diff --git a/example-config.yml b/example-config.yml index aedcf0d..66597a0 100644 --- a/example-config.yml +++ b/example-config.yml @@ -2,16 +2,20 @@ loglevel: Debug WriteDirectory: test_output raids: RDS: - config: - aws_access_key: access_key - aws_secret_key: supersecret - aws_session_key: "" - aws_region: region - aws_db_instance_identifier: instance_identifier - database: test - host: localhost - password: password - port: 3306 - user: root + aws: + creds: + aws_access_key: access + aws_secret_key: supersecret + aws_session_key: "" + aws_region: us-east-1 + config: + instance_identifier: unique-id-name + database: test + host: localhost + password: password + port: 3306 + user: root + # google + # azure tactics: - CCC-Taxonomy \ No newline at end of file diff --git a/strikes/AutomatedBackups.go b/strikes/AutomatedBackups.go index 30055f9..967f1f3 100644 --- a/strikes/AutomatedBackups.go +++ b/strikes/AutomatedBackups.go @@ -7,7 +7,6 @@ import ( "github.com/aws/aws-sdk-go-v2/service/rds" "github.com/privateerproj/privateer-sdk/raidengine" "github.com/privateerproj/privateer-sdk/utils" - "github.com/spf13/viper" ) // Todo/Roadmap: Features to evaluate implementing @@ -58,8 +57,10 @@ func checkRDSInstanceMovement(cfg aws.Config) (result raidengine.MovementResult) } rdsClient := rds.NewFromConfig(cfg) + identifier, _ := getDBInstanceIdentifier() + input := &rds.DescribeDBInstancesInput{ - DBInstanceIdentifier: aws.String(viper.GetString("raids.RDS.config.aws_db_instance_identifier")), + DBInstanceIdentifier: aws.String(identifier), } instances, err := rdsClient.DescribeDBInstances(context.TODO(), input) @@ -81,13 +82,14 @@ func checkRDSAutomatedBackupMovement(cfg aws.Config) (result raidengine.Movement } rdsClient := rds.NewFromConfig(cfg) + identifier, _ := getDBInstanceIdentifier() + input := &rds.DescribeDBInstanceAutomatedBackupsInput{ - DBInstanceIdentifier: aws.String(viper.GetString("raids.RDS.config.aws_db_instance_identifier")), + DBInstanceIdentifier: aws.String(identifier), } backups, err := rdsClient.DescribeDBInstanceAutomatedBackups(context.TODO(), input) if err != nil { - // Handle error result.Message = err.Error() result.Passed = false return diff --git a/strikes/common.go b/strikes/common.go index 870a892..0530851 100644 --- a/strikes/common.go +++ b/strikes/common.go @@ -26,21 +26,28 @@ func (a *Strikes) SetLogger(loggerName string) { } func getDBConfig() (string, error) { - if viper.IsSet("raids.RDS.config") && viper.IsSet("raids.RDS.config.database") { + if viper.IsSet("raids.RDS.aws.config.host") && viper.IsSet("raids.RDS.aws.config.database") { return "database_host_placeholder", nil } return "", errors.New("database url must be set in the config file") } +func getDBInstanceIdentifier() (string, error) { + if viper.IsSet("raids.RDS.aws.config.instance_identifier") { + return viper.GetString("raids.RDS.aws.config.instance_identifier"), nil + } + return "", errors.New("database instance identifier must be set in the config file") +} + func getAWSConfig() (cfg aws.Config, err error) { - if viper.IsSet("raids.RDS.config") && - viper.IsSet("raids.RDS.config.aws_access_key") && - viper.IsSet("raids.RDS.config.aws_secret_key") { - - access_key := viper.GetString("raids.RDS.config.aws_access_key") - secret_key := viper.GetString("raids.RDS.config.aws_secret_key") - session_key := viper.GetString("raids.RDS.config.aws_session_key") - region := viper.GetString("raids.RDS.config.aws_region") + if viper.IsSet("raids.RDS.aws.creds") && + viper.IsSet("raids.RDS.aws.creds.aws_access_key") && + viper.IsSet("raids.RDS.aws.creds.aws_secret_key") { + + access_key := viper.GetString("raids.RDS.aws.creds.aws_access_key") + secret_key := viper.GetString("raids.RDS.aws.creds.aws_secret_key") + session_key := viper.GetString("raids.RDS.aws.creds.aws_session_key") + region := viper.GetString("raids.RDS.aws.creds.aws_region") creds := credentials.NewStaticCredentialsProvider(access_key, secret_key, session_key) cfg, err = config.LoadDefaultConfig(context.TODO(), config.WithCredentialsProvider(creds), config.WithRegion(region))