First version of new AWS code - just trying to test if it works on AWS.

2019-04-10 16:08:36 +03:00 · 2019-04-10 16:08:36 +03:00 · 8e6549f481
parent 8322178711
commit 8e6549f481
3 changed files with 28 additions and 15 deletions
--- a/monkey/common/cloud/aws_service.py
+++ b/monkey/common/cloud/aws_service.py
@ -1,4 +1,5 @@
 import boto3
+import botocore
 from botocore.exceptions import ClientError

 __author__ = 'itay.mizeretz'
@ -50,14 +51,26 @@ class AwsService(object):

    @staticmethod
    def get_instances():
-        return \
-            [
-                {
-                    'instance_id': x['InstanceId'],
-                    'name': x['ComputerName'],
-                    'os': x['PlatformType'].lower(),
-                    'ip_address': x['IPAddress']
-                }
-                for x in AwsService.get_client('ssm').describe_instance_information()['InstanceInformationList']
-            ]
+        """
+        This function will assume that it's running on an EC2 instance with the correct IAM role.
+        See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html#iam-role for details.
+        :return:
+        """
+        #
+        local_ssm_client = boto3.client("ssm", region_name=AwsService.region)
+        try:
+            response = local_ssm_client.describe_instance_information()

+            return \
+                [
+                    {
+                        'instance_id': x['InstanceId'],
+                        'name': x['ComputerName'],
+                        'os': x['PlatformType'].lower(),
+                        'ip_address': x['IPAddress']
+                    }
+                    for x in response['InstanceInformationList']
+                ]
+        except botocore.exceptions.ClientError as e:
+            print e.response + " " + e.message + " ... " + e.operation_name
+            raise e
--- a/monkey/monkey_island/cc/resources/remote_run.py
+++ b/monkey/monkey_island/cc/resources/remote_run.py
@ -24,10 +24,7 @@ class RemoteRun(flask_restful.Resource):
            is_aws = RemoteRunAwsService.is_running_on_aws()
            resp = {'is_aws': is_aws}
            if is_aws:
-                is_auth = RemoteRunAwsService.update_aws_auth_params()
-                resp['auth'] = is_auth
-                if is_auth:
-                    resp['instances'] = AwsService.get_instances()
+                resp['instances'] = AwsService.get_instances()
            return jsonify(resp)

        return {}
--- a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js
+++ b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js
@ -432,7 +432,10 @@ class RunMonkeyPageComponent extends AuthComponent {
        }
        <Collapse in={this.state.showAws}>
          {
-            this.state.isAwsAuth ? this.renderAuthAwsDiv() : this.renderNotAuthAwsDiv()
+            // this.state.isAwsAuth ? this.renderAuthAwsDiv() : this.renderNotAuthAwsDiv()
+            // TODO For now - assume running on machine with the required IAM roles. - This needs to be explained via
+            // the UI.
+            this.renderAuthAwsDiv()
          }

        </Collapse>