forked from p34709852/monkey
Before performing AWS functions, verify credentials
This commit is contained in:
parent
acc1c5207d
commit
10d513a6d5
|
@ -1,4 +1,5 @@
|
||||||
import boto3
|
import boto3
|
||||||
|
from botocore.exceptions import ClientError
|
||||||
|
|
||||||
__author__ = 'itay.mizeretz'
|
__author__ = 'itay.mizeretz'
|
||||||
|
|
||||||
|
@ -39,6 +40,14 @@ class AwsService(object):
|
||||||
def get_regions():
|
def get_regions():
|
||||||
return AwsService.get_session().get_available_regions('ssm')
|
return AwsService.get_session().get_available_regions('ssm')
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def test_client():
|
||||||
|
try:
|
||||||
|
AwsService.get_client('ssm').describe_instance_information()
|
||||||
|
return True
|
||||||
|
except ClientError:
|
||||||
|
return False
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_instances():
|
def get_instances():
|
||||||
return \
|
return \
|
||||||
|
|
|
@ -15,7 +15,6 @@ class RemoteRun(flask_restful.Resource):
|
||||||
def run_aws_monkeys(self, request_body):
|
def run_aws_monkeys(self, request_body):
|
||||||
instances = request_body.get('instances')
|
instances = request_body.get('instances')
|
||||||
island_ip = request_body.get('island_ip')
|
island_ip = request_body.get('island_ip')
|
||||||
RemoteRunAwsService.update_aws_auth_params()
|
|
||||||
return RemoteRunAwsService.run_aws_monkeys(instances, island_ip)
|
return RemoteRunAwsService.run_aws_monkeys(instances, island_ip)
|
||||||
|
|
||||||
@jwt_required()
|
@jwt_required()
|
||||||
|
@ -25,8 +24,10 @@ class RemoteRun(flask_restful.Resource):
|
||||||
is_aws = RemoteRunAwsService.is_running_on_aws()
|
is_aws = RemoteRunAwsService.is_running_on_aws()
|
||||||
resp = {'is_aws': is_aws}
|
resp = {'is_aws': is_aws}
|
||||||
if is_aws:
|
if is_aws:
|
||||||
RemoteRunAwsService.update_aws_auth_params()
|
is_auth = RemoteRunAwsService.update_aws_auth_params()
|
||||||
resp['instances'] = AwsService.get_instances()
|
resp['auth'] = is_auth
|
||||||
|
if is_auth:
|
||||||
|
resp['instances'] = AwsService.get_instances()
|
||||||
return jsonify(resp)
|
return jsonify(resp)
|
||||||
|
|
||||||
return {}
|
return {}
|
||||||
|
@ -34,9 +35,14 @@ class RemoteRun(flask_restful.Resource):
|
||||||
@jwt_required()
|
@jwt_required()
|
||||||
def post(self):
|
def post(self):
|
||||||
body = json.loads(request.data)
|
body = json.loads(request.data)
|
||||||
|
resp = {}
|
||||||
if body.get('type') == 'aws':
|
if body.get('type') == 'aws':
|
||||||
result = self.run_aws_monkeys(body)
|
is_auth = RemoteRunAwsService.update_aws_auth_params()
|
||||||
return jsonify({'result': result})
|
resp['auth'] = is_auth
|
||||||
|
if is_auth:
|
||||||
|
result = self.run_aws_monkeys(body)
|
||||||
|
resp['result'] = result
|
||||||
|
return jsonify(resp)
|
||||||
|
|
||||||
# default action
|
# default action
|
||||||
return make_response({'error': 'Invalid action'}, 500)
|
return make_response({'error': 'Invalid action'}, 500)
|
||||||
|
|
|
@ -10,6 +10,7 @@ __author__ = "itay.mizeretz"
|
||||||
|
|
||||||
class RemoteRunAwsService:
|
class RemoteRunAwsService:
|
||||||
aws_instance = None
|
aws_instance = None
|
||||||
|
is_auth = False
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
pass
|
pass
|
||||||
|
@ -48,13 +49,19 @@ class RemoteRunAwsService:
|
||||||
def update_aws_auth_params():
|
def update_aws_auth_params():
|
||||||
"""
|
"""
|
||||||
Updates the AWS authentication parameters according to config
|
Updates the AWS authentication parameters according to config
|
||||||
:return: None
|
:return: True if new params allow successful authentication. False otherwise
|
||||||
"""
|
"""
|
||||||
access_key_id = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_access_key_id'], False, True)
|
access_key_id = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_access_key_id'], False, True)
|
||||||
secret_access_key = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_secret_access_key'], False, True)
|
secret_access_key = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_secret_access_key'], False, True)
|
||||||
AwsService.set_auth_params(access_key_id, secret_access_key)
|
|
||||||
|
if (access_key_id != AwsService.access_key_id) or (secret_access_key != AwsService.secret_access_key):
|
||||||
|
AwsService.set_auth_params(access_key_id, secret_access_key)
|
||||||
|
RemoteRunAwsService.is_auth = AwsService.test_client()
|
||||||
|
|
||||||
AwsService.set_region(RemoteRunAwsService.aws_instance.region)
|
AwsService.set_region(RemoteRunAwsService.aws_instance.region)
|
||||||
|
|
||||||
|
return RemoteRunAwsService.is_auth
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_bitness(instances):
|
def get_bitness(instances):
|
||||||
"""
|
"""
|
||||||
|
|
Loading…
Reference in New Issue