From 0e68b07b15834dc5a45878e58b11e543f1584dd2 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Wed, 14 Oct 2020 17:45:22 +0300 Subject: [PATCH] Modified security hub feature to work with any deployment --- monkey/monkey_island/cc/services/reporting/aws_exporter.py | 5 +++-- monkey/monkey_island/cc/services/reporting/exporter_init.py | 3 +-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/monkey/monkey_island/cc/services/reporting/aws_exporter.py b/monkey/monkey_island/cc/services/reporting/aws_exporter.py index 1ff69163e..1347775d0 100644 --- a/monkey/monkey_island/cc/services/reporting/aws_exporter.py +++ b/monkey/monkey_island/cc/services/reporting/aws_exporter.py @@ -6,13 +6,14 @@ import boto3 from botocore.exceptions import UnknownServiceError from common.cloud.aws.aws_instance import AwsInstance -from monkey_island.cc.environment import EnvironmentConfig from monkey_island.cc.services.reporting.exporter import Exporter __authors__ = ['maor.rayzin', 'shay.nehmad'] logger = logging.getLogger(__name__) +INFECTION_MONKEY_ARN = "324264561773:product/guardicore/aws-infection-monkey" + class AWSExporter(Exporter): @staticmethod @@ -68,7 +69,7 @@ class AWSExporter(Exporter): # azure and conficker are not relevant issues for an AWS env } - configured_product_arn = EnvironmentConfig.get_from_file().aws.get('sec_hub_product_arn', '') + configured_product_arn = INFECTION_MONKEY_ARN product_arn = 'arn:aws:securityhub:{region}:{arn}'.format(region=region, arn=configured_product_arn) instance_arn = 'arn:aws:ec2:' + str(region) + ':instance:{instance_id}' # Not suppressing error here on purpose. diff --git a/monkey/monkey_island/cc/services/reporting/exporter_init.py b/monkey/monkey_island/cc/services/reporting/exporter_init.py index f7f78714c..66413a064 100644 --- a/monkey/monkey_island/cc/services/reporting/exporter_init.py +++ b/monkey/monkey_island/cc/services/reporting/exporter_init.py @@ -1,6 +1,5 @@ import logging -import monkey_island.cc.environment.environment_singleton as env_singleton from monkey_island.cc.services.remote_run_aws import RemoteRunAwsService from monkey_island.cc.services.reporting.aws_exporter import AWSExporter from monkey_island.cc.services.reporting.report_exporter_manager import \ @@ -22,7 +21,7 @@ def try_add_aws_exporter_to_manager(manager): # noinspection PyBroadException try: RemoteRunAwsService.init() - if RemoteRunAwsService.is_running_on_aws() and ('aws' == env_singleton.env.get_deployment()): + if RemoteRunAwsService.is_running_on_aws(): manager.add_exporter_to_list(AWSExporter) except Exception: logger.error("Failed adding aws exporter to manager. Exception info:", exc_info=True)