Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dev #94

Open
wants to merge 252 commits into
base: master
Choose a base branch
from
Open

Dev #94

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
252 commits
Select commit Hold shift + click to select a range
66c94ce
Updated with redshift insecure sgs code changes.
vigneswararaomacharla Feb 19, 2019
4420b06
Updated with redshift publicaccess issue changes.
vigneswararaomacharla Feb 21, 2019
c11b128
Added redshift logging code changes.
vigneswararaomacharla Mar 1, 2019
a4a8f44
Updated with redshift public access changes.
vigneswararaomacharla Mar 1, 2019
a6aba8f
Updated with ECS insecure sgs.
vigneswararaomacharla Mar 12, 2019
72e1bfd
Updated with ecs logging issue changes.
vigneswararaomacharla Mar 14, 2019
58d0f55
Merge remote-tracking branch 'refs/remotes/origin/dev' into feature/e…
vigneswararaomacharla Mar 25, 2019
55f104c
Updated with ECS changes.
vigneswararaomacharla Mar 26, 2019
ddb9f4e
Merge remote-tracking branch 'refs/remotes/origin/dev' into feature/e…
vigneswararaomacharla Mar 26, 2019
2e94093
Updated with ECS privileged-access changes.
vigneswararaomacharla Mar 26, 2019
1b502a1
Updated with documentation.
vigneswararaomacharla Mar 26, 2019
ce03e7a
Updated with ECS image source issue code changes.
vigneswararaomacharla Mar 26, 2019
0468e81
Updated with deployment issue changes.
vigneswararaomacharla Mar 26, 2019
37799e3
Updated with deployment issue fixes.
vigneswararaomacharla Mar 28, 2019
78804d1
Updated with ecs changes.
vigneswararaomacharla Mar 29, 2019
b53ac34
Updated with ecs image source changes.
vigneswararaomacharla Apr 1, 2019
d287548
Merge remote-tracking branch 'refs/remotes/origin/dev' into feature/r…
vigneswararaomacharla Apr 2, 2019
1b04d42
Updated with redshift changes.
vigneswararaomacharla Apr 2, 2019
512466e
Updated with redshift changes.
vigneswararaomacharla Apr 2, 2019
1a70d67
Updated with redshift public access issue changes.
vigneswararaomacharla Apr 3, 2019
ccc5f46
Merge remote-tracking branch 'refs/remotes/origin/dev' into feature/e…
vigneswararaomacharla Apr 5, 2019
2814764
Merge remote-tracking branch 'refs/remotes/origin/dev' into feature/r…
vigneswararaomacharla Apr 5, 2019
394c24f
resolved conflicts.
vigneswararaomacharla Apr 5, 2019
3e5bf5e
Add option to disable/enable jira and slack reporting separately
MrBakalo Apr 5, 2019
6fe164d
Merge remote-tracking branch 'refs/remotes/origin/dev' into feature/r…
vigneswararaomacharla Apr 8, 2019
c01e5da
Updated with redshfit encryption issue changes.
vigneswararaomacharla Apr 9, 2019
897089b
Merge remote-tracking branch 'refs/remotes/origin/dev' into feature/r…
vigneswararaomacharla Apr 9, 2019
3e7ad94
Updated with Redshift logging issue changes.
vigneswararaomacharla Apr 9, 2019
11fe7c0
Enhanced granular reporting capability
MrBakalo Apr 10, 2019
5da4ec3
Added backward compatibility for new config flags. Jira decorator fun…
MrBakalo Apr 11, 2019
056464b
Added commented functionality since reporting can be turned off for e…
MrBakalo Apr 11, 2019
abc08aa
Jira labels logic update
MrBakalo Apr 12, 2019
a49dab1
Updated with account based remediation changes.
vigneswararaomacharla May 6, 2019
14f92c2
Updated with code changes for whitelist accounts.
vigneswararaomacharla May 10, 2019
1482a0f
Merge branch 'dev' of github.com:dowjones/hammer into jira_labels_update
MrBakalo May 23, 2019
46e7d7e
Merge pull request #66 from MrBakalo/jira_labels_update
oleksii-dowjones May 23, 2019
6bae1e6
Merge branch 'dev' into jira_labels_update
ochuprykov May 28, 2019
e005d85
Fix for data type issue
MrBakalo May 29, 2019
5126b85
Merge pull request #72 from MrBakalo/jira_labels_update
oleksii-dowjones May 29, 2019
65f896d
Added exception handling to ECS issues.
vigneswararaomacharla Jun 4, 2019
d70389c
Updated with ECS logging changes.
vigneswararaomacharla Jun 4, 2019
65483ee
Updated ECS logging changes.
vigneswararaomacharla Jun 4, 2019
adb60c7
Updated with ECS privileged access issue code changes.
vigneswararaomacharla Jun 4, 2019
a6c65d1
Updated with ECS image source issue changes.
vigneswararaomacharla Jun 4, 2019
378e56c
Updated with Elasticsearch encryption issue changes.
vigneswararaomacharla Jun 6, 2019
04e2dc4
Added code changes for ES encrytion issue.
vigneswararaomacharla Jun 6, 2019
5690bd5
Added lambda function code for ES encryption issue.
vigneswararaomacharla Jun 6, 2019
0cb0f3a
Updated ddb table changes for ES encryption issue.
vigneswararaomacharla Jun 6, 2019
966b796
Updated with ES encryption issue changes.
vigneswararaomacharla Jun 7, 2019
26671ee
Added elasticsearch public access issue changes.
vigneswararaomacharla Jun 13, 2019
868922a
Updated with Elasticsearch public access changes.
vigneswararaomacharla Jun 14, 2019
c0bc005
Revert "Updated with Elasticsearch public access changes."
vigneswararaomacharla Jun 14, 2019
56c986b
Updated with Elasticsearch public access changes.
vigneswararaomacharla Jun 14, 2019
f2cfa19
Revert "Updated with Elasticsearch public access changes."
vigneswararaomacharla Jun 14, 2019
d2de771
Updated with ES publicaccess issue changes.
vigneswararaomacharla Jun 14, 2019
4167274
Added Elasticsearch logging issue changes.
vigneswararaomacharla Jun 14, 2019
8599a3d
Updated with deployment issue changes.
vigneswararaomacharla Jun 14, 2019
0222a14
Updated with ES domain logging issue changes.
vigneswararaomacharla Jun 18, 2019
709cfd4
Updated with ES logging issue documentation.
vigneswararaomacharla Jun 19, 2019
76e6add
Added ES public policy issue documentation.
vigneswararaomacharla Jun 19, 2019
ac30cf8
Updated with remediation details for ES logging issue.
vigneswararaomacharla Jun 19, 2019
463847e
Added ES unencrypted domain issue documentation
vigneswararaomacharla Jun 19, 2019
2530081
Updated with ECS image source review comment changes.
vigneswararaomacharla Jun 25, 2019
152205d
Updated with ECS image source review comments changes.
vigneswararaomacharla Jun 25, 2019
391d4c4
Updated with ECS image source review comments changes.
vigneswararaomacharla Jun 25, 2019
0829e66
Updated ECS issues review comments.
vigneswararaomacharla Jun 25, 2019
16ababe
Updated with ECS privileged access issue review comments changes.
vigneswararaomacharla Jun 25, 2019
3007cda
updated with ECS privileged access issue review comment changes.
vigneswararaomacharla Jun 25, 2019
e47f8e9
Updated with ECS logging issue review comment changes.
vigneswararaomacharla Jun 25, 2019
58b991d
Updated with ES encryption issue changes.
vigneswararaomacharla Jun 25, 2019
aba993c
Updated ECS logging testing issue changes.
vigneswararaomacharla Jun 25, 2019
a7b7eda
Updated with nested stack deployment changes.
vigneswararaomacharla Jun 26, 2019
129811d
Updated with Redshift deployment changes and docs.
vigneswararaomacharla Jun 26, 2019
7cead4d
Updated with Redshift encryption issue documentation.
vigneswararaomacharla Jun 26, 2019
dc5bbbb
Updated with nested template changes.
vigneswararaomacharla Jun 26, 2019
27c00f1
Updated with Redshift public access issue deployment changes.
vigneswararaomacharla Jun 26, 2019
0b640b9
Updated with Redshift public access deployment issues
vigneswararaomacharla Jun 26, 2019
fcb2575
Updated with deployment issue changes.
vigneswararaomacharla Jun 26, 2019
8874b99
Updated with deployment issues.
vigneswararaomacharla Jun 26, 2019
df08142
Removed unused imports.
vigneswararaomacharla Jun 26, 2019
4947b8b
Removed unused imports.
vigneswararaomacharla Jun 26, 2019
18a8cca
Removed unused imports.
vigneswararaomacharla Jun 26, 2019
1c41905
Updated with ECS external image test case changes.
vigneswararaomacharla Jun 27, 2019
4bbe28b
Updated with ECS external image source issue config changes.
vigneswararaomacharla Jun 27, 2019
f6c4020
Updated with ECS permissions and configs.
vigneswararaomacharla Jun 27, 2019
dd99926
Updated with ECS permissions and config changes.
vigneswararaomacharla Jun 27, 2019
36e4a12
Updated with ECS permissions.
vigneswararaomacharla Jun 27, 2019
90a61d4
Updated with Elasticsearch permissions and configs.
vigneswararaomacharla Jun 27, 2019
46c8728
Updated with Elasticsearch review comment changes.
vigneswararaomacharla Jun 27, 2019
baa4922
Updated with Elasticsearch logging issue review comments changes.
vigneswararaomacharla Jun 27, 2019
0910d38
Updated with ES public policy issue review changes.
vigneswararaomacharla Jun 27, 2019
d545f9d
Updated with Redshift encryption issue config changes.
vigneswararaomacharla Jun 27, 2019
6e4b198
Updated with RedshiftLogging issue permissions.
vigneswararaomacharla Jun 27, 2019
2569a0e
Removed auto-remedation related configurations.
vigneswararaomacharla Jun 27, 2019
f5b31b2
Updated with Redshift public access issue permissions.
vigneswararaomacharla Jun 27, 2019
963121a
Fixed template issues.
vigneswararaomacharla Jun 27, 2019
32529a3
Updated with Redshift permissions.
vigneswararaomacharla Jun 27, 2019
78b41bb
Fix invalid JSON
mwkaufman Jun 29, 2019
2cd289c
Fix missing topic
mwkaufman Jun 29, 2019
dbcca86
Updated with ECS external image test case changes.
vigneswararaomacharla Jul 1, 2019
fd5d92f
Added ECS privileged access issue test case changes.
vigneswararaomacharla Jul 1, 2019
56b9359
Added ECS logging issue test cases.
vigneswararaomacharla Jul 1, 2019
28b954b
Updated with testcase changes.
vigneswararaomacharla Jul 3, 2019
e793566
Updated with Redshift changes.
vigneswararaomacharla Jul 4, 2019
5d7a1f0
Updated with ddb details.
vigneswararaomacharla Jul 4, 2019
4dd258a
Updated with remediation changes.
vigneswararaomacharla Jul 4, 2019
7fa3d40
Updated with remediation flag changes.
vigneswararaomacharla Jul 4, 2019
fab299c
Updated with ESpublic access ticket chagnes.
vigneswararaomacharla Jul 4, 2019
c6f5a88
Updated with ESpublic access ticket chagnes.
vigneswararaomacharla Jul 4, 2019
c8fceea
Updated with Redshift encryption issue changes.
vigneswararaomacharla Jul 5, 2019
47b1a2c
Updated with new redshift changes.
vigneswararaomacharla Jul 5, 2019
f9f5e87
Added redshift logging unit test case changes.
vigneswararaomacharla Jul 5, 2019
34dbb71
Added redshift encryption test case changes.
vigneswararaomacharla Jul 5, 2019
691933e
Added csv and cronjob changes.
vigneswararaomacharla Jul 5, 2019
4f057ad
Added redshift unit test cases.
vigneswararaomacharla Jul 5, 2019
4e331b6
Added ECS image source unit test cases.
vigneswararaomacharla Jul 5, 2019
35fb280
Added ECSPrivileged Access issue unit test cases.
vigneswararaomacharla Jul 5, 2019
f3d46e9
Added ECSLogging issue unit test cases.
vigneswararaomacharla Jul 5, 2019
fcfd61b
Updated with redshfit encryption remediation changes.
vigneswararaomacharla Jul 5, 2019
30e0284
Added redshift encryption test cases
vigneswararaomacharla Jul 5, 2019
6ef89fe
Updated with redshift public access test case changes.
vigneswararaomacharla Jul 5, 2019
470a989
Updated with redshift public access testcases
vigneswararaomacharla Jul 5, 2019
1fae6ae
Updated with Redshift Encryption test cases.
vigneswararaomacharla Jul 5, 2019
9bb27f6
Updated with redshift logging test case changes.
vigneswararaomacharla Jul 5, 2019
03977f9
Updated with ECS Logging test case changes.
vigneswararaomacharla Jul 5, 2019
79dfea9
Updated with ECS privilegeg access unit test changes.
vigneswararaomacharla Jul 5, 2019
7016630
Updated test case conditions.
vigneswararaomacharla Jul 5, 2019
a0e5a10
Updated test case conditions.
vigneswararaomacharla Jul 5, 2019
004635d
Updated ECS imagesource test case changes.
vigneswararaomacharla Jul 5, 2019
595578d
Updated with Redshift modify cluster permissions.
vigneswararaomacharla Jul 5, 2019
1490b21
Merge branch 'dev' into feature/ecs-privileged-access
vigneswararaomacharla Jul 10, 2019
3afe0e9
Merge branch 'dev' into feature/ecslogging
vigneswararaomacharla Jul 10, 2019
072e7f4
Merge branch 'dev' into feature/ecsimagesource
vigneswararaomacharla Jul 10, 2019
8dd7cdb
Merge pull request #74 from dowjones/feature/ecs-privileged-access
pranav1688 Jul 10, 2019
b3f8379
91:AWS libraries should use boto3 Paginators wherever possible
Jul 10, 2019
8740acd
Merge branch 'dev' into feature/ecslogging
vigneswararaomacharla Jul 11, 2019
5aa131b
Merge pull request #76 from dowjones/feature/ecslogging
pranav1688 Jul 12, 2019
50dcae5
Merge branch 'dev' into feature/ecsimagesource
vigneswararaomacharla Jul 15, 2019
968b72a
Merge pull request #87 from mwkaufman/invalid_json
pranav1688 Jul 15, 2019
3da1439
Merge pull request #89 from mwkaufman/missing_topic
pranav1688 Jul 15, 2019
f587419
Merge pull request #75 from dowjones/feature/ecsimagesource
pranav1688 Jul 15, 2019
2103b7a
Updated with review comment changes.
vigneswararaomacharla Jul 22, 2019
74f60b6
Updated with review comment changes.
vigneswararaomacharla Jul 22, 2019
ce35ffe
Merge branch 'dev' into feature/redshiftlogging
vigneswararaomacharla Jul 22, 2019
eda50ae
Updated with review comment changes.
vigneswararaomacharla Jul 23, 2019
121b99c
Updated with redshift logging issue review comment changes.
vigneswararaomacharla Jul 23, 2019
7e02684
Updated with redshift review comment changes.
vigneswararaomacharla Jul 23, 2019
a39b782
Updated with review comment changes.
vigneswararaomacharla Jul 23, 2019
8b10ccd
Merge pull request #53 from dowjones/feature/redshiftlogging
pranav1688 Jul 23, 2019
c4ea08c
Removed unwanter permissions.
vigneswararaomacharla Jul 24, 2019
600460f
Merge branch 'dev' into feature/redshiftencryption
vigneswararaomacharla Jul 24, 2019
6eb42cb
Updated with review comment changes.
vigneswararaomacharla Jul 24, 2019
31fb41e
Merge pull request #52 from dowjones/feature/redshiftencryption
oleksii-dowjones Jul 24, 2019
98f4db2
Added remediation permissions.
vigneswararaomacharla Jul 25, 2019
4c7ab5f
Merge branch 'dev' into feature/redshiftpublicaccess
vigneswararaomacharla Jul 25, 2019
54a38ad
Fixed deployment issues.
vigneswararaomacharla Jul 25, 2019
d9d14d5
Merge branch 'dev' into feature/redshiftpublicaccess
vigneswararaomacharla Jul 25, 2019
f101454
Updated function name.
vigneswararaomacharla Jul 25, 2019
7250f9f
Merge branch 'dev' into feature/redshiftinsecuresgs
vigneswararaomacharla Jul 25, 2019
a35b0ce
Merge pull request #49 from dowjones/feature/redshiftpublicaccess
oleksii-dowjones Jul 25, 2019
04f2655
Merge pull request #40 from dowjones/feature/redshiftinsecuresgs
oleksii-dowjones Jul 25, 2019
e42c44b
Updated with instance type.
vigneswararaomacharla Jul 26, 2019
7376c25
Reversed instance type.
vigneswararaomacharla Jul 26, 2019
ae0f678
Added missing variable.
vigneswararaomacharla Jul 26, 2019
0c927f2
Updated with function name.
vigneswararaomacharla Jul 29, 2019
1218074
Merge branch 'dev' into feature/elasticsearch_logging
vigneswararaomacharla Jul 29, 2019
6583cf0
Merge pull request #61 from dowjones/feature/remediation_accounts
oleksii-dowjones Jul 29, 2019
1249ce4
Merge pull request #78 from dowjones/feature/elasticsearch_logging
pranav1688 Jul 29, 2019
97c4056
Updated with review comment changes.
vigneswararaomacharla Jul 29, 2019
74ed2b5
Added review comment changes.
vigneswararaomacharla Jul 29, 2019
e6fdd78
Merge branch 'dev' into feature/elasticsearch_encryption
vigneswararaomacharla Jul 29, 2019
cd5f952
Merge pull request #77 from dowjones/feature/elasticsearch_encryption
pranav1688 Jul 29, 2019
fa3d2ac
Merge branch 'dev' into feature/es_public_access
vigneswararaomacharla Jul 29, 2019
0944659
Merge pull request #79 from dowjones/feature/es_public_access
pranav1688 Jul 29, 2019
ca1b046
Merge branch 'dev' into feature/ecsinsecuresgs
vigneswararaomacharla Jul 29, 2019
cd040ac
Merge pull request #37 from dowjones/feature/ecsinsecuresgs
pranav1688 Jul 29, 2019
196170d
Updated with mapping changes.
vigneswararaomacharla Jul 30, 2019
5f1e0a6
Updated with ticket description.
vigneswararaomacharla Jul 30, 2019
596ee5d
Updated with SG assoiciated elasticsearch details.
vigneswararaomacharla Jul 30, 2019
3c6ccef
Updated with readme documentation.
vigneswararaomacharla Jul 30, 2019
cb9d960
Updated with lambda schedulers.
vigneswararaomacharla Jul 30, 2019
fb9f453
Updated with production rollout chagnes.
vigneswararaomacharla Jul 31, 2019
3bd6cda
Updated with deployment issues fix.
vigneswararaomacharla Aug 1, 2019
36e3f83
Updated with indent chagnes.
vigneswararaomacharla Aug 1, 2019
f2a8bf6
Updated indent issues.
vigneswararaomacharla Aug 2, 2019
df11552
Add workaround for hammer bot "status" command
ochuprykov Aug 5, 2019
6ba1ca1
Updated with ecs image known source issues.
vigneswararaomacharla Aug 5, 2019
9654d30
Merge pull request #95 from dowjones/fix_bot_status
pranav1688 Aug 5, 2019
f7d66c1
Updated with ECS image known sources.
vigneswararaomacharla Aug 6, 2019
d7632cb
Updated with review comment changes.
vigneswararaomacharla Aug 6, 2019
017f3aa
Merge pull request #96 from dowjones/fix/ecsimagesource
oleksii-dowjones Aug 12, 2019
beac6eb
Updated with Lambda python version for ES encryption issues.
vigneswararaomacharla Aug 19, 2019
02e328c
Updated with ES Unencrypted notification changes.
vigneswararaomacharla Aug 19, 2019
5bfb805
Revert "Updated with ES Unencrypted notification changes."
vigneswararaomacharla Aug 19, 2019
051179a
Reverting changes.
vigneswararaomacharla Aug 19, 2019
c1a6c09
Calling out 0/0 vs specific non-DJ IPs
pasiechnay Aug 20, 2019
d4c3541
Added documentation
pasiechnay Aug 21, 2019
f9c6749
Updated boto3 version.
vigneswararaomacharla Aug 21, 2019
1ed978e
Updated with boto3 version
vigneswararaomacharla Aug 21, 2019
2d76bc3
Updated code changes to fix slack user msg issues.
vigneswararaomacharla Aug 23, 2019
a850d01
Resolve conflict
pasiechnay Aug 23, 2019
344c034
Calling out 0/0 vs specific non-DJ IPs
pasiechnay Aug 23, 2019
168dbae
Merge pull request #92 from kurmiashish/paginator
pranav1688 Aug 23, 2019
6e89627
Updated with documentation changes.
vigneswararaomacharla Aug 23, 2019
5d49312
Updated with ECS notifications fix.
vigneswararaomacharla Aug 27, 2019
a29166c
Revert "Updated with ECS notifications fix."
vigneswararaomacharla Aug 27, 2019
e4ca394
Updated with ECS error handling.
vigneswararaomacharla Aug 27, 2019
e7dcb3f
Updated with ECS error notification changes.
vigneswararaomacharla Aug 27, 2019
3a82e18
Updated with Elasticsearch Error handling changes.
vigneswararaomacharla Aug 28, 2019
36020d5
Updated with Error handling changes.
vigneswararaomacharla Aug 28, 2019
19a0bff
Removed code for Error notification if issue not changed
vigneswararaomacharla Aug 29, 2019
8914145
Fixes for Ec2 userdata issues.
vigneswararaomacharla Aug 29, 2019
84e5920
Resolved conflict
pasiechnay Sep 2, 2019
62baffe
Calling out 0/0 vs specific non-DJ IPs
pasiechnay Sep 2, 2019
3619d9f
Merge branch 'jira_labels_update' of https://github.com/dowjones/hamm…
pasiechnay Sep 3, 2019
daf23fe
Merge pull request #107 from dowjones/fix/slack_notification_errors
pranav1688 Sep 4, 2019
4ce7a6a
Merge pull request #106 from dowjones/fix/slackbot_user_notifications…
pranav1688 Sep 4, 2019
c559652
Config name changes to label names
pasiechnay Sep 5, 2019
d26ffee
Config name changes to label names
pasiechnay Sep 5, 2019
4035d2e
Config name changes to label names
pasiechnay Sep 5, 2019
8360a04
Merge branch 'dev' of https://github.com/dowjones/hammer into label
pasiechnay Sep 5, 2019
6361a8d
Merge branch 'dev' of https://github.com/dowjones/hammer into develop
pasiechnay Sep 5, 2019
f6cf3e4
Calling out 0/0 vs specific non-DJ IPs
pasiechnay Sep 5, 2019
16a9af4
Update with Quarantine list feature changes
vigneswararaomacharla Sep 17, 2019
7d7b5cb
Updated quarantine issue changes.
vigneswararaomacharla Sep 18, 2019
328bd31
Updated with quarantine list changes.
vigneswararaomacharla Sep 18, 2019
f6ad555
Updated with Temp whitlist item changes.
vigneswararaomacharla Sep 24, 2019
effe085
Updated with review comments.
vigneswararaomacharla Sep 24, 2019
a6b5154
Updated with review comments.
vigneswararaomacharla Sep 24, 2019
513305e
Config name changes to label names
pasiechnay Sep 25, 2019
29917a5
Updated tempwhitelist issue changes.
vigneswararaomacharla Sep 26, 2019
c53390b
test changes
pasiechnay Sep 30, 2019
0ef49a1
Updated with boto3 version for Elasticsearch issue.
vigneswararaomacharla Oct 4, 2019
706bcdc
Updated with AMI remediation issue.
vigneswararaomacharla Oct 4, 2019
aa57ed6
Updated with PublicAMI remediation changes.
vigneswararaomacharla Oct 4, 2019
7edfebe
Merge pull request #119 from dowjones/fix/error_traceback_issues
oleksii-dowjones Oct 7, 2019
6b31dc7
Updated PublicAMI Lambda function memory changes.
vigneswararaomacharla Oct 7, 2019
db0047c
Updated with review comments.
vigneswararaomacharla Oct 11, 2019
adf8fdd
Updated with review comments.
vigneswararaomacharla Oct 11, 2019
298e901
Merge pull request #116 from dowjones/feature/quarantine-issues-list
oleksii-dowjones Oct 15, 2019
c493a7f
Updated with schedulers.
vigneswararaomacharla Oct 23, 2019
06d6334
Merge pull request #120 from dowjones/fix/identification_schedulers
pranav1688 Oct 23, 2019
a42b4ca
Merge branch 'dev' of https://github.com/dowjones/hammer into label
pasiechnay Nov 27, 2019
453c2ab
Merge branch 'dev' of https://github.com/dowjones/hammer into dev_or
pasiechnay Nov 28, 2019
f859106
Merge pull request #99 from pasiechnay/dev
oleksii-dowjones Jan 30, 2020
2bf6fb4
Merge pull request #110 from pasiechnay/labels
oleksii-dowjones Jan 30, 2020
fa489eb
Fixed scan API request with specified tags parameter
pasiechnay Feb 13, 2020
9300843
Merge pull request #123 from pasiechnay/api_scan_fix
pranav1688 Feb 24, 2020
a98371c
Fix ius-release installation
ochuprykov Jun 1, 2020
c977dc2
Merge pull request #130 from dowjones/fix_ius_release
oleksii-dowjones Jun 1, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,15 @@ Dow Jones Hammer documentation is available via GitHub Pages at [https://dowjone
* [S3 Unencrypted Buckets](https://dowjones.github.io/hammer/playbook11_s3_unencryption.html)
* [RDS Unencrypted Instances](https://dowjones.github.io/hammer/playbook12_rds_unencryption.html)
* [AMIs Public Access](https://dowjones.github.io/hammer/playbook13_amis_public_access.html)
* [Redshift Unencrypted Clusters](https://dowjones.github.io/hammer/playbook15_redshift_unencryption.html)
* [Redshift Public Clusters](https://dowjones.github.io/hammer/playbook16_redshift_public_clusters.html)
* [Redshift Logging Issues](https://dowjones.github.io/hammer/playbook17_redshift_audit_logging.html)
* [ECS Logging Issues](https://dowjones.github.io/hammer/playbook18_ecs_logging.html)
* [ECS Privileged Access Issues](https://dowjones.github.io/hammer/playbook19_ecs_privileged_access.html)
* [ECS Exteranal Image Source Issues](https://dowjones.github.io/hammer/playbook20_ecs_external_image_source.html)
* [Elasticsearch Unencrypted Domains](https://dowjones.github.io/hammer/playbook21_elasticsearch_unencryption.html)
* [Elasticsearch Public Domains](https://dowjones.github.io/hammer/playbook22_elasticsearch_public_access.html)
* [Elasticsearch Logging Issues](https://dowjones.github.io/hammer/playbook23_elasticsearch_logging.html)

## Technologies
* Python 3.6
Expand Down
2 changes: 1 addition & 1 deletion deployment/build_packages.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ SCRIPT_PATH="$( cd "$(dirname "$0")" ; pwd -P )"
PACKAGES_DIR="${SCRIPT_PATH}/packages/"
LIBRARY="${SCRIPT_PATH}/../hammer/library"

LAMBDAS="ami-info logs-forwarder ddb-tables-backup sg-issues-identification s3-acl-issues-identification s3-policy-issues-identification iam-keyrotation-issues-identification iam-user-inactive-keys-identification cloudtrails-issues-identification ebs-unencrypted-volume-identification ebs-public-snapshots-identification rds-public-snapshots-identification sqs-public-policy-identification s3-unencrypted-bucket-issues-identification rds-unencrypted-instance-identification ami-public-access-issues-identification api"
LAMBDAS="ami-info logs-forwarder ddb-tables-backup sg-issues-identification s3-acl-issues-identification s3-policy-issues-identification iam-keyrotation-issues-identification iam-user-inactive-keys-identification cloudtrails-issues-identification ebs-unencrypted-volume-identification ebs-public-snapshots-identification rds-public-snapshots-identification sqs-public-policy-identification s3-unencrypted-bucket-issues-identification rds-unencrypted-instance-identification ami-public-access-issues-identification api ecs-privileged-access-issues-identification ecs-logging-issues-identification ecs-external-image-source-issues-identification redshift-audit-logging-issues-identification redshift-unencrypted-cluster-identification redshift-cluster-public-access-identification elasticsearch-domain-logging-issues-identification elasticsearch-unencrypted-domain-identification elasticsearch-public-access-domain-identification"

pushd "${SCRIPT_PATH}" > /dev/null
pushd ../hammer/identification/lambdas > /dev/null
Expand Down
287 changes: 286 additions & 1 deletion deployment/cf-templates/ddb.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "25",
"ReadCapacityUnits": "50",
"WriteCapacityUnits": "2"
},
"SSESpecification": {
Expand Down Expand Up @@ -480,6 +480,291 @@
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "api-requests" ] ]}
}
},
"DynamoDBECSPrivilegedAccess": {
"Type": "AWS::DynamoDB::Table",
"DeletionPolicy": "Retain",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "ecs-privileged-access" ] ]}
}
},
"DynamoDBECSLogging": {
"Type": "AWS::DynamoDB::Table",
"DeletionPolicy": "Retain",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "ecs-logging" ] ]}
}
},
"DynamoDBECSExternalImageSource": {
"Type": "AWS::DynamoDB::Table",
"DeletionPolicy": "Retain",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "ecs-external-image-source" ] ]}
}
},
"DynamoDBRedshiftLogging": {
"Type": "AWS::DynamoDB::Table",
"DeletionPolicy": "Retain",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "redshift-logging" ] ]}
}
},
"DynamoDBRedshiftClusterEncryption": {
"Type": "AWS::DynamoDB::Table",
"DeletionPolicy": "Retain",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "redshift-unencrypted" ] ]}
}
},
"DynamoDBRedshiftClusterPublicAccess": {
"Type": "AWS::DynamoDB::Table",
"DeletionPolicy": "Retain",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "redshift-public-access" ] ]}
}
},
"DynamoDBESLoggingRequests": {
"Type": "AWS::DynamoDB::Table",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "es-domain-logging" ] ]}
}
},
"DynamoDBESEncryptionRequests": {
"Type": "AWS::DynamoDB::Table",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "es-unencrypted-domain" ] ]}
}
},
"DynamoDBESPublicAccessRequests": {
"Type": "AWS::DynamoDB::Table",
"DependsOn": ["DynamoDBCredentials"],
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "account_id",
"AttributeType": "S"
},
{
"AttributeName": "issue_id",
"AttributeType": "S"
}
],
"KeySchema": [
{
"AttributeName": "account_id",
"KeyType": "HASH"
},
{
"AttributeName": "issue_id",
"KeyType": "RANGE"
}
],
"ProvisionedThroughput": {
"ReadCapacityUnits": "10",
"WriteCapacityUnits": "2"
},
"TableName": {"Fn::Join" : ["", [ { "Ref": "ResourcesPrefix" }, "es-public-access-domain" ] ]}
}
}
}
}
47 changes: 46 additions & 1 deletion deployment/cf-templates/identification-crossaccount-role.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@
"ec2:DescribeInstances",
"ec2:DescribeRouteTables",
"ec2:DescribeSubnets",
"ec2:DescribeImages",
"ec2:DescribeImages"
],
"Resource": "*"
},
Expand All @@ -63,6 +63,18 @@
],
"Resource": "*"
},
{
"Sid": "RedshiftIssues",
"Effect": "Allow",
"Action": [
"redshift:DescribeClusterSecurityGroups",
"redshift:DescribeClusterParameterGroups",
"redshift:DescribeLoggingStatus",
"redshift:GetClusterCredentials",
"redshift:DescribeClusters"
],
"Resource": "*"
},
{
"Sid": "IamIssues",
"Effect": "Allow",
Expand Down Expand Up @@ -115,6 +127,39 @@
"sqs:ListQueueTags"
],
"Resource": "*"
},
{
"Sid": "ECSIssues",
"Effect": "Allow",
"Action": [
"ecs:Describe*",
"ecs:List*"
],
"Resource": "*"
},
{
"Sid": "RedshiftIssues",
"Effect": "Allow",
"Action": [
"redshift:DescribeClusterSecurityGroups",
"redshift:DescribeClusterParameterGroups",
"redshift:DescribeLoggingStatus",
"redshift:GetClusterCredentials",
"redshift:DescribeClusters"
],
"Resource": "*"
},
{
"Sid": "ESIssues",
"Effect": "Allow",
"Action": [
"es:ListDomainNames",
"es:DescribeElasticsearchDomain",
"es:DescribeElasticsearchDomainConfig",
"es:DescribeElasticsearchDomains",
"es:ListTags"
],
"Resource": "*"
}
]
}
Expand Down
Loading