonElasticLoadBalancingClientBuilder amazonElasticLoadBalancingClientBuilder = PowerMockito.mock(AmazonElasticLoadBalancingClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonElasticLoadBalancingClientBuilder.standard()).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.withRegion(anyString())).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.build()).thenReturn(elbClient); - - com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersResult elbDescResult = new com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersResult(); - List elbList = new ArrayList<>(); - LoadBalancerDescription loadBalancerDescription = new LoadBalancerDescription(); - loadBalancerDescription.setLoadBalancerName("loadBalancerName"); - elbList.add(loadBalancerDescription); - elbDescResult.setLoadBalancerDescriptions(elbList); - when(elbClient.describeLoadBalancers(anyObject())).thenReturn(elbDescResult); - - com.amazonaws.services.elasticloadbalancing.model.DescribeTagsResult describeTagsResult = new com.amazonaws.services.elasticloadbalancing.model.DescribeTagsResult(); - List tagsList = new ArrayList(); - TagDescription tagDescription = new TagDescription(); - tagDescription.setLoadBalancerName("loadBalancerName"); - tagDescription.setTags(new ArrayList()); - tagsList.add(tagDescription); - describeTagsResult.setTagDescriptions(tagsList); - when(elbClient.describeTags(anyObject())).thenReturn(describeTagsResult); - assertThat(inventoryUtil.fetchClassicElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch classic elb info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchClassicElbInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchClassicElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch elb info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchElbInfoTest() throws Exception { - - mockStatic(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); - com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing.class); - com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder amazonElasticLoadBalancingClientBuilder = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonElasticLoadBalancingClientBuilder.standard()).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.withRegion(anyString())).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.build()).thenReturn(elbClient); - - DescribeLoadBalancersResult elbDescResult = new DescribeLoadBalancersResult(); - List elbList = new ArrayList<>(); - LoadBalancer loadBalancer = new LoadBalancer(); - loadBalancer.setLoadBalancerArn("loadBalancerArn"); - elbList.add(loadBalancer); - elbDescResult.setLoadBalancers(elbList); - when(elbClient.describeLoadBalancers(anyObject())).thenReturn(elbDescResult); - - com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsResult describeTagsResult = new com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsResult(); - List tagsList = new ArrayList<>(); - com.amazonaws.services.elasticloadbalancingv2.model.TagDescription tagDescription = new com.amazonaws.services.elasticloadbalancingv2.model.TagDescription(); - tagDescription.setResourceArn("loadBalancerArn"); - tagDescription.setTags(new ArrayList()); - tagsList.add(tagDescription); - describeTagsResult.setTagDescriptions(tagsList); - when(elbClient.describeTags(anyObject())).thenReturn(describeTagsResult); - assertThat(inventoryUtil.fetchElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - } - - /** - * Fetch elb info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchElbInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch target groups test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchTargetGroupsTest() throws Exception { - - mockStatic(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); - com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing.class); - com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder amazonElasticLoadBalancingClientBuilder = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonElasticLoadBalancingClientBuilder.standard()).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.withRegion(anyString())).thenReturn(amazonElasticLoadBalancingClientBuilder); - when(amazonElasticLoadBalancingClientBuilder.build()).thenReturn(elbClient); - - DescribeTargetGroupsResult trgtGrpRslt = new DescribeTargetGroupsResult(); - List targetGrpList = new ArrayList<>(); - TargetGroup targetGroup = new TargetGroup(); - targetGroup.setTargetGroupArn("targetGroupArn"); - targetGrpList.add(targetGroup); - trgtGrpRslt.setTargetGroups(targetGrpList); - when(elbClient.describeTargetGroups(anyObject())).thenReturn(trgtGrpRslt); - - DescribeTargetHealthResult describeTargetHealthResult = new DescribeTargetHealthResult(); - describeTargetHealthResult.setTargetHealthDescriptions(new ArrayList<>()); - when(elbClient.describeTargetHealth(anyObject())).thenReturn(describeTargetHealthResult); - assertThat(inventoryUtil.fetchTargetGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch target groups test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchTargetGroupsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchTargetGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch NAT gateway info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchNATGatewayInfoTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeNatGatewaysResult describeNatGatewaysResult = new DescribeNatGatewaysResult(); - List natGatwayList = new ArrayList<>(); - natGatwayList.add(new NatGateway()); - describeNatGatewaysResult.setNatGateways(natGatwayList); - when(ec2Client.describeNatGateways(anyObject())).thenReturn(describeNatGatewaysResult); - assertThat(inventoryUtil.fetchNATGatewayInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch NAT gateway info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchNATGatewayInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchNATGatewayInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch RDS cluster info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRDSClusterInfoTest() throws Exception { - - mockStatic(AmazonRDSClientBuilder.class); - AmazonRDS rdsClient = PowerMockito.mock(AmazonRDS.class); - AmazonRDSClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonRDSClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.build()).thenReturn(rdsClient); - - DescribeDBClustersResult describeDBClustersResult = new DescribeDBClustersResult(); - List rdsList = new ArrayList<>(); - DBCluster dBCluster = new DBCluster(); - dBCluster.setDBClusterArn("dBClusterArn");; - rdsList.add(dBCluster); - describeDBClustersResult.setDBClusters(rdsList); - when(rdsClient.describeDBClusters(anyObject())).thenReturn(describeDBClustersResult); - - ListTagsForResourceResult listTagsForResourceResult = new ListTagsForResourceResult(); - listTagsForResourceResult.setTagList(new ArrayList<>()); - when(rdsClient.listTagsForResource(anyObject())).thenReturn(listTagsForResourceResult); - assertThat(inventoryUtil.fetchRDSClusterInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch RDS cluster info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRDSClusterInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchRDSClusterInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch RDS instance info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRDSInstanceInfoTest() throws Exception { - - mockStatic(AmazonRDSClientBuilder.class); - AmazonRDS rdsClient = PowerMockito.mock(AmazonRDS.class); - AmazonRDSClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonRDSClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.build()).thenReturn(rdsClient); - - DescribeDBInstancesResult describeDBInstancesResult = new DescribeDBInstancesResult(); - List rdsList = new ArrayList<>(); - DBInstance dBInstance = new DBInstance(); - dBInstance.setDBInstanceArn("dBInstanceArn"); - rdsList.add(dBInstance); - describeDBInstancesResult.setDBInstances(rdsList); - when(rdsClient.describeDBInstances(anyObject())).thenReturn(describeDBInstancesResult); - - ListTagsForResourceResult listTagsForResourceResult = new ListTagsForResourceResult(); - listTagsForResourceResult.setTagList(new ArrayList<>()); - when(rdsClient.listTagsForResource(anyObject())).thenReturn(listTagsForResourceResult); - assertThat(inventoryUtil.fetchRDSInstanceInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch RDS instance info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRDSInstanceInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchRDSInstanceInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch S 3 info test. - * - * @throws Exception the exception - */ - @SuppressWarnings({ "static-access"}) - @Test - public void fetchS3InfoTest() throws Exception { - - mockStatic(AmazonS3ClientBuilder.class); - AmazonS3 amazonS3Client = PowerMockito.mock(AmazonS3.class); - AmazonS3ClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonS3ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.build()).thenReturn(amazonS3Client); - - List s3buckets = new ArrayList<>(); - Bucket bucket = new Bucket(); - bucket.setName("name"); - s3buckets.add(bucket); - when(amazonS3Client.listBuckets()).thenReturn(s3buckets); - when(amazonS3Client.getBucketLocation(anyString())).thenReturn("bucketLocation"); - mockStatic(com.amazonaws.services.s3.model.Region.class); - com.amazonaws.services.s3.model.Region value = null; - when(com.amazonaws.services.s3.model.Region.fromValue(anyString())).thenReturn(value.US_West); - when(value.US_West.toAWSRegion()).thenReturn(getRegions().get(0)); - when(amazonS3Client.getBucketVersioningConfiguration(anyString())).thenReturn(new BucketVersioningConfiguration()); - BucketTaggingConfiguration tagConfig = new BucketTaggingConfiguration(); - List tagSets = new ArrayList<>(); - TagSet tagSet = new TagSet(); - tagSet.setTag("key", "value"); - tagSets.add(tagSet); - tagSets.add(tagSet); - tagConfig.setTagSets(tagSets); - when(amazonS3Client.getBucketTaggingConfiguration(anyString())).thenReturn(tagConfig); - - assertThat(inventoryUtil.fetchS3Info(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch S 3 info test test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchS3InfoTestTest_Exception() throws Exception { - - mockStatic(AmazonS3ClientBuilder.class); - AmazonS3 amazonS3Client = PowerMockito.mock(AmazonS3.class); - AmazonS3ClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonS3ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.build()).thenReturn(amazonS3Client); - - List s3buckets = new ArrayList<>(); - Bucket bucket = new Bucket(); - bucket.setName("name"); - s3buckets.add(bucket); - when(amazonS3Client.listBuckets()).thenReturn(s3buckets); - - when(amazonS3Client.getBucketLocation(anyString())).thenThrow(new AmazonServiceException("Error")); - assertThat(inventoryUtil.fetchS3Info(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch subnets test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSubnetsTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeSubnetsResult describeSubnetsResult = new DescribeSubnetsResult(); - List subnets = new ArrayList<>(); - subnets.add(new Subnet()); - describeSubnetsResult.setSubnets(subnets); - when(ec2Client.describeSubnets()).thenReturn(describeSubnetsResult); - assertThat(inventoryUtil.fetchSubnets(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch subnets test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSubnetsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchSubnets(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch trusterd advisors checks test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchTrusterdAdvisorsChecksTest() throws Exception { - - mockStatic(AWSSupportClientBuilder.class); - AWSSupport awsSupportClient = PowerMockito.mock(AWSSupport.class); - AWSSupportClientBuilder awsSupportClientBuilder = PowerMockito.mock(AWSSupportClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(awsSupportClientBuilder.standard()).thenReturn(awsSupportClientBuilder); - when(awsSupportClientBuilder.withCredentials(anyObject())).thenReturn(awsSupportClientBuilder); - when(awsSupportClientBuilder.withRegion(anyString())).thenReturn(awsSupportClientBuilder); - when(awsSupportClientBuilder.build()).thenReturn(awsSupportClient); - - DescribeTrustedAdvisorChecksResult describeTrustedAdvisorChecksResult = new DescribeTrustedAdvisorChecksResult(); - List trstdAdvsrList = new ArrayList<>(); - TrustedAdvisorCheckDescription trustedAdvisorCheckDescription = new TrustedAdvisorCheckDescription(); - trustedAdvisorCheckDescription.setId("id"); - List metadata = new ArrayList<>(); - metadata.add("metaData"); - trustedAdvisorCheckDescription.setMetadata(metadata); - trstdAdvsrList.add(trustedAdvisorCheckDescription); - describeTrustedAdvisorChecksResult.setChecks(trstdAdvsrList); - when(awsSupportClient.describeTrustedAdvisorChecks(anyObject())).thenReturn(describeTrustedAdvisorChecksResult); - - DescribeTrustedAdvisorCheckResultResult result = new DescribeTrustedAdvisorCheckResultResult(); - TrustedAdvisorCheckResult trustedAdvisorCheckResult = new TrustedAdvisorCheckResult(); - trustedAdvisorCheckResult.setStatus("not ok"); - List flaggedResources = new ArrayList<>(); - TrustedAdvisorResourceDetail trustedAdvisorResourceDetail = new TrustedAdvisorResourceDetail(); - trustedAdvisorResourceDetail.setResourceId("id"); - trustedAdvisorResourceDetail.setMetadata(metadata); - flaggedResources.add(trustedAdvisorResourceDetail); - trustedAdvisorCheckResult.setFlaggedResources(flaggedResources ); - result.setResult(trustedAdvisorCheckResult); - when(awsSupportClient.describeTrustedAdvisorCheckResult(anyObject())).thenReturn(result ); - - when(awsSupportClient.refreshTrustedAdvisorCheck(anyObject())).thenReturn(new RefreshTrustedAdvisorCheckResult()); - assertThat(inventoryUtil.fetchTrusterdAdvisorsChecks(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "account").size(), is(1)); - } - - /** - * Fetch redshift info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRedshiftInfoTest() throws Exception { - - mockStatic(AmazonRedshiftClientBuilder.class); - AmazonRedshift redshiftClient = PowerMockito.mock(AmazonRedshift.class); - AmazonRedshiftClientBuilder amazonRedshiftClientBuilder = PowerMockito.mock(AmazonRedshiftClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonRedshiftClientBuilder.standard()).thenReturn(amazonRedshiftClientBuilder); - when(amazonRedshiftClientBuilder.withCredentials(anyObject())).thenReturn(amazonRedshiftClientBuilder); - when(amazonRedshiftClientBuilder.withRegion(anyString())).thenReturn(amazonRedshiftClientBuilder); - when(amazonRedshiftClientBuilder.build()).thenReturn(redshiftClient); - - DescribeClustersResult describeClustersResult = new DescribeClustersResult(); - List redshiftList = new ArrayList<>(); - redshiftList.add(new com.amazonaws.services.redshift.model.Cluster()); - describeClustersResult.setClusters(redshiftList); - when(redshiftClient.describeClusters(anyObject())).thenReturn(describeClustersResult); - assertThat(inventoryUtil.fetchRedshiftInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch redshift info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRedshiftInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchRedshiftInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch volumet info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVolumetInfoTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeVolumesResult describeVolumesResult = new DescribeVolumesResult(); - List volumeList = new ArrayList<>(); - volumeList.add(new Volume()); - describeVolumesResult.setVolumes(volumeList); - when(ec2Client.describeVolumes()).thenReturn(describeVolumesResult); - assertThat(inventoryUtil.fetchVolumetInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch volumet info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVolumetInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchVolumetInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch snapshots test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSnapshotsTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeSnapshotsResult describeSnapshotsResult = new DescribeSnapshotsResult(); - List snapShotsList = new ArrayList<>(); - snapShotsList.add(new Snapshot()); - describeSnapshotsResult.setSnapshots(snapShotsList); - when(ec2Client.describeSnapshots(anyObject())).thenReturn(describeSnapshotsResult); - assertThat(inventoryUtil.fetchSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch snapshots test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSnapshotsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch vpc info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVpcInfoTest() throws Exception { - - mockStatic(AmazonEC2ClientBuilder.class); - AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); - AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); - when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); - - DescribeVpcsResult describeVpcsResult = new DescribeVpcsResult(); - List vpcList = new ArrayList<>(); - Vpc vpc = new Vpc(); - vpc.setVpcId("vpcId"); - vpcList.add(vpc); - describeVpcsResult.setVpcs(vpcList); - when(ec2Client.describeVpcs()).thenReturn(describeVpcsResult); - - DescribeVpcEndpointsResult describeVpcEndpointsResult = new DescribeVpcEndpointsResult(); - List vpcEndpoints = new ArrayList(); - VpcEndpoint vpcEndpoint = new VpcEndpoint(); - vpcEndpoint.setPolicyDocument("{\"Statement\":[{\"Effect\":\"Allow\",\"Resource\":\"*\"}]}"); - vpcEndpoints.add(vpcEndpoint); - describeVpcEndpointsResult.setVpcEndpoints(vpcEndpoints); - when(ec2Client.describeVpcEndpoints(anyObject())).thenReturn(describeVpcEndpointsResult); - assertThat(inventoryUtil.fetchVpcInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - describeVpcEndpointsResult = new DescribeVpcEndpointsResult(); - vpcEndpoints = new ArrayList(); - vpcEndpoint = new VpcEndpoint(); - vpcEndpoint.setPolicyDocument("{\"Statement\"[{\"Effect\":\"Allow\",\"Resource\":\"*\"}]}"); - vpcEndpoints.add(vpcEndpoint); - describeVpcEndpointsResult.setVpcEndpoints(vpcEndpoints); - when(ec2Client.describeVpcEndpoints(anyObject())).thenReturn(describeVpcEndpointsResult); - assertThat(inventoryUtil.fetchVpcInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch vpc info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchVpcInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchVpcInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch api gateways test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchApiGatewaysTest() throws Exception { - - mockStatic(AmazonApiGatewayClientBuilder.class); - AmazonApiGateway apiGatWayClient = PowerMockito.mock(AmazonApiGateway.class); - AmazonApiGatewayClientBuilder amazonApiGatewayClientBuilder = PowerMockito.mock(AmazonApiGatewayClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonApiGatewayClientBuilder.standard()).thenReturn(amazonApiGatewayClientBuilder); - when(amazonApiGatewayClientBuilder.withCredentials(anyObject())).thenReturn(amazonApiGatewayClientBuilder); - when(amazonApiGatewayClientBuilder.withRegion(anyString())).thenReturn(amazonApiGatewayClientBuilder); - when(amazonApiGatewayClientBuilder.build()).thenReturn(apiGatWayClient); - - GetRestApisResult getRestApisResult = new GetRestApisResult(); - List apiGateWaysList = new ArrayList<>(); - apiGateWaysList.add(new RestApi()); - getRestApisResult.setItems(apiGateWaysList); - when(apiGatWayClient.getRestApis(anyObject())).thenReturn(getRestApisResult); - assertThat(inventoryUtil.fetchApiGateways(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch api gateways test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchApiGatewaysTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchApiGateways(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch IAM users test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchIAMUsersTest() throws Exception { - - mockStatic(AmazonIdentityManagementClientBuilder.class); - AmazonIdentityManagement iamClient = PowerMockito.mock(AmazonIdentityManagement.class); - AmazonIdentityManagementClientBuilder amazonIdentityManagementClientBuilder = PowerMockito.mock(AmazonIdentityManagementClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonIdentityManagementClientBuilder.standard()).thenReturn(amazonIdentityManagementClientBuilder); - when(amazonIdentityManagementClientBuilder.withCredentials(anyObject())).thenReturn(amazonIdentityManagementClientBuilder); - when(amazonIdentityManagementClientBuilder.withRegion(anyString())).thenReturn(amazonIdentityManagementClientBuilder); - when(amazonIdentityManagementClientBuilder.build()).thenReturn(iamClient); - - ListUsersResult listUsersResult = new ListUsersResult(); - List users = new ArrayList<>(); - User user = new User(); - user.setUserName("name"); - users.add(user); - listUsersResult.setUsers(users); - when(iamClient.listUsers(anyObject())).thenReturn(listUsersResult); - - ListAccessKeysResult listAccessKeysResult = new ListAccessKeysResult(); - List accessKeyMetadataList = new ArrayList<>(); - AccessKeyMetadata accessKeyMetadata = new AccessKeyMetadata(); - accessKeyMetadata.setAccessKeyId("accessKeyId"); - accessKeyMetadataList.add(accessKeyMetadata); - listAccessKeysResult.setAccessKeyMetadata(accessKeyMetadataList ); - when(iamClient.listAccessKeys(anyObject())).thenReturn(listAccessKeysResult); - - GetAccessKeyLastUsedResult getAccessKeyLastUsedResult = new GetAccessKeyLastUsedResult(); - AccessKeyLastUsed accessKeyLastUsed = new AccessKeyLastUsed(); - accessKeyLastUsed.setLastUsedDate(new Date()); - getAccessKeyLastUsedResult.setAccessKeyLastUsed(accessKeyLastUsed ); - when(iamClient.getAccessKeyLastUsed(anyObject())).thenReturn(getAccessKeyLastUsedResult); - - GetLoginProfileResult getLoginProfileResult = new GetLoginProfileResult(); - LoginProfile loginProfile = new LoginProfile(); - loginProfile.setCreateDate(new Date()); - loginProfile.setPasswordResetRequired(false); - getLoginProfileResult.setLoginProfile(loginProfile ); - when(iamClient.getLoginProfile(anyObject())).thenReturn(getLoginProfileResult ); - - ListGroupsForUserResult listGroupsForUserResult = new ListGroupsForUserResult(); - List groups = new ArrayList<>(); - Group group = new Group(); - group.setGroupName("groupName"); - groups.add(group); - listGroupsForUserResult.setGroups(groups ); - when(iamClient.listGroupsForUser(anyObject())).thenReturn(listGroupsForUserResult ); - - ListMFADevicesResult listMFADevicesResult = new ListMFADevicesResult(); - listMFADevicesResult.setMFADevices(new ArrayList<>());; - when(iamClient.listMFADevices(anyObject())).thenReturn(listMFADevicesResult ); - - assertThat(inventoryUtil.fetchIAMUsers(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "account").size(), is(1)); - - listMFADevicesResult = new ListMFADevicesResult(); - List mfaDevices = new ArrayList<>(); - mfaDevices.add(new MFADevice()); - listMFADevicesResult.setMFADevices(mfaDevices); - when(iamClient.listMFADevices(anyObject())).thenReturn(listMFADevicesResult ); - - assertThat(inventoryUtil.fetchIAMUsers(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "account").size(), is(1)); - } - - /** - * Fetch IAM roles test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchIAMRolesTest() throws Exception { - - mockStatic(AmazonIdentityManagementClientBuilder.class); - AmazonIdentityManagement iamClient = PowerMockito.mock(AmazonIdentityManagement.class); - AmazonIdentityManagementClientBuilder amazonIdentityManagementClientBuilder = PowerMockito.mock(AmazonIdentityManagementClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonIdentityManagementClientBuilder.standard()).thenReturn(amazonIdentityManagementClientBuilder); - when(amazonIdentityManagementClientBuilder.withCredentials(anyObject())).thenReturn(amazonIdentityManagementClientBuilder); - when(amazonIdentityManagementClientBuilder.withRegion(anyString())).thenReturn(amazonIdentityManagementClientBuilder); - when(amazonIdentityManagementClientBuilder.build()).thenReturn(iamClient); - - ListRolesResult listRolesResult = new ListRolesResult(); - List roles = new ArrayList<>(); - roles.add(new Role()); - listRolesResult.setRoles(roles); - when(iamClient.listRoles(anyObject())).thenReturn(listRolesResult); - assertThat(inventoryUtil.fetchIAMRoles(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"),"account").size(), is(1)); - } - - /** - * Fetch RDSDB snapshots test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRDSDBSnapshotsTest() throws Exception { - - mockStatic(AmazonRDSClientBuilder.class); - AmazonRDS rdsClient = PowerMockito.mock(AmazonRDS.class); - AmazonRDSClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonRDSClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); - when(amazonRDSClientBuilder.build()).thenReturn(rdsClient); - - DescribeDBSnapshotsResult describeDBSnapshotsResult = new DescribeDBSnapshotsResult(); - List snapshots = new ArrayList<>(); - snapshots.add(new DBSnapshot()); - describeDBSnapshotsResult.setDBSnapshots(snapshots); - when(rdsClient.describeDBSnapshots(anyObject())).thenReturn(describeDBSnapshotsResult); - assertThat(inventoryUtil.fetchRDSDBSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch RDSDB snapshots test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchRDSDBSnapshotsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchRDSDBSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch KMS keys test. - * - * @throws Exception the exception - */ - @SuppressWarnings({ "static-access", "unchecked" }) - @Test - public void fetchKMSKeysTest() throws Exception { - - mockStatic(AWSKMSClientBuilder.class); - AWSKMS awskms = PowerMockito.mock(AWSKMS.class); - AWSKMSClientBuilder awsKMSClientBuilder = PowerMockito.mock(AWSKMSClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(awsKMSClientBuilder.standard()).thenReturn(awsKMSClientBuilder); - when(awsKMSClientBuilder.withCredentials(anyObject())).thenReturn(awsKMSClientBuilder); - when(awsKMSClientBuilder.withRegion(anyString())).thenReturn(awsKMSClientBuilder); - when(awsKMSClientBuilder.build()).thenReturn(awskms); - - ListKeysResult listKeysResult = new ListKeysResult(); - List regionKeys = new ArrayList<>(); - KeyListEntry keyListEntry = new KeyListEntry(); - keyListEntry.setKeyId("keyId"); - regionKeys.add(keyListEntry); - listKeysResult.setKeys(regionKeys); - when(awskms.listKeys()).thenReturn(listKeysResult); - - ListAliasesResult listAliasesResult = new ListAliasesResult(); - List regionKeyAliases = new ArrayList<>(); - AliasListEntry aliasListEntry = new AliasListEntry(); - aliasListEntry.setTargetKeyId("keyId"); - regionKeyAliases.add(aliasListEntry); - listAliasesResult.setAliases(regionKeyAliases); - when(awskms.listAliases()).thenReturn(listAliasesResult); - - DescribeKeyResult describeKeyResult = new DescribeKeyResult(); - describeKeyResult.setKeyMetadata(new KeyMetadata()); - when(awskms.describeKey(anyObject())).thenReturn(describeKeyResult ); - - ListResourceTagsResult listResourceTagsResult = new ListResourceTagsResult(); - listResourceTagsResult.setTags(new ArrayList<>()); - when(awskms.listResourceTags(anyObject())).thenReturn(listResourceTagsResult); - - GetKeyRotationStatusResult getKeyRotationStatusResult = new GetKeyRotationStatusResult(); - getKeyRotationStatusResult.setKeyRotationEnabled(true); - when(awskms.getKeyRotationStatus(anyObject())).thenReturn(getKeyRotationStatusResult); - assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - listAliasesResult = new ListAliasesResult(); - listAliasesResult.setAliases(new ArrayList<>()); - when(awskms.listAliases()).thenReturn(listAliasesResult); - - when(awskms.describeKey(anyObject())).thenThrow(Exception.class ); - - listResourceTagsResult = new ListResourceTagsResult(); - listResourceTagsResult.setTags(new ArrayList<>()); - when(awskms.listResourceTags(anyObject())).thenReturn(listResourceTagsResult); - - when(awskms.getKeyRotationStatus(anyObject())).thenThrow(Exception.class ); - assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - listAliasesResult = new ListAliasesResult(); - regionKeyAliases = new ArrayList<>(); - aliasListEntry = new AliasListEntry(); - aliasListEntry.setTargetKeyId("id"); - regionKeyAliases.add(aliasListEntry); - listAliasesResult.setAliases(regionKeyAliases); - when(awskms.listAliases()).thenReturn(listAliasesResult); - - assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch KMS keys test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings({ "static-access"}) - @Test - public void fetchKMSKeysTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch cloud front info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchCloudFrontInfoTest() throws Exception { - - mockStatic(AmazonCloudFrontClientBuilder.class); - AmazonCloudFront amazonCloudFront = PowerMockito.mock(AmazonCloudFront.class); - AmazonCloudFrontClientBuilder amazonCloudFrontClientBuilder = PowerMockito.mock(AmazonCloudFrontClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonCloudFrontClientBuilder.standard()).thenReturn(amazonCloudFrontClientBuilder); - when(amazonCloudFrontClientBuilder.withCredentials(anyObject())).thenReturn(amazonCloudFrontClientBuilder); - when(amazonCloudFrontClientBuilder.withRegion(anyString())).thenReturn(amazonCloudFrontClientBuilder); - when(amazonCloudFrontClientBuilder.build()).thenReturn(amazonCloudFront); - - ListDistributionsResult listDistributionsResult = new ListDistributionsResult(); - List distributionSummaries = new ArrayList<>(); - DistributionSummary distributionSummary = new DistributionSummary(); - distributionSummary.setARN("aRN"); - distributionSummaries.add(distributionSummary); - DistributionList distributionList = new DistributionList(); - distributionList.setItems(distributionSummaries); - listDistributionsResult.setDistributionList(distributionList); - when(amazonCloudFront.listDistributions(anyObject())).thenReturn(listDistributionsResult); - - com.amazonaws.services.cloudfront.model.ListTagsForResourceResult listTagsForResourceResult = new com.amazonaws.services.cloudfront.model.ListTagsForResourceResult(); - Tags tags = new Tags(); - tags.setItems(new ArrayList<>()); - listTagsForResourceResult.setTags(tags ); - when(amazonCloudFront.listTagsForResource(anyObject())).thenReturn(listTagsForResourceResult ); - assertThat(inventoryUtil.fetchCloudFrontInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "account").size(), is(1)); - } - - /** - * Fetch cloud front info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings({ "static-access"}) - @Test - public void fetchCloudFrontInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchCloudFrontInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "account").size(), is(0)); - } - - /** - * Fetch EBS info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchEBSInfoTest() throws Exception { - - mockStatic(AWSElasticBeanstalkClientBuilder.class); - AWSElasticBeanstalk awsElasticBeanstalk = PowerMockito.mock(AWSElasticBeanstalk.class); - AWSElasticBeanstalkClientBuilder awsElasticBeanstalkClientBuilder = PowerMockito.mock(AWSElasticBeanstalkClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(awsElasticBeanstalkClientBuilder.standard()).thenReturn(awsElasticBeanstalkClientBuilder); - when(awsElasticBeanstalkClientBuilder.withCredentials(anyObject())).thenReturn(awsElasticBeanstalkClientBuilder); - when(awsElasticBeanstalkClientBuilder.withRegion(anyString())).thenReturn(awsElasticBeanstalkClientBuilder); - when(awsElasticBeanstalkClientBuilder.build()).thenReturn(awsElasticBeanstalk); - - DescribeApplicationsResult describeApplicationsResult = new DescribeApplicationsResult(); - List applicationDescriptions = new ArrayList<>(); - ApplicationDescription applicationDescription = new ApplicationDescription(); - applicationDescription.setApplicationName("applicationName"); - applicationDescriptions.add(applicationDescription); - describeApplicationsResult.setApplications(applicationDescriptions); - when(awsElasticBeanstalk.describeApplications()).thenReturn(describeApplicationsResult); - - DescribeEnvironmentsResult describeEnvironmentsResult = new DescribeEnvironmentsResult(); - List environments = new ArrayList<>(); - EnvironmentDescription environmentDescription = new EnvironmentDescription(); - environmentDescription.setEnvironmentId("environmentId"); - environments.add(environmentDescription); - describeEnvironmentsResult.setEnvironments(environments ); - when(awsElasticBeanstalk.describeEnvironments(anyObject())).thenReturn(describeEnvironmentsResult ); - - DescribeEnvironmentResourcesResult describeEnvironmentResourcesResult = new DescribeEnvironmentResourcesResult(); - describeEnvironmentResourcesResult.setEnvironmentResources(new EnvironmentResourceDescription()); - when(awsElasticBeanstalk.describeEnvironmentResources(anyObject())).thenReturn(describeEnvironmentResourcesResult); - assertThat(inventoryUtil.fetchEBSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - - describeEnvironmentsResult = new DescribeEnvironmentsResult(); - describeEnvironmentsResult.setEnvironments(new ArrayList<>() ); - when(awsElasticBeanstalk.describeEnvironments(anyObject())).thenReturn(describeEnvironmentsResult ); - - assertThat(inventoryUtil.fetchEBSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch EBS info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings({ "static-access"}) - @Test - public void fetchEBSInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchEBSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Fetch PHD info test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchPHDInfoTest() throws Exception { - - mockStatic(AWSHealthClientBuilder.class); - AWSHealth awsHealth = PowerMockito.mock(AWSHealth.class); - AWSHealthClientBuilder awsHealthClientBuilder = PowerMockito.mock(AWSHealthClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(awsHealthClientBuilder.standard()).thenReturn(awsHealthClientBuilder); - when(awsHealthClientBuilder.withCredentials(anyObject())).thenReturn(awsHealthClientBuilder); - when(awsHealthClientBuilder.withRegion(anyString())).thenReturn(awsHealthClientBuilder); - when(awsHealthClientBuilder.build()).thenReturn(awsHealth); - - DescribeEventsResult describeEventsResult = new DescribeEventsResult(); - List resultEvents = new ArrayList<>(); - Event event = new Event(); - event.setArn("arn"); - resultEvents.add(event); - describeEventsResult.setEvents(resultEvents); - when(awsHealth.describeEvents(anyObject())).thenReturn(describeEventsResult); - - DescribeEventDetailsResult describeEventDetailsResult = new DescribeEventDetailsResult(); - List successfulEventDetails = new ArrayList<>(); - EventDetails eventDetails = new EventDetails(); - eventDetails.setEvent(event); - successfulEventDetails.add(eventDetails); - describeEventDetailsResult.setSuccessfulSet(successfulEventDetails); - when(awsHealth.describeEventDetails(anyObject())).thenReturn(describeEventDetailsResult ); - - DescribeAffectedEntitiesResult affectedEntitiesResult = new DescribeAffectedEntitiesResult(); - List affectedEntities = new ArrayList<>(); - affectedEntities.add(new AffectedEntity()); - affectedEntitiesResult.setEntities(new ArrayList<>()); - when(awsHealth.describeAffectedEntities(anyObject())).thenReturn(affectedEntitiesResult); - assertThat(inventoryUtil.fetchPHDInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "account").size(), is(1)); - } - - /** - * Fetch PHD info test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings({ "static-access"}) - @Test - public void fetchPHDInfoTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(inventoryUtil.fetchPHDInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "account").size(), is(0)); - } - - /** - * Gets the regions. - * - * @return the regions - */ - private List getRegions() { - List regions = new ArrayList<>(); - Region region = new Region(new RegionImpl() { - - @Override - public boolean isServiceSupported(String serviceName) { - return false; - } - - @Override - public boolean hasHttpsEndpoint(String serviceName) { - return false; - } - - @Override - public boolean hasHttpEndpoint(String serviceName) { - return false; - } - - @Override - public String getServiceEndpoint(String serviceName) { - return null; - } - - @Override - public String getPartition() { - return null; - } - - @Override - public String getName() { - return "north"; - } - - @Override - public String getDomain() { - return null; - } - - @Override - public Collection getAvailableEndpoints() { - return null; - } - }); - regions.add(region); - return regions; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.Date; +import java.util.HashMap; +import java.util.List; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.amazonaws.AmazonServiceException; +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionImpl; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.apigateway.AmazonApiGateway; +import com.amazonaws.services.apigateway.AmazonApiGatewayClientBuilder; +import com.amazonaws.services.apigateway.model.GetRestApisResult; +import com.amazonaws.services.apigateway.model.RestApi; +import com.amazonaws.services.autoscaling.AmazonAutoScaling; +import com.amazonaws.services.autoscaling.AmazonAutoScalingClientBuilder; +import com.amazonaws.services.autoscaling.model.AutoScalingGroup; +import com.amazonaws.services.autoscaling.model.DescribeAutoScalingGroupsResult; +import com.amazonaws.services.cloudformation.AmazonCloudFormation; +import com.amazonaws.services.cloudformation.AmazonCloudFormationClientBuilder; +import com.amazonaws.services.cloudformation.model.DescribeStacksResult; +import com.amazonaws.services.cloudformation.model.Stack; +import com.amazonaws.services.cloudfront.AmazonCloudFront; +import com.amazonaws.services.cloudfront.AmazonCloudFrontClientBuilder; +import com.amazonaws.services.cloudfront.model.DistributionList; +import com.amazonaws.services.cloudfront.model.DistributionSummary; +import com.amazonaws.services.cloudfront.model.ListDistributionsResult; +import com.amazonaws.services.cloudfront.model.Tags; +import com.amazonaws.services.dynamodbv2.AmazonDynamoDB; +import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder; +import com.amazonaws.services.dynamodbv2.model.DescribeTableResult; +import com.amazonaws.services.dynamodbv2.model.ListTablesResult; +import com.amazonaws.services.dynamodbv2.model.ListTagsOfResourceResult; +import com.amazonaws.services.dynamodbv2.model.TableDescription; +import com.amazonaws.services.ec2.AmazonEC2; +import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; +import com.amazonaws.services.ec2.model.DescribeInstancesResult; +import com.amazonaws.services.ec2.model.DescribeNatGatewaysResult; +import com.amazonaws.services.ec2.model.DescribeNetworkInterfacesResult; +import com.amazonaws.services.ec2.model.DescribeSecurityGroupsResult; +import com.amazonaws.services.ec2.model.DescribeSnapshotsResult; +import com.amazonaws.services.ec2.model.DescribeSubnetsResult; +import com.amazonaws.services.ec2.model.DescribeVolumesResult; +import com.amazonaws.services.ec2.model.DescribeVpcEndpointsResult; +import com.amazonaws.services.ec2.model.DescribeVpcsResult; +import com.amazonaws.services.ec2.model.Instance; +import com.amazonaws.services.ec2.model.NatGateway; +import com.amazonaws.services.ec2.model.NetworkInterface; +import com.amazonaws.services.ec2.model.Reservation; +import com.amazonaws.services.ec2.model.SecurityGroup; +import com.amazonaws.services.ec2.model.Snapshot; +import com.amazonaws.services.ec2.model.Subnet; +import com.amazonaws.services.ec2.model.Volume; +import com.amazonaws.services.ec2.model.Vpc; +import com.amazonaws.services.ec2.model.VpcEndpoint; +import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalk; +import com.amazonaws.services.elasticbeanstalk.AWSElasticBeanstalkClientBuilder; +import com.amazonaws.services.elasticbeanstalk.model.ApplicationDescription; +import com.amazonaws.services.elasticbeanstalk.model.DescribeApplicationsResult; +import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentResourcesResult; +import com.amazonaws.services.elasticbeanstalk.model.DescribeEnvironmentsResult; +import com.amazonaws.services.elasticbeanstalk.model.EnvironmentDescription; +import com.amazonaws.services.elasticbeanstalk.model.EnvironmentResourceDescription; +import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystem; +import com.amazonaws.services.elasticfilesystem.AmazonElasticFileSystemClientBuilder; +import com.amazonaws.services.elasticfilesystem.model.DescribeFileSystemsResult; +import com.amazonaws.services.elasticfilesystem.model.DescribeTagsResult; +import com.amazonaws.services.elasticfilesystem.model.FileSystemDescription; +import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancing; +import com.amazonaws.services.elasticloadbalancing.AmazonElasticLoadBalancingClientBuilder; +import com.amazonaws.services.elasticloadbalancing.model.LoadBalancerDescription; +import com.amazonaws.services.elasticloadbalancing.model.TagDescription; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeLoadBalancersResult; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetGroupsResult; +import com.amazonaws.services.elasticloadbalancingv2.model.DescribeTargetHealthResult; +import com.amazonaws.services.elasticloadbalancingv2.model.LoadBalancer; +import com.amazonaws.services.elasticloadbalancingv2.model.TargetGroup; +import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduce; +import com.amazonaws.services.elasticmapreduce.AmazonElasticMapReduceClientBuilder; +import com.amazonaws.services.elasticmapreduce.model.Cluster; +import com.amazonaws.services.elasticmapreduce.model.ClusterSummary; +import com.amazonaws.services.elasticmapreduce.model.DescribeClusterResult; +import com.amazonaws.services.elasticmapreduce.model.ListClustersResult; +import com.amazonaws.services.health.AWSHealth; +import com.amazonaws.services.health.AWSHealthClientBuilder; +import com.amazonaws.services.health.model.AffectedEntity; +import com.amazonaws.services.health.model.DescribeAffectedEntitiesResult; +import com.amazonaws.services.health.model.DescribeEventDetailsResult; +import com.amazonaws.services.health.model.DescribeEventsResult; +import com.amazonaws.services.health.model.Event; +import com.amazonaws.services.health.model.EventDetails; +import com.amazonaws.services.identitymanagement.AmazonIdentityManagement; +import com.amazonaws.services.identitymanagement.AmazonIdentityManagementClientBuilder; +import com.amazonaws.services.identitymanagement.model.AccessKeyLastUsed; +import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata; +import com.amazonaws.services.identitymanagement.model.GetAccessKeyLastUsedResult; +import com.amazonaws.services.identitymanagement.model.GetLoginProfileResult; +import com.amazonaws.services.identitymanagement.model.Group; +import com.amazonaws.services.identitymanagement.model.ListAccessKeysResult; +import com.amazonaws.services.identitymanagement.model.ListGroupsForUserResult; +import com.amazonaws.services.identitymanagement.model.ListMFADevicesResult; +import com.amazonaws.services.identitymanagement.model.ListRolesResult; +import com.amazonaws.services.identitymanagement.model.ListUsersResult; +import com.amazonaws.services.identitymanagement.model.LoginProfile; +import com.amazonaws.services.identitymanagement.model.MFADevice; +import com.amazonaws.services.identitymanagement.model.Role; +import com.amazonaws.services.identitymanagement.model.User; +import com.amazonaws.services.kms.AWSKMS; +import com.amazonaws.services.kms.AWSKMSClientBuilder; +import com.amazonaws.services.kms.model.AliasListEntry; +import com.amazonaws.services.kms.model.DescribeKeyResult; +import com.amazonaws.services.kms.model.GetKeyRotationStatusResult; +import com.amazonaws.services.kms.model.KeyListEntry; +import com.amazonaws.services.kms.model.KeyMetadata; +import com.amazonaws.services.kms.model.ListAliasesResult; +import com.amazonaws.services.kms.model.ListKeysResult; +import com.amazonaws.services.kms.model.ListResourceTagsResult; +import com.amazonaws.services.lambda.AWSLambda; +import com.amazonaws.services.lambda.AWSLambdaClientBuilder; +import com.amazonaws.services.lambda.model.FunctionConfiguration; +import com.amazonaws.services.lambda.model.ListFunctionsResult; +import com.amazonaws.services.lambda.model.ListTagsResult; +import com.amazonaws.services.rds.AmazonRDS; +import com.amazonaws.services.rds.AmazonRDSClientBuilder; +import com.amazonaws.services.rds.model.DBCluster; +import com.amazonaws.services.rds.model.DBInstance; +import com.amazonaws.services.rds.model.DBSnapshot; +import com.amazonaws.services.rds.model.DescribeDBClustersResult; +import com.amazonaws.services.rds.model.DescribeDBInstancesResult; +import com.amazonaws.services.rds.model.DescribeDBSnapshotsResult; +import com.amazonaws.services.rds.model.ListTagsForResourceResult; +import com.amazonaws.services.redshift.AmazonRedshift; +import com.amazonaws.services.redshift.AmazonRedshiftClientBuilder; +import com.amazonaws.services.redshift.model.DescribeClustersResult; +import com.amazonaws.services.s3.AmazonS3; +import com.amazonaws.services.s3.AmazonS3ClientBuilder; +import com.amazonaws.services.s3.model.Bucket; +import com.amazonaws.services.s3.model.BucketTaggingConfiguration; +import com.amazonaws.services.s3.model.BucketVersioningConfiguration; +import com.amazonaws.services.s3.model.TagSet; +import com.amazonaws.services.support.AWSSupport; +import com.amazonaws.services.support.AWSSupportClientBuilder; +import com.amazonaws.services.support.model.DescribeTrustedAdvisorCheckResultResult; +import com.amazonaws.services.support.model.DescribeTrustedAdvisorChecksResult; +import com.amazonaws.services.support.model.RefreshTrustedAdvisorCheckResult; +import com.amazonaws.services.support.model.TrustedAdvisorCheckDescription; +import com.amazonaws.services.support.model.TrustedAdvisorCheckResult; +import com.amazonaws.services.support.model.TrustedAdvisorResourceDetail; + + +/** + * The Class InventoryUtilTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({RegionUtils.class,AmazonEC2ClientBuilder.class,AmazonAutoScalingClientBuilder.class,AmazonCloudFormationClientBuilder.class, + AmazonDynamoDBClientBuilder.class,AmazonElasticFileSystemClientBuilder.class,AmazonElasticMapReduceClientBuilder.class,AWSLambdaClientBuilder.class,AmazonElasticLoadBalancingClientBuilder.class, + com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class,AmazonRDSClientBuilder.class,AmazonS3ClientBuilder.class,AmazonRedshiftClientBuilder.class, + AmazonApiGatewayClientBuilder.class,AmazonIdentityManagementClientBuilder.class,AWSKMSClientBuilder.class,AmazonCloudFrontClientBuilder.class,AWSElasticBeanstalkClientBuilder.class, + AWSHealthClientBuilder.class,AWSSupportClientBuilder.class,com.amazonaws.services.s3.model.Region.class}) +@PowerMockIgnore("javax.management.*") +public class InventoryUtilTest { + + /** The inventory util. */ + @InjectMocks + InventoryUtil inventoryUtil; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + + mockStatic(RegionUtils.class); + when(RegionUtils.getRegions()).thenReturn(getRegions()); + } + + /** + * Fetch instances test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchInstancesTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeInstancesResult describeInstancesResult = new DescribeInstancesResult(); + List instanceList = new ArrayList<>(); + instanceList.add(new Instance()); + List reservations = new ArrayList<>(); + Reservation reservation = new Reservation(); + reservation.setInstances(instanceList); + reservations.add(reservation); + describeInstancesResult.setReservations(reservations ); + when(ec2Client.describeInstances(anyObject())).thenReturn(describeInstancesResult); + assertThat(inventoryUtil.fetchInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName","").size(), is(1)); + + } + + /** + * Fetch instances test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchInstancesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchInstances(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName","").size(), is(0)); + } + + /** + * Fetch network interfaces test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchNetworkInterfacesTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeNetworkInterfacesResult describeNetworkInterfacesResult = new DescribeNetworkInterfacesResult(); + List niList = new ArrayList<>(); + niList.add(new NetworkInterface()); + describeNetworkInterfacesResult.setNetworkInterfaces(niList); + when(ec2Client.describeNetworkInterfaces()).thenReturn(describeNetworkInterfacesResult); + assertThat(inventoryUtil.fetchNetworkIntefaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch network intefaces test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchNetworkIntefacesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchNetworkIntefaces(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch security groups test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSecurityGroupsTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeSecurityGroupsResult describeSecurityGroupsResult = new DescribeSecurityGroupsResult(); + List secGrpList = new ArrayList<>(); + secGrpList.add(new SecurityGroup()); + describeSecurityGroupsResult.setSecurityGroups(secGrpList); + when(ec2Client.describeSecurityGroups()).thenReturn(describeSecurityGroupsResult); + assertThat(inventoryUtil.fetchSecurityGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch security groups test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSecurityGroupsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchSecurityGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch launch configurations test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchLaunchConfigurationsTest() throws Exception { + + mockStatic(AmazonAutoScalingClientBuilder.class); + AmazonAutoScaling asgClient = PowerMockito.mock(AmazonAutoScaling.class); + AmazonAutoScalingClientBuilder amazonAutoScalingClientBuilder = PowerMockito.mock(AmazonAutoScalingClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonAutoScalingClientBuilder.standard()).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.withCredentials(anyObject())).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.withRegion(anyString())).thenReturn(amazonAutoScalingClientBuilder); + when(amazonAutoScalingClientBuilder.build()).thenReturn(asgClient); + + DescribeAutoScalingGroupsResult autoScalingGroupsResult = new DescribeAutoScalingGroupsResult(); + List asgList = new ArrayList<>(); + asgList.add(new AutoScalingGroup()); + autoScalingGroupsResult.setAutoScalingGroups(asgList); + when(asgClient.describeAutoScalingGroups(anyObject())).thenReturn(autoScalingGroupsResult); + assertThat(inventoryUtil.fetchAsg(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch launch configurations test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchLaunchConfigurationsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchAsg(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch cloud formation stack test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchCloudFormationStackTest() throws Exception { + + mockStatic(AmazonCloudFormationClientBuilder.class); + AmazonCloudFormation cloudFormClient = PowerMockito.mock(AmazonCloudFormation.class); + AmazonCloudFormationClientBuilder amazonCloudFormationClientBuilder = PowerMockito.mock(AmazonCloudFormationClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonCloudFormationClientBuilder.standard()).thenReturn(amazonCloudFormationClientBuilder); + when(amazonCloudFormationClientBuilder.withCredentials(anyObject())).thenReturn(amazonCloudFormationClientBuilder); + when(amazonCloudFormationClientBuilder.withRegion(anyString())).thenReturn(amazonCloudFormationClientBuilder); + when(amazonCloudFormationClientBuilder.build()).thenReturn(cloudFormClient); + + DescribeStacksResult describeStacksResult = new DescribeStacksResult(); + List stacks = new ArrayList<>(); + stacks.add(new Stack()); + describeStacksResult.setStacks(stacks); + when(cloudFormClient.describeStacks(anyObject())).thenReturn(describeStacksResult); + assertThat(inventoryUtil.fetchCloudFormationStack(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch cloud formation stack test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchCloudFormationStackTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchCloudFormationStack(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch dynamo DB tables test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchDynamoDBTablesTest() throws Exception { + + mockStatic(AmazonDynamoDBClientBuilder.class); + AmazonDynamoDB awsClient = PowerMockito.mock(AmazonDynamoDB.class); + AmazonDynamoDBClientBuilder amazonDynamoDBClientBuilder = PowerMockito.mock(AmazonDynamoDBClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonDynamoDBClientBuilder.standard()).thenReturn(amazonDynamoDBClientBuilder); + when(amazonDynamoDBClientBuilder.withCredentials(anyObject())).thenReturn(amazonDynamoDBClientBuilder); + when(amazonDynamoDBClientBuilder.withRegion(anyString())).thenReturn(amazonDynamoDBClientBuilder); + when(amazonDynamoDBClientBuilder.build()).thenReturn(awsClient); + + ListTablesResult listTableResult = new ListTablesResult(); + List tables = new ArrayList<>(); + tables.add(new String()); + listTableResult.setTableNames(tables); + when(awsClient.listTables()).thenReturn(listTableResult); + + DescribeTableResult describeTableResult = new DescribeTableResult(); + TableDescription table = new TableDescription(); + table.setTableArn("tableArn"); + describeTableResult.setTable(table); + when(awsClient.describeTable(anyString())).thenReturn(describeTableResult); + + when(awsClient.listTagsOfResource(anyObject())).thenReturn(new ListTagsOfResourceResult()); + assertThat(inventoryUtil.fetchDynamoDBTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch dynamo DB tables test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + public void fetchDynamoDBTablesTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchDynamoDBTables(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch EFS info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchEFSInfoTest() throws Exception { + + mockStatic(AmazonElasticFileSystemClientBuilder.class); + AmazonElasticFileSystem efsClient = PowerMockito.mock(AmazonElasticFileSystem.class); + AmazonElasticFileSystemClientBuilder amazonElasticFileSystemClientBuilder = PowerMockito.mock(AmazonElasticFileSystemClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonElasticFileSystemClientBuilder.standard()).thenReturn(amazonElasticFileSystemClientBuilder); + when(amazonElasticFileSystemClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticFileSystemClientBuilder); + when(amazonElasticFileSystemClientBuilder.withRegion(anyString())).thenReturn(amazonElasticFileSystemClientBuilder); + when(amazonElasticFileSystemClientBuilder.build()).thenReturn(efsClient); + + DescribeFileSystemsResult describeFileSystemsResult = new DescribeFileSystemsResult(); + List efsList = new ArrayList<>(); + FileSystemDescription fileSystemDescription = new FileSystemDescription(); + fileSystemDescription.setFileSystemId("fileSystemId"); + efsList.add(fileSystemDescription); + describeFileSystemsResult.setFileSystems(efsList); + when(efsClient.describeFileSystems(anyObject())).thenReturn(describeFileSystemsResult); + when(efsClient.describeTags(anyObject())).thenReturn(new DescribeTagsResult()); + assertThat(inventoryUtil.fetchEFSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch EFS info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchEFSInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchEFSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch EMR info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchEMRInfoTest() throws Exception { + + mockStatic(AmazonElasticMapReduceClientBuilder.class); + AmazonElasticMapReduce emrClient = PowerMockito.mock(AmazonElasticMapReduce.class); + AmazonElasticMapReduceClientBuilder amazonElasticFileSystemClientBuilder = PowerMockito.mock(AmazonElasticMapReduceClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonElasticFileSystemClientBuilder.standard()).thenReturn(amazonElasticFileSystemClientBuilder); + when(amazonElasticFileSystemClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticFileSystemClientBuilder); + when(amazonElasticFileSystemClientBuilder.withRegion(anyString())).thenReturn(amazonElasticFileSystemClientBuilder); + when(amazonElasticFileSystemClientBuilder.build()).thenReturn(emrClient); + + ListClustersResult listClustersResult = new ListClustersResult(); + List clusters = new ArrayList<>(); + ClusterSummary clusterSummary = new ClusterSummary(); + clusterSummary.setId("id"); + clusters.add(clusterSummary); + listClustersResult.setClusters(clusters); + when(emrClient.listClusters(anyObject())).thenReturn(listClustersResult); + + DescribeClusterResult describeClusterResult = new DescribeClusterResult(); + describeClusterResult.setCluster(new Cluster()); + when(emrClient.describeCluster(anyObject())).thenReturn(describeClusterResult); + assertThat(inventoryUtil.fetchEMRInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch EMR info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchEMRInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchEMRInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch lambda info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchLambdaInfoTest() throws Exception { + + mockStatic(AWSLambdaClientBuilder.class); + AWSLambda lamdaClient = PowerMockito.mock(AWSLambda.class); + AWSLambdaClientBuilder awsLambdaClientBuilder = PowerMockito.mock(AWSLambdaClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(awsLambdaClientBuilder.standard()).thenReturn(awsLambdaClientBuilder); + when(awsLambdaClientBuilder.withCredentials(anyObject())).thenReturn(awsLambdaClientBuilder); + when(awsLambdaClientBuilder.withRegion(anyString())).thenReturn(awsLambdaClientBuilder); + when(awsLambdaClientBuilder.build()).thenReturn(lamdaClient); + + ListFunctionsResult listFunctionsResult = new ListFunctionsResult(); + List functions = new ArrayList<>(); + FunctionConfiguration functionConfiguration = new FunctionConfiguration(); + functionConfiguration.setFunctionArn("functionArn"); + functions.add(functionConfiguration); + listFunctionsResult.setFunctions(functions); + when(lamdaClient.listFunctions(anyObject())).thenReturn(listFunctionsResult); + + ListTagsResult listTagsResult = new ListTagsResult(); + listTagsResult.setTags(new HashMap<>()); + when(lamdaClient.listTags(anyObject())).thenReturn(listTagsResult); + assertThat(inventoryUtil.fetchLambdaInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch lambda info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchLambdaInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchLambdaInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch classic elb info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchClassicElbInfoTest() throws Exception { + + mockStatic(AmazonElasticLoadBalancingClientBuilder.class); + AmazonElasticLoadBalancing elbClient = PowerMockito.mock(AmazonElasticLoadBalancing.class); + AmazonElasticLoadBalancingClientBuilder amazonElasticLoadBalancingClientBuilder = PowerMockito.mock(AmazonElasticLoadBalancingClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonElasticLoadBalancingClientBuilder.standard()).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.withRegion(anyString())).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.build()).thenReturn(elbClient); + + com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersResult elbDescResult = new com.amazonaws.services.elasticloadbalancing.model.DescribeLoadBalancersResult(); + List elbList = new ArrayList<>(); + LoadBalancerDescription loadBalancerDescription = new LoadBalancerDescription(); + loadBalancerDescription.setLoadBalancerName("loadBalancerName"); + elbList.add(loadBalancerDescription); + elbDescResult.setLoadBalancerDescriptions(elbList); + when(elbClient.describeLoadBalancers(anyObject())).thenReturn(elbDescResult); + + com.amazonaws.services.elasticloadbalancing.model.DescribeTagsResult describeTagsResult = new com.amazonaws.services.elasticloadbalancing.model.DescribeTagsResult(); + List tagsList = new ArrayList(); + TagDescription tagDescription = new TagDescription(); + tagDescription.setLoadBalancerName("loadBalancerName"); + tagDescription.setTags(new ArrayList()); + tagsList.add(tagDescription); + describeTagsResult.setTagDescriptions(tagsList); + when(elbClient.describeTags(anyObject())).thenReturn(describeTagsResult); + assertThat(inventoryUtil.fetchClassicElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch classic elb info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchClassicElbInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchClassicElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch elb info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchElbInfoTest() throws Exception { + + mockStatic(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); + com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing.class); + com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder amazonElasticLoadBalancingClientBuilder = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonElasticLoadBalancingClientBuilder.standard()).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.withRegion(anyString())).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.build()).thenReturn(elbClient); + + DescribeLoadBalancersResult elbDescResult = new DescribeLoadBalancersResult(); + List elbList = new ArrayList<>(); + LoadBalancer loadBalancer = new LoadBalancer(); + loadBalancer.setLoadBalancerArn("loadBalancerArn"); + elbList.add(loadBalancer); + elbDescResult.setLoadBalancers(elbList); + when(elbClient.describeLoadBalancers(anyObject())).thenReturn(elbDescResult); + + com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsResult describeTagsResult = new com.amazonaws.services.elasticloadbalancingv2.model.DescribeTagsResult(); + List tagsList = new ArrayList<>(); + com.amazonaws.services.elasticloadbalancingv2.model.TagDescription tagDescription = new com.amazonaws.services.elasticloadbalancingv2.model.TagDescription(); + tagDescription.setResourceArn("loadBalancerArn"); + tagDescription.setTags(new ArrayList()); + tagsList.add(tagDescription); + describeTagsResult.setTagDescriptions(tagsList); + when(elbClient.describeTags(anyObject())).thenReturn(describeTagsResult); + assertThat(inventoryUtil.fetchElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + } + + /** + * Fetch elb info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchElbInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchElbInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch target groups test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchTargetGroupsTest() throws Exception { + + mockStatic(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); + com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing elbClient = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancing.class); + com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder amazonElasticLoadBalancingClientBuilder = PowerMockito.mock(com.amazonaws.services.elasticloadbalancingv2.AmazonElasticLoadBalancingClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonElasticLoadBalancingClientBuilder.standard()).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.withCredentials(anyObject())).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.withRegion(anyString())).thenReturn(amazonElasticLoadBalancingClientBuilder); + when(amazonElasticLoadBalancingClientBuilder.build()).thenReturn(elbClient); + + DescribeTargetGroupsResult trgtGrpRslt = new DescribeTargetGroupsResult(); + List targetGrpList = new ArrayList<>(); + TargetGroup targetGroup = new TargetGroup(); + targetGroup.setTargetGroupArn("targetGroupArn"); + targetGrpList.add(targetGroup); + trgtGrpRslt.setTargetGroups(targetGrpList); + when(elbClient.describeTargetGroups(anyObject())).thenReturn(trgtGrpRslt); + + DescribeTargetHealthResult describeTargetHealthResult = new DescribeTargetHealthResult(); + describeTargetHealthResult.setTargetHealthDescriptions(new ArrayList<>()); + when(elbClient.describeTargetHealth(anyObject())).thenReturn(describeTargetHealthResult); + assertThat(inventoryUtil.fetchTargetGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch target groups test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchTargetGroupsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchTargetGroups(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch NAT gateway info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchNATGatewayInfoTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeNatGatewaysResult describeNatGatewaysResult = new DescribeNatGatewaysResult(); + List natGatwayList = new ArrayList<>(); + natGatwayList.add(new NatGateway()); + describeNatGatewaysResult.setNatGateways(natGatwayList); + when(ec2Client.describeNatGateways(anyObject())).thenReturn(describeNatGatewaysResult); + assertThat(inventoryUtil.fetchNATGatewayInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch NAT gateway info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchNATGatewayInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchNATGatewayInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch RDS cluster info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRDSClusterInfoTest() throws Exception { + + mockStatic(AmazonRDSClientBuilder.class); + AmazonRDS rdsClient = PowerMockito.mock(AmazonRDS.class); + AmazonRDSClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonRDSClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.build()).thenReturn(rdsClient); + + DescribeDBClustersResult describeDBClustersResult = new DescribeDBClustersResult(); + List rdsList = new ArrayList<>(); + DBCluster dBCluster = new DBCluster(); + dBCluster.setDBClusterArn("dBClusterArn");; + rdsList.add(dBCluster); + describeDBClustersResult.setDBClusters(rdsList); + when(rdsClient.describeDBClusters(anyObject())).thenReturn(describeDBClustersResult); + + ListTagsForResourceResult listTagsForResourceResult = new ListTagsForResourceResult(); + listTagsForResourceResult.setTagList(new ArrayList<>()); + when(rdsClient.listTagsForResource(anyObject())).thenReturn(listTagsForResourceResult); + assertThat(inventoryUtil.fetchRDSClusterInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch RDS cluster info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRDSClusterInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchRDSClusterInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch RDS instance info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRDSInstanceInfoTest() throws Exception { + + mockStatic(AmazonRDSClientBuilder.class); + AmazonRDS rdsClient = PowerMockito.mock(AmazonRDS.class); + AmazonRDSClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonRDSClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.build()).thenReturn(rdsClient); + + DescribeDBInstancesResult describeDBInstancesResult = new DescribeDBInstancesResult(); + List rdsList = new ArrayList<>(); + DBInstance dBInstance = new DBInstance(); + dBInstance.setDBInstanceArn("dBInstanceArn"); + rdsList.add(dBInstance); + describeDBInstancesResult.setDBInstances(rdsList); + when(rdsClient.describeDBInstances(anyObject())).thenReturn(describeDBInstancesResult); + + ListTagsForResourceResult listTagsForResourceResult = new ListTagsForResourceResult(); + listTagsForResourceResult.setTagList(new ArrayList<>()); + when(rdsClient.listTagsForResource(anyObject())).thenReturn(listTagsForResourceResult); + assertThat(inventoryUtil.fetchRDSInstanceInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch RDS instance info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRDSInstanceInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchRDSInstanceInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch S 3 info test. + * + * @throws Exception the exception + */ + @SuppressWarnings({ "static-access"}) + @Test + public void fetchS3InfoTest() throws Exception { + + mockStatic(AmazonS3ClientBuilder.class); + AmazonS3 amazonS3Client = PowerMockito.mock(AmazonS3.class); + AmazonS3ClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonS3ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.build()).thenReturn(amazonS3Client); + + List s3buckets = new ArrayList<>(); + Bucket bucket = new Bucket(); + bucket.setName("name"); + s3buckets.add(bucket); + when(amazonS3Client.listBuckets()).thenReturn(s3buckets); + when(amazonS3Client.getBucketLocation(anyString())).thenReturn("bucketLocation"); + mockStatic(com.amazonaws.services.s3.model.Region.class); + com.amazonaws.services.s3.model.Region value = null; + when(com.amazonaws.services.s3.model.Region.fromValue(anyString())).thenReturn(value.US_West); + when(value.US_West.toAWSRegion()).thenReturn(getRegions().get(0)); + when(amazonS3Client.getBucketVersioningConfiguration(anyString())).thenReturn(new BucketVersioningConfiguration()); + BucketTaggingConfiguration tagConfig = new BucketTaggingConfiguration(); + List tagSets = new ArrayList<>(); + TagSet tagSet = new TagSet(); + tagSet.setTag("key", "value"); + tagSets.add(tagSet); + tagSets.add(tagSet); + tagConfig.setTagSets(tagSets); + when(amazonS3Client.getBucketTaggingConfiguration(anyString())).thenReturn(tagConfig); + + assertThat(inventoryUtil.fetchS3Info(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch S 3 info test test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchS3InfoTestTest_Exception() throws Exception { + + mockStatic(AmazonS3ClientBuilder.class); + AmazonS3 amazonS3Client = PowerMockito.mock(AmazonS3.class); + AmazonS3ClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonS3ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.build()).thenReturn(amazonS3Client); + + List s3buckets = new ArrayList<>(); + Bucket bucket = new Bucket(); + bucket.setName("name"); + s3buckets.add(bucket); + when(amazonS3Client.listBuckets()).thenReturn(s3buckets); + + when(amazonS3Client.getBucketLocation(anyString())).thenThrow(new AmazonServiceException("Error")); + assertThat(inventoryUtil.fetchS3Info(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch subnets test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSubnetsTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeSubnetsResult describeSubnetsResult = new DescribeSubnetsResult(); + List subnets = new ArrayList<>(); + subnets.add(new Subnet()); + describeSubnetsResult.setSubnets(subnets); + when(ec2Client.describeSubnets()).thenReturn(describeSubnetsResult); + assertThat(inventoryUtil.fetchSubnets(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch subnets test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSubnetsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchSubnets(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch trusterd advisors checks test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchTrusterdAdvisorsChecksTest() throws Exception { + + mockStatic(AWSSupportClientBuilder.class); + AWSSupport awsSupportClient = PowerMockito.mock(AWSSupport.class); + AWSSupportClientBuilder awsSupportClientBuilder = PowerMockito.mock(AWSSupportClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(awsSupportClientBuilder.standard()).thenReturn(awsSupportClientBuilder); + when(awsSupportClientBuilder.withCredentials(anyObject())).thenReturn(awsSupportClientBuilder); + when(awsSupportClientBuilder.withRegion(anyString())).thenReturn(awsSupportClientBuilder); + when(awsSupportClientBuilder.build()).thenReturn(awsSupportClient); + + DescribeTrustedAdvisorChecksResult describeTrustedAdvisorChecksResult = new DescribeTrustedAdvisorChecksResult(); + List trstdAdvsrList = new ArrayList<>(); + TrustedAdvisorCheckDescription trustedAdvisorCheckDescription = new TrustedAdvisorCheckDescription(); + trustedAdvisorCheckDescription.setId("id"); + List metadata = new ArrayList<>(); + metadata.add("metaData"); + trustedAdvisorCheckDescription.setMetadata(metadata); + trstdAdvsrList.add(trustedAdvisorCheckDescription); + describeTrustedAdvisorChecksResult.setChecks(trstdAdvsrList); + when(awsSupportClient.describeTrustedAdvisorChecks(anyObject())).thenReturn(describeTrustedAdvisorChecksResult); + + DescribeTrustedAdvisorCheckResultResult result = new DescribeTrustedAdvisorCheckResultResult(); + TrustedAdvisorCheckResult trustedAdvisorCheckResult = new TrustedAdvisorCheckResult(); + trustedAdvisorCheckResult.setStatus("not ok"); + List flaggedResources = new ArrayList<>(); + TrustedAdvisorResourceDetail trustedAdvisorResourceDetail = new TrustedAdvisorResourceDetail(); + trustedAdvisorResourceDetail.setResourceId("id"); + trustedAdvisorResourceDetail.setMetadata(metadata); + flaggedResources.add(trustedAdvisorResourceDetail); + trustedAdvisorCheckResult.setFlaggedResources(flaggedResources ); + result.setResult(trustedAdvisorCheckResult); + when(awsSupportClient.describeTrustedAdvisorCheckResult(anyObject())).thenReturn(result ); + + when(awsSupportClient.refreshTrustedAdvisorCheck(anyObject())).thenReturn(new RefreshTrustedAdvisorCheckResult()); + assertThat(inventoryUtil.fetchTrusterdAdvisorsChecks(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "account","accountName").size(), is(1)); + } + + /** + * Fetch redshift info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRedshiftInfoTest() throws Exception { + + mockStatic(AmazonRedshiftClientBuilder.class); + AmazonRedshift redshiftClient = PowerMockito.mock(AmazonRedshift.class); + AmazonRedshiftClientBuilder amazonRedshiftClientBuilder = PowerMockito.mock(AmazonRedshiftClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonRedshiftClientBuilder.standard()).thenReturn(amazonRedshiftClientBuilder); + when(amazonRedshiftClientBuilder.withCredentials(anyObject())).thenReturn(amazonRedshiftClientBuilder); + when(amazonRedshiftClientBuilder.withRegion(anyString())).thenReturn(amazonRedshiftClientBuilder); + when(amazonRedshiftClientBuilder.build()).thenReturn(redshiftClient); + + DescribeClustersResult describeClustersResult = new DescribeClustersResult(); + List redshiftList = new ArrayList<>(); + redshiftList.add(new com.amazonaws.services.redshift.model.Cluster()); + describeClustersResult.setClusters(redshiftList); + when(redshiftClient.describeClusters(anyObject())).thenReturn(describeClustersResult); + assertThat(inventoryUtil.fetchRedshiftInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch redshift info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRedshiftInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchRedshiftInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch volumet info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVolumetInfoTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeVolumesResult describeVolumesResult = new DescribeVolumesResult(); + List volumeList = new ArrayList<>(); + volumeList.add(new Volume()); + describeVolumesResult.setVolumes(volumeList); + when(ec2Client.describeVolumes()).thenReturn(describeVolumesResult); + assertThat(inventoryUtil.fetchVolumetInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch volumet info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVolumetInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchVolumetInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch snapshots test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSnapshotsTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeSnapshotsResult describeSnapshotsResult = new DescribeSnapshotsResult(); + List snapShotsList = new ArrayList<>(); + snapShotsList.add(new Snapshot()); + describeSnapshotsResult.setSnapshots(snapShotsList); + when(ec2Client.describeSnapshots(anyObject())).thenReturn(describeSnapshotsResult); + assertThat(inventoryUtil.fetchSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch snapshots test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSnapshotsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch vpc info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVpcInfoTest() throws Exception { + + mockStatic(AmazonEC2ClientBuilder.class); + AmazonEC2 ec2Client = PowerMockito.mock(AmazonEC2.class); + AmazonEC2ClientBuilder amazonEC2ClientBuilder = PowerMockito.mock(AmazonEC2ClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonEC2ClientBuilder.standard()).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withCredentials(anyObject())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.withRegion(anyString())).thenReturn(amazonEC2ClientBuilder); + when(amazonEC2ClientBuilder.build()).thenReturn(ec2Client); + + DescribeVpcsResult describeVpcsResult = new DescribeVpcsResult(); + List vpcList = new ArrayList<>(); + Vpc vpc = new Vpc(); + vpc.setVpcId("vpcId"); + vpcList.add(vpc); + describeVpcsResult.setVpcs(vpcList); + when(ec2Client.describeVpcs()).thenReturn(describeVpcsResult); + + DescribeVpcEndpointsResult describeVpcEndpointsResult = new DescribeVpcEndpointsResult(); + List vpcEndpoints = new ArrayList(); + VpcEndpoint vpcEndpoint = new VpcEndpoint(); + vpcEndpoint.setPolicyDocument("{\"Statement\":[{\"Effect\":\"Allow\",\"Resource\":\"*\"}]}"); + vpcEndpoints.add(vpcEndpoint); + describeVpcEndpointsResult.setVpcEndpoints(vpcEndpoints); + when(ec2Client.describeVpcEndpoints(anyObject())).thenReturn(describeVpcEndpointsResult); + assertThat(inventoryUtil.fetchVpcInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + describeVpcEndpointsResult = new DescribeVpcEndpointsResult(); + vpcEndpoints = new ArrayList(); + vpcEndpoint = new VpcEndpoint(); + vpcEndpoint.setPolicyDocument("{\"Statement\"[{\"Effect\":\"Allow\",\"Resource\":\"*\"}]}"); + vpcEndpoints.add(vpcEndpoint); + describeVpcEndpointsResult.setVpcEndpoints(vpcEndpoints); + when(ec2Client.describeVpcEndpoints(anyObject())).thenReturn(describeVpcEndpointsResult); + assertThat(inventoryUtil.fetchVpcInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch vpc info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchVpcInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchVpcInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch api gateways test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchApiGatewaysTest() throws Exception { + + mockStatic(AmazonApiGatewayClientBuilder.class); + AmazonApiGateway apiGatWayClient = PowerMockito.mock(AmazonApiGateway.class); + AmazonApiGatewayClientBuilder amazonApiGatewayClientBuilder = PowerMockito.mock(AmazonApiGatewayClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonApiGatewayClientBuilder.standard()).thenReturn(amazonApiGatewayClientBuilder); + when(amazonApiGatewayClientBuilder.withCredentials(anyObject())).thenReturn(amazonApiGatewayClientBuilder); + when(amazonApiGatewayClientBuilder.withRegion(anyString())).thenReturn(amazonApiGatewayClientBuilder); + when(amazonApiGatewayClientBuilder.build()).thenReturn(apiGatWayClient); + + GetRestApisResult getRestApisResult = new GetRestApisResult(); + List apiGateWaysList = new ArrayList<>(); + apiGateWaysList.add(new RestApi()); + getRestApisResult.setItems(apiGateWaysList); + when(apiGatWayClient.getRestApis(anyObject())).thenReturn(getRestApisResult); + assertThat(inventoryUtil.fetchApiGateways(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch api gateways test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchApiGatewaysTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchApiGateways(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch IAM users test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchIAMUsersTest() throws Exception { + + mockStatic(AmazonIdentityManagementClientBuilder.class); + AmazonIdentityManagement iamClient = PowerMockito.mock(AmazonIdentityManagement.class); + AmazonIdentityManagementClientBuilder amazonIdentityManagementClientBuilder = PowerMockito.mock(AmazonIdentityManagementClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonIdentityManagementClientBuilder.standard()).thenReturn(amazonIdentityManagementClientBuilder); + when(amazonIdentityManagementClientBuilder.withCredentials(anyObject())).thenReturn(amazonIdentityManagementClientBuilder); + when(amazonIdentityManagementClientBuilder.withRegion(anyString())).thenReturn(amazonIdentityManagementClientBuilder); + when(amazonIdentityManagementClientBuilder.build()).thenReturn(iamClient); + + ListUsersResult listUsersResult = new ListUsersResult(); + List users = new ArrayList<>(); + User user = new User(); + user.setUserName("name"); + users.add(user); + listUsersResult.setUsers(users); + when(iamClient.listUsers(anyObject())).thenReturn(listUsersResult); + + ListAccessKeysResult listAccessKeysResult = new ListAccessKeysResult(); + List accessKeyMetadataList = new ArrayList<>(); + AccessKeyMetadata accessKeyMetadata = new AccessKeyMetadata(); + accessKeyMetadata.setAccessKeyId("accessKeyId"); + accessKeyMetadataList.add(accessKeyMetadata); + listAccessKeysResult.setAccessKeyMetadata(accessKeyMetadataList ); + when(iamClient.listAccessKeys(anyObject())).thenReturn(listAccessKeysResult); + + GetAccessKeyLastUsedResult getAccessKeyLastUsedResult = new GetAccessKeyLastUsedResult(); + AccessKeyLastUsed accessKeyLastUsed = new AccessKeyLastUsed(); + accessKeyLastUsed.setLastUsedDate(new Date()); + getAccessKeyLastUsedResult.setAccessKeyLastUsed(accessKeyLastUsed ); + when(iamClient.getAccessKeyLastUsed(anyObject())).thenReturn(getAccessKeyLastUsedResult); + + GetLoginProfileResult getLoginProfileResult = new GetLoginProfileResult(); + LoginProfile loginProfile = new LoginProfile(); + loginProfile.setCreateDate(new Date()); + loginProfile.setPasswordResetRequired(false); + getLoginProfileResult.setLoginProfile(loginProfile ); + when(iamClient.getLoginProfile(anyObject())).thenReturn(getLoginProfileResult ); + + ListGroupsForUserResult listGroupsForUserResult = new ListGroupsForUserResult(); + List groups = new ArrayList<>(); + Group group = new Group(); + group.setGroupName("groupName"); + groups.add(group); + listGroupsForUserResult.setGroups(groups ); + when(iamClient.listGroupsForUser(anyObject())).thenReturn(listGroupsForUserResult ); + + ListMFADevicesResult listMFADevicesResult = new ListMFADevicesResult(); + listMFADevicesResult.setMFADevices(new ArrayList<>());; + when(iamClient.listMFADevices(anyObject())).thenReturn(listMFADevicesResult ); + + assertThat(inventoryUtil.fetchIAMUsers(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "account","accountName").size(), is(1)); + + listMFADevicesResult = new ListMFADevicesResult(); + List mfaDevices = new ArrayList<>(); + mfaDevices.add(new MFADevice()); + listMFADevicesResult.setMFADevices(mfaDevices); + when(iamClient.listMFADevices(anyObject())).thenReturn(listMFADevicesResult ); + + assertThat(inventoryUtil.fetchIAMUsers(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "account","accountName").size(), is(1)); + } + + /** + * Fetch IAM roles test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchIAMRolesTest() throws Exception { + + mockStatic(AmazonIdentityManagementClientBuilder.class); + AmazonIdentityManagement iamClient = PowerMockito.mock(AmazonIdentityManagement.class); + AmazonIdentityManagementClientBuilder amazonIdentityManagementClientBuilder = PowerMockito.mock(AmazonIdentityManagementClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonIdentityManagementClientBuilder.standard()).thenReturn(amazonIdentityManagementClientBuilder); + when(amazonIdentityManagementClientBuilder.withCredentials(anyObject())).thenReturn(amazonIdentityManagementClientBuilder); + when(amazonIdentityManagementClientBuilder.withRegion(anyString())).thenReturn(amazonIdentityManagementClientBuilder); + when(amazonIdentityManagementClientBuilder.build()).thenReturn(iamClient); + + ListRolesResult listRolesResult = new ListRolesResult(); + List roles = new ArrayList<>(); + roles.add(new Role()); + listRolesResult.setRoles(roles); + when(iamClient.listRoles(anyObject())).thenReturn(listRolesResult); + assertThat(inventoryUtil.fetchIAMRoles(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"),"account","accountName").size(), is(1)); + } + + /** + * Fetch RDSDB snapshots test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRDSDBSnapshotsTest() throws Exception { + + mockStatic(AmazonRDSClientBuilder.class); + AmazonRDS rdsClient = PowerMockito.mock(AmazonRDS.class); + AmazonRDSClientBuilder amazonRDSClientBuilder = PowerMockito.mock(AmazonRDSClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonRDSClientBuilder.standard()).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withCredentials(anyObject())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.withRegion(anyString())).thenReturn(amazonRDSClientBuilder); + when(amazonRDSClientBuilder.build()).thenReturn(rdsClient); + + DescribeDBSnapshotsResult describeDBSnapshotsResult = new DescribeDBSnapshotsResult(); + List snapshots = new ArrayList<>(); + snapshots.add(new DBSnapshot()); + describeDBSnapshotsResult.setDBSnapshots(snapshots); + when(rdsClient.describeDBSnapshots(anyObject())).thenReturn(describeDBSnapshotsResult); + assertThat(inventoryUtil.fetchRDSDBSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch RDSDB snapshots test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchRDSDBSnapshotsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchRDSDBSnapshots(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch KMS keys test. + * + * @throws Exception the exception + */ + @SuppressWarnings({ "static-access", "unchecked" }) + @Test + public void fetchKMSKeysTest() throws Exception { + + mockStatic(AWSKMSClientBuilder.class); + AWSKMS awskms = PowerMockito.mock(AWSKMS.class); + AWSKMSClientBuilder awsKMSClientBuilder = PowerMockito.mock(AWSKMSClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(awsKMSClientBuilder.standard()).thenReturn(awsKMSClientBuilder); + when(awsKMSClientBuilder.withCredentials(anyObject())).thenReturn(awsKMSClientBuilder); + when(awsKMSClientBuilder.withRegion(anyString())).thenReturn(awsKMSClientBuilder); + when(awsKMSClientBuilder.build()).thenReturn(awskms); + + ListKeysResult listKeysResult = new ListKeysResult(); + List regionKeys = new ArrayList<>(); + KeyListEntry keyListEntry = new KeyListEntry(); + keyListEntry.setKeyId("keyId"); + regionKeys.add(keyListEntry); + listKeysResult.setKeys(regionKeys); + when(awskms.listKeys()).thenReturn(listKeysResult); + + ListAliasesResult listAliasesResult = new ListAliasesResult(); + List regionKeyAliases = new ArrayList<>(); + AliasListEntry aliasListEntry = new AliasListEntry(); + aliasListEntry.setTargetKeyId("keyId"); + regionKeyAliases.add(aliasListEntry); + listAliasesResult.setAliases(regionKeyAliases); + when(awskms.listAliases()).thenReturn(listAliasesResult); + + DescribeKeyResult describeKeyResult = new DescribeKeyResult(); + describeKeyResult.setKeyMetadata(new KeyMetadata()); + when(awskms.describeKey(anyObject())).thenReturn(describeKeyResult ); + + ListResourceTagsResult listResourceTagsResult = new ListResourceTagsResult(); + listResourceTagsResult.setTags(new ArrayList<>()); + when(awskms.listResourceTags(anyObject())).thenReturn(listResourceTagsResult); + + GetKeyRotationStatusResult getKeyRotationStatusResult = new GetKeyRotationStatusResult(); + getKeyRotationStatusResult.setKeyRotationEnabled(true); + when(awskms.getKeyRotationStatus(anyObject())).thenReturn(getKeyRotationStatusResult); + assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + listAliasesResult = new ListAliasesResult(); + listAliasesResult.setAliases(new ArrayList<>()); + when(awskms.listAliases()).thenReturn(listAliasesResult); + + when(awskms.describeKey(anyObject())).thenThrow(Exception.class ); + + listResourceTagsResult = new ListResourceTagsResult(); + listResourceTagsResult.setTags(new ArrayList<>()); + when(awskms.listResourceTags(anyObject())).thenReturn(listResourceTagsResult); + + when(awskms.getKeyRotationStatus(anyObject())).thenThrow(Exception.class ); + assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + listAliasesResult = new ListAliasesResult(); + regionKeyAliases = new ArrayList<>(); + aliasListEntry = new AliasListEntry(); + aliasListEntry.setTargetKeyId("id"); + regionKeyAliases.add(aliasListEntry); + listAliasesResult.setAliases(regionKeyAliases); + when(awskms.listAliases()).thenReturn(listAliasesResult); + + assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch KMS keys test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings({ "static-access"}) + @Test + public void fetchKMSKeysTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchKMSKeys(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch cloud front info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchCloudFrontInfoTest() throws Exception { + + mockStatic(AmazonCloudFrontClientBuilder.class); + AmazonCloudFront amazonCloudFront = PowerMockito.mock(AmazonCloudFront.class); + AmazonCloudFrontClientBuilder amazonCloudFrontClientBuilder = PowerMockito.mock(AmazonCloudFrontClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonCloudFrontClientBuilder.standard()).thenReturn(amazonCloudFrontClientBuilder); + when(amazonCloudFrontClientBuilder.withCredentials(anyObject())).thenReturn(amazonCloudFrontClientBuilder); + when(amazonCloudFrontClientBuilder.withRegion(anyString())).thenReturn(amazonCloudFrontClientBuilder); + when(amazonCloudFrontClientBuilder.build()).thenReturn(amazonCloudFront); + + ListDistributionsResult listDistributionsResult = new ListDistributionsResult(); + List distributionSummaries = new ArrayList<>(); + DistributionSummary distributionSummary = new DistributionSummary(); + distributionSummary.setARN("aRN"); + distributionSummaries.add(distributionSummary); + DistributionList distributionList = new DistributionList(); + distributionList.setItems(distributionSummaries); + listDistributionsResult.setDistributionList(distributionList); + when(amazonCloudFront.listDistributions(anyObject())).thenReturn(listDistributionsResult); + + com.amazonaws.services.cloudfront.model.ListTagsForResourceResult listTagsForResourceResult = new com.amazonaws.services.cloudfront.model.ListTagsForResourceResult(); + Tags tags = new Tags(); + tags.setItems(new ArrayList<>()); + listTagsForResourceResult.setTags(tags ); + when(amazonCloudFront.listTagsForResource(anyObject())).thenReturn(listTagsForResourceResult ); + assertThat(inventoryUtil.fetchCloudFrontInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "account","accountName").size(), is(1)); + } + + /** + * Fetch cloud front info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings({ "static-access"}) + @Test + public void fetchCloudFrontInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchCloudFrontInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "account","accountName").size(), is(0)); + } + + /** + * Fetch EBS info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchEBSInfoTest() throws Exception { + + mockStatic(AWSElasticBeanstalkClientBuilder.class); + AWSElasticBeanstalk awsElasticBeanstalk = PowerMockito.mock(AWSElasticBeanstalk.class); + AWSElasticBeanstalkClientBuilder awsElasticBeanstalkClientBuilder = PowerMockito.mock(AWSElasticBeanstalkClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(awsElasticBeanstalkClientBuilder.standard()).thenReturn(awsElasticBeanstalkClientBuilder); + when(awsElasticBeanstalkClientBuilder.withCredentials(anyObject())).thenReturn(awsElasticBeanstalkClientBuilder); + when(awsElasticBeanstalkClientBuilder.withRegion(anyString())).thenReturn(awsElasticBeanstalkClientBuilder); + when(awsElasticBeanstalkClientBuilder.build()).thenReturn(awsElasticBeanstalk); + + DescribeApplicationsResult describeApplicationsResult = new DescribeApplicationsResult(); + List applicationDescriptions = new ArrayList<>(); + ApplicationDescription applicationDescription = new ApplicationDescription(); + applicationDescription.setApplicationName("applicationName"); + applicationDescriptions.add(applicationDescription); + describeApplicationsResult.setApplications(applicationDescriptions); + when(awsElasticBeanstalk.describeApplications()).thenReturn(describeApplicationsResult); + + DescribeEnvironmentsResult describeEnvironmentsResult = new DescribeEnvironmentsResult(); + List environments = new ArrayList<>(); + EnvironmentDescription environmentDescription = new EnvironmentDescription(); + environmentDescription.setEnvironmentId("environmentId"); + environments.add(environmentDescription); + describeEnvironmentsResult.setEnvironments(environments ); + when(awsElasticBeanstalk.describeEnvironments(anyObject())).thenReturn(describeEnvironmentsResult ); + + DescribeEnvironmentResourcesResult describeEnvironmentResourcesResult = new DescribeEnvironmentResourcesResult(); + describeEnvironmentResourcesResult.setEnvironmentResources(new EnvironmentResourceDescription()); + when(awsElasticBeanstalk.describeEnvironmentResources(anyObject())).thenReturn(describeEnvironmentResourcesResult); + assertThat(inventoryUtil.fetchEBSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + + describeEnvironmentsResult = new DescribeEnvironmentsResult(); + describeEnvironmentsResult.setEnvironments(new ArrayList<>() ); + when(awsElasticBeanstalk.describeEnvironments(anyObject())).thenReturn(describeEnvironmentsResult ); + + assertThat(inventoryUtil.fetchEBSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch EBS info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings({ "static-access"}) + @Test + public void fetchEBSInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchEBSInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Fetch PHD info test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchPHDInfoTest() throws Exception { + + mockStatic(AWSHealthClientBuilder.class); + AWSHealth awsHealth = PowerMockito.mock(AWSHealth.class); + AWSHealthClientBuilder awsHealthClientBuilder = PowerMockito.mock(AWSHealthClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(awsHealthClientBuilder.standard()).thenReturn(awsHealthClientBuilder); + when(awsHealthClientBuilder.withCredentials(anyObject())).thenReturn(awsHealthClientBuilder); + when(awsHealthClientBuilder.withRegion(anyString())).thenReturn(awsHealthClientBuilder); + when(awsHealthClientBuilder.build()).thenReturn(awsHealth); + + DescribeEventsResult describeEventsResult = new DescribeEventsResult(); + List resultEvents = new ArrayList<>(); + Event event = new Event(); + event.setArn("arn"); + resultEvents.add(event); + describeEventsResult.setEvents(resultEvents); + when(awsHealth.describeEvents(anyObject())).thenReturn(describeEventsResult); + + DescribeEventDetailsResult describeEventDetailsResult = new DescribeEventDetailsResult(); + List successfulEventDetails = new ArrayList<>(); + EventDetails eventDetails = new EventDetails(); + eventDetails.setEvent(event); + successfulEventDetails.add(eventDetails); + describeEventDetailsResult.setSuccessfulSet(successfulEventDetails); + when(awsHealth.describeEventDetails(anyObject())).thenReturn(describeEventDetailsResult ); + + DescribeAffectedEntitiesResult affectedEntitiesResult = new DescribeAffectedEntitiesResult(); + List affectedEntities = new ArrayList<>(); + affectedEntities.add(new AffectedEntity()); + affectedEntitiesResult.setEntities(new ArrayList<>()); + when(awsHealth.describeAffectedEntities(anyObject())).thenReturn(affectedEntitiesResult); + assertThat(inventoryUtil.fetchPHDInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "account","accountName").size(), is(1)); + } + + /** + * Fetch PHD info test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings({ "static-access"}) + @Test + public void fetchPHDInfoTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(inventoryUtil.fetchPHDInfo(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "account","accountName").size(), is(0)); + } + + /** + * Gets the regions. + * + * @return the regions + */ + private List getRegions() { + List regions = new ArrayList<>(); + Region region = new Region(new RegionImpl() { + + @Override + public boolean isServiceSupported(String serviceName) { + return false; + } + + @Override + public boolean hasHttpsEndpoint(String serviceName) { + return false; + } + + @Override + public boolean hasHttpEndpoint(String serviceName) { + return false; + } + + @Override + public String getServiceEndpoint(String serviceName) { + return null; + } + + @Override + public String getPartition() { + return null; + } + + @Override + public String getName() { + return "north"; + } + + @Override + public String getDomain() { + return null; + } + + @Override + public Collection getAvailableEndpoints() { + return null; + } + }); + regions.add(region); + return regions; + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtilTest.java b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtilTest.java index 6fde4acf3..41776d095 100644 --- a/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtilTest.java +++ b/jobs/pacman-cloud-discovery/src/test/java/com/tmobile/cso/pacman/inventory/util/SNSInventoryUtilTest.java @@ -1,168 +1,168 @@ -/******************************************************************************* - * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - ******************************************************************************/ -package com.tmobile.cso.pacman.inventory.util; - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.Matchers.anyObject; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.MockitoAnnotations; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PowerMockIgnore; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.amazonaws.auth.AWSStaticCredentialsProvider; -import com.amazonaws.auth.BasicSessionCredentials; -import com.amazonaws.regions.Region; -import com.amazonaws.regions.RegionImpl; -import com.amazonaws.regions.RegionUtils; -import com.amazonaws.services.sns.AmazonSNSClient; -import com.amazonaws.services.sns.AmazonSNSClientBuilder; -import com.amazonaws.services.sns.model.ListSubscriptionsRequest; -import com.amazonaws.services.sns.model.ListSubscriptionsResult; -import com.amazonaws.services.sns.model.Subscription; - - -/** - * The Class SNSInventoryUtilTest. - */ -@RunWith(PowerMockRunner.class) -@PrepareForTest({RegionUtils.class,AmazonSNSClientBuilder.class}) -@PowerMockIgnore("javax.management.*") -public class SNSInventoryUtilTest { - - /** The sns inventory util. */ - @InjectMocks - SNSInventoryUtil snsInventoryUtil; - - /** - * Sets the up. - */ - @Before - public void setUp() { - MockitoAnnotations.initMocks(this); - - mockStatic(RegionUtils.class); - when(RegionUtils.getRegions()).thenReturn(getRegions()); - } - - /** - * Fetch SNS topics test. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSNSTopicsTest() throws Exception { - - mockStatic(AmazonSNSClientBuilder.class); - AmazonSNSClient snsClient = PowerMockito.mock(AmazonSNSClient.class); - AmazonSNSClientBuilder amazonSNSClientBuilder = PowerMockito.mock(AmazonSNSClientBuilder.class); - AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); - when(amazonSNSClientBuilder.standard()).thenReturn(amazonSNSClientBuilder); - when(amazonSNSClientBuilder.withCredentials(anyObject())).thenReturn(amazonSNSClientBuilder); - when(amazonSNSClientBuilder.withRegion(anyString())).thenReturn(amazonSNSClientBuilder); - when(amazonSNSClientBuilder.build()).thenReturn(snsClient); - - ListSubscriptionsResult listSubscriptionDefinitionsResult = new ListSubscriptionsResult(); - List subscriptionList = new ArrayList<>(); - subscriptionList.add(new Subscription()); - listSubscriptionDefinitionsResult.setSubscriptions(subscriptionList); - when(snsClient.listSubscriptions( new ListSubscriptionsRequest())).thenReturn(listSubscriptionDefinitionsResult); - assertThat(snsInventoryUtil.fetchSNSTopics(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(1)); - } - - /** - * Fetch SNS topics test exception. - * - * @throws Exception the exception - */ - @SuppressWarnings("static-access") - @Test - public void fetchSNSTopicsTest_Exception() throws Exception { - - PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); - assertThat(snsInventoryUtil.fetchSNSTopics(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), - "skipRegions", "account").size(), is(0)); - } - - /** - * Gets the regions. - * - * @return the regions - */ - private List getRegions() { - List regions = new ArrayList<>(); - Region region = new Region(new RegionImpl() { - - @Override - public boolean isServiceSupported(String serviceName) { - return false; - } - - @Override - public boolean hasHttpsEndpoint(String serviceName) { - return false; - } - - @Override - public boolean hasHttpEndpoint(String serviceName) { - return false; - } - - @Override - public String getServiceEndpoint(String serviceName) { - return null; - } - - @Override - public String getPartition() { - return null; - } - - @Override - public String getName() { - return "north"; - } - - @Override - public String getDomain() { - return null; - } - - @Override - public Collection getAvailableEndpoints() { - return null; - } - }); - regions.add(region); - return regions; - } -} +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.inventory.util; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.anyObject; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.mockStatic; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.MockitoAnnotations; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PowerMockIgnore; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.regions.Region; +import com.amazonaws.regions.RegionImpl; +import com.amazonaws.regions.RegionUtils; +import com.amazonaws.services.sns.AmazonSNSClient; +import com.amazonaws.services.sns.AmazonSNSClientBuilder; +import com.amazonaws.services.sns.model.ListSubscriptionsRequest; +import com.amazonaws.services.sns.model.ListSubscriptionsResult; +import com.amazonaws.services.sns.model.Subscription; + + +/** + * The Class SNSInventoryUtilTest. + */ +@RunWith(PowerMockRunner.class) +@PrepareForTest({RegionUtils.class,AmazonSNSClientBuilder.class}) +@PowerMockIgnore("javax.management.*") +public class SNSInventoryUtilTest { + + /** The sns inventory util. */ + @InjectMocks + SNSInventoryUtil snsInventoryUtil; + + /** + * Sets the up. + */ + @Before + public void setUp() { + MockitoAnnotations.initMocks(this); + + mockStatic(RegionUtils.class); + when(RegionUtils.getRegions()).thenReturn(getRegions()); + } + + /** + * Fetch SNS topics test. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSNSTopicsTest() throws Exception { + + mockStatic(AmazonSNSClientBuilder.class); + AmazonSNSClient snsClient = PowerMockito.mock(AmazonSNSClient.class); + AmazonSNSClientBuilder amazonSNSClientBuilder = PowerMockito.mock(AmazonSNSClientBuilder.class); + AWSStaticCredentialsProvider awsStaticCredentialsProvider = PowerMockito.mock(AWSStaticCredentialsProvider.class); + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenReturn(awsStaticCredentialsProvider); + when(amazonSNSClientBuilder.standard()).thenReturn(amazonSNSClientBuilder); + when(amazonSNSClientBuilder.withCredentials(anyObject())).thenReturn(amazonSNSClientBuilder); + when(amazonSNSClientBuilder.withRegion(anyString())).thenReturn(amazonSNSClientBuilder); + when(amazonSNSClientBuilder.build()).thenReturn(snsClient); + + ListSubscriptionsResult listSubscriptionDefinitionsResult = new ListSubscriptionsResult(); + List subscriptionList = new ArrayList<>(); + subscriptionList.add(new Subscription()); + listSubscriptionDefinitionsResult.setSubscriptions(subscriptionList); + when(snsClient.listSubscriptions( new ListSubscriptionsRequest())).thenReturn(listSubscriptionDefinitionsResult); + assertThat(snsInventoryUtil.fetchSNSTopics(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(1)); + } + + /** + * Fetch SNS topics test exception. + * + * @throws Exception the exception + */ + @SuppressWarnings("static-access") + @Test + public void fetchSNSTopicsTest_Exception() throws Exception { + + PowerMockito.whenNew(AWSStaticCredentialsProvider.class).withAnyArguments().thenThrow(new Exception()); + assertThat(snsInventoryUtil.fetchSNSTopics(new BasicSessionCredentials("awsAccessKey", "awsSecretKey", "sessionToken"), + "skipRegions", "account","accountName").size(), is(0)); + } + + /** + * Gets the regions. + * + * @return the regions + */ + private List getRegions() { + List regions = new ArrayList<>(); + Region region = new Region(new RegionImpl() { + + @Override + public boolean isServiceSupported(String serviceName) { + return false; + } + + @Override + public boolean hasHttpsEndpoint(String serviceName) { + return false; + } + + @Override + public boolean hasHttpEndpoint(String serviceName) { + return false; + } + + @Override + public String getServiceEndpoint(String serviceName) { + return null; + } + + @Override + public String getPartition() { + return null; + } + + @Override + public String getName() { + return "north"; + } + + @Override + public String getDomain() { + return null; + } + + @Override + public Collection getAvailableEndpoints() { + return null; + } + }); + regions.add(region); + return regions; + } +} diff --git a/jobs/pacman-cloud-discovery/src/test/resources/log4j2.xml b/jobs/pacman-cloud-discovery/src/test/resources/log4j2.xml deleted file mode 100644 index 231ceb462..000000000 --- a/jobs/pacman-cloud-discovery/src/test/resources/log4j2.xml +++ /dev/null @@ -1,23 +0,0 @@ - - - - /home/ec2-user/logs - - - - - - [%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n - - - - - - - - - - - - - \ No newline at end of file diff --git a/jobs/pacman-data-shipper/pom.xml b/jobs/pacman-data-shipper/pom.xml index 563d9eb4d..70a21bf7c 100644 --- a/jobs/pacman-data-shipper/pom.xml +++ b/jobs/pacman-data-shipper/pom.xml @@ -1,40 +1,45 @@ 4.0.0 - com.tmobile.cloud + com.tmobile.cso.pacman data-shipper - 1.0.0-SNAPSHOT - + 0.0.1-SNAPSHOT + 1.8 - - - - redshift - http://redshift-maven-repository.s3-website-us-east-1.amazonaws.com/release - - + - - org.powermock - powermock-module-junit4 - 1.7.3 - test - + + + org.powermock + powermock-module-junit4 + 1.7.3 + test + + + org.powermock + powermock-api-mockito + 1.7.3 + test + + + org.springframework + spring-test + 4.0.5.RELEASE + test + + + com.amazonaws + aws-java-sdk-s3 + 1.11.490 + + + com.amazonaws + aws-java-sdk-sts + 1.11.490 + - - org.powermock - powermock-api-mockito - 1.7.3 - test - - - org.springframework - spring-test - 4.0.5.RELEASE - test - - + com.tmobile.cloud batch-commons 1.0.0-SNAPSHOT @@ -125,12 +130,7 @@ - - - com.amazon.redshift - redshift-jdbc42 - 1.2.1.1001 - + org.apache.httpcomponents httpclient @@ -144,7 +144,7 @@ com.fasterxml.jackson.core jackson-databind - 2.9.7 + 2.9.8 mysql @@ -206,4 +206,5 @@ - + + \ No newline at end of file diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/Main.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/Main.java index 8ec3b36b0..6a9010bd7 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/Main.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/Main.java @@ -1,65 +1,73 @@ -package com.tmobile.cso.pacman.datashipper; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.tmobile.cso.pacman.datashipper.config.ConfigManager; -import com.tmobile.cso.pacman.datashipper.entity.AssetGroupStatsCollector; -import com.tmobile.cso.pacman.datashipper.entity.EntityAssociationManager; -import com.tmobile.cso.pacman.datashipper.entity.EntityManager; -import com.tmobile.cso.pacman.datashipper.es.ESManager; -import com.tmobile.cso.pacman.datashipper.util.ErrorManageUtil; -import com.tmobile.pacman.commons.jobs.PacmanJob; - - -/** - * The Class Main. - */ -@PacmanJob(methodToexecute = "shipData", jobName = "Redshfit-ES-Datashipper", desc = "Job to load data from Redshfit to ES", priority = 5) -public class Main { - - - private static final Logger LOGGER = LoggerFactory.getLogger(Main.class); - /** - * The main method. - * - * @param args - * the arguments - */ - public static void main(String[] args) { - Map params = new HashMap<>(); - Arrays.asList(args).stream().forEach(obj -> { - String[] paramArray = obj.split("[:]"); - params.put(paramArray[0], paramArray[1]); - }); - shipData(params); - System.exit(0); - } - - /** - * Ship data. - * - * @param params - * the params - * @return - */ - public static Map shipData(Map params) { - List> errorList = new ArrayList<>(); - MainUtil.setup(params); - String ds = params.get("datasource"); - ESManager.configureIndexAndTypes(ds,errorList); - errorList.addAll(new EntityManager().uploadEntityData(ds)); - errorList.addAll(new EntityAssociationManager().uploadAssociationInfo(ds)); - errorList.addAll(new AssetGroupStatsCollector().collectAssetGroupStats()); - Map status = ErrorManageUtil.formErrorCode("shipData", errorList); - LOGGER.info("Job Return Status {} ",status); - return status; - } - -} +package com.tmobile.cso.pacman.datashipper; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.tmobile.cso.pacman.datashipper.entity.AssetGroupStatsCollector; +import com.tmobile.cso.pacman.datashipper.entity.EntityManager; +import com.tmobile.cso.pacman.datashipper.es.ESManager; +import com.tmobile.cso.pacman.datashipper.util.Constants; +import com.tmobile.cso.pacman.datashipper.util.ErrorManageUtil; +import com.tmobile.pacman.commons.jobs.PacmanJob; + + +/** + * The Class Main. + */ +@PacmanJob(methodToexecute = "shipData", jobName = "Redshfit-ES-Datashipper", desc = "Job to load data from Redshfit to ES", priority = 5) +public class Main implements Constants { + + + private static final Logger LOGGER = LoggerFactory.getLogger(Main.class); + /** + * The main method. + * + * @param args + * the arguments + */ + public static void main(String[] args) { + Map params = new HashMap<>(); + Arrays.asList(args).stream().forEach(obj -> { + String[] paramArray = obj.split("[:]"); + params.put(paramArray[0], paramArray[1]); + }); + shipData(params); + System.exit(0); + } + + /** + * Ship data. + * + * @param params + * the params + * @return + */ + public static Map shipData(Map params) { + String jobName = System.getProperty("jobName"); + List> errorList = new ArrayList<>(); + try { + MainUtil.setup(params); + } catch (Exception e) { + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in setting up Job "); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + return ErrorManageUtil.formErrorCode(jobName, errorList); + } + String ds = params.get("datasource"); + ESManager.configureIndexAndTypes(ds,errorList); + errorList.addAll(new EntityManager().uploadEntityData(ds)); + errorList.addAll(new AssetGroupStatsCollector().collectAssetGroupStats()); + Map status = ErrorManageUtil.formErrorCode(jobName, errorList); + LOGGER.info("Job Return Status {} ",status); + return status; + } + +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/MainUtil.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/MainUtil.java index bd3d211e5..3371f4874 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/MainUtil.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/MainUtil.java @@ -2,8 +2,8 @@ import java.util.Map; +import com.tmobile.cso.pacman.datashipper.util.ConfigUtil; import com.tmobile.cso.pacman.datashipper.util.Constants; -import com.tmobile.cso.pacman.datashipper.util.Util; /** @@ -17,28 +17,18 @@ public class MainUtil { * @param params * the params */ - public static void setup(Map params) { - - String redshfitInfo = Util.base64Decode(params.get(Constants.REDSHFIT_PARAM)); - String[] redshiftUserPwd = redshfitInfo.split(":"); - System.setProperty(Constants.REDSHIFT_USER, redshiftUserPwd[0]); - System.setProperty(Constants.REDSHIFT_PWD, redshiftUserPwd[1]); - - String rdsInfo = Util.base64Decode(params.get(Constants.RDS_PARAM)); - String[] rdsUserPws = rdsInfo.split(":"); - System.setProperty(Constants.RDS_USER, rdsUserPws[0]); - System.setProperty(Constants.RDS_PWD, rdsUserPws[1]); - - System.setProperty(Constants.API_AUTH_INFO, params.get(Constants.API_AUTH_INFO)); - - if(params.get(Constants.TARGET_TYPE_INFO)!=null) - System.setProperty(Constants.TARGET_TYPE_INFO, params.get(Constants.TARGET_TYPE_INFO)); + public static void setup(Map params) throws Exception { + + ConfigUtil.setConfigProperties(params.get(Constants.CONFIG_CREDS)); + + if( !(params==null || params.isEmpty())){ + params.forEach((k,v) -> System.setProperty(k, v)); + } if(params.get(Constants.CONFIG_QUERY)==null){ System.setProperty(Constants.CONFIG_QUERY, "select targetName,targetConfig from cf_Target where domain ='Infra & Platforms'"); - }else{ - System.setProperty(Constants.CONFIG_QUERY,params.get(Constants.CONFIG_QUERY)); } + } } diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/config/ConfigManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/config/ConfigManager.java index e402ed741..d41340b0b 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/config/ConfigManager.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/config/ConfigManager.java @@ -1,103 +1,109 @@ -package com.tmobile.cso.pacman.datashipper.config; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.tmobile.cso.pacman.datashipper.dao.RDSDBManager; -import com.tmobile.cso.pacman.datashipper.util.Constants; - - -/** - * The Class ConfigManager. - */ -public class ConfigManager { - - /** The Constant log. */ - private static final Logger log = LoggerFactory.getLogger(ConfigManager.class); - - /** The type info. */ - private static Map> typeInfo; - - /** - * Gets the type config. - * - * @param datasoruce - * the datasoruce - * @return the type config - */ - private static Map> getTypeConfig(String datasoruce) { - - String commaSepTargetTypes = System.getProperty(Constants.TARGET_TYPE_INFO); - List targetTypesList = new ArrayList<>(); - if (null != commaSepTargetTypes && !"".equals(commaSepTargetTypes)) { - targetTypesList = Arrays.asList(commaSepTargetTypes.split(",")); - } - if (typeInfo == null) { - typeInfo = new HashMap<>(); - List> typeList = RDSDBManager.executeQuery(System.getProperty(Constants.CONFIG_QUERY)); - try{ - for (Map _type : typeList) { - String typeName = _type.get("targetName"); - Map config = new ObjectMapper().readValue(_type.get("targetConfig"),new TypeReference>() {}); - if (targetTypesList.isEmpty() || targetTypesList.contains(typeName)) { - typeInfo.put(typeName, config); - } - } - } catch (IOException e) { - log.error("Error Fetching config Info" + e); - } - - } - return typeInfo; - } - - /** - * Gets the key for type. - * - * @param ds - * the ds - * @param type - * the type - * @return the key for type - */ - public static String getKeyForType(String ds, String type) { - return getTypeConfig(ds).get(type).get("key"); - - } - - /** - * Gets the id for type. - * - * @param ds - * the ds - * @param type - * the type - * @return the id for type - */ - public static String getIdForType(String ds, String type) { - return getTypeConfig(ds).get(type).get("id"); - - } - - /** - * Gets the types. - * - * @param ds - * the ds - * @return the types - */ - public static Set getTypes(String ds) { - return getTypeConfig(ds).keySet(); - } - -} +package com.tmobile.cso.pacman.datashipper.config; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.tmobile.cso.pacman.datashipper.dao.RDSDBManager; +import com.tmobile.cso.pacman.datashipper.util.Constants; + + +/** + * The Class ConfigManager. + */ +public class ConfigManager { + + /** The Constant log. */ + private static final Logger log = LoggerFactory.getLogger(ConfigManager.class); + + /** The type info. */ + private static Map> typeInfo; + + /** + * Gets the type config. + * + * @param datasoruce + * the datasoruce + * @return the type config + */ + private static Map> getTypeConfig(String datasoruce) { + + String commaSepTargetTypes = System.getProperty(Constants.TARGET_TYPE_INFO); + List targetTypesList = new ArrayList<>(); + if (null != commaSepTargetTypes && !"".equals(commaSepTargetTypes)) { + targetTypesList = Arrays.asList(commaSepTargetTypes.split(",")); + } + String outscopeTypes = System.getProperty(Constants.TARGET_TYPE_OUTSCOPE); + List targetTypesOutScopeList = new ArrayList<>(); + if (null != outscopeTypes && !"".equals(outscopeTypes)) { + targetTypesOutScopeList = Arrays.asList(outscopeTypes.split(",")); + } + + if (typeInfo == null) { + typeInfo = new HashMap<>(); + List> typeList = RDSDBManager.executeQuery(System.getProperty(Constants.CONFIG_QUERY)); + try{ + for (Map _type : typeList) { + String typeName = _type.get("targetName"); + Map config = new ObjectMapper().readValue(_type.get("targetConfig"),new TypeReference>() {}); + if ( (targetTypesList.isEmpty() || targetTypesList.contains(typeName) ) && !targetTypesOutScopeList.contains(typeName)) { + typeInfo.put(typeName, config); + } + } + } catch (IOException e) { + log.error("Error Fetching config Info" + e); + } + + } + return typeInfo; + } + + /** + * Gets the key for type. + * + * @param ds + * the ds + * @param type + * the type + * @return the key for type + */ + public static String getKeyForType(String ds, String type) { + return getTypeConfig(ds).get(type).get("key"); + + } + + /** + * Gets the id for type. + * + * @param ds + * the ds + * @param type + * the type + * @return the id for type + */ + public static String getIdForType(String ds, String type) { + return getTypeConfig(ds).get(type).get("id"); + + } + + /** + * Gets the types. + * + * @param ds + * the ds + * @return the types + */ + public static Set getTypes(String ds) { + return getTypeConfig(ds).keySet(); + } + +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/config/CredentialProvider.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/config/CredentialProvider.java new file mode 100644 index 000000000..be5d15f95 --- /dev/null +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/config/CredentialProvider.java @@ -0,0 +1,102 @@ +/******************************************************************************* + * Copyright 2018 T Mobile, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + ******************************************************************************/ +package com.tmobile.cso.pacman.datashipper.config; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.auth.BasicAWSCredentials; +import com.amazonaws.auth.BasicSessionCredentials; +import com.amazonaws.services.securitytoken.AWSSecurityTokenService; +import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; +import com.amazonaws.services.securitytoken.model.AssumeRoleRequest; +import com.amazonaws.services.securitytoken.model.AssumeRoleResult; + + +/** + * The Class CredentialProvider. + */ +public class CredentialProvider { + + /** The base account. */ + private String baseAccount = System.getProperty("base.account"); + + private String baseRegion = System.getProperty("base.region"); + + /** The dev mode. */ + private static boolean devMode = System.getProperty("PIC_DEV_MODE")==null?false:true; + + /** + * Gets the credentials. + * + * @param account the account + * @param roleName the role name + * @return the credentials + */ + public BasicSessionCredentials getCredentials(String account,String roleName){ + BasicSessionCredentials baseAccntCreds = getBaseAccountCredentials(roleName); + if(baseAccount.equals(account)){ + return baseAccntCreds; + } + AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard().withCredentials( new AWSStaticCredentialsProvider(baseAccntCreds)).withRegion(baseRegion); + AWSSecurityTokenService stsClient = stsBuilder.build(); + AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(account,roleName)).withRoleSessionName("pic-ro-"+account); + AssumeRoleResult assumeResult = stsClient.assumeRole(assumeRequest); + return new BasicSessionCredentials( + assumeResult.getCredentials() + .getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), + assumeResult.getCredentials().getSessionToken()); + } + + /** + * Gets the base account credentials. + * + * @param roleName the role name + * @return the base account credentials + */ + private BasicSessionCredentials getBaseAccountCredentials (String roleName){ + if(devMode){ + String accessKey = System.getProperty("ACCESS_KEY"); + String secretKey = System.getProperty("SECRET_KEY"); + BasicAWSCredentials awsCreds = new BasicAWSCredentials(accessKey, secretKey); + AWSSecurityTokenServiceClientBuilder stsBuilder = AWSSecurityTokenServiceClientBuilder.standard().withCredentials( new AWSStaticCredentialsProvider(awsCreds)).withRegion(baseRegion); + AWSSecurityTokenService sts = stsBuilder.build(); + AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(baseAccount,roleName)).withRoleSessionName("pic-base-ro").withDurationSeconds(3600); + AssumeRoleResult assumeResult = sts.assumeRole(assumeRequest); + return new BasicSessionCredentials( + assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), + assumeResult.getCredentials().getSessionToken()); + + } + else{ + AWSSecurityTokenService sts = AWSSecurityTokenServiceClientBuilder.defaultClient(); + AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(getRoleArn(baseAccount,roleName)).withRoleSessionName("pic-base-ro").withDurationSeconds(3600); + AssumeRoleResult assumeResult = sts.assumeRole(assumeRequest); + return new BasicSessionCredentials( + assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(), + assumeResult.getCredentials().getSessionToken()); + } + } + + /** + * Gets the role arn. + * + * @param accout the accout + * @param role the role + * @return the role arn + */ + private String getRoleArn(String accout, String role){ + return "arn:aws:iam::"+accout+":role/"+role; + } +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/dao/DBManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/dao/DBManager.java deleted file mode 100644 index cd2434611..000000000 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/dao/DBManager.java +++ /dev/null @@ -1,148 +0,0 @@ -package com.tmobile.cso.pacman.datashipper.dao; - -import java.sql.Connection; -import java.sql.DriverManager; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; -import java.sql.SQLException; -import java.sql.Statement; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.tmobile.cso.pacman.datashipper.util.Constants; - -/** - * The Class DBManager. - */ -public class DBManager { - - - /** The Constant dbURL. */ - private static final String DB_URL = System.getenv("REDSHIFT_DB_URL"); - - /** The Constant MasterUsername. */ - private static final String USER_ID = System.getProperty(Constants.REDSHIFT_USER); - - /** The Constant MasterUserPassword. */ - private static final String PASSWORD = System.getProperty(Constants.REDSHIFT_PWD); - - private static final Logger LOGGER = LoggerFactory.getLogger(DBManager.class); - - private DBManager(){ - - } - /** - * Gets the connection. - * - * @return the connection - * @throws ClassNotFoundException - * the class not found exception - * @throws SQLException - * the SQL exception - */ - private static Connection getConnection() throws ClassNotFoundException, SQLException { - Connection conn = null; - Class.forName("com.amazon.redshift.jdbc42.Driver"); - Properties props = new Properties(); - - props.setProperty("user", USER_ID); - props.setProperty("password", PASSWORD); - conn = DriverManager.getConnection(DB_URL, props); - - return conn; - } - - /** - * Gets the table information. - * - * @param datasource - * the datasource - * @return the table information - */ - public static Map> getTableInformation(String datasource) { - String query = "select tablename,\"column\",type from pg_table_def where tablename like '" - + datasource.toLowerCase() + "_%'"; - Map> tableInfo = new HashMap<>(); - try( - Connection conn = getConnection(); - Statement stmt = conn.createStatement(); - ResultSet rs = stmt.executeQuery(query);){ - while (rs.next()) { - String tableName = rs.getString("tablename"); - String column = rs.getString("column"); - String type = rs.getString("type"); - Map columnInfo = tableInfo.get(tableName); - if (columnInfo == null) { - columnInfo = new LinkedHashMap<>(); - tableInfo.put(tableName, columnInfo); - } - columnInfo.put(column, type); - } - - } catch (Exception ex) { - LOGGER.error("Error in getTableInformation",ex); - } - return tableInfo; - } - - /** - * Execute query. - * - * @param query - * the query - * @return the list - */ - public static List> executeQuery(String query) { - List> results = new ArrayList<>(); - try( - Connection conn = getConnection(); - Statement stmt = conn.createStatement(); - ResultSet rs = stmt.executeQuery(query);){ - ResultSetMetaData rsmd = rs.getMetaData(); - int columnCount = rsmd.getColumnCount(); - Map data; - while (rs.next()) { - data = new LinkedHashMap<>(); - for (int i = 1; i <= columnCount; i++) { - data.put(rsmd.getColumnName(i), rs.getString(i)); - } - results.add(data); - } - } catch (Exception ex) { - LOGGER.error("Error Executing Query",ex); - } - return results; - } - - /** - * Gets the child table names. - * - * @param index - * the index - * @return the child table names - */ - public static List getChildTableNames(String index) { - List childTableNames = new ArrayList<>(); - String query = "select distinct tablename from pg_table_def where tablename like '" + index.toLowerCase() - + "^_%' ESCAPE '^'"; - - try (Connection conn = getConnection(); - Statement stmt = conn.createStatement(); - ResultSet rs = stmt.executeQuery(query);) { - while (rs.next()) { - String tableName = rs.getString("tablename"); - childTableNames.add(tableName); - } - } catch (Exception ex) { - LOGGER.error("Error fetching child tables for type :" + index, ex); - } - return childTableNames; - } -} \ No newline at end of file diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/dao/RDSDBManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/dao/RDSDBManager.java index 3118ff4f9..ed80bb82d 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/dao/RDSDBManager.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/dao/RDSDBManager.java @@ -1,90 +1,90 @@ -package com.tmobile.cso.pacman.datashipper.dao; - -import java.sql.Connection; -import java.sql.DriverManager; -import java.sql.ResultSet; -import java.sql.ResultSetMetaData; -import java.sql.SQLException; -import java.sql.Statement; -import java.util.ArrayList; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.tmobile.cso.pacman.datashipper.util.Constants; - -/** - * The Class RDSDBManager. - */ -public class RDSDBManager { - - /** The Constant dbURL. */ - private static final String DB_URL = System.getenv("RDS_DB_URL"); - - /** The Constant dbUserName. */ - private static final String DB_USER_NAME = System.getProperty(Constants.RDS_USER); - - /** The Constant dbPassword. */ - private static final String DB_PASSWORD = System.getProperty(Constants.RDS_PWD); - - private static final Logger LOGGER = LoggerFactory.getLogger(DBManager.class); - - private RDSDBManager(){ - - } - - /** - * Gets the connection. - * - * @return the connection - * @throws ClassNotFoundException - * the class not found exception - * @throws SQLException - * the SQL exception - */ - private static Connection getConnection() throws ClassNotFoundException, SQLException { - Connection conn = null; - Class.forName("com.mysql.jdbc.Driver"); - Properties props = new Properties(); - - props.setProperty("user", DB_USER_NAME); - props.setProperty("password", DB_PASSWORD); - conn = DriverManager.getConnection(DB_URL, props); - - return conn; - } - - /** - * Execute query. - * - * @param query - * the query - * @return the list - */ - public static List> executeQuery(String query) { - List> results = new ArrayList<>(); - try( - Connection conn = getConnection(); - Statement stmt = conn.createStatement(); - ResultSet rs = stmt.executeQuery(query);){ - ResultSetMetaData rsmd = rs.getMetaData(); - int columnCount = rsmd.getColumnCount(); - Map data; - while (rs.next()) { - data = new LinkedHashMap<>(); - for (int i = 1; i <= columnCount; i++) { - data.put(rsmd.getColumnName(i), rs.getString(i)); - } - results.add(data); - } - } catch (Exception ex) { - LOGGER.error("Error Executing Query",ex); - } - return results; - } - -} +package com.tmobile.cso.pacman.datashipper.dao; + +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.ResultSet; +import java.sql.ResultSetMetaData; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.tmobile.cso.pacman.datashipper.util.Constants; + +/** + * The Class RDSDBManager. + */ +public class RDSDBManager { + + /** The Constant dbURL. */ + private static final String DB_URL = System.getProperty(Constants.RDS_DB_URL); + + /** The Constant dbUserName. */ + private static final String DB_USER_NAME = System.getProperty(Constants.RDS_USER); + + /** The Constant dbPassword. */ + private static final String DB_PASSWORD = System.getProperty(Constants.RDS_PWD); + + private static final Logger LOGGER = LoggerFactory.getLogger(RDSDBManager.class); + + private RDSDBManager(){ + + } + + /** + * Gets the connection. + * + * @return the connection + * @throws ClassNotFoundException + * the class not found exception + * @throws SQLException + * the SQL exception + */ + private static Connection getConnection() throws ClassNotFoundException, SQLException { + Connection conn = null; + Class.forName("com.mysql.jdbc.Driver"); + Properties props = new Properties(); + + props.setProperty("user", DB_USER_NAME); + props.setProperty("password", DB_PASSWORD); + conn = DriverManager.getConnection(DB_URL, props); + + return conn; + } + + /** + * Execute query. + * + * @param query + * the query + * @return the list + */ + public static List> executeQuery(String query) { + List> results = new ArrayList<>(); + try( + Connection conn = getConnection(); + Statement stmt = conn.createStatement(); + ResultSet rs = stmt.executeQuery(query);){ + ResultSetMetaData rsmd = rs.getMetaData(); + int columnCount = rsmd.getColumnCount(); + Map data; + while (rs.next()) { + data = new LinkedHashMap<>(); + for (int i = 1; i <= columnCount; i++) { + data.put(rsmd.getColumnName(i), rs.getString(i)); + } + results.add(data); + } + } catch (Exception ex) { + LOGGER.error("Error Executing Query",ex); + } + return results; + } + +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/AWSErrorManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/AWSErrorManager.java new file mode 100644 index 000000000..33e2427cb --- /dev/null +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/AWSErrorManager.java @@ -0,0 +1,93 @@ +package com.tmobile.cso.pacman.datashipper.entity; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.services.s3.AmazonS3; +import com.amazonaws.services.s3.AmazonS3ClientBuilder; +import com.amazonaws.services.s3.model.GetObjectRequest; +import com.amazonaws.services.s3.model.S3Object; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.tmobile.cso.pacman.datashipper.config.CredentialProvider; +import com.tmobile.cso.pacman.datashipper.es.ESManager; +import com.tmobile.cso.pacman.datashipper.util.Constants; + +public class AWSErrorManager implements Constants { + + private static final Logger LOGGER = LoggerFactory.getLogger(AWSErrorManager.class); + private String s3Account = System.getProperty("base.account"); + private String s3Region = System.getProperty("base.region"); + private String s3Role = System.getProperty("s3.role"); + private String bucketName = System.getProperty("s3"); + private String dataPath = System.getProperty("s3.data"); + + private Map>> errorInfo ; + + private static AWSErrorManager errorManager ; + + private AWSErrorManager(){ + } + public static AWSErrorManager getInstance(){ + if(errorManager==null){ + errorManager = new AWSErrorManager(); + } + return errorManager; + } + + private void fetchErrorInfo(String datasource, List> errorList){ + if(errorInfo==null){ + ObjectMapper objectMapper = new ObjectMapper(); + List> inventoryErrors = new ArrayList<>(); + AmazonS3 s3Client = AmazonS3ClientBuilder.standard() + .withCredentials(new AWSStaticCredentialsProvider(new CredentialProvider().getCredentials(s3Account,s3Role))).withRegion(s3Region).build(); + try { + S3Object inventoryErrorData = s3Client.getObject(new GetObjectRequest(bucketName,dataPath+"/"+datasource+"-loaderror.data")); + try (BufferedReader reader = new BufferedReader(new InputStreamReader(inventoryErrorData.getObjectContent()))) { + inventoryErrors = objectMapper.readValue(reader.lines().collect(Collectors.joining("\n")),new TypeReference>>() {}); + } + } catch (IOException e) { + LOGGER.error("Exception in collecting inventory error data",e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in collecting inventory error data"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + } + errorInfo = inventoryErrors.parallelStream().collect(Collectors.groupingBy(obj -> obj.get("type"))); + } + } + + public Map>> getErrorInfo(String datasource, List> errorList){ + if(errorInfo==null){ + fetchErrorInfo( datasource, errorList); + } + + return errorInfo; + + } + public void handleError(String dataSource,String index, String type, String loaddate,List> errorList,boolean checkLatest) { + fetchErrorInfo(dataSource,errorList); + String parentType = index.replace(dataSource+"_", ""); + if(errorInfo.containsKey(parentType) || errorInfo.containsKey("all")) { + List> errorByType = errorInfo.get(parentType); + if(errorByType==null){ + errorByType = errorInfo.get("all"); + } + errorByType.forEach(errorData -> + ESManager.updateLoadDate(index, type, errorData.get("accountid"), errorData.get("region"), loaddate,checkLatest) + ); + } + } + +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollector.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollector.java index 0cc40f695..f66f9c527 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollector.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollector.java @@ -1,576 +1,576 @@ -package com.tmobile.cso.pacman.datashipper.entity; - -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.concurrent.ExecutorService; -import java.util.concurrent.Executors; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.tmobile.cso.pacman.datashipper.es.ESManager; -import com.tmobile.cso.pacman.datashipper.util.AssetGroupUtil; -import com.tmobile.cso.pacman.datashipper.util.AuthManager; -import com.tmobile.cso.pacman.datashipper.util.Constants; -import com.tmobile.cso.pacman.datashipper.util.Util; - -/** - * The Class AssetGroupStatsCollector. - */ -public class AssetGroupStatsCollector implements Constants{ - - /** The Constant asstApiUri. */ - private static final String ASSET_API_URL = System.getenv("ASSET_API_URL"); - - /** The Constant compApiUri. */ - private static final String COMP_API_URL = System.getenv("CMPL_API_URL"); - - - /** The ag stats. */ - private static final String AG_STATS = "assetgroup_stats"; - - /** The Constant log. */ - private static final Logger log = LoggerFactory.getLogger(AssetGroupStatsCollector.class); - - private static final String DATE_FORMAT = "yyyy-MM-dd"; - private static final String DOMAIN = "domain"; - - private static final String CURR_DATE = new SimpleDateFormat(DATE_FORMAT).format(new java.util.Date()); - - private List> errorList = new ArrayList<>(); - - /** - * Collect asset group stats. - */ - public List> collectAssetGroupStats() { - - - log.info("Start Collecting asset group stats"); - String token; - try { - token = getToken(); - } catch (Exception e1) { - log.error("collectAssetGroupStats failed as unable to authenticate " , e1); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in collectAssetGroupStats. Authorisation failed"); - errorMap.put(ERROR_TYPE,FATAL); - errorMap.put(EXCEPTION, e1.getMessage()); - errorList.add(errorMap); - return errorList; - } - Map> assetGroupMap; - try { - assetGroupMap = AssetGroupUtil.fetchAssetGroups(ASSET_API_URL,token); - } catch (Exception e1) { - log.error("collectAssetGroupStats failed as unable to fetch asset groups " , e1); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in fetchAssetGroups"); - errorMap.put(ERROR_TYPE, ERROR); - errorMap.put(EXCEPTION, e1.getMessage()); - errorList.add(errorMap); - return errorList; - } - - ESManager.createIndex(AG_STATS, errorList); - ESManager.createType(AG_STATS, "count_type", errorList); - ESManager.createType(AG_STATS, "count_vuln", errorList); - ESManager.createType(AG_STATS, "patching", errorList); - ESManager.createType(AG_STATS, "issuecompliance", errorList); - ESManager.createType(AG_STATS, "compliance", errorList); - ESManager.createType(AG_STATS, "vulncompliance", errorList); - ESManager.createType(AG_STATS, "certcompliance", errorList); - ESManager.createType(AG_STATS, "tagcompliance", errorList); - ESManager.createType(AG_STATS, "issues", errorList); - - List assetGroups = new ArrayList<>(assetGroupMap.keySet()); - - ExecutorService executor = Executors.newCachedThreadPool(); - - executor.execute(() -> { - try { - uploadAssetGroupCountStats(assetGroups); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupCountStats " , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupCountStats"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.execute(() -> { - try { - uploadAssetGroupVulnStats(assetGroups); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupVulnStats " , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupVulnStats"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.execute(() -> { - try { - uploadAssetGroupPatchingCompliance(assetGroups); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupPatchingCompliance " , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupPatchingCompliance"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.execute(() -> { - try { - uploadAssetGroupRuleCompliance(assetGroupMap); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupRuleCompliance " ,e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupRuleCompliance"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - executor.execute(() -> { - try { - uploadAssetGroupCompliance(assetGroupMap); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupCompliance " , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupCompliance"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.execute(() -> { - try { - uploadAssetGroupVulnCompliance(assetGroups); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupVulnCompliance " , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupVulnCompliance"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.execute(() -> { - try { - uploadAssetGroupCertCompliance(assetGroups); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupCertCompliance " , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupCertCompliance"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.execute(() -> { - try { - uploadAssetGroupTagCompliance(assetGroups); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupTagCompliance" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupTagCompliance"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.execute(() -> { - try { - uploadAssetGroupIssues(assetGroupMap); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupIssues" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupIssues"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - - executor.shutdown(); - while (!executor.isTerminated()); - - log.info("End Collecting asset group stats"); - return errorList; - } - - private String getToken() throws Exception{ - return AuthManager.getToken(); - } - - /** - * Upload asset group vuln compliance. - * - * @param assetGroups - * the asset groups - * @throws Exception - */ - public void uploadAssetGroupVulnCompliance(List assetGroups) throws Exception { - - - log.info(" Start Collecing vuln compliance"); - List> docs = new ArrayList<>(); - for (String ag : assetGroups) { - try { - Map doc = AssetGroupUtil.fetchVulnSummary(COMP_API_URL, ag, getToken()); - if (!doc.isEmpty()) { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); - docs.add(doc); - } - } catch (Exception e) { - log.error("Exception in uploadAssetGroupVulnCompliance" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupVulnCompliance for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - } - ESManager.uploadData(AG_STATS, "vulncompliance", docs, "@id", false); - log.info(" End Collecing vuln compliance"); - } - - /** - * Upload asset group cert compliance. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupCertCompliance(List assetGroups) throws Exception { - log.info(" Start Collecing cert compliance"); - List> docs = new ArrayList<>(); - for (String ag : assetGroups) { - try { - Map doc = AssetGroupUtil.fetchCertSummary(COMP_API_URL, ag, getToken()); - if (!doc.isEmpty()) { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); - docs.add(doc); - } - } catch (Exception e) { - log.error("Exception in uploadAssetGroupVulnCompliance " ,e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupCertCompliance for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - } - ESManager.uploadData(AG_STATS, "certcompliance", docs, "@id", false); - log.info(" End Collecing cert compliance"); - } - - /** - * Upload asset group tag compliance. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupTagCompliance(List assetGroups) throws Exception { - log.info(" Start Collecing tag compliance"); - List> docs = new ArrayList<>(); - for (String ag : assetGroups) { - try { - Map doc = AssetGroupUtil.fetchTaggingSummary(COMP_API_URL, ag, getToken()); - if (!doc.isEmpty()) { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); - docs.add(doc); - } - } catch (Exception e) { - log.error("Exception in uploadAssetGroupTagCompliance" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupTagCompliance for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - } - ESManager.uploadData(AG_STATS, "tagcompliance", docs, "@id", false); - log.info(" End Collecing tag compliance"); - } - - /** - * Upload asset group rule compliance. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupRuleCompliance(Map> assetGroups) throws Exception { - log.info(" Start Collecing Rule compliance"); - List> docs = new ArrayList<>(); - assetGroups.entrySet().stream().forEach(entry -> { - String ag = entry.getKey(); - List domains = entry.getValue(); - List> docList = new ArrayList<>(); - try { - docList = AssetGroupUtil.fetchRuleComplianceInfo(COMP_API_URL, ag, domains,getToken()); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupRuleCompliance" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupRuleCompliance for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - docList.parallelStream().forEach(doc -> { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + doc.get(DOMAIN) + doc.get("ruleId") + CURR_DATE)); - }); - docs.addAll(docList); - }); - - ESManager.uploadData(AG_STATS, "issuecompliance", docs, "@id", false); - log.info(" End Collecing Rule compliance"); - } - - /** - * Upload asset group patching compliance. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupPatchingCompliance(List assetGroups) throws Exception { - log.info(" Start Collecing patching compliance"); - List> docs = new ArrayList<>(); - for (String ag : assetGroups) { - try { - Map doc = AssetGroupUtil.fetchPatchingCompliance(COMP_API_URL, ag,getToken()); - if (!doc.isEmpty()) { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); - docs.add(doc); - } - } catch (Exception e) { - log.error("Exception in uploadAssetGroupPatchingCompliance" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupPatchingCompliance for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - } - ESManager.uploadData(AG_STATS, "patching", docs, "@id", false); - log.info(" End Collecing patching compliance"); - } - - /** - * Upload asset group compliance. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupCompliance(Map> assetGroups) throws Exception { - log.info(" Start Collecing compliance"); - List> docs = new ArrayList<>(); - assetGroups.entrySet().stream().forEach(entry -> { - String ag = entry.getKey(); - List domains = entry.getValue(); - try { - List> docList = AssetGroupUtil.fetchComplianceInfo(COMP_API_URL, ag, domains,getToken()); - docList.parallelStream().forEach(doc -> { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + doc.get(DOMAIN) + CURR_DATE)); - }); - docs.addAll(docList); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupCompliance " , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupCompliance for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - ESManager.uploadData(AG_STATS, "compliance", docs, "@id", false); - log.info(" End Collecing compliance"); - } - - /** - * Upload asset group vuln stats. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupVulnStats(List assetGroups) throws Exception { - log.info(" Start Collecting vuln info"); - List> docs = new ArrayList<>(); - for (String ag : assetGroups) { - try { - List> docList = AssetGroupUtil.fetchVulnDistribution(COMP_API_URL, ag,getToken()); - docList.parallelStream().forEach(doc -> { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + doc.get("tags.Application") + doc.get("tags.Environment") - + doc.get("severitylevel") + CURR_DATE)); - }); - docs.addAll(docList); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupVulnStats" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupVulnStats for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - } - ESManager.uploadData(AG_STATS, "count_vuln", docs, "@id", false); - log.info(" End Collecting vuln info"); - } - - /** - * Need to collect the asset group stats and upload to ES. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupCountStats(List assetGroups) throws Exception { - - log.info(" Start Collecing Asset count"); - Map>> currentInfo = ESManager - .fetchCurrentCountStatsForAssetGroups(CURR_DATE); - List> docs = new ArrayList<>(); - for (String ag : assetGroups) { - try { - List> typeCounts = AssetGroupUtil.fetchTypeCounts(ASSET_API_URL, ag,getToken()); - Map> currInfoMap = currentInfo.get(ag); - typeCounts.forEach(typeCount -> { - String type = typeCount.get("type").toString(); - long count = Long.valueOf(typeCount.get("count").toString()); - long min; - long max; - if (currInfoMap != null) { - Map _minMax = currInfoMap.get(type); - long _min; - long _max; - if (_minMax != null) { - _min = Long.valueOf(_minMax.get("min").toString()); - _max = Long.valueOf(_minMax.get("max").toString()); - } else { - _min = count; - _max = count; - } - min = count < _min ? count : _min; - max = count > _max ? count : _max; - - } else { - min = count; - max = count; - } - Map doc = new HashMap<>(); - doc.put("ag", ag); - doc.put("type", type); - doc.put("min", min); - doc.put("max", max); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + type + CURR_DATE)); - docs.add(doc); - }); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupCountStats" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupCountStats for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - } - ESManager.uploadData(AG_STATS, "count_type", docs, "@id", false); - - log.info(" End Collecing Asset count"); - } - - /** - * Upload asset group issues. - * - * @param assetGroups - * the asset groups - */ - public void uploadAssetGroupIssues(Map> assetGroups) throws Exception { - log.info(" Start Collecing issues"); - List> docs = new ArrayList<>(); - assetGroups.entrySet().stream().forEach(entry -> { - String ag = entry.getKey(); - List domains = entry.getValue(); - try { - List> docList = AssetGroupUtil.fetchIssuesInfo(COMP_API_URL, ag, domains,getToken()); - docList.parallelStream().forEach(doc -> { - doc.put("ag", ag); - doc.put("date", CURR_DATE); - doc.put("@id", Util.getUniqueID(ag + doc.get(DOMAIN) + CURR_DATE)); - }); - docs.addAll(docList); - } catch (Exception e) { - log.error("Exception in uploadAssetGroupIssues" , e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in uploadAssetGroupIssues for Asset Group"+ag); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - synchronized(errorList){ - errorList.add(errorMap); - } - } - }); - ESManager.uploadData(AG_STATS, "issues", docs, "@id", false); - log.info(" End Collecing issues"); - } -} +package com.tmobile.cso.pacman.datashipper.entity; + +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.tmobile.cso.pacman.datashipper.es.ESManager; +import com.tmobile.cso.pacman.datashipper.util.AssetGroupUtil; +import com.tmobile.cso.pacman.datashipper.util.AuthManager; +import com.tmobile.cso.pacman.datashipper.util.Constants; +import com.tmobile.cso.pacman.datashipper.util.Util; + +/** + * The Class AssetGroupStatsCollector. + */ +public class AssetGroupStatsCollector implements Constants{ + + /** The Constant asstApiUri. */ + private static final String ASSET_API_URL = System.getenv("ASSET_API_URL"); + + /** The Constant compApiUri. */ + private static final String COMP_API_URL = System.getenv("CMPL_API_URL"); + + + /** The ag stats. */ + private static final String AG_STATS = "assetgroup_stats"; + + /** The Constant log. */ + private static final Logger log = LoggerFactory.getLogger(AssetGroupStatsCollector.class); + + private static final String DATE_FORMAT = "yyyy-MM-dd"; + private static final String DOMAIN = "domain"; + + private static final String CURR_DATE = new SimpleDateFormat(DATE_FORMAT).format(new java.util.Date()); + + private List> errorList = new ArrayList<>(); + + /** + * Collect asset group stats. + */ + public List> collectAssetGroupStats() { + + + log.info("Start Collecting asset group stats"); + String token; + try { + token = getToken(); + } catch (Exception e1) { + log.error("collectAssetGroupStats failed as unable to authenticate " , e1); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in collectAssetGroupStats. Authorisation failed"); + errorMap.put(ERROR_TYPE,FATAL); + errorMap.put(EXCEPTION, e1.getMessage()); + errorList.add(errorMap); + return errorList; + } + Map> assetGroupMap; + try { + assetGroupMap = AssetGroupUtil.fetchAssetGroups(ASSET_API_URL,token); + } catch (Exception e1) { + log.error("collectAssetGroupStats failed as unable to fetch asset groups " , e1); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in fetchAssetGroups"); + errorMap.put(ERROR_TYPE, ERROR); + errorMap.put(EXCEPTION, e1.getMessage()); + errorList.add(errorMap); + return errorList; + } + + ESManager.createIndex(AG_STATS, errorList); + ESManager.createType(AG_STATS, "count_type", errorList); + ESManager.createType(AG_STATS, "count_vuln", errorList); + ESManager.createType(AG_STATS, "patching", errorList); + ESManager.createType(AG_STATS, "issuecompliance", errorList); + ESManager.createType(AG_STATS, "compliance", errorList); + ESManager.createType(AG_STATS, "vulncompliance", errorList); + ESManager.createType(AG_STATS, "certcompliance", errorList); + ESManager.createType(AG_STATS, "tagcompliance", errorList); + ESManager.createType(AG_STATS, "issues", errorList); + + List assetGroups = new ArrayList<>(assetGroupMap.keySet()); + + ExecutorService executor = Executors.newCachedThreadPool(); + + executor.execute(() -> { + try { + uploadAssetGroupCountStats(assetGroups); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupCountStats " , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupCountStats"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.execute(() -> { + try { + uploadAssetGroupVulnStats(assetGroups); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupVulnStats " , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupVulnStats"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.execute(() -> { + try { + uploadAssetGroupPatchingCompliance(assetGroups); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupPatchingCompliance " , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupPatchingCompliance"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.execute(() -> { + try { + uploadAssetGroupRuleCompliance(assetGroupMap); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupRuleCompliance " ,e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupRuleCompliance"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + executor.execute(() -> { + try { + uploadAssetGroupCompliance(assetGroupMap); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupCompliance " , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupCompliance"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.execute(() -> { + try { + uploadAssetGroupVulnCompliance(assetGroups); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupVulnCompliance " , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupVulnCompliance"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.execute(() -> { + try { + uploadAssetGroupCertCompliance(assetGroups); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupCertCompliance " , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupCertCompliance"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.execute(() -> { + try { + uploadAssetGroupTagCompliance(assetGroups); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupTagCompliance" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupTagCompliance"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.execute(() -> { + try { + uploadAssetGroupIssues(assetGroupMap); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupIssues" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupIssues"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + + executor.shutdown(); + while (!executor.isTerminated()); + + log.info("End Collecting asset group stats"); + return errorList; + } + + private String getToken() throws Exception{ + return AuthManager.getToken(); + } + + /** + * Upload asset group vuln compliance. + * + * @param assetGroups + * the asset groups + * @throws Exception + */ + public void uploadAssetGroupVulnCompliance(List assetGroups) throws Exception { + + + log.info(" Start Collecing vuln compliance"); + List> docs = new ArrayList<>(); + for (String ag : assetGroups) { + try { + Map doc = AssetGroupUtil.fetchVulnSummary(COMP_API_URL, ag, getToken()); + if (!doc.isEmpty()) { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); + docs.add(doc); + } + } catch (Exception e) { + log.error("Exception in uploadAssetGroupVulnCompliance" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupVulnCompliance for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + } + ESManager.uploadData(AG_STATS, "vulncompliance", docs, "@id", false); + log.info(" End Collecing vuln compliance"); + } + + /** + * Upload asset group cert compliance. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupCertCompliance(List assetGroups) throws Exception { + log.info(" Start Collecing cert compliance"); + List> docs = new ArrayList<>(); + for (String ag : assetGroups) { + try { + Map doc = AssetGroupUtil.fetchCertSummary(COMP_API_URL, ag, getToken()); + if (!doc.isEmpty()) { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); + docs.add(doc); + } + } catch (Exception e) { + log.error("Exception in uploadAssetGroupVulnCompliance " ,e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupCertCompliance for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + } + ESManager.uploadData(AG_STATS, "certcompliance", docs, "@id", false); + log.info(" End Collecing cert compliance"); + } + + /** + * Upload asset group tag compliance. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupTagCompliance(List assetGroups) throws Exception { + log.info(" Start Collecing tag compliance"); + List> docs = new ArrayList<>(); + for (String ag : assetGroups) { + try { + Map doc = AssetGroupUtil.fetchTaggingSummary(COMP_API_URL, ag, getToken()); + if (!doc.isEmpty()) { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); + docs.add(doc); + } + } catch (Exception e) { + log.error("Exception in uploadAssetGroupTagCompliance" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupTagCompliance for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + } + ESManager.uploadData(AG_STATS, "tagcompliance", docs, "@id", false); + log.info(" End Collecing tag compliance"); + } + + /** + * Upload asset group rule compliance. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupRuleCompliance(Map> assetGroups) throws Exception { + log.info(" Start Collecing Rule compliance"); + List> docs = new ArrayList<>(); + assetGroups.entrySet().stream().forEach(entry -> { + String ag = entry.getKey(); + List domains = entry.getValue(); + List> docList = new ArrayList<>(); + try { + docList = AssetGroupUtil.fetchRuleComplianceInfo(COMP_API_URL, ag, domains,getToken()); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupRuleCompliance" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupRuleCompliance for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + docList.parallelStream().forEach(doc -> { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + doc.get(DOMAIN) + doc.get("ruleId") + CURR_DATE)); + }); + docs.addAll(docList); + }); + + ESManager.uploadData(AG_STATS, "issuecompliance", docs, "@id", false); + log.info(" End Collecing Rule compliance"); + } + + /** + * Upload asset group patching compliance. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupPatchingCompliance(List assetGroups) throws Exception { + log.info(" Start Collecing patching compliance"); + List> docs = new ArrayList<>(); + for (String ag : assetGroups) { + try { + Map doc = AssetGroupUtil.fetchPatchingCompliance(COMP_API_URL, ag,getToken()); + if (!doc.isEmpty()) { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + CURR_DATE)); + docs.add(doc); + } + } catch (Exception e) { + log.error("Exception in uploadAssetGroupPatchingCompliance" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupPatchingCompliance for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + } + ESManager.uploadData(AG_STATS, "patching", docs, "@id", false); + log.info(" End Collecing patching compliance"); + } + + /** + * Upload asset group compliance. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupCompliance(Map> assetGroups) throws Exception { + log.info(" Start Collecing compliance"); + List> docs = new ArrayList<>(); + assetGroups.entrySet().stream().forEach(entry -> { + String ag = entry.getKey(); + List domains = entry.getValue(); + try { + List> docList = AssetGroupUtil.fetchComplianceInfo(COMP_API_URL, ag, domains,getToken()); + docList.parallelStream().forEach(doc -> { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + doc.get(DOMAIN) + CURR_DATE)); + }); + docs.addAll(docList); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupCompliance " , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupCompliance for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + ESManager.uploadData(AG_STATS, "compliance", docs, "@id", false); + log.info(" End Collecing compliance"); + } + + /** + * Upload asset group vuln stats. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupVulnStats(List assetGroups) throws Exception { + log.info(" Start Collecting vuln info"); + List> docs = new ArrayList<>(); + for (String ag : assetGroups) { + try { + List> docList = AssetGroupUtil.fetchVulnDistribution(COMP_API_URL, ag,getToken()); + docList.parallelStream().forEach(doc -> { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + doc.get("tags.Application") + doc.get("tags.Environment") + + doc.get("severitylevel") + CURR_DATE)); + }); + docs.addAll(docList); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupVulnStats" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupVulnStats for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + } + ESManager.uploadData(AG_STATS, "count_vuln", docs, "@id", false); + log.info(" End Collecting vuln info"); + } + + /** + * Need to collect the asset group stats and upload to ES. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupCountStats(List assetGroups) throws Exception { + + log.info(" Start Collecing Asset count"); + Map>> currentInfo = ESManager + .fetchCurrentCountStatsForAssetGroups(CURR_DATE); + List> docs = new ArrayList<>(); + for (String ag : assetGroups) { + try { + List> typeCounts = AssetGroupUtil.fetchTypeCounts(ASSET_API_URL, ag,getToken()); + Map> currInfoMap = currentInfo.get(ag); + typeCounts.forEach(typeCount -> { + String type = typeCount.get("type").toString(); + long count = Long.valueOf(typeCount.get("count").toString()); + long min; + long max; + if (currInfoMap != null) { + Map _minMax = currInfoMap.get(type); + long _min; + long _max; + if (_minMax != null) { + _min = Long.valueOf(_minMax.get("min").toString()); + _max = Long.valueOf(_minMax.get("max").toString()); + } else { + _min = count; + _max = count; + } + min = count < _min ? count : _min; + max = count > _max ? count : _max; + + } else { + min = count; + max = count; + } + Map doc = new HashMap<>(); + doc.put("ag", ag); + doc.put("type", type); + doc.put("min", min); + doc.put("max", max); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + type + CURR_DATE)); + docs.add(doc); + }); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupCountStats" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupCountStats for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + } + ESManager.uploadData(AG_STATS, "count_type", docs, "@id", false); + + log.info(" End Collecing Asset count"); + } + + /** + * Upload asset group issues. + * + * @param assetGroups + * the asset groups + */ + public void uploadAssetGroupIssues(Map> assetGroups) throws Exception { + log.info(" Start Collecing issues"); + List> docs = new ArrayList<>(); + assetGroups.entrySet().stream().forEach(entry -> { + String ag = entry.getKey(); + List domains = entry.getValue(); + try { + List> docList = AssetGroupUtil.fetchIssuesInfo(COMP_API_URL, ag, domains,getToken()); + docList.parallelStream().forEach(doc -> { + doc.put("ag", ag); + doc.put("date", CURR_DATE); + doc.put("@id", Util.getUniqueID(ag + doc.get(DOMAIN) + CURR_DATE)); + }); + docs.addAll(docList); + } catch (Exception e) { + log.error("Exception in uploadAssetGroupIssues" , e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in uploadAssetGroupIssues for Asset Group"+ag); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + synchronized(errorList){ + errorList.add(errorMap); + } + } + }); + ESManager.uploadData(AG_STATS, "issues", docs, "@id", false); + log.info(" End Collecing issues"); + } +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManager.java index 845a0f9b6..d824e5988 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManager.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManager.java @@ -1,79 +1,104 @@ -package com.tmobile.cso.pacman.datashipper.entity; - -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.tmobile.cso.pacman.datashipper.config.ConfigManager; -import com.tmobile.cso.pacman.datashipper.dao.DBManager; -import com.tmobile.cso.pacman.datashipper.es.ESManager; -import com.tmobile.cso.pacman.datashipper.util.Constants; - - - - -/** - * The Class ChildTableDataCollector. - */ -public class EntityAssociationManager implements Constants { - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory.getLogger(EntityAssociationManager.class); - - /** - * Execute. - * - * @param dataSource the data source - * @return - */ - public List> uploadAssociationInfo(String dataSource) { - LOGGER.info("Started EntityAssociationDataCollector"); - List> errorList = new ArrayList<>(); - Set types = ConfigManager.getTypes(dataSource); - Iterator itr = types.iterator(); - String type = ""; - - while (itr.hasNext()) { - try { - type = itr.next(); - String indexName = dataSource + "_" + type; - List childTableNames = DBManager.getChildTableNames(indexName); - String key = ConfigManager.getKeyForType(dataSource, type); - if (!childTableNames.isEmpty()) { - for (String childTable : childTableNames) { - String childTableES = childTable.substring(childTable.indexOf('_') + 1); - if (!childTable.equalsIgnoreCase(indexName + "_tags")) { - ESManager.createType(indexName, childTableES, type); - LOGGER.info("Fetching data from {}", childTable); - List> entities = DBManager.executeQuery("select * from " + childTable); - String loaddate = new SimpleDateFormat("yyyy-MM-dd H:mm:00Z").format(new java.util.Date()); - entities.parallelStream().forEach(obj -> obj.put("_loaddate", loaddate)); - LOGGER.info("Collected : {}", entities.size()); - if (!entities.isEmpty()) { - ESManager.uploadData(indexName, childTableES, entities, key.split(",")); - ESManager.deleteOldDocuments(indexName, childTableES, "_loaddate.keyword", - loaddate); - } - } - } - } - } catch (Exception e) { - LOGGER.error("Error in populating child tables", e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Error in populating child tables"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - errorList.add(errorMap); - } - } - LOGGER.info("Completed ChildTableDataCollector"); - return errorList; - } -} +package com.tmobile.cso.pacman.datashipper.entity; + +import java.io.BufferedReader; +import java.io.InputStreamReader; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.services.s3.AmazonS3; +import com.amazonaws.services.s3.AmazonS3ClientBuilder; +import com.amazonaws.services.s3.model.GetObjectRequest; +import com.amazonaws.services.s3.model.ListObjectsV2Request; +import com.amazonaws.services.s3.model.S3Object; +import com.amazonaws.services.s3.model.S3ObjectSummary; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.tmobile.cso.pacman.datashipper.config.ConfigManager; +import com.tmobile.cso.pacman.datashipper.config.CredentialProvider; +import com.tmobile.cso.pacman.datashipper.es.ESManager; +import com.tmobile.cso.pacman.datashipper.util.Constants; + + + + +/** + * The Class ChildTableDataCollector. + */ +public class EntityAssociationManager implements Constants { + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory.getLogger(EntityAssociationManager.class); + + private String s3Account = System.getProperty("base.account"); + private String s3Region = System.getProperty("base.region"); + private String s3Role = System.getProperty("s3.role"); + private String bucketName = System.getProperty("s3"); + private String dataPath = System.getProperty("s3.data"); + + /** + * Execute. + * + * @param dataSource the data source + * @return + */ + public List> uploadAssociationInfo(String dataSource,String type) { + LOGGER.info("Started EntityAssociationDataCollector for {}",type); + List> errorList = new ArrayList<>(); + AmazonS3 s3Client = AmazonS3ClientBuilder.standard().withCredentials( + new AWSStaticCredentialsProvider(new CredentialProvider().getCredentials(s3Account,s3Role))).withRegion(s3Region).build(); + ObjectMapper objectMapper = new ObjectMapper(); + + try { + String indexName = dataSource + "_" + type; + String filePrefix = dataSource+"-"+type+"-"; + List childTypes = new ArrayList<>(); + for (S3ObjectSummary objectSummary : s3Client.listObjectsV2(new ListObjectsV2Request().withBucketName(bucketName).withPrefix(dataPath+"/"+filePrefix)).getObjectSummaries()) { + String fileName = objectSummary.getKey().replace(dataPath+"/", "").replace(".data", ""); + if(fileName.chars().filter(ch -> ch == '-').count() == 2) { + childTypes.add(fileName.replace(filePrefix,"")); + } + } + String key = ConfigManager.getKeyForType(dataSource, type); + if (!childTypes.isEmpty()) { + for (String childType : childTypes) { + String childTypeES = type+"_"+childType; + if (!childType.equalsIgnoreCase("tags")) { + ESManager.createType(indexName, childTypeES, type); + LOGGER.info("Fetching data for {}", childTypeES); + List> entities = new ArrayList<>(); + S3Object entitiesData = s3Client.getObject(new GetObjectRequest(bucketName, dataPath+"/"+filePrefix+childType+".data")); + try (BufferedReader reader = new BufferedReader(new InputStreamReader(entitiesData.getObjectContent()))) { + entities = objectMapper.readValue(reader.lines().collect(Collectors.joining("\n")),new TypeReference>>() {}); + } + String loaddate = new SimpleDateFormat("yyyy-MM-dd HH:mm:00Z").format(new java.util.Date()); + entities.parallelStream().forEach(obj -> obj.put("_loaddate", loaddate)); + LOGGER.info("Collected : {}", entities.size()); + if (!entities.isEmpty()) { + AWSErrorManager.getInstance().handleError(dataSource, indexName, childTypeES, loaddate, errorList,false); + ESManager.uploadData(indexName, childTypeES, entities, key.split(",")); + ESManager.deleteOldDocuments(indexName, childTypeES, "_loaddate.keyword", + loaddate); + } + } + } + } + } catch (Exception e) { + LOGGER.error("Error in populating child tables", e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Error in populating child tables"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + } + LOGGER.info("Completed EntityAssociationDataCollector for {}",type); + return errorList; + } +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityManager.java index c2a197dc5..97105b8c1 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityManager.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/entity/EntityManager.java @@ -1,212 +1,254 @@ -package com.tmobile.cso.pacman.datashipper.entity; - -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.Iterator; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.stream.Collectors; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.tmobile.cso.pacman.datashipper.config.ConfigManager; -import com.tmobile.cso.pacman.datashipper.dao.DBManager; -import com.tmobile.cso.pacman.datashipper.dao.RDSDBManager; -import com.tmobile.cso.pacman.datashipper.es.ESManager; -import com.tmobile.cso.pacman.datashipper.util.Constants; -import com.tmobile.cso.pacman.datashipper.util.Util; - - -/** - * The Class EntityManager. - */ -public class EntityManager implements Constants { - - /** The Constant log. */ - private static final Logger LOGGER = LoggerFactory.getLogger(EntityManager.class); - private static final String FIRST_DISCOVERED = "firstdiscoveredon"; - private static final String DISCOVERY_DATE = "discoverydate"; - private static final String PAC_OVERRIDE = "pac_override_"; - - - /** - * Upload entity data. - * - * @param datasource - * the datasource - */ - public List> uploadEntityData(String datasource) { - List> errorList = new ArrayList<>(); - Set types = ConfigManager.getTypes(datasource); - Iterator itr = types.iterator(); - String type = ""; - LOGGER.info("*** Start Colleting Entity Info ***"); - List filters = Arrays.asList("_docid", FIRST_DISCOVERED); - while (itr.hasNext()) { - - try { - type = itr.next(); - Map stats = new LinkedHashMap<>(); - stats.put("datasource", datasource); - stats.put("type", type); - stats.put("start_time", new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").format(new java.util.Date())); - - //if(type.equals("s3")){ - - LOGGER.info("Fetching {}" , type); - String indexName = datasource + "_" + type; - - Map> currentInfo = ESManager.getExistingInfo(indexName, type, filters); - LOGGER.info("Existing no of docs : {}" , currentInfo.size()); - - List> entities = DBManager.executeQuery("select * from " + datasource + "_" + type); - List> tags = DBManager - .executeQuery("select * from " + datasource + "_" + type + "_tags"); - List> overridableInfo = RDSDBManager.executeQuery( - "select updatableFields from cf_pac_updatable_fields where resourceType ='" + type + "'"); - List> overrides = DBManager.executeQuery( - "select _resourceid,fieldname,fieldvalue from pacman_field_override where resourcetype = '" - + type + "'"); - Map>> overridesMap = overrides.parallelStream() - .collect(Collectors.groupingBy(obj -> obj.get("_resourceid"))); - - String keys = ConfigManager.getKeyForType(datasource, type); - String idColumn = ConfigManager.getIdForType(datasource, type); - String[] _keys = keys.split(","); - LOGGER.info("Fetched from Redshift"); - String _type = type; - prepareDocs(currentInfo, entities, tags, overridableInfo, overridesMap, idColumn, _keys, _type); - LOGGER.info("Docs are prepared"); - stats.put("total_docs", entities.size()); - Map uploadInfo = ESManager.uploadData(indexName, type, entities); - stats.putAll(uploadInfo); - //} - stats.put("end_time", new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").format(new java.util.Date())); - - String statsJson = ESManager.createESDoc(stats); - ESManager.invokeAPI("POST", "/datashipper/stats", statsJson); - } catch (Exception e) { - LOGGER.error("Exception in collecting/uploading data for {}" ,type,e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Exception in collecting/uploading data for "+type); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - errorList.add(errorMap); - } - - } - LOGGER.info("*** End Colleting Entity Info ***"); - return errorList; - } - private void prepareDocs(Map> currentInfo, List> entities, - List> tags, List> overridableInfo, - Map>> overridesMap, String idColumn, String[] _keys, String _type) { - entities.parallelStream().forEach(entityInfo -> { - String id = entityInfo.get(idColumn); - String docId = Util.concatenate(entityInfo, _keys, "_"); - entityInfo.put("_resourceid", id); - entityInfo.put("_docid", docId); - entityInfo.put("_entity", "true"); - entityInfo.put("_entitytype", _type); - if (currentInfo != null && !currentInfo.isEmpty()) { - Map _currInfo = currentInfo.get(docId); - if (_currInfo != null) { - if (_currInfo.get(FIRST_DISCOVERED) == null) { - _currInfo.put(FIRST_DISCOVERED, entityInfo.get(DISCOVERY_DATE)); - } - entityInfo.putAll(_currInfo); - } else { - entityInfo.put(FIRST_DISCOVERED, entityInfo.get(DISCOVERY_DATE)); - } - } else { - entityInfo.put(FIRST_DISCOVERED, entityInfo.get(DISCOVERY_DATE)); - } - - tags.parallelStream().filter(tag -> Util.contains(tag, entityInfo, _keys)).forEach(_tag -> { - String key = _tag.get("key"); - if (key != null && !"".equals(key)) { - entityInfo.put("tags." + key, _tag.get("value")); - } - }); - if ("onpremserver".equals(_type)) { - updateOnPremData(entityInfo); - - if (overridesMap.containsKey(id) || !overridableInfo.isEmpty()) { - override(entityInfo, overridesMap.get(id), overridableInfo); - } - } - }); - } - - /** - * Update on prem data. - * - * @param entity - * the entity - */ - private static void updateOnPremData(Map entity) { - entity.put("tags.Application", entity.get("u_business_service").toLowerCase()); - entity.put("tags.Environment", entity.get("used_for")); - entity.put("inScope", "true"); - } - - /** - * Override. - * - * @param entity - * the entity - * @param overrideList - * the override list - * @param overrideFields - * the override fields - */ - private static void override(Map entity, List> overrideList, - List> overrideFields) { - - if (overrideList != null && !overrideList.isEmpty()) { - overrideList.forEach(obj -> { - String key = obj.get("fieldname"); - String value = obj.get("fieldvalue"); - if (null == value) - value = ""; - entity.put(key, value); - }); - } - - // Add override fields if not already populated - if (overrideFields != null && !overrideFields.isEmpty()) { - String strOverrideFields = overrideFields.get(0).get("updatableFields"); - String[] _strOverrideFields = strOverrideFields.split(","); - for (String _strOverrideField : _strOverrideFields) { - if (!entity.containsKey(_strOverrideField)) { - entity.put(_strOverrideField, ""); - } - - String value = entity.get(_strOverrideField); - if (_strOverrideField.startsWith(PAC_OVERRIDE)) { - String originalField = _strOverrideField.replace(PAC_OVERRIDE, ""); - String finalField = _strOverrideField.replace(PAC_OVERRIDE, "final_"); - if (entity.containsKey(originalField)) { // Only if the - // field exists in - // source, we need - // to add - String oringalValue = entity.get(originalField); - if ("".equals(value)) { - entity.put(finalField, oringalValue); - } else { - entity.put(finalField, value); - } - } - - } - } - } - - } - -} +package com.tmobile.cso.pacman.datashipper.entity; + +import java.io.BufferedReader; +import java.io.InputStreamReader; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.amazonaws.auth.AWSStaticCredentialsProvider; +import com.amazonaws.services.s3.AmazonS3; +import com.amazonaws.services.s3.AmazonS3ClientBuilder; +import com.amazonaws.services.s3.model.GetObjectRequest; +import com.amazonaws.services.s3.model.S3Object; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.tmobile.cso.pacman.datashipper.config.ConfigManager; +import com.tmobile.cso.pacman.datashipper.config.CredentialProvider; +import com.tmobile.cso.pacman.datashipper.dao.RDSDBManager; +import com.tmobile.cso.pacman.datashipper.es.ESManager; +import com.tmobile.cso.pacman.datashipper.util.Constants; +import com.tmobile.cso.pacman.datashipper.util.Util; + + +/** + * The Class EntityManager. + */ +public class EntityManager implements Constants { + + /** The Constant log. */ + private static final Logger LOGGER = LoggerFactory.getLogger(EntityManager.class); + private static final String FIRST_DISCOVERED = "firstdiscoveredon"; + private static final String DISCOVERY_DATE = "discoverydate"; + private static final String PAC_OVERRIDE = "pac_override_"; + private String s3Account = System.getProperty("base.account"); + private String s3Region = System.getProperty("base.region"); + private String s3Role = System.getProperty("s3.role"); + private String bucketName = System.getProperty("s3"); + private String dataPath = System.getProperty("s3.data"); + + /** + * Upload entity data. + * + * @param datasource + * the datasource + */ + public List> uploadEntityData(String datasource) { + + ObjectMapper objectMapper = new ObjectMapper(); + List> errorList = new ArrayList<>(); + + AmazonS3 s3Client = AmazonS3ClientBuilder.standard() + .withCredentials(new AWSStaticCredentialsProvider(new CredentialProvider().getCredentials(s3Account,s3Role))).withRegion(s3Region).build(); + + Set types = ConfigManager.getTypes(datasource); + Iterator itr = types.iterator(); + String type = ""; + LOGGER.info("*** Start Colleting Entity Info ***"); + List filters = Arrays.asList("_docid", FIRST_DISCOVERED); + EntityAssociationManager childTypeManager = new EntityAssociationManager(); + while (itr.hasNext()) { + try { + type = itr.next(); + Map stats = new LinkedHashMap<>(); + String loaddate = new SimpleDateFormat("yyyy-MM-dd HH:mm:00Z").format(new java.util.Date()); + stats.put("datasource", datasource); + stats.put("type", type); + stats.put("start_time", new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").format(new java.util.Date())); + LOGGER.info("Fetching {}" , type); + String indexName = datasource + "_" + type; + Map> currentInfo = ESManager.getExistingInfo(indexName, type, filters); + LOGGER.info("Existing no of docs : {}" , currentInfo.size()); + S3Object entitiesData = null ; + S3Object tagsData = null; + List> entities = new ArrayList<>(); + List> tags = new ArrayList<>(); + try { + entitiesData = s3Client.getObject(new GetObjectRequest(bucketName, dataPath+"/"+datasource + "-" + type+".data")); + try (BufferedReader reader = new BufferedReader(new InputStreamReader(entitiesData.getObjectContent()))) { + entities = objectMapper.readValue(reader.lines().collect(Collectors.joining("\n")),new TypeReference>>() {}); + } + } catch (Exception e) { + LOGGER.error("Exception in collecting data for {}" ,type,e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in collecting data for "+type); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + } + + try { + tagsData = s3Client.getObject(new GetObjectRequest(bucketName, dataPath+"/"+datasource + "-" + type+"-tags.data")); + try (BufferedReader reader = new BufferedReader(new InputStreamReader(tagsData.getObjectContent()))) { + tags = objectMapper.readValue(reader.lines().collect(Collectors.joining("\n")),new TypeReference>>() {}); + } + } catch (Exception e) { + // Do Nothing as there may not a tag file. + } + LOGGER.info("Fetched from S3"); + List> overridableInfo = RDSDBManager.executeQuery( + "select updatableFields from cf_pac_updatable_fields where resourceType ='" + type + "'"); + List> overrides = RDSDBManager.executeQuery( + "select _resourceid,fieldname,fieldvalue from pacman_field_override where resourcetype = '" + + type + "'"); + Map>> overridesMap = overrides.parallelStream() + .collect(Collectors.groupingBy(obj -> obj.get("_resourceid"))); + + String keys = ConfigManager.getKeyForType(datasource, type); + String idColumn = ConfigManager.getIdForType(datasource, type); + String[] keysArray = keys.split(","); + + AWSErrorManager.getInstance().handleError(datasource,indexName,type,loaddate,errorList,true); + prepareDocs(currentInfo, entities, tags, overridableInfo, overridesMap, idColumn, keysArray, type); + stats.put("total_docs", entities.size()); + + Map uploadInfo = ESManager.uploadData(indexName, type, entities, loaddate); + stats.putAll(uploadInfo); + + errorList.addAll(childTypeManager.uploadAssociationInfo(datasource, type)) ; + stats.put("end_time", new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ").format(new java.util.Date())); + + String statsJson = ESManager.createESDoc(stats); + ESManager.invokeAPI("POST", "/datashipper/stats", statsJson); + } catch (Exception e) { + LOGGER.error("Exception in collecting/uploading data for {}" ,type,e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Exception in collecting/uploading data for "+type); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + } + + } + LOGGER.info("*** End Colleting Entity Info ***"); + return errorList; + } + private void prepareDocs(Map> currentInfo, List> entities, + List> tags, List> overridableInfo, + Map>> overridesMap, String idColumn, String[] _keys, String _type) { + entities.parallelStream().forEach(entityInfo -> { + String id = entityInfo.get(idColumn); + String docId = Util.concatenate(entityInfo, _keys, "_"); + entityInfo.put("_resourceid", id); + entityInfo.put("_docid", docId); + entityInfo.put("_entity", "true"); + entityInfo.put("_entitytype", _type); + if (currentInfo != null && !currentInfo.isEmpty()) { + Map _currInfo = currentInfo.get(docId); + if (_currInfo != null) { + if (_currInfo.get(FIRST_DISCOVERED) == null) { + _currInfo.put(FIRST_DISCOVERED, entityInfo.get(DISCOVERY_DATE)); + } + entityInfo.putAll(_currInfo); + } else { + entityInfo.put(FIRST_DISCOVERED, entityInfo.get(DISCOVERY_DATE)); + } + } else { + entityInfo.put(FIRST_DISCOVERED, entityInfo.get(DISCOVERY_DATE)); + } + + tags.parallelStream().filter(tag -> Util.contains(tag, entityInfo, _keys)).forEach(_tag -> { + String key = _tag.get("key"); + if (key != null && !"".equals(key)) { + entityInfo.put("tags." + key, _tag.get("value")); + } + }); + if ("onpremserver".equals(_type)) { + updateOnPremData(entityInfo); + + if (overridesMap.containsKey(id) || !overridableInfo.isEmpty()) { + override(entityInfo, overridesMap.get(id), overridableInfo); + } + } + }); + } + + /** + * Update on prem data. + * + * @param entity + * the entity + */ + private static void updateOnPremData(Map entity) { + entity.put("tags.Application", entity.get("u_business_service").toLowerCase()); + entity.put("tags.Environment", entity.get("used_for")); + entity.put("inScope", "true"); + } + + /** + * Override. + * + * @param entity + * the entity + * @param overrideList + * the override list + * @param overrideFields + * the override fields + */ + private static void override(Map entity, List> overrideList, + List> overrideFields) { + + if (overrideList != null && !overrideList.isEmpty()) { + overrideList.forEach(obj -> { + String key = obj.get("fieldname"); + String value = obj.get("fieldvalue"); + if (null == value) + value = ""; + entity.put(key, value); + }); + } + + // Add override fields if not already populated + if (overrideFields != null && !overrideFields.isEmpty()) { + String strOverrideFields = overrideFields.get(0).get("updatableFields"); + String[] _strOverrideFields = strOverrideFields.split(","); + for (String _strOverrideField : _strOverrideFields) { + if (!entity.containsKey(_strOverrideField)) { + entity.put(_strOverrideField, ""); + } + + String value = entity.get(_strOverrideField); + if (_strOverrideField.startsWith(PAC_OVERRIDE)) { + String originalField = _strOverrideField.replace(PAC_OVERRIDE, ""); + String finalField = _strOverrideField.replace(PAC_OVERRIDE, "final_"); + if (entity.containsKey(originalField)) { // Only if the + // field exists in + // source, we need + // to add + String originalValue = entity.get(originalField); + if ("".equals(value)) { + entity.put(finalField, originalValue); + } else { + entity.put(finalField, value); + } + } + + } + } + } + } + + + + +} \ No newline at end of file diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/es/ESManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/es/ESManager.java index 838b68e51..61af6dc69 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/es/ESManager.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/es/ESManager.java @@ -1,650 +1,670 @@ -package com.tmobile.cso.pacman.datashipper.es; - -import java.io.IOException; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Collections; -import java.util.HashMap; -import java.util.Iterator; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.apache.commons.httpclient.HttpStatus; -import org.apache.http.HttpEntity; -import org.apache.http.HttpHost; -import org.apache.http.ParseException; -import org.apache.http.entity.ContentType; -import org.apache.http.nio.entity.NStringEntity; -import org.apache.http.util.EntityUtils; -import org.elasticsearch.client.Response; -import org.elasticsearch.client.RestClient; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.gson.Gson; -import com.tmobile.cso.pacman.datashipper.config.ConfigManager; -import com.tmobile.cso.pacman.datashipper.util.Constants; -import com.tmobile.cso.pacman.datashipper.util.Util; - -/** - * The Class ESManager. - */ -public class ESManager implements Constants { - - /** The es host key name. */ - private static final String ES_HOST_KEY_NAME = System.getenv("ES_HOST"); - - /** The es http port. */ - private static final Integer ES_HTTP_PORT = getESPort(); - - /** The rest client. */ - private static RestClient restClient; - - /** The log. */ - private static final Logger LOGGER = LoggerFactory.getLogger(ESManager.class); - - private static int getESPort(){ - try{ - return Integer.parseInt(System.getenv("ES_PORT")); - }catch(Exception e){ - return 0; - } - } - /** - * Gets the rest client. - * - * @return the rest client - */ - private static RestClient getRestClient() { - if (restClient == null) - restClient = RestClient.builder(new HttpHost(ES_HOST_KEY_NAME, ES_HTTP_PORT)).build(); - return restClient; - - } - - /** - * Upload data. - * - * @param index - * the index - * @param type - * the type - * @param docs - * the docs - * @return the map - */ - public static Map uploadData(String index, String type, List> docs) { - - Map status = new LinkedHashMap<>(); - List errors = new ArrayList<>(); - String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_id\" : \"%s\" } }%n"; - String loaddate = new SimpleDateFormat("yyyy-MM-dd H:mm:00Z").format(new java.util.Date()); - - LOGGER.info("*********UPLOADING*** {}" ,type); - - String keys = ConfigManager.getKeyForType(index, type); - String[] _keys = keys.split(","); - if (null != docs && !docs.isEmpty()) { - LOGGER.info("*********# of docs *** {}" , docs.size()); - StringBuilder bulkRequest = new StringBuilder(); - int i = 0; - for (Map doc : docs) { - - String id = Util.concatenate(doc, _keys, "_"); - StringBuilder _doc = new StringBuilder(createESDoc(doc)); - _doc.deleteCharAt(_doc.length() - 1); // } - _doc.append(",\"latest\":true,\"_loaddate\":\"" + loaddate + "\" }"); - - if (_doc != null) { - bulkRequest.append(String.format(actionTemplate, index, type, id)); - bulkRequest.append(_doc + "\n"); - } - i++; - if (i % 1000 == 0 || bulkRequest.toString().getBytes().length / (1024 * 1024) > 5) { - bulkUpload(errors, bulkRequest); - bulkRequest = new StringBuilder(); - } - } - if (bulkRequest.length() > 0) { - bulkUpload(errors, bulkRequest); - } - LOGGER.info("Updating status"); - refresh(index); - updateLatestStatus(index, type, loaddate); - status.put("uploaded_docs", i); - if (!errors.isEmpty()) - status.put("errors", errors); - } - return status; - - } - - private static void bulkUpload(List errors, StringBuilder bulkRequest) { - try { - Response resp = invokeAPI("POST", "/_bulk", bulkRequest.toString()); - String responseStr = EntityUtils.toString(resp.getEntity()); - if (responseStr.contains("\"errors\":true")) { - LOGGER.error(responseStr); - errors.add(responseStr); - } - } catch (Exception e) { - LOGGER.error("Bulk upload failed",e); - errors.add(e.getMessage()); - } - } - - /** - * Bulk upload. - * - * @param bulkRequest the bulk request - */ - private static void bulkUpload(StringBuilder bulkRequest) { - try { - Response resp = invokeAPI("POST", "/_bulk?refresh=true", bulkRequest.toString()); - String responseStr = EntityUtils.toString(resp.getEntity()); - if (responseStr.contains("\"errors\":true")) { - LOGGER.error(responseStr); - } - } catch (ParseException | IOException e) { - LOGGER.error("Error in uploading data", e); - } - } - - /** - * Refresh. - * - * @param index - * the index - */ - public static void refresh(String index) { - try { - Response refrehsResponse = invokeAPI("POST", index + "/" + "_refresh", null); - if (refrehsResponse != null && HttpStatus.SC_OK != refrehsResponse.getStatusLine().getStatusCode()) { - LOGGER.error("Refreshing index %s failed", index, refrehsResponse); - } - } catch (IOException e) { - LOGGER.error("Error in refresh ",e); - } - - } - - /** - * Method not used by the entity upload.But to append data to speific index - * - * @param index - * the index - * @param type - * the type - * @param docs - * the docs - * @param idKey - * the id key - * @param refresh - * the refresh - */ - public static void uploadData(String index, String type, List> docs, String idKey, - boolean refresh) { - String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_id\" : \"%s\"} }%n"; - String endpoint = "/_bulk"; - if (refresh) { - endpoint = endpoint + "?refresh=true"; - } - LOGGER.info("*********UPLOADING*** {}" , type); - if (null != docs && !docs.isEmpty()) { - StringBuilder bulkRequest = new StringBuilder(); - int i = 0; - for (Map doc : docs) { - String id = doc.get(idKey).toString(); - StringBuilder _doc = new StringBuilder(createESDoc(doc)); - - if (_doc != null) { - bulkRequest.append(String.format(actionTemplate, index, type, id)); - bulkRequest.append(_doc + "\n"); - } - i++; - if (i % 1000 == 0 || bulkRequest.toString().getBytes().length / (1024 * 1024) > 5) { - LOGGER.info("Uploaded {}" , i); - bulkUpload(endpoint, bulkRequest); - bulkRequest = new StringBuilder(); - } - } - if (bulkRequest.length() > 0) { - LOGGER.info("Uploaded {}" , i); - bulkUpload(endpoint, bulkRequest); - } - } - - } - - private static void bulkUpload(String endpoint, StringBuilder bulkRequest) { - try { - Response resp = invokeAPI("POST", endpoint, bulkRequest.toString()); - String responseStr = EntityUtils.toString(resp.getEntity()); - if (responseStr.contains("\"errors\":true")) { - LOGGER.error(responseStr); - } - } catch (Exception e) { - LOGGER.error("Bulk upload failed",e); - - } - } - - /** - * Update latest status. - * - * @param index - * the index - * @param type - * the type - * @param loaddate - * the loaddate - */ - private static void updateLatestStatus(String index, String type, String loaddate) { - String updateJson = "{\"script\":{\"inline\": \"ctx._source.latest=false\"},\"query\": {\"bool\": {\"must\": [{ \"match\": {\"latest\":true}}], \"must_not\": [{\"match\": {\"_loaddate.keyword\":\"" - + loaddate + "\"}}]}}}"; - try { - invokeAPI("POST", index + "/" + type + "/" + "_update_by_query", updateJson); - } catch (IOException e) { - LOGGER.error("Error in updateLatestStatus",e); - } - } - - /** - * Creates the ES doc. - * - * @param doc - * the doc - * @return the string - */ - public static String createESDoc(Map doc) { - ObjectMapper objMapper = new ObjectMapper(); - String docJson = "{}"; - try { - docJson = objMapper.writeValueAsString(doc); - } catch (JsonProcessingException e) { - LOGGER.error("Error createESDoc",e); - } - return docJson; - } - - /** - * Invoke API. - * - * @param method - * the method - * @param endpoint - * the endpoint - * @param payLoad - * the pay load - * @return the response - * @throws IOException - */ - public static Response invokeAPI(String method, String endpoint, String payLoad) throws IOException { - String uri = endpoint; - if (!uri.startsWith("/")) { - uri = "/" + uri; - } - HttpEntity entity = null; - if (payLoad != null) - entity = new NStringEntity(payLoad, ContentType.APPLICATION_JSON); - - return getRestClient().performRequest(method, uri, Collections.emptyMap(), entity); - } - - /** - * Index exists. - * - * @param indexName - * the index name - * @return true, if successful - */ - private static boolean indexExists(String indexName) { - - try { - Response response = invokeAPI("HEAD", indexName, null); - if (response != null) { - return response.getStatusLine().getStatusCode() == 200; - } - } catch (IOException e) { - LOGGER.error("Error indexExists",e); - } - return false; - } - - /** - * Type exists. - * - * @param indexName - * the index name - * @param type - * the type - * @return true, if successful - */ - private static boolean typeExists(String indexName, String type) { - try { - Response response = invokeAPI("HEAD", indexName + "/_mapping/" + type, null); - if (response != null) { - return response.getStatusLine().getStatusCode() == 200 ? true : false; - } - } catch (IOException e) { - LOGGER.error("Error in typeExists",e); - } - - return false; - } - - /** - * Gets the type count. - * - * @param indexName - * the index name - * @param type - * the type - * @return the type count - */ - private static int getTypeCount(String indexName, String type) { - try { - Response response = invokeAPI("GET", indexName + "/" + type + "/_count?filter_path=count", - "{\"query\":{ \"match\":{\"latest\":true}}}"); - String rspJson = EntityUtils.toString(response.getEntity()); - return new ObjectMapper().readTree(rspJson).at("/count").asInt(); - } catch (IOException e) { - LOGGER.error("Error in getTypeCount",e); - } - return 0; - } - - /** - * Configure index and types. - * - * @param ds - * the ds - */ - public static void configureIndexAndTypes(String ds, List> errorList) { - - String _payLoad = "{\"settings\" : { \"number_of_shards\" : 3,\"number_of_replicas\" : 1 },\"mappings\": {"; - - Set types = ConfigManager.getTypes(ds); - Iterator it = types.iterator(); - while (it.hasNext()) { - String _type = it.next(); - String indexName = ds + "_" + _type; - if (!indexExists(indexName)) { - StringBuilder payLoad = new StringBuilder(_payLoad); - payLoad.append("\"" + _type + "\":{},\"issue_" + _type + "\": { \"_parent\": {\"type\": \"" + _type - + "\"}},\"issue_" + _type + "_audit\": { \"_parent\": {\"type\": \"issue_" + _type - + "\"}},\"issue_" + _type + "_comment\": { \"_parent\": {\"type\": \"issue_" + _type - + "\"}},\"issue_" + _type + "_exception\": { \"_parent\": {\"type\": \"issue_" + _type - + "\"}}"); - payLoad.append("}}"); - try { - invokeAPI("PUT", indexName, payLoad.toString()); - invokeAPI("PUT", "/" + indexName + "/_alias/" + ds, null); - } catch (IOException e) { - LOGGER.error("Error in configureIndexAndTypes",e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Error in configureIndexAndTypes"); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - errorList.add(errorMap); - } - } - } - - } - - /** - * Gets the existing info. - * - * @param indexName - * the index name - * @param type - * the type - * @param filters - * the filters - * @return the existing info - */ - public static Map> getExistingInfo(String indexName, String type, - List filters) { - int count = getTypeCount(indexName, type); - int _count = count; - boolean scroll = false; - if (count > 10000) { - _count = 10000; - scroll = true; - } - - String keyField = filters.get(0); - StringBuilder filter_path = new StringBuilder("&filter_path=_scroll_id,"); - for (String _filter : filters) { - filter_path.append("hits.hits._source." + _filter + ","); - } - filter_path.deleteCharAt(filter_path.length() - 1); - - String endPoint = indexName + "/" + type + "/_search?scroll=1m" + filter_path.toString() + "&size=" + _count; - String payLoad = "{ \"query\": { \"match\": {\"latest\": true}}}"; - Map> _data = new HashMap<>(); - String scrollId = fetchDataAndScrollId(endPoint, _data, keyField, payLoad); - - if (scroll) { - count -= 10000; - do { - endPoint = "/_search/scroll?scroll=1m&scroll_id=" + scrollId + filter_path.toString(); - scrollId = fetchDataAndScrollId(endPoint, _data, keyField, null); - count -= 10000; - if (count <= 0) - scroll = false; - } while (scroll); - } - return _data; - } - - /** - * Fetch data and scroll id. - * - * @param endPoint - * the end point - * @param _data - * the data - * @param keyField - * the key field - * @param payLoad - * the pay load - * @return the string - */ - private static String fetchDataAndScrollId(String endPoint, Map> _data, String keyField, - String payLoad) { - try { - ObjectMapper objMapper = new ObjectMapper(); - Response response = invokeAPI("GET", endPoint, payLoad); - String responseJson = EntityUtils.toString(response.getEntity()); - JsonNode _info = objMapper.readTree(responseJson).at("/hits/hits"); - String scrollId = objMapper.readTree(responseJson).at("/_scroll_id").textValue(); - Iterator it = _info.elements(); - String doc; - Map docMap; - while (it.hasNext()) { - doc = it.next().fields().next().getValue().toString(); - docMap = objMapper.readValue(doc, new TypeReference>() { - }); - _data.put(docMap.get(keyField), docMap); - docMap.remove(keyField); - } - return scrollId; - } catch (ParseException | IOException e) { - LOGGER.error("Error in fetchDataAndScrollId" ,e ); - } - return ""; - } - - /** - * Fetch current count stats for asset groups. - * - * @param date - * the date - * @return the map - */ - @SuppressWarnings("unchecked") - public static Map>> fetchCurrentCountStatsForAssetGroups(String date) { - - Map>> asgInfoList = new HashMap<>(); - try { - ObjectMapper objMapper = new ObjectMapper(); - String payLoad = "{\"query\": { \"match\": { \"date\": \"" + date + "\"} }}"; - Response response = invokeAPI("GET", "assetgroup_stats/count_type/_search?size=10000", payLoad); - String responseJson = EntityUtils.toString(response.getEntity()); - - Map docMap = objMapper.readValue(responseJson, new TypeReference>() { - }); - List> docs = (List>) ((Map) docMap.get("hits")) - .get("hits"); - - for (Map doc : docs) { - Map _doc = (Map) doc.get("_source"); - - Map> typeInfo = asgInfoList.get(_doc.get("ag").toString()); - if (typeInfo == null) { - typeInfo = new HashMap<>(); - asgInfoList.put(_doc.get("ag").toString(), typeInfo); - } - - typeInfo.put(_doc.get("type").toString(), _doc); - _doc.remove("ag"); - _doc.remove("type"); - - } - } catch (ParseException | IOException e) { - LOGGER.error("Error in fetchCurrentCountStatsForAssetGroups" ,e ); - } - return asgInfoList; - } - - /** - * Creates the index. - * - * @param indexName - * the index name - */ - public static void createIndex(String indexName, List> errorList) { - if (!indexExists(indexName)) { - String payLoad = "{\"settings\": { \"index.mapping.ignore_malformed\": true }}"; - try { - invokeAPI("PUT", indexName, payLoad); - } catch (IOException e) { - LOGGER.error("Error in createIndex" ,e ); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Error in createIndex "+indexName); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - errorList.add(errorMap); - } - } - } - - /** - * Creates the type. - * - * @param indexName - * the index name - * @param typename - * the typename - */ - public static void createType(String indexName, String typename, List> errorList) { - if (!typeExists(indexName, typename)) { - String endPoint = indexName + "/_mapping/" + typename; - try { - invokeAPI("PUT", endPoint, "{ \"properties\":{}}"); - } catch (IOException e) { - LOGGER.error("Error in createType",e); - Map errorMap = new HashMap<>(); - errorMap.put(ERROR, "Error in createType "+typename); - errorMap.put(ERROR_TYPE, WARN); - errorMap.put(EXCEPTION, e.getMessage()); - errorList.add(errorMap); - } - } - } - - /** - * Creates the type. - * - * @param index the index - * @param type the type - * @param parent the parent - */ - public static void createType(String index, String type, String parent) { - if (!typeExists(index, type)) { - String endPoint = index + "/_mapping/" + type; - String payLoad = "{\"_parent\": { \"type\": \"" + parent + "\" } }"; - try { - invokeAPI("PUT", endPoint, payLoad); - } catch (IOException e) { - LOGGER.error("Error createType ", e); - } - } - } - - - /** - * added for uploading Child docs where parent id could be dervied from - * child. - * - * @param index the index - * @param type the type - * @param docs the docs - * @param parentKey the parent key - */ - public static void uploadData(String index, String type, List> docs, String[] parentKey) { - String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_parent\" : \"%s\" } }%n"; // added - // _parent - // node - - LOGGER.info("*********UPLOADING*** {}", type); - if (null != docs && !docs.isEmpty()) { - StringBuilder bulkRequest = new StringBuilder(); - int i = 0; - for (Map doc : docs) { - - StringBuilder _doc = new StringBuilder(new Gson().toJson(doc)); - String parent = Util.concatenate(doc, parentKey, "_"); - bulkRequest.append(String.format(actionTemplate, index, type, parent)); - bulkRequest.append(_doc + "\n"); - i++; - if (i % 1000 == 0 || bulkRequest.toString().getBytes().length / (1024 * 1024) > 5) { - LOGGER.info("Uploading {}", i); - bulkUpload(bulkRequest); - bulkRequest = new StringBuilder(); - } - } - if (bulkRequest.length() > 0) { - LOGGER.info("Uploaded {}", i); - bulkUpload(bulkRequest); - } - refresh(index); - } - } - - /** - * Delete old documents. - * - * @param index the index - * @param type the type - * @param field the field - * @param value the value - */ - public static void deleteOldDocuments(String index, String type, String field, String value) { - String deleteJson = "{\"query\": {\"bool\": {\"must_not\": [{ \"match\": {\"" + field + "\":\"" + value - + "\"}}]}}}"; - try { - invokeAPI("POST", index + "/" + type + "/" + "_delete_by_query", deleteJson); - } catch (IOException e) { - LOGGER.error("Error deleteOldDocuments ", e); - } - } -} +package com.tmobile.cso.pacman.datashipper.es; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import org.apache.commons.httpclient.HttpStatus; +import org.apache.http.HttpEntity; +import org.apache.http.HttpHost; +import org.apache.http.ParseException; +import org.apache.http.entity.ContentType; +import org.apache.http.nio.entity.NStringEntity; +import org.apache.http.util.EntityUtils; +import org.elasticsearch.client.Response; +import org.elasticsearch.client.RestClient; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.common.base.Strings; +import com.google.gson.Gson; +import com.tmobile.cso.pacman.datashipper.config.ConfigManager; +import com.tmobile.cso.pacman.datashipper.util.Constants; +import com.tmobile.cso.pacman.datashipper.util.Util; + +/** + * The Class ESManager. + */ +public class ESManager implements Constants { + + /** The es host key name. */ + private static final String ES_HOST_KEY_NAME = System.getProperty("elastic-search.host"); + + /** The es http port. */ + private static final Integer ES_HTTP_PORT = getESPort(); + + /** The rest client. */ + private static RestClient restClient; + + /** The log. */ + private static final Logger LOGGER = LoggerFactory.getLogger(ESManager.class); + + private static int getESPort(){ + try{ + return Integer.parseInt(System.getProperty("elastic-search.port")); + }catch(Exception e){ + return 0; + } + } + /** + * Gets the rest client. + * + * @return the rest client + */ + private static RestClient getRestClient() { + if (restClient == null) + restClient = RestClient.builder(new HttpHost(ES_HOST_KEY_NAME, ES_HTTP_PORT)).build(); + return restClient; + + } + + /** + * Upload data. + * + * @param index + * the index + * @param type + * the type + * @param docs + * the docs + * @return the map + */ + public static Map uploadData(String index, String type, List> docs, String loaddate) { + + Map status = new LinkedHashMap<>(); + List errors = new ArrayList<>(); + String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_id\" : \"%s\" } }%n"; + + LOGGER.info("*********UPLOADING*** {}" ,type); + + String keys = ConfigManager.getKeyForType(index, type); + String[] _keys = keys.split(","); + if (null != docs && !docs.isEmpty()) { + LOGGER.info("*********# of docs *** {}" , docs.size()); + StringBuilder bulkRequest = new StringBuilder(); + int i = 0; + for (Map doc : docs) { + + String id = Util.concatenate(doc, _keys, "_"); + StringBuilder _doc = new StringBuilder(createESDoc(doc)); + _doc.deleteCharAt(_doc.length() - 1); // } + _doc.append(",\"latest\":true,\"_loaddate\":\"" + loaddate + "\" }"); + + if (_doc != null) { + bulkRequest.append(String.format(actionTemplate, index, type, id)); + bulkRequest.append(_doc + "\n"); + } + i++; + if (i % 1000 == 0 || bulkRequest.toString().getBytes().length / (1024 * 1024) > 5) { + bulkUpload(errors, bulkRequest); + bulkRequest = new StringBuilder(); + } + } + if (bulkRequest.length() > 0) { + bulkUpload(errors, bulkRequest); + } + LOGGER.info("Updating status"); + refresh(index); + updateLatestStatus(index, type, loaddate); + status.put("uploaded_docs", i); + if (!errors.isEmpty()) + status.put("errors", errors); + } + return status; + + } + + private static void bulkUpload(List errors, StringBuilder bulkRequest) { + try { + Response resp = invokeAPI("POST", "/_bulk", bulkRequest.toString()); + String responseStr = EntityUtils.toString(resp.getEntity()); + if (responseStr.contains("\"errors\":true")) { + LOGGER.error(responseStr); + errors.add(responseStr); + } + } catch (Exception e) { + LOGGER.error("Bulk upload failed",e); + errors.add(e.getMessage()); + } + } + + /** + * Bulk upload. + * + * @param bulkRequest the bulk request + */ + private static void bulkUpload(StringBuilder bulkRequest) { + try { + Response resp = invokeAPI("POST", "/_bulk?refresh=true", bulkRequest.toString()); + String responseStr = EntityUtils.toString(resp.getEntity()); + if (responseStr.contains("\"errors\":true")) { + LOGGER.error(responseStr); + } + } catch (ParseException | IOException e) { + LOGGER.error("Error in uploading data", e); + } + } + + /** + * Refresh. + * + * @param index + * the index + */ + public static void refresh(String index) { + try { + Response refrehsResponse = invokeAPI("POST", index + "/" + "_refresh", null); + if (refrehsResponse != null && HttpStatus.SC_OK != refrehsResponse.getStatusLine().getStatusCode()) { + LOGGER.error("Refreshing index %s failed", index, refrehsResponse); + } + } catch (IOException e) { + LOGGER.error("Error in refresh ",e); + } + + } + + /** + * Method not used by the entity upload.But to append data to speific index + * + * @param index + * the index + * @param type + * the type + * @param docs + * the docs + * @param idKey + * the id key + * @param refresh + * the refresh + */ + public static void uploadData(String index, String type, List> docs, String idKey, + boolean refresh) { + String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_id\" : \"%s\"} }%n"; + String endpoint = "/_bulk"; + if (refresh) { + endpoint = endpoint + "?refresh=true"; + } + LOGGER.info("*********UPLOADING*** {}" , type); + if (null != docs && !docs.isEmpty()) { + StringBuilder bulkRequest = new StringBuilder(); + int i = 0; + for (Map doc : docs) { + String id = doc.get(idKey).toString(); + StringBuilder _doc = new StringBuilder(createESDoc(doc)); + + if (_doc != null) { + bulkRequest.append(String.format(actionTemplate, index, type, id)); + bulkRequest.append(_doc + "\n"); + } + i++; + if (i % 1000 == 0 || bulkRequest.toString().getBytes().length / (1024 * 1024) > 5) { + LOGGER.info("Uploaded {}" , i); + bulkUpload(endpoint, bulkRequest); + bulkRequest = new StringBuilder(); + } + } + if (bulkRequest.length() > 0) { + LOGGER.info("Uploaded {}" , i); + bulkUpload(endpoint, bulkRequest); + } + } + + } + + private static void bulkUpload(String endpoint, StringBuilder bulkRequest) { + try { + Response resp = invokeAPI("POST", endpoint, bulkRequest.toString()); + String responseStr = EntityUtils.toString(resp.getEntity()); + if (responseStr.contains("\"errors\":true")) { + LOGGER.error(responseStr); + } + } catch (Exception e) { + LOGGER.error("Bulk upload failed",e); + + } + } + + /** + * Update latest status. + * + * @param index + * the index + * @param type + * the type + * @param loaddate + * the loaddate + */ + private static void updateLatestStatus(String index, String type, String loaddate) { + String updateJson = "{\"script\":{\"inline\": \"ctx._source.latest=false\"},\"query\": {\"bool\": {\"must\": [{ \"match\": {\"latest\":true}}], \"must_not\": [{\"match\": {\"_loaddate.keyword\":\"" + + loaddate + "\"}}]}}}"; + try { + invokeAPI("POST", index + "/" + type + "/" + "_update_by_query", updateJson); + } catch (IOException e) { + LOGGER.error("Error in updateLatestStatus",e); + } + } + + /** + * Creates the ES doc. + * + * @param doc + * the doc + * @return the string + */ + public static String createESDoc(Map doc) { + ObjectMapper objMapper = new ObjectMapper(); + String docJson = "{}"; + try { + docJson = objMapper.writeValueAsString(doc); + } catch (JsonProcessingException e) { + LOGGER.error("Error createESDoc",e); + } + return docJson; + } + + /** + * Invoke API. + * + * @param method + * the method + * @param endpoint + * the endpoint + * @param payLoad + * the pay load + * @return the response + * @throws IOException + */ + public static Response invokeAPI(String method, String endpoint, String payLoad) throws IOException { + String uri = endpoint; + if (!uri.startsWith("/")) { + uri = "/" + uri; + } + HttpEntity entity = null; + if (payLoad != null) + entity = new NStringEntity(payLoad, ContentType.APPLICATION_JSON); + + return getRestClient().performRequest(method, uri, Collections.emptyMap(), entity); + } + + /** + * Index exists. + * + * @param indexName + * the index name + * @return true, if successful + */ + private static boolean indexExists(String indexName) { + + try { + Response response = invokeAPI("HEAD", indexName, null); + if (response != null) { + return response.getStatusLine().getStatusCode() == 200; + } + } catch (IOException e) { + LOGGER.error("Error indexExists",e); + } + return false; + } + + /** + * Type exists. + * + * @param indexName + * the index name + * @param type + * the type + * @return true, if successful + */ + private static boolean typeExists(String indexName, String type) { + try { + Response response = invokeAPI("HEAD", indexName + "/_mapping/" + type, null); + if (response != null) { + return response.getStatusLine().getStatusCode() == 200 ? true : false; + } + } catch (IOException e) { + LOGGER.error("Error in typeExists",e); + } + + return false; + } + + /** + * Gets the type count. + * + * @param indexName + * the index name + * @param type + * the type + * @return the type count + */ + private static int getTypeCount(String indexName, String type) { + try { + Response response = invokeAPI("GET", indexName + "/" + type + "/_count?filter_path=count", + "{\"query\":{ \"match\":{\"latest\":true}}}"); + String rspJson = EntityUtils.toString(response.getEntity()); + return new ObjectMapper().readTree(rspJson).at("/count").asInt(); + } catch (IOException e) { + LOGGER.error("Error in getTypeCount",e); + } + return 0; + } + + /** + * Configure index and types. + * + * @param ds + * the ds + */ + public static void configureIndexAndTypes(String ds, List> errorList) { + + String _payLoad = "{\"settings\" : { \"number_of_shards\" : 3,\"number_of_replicas\" : 1 },\"mappings\": {"; + + Set types = ConfigManager.getTypes(ds); + Iterator it = types.iterator(); + while (it.hasNext()) { + String _type = it.next(); + String indexName = ds + "_" + _type; + if (!indexExists(indexName)) { + StringBuilder payLoad = new StringBuilder(_payLoad); + payLoad.append("\"" + _type + "\":{},\"issue_" + _type + "\": { \"_parent\": {\"type\": \"" + _type + + "\"}},\"issue_" + _type + "_audit\": { \"_parent\": {\"type\": \"issue_" + _type + + "\"}},\"issue_" + _type + "_comment\": { \"_parent\": {\"type\": \"issue_" + _type + + "\"}},\"issue_" + _type + "_exception\": { \"_parent\": {\"type\": \"issue_" + _type + + "\"}}"); + payLoad.append("}}"); + try { + invokeAPI("PUT", indexName, payLoad.toString()); + invokeAPI("PUT", "/" + indexName + "/_alias/" + ds, null); + } catch (IOException e) { + LOGGER.error("Error in configureIndexAndTypes",e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Error in configureIndexAndTypes"); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + } + } + } + + } + + /** + * Gets the existing info. + * + * @param indexName + * the index name + * @param type + * the type + * @param filters + * the filters + * @return the existing info + */ + public static Map> getExistingInfo(String indexName, String type, + List filters) { + int count = getTypeCount(indexName, type); + int _count = count; + boolean scroll = false; + if (count > 10000) { + _count = 10000; + scroll = true; + } + + String keyField = filters.get(0); + StringBuilder filter_path = new StringBuilder("&filter_path=_scroll_id,"); + for (String _filter : filters) { + filter_path.append("hits.hits._source." + _filter + ","); + } + filter_path.deleteCharAt(filter_path.length() - 1); + + String endPoint = indexName + "/" + type + "/_search?scroll=1m" + filter_path.toString() + "&size=" + _count; + String payLoad = "{ \"query\": { \"match\": {\"latest\": true}}}"; + Map> _data = new HashMap<>(); + String scrollId = fetchDataAndScrollId(endPoint, _data, keyField, payLoad); + + if (scroll) { + count -= 10000; + do { + endPoint = "/_search/scroll?scroll=1m&scroll_id=" + scrollId + filter_path.toString(); + scrollId = fetchDataAndScrollId(endPoint, _data, keyField, null); + count -= 10000; + if (count <= 0) + scroll = false; + } while (scroll); + } + return _data; + } + + /** + * Fetch data and scroll id. + * + * @param endPoint + * the end point + * @param _data + * the data + * @param keyField + * the key field + * @param payLoad + * the pay load + * @return the string + */ + private static String fetchDataAndScrollId(String endPoint, Map> _data, String keyField, + String payLoad) { + try { + ObjectMapper objMapper = new ObjectMapper(); + Response response = invokeAPI("GET", endPoint, payLoad); + String responseJson = EntityUtils.toString(response.getEntity()); + JsonNode _info = objMapper.readTree(responseJson).at("/hits/hits"); + String scrollId = objMapper.readTree(responseJson).at("/_scroll_id").textValue(); + Iterator it = _info.elements(); + String doc; + Map docMap; + while (it.hasNext()) { + doc = it.next().fields().next().getValue().toString(); + docMap = objMapper.readValue(doc, new TypeReference>() { + }); + _data.put(docMap.get(keyField), docMap); + docMap.remove(keyField); + } + return scrollId; + } catch (ParseException | IOException e) { + LOGGER.error("Error in fetchDataAndScrollId" ,e ); + } + return ""; + } + + /** + * Fetch current count stats for asset groups. + * + * @param date + * the date + * @return the map + */ + @SuppressWarnings("unchecked") + public static Map>> fetchCurrentCountStatsForAssetGroups(String date) { + + Map>> asgInfoList = new HashMap<>(); + try { + ObjectMapper objMapper = new ObjectMapper(); + String payLoad = "{\"query\": { \"match\": { \"date\": \"" + date + "\"} }}"; + Response response = invokeAPI("GET", "assetgroup_stats/count_type/_search?size=10000", payLoad); + String responseJson = EntityUtils.toString(response.getEntity()); + + Map docMap = objMapper.readValue(responseJson, new TypeReference>() { + }); + List> docs = (List>) ((Map) docMap.get("hits")) + .get("hits"); + + for (Map doc : docs) { + Map _doc = (Map) doc.get("_source"); + + Map> typeInfo = asgInfoList.get(_doc.get("ag").toString()); + if (typeInfo == null) { + typeInfo = new HashMap<>(); + asgInfoList.put(_doc.get("ag").toString(), typeInfo); + } + + typeInfo.put(_doc.get("type").toString(), _doc); + _doc.remove("ag"); + _doc.remove("type"); + + } + } catch (ParseException | IOException e) { + LOGGER.error("Error in fetchCurrentCountStatsForAssetGroups" ,e ); + } + return asgInfoList; + } + + /** + * Creates the index. + * + * @param indexName + * the index name + */ + public static void createIndex(String indexName, List> errorList) { + if (!indexExists(indexName)) { + String payLoad = "{\"settings\": { \"index.mapping.ignore_malformed\": true }}"; + try { + invokeAPI("PUT", indexName, payLoad); + } catch (IOException e) { + LOGGER.error("Error in createIndex" ,e ); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Error in createIndex "+indexName); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + } + } + } + + /** + * Creates the type. + * + * @param indexName + * the index name + * @param typename + * the typename + */ + public static void createType(String indexName, String typename, List> errorList) { + if (!typeExists(indexName, typename)) { + String endPoint = indexName + "/_mapping/" + typename; + try { + invokeAPI("PUT", endPoint, "{ \"properties\":{}}"); + } catch (IOException e) { + LOGGER.error("Error in createType",e); + Map errorMap = new HashMap<>(); + errorMap.put(ERROR, "Error in createType "+typename); + errorMap.put(ERROR_TYPE, WARN); + errorMap.put(EXCEPTION, e.getMessage()); + errorList.add(errorMap); + } + } + } + + /** + * Creates the type. + * + * @param index the index + * @param type the type + * @param parent the parent + */ + public static void createType(String index, String type, String parent) { + if (!typeExists(index, type)) { + String endPoint = index + "/_mapping/" + type; + String payLoad = "{\"_parent\": { \"type\": \"" + parent + "\" } }"; + try { + invokeAPI("PUT", endPoint, payLoad); + } catch (IOException e) { + LOGGER.error("Error createType ", e); + } + } + } + + + /** + * added for uploading Child docs where parent id could be dervied from + * child. + * + * @param index the index + * @param type the type + * @param docs the docs + * @param parentKey the parent key + */ + public static void uploadData(String index, String type, List> docs, String[] parentKey) { + String actionTemplate = "{ \"index\" : { \"_index\" : \"%s\", \"_type\" : \"%s\", \"_parent\" : \"%s\" } }%n"; // added + // _parent + // node + + LOGGER.info("*********UPLOADING*** {}", type); + if (null != docs && !docs.isEmpty()) { + StringBuilder bulkRequest = new StringBuilder(); + int i = 0; + for (Map doc : docs) { + + StringBuilder _doc = new StringBuilder(new Gson().toJson(doc)); + String parent = Util.concatenate(doc, parentKey, "_"); + bulkRequest.append(String.format(actionTemplate, index, type, parent)); + bulkRequest.append(_doc + "\n"); + i++; + if (i % 1000 == 0 || bulkRequest.toString().getBytes().length / (1024 * 1024) > 5) { + bulkUpload(bulkRequest); + bulkRequest = new StringBuilder(); + } + } + if (bulkRequest.length() > 0) { + bulkUpload(bulkRequest); + } + } + } + + /** + * Delete old documents. + * + * @param index the index + * @param type the type + * @param field the field + * @param value the value + */ + public static void deleteOldDocuments(String index, String type, String field, String value) { + String deleteJson = "{\"query\": {\"bool\": {\"must_not\": [{ \"match\": {\"" + field + "\":\"" + value + + "\"}}]}}}"; + try { + invokeAPI("POST", index + "/" + type + "/" + "_delete_by_query", deleteJson); + } catch (IOException e) { + LOGGER.error("Error deleteOldDocuments ", e); + } + } + + public static void updateLoadDate(String index, String type, String accountId, String region, String loaddate,boolean checkLatest) { + LOGGER.info("Error records are handled for Account : {} Type : {} Region: {} ",accountId,type,region ); + StringBuilder updateJson = new StringBuilder("{\"script\":{\"inline\":\"ctx._source._loaddate= '"); + updateJson.append(loaddate).append("'\"},\"query\":{\"bool\":{\"must\":["); + updateJson.append("{\"match\":{\"accountid\":\""); + updateJson.append(accountId); + updateJson.append("\"}}"); + if(!Strings.isNullOrEmpty(region)) { + updateJson.append(",{\"match\":{\"region.keyword\":\""); + updateJson.append(region); + updateJson.append("\"}}"); + } + if(checkLatest){ + updateJson.append(",{\"match\":{\"latest\":true }}"); + + } + updateJson.append("]}}}"); + try { + invokeAPI("POST", index + "/" + type + "/" + "_update_by_query", updateJson.toString()); + } catch (IOException e) { + LOGGER.error("Error in updateLoadDate",e); + } + } +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/exception/UnAuthorisedException.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/exception/UnAuthorisedException.java index 151ece6e7..5fc4bf4a5 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/exception/UnAuthorisedException.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/exception/UnAuthorisedException.java @@ -1,22 +1,22 @@ -package com.tmobile.cso.pacman.datashipper.exception; - -public class UnAuthorisedException extends Exception { - /** - * - */ - private static final long serialVersionUID = 1L; - - /** - * - */ - public UnAuthorisedException() { - } - - /** - * - */ - public UnAuthorisedException(String msg) { - super(msg); - } - -} +package com.tmobile.cso.pacman.datashipper.exception; + +public class UnAuthorisedException extends Exception { + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * + */ + public UnAuthorisedException() { + } + + /** + * + */ + public UnAuthorisedException(String msg) { + super(msg); + } + +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtil.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtil.java index 9bcc35490..5df5eb354 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtil.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtil.java @@ -1,365 +1,365 @@ -package com.tmobile.cso.pacman.datashipper.util; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.stream.Collectors; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.gson.JsonArray; -import com.google.gson.JsonElement; -import com.google.gson.JsonObject; -import com.google.gson.JsonParser; - -/** - * The Class AssetGroupUtil. - */ -public class AssetGroupUtil { - - /** The Constant log. */ - private static final Logger LOGGER = LoggerFactory.getLogger(AssetGroupUtil.class); - - private static final String DISTRIBUTION = "distribution"; - private static final String SEVERITY = "severity"; - private static final String COUNT = "count"; - private static final String OUTPUT = "output" ; - private static final String TOTAL = "total" ; - private static final String COMPLIANT = "compliant"; - private static final String NON_COMPLIANT = "noncompliant" ; - private static final String DOMAIN = "domain"; - private AssetGroupUtil(){ - - } - /** - * Fetch asset groups. - * - * @param asstApiUri - * the asst api uri - * @return the map - * @throws Exception - */ - @SuppressWarnings("unchecked") - public static Map> fetchAssetGroups(String asstApiUri,String token) throws Exception { - String assetGroupJson = HttpUtil.get(asstApiUri + "/list/assetgroup",token); - Map assetInfoMap = Util.parseJson(assetGroupJson); - Map> assetGroups = new HashMap<>(); - if (!assetInfoMap.isEmpty()) { - assetGroups = ((List>) assetInfoMap.get("data")).stream().collect( - Collectors.toMap(obj -> obj.get("name").toString(), obj -> (List) obj.get("domains"))); - } - return assetGroups; - } - - /** - * Fetch type counts. - * - * @param asstApiUri - * the asst api uri - * @param ag - * the ag - * @return the list - * @throws Exception - */ - @SuppressWarnings("unchecked") - public static List> fetchTypeCounts(String asstApiUri, String ag,String token) throws Exception { - - String typeCountJson = HttpUtil.get(asstApiUri + "/count?ag=" + ag,token); - Map typeCountMap = Util.parseJson(typeCountJson); - List> typeCounts = new ArrayList<>(); - try { - typeCounts = (List>) ((Map) typeCountMap.get("data")).get("assetcount"); - } catch (Exception e) { - LOGGER.error("Error in fetchTypeCounts",e); - throw e; - } - return typeCounts; - } - - /** - * Fetch patching compliance. - * - * @param api - * the api - * @param ag - * the ag - * @return the map - * @throws Exception - */ - - public static Map fetchPatchingCompliance(String api, String ag ,String token) throws Exception { - Map patchingInfo = new HashMap<>(); - try { - String responseJson = HttpUtil.get(api + "/patching?ag=" + ag,token); - Map vulnMap = Util.parseJson(responseJson); - @SuppressWarnings("unchecked") - Map> data = (Map>) vulnMap.get("data"); - Map output = data.get(OUTPUT); - if (output != null) - patchingInfo.putAll(data.get(OUTPUT)); - } catch (Exception e) { - LOGGER.error("Error in fetchVulnCount",e); - throw e; - } - return patchingInfo; - } - - /** - * Fetch vuln distribution. - * - * @param api - * the api - * @param ag - * the ag - * @return the list - * @throws Exception - */ - @SuppressWarnings("unchecked") - public static List> fetchVulnDistribution(String api, String ag ,String token) throws Exception { - - List> vulnInfo = new ArrayList<>(); - try { - String typeCountJson = HttpUtil.get(api + "/vulnerabilities/distribution?ag=" + ag,token); - Map vulnMap = Util.parseJson(typeCountJson); - Map>> data = (Map>>) vulnMap.get("data"); - List> apps = data.get("response"); - for (Map app : apps) { - String application = app.get("application").toString(); - List> envs = (List>) app.get("applicationInfo"); - for (Map env : envs) { - String environment = env.get("environment").toString(); - List> sevinfo = (List>) env.get("severityInfo"); - for (Map sev : sevinfo) { - Map vuln = new HashMap<>(); - vuln.put("tags.Application", application); - vuln.put("tags.Environment", environment); - vuln.put("severitylevel", sev.get("severitylevel")); - vuln.put(SEVERITY, sev.get(SEVERITY)); - vuln.put(COUNT, sev.get(COUNT)); - vulnInfo.add(vuln); - } - } - } - - } catch (Exception e) { - LOGGER.error("Error in fetchVulnDistribution" , e); - throw e; - } - return vulnInfo; - } - - /** - * Fetch compliance info. - * - * @param apiUrl - * the api url - * @param ag - * the ag - * @param domains - * the domains - * @return the list - * @throws Exception - */ - @SuppressWarnings("unchecked") - public static List> fetchComplianceInfo(String apiUrl, String ag, List domains ,String token) throws Exception { - List> compInfo = new ArrayList<>(); - try { - for (String domain : domains) { - String typeCountJson = HttpUtil - .get(apiUrl + "/overallcompliance?ag=" + ag + "&domain=" + Util.encodeUrl(domain),token); - Map complianceMap = Util.parseJson(typeCountJson); - Map> data = (Map>) complianceMap.get("data"); - Map complianceStats = data.get(DISTRIBUTION); - if (complianceStats != null) { - complianceStats.put(DOMAIN, domain); - compInfo.add(complianceStats); - } - } - } catch (Exception e) { - LOGGER.error("Error in fetchComplianceInfo" , e); - throw e; - } - return compInfo; - } - - /** - * Fetch rule compliance info. - * - * @param compapiuri - * the compapiuri - * @param ag - * the ag - * @param domains - * the domains - * @return the list - * @throws Exception - */ - public static List> fetchRuleComplianceInfo(String compapiuri, String ag, - List domains ,String token) throws Exception { - - List> ruleInfoList = new ArrayList<>(); - try { - for (String domain : domains) { - String ruleCommplianceInfo = HttpUtil.post(compapiuri + "/noncompliancepolicy", - "{\"ag\":\"" + ag + "\",\"filter\":{\"domain\":\"" + domain + "\"}}",token,"Bearer"); - JsonObject response = new JsonParser().parse(ruleCommplianceInfo).getAsJsonObject(); - JsonArray ruleInfoListJson = response.get("data").getAsJsonObject().get("response").getAsJsonArray(); - JsonObject ruleinfoJson; - Map ruleInfo; - for (JsonElement _ruleinfo : ruleInfoListJson) { - ruleinfoJson = _ruleinfo.getAsJsonObject(); - ruleInfo = new HashMap<>(); - ruleInfo.put(DOMAIN, domain); - ruleInfo.put("ruleId", ruleinfoJson.get("ruleId").getAsString()); - ruleInfo.put("compliance_percent", ruleinfoJson.get("compliance_percent").getAsDouble()); - ruleInfo.put(TOTAL, ruleinfoJson.get("assetsScanned").getAsLong()); - ruleInfo.put(COMPLIANT, ruleinfoJson.get("passed").getAsLong()); - ruleInfo.put(NON_COMPLIANT, ruleinfoJson.get("failed").getAsLong()); - ruleInfo.put("contribution_percent", ruleinfoJson.get("contribution_percent").getAsDouble()); - ruleInfoList.add(ruleInfo); - } - } - } catch (Exception e) { - LOGGER.error("Error retrieving Rule Compliance Info" , e); - throw e; - } - return ruleInfoList; - } - - /** - * Fetch vuln summary. - * - * @param compapiuri - * the compapiuri - * @param ag - * the ag - * @return the map - * @throws Exception - */ - public static Map fetchVulnSummary(String compapiuri, String ag ,String token) throws Exception { - Map vulnSummary = new HashMap<>(); - try { - String vulnSummaryResponse = HttpUtil.get(compapiuri + "/vulnerabilites?ag=" + ag,token); - JsonObject vulnSummaryJson = new JsonParser().parse(vulnSummaryResponse).getAsJsonObject(); - JsonObject vulnJsonObj = vulnSummaryJson.get("data").getAsJsonObject().get(OUTPUT).getAsJsonObject(); - long total = vulnJsonObj.get("hosts").getAsLong(); - long noncompliant = vulnJsonObj.get("totalVulnerableAssets").getAsLong(); - vulnSummary.put(TOTAL, total); - vulnSummary.put(NON_COMPLIANT, noncompliant); - vulnSummary.put(COMPLIANT, total - noncompliant); - } catch (Exception e) { - LOGGER.error("Error retrieving vuln sumamary " , e); - throw e; - } - return vulnSummary; - } - - /** - * Fetch tagging summary. - * - * @param compapiuri - * the compapiuri - * @param ag - * the ag - * @return the map - * @throws Exception - */ - public static Map fetchTaggingSummary(String compapiuri, String ag ,String token) throws Exception { - Map taggingSummary = new HashMap<>(); - try { - String taggingSummaryResponse = HttpUtil.get(compapiuri + "/tagging?ag=" + ag,token); - JsonObject taggingSummaryJson = new JsonParser().parse(taggingSummaryResponse).getAsJsonObject(); - JsonObject taggingJsonObj = taggingSummaryJson.get("data").getAsJsonObject().get(OUTPUT) - .getAsJsonObject(); - long total = taggingJsonObj.get("assets").getAsLong(); - long noncompliant = taggingJsonObj.get("untagged").getAsLong(); - long compliant = taggingJsonObj.get("tagged").getAsLong(); - taggingSummary.put(TOTAL, total); - taggingSummary.put(NON_COMPLIANT, noncompliant); - taggingSummary.put(COMPLIANT, compliant); - } catch (Exception e) { - LOGGER.error("Error retrieving tagging sumamary " , e); - throw e; - } - return taggingSummary; - } - - /** - * Fetch cert summary. - * - * @param compapiuri - * the compapiuri - * @param ag - * the ag - * @return the map - * @throws Exception - */ - public static Map fetchCertSummary(String compapiuri, String ag ,String token) throws Exception { - Map certSummary = new HashMap<>(); - try { - String certSummaryResponse = HttpUtil.get(compapiuri + "/certificates?ag=" + ag,token); - JsonObject certSummaryJson = new JsonParser().parse(certSummaryResponse).getAsJsonObject(); - JsonObject certJsonObj = certSummaryJson.get("data").getAsJsonObject().get(OUTPUT).getAsJsonObject(); - long total = certJsonObj.get("certificates").getAsLong(); - long noncompliant = certJsonObj.get("certificates_expiring").getAsLong(); - long compliant = total - noncompliant; - certSummary.put(TOTAL, total); - certSummary.put(NON_COMPLIANT, noncompliant); - certSummary.put(COMPLIANT, compliant); - } catch (Exception e) { - LOGGER.error("Error retrieving cert sumamary " , e); - throw e; - } - return certSummary; - } - - /** - * Fetch issues info. - * - * @param compapiuri - * the compapiuri - * @param ag - * the ag - * @param domains - * the domains - * @return the list - * @throws Exception - */ - public static List> fetchIssuesInfo(String compapiuri, String ag, List domains ,String token) throws Exception { - List> issueInfoList = new ArrayList<>(); - Map issuesInfo; - try { - for (String domain : domains) { - String distributionResponse = HttpUtil - .get(compapiuri + "/issues/distribution?ag=" + ag + "&domain=" + Util.encodeUrl(domain),token); - JsonObject distributionJson = new JsonParser().parse(distributionResponse).getAsJsonObject(); - JsonObject distributionObj = distributionJson.get("data").getAsJsonObject().get(DISTRIBUTION) - .getAsJsonObject(); - issuesInfo = new HashMap<>(); - issuesInfo.put(DOMAIN, domain); - issuesInfo.put(TOTAL, distributionObj.get("total_issues").getAsLong()); - JsonObject distributionSeverity = distributionObj.get("distribution_by_severity").getAsJsonObject(); - JsonObject distributionCategory = distributionObj.get("distribution_ruleCategory").getAsJsonObject(); - - Set severityKeys = distributionSeverity.keySet(); - for (String severityKey : severityKeys) { - issuesInfo.put(severityKey, distributionSeverity.get(severityKey).getAsLong()); - } - - Set categoryKeys = distributionCategory.keySet(); - for (String categoryKey : categoryKeys) { - issuesInfo.put(categoryKey, distributionCategory.get(categoryKey).getAsLong()); - } - issueInfoList.add(issuesInfo); - } - - } catch (Exception e) { - LOGGER.error("Error retrieving issues info " , e); - throw e; - } - return issueInfoList; - } -} +package com.tmobile.cso.pacman.datashipper.util; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; + +/** + * The Class AssetGroupUtil. + */ +public class AssetGroupUtil { + + /** The Constant log. */ + private static final Logger LOGGER = LoggerFactory.getLogger(AssetGroupUtil.class); + + private static final String DISTRIBUTION = "distribution"; + private static final String SEVERITY = "severity"; + private static final String COUNT = "count"; + private static final String OUTPUT = "output" ; + private static final String TOTAL = "total" ; + private static final String COMPLIANT = "compliant"; + private static final String NON_COMPLIANT = "noncompliant" ; + private static final String DOMAIN = "domain"; + private AssetGroupUtil(){ + + } + /** + * Fetch asset groups. + * + * @param asstApiUri + * the asst api uri + * @return the map + * @throws Exception + */ + @SuppressWarnings("unchecked") + public static Map> fetchAssetGroups(String asstApiUri,String token) throws Exception { + String assetGroupJson = HttpUtil.get(asstApiUri + "/list/assetgroup",token); + Map assetInfoMap = Util.parseJson(assetGroupJson); + Map> assetGroups = new HashMap<>(); + if (!assetInfoMap.isEmpty()) { + assetGroups = ((List>) assetInfoMap.get("data")).stream().collect( + Collectors.toMap(obj -> obj.get("name").toString(), obj -> (List) obj.get("domains"))); + } + return assetGroups; + } + + /** + * Fetch type counts. + * + * @param asstApiUri + * the asst api uri + * @param ag + * the ag + * @return the list + * @throws Exception + */ + @SuppressWarnings("unchecked") + public static List> fetchTypeCounts(String asstApiUri, String ag,String token) throws Exception { + + String typeCountJson = HttpUtil.get(asstApiUri + "/count?ag=" + ag,token); + Map typeCountMap = Util.parseJson(typeCountJson); + List> typeCounts = new ArrayList<>(); + try { + typeCounts = (List>) ((Map) typeCountMap.get("data")).get("assetcount"); + } catch (Exception e) { + LOGGER.error("Error in fetchTypeCounts",e); + throw e; + } + return typeCounts; + } + + /** + * Fetch patching compliance. + * + * @param api + * the api + * @param ag + * the ag + * @return the map + * @throws Exception + */ + + public static Map fetchPatchingCompliance(String api, String ag ,String token) throws Exception { + Map patchingInfo = new HashMap<>(); + try { + String responseJson = HttpUtil.get(api + "/patching?ag=" + ag,token); + Map vulnMap = Util.parseJson(responseJson); + @SuppressWarnings("unchecked") + Map> data = (Map>) vulnMap.get("data"); + Map output = data.get(OUTPUT); + if (output != null) + patchingInfo.putAll(data.get(OUTPUT)); + } catch (Exception e) { + LOGGER.error("Error in fetchVulnCount",e); + throw e; + } + return patchingInfo; + } + + /** + * Fetch vuln distribution. + * + * @param api + * the api + * @param ag + * the ag + * @return the list + * @throws Exception + */ + @SuppressWarnings("unchecked") + public static List> fetchVulnDistribution(String api, String ag ,String token) throws Exception { + + List> vulnInfo = new ArrayList<>(); + try { + String typeCountJson = HttpUtil.get(api + "/vulnerabilities/distribution?ag=" + ag,token); + Map vulnMap = Util.parseJson(typeCountJson); + Map>> data = (Map>>) vulnMap.get("data"); + List> apps = data.get("response"); + for (Map app : apps) { + String application = app.get("application").toString(); + List> envs = (List>) app.get("applicationInfo"); + for (Map env : envs) { + String environment = env.get("environment").toString(); + List> sevinfo = (List>) env.get("severityInfo"); + for (Map sev : sevinfo) { + Map vuln = new HashMap<>(); + vuln.put("tags.Application", application); + vuln.put("tags.Environment", environment); + vuln.put("severitylevel", sev.get("severitylevel")); + vuln.put(SEVERITY, sev.get(SEVERITY)); + vuln.put(COUNT, sev.get(COUNT)); + vulnInfo.add(vuln); + } + } + } + + } catch (Exception e) { + LOGGER.error("Error in fetchVulnDistribution" , e); + throw e; + } + return vulnInfo; + } + + /** + * Fetch compliance info. + * + * @param apiUrl + * the api url + * @param ag + * the ag + * @param domains + * the domains + * @return the list + * @throws Exception + */ + @SuppressWarnings("unchecked") + public static List> fetchComplianceInfo(String apiUrl, String ag, List domains ,String token) throws Exception { + List> compInfo = new ArrayList<>(); + try { + for (String domain : domains) { + String typeCountJson = HttpUtil + .get(apiUrl + "/overallcompliance?ag=" + ag + "&domain=" + Util.encodeUrl(domain),token); + Map complianceMap = Util.parseJson(typeCountJson); + Map> data = (Map>) complianceMap.get("data"); + Map complianceStats = data.get(DISTRIBUTION); + if (complianceStats != null) { + complianceStats.put(DOMAIN, domain); + compInfo.add(complianceStats); + } + } + } catch (Exception e) { + LOGGER.error("Error in fetchComplianceInfo" , e); + throw e; + } + return compInfo; + } + + /** + * Fetch rule compliance info. + * + * @param compapiuri + * the compapiuri + * @param ag + * the ag + * @param domains + * the domains + * @return the list + * @throws Exception + */ + public static List> fetchRuleComplianceInfo(String compapiuri, String ag, + List domains ,String token) throws Exception { + + List> ruleInfoList = new ArrayList<>(); + try { + for (String domain : domains) { + String ruleCommplianceInfo = HttpUtil.post(compapiuri + "/noncompliancepolicy", + "{\"ag\":\"" + ag + "\",\"filter\":{\"domain\":\"" + domain + "\"}}",token,"Bearer"); + JsonObject response = new JsonParser().parse(ruleCommplianceInfo).getAsJsonObject(); + JsonArray ruleInfoListJson = response.get("data").getAsJsonObject().get("response").getAsJsonArray(); + JsonObject ruleinfoJson; + Map ruleInfo; + for (JsonElement _ruleinfo : ruleInfoListJson) { + ruleinfoJson = _ruleinfo.getAsJsonObject(); + ruleInfo = new HashMap<>(); + ruleInfo.put(DOMAIN, domain); + ruleInfo.put("ruleId", ruleinfoJson.get("ruleId").getAsString()); + ruleInfo.put("compliance_percent", ruleinfoJson.get("compliance_percent").getAsDouble()); + ruleInfo.put(TOTAL, ruleinfoJson.get("assetsScanned").getAsLong()); + ruleInfo.put(COMPLIANT, ruleinfoJson.get("passed").getAsLong()); + ruleInfo.put(NON_COMPLIANT, ruleinfoJson.get("failed").getAsLong()); + ruleInfo.put("contribution_percent", ruleinfoJson.get("contribution_percent").getAsDouble()); + ruleInfoList.add(ruleInfo); + } + } + } catch (Exception e) { + LOGGER.error("Error retrieving Rule Compliance Info" , e); + throw e; + } + return ruleInfoList; + } + + /** + * Fetch vuln summary. + * + * @param compapiuri + * the compapiuri + * @param ag + * the ag + * @return the map + * @throws Exception + */ + public static Map fetchVulnSummary(String compapiuri, String ag ,String token) throws Exception { + Map vulnSummary = new HashMap<>(); + try { + String vulnSummaryResponse = HttpUtil.get(compapiuri + "/vulnerabilites?ag=" + ag,token); + JsonObject vulnSummaryJson = new JsonParser().parse(vulnSummaryResponse).getAsJsonObject(); + JsonObject vulnJsonObj = vulnSummaryJson.get("data").getAsJsonObject().get(OUTPUT).getAsJsonObject(); + long total = vulnJsonObj.get("hosts").getAsLong(); + long noncompliant = vulnJsonObj.get("totalVulnerableAssets").getAsLong(); + vulnSummary.put(TOTAL, total); + vulnSummary.put(NON_COMPLIANT, noncompliant); + vulnSummary.put(COMPLIANT, total - noncompliant); + } catch (Exception e) { + LOGGER.error("Error retrieving vuln sumamary " , e); + throw e; + } + return vulnSummary; + } + + /** + * Fetch tagging summary. + * + * @param compapiuri + * the compapiuri + * @param ag + * the ag + * @return the map + * @throws Exception + */ + public static Map fetchTaggingSummary(String compapiuri, String ag ,String token) throws Exception { + Map taggingSummary = new HashMap<>(); + try { + String taggingSummaryResponse = HttpUtil.get(compapiuri + "/tagging?ag=" + ag,token); + JsonObject taggingSummaryJson = new JsonParser().parse(taggingSummaryResponse).getAsJsonObject(); + JsonObject taggingJsonObj = taggingSummaryJson.get("data").getAsJsonObject().get(OUTPUT) + .getAsJsonObject(); + long total = taggingJsonObj.get("assets").getAsLong(); + long noncompliant = taggingJsonObj.get("untagged").getAsLong(); + long compliant = taggingJsonObj.get("tagged").getAsLong(); + taggingSummary.put(TOTAL, total); + taggingSummary.put(NON_COMPLIANT, noncompliant); + taggingSummary.put(COMPLIANT, compliant); + } catch (Exception e) { + LOGGER.error("Error retrieving tagging sumamary " , e); + throw e; + } + return taggingSummary; + } + + /** + * Fetch cert summary. + * + * @param compapiuri + * the compapiuri + * @param ag + * the ag + * @return the map + * @throws Exception + */ + public static Map fetchCertSummary(String compapiuri, String ag ,String token) throws Exception { + Map certSummary = new HashMap<>(); + try { + String certSummaryResponse = HttpUtil.get(compapiuri + "/certificates?ag=" + ag,token); + JsonObject certSummaryJson = new JsonParser().parse(certSummaryResponse).getAsJsonObject(); + JsonObject certJsonObj = certSummaryJson.get("data").getAsJsonObject().get(OUTPUT).getAsJsonObject(); + long total = certJsonObj.get("certificates").getAsLong(); + long noncompliant = certJsonObj.get("certificates_expiring").getAsLong(); + long compliant = total - noncompliant; + certSummary.put(TOTAL, total); + certSummary.put(NON_COMPLIANT, noncompliant); + certSummary.put(COMPLIANT, compliant); + } catch (Exception e) { + LOGGER.error("Error retrieving cert sumamary " , e); + throw e; + } + return certSummary; + } + + /** + * Fetch issues info. + * + * @param compapiuri + * the compapiuri + * @param ag + * the ag + * @param domains + * the domains + * @return the list + * @throws Exception + */ + public static List> fetchIssuesInfo(String compapiuri, String ag, List domains ,String token) throws Exception { + List> issueInfoList = new ArrayList<>(); + Map issuesInfo; + try { + for (String domain : domains) { + String distributionResponse = HttpUtil + .get(compapiuri + "/issues/distribution?ag=" + ag + "&domain=" + Util.encodeUrl(domain),token); + JsonObject distributionJson = new JsonParser().parse(distributionResponse).getAsJsonObject(); + JsonObject distributionObj = distributionJson.get("data").getAsJsonObject().get(DISTRIBUTION) + .getAsJsonObject(); + issuesInfo = new HashMap<>(); + issuesInfo.put(DOMAIN, domain); + issuesInfo.put(TOTAL, distributionObj.get("total_issues").getAsLong()); + JsonObject distributionSeverity = distributionObj.get("distribution_by_severity").getAsJsonObject(); + JsonObject distributionCategory = distributionObj.get("distribution_ruleCategory").getAsJsonObject(); + + Set severityKeys = distributionSeverity.keySet(); + for (String severityKey : severityKeys) { + issuesInfo.put(severityKey, distributionSeverity.get(severityKey).getAsLong()); + } + + Set categoryKeys = distributionCategory.keySet(); + for (String categoryKey : categoryKeys) { + issuesInfo.put(categoryKey, distributionCategory.get(categoryKey).getAsLong()); + } + issueInfoList.add(issuesInfo); + } + + } catch (Exception e) { + LOGGER.error("Error retrieving issues info " , e); + throw e; + } + return issueInfoList; + } +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AuthManager.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AuthManager.java index 263bb1cc8..1155c29e3 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AuthManager.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AuthManager.java @@ -1,75 +1,75 @@ -package com.tmobile.cso.pacman.datashipper.util; - -import java.util.Map; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class AuthManager { - - private static final Logger LOGGER = LoggerFactory.getLogger(AuthManager.class); - private static final String AUTH_API_URL = System.getenv("AUTH_API_URL"); - - private static AccessToken accessToken ; - - private AuthManager(){ - - } - private static void authorise() throws Exception{ - LOGGER.info("Called Authorise"); - String credentials = System.getProperty(Constants.API_AUTH_INFO); - String response = HttpUtil.post(AUTH_API_URL+"/oauth/token?grant_type=client_credentials","",credentials,"Basic"); - Map authInfo = Util.parseJson(response); - Object token = authInfo.get("access_token"); - Object expiresIn = authInfo.get("expires_in"); // In seconds - if( token!=null){ - long tokenExpiresAt = System.currentTimeMillis() + Long.valueOf(expiresIn.toString())*1000 - (20*1000) ; // 20 second buffer - accessToken = new AccessToken(token.toString(), tokenExpiresAt); - } - } - - public static String getToken(){ - if(!isTokenValid()){ - try { - authorise(); - } catch (Exception e) { - LOGGER.error("Authorisation Failed",e); - } - } - if(accessToken!=null) - return accessToken.getToken(); - else - return ""; - } - - private static boolean isTokenValid(){ - return accessToken !=null && accessToken.getExpiresAt() > System.currentTimeMillis(); - } - -} - -class AccessToken { - private String token; - private long expiresAt; - - AccessToken(String token, long expiresAt){ - this.token = token; - this.expiresAt = expiresAt; - } - public String getToken() { - return token; - } - public void setToken(String token) { - this.token = token; - } - public long getExpiresAt() { - return expiresAt; - } - public void setExpiresAt(long expiresAt) { - this.expiresAt = expiresAt; - } - public String toString(){ - return "Token:"+token+" ,ExpiresIn (sec)"+ (expiresAt- System.currentTimeMillis())/1000; - } - -} +package com.tmobile.cso.pacman.datashipper.util; + +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class AuthManager { + + private static final Logger LOGGER = LoggerFactory.getLogger(AuthManager.class); + private static final String AUTH_API_URL = System.getenv("AUTH_API_URL"); + + private static AccessToken accessToken ; + + private AuthManager(){ + + } + private static void authorise() throws Exception{ + LOGGER.info("Called Authorise"); + String credentials = System.getProperty(Constants.API_AUTH_INFO); + String response = HttpUtil.post(AUTH_API_URL+"/oauth/token?grant_type=client_credentials","",credentials,"Basic"); + Map authInfo = Util.parseJson(response); + Object token = authInfo.get("access_token"); + Object expiresIn = authInfo.get("expires_in"); // In seconds + if( token!=null){ + long tokenExpiresAt = System.currentTimeMillis() + Long.valueOf(expiresIn.toString())*1000 - (20*1000) ; // 20 second buffer + accessToken = new AccessToken(token.toString(), tokenExpiresAt); + } + } + + public static String getToken(){ + if(!isTokenValid()){ + try { + authorise(); + } catch (Exception e) { + LOGGER.error("Authorisation Failed",e); + } + } + if(accessToken!=null) + return accessToken.getToken(); + else + return ""; + } + + private static boolean isTokenValid(){ + return accessToken !=null && accessToken.getExpiresAt() > System.currentTimeMillis(); + } + +} + +class AccessToken { + private String token; + private long expiresAt; + + AccessToken(String token, long expiresAt){ + this.token = token; + this.expiresAt = expiresAt; + } + public String getToken() { + return token; + } + public void setToken(String token) { + this.token = token; + } + public long getExpiresAt() { + return expiresAt; + } + public void setExpiresAt(long expiresAt) { + this.expiresAt = expiresAt; + } + public String toString(){ + return "Token:"+token+" ,ExpiresIn (sec)"+ (expiresAt- System.currentTimeMillis())/1000; + } + +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AuthUtil.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AuthUtil.java deleted file mode 100644 index 0124aea36..000000000 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/AuthUtil.java +++ /dev/null @@ -1,18 +0,0 @@ -package com.tmobile.cso.pacman.datashipper.util; - -import java.util.Map; - -public class AuthUtil { - - public static String authorise(String authApi,String authToken) throws Exception{ - String response = HttpUtil.post(authApi+"/oauth/token?grant_type=client_credentials","",authToken,"Basic"); - Map authInfo = Util.parseJson(response); - Object accssToken = authInfo.get("access_token"); - if( accssToken!=null){ - return accssToken.toString(); - } - return ""; - - } - -} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/ConfigUtil.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/ConfigUtil.java new file mode 100644 index 000000000..ab9f58717 --- /dev/null +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/ConfigUtil.java @@ -0,0 +1,63 @@ +package com.tmobile.cso.pacman.datashipper.util; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; + +public class ConfigUtil { + + private static final Logger LOGGER = LoggerFactory.getLogger(ConfigUtil.class); + + public static void setConfigProperties(String configCreds) throws Exception{ + Properties properties = new Properties(); + properties.putAll(System.getProperties()); + properties.putAll(fetchConfigProperties(configCreds)); + System.setProperties(properties); + } + + @SuppressWarnings("unchecked") + public static Map fetchConfigProperties(String configCreds) throws Exception { + + Map properties = new HashMap<>(); + + String configUrl = System.getenv("CONFIG_URL"); + ObjectMapper objectMapper = new ObjectMapper(); + try { + Map appProps = new HashMap<>(); + Map batchProps = new HashMap<>(); + Map invProps = new HashMap<>(); + Map response = objectMapper.readValue(HttpUtil.httpGetMethodWithHeaders(configUrl, Util.getHeader(configCreds)), new TypeReference>(){}); + List> propertySources = (List>)response.get("propertySources"); + for(Map propertySource : propertySources) { + if(propertySource.get(Constants.NAME).toString().contains("application")) { + appProps.putAll((Map)propertySource.get(Constants.SOURCE)); + } + if(propertySource.get(Constants.NAME).toString().contains("batch")) { + batchProps.putAll((Map)propertySource.get(Constants.SOURCE)); + } + if(propertySource.get(Constants.NAME).toString().contains("data-shipper")) { + invProps.putAll((Map)propertySource.get(Constants.SOURCE)); + } + properties.putAll(appProps); + properties.putAll(batchProps); + properties.putAll(invProps); + } + } catch (Exception e) { + LOGGER.error("Error in fetchConfigProperties",e); + throw e; + } + if(properties.isEmpty()){ + throw new Exception("No config properties fetched from "+configUrl); + } + LOGGER.info("Config are feteched from {}",configUrl); + properties.forEach((k,v)-> LOGGER.debug("{} : {} ",k,v)); + return properties; + } +} diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Constants.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Constants.java index 7a977d69b..d6ec74a7b 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Constants.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Constants.java @@ -6,40 +6,31 @@ */ public interface Constants { - /** The redshift user. */ - String REDSHIFT_USER = "REDSHIFT-USER-ID"; - - /** The redshift pwd. */ - String REDSHIFT_PWD = "REDSHIFT-PWD"; + String RDS_DB_URL = "spring.datasource.url"; /** The rds user. */ - String RDS_USER = "RDS-USER-ID"; + String RDS_USER = "spring.datasource.username"; /** The rds pwd. */ - String RDS_PWD = "RDS-PWD"; - - /** The config svc user. */ - String CONFIG_SVC_USER = "CNFG-SVC-USER-ID"; - - /** The config svc pwd. */ - String CONFIG_SVC_PWD = "CNFG-SVC-USER-PWD"; - - /** The redshfit param. */ - String REDSHFIT_PARAM = "redshiftinfo"; - - /** The config svc param. */ - String CONFIG_SVC_PARAM = "typesvcconfig"; - - /** The rds param. */ - Object RDS_PARAM = "rdsinfo"; + String RDS_PWD = "spring.datasource.password"; + /** The target type info. */ String TARGET_TYPE_INFO = "targetTypes"; + String CONFIG_CREDS = "config_creds"; + + + /** The target type info. */ + String TARGET_TYPE_OUTSCOPE = "typesNotInScope"; + /** The API User:Password */ String API_AUTH_INFO = "apiauthinfo"; String CONFIG_QUERY = "configquery"; + + String CONFIG_URL = "CONFIG_URL"; + /** The failed. */ String FAILED = "failed"; @@ -58,4 +49,10 @@ public interface Constants { /** The fatal. */ String FATAL = "fatal"; + + String SOURCE = "source"; + + String NAME = "name"; + + } diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/ErrorManageUtil.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/ErrorManageUtil.java index 0a88a9507..89f5dd34f 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/ErrorManageUtil.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/ErrorManageUtil.java @@ -1,51 +1,51 @@ -package com.tmobile.cso.pacman.datashipper.util; - -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class ErrorManageUtil implements Constants{ - - private ErrorManageUtil() { - - } - - public static Map formErrorCode(String job, List> errorList) { - Map errorCode = new HashMap<>(); - errorCode.put("job", job); - - SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); - errorCode.put("date", sdf.format(new Date())); - - String status = ""; - - List> errors = new ArrayList<>(); - if(!errorList.isEmpty()) { - for(Map errorDetail :errorList) { - Map error = new HashMap<>(); - error.put(ERROR, errorDetail.get(ERROR)); - - List> details = new ArrayList<>(); - Map detail = new HashMap<>(); - detail.put(EXCEPTION,errorDetail.get(EXCEPTION)); - details.add(detail); - error.put("details",details); - errors.add(error); - - if(!FAILED.equalsIgnoreCase(status)) { - status = (FATAL.equalsIgnoreCase(errorDetail.get(ERROR_TYPE))) ? FAILED:"partial failed"; - } - } - } - else { - status = "success"; - } - - errorCode.put("errors", errors); - errorCode.put("status", status); - return errorCode; - } +package com.tmobile.cso.pacman.datashipper.util; + +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class ErrorManageUtil implements Constants{ + + private ErrorManageUtil() { + + } + + public static Map formErrorCode(String job, List> errorList) { + Map errorCode = new HashMap<>(); + errorCode.put("jobName", job); + + SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + errorCode.put("executionEndDate", sdf.format(new Date())); + + String status = ""; + + List> errors = new ArrayList<>(); + if(!errorList.isEmpty()) { + for(Map errorDetail :errorList) { + Map error = new HashMap<>(); + error.put(ERROR, errorDetail.get(ERROR)); + + List> details = new ArrayList<>(); + Map detail = new HashMap<>(); + detail.put(EXCEPTION,errorDetail.get(EXCEPTION)); + details.add(detail); + error.put("details",details); + errors.add(error); + + if(!FAILED.equalsIgnoreCase(status)) { + status = (FATAL.equalsIgnoreCase(errorDetail.get(ERROR_TYPE))) ? FAILED:"partial failed"; + } + } + } + else { + status = "success"; + } + + errorCode.put("errors", errors); + errorCode.put("status", status); + return errorCode; + } } \ No newline at end of file diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/HttpUtil.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/HttpUtil.java index e8ec2f351..e9c20f1d5 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/HttpUtil.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/HttpUtil.java @@ -5,9 +5,11 @@ import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; +import java.util.Map; import org.apache.http.HttpResponse; import org.apache.http.HttpStatus; +import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; import org.apache.http.conn.ssl.NoopHostnameVerifier; @@ -24,8 +26,6 @@ import com.google.common.base.Strings; import com.tmobile.cso.pacman.datashipper.exception.UnAuthorisedException; -import ch.qos.logback.core.net.SyslogOutputStream; - /** * The Class HttpUtil. @@ -124,4 +124,28 @@ public boolean isTrusted(X509Certificate[] arg0, String arg1) throws Certificate } return httpClient; } + + public static String httpGetMethodWithHeaders(String url,Map headers) throws Exception { + String json = null; + + HttpGet get = new HttpGet(url); + CloseableHttpClient httpClient = null; + if (headers != null && !headers.isEmpty()) { + for (Map.Entry entry : headers.entrySet()) { + get.setHeader(entry.getKey(), entry.getValue().toString()); + } + } + try { + httpClient = getHttpClient(); + CloseableHttpResponse res = httpClient.execute(get); + if (res.getStatusLine().getStatusCode() == 200) { + json = EntityUtils.toString(res.getEntity()); + } + } finally { + if (httpClient != null) { + httpClient.close(); + } + } + return json; + } } diff --git a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Util.java b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Util.java index 040a591e9..3a222e949 100644 --- a/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Util.java +++ b/jobs/pacman-data-shipper/src/main/java/com/tmobile/cso/pacman/datashipper/util/Util.java @@ -16,6 +16,7 @@ import javax.xml.bind.annotation.adapters.HexBinaryAdapter; +import org.apache.http.entity.ContentType; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -147,5 +148,16 @@ public static String encodeUrl(String toBeEncoded) { } return encoded; } + + public static String base64Encode(String str) { + return Base64.getEncoder().encodeToString(str.getBytes()); + } + + public static Map getHeader(String base64Creds){ + Map authToken = new HashMap<>(); + authToken.put("Content-Type", ContentType.APPLICATION_JSON.toString()); + authToken.put("Authorization", "Basic "+base64Creds); + return authToken; + } } diff --git a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollectorTest.java b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollectorTest.java index 9ca8d4c8f..19b155835 100644 --- a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollectorTest.java +++ b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/AssetGroupStatsCollectorTest.java @@ -1,281 +1,281 @@ -package com.tmobile.cso.pacman.datashipper.entity; - - -import static org.mockito.Matchers.anyBoolean; -import static org.mockito.Matchers.anyList; -import static org.mockito.Matchers.anyMap; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.doNothing; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -import com.tmobile.cso.pacman.datashipper.es.ESManager; -import com.tmobile.cso.pacman.datashipper.util.AssetGroupUtil; -import com.tmobile.cso.pacman.datashipper.util.AuthManager; - -@RunWith(PowerMockRunner.class) -@PrepareForTest({ AssetGroupUtil.class, ESManager.class,AuthManager.class}) -public class AssetGroupStatsCollectorTest { - - AssetGroupStatsCollector assetGroupStatsCollector = new AssetGroupStatsCollector(); - @Before - public void setup() throws Exception{ - PowerMockito.mockStatic(AuthManager.class); - when(AuthManager.getToken()).thenReturn(""); - } - - @Test - public void testUploadAssetGroupVulnCompliance() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - Map vulnMap = new HashMap<>(); - vulnMap.put("total", 1345l); - vulnMap.put("compliant", 1000l); - vulnMap.put("noncompliant", 345l); - when(AssetGroupUtil.fetchVulnSummary(anyString(),anyString(),anyString())).thenReturn(vulnMap); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - - - assetGroupStatsCollector.uploadAssetGroupVulnCompliance(Arrays.asList("pacman")); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupCertCompliance() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - Map comSummaryMap = new HashMap<>(); - comSummaryMap.put("total", 1345l); - comSummaryMap.put("compliant", 1000l); - comSummaryMap.put("noncompliant", 345l); - when(AssetGroupUtil.fetchCertSummary(anyString(),anyString(),anyString())).thenReturn(comSummaryMap); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - assetGroupStatsCollector.uploadAssetGroupCertCompliance(Arrays.asList("pacman")); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupTagCompliance() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - Map comSummaryMap = new HashMap<>(); - comSummaryMap.put("total", 1345l); - comSummaryMap.put("compliant", 1000l); - comSummaryMap.put("noncompliant", 345l); - when(AssetGroupUtil.fetchTaggingSummary(anyString(),anyString(),anyString())).thenReturn(comSummaryMap); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - assetGroupStatsCollector.uploadAssetGroupTagCompliance(Arrays.asList("pacman")); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupRuleCompliance() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - List> ruleInfoList = new ArrayList<>(); - Map ruleInfo = new HashMap<>(); - ruleInfo.put("domain", "infra"); - ruleInfo.put("ruleId", "testruleid1"); - ruleInfo.put("compliance_percent", 55); - ruleInfo.put("total", 1345l); - ruleInfo.put("compliant", 1000l); - ruleInfo.put("noncompliant", 345l); - ruleInfo.put("contribution_percent", 66); - ruleInfoList.add(ruleInfo); - when(AssetGroupUtil.fetchRuleComplianceInfo(anyString(),anyString(),anyList(),anyString())).thenReturn(ruleInfoList); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - Map> assetGroups = new HashMap<>(); - List domains = new ArrayList<>(); - domains.add("infra"); - assetGroups.put("pacman", domains); - assetGroupStatsCollector.uploadAssetGroupRuleCompliance(assetGroups); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupPatchingCompliance() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - Map patchingMap = new HashMap<>(); - patchingMap.put("unpatched_instances", 4463); - patchingMap.put("patched_instances", 1368); - patchingMap.put("total_instances", 5831); - patchingMap.put("patching_percentage", 23); - when(AssetGroupUtil.fetchPatchingCompliance(anyString(),anyString(),anyString())).thenReturn(patchingMap); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - assetGroupStatsCollector.uploadAssetGroupPatchingCompliance(Arrays.asList("pacman")); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupCompliance() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - List> ruleInfoList = new ArrayList<>(); - Map complnInfo = new HashMap<>(); - complnInfo.put("domain", "infra"); - complnInfo.put("tagging", 60); - complnInfo.put("security", 89); - complnInfo.put("costOptimization", 66); - complnInfo.put("governance", 83); - complnInfo.put("overall", 74); - ruleInfoList.add(complnInfo); - when(AssetGroupUtil.fetchRuleComplianceInfo(anyString(),anyString(),anyList(),anyString())).thenReturn(ruleInfoList); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - Map> assetGroups = new HashMap<>(); - List domains = new ArrayList<>(); - domains.add("infra"); - assetGroups.put("pacman", domains); - assetGroupStatsCollector.uploadAssetGroupCompliance(assetGroups); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupVulnStats() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - List> returnList = new ArrayList<>(); - Map vulnInfo = new HashMap<>(); - vulnInfo.put("tags.Application", "pacman"); - vulnInfo.put("tags.Environment", "Production"); - vulnInfo.put("severitylevel", "S3"); - returnList.add(vulnInfo); - when(AssetGroupUtil.fetchVulnDistribution(anyString(),anyString(),anyString())).thenReturn(returnList); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - Map> assetGroups = new HashMap<>(); - List domains = new ArrayList<>(); - domains.add("infra"); - assetGroups.put("pacman", domains); - assetGroupStatsCollector.uploadAssetGroupVulnStats(Arrays.asList("pacman")); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupCountStats() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - List> typeCounts = new ArrayList<>(); - Map typeCount = new HashMap<>(); - typeCount.put("type", "ec2"); - typeCount.put("count", 125l); - typeCounts.add(typeCount); - when(AssetGroupUtil.fetchTypeCounts(anyString(),anyString(),anyString())).thenReturn(typeCounts); - - - Map>> currentInfo = new HashMap<>(); - Map minMax = new HashMap<>(); - minMax.put("min", 100); - minMax.put("max", 120); - Map> typeMap = new HashMap<>(); - typeMap.put("ec2", minMax); - currentInfo.put("pacman", typeMap); - PowerMockito.mockStatic(ESManager.class); - when(ESManager.fetchCurrentCountStatsForAssetGroups(anyString())).thenReturn(currentInfo); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - Map> assetGroups = new HashMap<>(); - List domains = new ArrayList<>(); - domains.add("infra"); - assetGroups.put("pacman", domains); - assetGroupStatsCollector.uploadAssetGroupCountStats(Arrays.asList("pacman")); - } - - @SuppressWarnings("unchecked") - @Test - public void testUploadAssetGroupIssues() throws Exception{ - PowerMockito.mockStatic(AssetGroupUtil.class); - List> returnList = new ArrayList<>(); - Map issuesInfo = new HashMap<>(); - issuesInfo.put("domain", "infra"); - issuesInfo.put("total", 123l); - returnList.add(issuesInfo); - when(AssetGroupUtil.fetchIssuesInfo(anyString(),anyString(),anyList(),anyString())).thenReturn(returnList); - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); - - Map> assetGroups = new HashMap<>(); - List domains = new ArrayList<>(); - domains.add("infra"); - assetGroups.put("pacman", domains); - assetGroupStatsCollector.uploadAssetGroupIssues(assetGroups); - } - - - @SuppressWarnings("unchecked") - @Test - public void testCollectAssetGroupStats() throws Exception{ - - Map> assetGroups = new HashMap<>(); - List domains = new ArrayList<>(); - domains.add("infra"); - assetGroups.put("pacman", domains); - - PowerMockito.mockStatic(AssetGroupUtil.class); - when(AssetGroupUtil.fetchAssetGroups(anyString(),anyString())).thenReturn(assetGroups); - - - PowerMockito.mockStatic(ESManager.class); - doNothing().when(ESManager.class); - ESManager.createIndex(anyString(),anyList()); - ESManager.createType(anyString(),anyString(),anyList()); - - assetGroupStatsCollector = PowerMockito.spy(assetGroupStatsCollector); - - doNothing().when(assetGroupStatsCollector).uploadAssetGroupRuleCompliance(anyMap()); - doNothing().when(assetGroupStatsCollector).uploadAssetGroupVulnCompliance(anyList()); - doNothing().when(assetGroupStatsCollector).uploadAssetGroupCountStats(anyList()); - doNothing().when(assetGroupStatsCollector).uploadAssetGroupPatchingCompliance(anyList()); - doNothing().when(assetGroupStatsCollector).uploadAssetGroupVulnStats(anyList()); - - doNothing().when(assetGroupStatsCollector).uploadAssetGroupCompliance(anyMap()); - - doNothing().when(assetGroupStatsCollector).uploadAssetGroupCertCompliance(anyList()); - doNothing().when(assetGroupStatsCollector).uploadAssetGroupTagCompliance(anyList()); - doNothing().when(assetGroupStatsCollector).uploadAssetGroupIssues(anyMap()); - - assetGroupStatsCollector.collectAssetGroupStats(); - - - - - - - } -} - +package com.tmobile.cso.pacman.datashipper.entity; + + +import static org.mockito.Matchers.anyBoolean; +import static org.mockito.Matchers.anyList; +import static org.mockito.Matchers.anyMap; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.doNothing; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +import com.tmobile.cso.pacman.datashipper.es.ESManager; +import com.tmobile.cso.pacman.datashipper.util.AssetGroupUtil; +import com.tmobile.cso.pacman.datashipper.util.AuthManager; + +@RunWith(PowerMockRunner.class) +@PrepareForTest({ AssetGroupUtil.class, ESManager.class,AuthManager.class}) +public class AssetGroupStatsCollectorTest { + + AssetGroupStatsCollector assetGroupStatsCollector = new AssetGroupStatsCollector(); + @Before + public void setup() throws Exception{ + PowerMockito.mockStatic(AuthManager.class); + when(AuthManager.getToken()).thenReturn(""); + } + + @Test + public void testUploadAssetGroupVulnCompliance() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + Map vulnMap = new HashMap<>(); + vulnMap.put("total", 1345l); + vulnMap.put("compliant", 1000l); + vulnMap.put("noncompliant", 345l); + when(AssetGroupUtil.fetchVulnSummary(anyString(),anyString(),anyString())).thenReturn(vulnMap); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + + + assetGroupStatsCollector.uploadAssetGroupVulnCompliance(Arrays.asList("pacman")); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupCertCompliance() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + Map comSummaryMap = new HashMap<>(); + comSummaryMap.put("total", 1345l); + comSummaryMap.put("compliant", 1000l); + comSummaryMap.put("noncompliant", 345l); + when(AssetGroupUtil.fetchCertSummary(anyString(),anyString(),anyString())).thenReturn(comSummaryMap); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + assetGroupStatsCollector.uploadAssetGroupCertCompliance(Arrays.asList("pacman")); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupTagCompliance() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + Map comSummaryMap = new HashMap<>(); + comSummaryMap.put("total", 1345l); + comSummaryMap.put("compliant", 1000l); + comSummaryMap.put("noncompliant", 345l); + when(AssetGroupUtil.fetchTaggingSummary(anyString(),anyString(),anyString())).thenReturn(comSummaryMap); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + assetGroupStatsCollector.uploadAssetGroupTagCompliance(Arrays.asList("pacman")); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupRuleCompliance() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + List> ruleInfoList = new ArrayList<>(); + Map ruleInfo = new HashMap<>(); + ruleInfo.put("domain", "infra"); + ruleInfo.put("ruleId", "testruleid1"); + ruleInfo.put("compliance_percent", 55); + ruleInfo.put("total", 1345l); + ruleInfo.put("compliant", 1000l); + ruleInfo.put("noncompliant", 345l); + ruleInfo.put("contribution_percent", 66); + ruleInfoList.add(ruleInfo); + when(AssetGroupUtil.fetchRuleComplianceInfo(anyString(),anyString(),anyList(),anyString())).thenReturn(ruleInfoList); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + Map> assetGroups = new HashMap<>(); + List domains = new ArrayList<>(); + domains.add("infra"); + assetGroups.put("pacman", domains); + assetGroupStatsCollector.uploadAssetGroupRuleCompliance(assetGroups); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupPatchingCompliance() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + Map patchingMap = new HashMap<>(); + patchingMap.put("unpatched_instances", 4463); + patchingMap.put("patched_instances", 1368); + patchingMap.put("total_instances", 5831); + patchingMap.put("patching_percentage", 23); + when(AssetGroupUtil.fetchPatchingCompliance(anyString(),anyString(),anyString())).thenReturn(patchingMap); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + assetGroupStatsCollector.uploadAssetGroupPatchingCompliance(Arrays.asList("pacman")); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupCompliance() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + List> ruleInfoList = new ArrayList<>(); + Map complnInfo = new HashMap<>(); + complnInfo.put("domain", "infra"); + complnInfo.put("tagging", 60); + complnInfo.put("security", 89); + complnInfo.put("costOptimization", 66); + complnInfo.put("governance", 83); + complnInfo.put("overall", 74); + ruleInfoList.add(complnInfo); + when(AssetGroupUtil.fetchRuleComplianceInfo(anyString(),anyString(),anyList(),anyString())).thenReturn(ruleInfoList); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + Map> assetGroups = new HashMap<>(); + List domains = new ArrayList<>(); + domains.add("infra"); + assetGroups.put("pacman", domains); + assetGroupStatsCollector.uploadAssetGroupCompliance(assetGroups); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupVulnStats() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + List> returnList = new ArrayList<>(); + Map vulnInfo = new HashMap<>(); + vulnInfo.put("tags.Application", "pacman"); + vulnInfo.put("tags.Environment", "Production"); + vulnInfo.put("severitylevel", "S3"); + returnList.add(vulnInfo); + when(AssetGroupUtil.fetchVulnDistribution(anyString(),anyString(),anyString())).thenReturn(returnList); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + Map> assetGroups = new HashMap<>(); + List domains = new ArrayList<>(); + domains.add("infra"); + assetGroups.put("pacman", domains); + assetGroupStatsCollector.uploadAssetGroupVulnStats(Arrays.asList("pacman")); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupCountStats() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + List> typeCounts = new ArrayList<>(); + Map typeCount = new HashMap<>(); + typeCount.put("type", "ec2"); + typeCount.put("count", 125l); + typeCounts.add(typeCount); + when(AssetGroupUtil.fetchTypeCounts(anyString(),anyString(),anyString())).thenReturn(typeCounts); + + + Map>> currentInfo = new HashMap<>(); + Map minMax = new HashMap<>(); + minMax.put("min", 100); + minMax.put("max", 120); + Map> typeMap = new HashMap<>(); + typeMap.put("ec2", minMax); + currentInfo.put("pacman", typeMap); + PowerMockito.mockStatic(ESManager.class); + when(ESManager.fetchCurrentCountStatsForAssetGroups(anyString())).thenReturn(currentInfo); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + Map> assetGroups = new HashMap<>(); + List domains = new ArrayList<>(); + domains.add("infra"); + assetGroups.put("pacman", domains); + assetGroupStatsCollector.uploadAssetGroupCountStats(Arrays.asList("pacman")); + } + + @SuppressWarnings("unchecked") + @Test + public void testUploadAssetGroupIssues() throws Exception{ + PowerMockito.mockStatic(AssetGroupUtil.class); + List> returnList = new ArrayList<>(); + Map issuesInfo = new HashMap<>(); + issuesInfo.put("domain", "infra"); + issuesInfo.put("total", 123l); + returnList.add(issuesInfo); + when(AssetGroupUtil.fetchIssuesInfo(anyString(),anyString(),anyList(),anyString())).thenReturn(returnList); + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); + + Map> assetGroups = new HashMap<>(); + List domains = new ArrayList<>(); + domains.add("infra"); + assetGroups.put("pacman", domains); + assetGroupStatsCollector.uploadAssetGroupIssues(assetGroups); + } + + + @SuppressWarnings("unchecked") + @Test + public void testCollectAssetGroupStats() throws Exception{ + + Map> assetGroups = new HashMap<>(); + List domains = new ArrayList<>(); + domains.add("infra"); + assetGroups.put("pacman", domains); + + PowerMockito.mockStatic(AssetGroupUtil.class); + when(AssetGroupUtil.fetchAssetGroups(anyString(),anyString())).thenReturn(assetGroups); + + + PowerMockito.mockStatic(ESManager.class); + doNothing().when(ESManager.class); + ESManager.createIndex(anyString(),anyList()); + ESManager.createType(anyString(),anyString(),anyList()); + + assetGroupStatsCollector = PowerMockito.spy(assetGroupStatsCollector); + + doNothing().when(assetGroupStatsCollector).uploadAssetGroupRuleCompliance(anyMap()); + doNothing().when(assetGroupStatsCollector).uploadAssetGroupVulnCompliance(anyList()); + doNothing().when(assetGroupStatsCollector).uploadAssetGroupCountStats(anyList()); + doNothing().when(assetGroupStatsCollector).uploadAssetGroupPatchingCompliance(anyList()); + doNothing().when(assetGroupStatsCollector).uploadAssetGroupVulnStats(anyList()); + + doNothing().when(assetGroupStatsCollector).uploadAssetGroupCompliance(anyMap()); + + doNothing().when(assetGroupStatsCollector).uploadAssetGroupCertCompliance(anyList()); + doNothing().when(assetGroupStatsCollector).uploadAssetGroupTagCompliance(anyList()); + doNothing().when(assetGroupStatsCollector).uploadAssetGroupIssues(anyMap()); + + assetGroupStatsCollector.collectAssetGroupStats(); + + + + + + + } +} + diff --git a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManagerTest.java b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManagerTest.java index dd77926f0..6138d345e 100644 --- a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManagerTest.java +++ b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityAssociationManagerTest.java @@ -19,10 +19,9 @@ import org.powermock.modules.junit4.PowerMockRunner; import com.tmobile.cso.pacman.datashipper.config.ConfigManager; -import com.tmobile.cso.pacman.datashipper.dao.DBManager; import com.tmobile.cso.pacman.datashipper.es.ESManager; @RunWith(PowerMockRunner.class) -@PrepareForTest({ConfigManager.class,DBManager.class,ESManager.class}) +@PrepareForTest({ConfigManager.class,ESManager.class}) public class EntityAssociationManagerTest { @SuppressWarnings("unchecked") @@ -34,11 +33,11 @@ public void uploadAssociationInfoTest() { types.add("type1"); when(ConfigManager.getTypes(anyString())).thenReturn(new HashSet<>(types)); - PowerMockito.mockStatic(DBManager.class); + /* PowerMockito.mockStatic(DBManager.class); List childTableNames = new ArrayList<>(); childTableNames.add("child_table"); when(DBManager.getChildTableNames(anyString())).thenReturn(childTableNames); - + */ when(ConfigManager.getKeyForType(anyString(), anyString())).thenReturn("type"); PowerMockito.mockStatic(ESManager.class); @@ -47,10 +46,10 @@ public void uploadAssociationInfoTest() { List> entities = new ArrayList<>(); entities.add(new HashMap<>()); - when(DBManager.executeQuery(anyString())).thenReturn(entities); + //when(DBManager.executeQuery(anyString())).thenReturn(entities); ESManager.uploadData(anyString(), anyString(), anyList(), anyString(), anyBoolean()); ESManager.deleteOldDocuments(anyString(), anyString(), anyString(), anyString()); - new EntityAssociationManager().uploadAssociationInfo("dataSource"); + new EntityAssociationManager().uploadAssociationInfo("dataSource","type"); } } diff --git a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityManagerTest.java b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityManagerTest.java index 3deb0d921..2c8824ae9 100644 --- a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityManagerTest.java +++ b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/entity/EntityManagerTest.java @@ -2,11 +2,9 @@ import static org.mockito.Matchers.anyList; import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.doNothing; import static org.powermock.api.mockito.PowerMockito.when; import java.util.ArrayList; -import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.List; @@ -19,12 +17,11 @@ import org.powermock.modules.junit4.PowerMockRunner; import com.tmobile.cso.pacman.datashipper.config.ConfigManager; -import com.tmobile.cso.pacman.datashipper.dao.DBManager; import com.tmobile.cso.pacman.datashipper.dao.RDSDBManager; import com.tmobile.cso.pacman.datashipper.es.ESManager; @RunWith(PowerMockRunner.class) -@PrepareForTest({ConfigManager.class,ESManager.class,RDSDBManager.class,DBManager.class}) +@PrepareForTest({ConfigManager.class,ESManager.class,RDSDBManager.class}) public class EntityManagerTest { @SuppressWarnings("unchecked") @@ -41,7 +38,7 @@ public void uploadEntityDataTest(){ Map> currentInfo = new HashMap<>(); currentInfo.put("id",new HashMap<>()); when(ESManager.getExistingInfo(anyString(),anyString(), anyList())).thenReturn(currentInfo); - + /* PowerMockito.mockStatic(DBManager.class); List> entities = new ArrayList<>(); Map entity = new HashMap<>(); @@ -49,7 +46,7 @@ public void uploadEntityDataTest(){ entity.put("discoverydate", new Date().toString()); entity.put("u_business_service", "application"); entity.put("used_for", "environment"); - entities.add(entity); + entities.add(entity);*/ List> tags = new ArrayList<>(); Map tag = new HashMap<>(); @@ -67,7 +64,7 @@ public void uploadEntityDataTest(){ Map override = new HashMap<>(); override.put("_resourceid", "id"); overrides.add(override); - when(DBManager.executeQuery(anyString())).thenReturn(entities,tags,overrides); + // when(DBManager.executeQuery(anyString())).thenReturn(entities,tags,overrides); when(ConfigManager.getKeyForType(anyString(),anyString())).thenReturn("id"); when(ConfigManager.getIdForType(anyString(),anyString())).thenReturn("id"); diff --git a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/es/ESManagerTest.java b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/es/ESManagerTest.java index b3240aa98..9fdfc405e 100644 --- a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/es/ESManagerTest.java +++ b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/es/ESManagerTest.java @@ -83,7 +83,7 @@ public void uploadDataTest() throws Exception{ when(sl.getStatusCode()).thenReturn(200); when(response.getStatusLine()).thenReturn(sl); - esManager.uploadData("index", "type", docs); + esManager.uploadData("index", "type", docs, "date"); } @SuppressWarnings({ "unchecked", "static-access" }) diff --git a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtilTest.java b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtilTest.java index ee749f367..1961c4b7a 100644 --- a/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtilTest.java +++ b/jobs/pacman-data-shipper/src/test/java/com/tmobile/cso/pacman/datashipper/util/AssetGroupUtilTest.java @@ -1,185 +1,185 @@ -package com.tmobile.cso.pacman.datashipper.util; - -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.Matchers.anyString; -import static org.powermock.api.mockito.PowerMockito.when; - -import java.util.Arrays; -import java.util.List; -import java.util.Map; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -@RunWith(PowerMockRunner.class) -@PrepareForTest({ HttpUtil.class }) -public class AssetGroupUtilTest { - - @Before - public void setUp() throws Exception { - PowerMockito.mockStatic(HttpUtil.class); - } - - @Test - public void testFetchAssetGroups() throws Exception { - - String listAgJson = "{\"data\":[{\"name\":\"abcservices\",\"domains\":[\"Infra & Platforms\"]},{\"name\":\"adapt\",\"domains\":[\"Infra & Platforms\"]},{\"name\":\"adapt-workload\",\"domains\":[\"Infra & Platforms\"]}]}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(listAgJson); - - Map> agInfo = AssetGroupUtil.fetchAssetGroups("",""); - assertThat(agInfo.size(), is(3)); - } - - @Test - public void testFetcTypeCounts() throws Exception { - String typeCountJson = "{\"data\":{\"ag\":\"aws-all\",\"assetcount\":[{\"count\":1949,\"type\":\"subnet\"},{\"count\":5885,\"type\":\"stack\"},{\"count\":714,\"type\":\"asgpolicy\"},{\"count\":3926,\"type\":\"rdssnapshot\"},{\"count\":84,\"type\":\"rdscluster\"},{\"count\":1320,\"type\":\"cert\"},{\"count\":481,\"type\":\"internetgateway\"},{\"count\":419,\"type\":\"rdsdb\"}]}}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(typeCountJson); - - List> typeCounts = AssetGroupUtil.fetchTypeCounts("", "",""); - assertThat(typeCounts.size(), is(8)); - } - - @Test(expected=Exception.class) - public void testFetcTypeCountsException() throws Exception { - String typeCountJson = "{\"data1\":{\"ag\":\"aws-all\",\"assetcount\":[{\"count\":1949,\"type\":\"subnet\"},{\"count\":5885,\"type\":\"stack\"},{\"count\":714,\"type\":\"asgpolicy\"},{\"count\":3926,\"type\":\"rdssnapshot\"},{\"count\":84,\"type\":\"rdscluster\"},{\"count\":1320,\"type\":\"cert\"},{\"count\":481,\"type\":\"internetgateway\"},{\"count\":419,\"type\":\"rdsdb\"}]}}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(typeCountJson); - List> typeCounts = AssetGroupUtil.fetchTypeCounts("", "",""); - assertThat(typeCounts.isEmpty(),is(true)); - } - - @Test - public void testFetchPatchingCompliance() throws Exception { - String patchingResponse = "{\"data\":{\"output\":{\"unpatched_instances\":4748,\"patched_instances\":1330,\"total_instances\":6078,\"patching_percentage\":21}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(patchingResponse); - Map patchingInfo = AssetGroupUtil.fetchPatchingCompliance("", "",""); - assertThat(patchingInfo.get("patching_percentage").toString(), is("21")); - } - - @Test(expected=Exception.class) - public void testFetchPatchingComplianceException() throws Exception { - String patchingResponse = "{\"data1\":{\"output\":{\"unpatched_instances\":4748,\"patched_instances\":1330,\"total_instances\":6078,\"patching_percentage\":21}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(patchingResponse); - AssetGroupUtil.fetchPatchingCompliance("", "",""); - - } - - @Test - public void testFetchVulnDistribution() throws Exception { - String vulnResponse = "{\"data\":{\"response\":[{\"application\":\"PacMan\",\"applicationInfo\":[{\"environment\":\"Production\",\"vulnerabilities\":308,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":128,\"count\":128,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":170,\"count\":170,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":10,\"count\":10,\"severitylevel\":5}]},{\"environment\":\"Non Production\",\"vulnerabilities\":0,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":5}]}]}]},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnResponse); - List> vulnDistribution = AssetGroupUtil.fetchVulnDistribution("", "",""); - assertThat(vulnDistribution.get(0).get("tags.Application").toString(), is("PacMan")); - assertThat(vulnDistribution.size(), is(6)); - } - - @Test(expected=Exception.class) - public void testFetchVulnDistributionException() throws Exception { - String vulnResponse = "{\"data1\":{\"response\":[{\"application\":\"PacMan\",\"applicationInfo\":[{\"environment\":\"Production\",\"vulnerabilities\":308,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":128,\"count\":128,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":170,\"count\":170,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":10,\"count\":10,\"severitylevel\":5}]},{\"environment\":\"Non Production\",\"vulnerabilities\":0,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":5}]}]}]},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnResponse); - AssetGroupUtil.fetchVulnDistribution("", "",""); - } - - @Test - public void testFetchComplianceInfo() throws Exception { - String complResponse = "{\"data\":{\"distribution\":{\"tagging\":59,\"security\":89,\"costOptimization\":67,\"governance\":82,\"overall\":74}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(complResponse); - List> complianceInfo = AssetGroupUtil.fetchComplianceInfo("", "", Arrays.asList("infra"),""); - assertThat(complianceInfo.size(), is(1)); - assertThat(complianceInfo.get(0).get("domain").toString(), is("infra")); - assertThat(complianceInfo.get(0).get("overall").toString(), is("74")); - } - - @Test(expected=Exception.class) - public void testFetchComplianceInfoException() throws Exception { - String complResponse = "{\"data1\":{\"distribution\":{\"tagging\":59,\"security\":89,\"costOptimization\":67,\"governance\":82,\"overall\":74}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(complResponse); - AssetGroupUtil.fetchComplianceInfo("", "", Arrays.asList("infra"),""); - } - - @Test - public void testFetchRuleComplianceInfo() throws Exception { - String ruleComplianceJson = "{\"data\":{\"response\":[{\"severity\":\"low\",\"name\":\"EBS snapshots should be tagged with mandatory tags \",\"compliance_percent\":50,\"lastScan\":\"2018-08-01T18:00:50.263Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"snapshot\",\"ruleId\":\"PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot\",\"assetsScanned\":55085,\"passed\":27619,\"failed\":27466,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Security groups should be tagged with mandatory tags\",\"compliance_percent\":18,\"lastScan\":\"2018-08-01T23:00:47.392Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"sg\",\"ruleId\":\"PacMan_TaggingRule_version-1_SgTaggingRule_sg\",\"assetsScanned\":7129,\"passed\":1297,\"failed\":5832,\"contribution_percent\":100},{\"severity\":\"high\",\"name\":\"Amazon EBS volumes should not be underutilized \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T18:04:23.044Z\",\"ruleCategory\":\"costOptimization\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume\",\"assetsScanned\":35938,\"passed\":30191,\"failed\":5747,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"EBS volumes should be tagged with mandatory tags \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T23:00:55.626Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_TaggingRule_version-1_VolumeTaggingRule_volume\",\"assetsScanned\":35938,\"passed\":30227,\"failed\":5711,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Any Ec2 instance should not have S3 vulnerability \",\"compliance_percent\":30,\"lastScan\":\"2018-08-01T18:00:26.570Z\",\"ruleCategory\":\"security\",\"resourcetType\":\"ec2\",\"ruleId\":\"PacMan_Ec2WithSeverityVulnerability_version-1_Ec2WithS3Vulnerability_ec2\",\"assetsScanned\":7192,\"passed\":2172,\"failed\":5020,\"contribution_percent\":100}]}}"; - when(HttpUtil.post(anyString(),anyString(),anyString(),anyString())).thenReturn(ruleComplianceJson); - List> complianceInfo = AssetGroupUtil.fetchRuleComplianceInfo("", "", Arrays.asList("infra"),""); - assertThat(complianceInfo.size(), is(5)); - assertThat(complianceInfo.get(0).get("domain").toString(), is("infra")); - assertThat(complianceInfo.get(0).get("ruleId").toString(), is("PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot")); - } - - @Test(expected=Exception.class) - public void testFetchRuleComplianceInfoException() throws Exception { - String ruleComplianceJson = "{\"data1\":{\"response\":[{\"severity\":\"low\",\"name\":\"EBS snapshots should be tagged with mandatory tags \",\"compliance_percent\":50,\"lastScan\":\"2018-08-01T18:00:50.263Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"snapshot\",\"ruleId\":\"PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot\",\"assetsScanned\":55085,\"passed\":27619,\"failed\":27466,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Security groups should be tagged with mandatory tags\",\"compliance_percent\":18,\"lastScan\":\"2018-08-01T23:00:47.392Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"sg\",\"ruleId\":\"PacMan_TaggingRule_version-1_SgTaggingRule_sg\",\"assetsScanned\":7129,\"passed\":1297,\"failed\":5832,\"contribution_percent\":100},{\"severity\":\"high\",\"name\":\"Amazon EBS volumes should not be underutilized \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T18:04:23.044Z\",\"ruleCategory\":\"costOptimization\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume\",\"assetsScanned\":35938,\"passed\":30191,\"failed\":5747,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"EBS volumes should be tagged with mandatory tags \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T23:00:55.626Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_TaggingRule_version-1_VolumeTaggingRule_volume\",\"assetsScanned\":35938,\"passed\":30227,\"failed\":5711,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Any Ec2 instance should not have S3 vulnerability \",\"compliance_percent\":30,\"lastScan\":\"2018-08-01T18:00:26.570Z\",\"ruleCategory\":\"security\",\"resourcetType\":\"ec2\",\"ruleId\":\"PacMan_Ec2WithSeverityVulnerability_version-1_Ec2WithS3Vulnerability_ec2\",\"assetsScanned\":7192,\"passed\":2172,\"failed\":5020,\"contribution_percent\":100}]}}"; - when(HttpUtil.post(anyString(),anyString(),anyString(),anyString())).thenReturn(ruleComplianceJson); - AssetGroupUtil.fetchRuleComplianceInfo("", "", Arrays.asList("infra"),""); - } - - @Test - public void testFetchVulnSummary() throws Exception { - String vulnSummaryJson = "{\"data\":{\"output\":{\"hosts\":7192,\"vulnerabilities\":132285,\"totalVulnerableAssets\":5815}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnSummaryJson); - Map vulnSummary = AssetGroupUtil.fetchVulnSummary("", "",""); - assertThat(vulnSummary.get("total"), is(7192l)); - } - - @Test(expected=Exception.class) - public void testFetchVulnSummaryException() throws Exception { - String vulnSummaryJson = "{\"data1\":{\"output\":{\"hosts\":7192,\"vulnerabilities\":132285,\"totalVulnerableAssets\":5815}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnSummaryJson); - AssetGroupUtil.fetchVulnSummary("", "",""); - - } - @Test - public void testFetchTaggingSummary() throws Exception { - String tagSummaryJson = "{\"data\":{\"output\":{\"assets\":124704,\"untagged\":49384,\"tagged\":75320,\"compliance\":60}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(tagSummaryJson); - Map tagSummary = AssetGroupUtil.fetchTaggingSummary("", "",""); - assertThat(tagSummary.get("total"), is(124704l)); - } - - @Test(expected=Exception.class) - public void testFetchTaggingSummaryException() throws Exception { - String tagSummaryJson = "{\"data1\":{\"output\":{\"assets\":124704,\"untagged\":49384,\"tagged\":75320,\"compliance\":60}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(tagSummaryJson); - AssetGroupUtil.fetchTaggingSummary("", "",""); - - } - - @Test - public void testFetchCertSummary() throws Exception { - String certSummaryJson = "{\"data\":{\"output\":{\"certificates\":1320,\"certificates_expiring\":0}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(certSummaryJson); - Map certSummary = AssetGroupUtil.fetchCertSummary("", "",""); - assertThat(certSummary.get("total"), is(1320l)); - } - - @Test(expected=Exception.class) - public void testFetchCertSummaryException() throws Exception { - String certSummaryJson = "{\"data1\":{\"output\":{\"certificates\":1320,\"certificates_expiring\":0}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(certSummaryJson); - AssetGroupUtil.fetchCertSummary("", "",""); - - } - - @Test - public void testFetchIssuesInfo() throws Exception { - String issueDistrJson = "{\"data\":{\"distribution\":{\"total_issues\":113688,\"ruleCategory_percentage\":{\"tagging\":57,\"security\":25,\"costOptimization\":7,\"governance\":11},\"distribution_by_severity\":{\"high\":27918,\"critical\":718,\"low\":79342,\"medium\":5710},\"distribution_ruleCategory\":{\"tagging\":64914,\"security\":29327,\"costOptimization\":8962,\"governance\":10485}}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(issueDistrJson); - List> issueDistribution = AssetGroupUtil.fetchIssuesInfo("", "",Arrays.asList("infra"),""); - assertThat(issueDistribution.get(0).get("domain"), is("infra")); - assertThat(issueDistribution.get(0).get("total"), is(113688l)); - } - - @Test(expected=Exception.class) - public void testFetchIssuesInfoException() throws Exception { - String issueDistrJson = "{\"data1\":{\"distribution\":{\"total_issues\":113688,\"ruleCategory_percentage\":{\"tagging\":57,\"security\":25,\"costOptimization\":7,\"governance\":11},\"distribution_by_severity\":{\"high\":27918,\"critical\":718,\"low\":79342,\"medium\":5710},\"distribution_ruleCategory\":{\"tagging\":64914,\"security\":29327,\"costOptimization\":8962,\"governance\":10485}}},\"message\":\"success\"}"; - when(HttpUtil.get(anyString(),anyString())).thenReturn(issueDistrJson); - AssetGroupUtil.fetchIssuesInfo("", "",Arrays.asList("infra"),""); - - } - -} +package com.tmobile.cso.pacman.datashipper.util; + +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.Matchers.anyString; +import static org.powermock.api.mockito.PowerMockito.when; + +import java.util.Arrays; +import java.util.List; +import java.util.Map; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; + +@RunWith(PowerMockRunner.class) +@PrepareForTest({ HttpUtil.class }) +public class AssetGroupUtilTest { + + @Before + public void setUp() throws Exception { + PowerMockito.mockStatic(HttpUtil.class); + } + + @Test + public void testFetchAssetGroups() throws Exception { + + String listAgJson = "{\"data\":[{\"name\":\"abcservices\",\"domains\":[\"Infra & Platforms\"]},{\"name\":\"adapt\",\"domains\":[\"Infra & Platforms\"]},{\"name\":\"adapt-workload\",\"domains\":[\"Infra & Platforms\"]}]}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(listAgJson); + + Map> agInfo = AssetGroupUtil.fetchAssetGroups("",""); + assertThat(agInfo.size(), is(3)); + } + + @Test + public void testFetcTypeCounts() throws Exception { + String typeCountJson = "{\"data\":{\"ag\":\"aws-all\",\"assetcount\":[{\"count\":1949,\"type\":\"subnet\"},{\"count\":5885,\"type\":\"stack\"},{\"count\":714,\"type\":\"asgpolicy\"},{\"count\":3926,\"type\":\"rdssnapshot\"},{\"count\":84,\"type\":\"rdscluster\"},{\"count\":1320,\"type\":\"cert\"},{\"count\":481,\"type\":\"internetgateway\"},{\"count\":419,\"type\":\"rdsdb\"}]}}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(typeCountJson); + + List> typeCounts = AssetGroupUtil.fetchTypeCounts("", "",""); + assertThat(typeCounts.size(), is(8)); + } + + @Test(expected=Exception.class) + public void testFetcTypeCountsException() throws Exception { + String typeCountJson = "{\"data1\":{\"ag\":\"aws-all\",\"assetcount\":[{\"count\":1949,\"type\":\"subnet\"},{\"count\":5885,\"type\":\"stack\"},{\"count\":714,\"type\":\"asgpolicy\"},{\"count\":3926,\"type\":\"rdssnapshot\"},{\"count\":84,\"type\":\"rdscluster\"},{\"count\":1320,\"type\":\"cert\"},{\"count\":481,\"type\":\"internetgateway\"},{\"count\":419,\"type\":\"rdsdb\"}]}}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(typeCountJson); + List> typeCounts = AssetGroupUtil.fetchTypeCounts("", "",""); + assertThat(typeCounts.isEmpty(),is(true)); + } + + @Test + public void testFetchPatchingCompliance() throws Exception { + String patchingResponse = "{\"data\":{\"output\":{\"unpatched_instances\":4748,\"patched_instances\":1330,\"total_instances\":6078,\"patching_percentage\":21}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(patchingResponse); + Map patchingInfo = AssetGroupUtil.fetchPatchingCompliance("", "",""); + assertThat(patchingInfo.get("patching_percentage").toString(), is("21")); + } + + @Test(expected=Exception.class) + public void testFetchPatchingComplianceException() throws Exception { + String patchingResponse = "{\"data1\":{\"output\":{\"unpatched_instances\":4748,\"patched_instances\":1330,\"total_instances\":6078,\"patching_percentage\":21}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(patchingResponse); + AssetGroupUtil.fetchPatchingCompliance("", "",""); + + } + + @Test + public void testFetchVulnDistribution() throws Exception { + String vulnResponse = "{\"data\":{\"response\":[{\"application\":\"PacMan\",\"applicationInfo\":[{\"environment\":\"Production\",\"vulnerabilities\":308,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":128,\"count\":128,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":170,\"count\":170,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":10,\"count\":10,\"severitylevel\":5}]},{\"environment\":\"Non Production\",\"vulnerabilities\":0,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":5}]}]}]},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnResponse); + List> vulnDistribution = AssetGroupUtil.fetchVulnDistribution("", "",""); + assertThat(vulnDistribution.get(0).get("tags.Application").toString(), is("PacMan")); + assertThat(vulnDistribution.size(), is(6)); + } + + @Test(expected=Exception.class) + public void testFetchVulnDistributionException() throws Exception { + String vulnResponse = "{\"data1\":{\"response\":[{\"application\":\"PacMan\",\"applicationInfo\":[{\"environment\":\"Production\",\"vulnerabilities\":308,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":128,\"count\":128,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":170,\"count\":170,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":10,\"count\":10,\"severitylevel\":5}]},{\"environment\":\"Non Production\",\"vulnerabilities\":0,\"severityInfo\":[{\"severity\":\"S3\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":3},{\"severity\":\"S4\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":4},{\"severity\":\"S5\",\"vulnInstanceCount\":0,\"count\":0,\"severitylevel\":5}]}]}]},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnResponse); + AssetGroupUtil.fetchVulnDistribution("", "",""); + } + + @Test + public void testFetchComplianceInfo() throws Exception { + String complResponse = "{\"data\":{\"distribution\":{\"tagging\":59,\"security\":89,\"costOptimization\":67,\"governance\":82,\"overall\":74}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(complResponse); + List> complianceInfo = AssetGroupUtil.fetchComplianceInfo("", "", Arrays.asList("infra"),""); + assertThat(complianceInfo.size(), is(1)); + assertThat(complianceInfo.get(0).get("domain").toString(), is("infra")); + assertThat(complianceInfo.get(0).get("overall").toString(), is("74")); + } + + @Test(expected=Exception.class) + public void testFetchComplianceInfoException() throws Exception { + String complResponse = "{\"data1\":{\"distribution\":{\"tagging\":59,\"security\":89,\"costOptimization\":67,\"governance\":82,\"overall\":74}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(complResponse); + AssetGroupUtil.fetchComplianceInfo("", "", Arrays.asList("infra"),""); + } + + @Test + public void testFetchRuleComplianceInfo() throws Exception { + String ruleComplianceJson = "{\"data\":{\"response\":[{\"severity\":\"low\",\"name\":\"EBS snapshots should be tagged with mandatory tags \",\"compliance_percent\":50,\"lastScan\":\"2018-08-01T18:00:50.263Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"snapshot\",\"ruleId\":\"PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot\",\"assetsScanned\":55085,\"passed\":27619,\"failed\":27466,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Security groups should be tagged with mandatory tags\",\"compliance_percent\":18,\"lastScan\":\"2018-08-01T23:00:47.392Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"sg\",\"ruleId\":\"PacMan_TaggingRule_version-1_SgTaggingRule_sg\",\"assetsScanned\":7129,\"passed\":1297,\"failed\":5832,\"contribution_percent\":100},{\"severity\":\"high\",\"name\":\"Amazon EBS volumes should not be underutilized \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T18:04:23.044Z\",\"ruleCategory\":\"costOptimization\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume\",\"assetsScanned\":35938,\"passed\":30191,\"failed\":5747,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"EBS volumes should be tagged with mandatory tags \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T23:00:55.626Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_TaggingRule_version-1_VolumeTaggingRule_volume\",\"assetsScanned\":35938,\"passed\":30227,\"failed\":5711,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Any Ec2 instance should not have S3 vulnerability \",\"compliance_percent\":30,\"lastScan\":\"2018-08-01T18:00:26.570Z\",\"ruleCategory\":\"security\",\"resourcetType\":\"ec2\",\"ruleId\":\"PacMan_Ec2WithSeverityVulnerability_version-1_Ec2WithS3Vulnerability_ec2\",\"assetsScanned\":7192,\"passed\":2172,\"failed\":5020,\"contribution_percent\":100}]}}"; + when(HttpUtil.post(anyString(),anyString(),anyString(),anyString())).thenReturn(ruleComplianceJson); + List> complianceInfo = AssetGroupUtil.fetchRuleComplianceInfo("", "", Arrays.asList("infra"),""); + assertThat(complianceInfo.size(), is(5)); + assertThat(complianceInfo.get(0).get("domain").toString(), is("infra")); + assertThat(complianceInfo.get(0).get("ruleId").toString(), is("PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot")); + } + + @Test(expected=Exception.class) + public void testFetchRuleComplianceInfoException() throws Exception { + String ruleComplianceJson = "{\"data1\":{\"response\":[{\"severity\":\"low\",\"name\":\"EBS snapshots should be tagged with mandatory tags \",\"compliance_percent\":50,\"lastScan\":\"2018-08-01T18:00:50.263Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"snapshot\",\"ruleId\":\"PacMan_TaggingRule_version-1_SnapshotTaggingRule_snapshot\",\"assetsScanned\":55085,\"passed\":27619,\"failed\":27466,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Security groups should be tagged with mandatory tags\",\"compliance_percent\":18,\"lastScan\":\"2018-08-01T23:00:47.392Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"sg\",\"ruleId\":\"PacMan_TaggingRule_version-1_SgTaggingRule_sg\",\"assetsScanned\":7129,\"passed\":1297,\"failed\":5832,\"contribution_percent\":100},{\"severity\":\"high\",\"name\":\"Amazon EBS volumes should not be underutilized \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T18:04:23.044Z\",\"ruleCategory\":\"costOptimization\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_Underutilized-Amazon-EBS-Volumes_version-1_Underutilized-EBS-Volumes_volume\",\"assetsScanned\":35938,\"passed\":30191,\"failed\":5747,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"EBS volumes should be tagged with mandatory tags \",\"compliance_percent\":84,\"lastScan\":\"2018-08-01T23:00:55.626Z\",\"ruleCategory\":\"tagging\",\"resourcetType\":\"volume\",\"ruleId\":\"PacMan_TaggingRule_version-1_VolumeTaggingRule_volume\",\"assetsScanned\":35938,\"passed\":30227,\"failed\":5711,\"contribution_percent\":100},{\"severity\":\"low\",\"name\":\"Any Ec2 instance should not have S3 vulnerability \",\"compliance_percent\":30,\"lastScan\":\"2018-08-01T18:00:26.570Z\",\"ruleCategory\":\"security\",\"resourcetType\":\"ec2\",\"ruleId\":\"PacMan_Ec2WithSeverityVulnerability_version-1_Ec2WithS3Vulnerability_ec2\",\"assetsScanned\":7192,\"passed\":2172,\"failed\":5020,\"contribution_percent\":100}]}}"; + when(HttpUtil.post(anyString(),anyString(),anyString(),anyString())).thenReturn(ruleComplianceJson); + AssetGroupUtil.fetchRuleComplianceInfo("", "", Arrays.asList("infra"),""); + } + + @Test + public void testFetchVulnSummary() throws Exception { + String vulnSummaryJson = "{\"data\":{\"output\":{\"hosts\":7192,\"vulnerabilities\":132285,\"totalVulnerableAssets\":5815}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnSummaryJson); + Map vulnSummary = AssetGroupUtil.fetchVulnSummary("", "",""); + assertThat(vulnSummary.get("total"), is(7192l)); + } + + @Test(expected=Exception.class) + public void testFetchVulnSummaryException() throws Exception { + String vulnSummaryJson = "{\"data1\":{\"output\":{\"hosts\":7192,\"vulnerabilities\":132285,\"totalVulnerableAssets\":5815}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(vulnSummaryJson); + AssetGroupUtil.fetchVulnSummary("", "",""); + + } + @Test + public void testFetchTaggingSummary() throws Exception { + String tagSummaryJson = "{\"data\":{\"output\":{\"assets\":124704,\"untagged\":49384,\"tagged\":75320,\"compliance\":60}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(tagSummaryJson); + Map tagSummary = AssetGroupUtil.fetchTaggingSummary("", "",""); + assertThat(tagSummary.get("total"), is(124704l)); + } + + @Test(expected=Exception.class) + public void testFetchTaggingSummaryException() throws Exception { + String tagSummaryJson = "{\"data1\":{\"output\":{\"assets\":124704,\"untagged\":49384,\"tagged\":75320,\"compliance\":60}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(tagSummaryJson); + AssetGroupUtil.fetchTaggingSummary("", "",""); + + } + + @Test + public void testFetchCertSummary() throws Exception { + String certSummaryJson = "{\"data\":{\"output\":{\"certificates\":1320,\"certificates_expiring\":0}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(certSummaryJson); + Map certSummary = AssetGroupUtil.fetchCertSummary("", "",""); + assertThat(certSummary.get("total"), is(1320l)); + } + + @Test(expected=Exception.class) + public void testFetchCertSummaryException() throws Exception { + String certSummaryJson = "{\"data1\":{\"output\":{\"certificates\":1320,\"certificates_expiring\":0}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(certSummaryJson); + AssetGroupUtil.fetchCertSummary("", "",""); + + } + + @Test + public void testFetchIssuesInfo() throws Exception { + String issueDistrJson = "{\"data\":{\"distribution\":{\"total_issues\":113688,\"ruleCategory_percentage\":{\"tagging\":57,\"security\":25,\"costOptimization\":7,\"governance\":11},\"distribution_by_severity\":{\"high\":27918,\"critical\":718,\"low\":79342,\"medium\":5710},\"distribution_ruleCategory\":{\"tagging\":64914,\"security\":29327,\"costOptimization\":8962,\"governance\":10485}}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(issueDistrJson); + List> issueDistribution = AssetGroupUtil.fetchIssuesInfo("", "",Arrays.asList("infra"),""); + assertThat(issueDistribution.get(0).get("domain"), is("infra")); + assertThat(issueDistribution.get(0).get("total"), is(113688l)); + } + + @Test(expected=Exception.class) + public void testFetchIssuesInfoException() throws Exception { + String issueDistrJson = "{\"data1\":{\"distribution\":{\"total_issues\":113688,\"ruleCategory_percentage\":{\"tagging\":57,\"security\":25,\"costOptimization\":7,\"governance\":11},\"distribution_by_severity\":{\"high\":27918,\"critical\":718,\"low\":79342,\"medium\":5710},\"distribution_ruleCategory\":{\"tagging\":64914,\"security\":29327,\"costOptimization\":8962,\"governance\":10485}}},\"message\":\"success\"}"; + when(HttpUtil.get(anyString(),anyString())).thenReturn(issueDistrJson); + AssetGroupUtil.fetchIssuesInfo("", "",Arrays.asList("infra"),""); + + } + +} \ No newline at end of file diff --git a/webapp/src/app/landing-page/login/login.component.css b/webapp/src/app/landing-page/login/login.component.css index d195978bc..cd478f690 100644 --- a/webapp/src/app/landing-page/login/login.component.css +++ b/webapp/src/app/landing-page/login/login.component.css @@ -39,13 +39,11 @@ h2 { } .close-button { - position: absolute; - right: 0; - top: 0; - width: 2.3em; - font-size: 2em; - transition: 0.3s ease; - color: #f2425f; + right: 0.5em; + height: 2.5em; + -webkit-transition: .3s ease; + transition: .3s ease; + cursor: pointer; } .close-button:hover { diff --git a/webapp/src/app/landing-page/login/login.component.html b/webapp/src/app/landing-page/login/login.component.html index 2d6ae778d..8eea12e4a 100644 --- a/webapp/src/app/landing-page/login/login.component.html +++ b/webapp/src/app/landing-page/login/login.component.html @@ -18,8 +18,7 @@
    - - +

    {{content.login.heading}}

    diff --git a/webapp/src/app/pacman-features/modules/assets/asset-details/asset-details.component.html b/webapp/src/app/pacman-features/modules/assets/asset-details/asset-details.component.html index c2b43643e..18a58e5be 100644 --- a/webapp/src/app/pacman-features/modules/assets/asset-details/asset-details.component.html +++ b/webapp/src/app/pacman-features/modules/assets/asset-details/asset-details.component.html @@ -223,7 +223,7 @@

    Asset Details