UNPKG

aws-resource-remediation

Version:

A module to remediate AWS resources.

58 lines (51 loc) 3.32 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
/** * Created by kpadmawa on 1/19/2017. */ const constants = require('./constants'); var logger = require('node-generic-logger'); const ActionExecutor = require('node-action-executor').ActionExecutor; const ActionExecutorEvents = require('node-action-executor').ActionExecutorEvents; const IAMPasswordPolicyRemediator = require('./remediators/IAMPasswordPolicyRemediator'); const IAMCredentialsRemediator = require('./remediators/IAMCredentialsRemediator'); const ElasticSearchRemediator = require('./remediators/ElasticSearchRemediator'); const S3Remediator = require('./remediators/S3Remediator'); const KMSRemediator = require('./remediators/KMSRemediator'); const CloudTrailRemediator = require('./remediators/CloudTrailRemediator'); function ResourceRemediator (dependencies) { this.remediators = {}; //for(var property in constants.ResourceTypes){ // var remediatorClass = constants.ResourceTypes[property]; // this.remediators[property] = new [remediatorClass](config, dependencies[property]); //} if(dependencies){ this.remediators[constants.ResourceTypes.IAM_CREDS] = new IAMCredentialsRemediator( dependencies[constants.ResourceTypes.IAM_CREDS]); this.remediators[constants.ResourceTypes.IAM_PASSWORD_POLICY] = new IAMPasswordPolicyRemediator( dependencies[constants.ResourceTypes.IAM_PASSWORD_POLICY]); this.remediators[constants.ResourceTypes.KMS] = new KMSRemediator( dependencies[constants.ResourceTypes.KMS]); } else { this.remediators[constants.ResourceTypes.IAM_CREDS] = new IAMCredentialsRemediator(); this.remediators[constants.ResourceTypes.IAM_PASSWORD_POLICY] = new IAMPasswordPolicyRemediator(); this.remediators[constants.ResourceTypes.KMS] = new KMSRemediator(); this.remediators[constants.ResourceTypes.S3] = new S3Remediator(); this.remediators[constants.ResourceTypes.ES_DOMAINS] = new ElasticSearchRemediator(); this.remediators[constants.ResourceTypes.CLOUD_TRAILS] = new CloudTrailRemediator(); } this.executor = new ActionExecutor(); this.executor.subscribe(this.remediators[constants.ResourceTypes.IAM_CREDS],constants.ResourceTypes.IAM_CREDS); this.executor.subscribe(this.remediators[constants.ResourceTypes.IAM_PASSWORD_POLICY],constants.ResourceTypes.IAM_PASSWORD_POLICY); this.executor.subscribe(this.remediators[constants.ResourceTypes.S3],constants.ResourceTypes.S3); this.executor.subscribe(this.remediators[constants.ResourceTypes.KMS],constants.ResourceTypes.KMS); this.executor.subscribe(this.remediators[constants.ResourceTypes.ES_DOMAINS],constants.ResourceTypes.ES_DOMAINS); this.executor.subscribe(this.remediators[constants.ResourceTypes.CLOUD_TRAILS],constants.ResourceTypes.CLOUD_TRAILS); } ResourceRemediator.prototype.remediate = function (payload, cb) { var self = this; logger.info('Remediate with params::' + JSON.stringify(payload)); var context = this.executor.handlePayload(payload , cb); context.on(ActionExecutorEvents.STATUS , function(status, args){ if('done' === status){ logger.info("\n" + JSON.stringify(args,null,2)); return cb(null,"Successfully remediated."); } }); }; module.exports = ResourceRemediator;