Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/quarantine issues list #116

Merged
merged 9 commits into from
Oct 15, 2019
Merged

Feature/quarantine issues list #116

merged 9 commits into from
Oct 15, 2019

Conversation

vigneswararaomacharla
Copy link
Contributor

Added quarantine issues feature list.

@vigneswararaomacharla
Update with Quarantine list feature changes
16a9af4 
Update with Quarantine list feature changes
@vigneswararaomacharla
Updated quarantine issue changes.
7d7b5cb 
Updated quarantine issue changes.
@vigneswararaomacharla
Updated with quarantine list changes.
328bd31 
Updated with quarantine list changes.
@vigneswararaomacharla vigneswararaomacharla changed the base branch from master to dev September 23, 2019 14:46
@vigneswararaomacharla
Updated with Temp whitlist item changes.
f6ad555 
Updated with Temp whitlist item changes.
oleksii-dowjones
oleksii-dowjones reviewed Sep 24, 2019
View reviewed changes
hammer/reporting-remediation/reporting/create_cloudtrail_tickets.py

comment = (f"CloudTrail logging issue with '{region}' "
f"in '{account_name} / {account_id}' account is added to temporary whitelist.")
jira.update_issue(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this message be posted to jira for the same issue multiple times (on each reporting phase)?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we should add this message more than once, at least we shouldn't add it if nothing is changed.

@vigneswararaomacharla
Updated with review comments.
effe085 
Updated with review comments.
@vigneswararaomacharla
Updated with review comments.
a6b5154 
Updated with review comments.
@vigneswararaomacharla
Updated tempwhitelist issue changes.
29917a5 
Updated tempwhitelist issue changes.
pasiechnay
pasiechnay reviewed Oct 11, 2019
View reviewed changes
hammer/reporting-remediation/remediation/clean_s3bucket_unencrypted.py
@@ -41,6 +41,12 @@ def cleans3bucketunencrypted(self, batch=False):

in_whitelist = self.config.s3Encrypt.in_whitelist(account_id, bucket_name)
in_fixlist = True
in_temp_whitelist = self.config.s3Encrypt.in_temp_whitelist(account_id, issue.issue_id)
if in_temp_whitelist:
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This check not required because of method get_account_open_issues return just open issues, so tmpwhitelisted won't be on the list.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

check this below scenario:
Issue Identified. And issue added to temp-whitelisted,
now remediation calls, here we are not checking the Issue status, instead we are checking tempwhitelist json, if issue found in json, we are skipping this. Plz check and let me know.

hammer/reporting-remediation/reporting/create_s3bucket_policy_issue_tickets.py
bu=bu, product=product,
)
IssueOperations.set_status_temp_whitelisted(ddb_table, issue)
elif issue.status in [IssueStatus.Resolved, IssueStatus.Whitelisted]:
Copy link

@pasiechnay pasiechnay Oct 11, 2019
edited by pranav1688
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Create a new ticket without comment, that ticket is temporary whitelisted.
Description contains "Auto-Remediation Date: 2019-10-18"
Ticket#6352

Copy link
Contributor Author

@vigneswararaomacharla vigneswararaomacharla Oct 11, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed and will update changes. Comment will add in next iteration of reporting calls after ticket creation. For Auto-remediation date will add conditional block.

@vigneswararaomacharla
Updated with review comments.
db0047c 
Updated with review comments.
@vigneswararaomacharla
Updated with review comments.
adf8fdd 
Updated with review comments.
@oleksii-dowjones oleksii-dowjones merged commit 298e901 into dev Oct 15, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pasiechnay pasiechnay pasiechnay approved these changes

@oleksii-dowjones oleksii-dowjones oleksii-dowjones approved these changes

Assignees

@pranav1688 pranav1688

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@vigneswararaomacharla @pasiechnay @oleksii-dowjones @pranav1688