From 8e6549f481c0a0e30484d6da4e2cbdd69db6b5de Mon Sep 17 00:00:00 2001
From: Shay Nehmad <shay.nehmad@guardicore.com>
Date: Wed, 10 Apr 2019 16:08:36 +0300
Subject: [PATCH] First version of new AWS code - just trying to test if it
 works on AWS.

---
 monkey/common/cloud/aws_service.py            | 33 +++++++++++++------
 .../monkey_island/cc/resources/remote_run.py  |  5 +--
 .../ui/src/components/pages/RunMonkeyPage.js  |  5 ++-
 3 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/monkey/common/cloud/aws_service.py b/monkey/common/cloud/aws_service.py
index 6479721c8..0f308f43f 100644
--- a/monkey/common/cloud/aws_service.py
+++ b/monkey/common/cloud/aws_service.py
@@ -1,4 +1,5 @@
 import boto3
+import botocore
 from botocore.exceptions import ClientError
 
 __author__ = 'itay.mizeretz'
@@ -50,14 +51,26 @@ class AwsService(object):
 
     @staticmethod
     def get_instances():
-        return \
-            [
-                {
-                    'instance_id': x['InstanceId'],
-                    'name': x['ComputerName'],
-                    'os': x['PlatformType'].lower(),
-                    'ip_address': x['IPAddress']
-                }
-                for x in AwsService.get_client('ssm').describe_instance_information()['InstanceInformationList']
-            ]
+        """
+        This function will assume that it's running on an EC2 instance with the correct IAM role.
+        See https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html#iam-role for details.
+        :return:
+        """
+        #
+        local_ssm_client = boto3.client("ssm", region_name=AwsService.region)
+        try:
+            response = local_ssm_client.describe_instance_information()
 
+            return \
+                [
+                    {
+                        'instance_id': x['InstanceId'],
+                        'name': x['ComputerName'],
+                        'os': x['PlatformType'].lower(),
+                        'ip_address': x['IPAddress']
+                    }
+                    for x in response['InstanceInformationList']
+                ]
+        except botocore.exceptions.ClientError as e:
+            print e.response + " " + e.message + " ... " + e.operation_name
+            raise e
diff --git a/monkey/monkey_island/cc/resources/remote_run.py b/monkey/monkey_island/cc/resources/remote_run.py
index ccd9fbbbe..11568bfac 100644
--- a/monkey/monkey_island/cc/resources/remote_run.py
+++ b/monkey/monkey_island/cc/resources/remote_run.py
@@ -24,10 +24,7 @@ class RemoteRun(flask_restful.Resource):
             is_aws = RemoteRunAwsService.is_running_on_aws()
             resp = {'is_aws': is_aws}
             if is_aws:
-                is_auth = RemoteRunAwsService.update_aws_auth_params()
-                resp['auth'] = is_auth
-                if is_auth:
-                    resp['instances'] = AwsService.get_instances()
+                resp['instances'] = AwsService.get_instances()
             return jsonify(resp)
 
         return {}
diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js
index 55e7279c0..ca15547c8 100644
--- a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js
+++ b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js
@@ -432,7 +432,10 @@ class RunMonkeyPageComponent extends AuthComponent {
         }
         <Collapse in={this.state.showAws}>
           {
-            this.state.isAwsAuth ? this.renderAuthAwsDiv() : this.renderNotAuthAwsDiv()
+            // this.state.isAwsAuth ? this.renderAuthAwsDiv() : this.renderNotAuthAwsDiv()
+            // TODO For now - assume running on machine with the required IAM roles. - This needs to be explained via
+            // the UI.
+            this.renderAuthAwsDiv()
           }
 
         </Collapse>