Created
February 2, 2022 11:56
-
-
Save chrisdoman/7eb9c8d868b55f8d9b238805bf7dbf9d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
import urllib3 | |
import requests | |
import datetime | |
import random | |
import string | |
import logging | |
def lambda_handler(event, context): | |
logging.basicConfig() | |
logging.getLogger().setLevel(logging.INFO) | |
logging.info(f"Lambda called with: {str(event)}") | |
# The hostname of the Cado Response platform | |
PLATFORM_IP = 'xxx' | |
API_URL = f'https://{PLATFORM_IP}/api/v2' | |
# The API key for cado response | |
API_KEY = 'xxx' | |
# The S3 bucket to collect the volume to prior to processing | |
BUCKET = 'xxx' | |
if "detail" not in event: | |
logging.info("No detail in message, skipping") | |
return | |
if "instanceId" not in str(event): | |
logging.info("No instance ID in message, skipping") | |
return | |
instance_id = event["detail"]["resource"]["instanceDetails"]["instanceId"] | |
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
# | |
################################################# | |
# 1. Create new project: | |
proj_dt=datetime.date.today() | |
S = 4 | |
proj_rdm = ''.join(random.choices(string.ascii_lowercase + string.digits, k = S)) | |
logging.info('Creating a new project...') | |
projects_url = API_URL + '/projects' | |
logging.info(f'->> POST - {projects_url}') | |
new_project_name = 'scan-' + str(proj_rdm) + '-' + str(proj_dt) | |
logging.info('New project name: ' + new_project_name) | |
body_params = {'caseName': new_project_name} | |
project_result = requests.post( | |
projects_url, | |
json=body_params, | |
headers={ | |
'Authorization': 'Bearer ' + API_KEY | |
}, | |
verify=False | |
) | |
project_id = project_result.json()['id'] | |
# | |
################################################# | |
# 2. Import instances | |
instance_id = event["detail"]["resource"]["instanceDetails"]["instanceId"] | |
get_ec2_instances_url = f'{API_URL}/projects/{project_id}/imports/ec2' | |
logging.info(f'About to import instance: str({instance_id})') | |
body_params = {'bucket':BUCKET,'instance_id': instance_id,'include_screenshot': 'true','include_logs': 'true','compress':'true','include_disks':'true', 'region':'us-east-2'} | |
result = requests.post( | |
get_ec2_instances_url, | |
json=body_params, | |
headers={ | |
'Authorization': 'Bearer ' + API_KEY | |
}, | |
verify=False | |
) | |
report = ('About to import instance: ', instance_id,' into project name: ', new_project_name) | |
return { | |
'statusCode': 200, | |
'body': report | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment