Skip to content

Commit b4c143c

Browse files
oleksii-dowjonesoleksii-dowjones
authored
Merge pull request #69 from pasiechnay/feature/risk-normalization
Feature/risk normalization
2 parents 7158344 + 7b5872d commit b4c143c

14 files changed

Lines changed: 86 additions & 40 deletions

deployment/configs/config.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,9 @@
77
"enabled": false,
88
"server": "https://issues.example.com",
99
"issue_type": "Task",
10-
"text_field_character_limit": 32767
10+
"text_field_character_limit": 32767,
11+
"risk_field_id": "",
12+
"risk_field_param": "",
1113
},
1214
"slack": {
1315
"enabled": true,

hammer/library/config.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -276,6 +276,14 @@ def enabled(self):
276276
def text_field_character_limit(self):
277277
return self._config.get("text_field_character_limit", 0)
278278

279+
@property
280+
def risk_field_id(self):
281+
return self._config.get("risk_field_id", "")
282+
283+
@property
284+
def risk_field_param(self):
285+
return self._config.get("risk_field_param", "")
286+
279287
def __getattr__(self, key):
280288
""" Search for any attribute in config, if not found - raise exception """
281289
if key in self._config:

hammer/library/jiraoperations.py

Lines changed: 23 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -2,17 +2,23 @@
22
import logging
33
import urllib3
44

5-
65
from collections import namedtuple
76
from jira import JIRA
87
from jira import JIRAError
98
from library.utility import empty_converter
109

11-
1210
NewIssue = namedtuple('NewIssue', [
1311
'ticket_id',
1412
'ticket_assignee_id'
15-
])
13+
])
14+
15+
risk_priority_mapping = {
16+
"Critical": "Blocker",
17+
"High": "Critical",
18+
"Medium": "Major",
19+
"Low": "Minor",
20+
"Info": "Trivial"
21+
}
1622

1723

1824
class JiraReporting(object):
@@ -23,7 +29,7 @@ def __init__(self, config):
2329

2430
def add_issue(self,
2531
issue_summary, issue_description,
26-
priority, labels,
32+
risk, labels,
2733
account_id,
2834
owner=None,
2935
bu=None, product=None,
@@ -42,9 +48,18 @@ def add_issue(self,
4248
"summary": issue_summary,
4349
"description": issue_description,
4450
"issuetype": {"name": self.config.jira.issue_type},
45-
"priority": {"name": priority},
4651
"labels": labels
4752
}
53+
54+
if self.config.jira.risk_field_id:
55+
issue_data[self.config.jira.risk_field_id] = {
56+
self.config.jira.risk_field_param: risk
57+
}
58+
else:
59+
issue_data["priority"] = {
60+
{"name": risk_priority_mapping[risk]}
61+
}
62+
4863
ticket_id = self.jira.create_ticket(issue_data)
4964

5065
parent_ticket_id = self.config.owners.ticket_parent(
@@ -114,6 +129,7 @@ def ticket_url(self, ticket_id):
114129
def add_label(self, ticket_id, label):
115130
self.jira.add_label(ticket_id, label)
116131

132+
117133
class JiraOperations(object):
118134
""" Base class for interaction with JIRA """
119135
def __init__(self, config):
@@ -330,8 +346,8 @@ def add_comment(self, ticket_id, comment):
330346
def add_watcher(self, ticket_id, user):
331347
"""
332348
Adding jira ticket watcher.
333-
334-
:param ticket_id: jira ticket id
349+
350+
:param ticket_id: jira ticket id
335351
:param user: watcher user id
336352
:return: nothing
337353
"""

hammer/reporting-remediation/reporting/create_ebs_public_snapshot_issue_tickets.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,9 +91,10 @@ def create_tickets_ebs_public_snapshots(self):
9191
issue_summary = (f"EBS public snapshot '{snapshot_id}' "
9292
f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}")
9393

94+
issue_risk = "High"
9495
issue_description = (
9596
f"The EBS volume snapshot is marked as public.\n\n"
96-
f"*Risk*: High\n\n"
97+
f"*Risk*: {issue_risk}\n\n"
9798
f"*Account Name*: {account_name}\n"
9899
f"*AccountID*: {account_id}\n"
99100
f"*Region*: {region}\n"
@@ -120,7 +121,7 @@ def create_tickets_ebs_public_snapshots(self):
120121
try:
121122
response = jira.add_issue(
122123
issue_summary=issue_summary, issue_description=issue_description,
123-
priority="Major", labels=["public_snapshots"],
124+
risk=issue_risk, labels=["public_snapshots"],
124125
owner=owner,
125126
account_id=account_id,
126127
bu=bu, product=product,

hammer/reporting-remediation/reporting/create_iam_key_inactive_tickets.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -71,9 +71,10 @@ def create_jira_ticket(self):
7171

7272
create_date = dateutil.parser.parse(issue.issue_details.create_date).replace(tzinfo=None).isoformat(' ', 'minutes')
7373
last_used = dateutil.parser.parse(issue.issue_details.last_used).replace(tzinfo=None).isoformat(' ', 'minutes')
74+
issue_risk = "Low"
7475
issue_description = (
7576
f"IAM access key has not been used for {self.config.iamUserInactiveKeys.inactive_criteria_days.days} days.\n\n"
76-
f"*Risk*: Low\n\n"
77+
f"*Risk*: {issue_risk}\n\n"
7778
f"*Account Name*: {account_name}\n"
7879
f"*Account ID*: {account_id}\n"
7980
f"*User Name*: {username}\n"
@@ -94,7 +95,7 @@ def create_jira_ticket(self):
9495
try:
9596
response = jira.add_issue(
9697
issue_summary=issue_summary, issue_description=issue_description,
97-
priority="Major", labels=["inactive-iam-keys"],
98+
risk=issue_risk, labels=["inactive-iam-keys"],
9899
account_id=account_id,
99100
)
100101
except Exception:

hammer/reporting-remediation/reporting/create_iam_key_rotation_tickets.py

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -70,9 +70,10 @@ def create_jira_ticket(self):
7070
f"in '{account_name} / {account_id}' account")
7171

7272
create_date = dateutil.parser.parse(issue.issue_details.create_date).replace(tzinfo=None).isoformat(' ', 'minutes')
73+
issue_risk = "Low"
7374
issue_description = (
7475
f"IAM access key has not been rotated for {self.config.iamUserKeysRotation.rotation_criteria_days.days} days.\n\n"
75-
f"*Risk*: Low\n\n"
76+
f"*Risk*: {issue_risk}\n\n"
7677
f"*Account Name*: {account_name}\n"
7778
f"*Account ID*: {account_id}\n"
7879
f"*User Name*: {username}\n"
@@ -92,7 +93,7 @@ def create_jira_ticket(self):
9293
try:
9394
response = jira.add_issue(
9495
issue_summary=issue_summary, issue_description=issue_description,
95-
priority="Major", labels=["iam-key-rotation"],
96+
risk=issue_risk, labels=["iam-key-rotation"],
9697
account_id=account_id,
9798
)
9899
except Exception:

hammer/reporting-remediation/reporting/create_public_ami_issue_tickets.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -101,11 +101,13 @@ def create_tickets_public_ami(self):
101101
issue_summary = (f"AMI '{ami_id}' with public access "
102102
f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}")
103103

104+
issue_risk = "High"
105+
104106
issue_description = (
105107
f"AMI allows public access.\n\n"
106108
f"*Threat*: "
107109
f" .\n\n"
108-
f"*Risk*: High\n\n"
110+
f"*Risk*: {issue_risk}\n\n"
109111
f"*Account Name*: {account_name}\n"
110112
f"*Account ID*: {account_id}\n"
111113
f"*Region*: {ami_region}\n"
@@ -126,7 +128,7 @@ def create_tickets_public_ami(self):
126128
try:
127129
response = jira.add_issue(
128130
issue_summary=issue_summary, issue_description=issue_description,
129-
priority="Major", labels=["public-ami"],
131+
risk=issue_risk, labels=["public-ami"],
130132
owner=owner,
131133
account_id=account_id,
132134
bu=bu, product=product,

hammer/reporting-remediation/reporting/create_rds_public_snapshot_issue_tickets.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,9 +90,11 @@ def create_tickets_rds_public_snapshots(self):
9090
issue_summary = (f"RDS public snapshot '{snapshot_id}'"
9191
f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}")
9292

93+
issue_risk = "High"
94+
9395
issue_description = (
9496
f"The RDS snapshot is marked as public.\n\n"
95-
f"*Risk*: High\n\n"
97+
f"*Risk*: {issue_risk}\n\n"
9698
f"*Account Name*: {account_name}\n"
9799
f"*Account ID*: {account_id}\n"
98100
f"*Region*: {region}\n"
@@ -117,7 +119,7 @@ def create_tickets_rds_public_snapshots(self):
117119
try:
118120
response = jira.add_issue(
119121
issue_summary=issue_summary, issue_description=issue_description,
120-
priority="Major", labels=["rds-public-snapshots"],
122+
risk=issue_risk, labels=["rds-public-snapshots"],
121123
owner=owner,
122124
account_id=account_id,
123125
bu=bu, product=product,

hammer/reporting-remediation/reporting/create_rds_unencrypted_instance_issue_tickets.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -91,14 +91,16 @@ def create_tickets_rds_unencrypted_instances(self):
9191
issue_summary = (f"RDS unencrypted instance '{instance_name}'"
9292
f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}")
9393

94+
issue_risk = "High"
95+
9496
issue_description = (
9597
f"The RDS instance is unencrypted.\n\n"
9698
f"*Threat*: "
9799
f"Based on data protection policies, data that is classified as sensitive information or "
98100
f"intellectual property of the organization needs to be encrypted. Additionally, as part of the "
99101
f"initiative of Encryption Everywhere, it is necessary to encrypt the data in order to ensure the "
100102
f"confidentiality and integrity of the data.\n\n"
101-
f"*Risk*: High\n\n"
103+
f"*Risk*: {issue_risk}\n\n"
102104
f"*Account Name*: {account_name}\n"
103105
f"*Account ID*: {account_id}\n"
104106
f"*Region*: {region}\n"
@@ -114,7 +116,7 @@ def create_tickets_rds_unencrypted_instances(self):
114116
try:
115117
response = jira.add_issue(
116118
issue_summary=issue_summary, issue_description=issue_description,
117-
priority="Major", labels=["rds-unencrypted-instances"],
119+
risk=issue_risk, labels=["rds-unencrypted-instances"],
118120
owner=owner,
119121
account_id=account_id,
120122
bu=bu, product=product,

hammer/reporting-remediation/reporting/create_s3_unencrypted_bucket_issue_tickets.py

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -99,14 +99,16 @@ def create_tickets_s3_unencrypted_buckets(self):
9999
issue_summary = (f"S3 bucket '{bucket_name}' unencrypted "
100100
f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}")
101101

102+
issue_risk = "High"
103+
102104
issue_description = (
103105
f"Bucket is unencrypted.\n\n"
104106
f"*Threat*: "
105107
f"Based on data protection policies, data that is classified as sensitive information or "
106108
f"intellectual property of the organization needs to be encrypted. Additionally, as part of the "
107109
f"initiative of Encryption Everywhere, it is necessary to encrypt the data in order to ensure the "
108110
f"confidentiality and integrity of the data.\n\n"
109-
f"*Risk*: High\n\n"
111+
f"*Risk*: {issue_risk}\n\n"
110112
f"*Account Name*: {account_name}\n"
111113
f"*Account ID*: {account_id}\n"
112114
f"*S3 Bucket name*: {bucket_name}\n"
@@ -127,7 +129,7 @@ def create_tickets_s3_unencrypted_buckets(self):
127129
try:
128130
response = jira.add_issue(
129131
issue_summary=issue_summary, issue_description=issue_description,
130-
priority="Major", labels=["s3-unencrypted"],
132+
risk=issue_risk, labels=["s3-unencrypted"],
131133
owner=owner,
132134
account_id=account_id,
133135
bu=bu, product=product,

0 commit comments

Comments
 (0)