forked from p34709852/monkey
Before performing AWS functions, verify credentials
This commit is contained in:
parent
acc1c5207d
commit
10d513a6d5
|
@ -1,4 +1,5 @@
|
|||
import boto3
|
||||
from botocore.exceptions import ClientError
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
|
||||
|
@ -39,6 +40,14 @@ class AwsService(object):
|
|||
def get_regions():
|
||||
return AwsService.get_session().get_available_regions('ssm')
|
||||
|
||||
@staticmethod
|
||||
def test_client():
|
||||
try:
|
||||
AwsService.get_client('ssm').describe_instance_information()
|
||||
return True
|
||||
except ClientError:
|
||||
return False
|
||||
|
||||
@staticmethod
|
||||
def get_instances():
|
||||
return \
|
||||
|
|
|
@ -15,7 +15,6 @@ class RemoteRun(flask_restful.Resource):
|
|||
def run_aws_monkeys(self, request_body):
|
||||
instances = request_body.get('instances')
|
||||
island_ip = request_body.get('island_ip')
|
||||
RemoteRunAwsService.update_aws_auth_params()
|
||||
return RemoteRunAwsService.run_aws_monkeys(instances, island_ip)
|
||||
|
||||
@jwt_required()
|
||||
|
@ -25,8 +24,10 @@ class RemoteRun(flask_restful.Resource):
|
|||
is_aws = RemoteRunAwsService.is_running_on_aws()
|
||||
resp = {'is_aws': is_aws}
|
||||
if is_aws:
|
||||
RemoteRunAwsService.update_aws_auth_params()
|
||||
resp['instances'] = AwsService.get_instances()
|
||||
is_auth = RemoteRunAwsService.update_aws_auth_params()
|
||||
resp['auth'] = is_auth
|
||||
if is_auth:
|
||||
resp['instances'] = AwsService.get_instances()
|
||||
return jsonify(resp)
|
||||
|
||||
return {}
|
||||
|
@ -34,9 +35,14 @@ class RemoteRun(flask_restful.Resource):
|
|||
@jwt_required()
|
||||
def post(self):
|
||||
body = json.loads(request.data)
|
||||
resp = {}
|
||||
if body.get('type') == 'aws':
|
||||
result = self.run_aws_monkeys(body)
|
||||
return jsonify({'result': result})
|
||||
is_auth = RemoteRunAwsService.update_aws_auth_params()
|
||||
resp['auth'] = is_auth
|
||||
if is_auth:
|
||||
result = self.run_aws_monkeys(body)
|
||||
resp['result'] = result
|
||||
return jsonify(resp)
|
||||
|
||||
# default action
|
||||
return make_response({'error': 'Invalid action'}, 500)
|
||||
|
|
|
@ -10,6 +10,7 @@ __author__ = "itay.mizeretz"
|
|||
|
||||
class RemoteRunAwsService:
|
||||
aws_instance = None
|
||||
is_auth = False
|
||||
|
||||
def __init__(self):
|
||||
pass
|
||||
|
@ -48,13 +49,19 @@ class RemoteRunAwsService:
|
|||
def update_aws_auth_params():
|
||||
"""
|
||||
Updates the AWS authentication parameters according to config
|
||||
:return: None
|
||||
:return: True if new params allow successful authentication. False otherwise
|
||||
"""
|
||||
access_key_id = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_access_key_id'], False, True)
|
||||
secret_access_key = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_secret_access_key'], False, True)
|
||||
AwsService.set_auth_params(access_key_id, secret_access_key)
|
||||
|
||||
if (access_key_id != AwsService.access_key_id) or (secret_access_key != AwsService.secret_access_key):
|
||||
AwsService.set_auth_params(access_key_id, secret_access_key)
|
||||
RemoteRunAwsService.is_auth = AwsService.test_client()
|
||||
|
||||
AwsService.set_region(RemoteRunAwsService.aws_instance.region)
|
||||
|
||||
return RemoteRunAwsService.is_auth
|
||||
|
||||
@staticmethod
|
||||
def get_bitness(instances):
|
||||
"""
|
||||
|
|
Loading…
Reference in New Issue