Class: HeimdallTools::AwsConfigMapper

Inherits:
Object
  • Object
show all
Defined in:
lib/heimdall_tools/aws_config_mapper.rb

Instance Method Summary collapse

Constructor Details

#initialize(custom_mapping, endpoint = nil) ⇒ AwsConfigMapper

Returns a new instance of AwsConfigMapper.



21
22
23
24
25
26
27
28
29
30
 
# File 'lib/heimdall_tools/aws_config_mapper.rb', line 21

def initialize(custom_mapping, endpoint = nil)
  @default_mapping = get_rule_mapping(AWS_CONFIG_MAPPING_FILE)
  @custom_mapping = custom_mapping.nil? ? {} : get_rule_mapping(custom_mapping)
  if endpoint.nil?
    @client = Aws::ConfigService::Client.new
  else
    @client = Aws::ConfigService::Client.new(endpoint: endpoint)
  end
  @issues = get_all_config_rules
end

Instance Method Details

#to_hdfObject

Convert to HDF

If there is overlap in rule names from @default_mapping and @custom_mapping, then the tags from both will be added to the rule.



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
# File 'lib/heimdall_tools/aws_config_mapper.rb', line 37

def to_hdf
  controls = @issues.map do |issue|
    @item = {}
    @item['id']              = issue[:config_rule_id]
    @item['title']           = "#{(issue[:config_rule_arn])} - #{issue[:config_rule_name]}"
    @item['desc']            = issue[:description]
    @item['impact']          = 0.5
    @item['tags']            = hdf_tags(issue)
    @item['descriptions']    = hdf_descriptions(issue)
    @item['refs']            = NA_ARRAY
    @item['source_location'] = { ref: issue[:config_rule_arn], line: 1 }
    @item['code']            = ''
    @item['results']         = issue[:results]
    # Avoid duplicating rules that exist in the custom mapping as 'unmapped' in this loop
    if @custom_mapping.include?(issue[:config_rule_name]) && !@default_mapping.include?(issue[:config_rule_name])
      nil
    else
      @item
    end
  end

  results = HeimdallDataFormat.new(
    profile_name: 'AWS Config',
    title: 'AWS Config',
    summary: 'AWS Config',
    controls: controls,
    statistics: { aws_config_sdk_version: Aws::ConfigService::GEM_VERSION },
  )
  results.to_hdf
end