From 1e42629784f797e8304ad6be6f3f5d9db0dc4dee Mon Sep 17 00:00:00 2001 From: "yevheniia.pasiechna@dowjones.com" Date: Fri, 29 Mar 2019 11:57:55 +0200 Subject: [PATCH 1/5] Normalize Risks and stop using Priority while creating tickets --- hammer/library/jiraoperations.py | 7 ++++--- .../create_ebs_public_snapshot_issue_tickets.py | 5 +++-- .../reporting/create_iam_key_inactive_tickets.py | 5 +++-- .../reporting/create_iam_key_rotation_tickets.py | 5 +++-- .../reporting/create_public_ami_issue_tickets.py | 6 ++++-- .../create_rds_public_snapshot_issue_tickets.py | 6 ++++-- .../create_rds_unencrypted_instance_issue_tickets.py | 6 ++++-- .../create_s3_unencrypted_bucket_issue_tickets.py | 6 ++++-- .../reporting/create_s3bucket_acl_issue_tickets.py | 6 ++++-- .../reporting/create_s3bucket_policy_issue_tickets.py | 6 ++++-- .../reporting/create_security_groups_tickets.py | 10 ++++------ .../reporting/create_sqs_policy_issue_tickets.py | 6 ++++-- 12 files changed, 45 insertions(+), 29 deletions(-) diff --git a/hammer/library/jiraoperations.py b/hammer/library/jiraoperations.py index cc71c00e..f9ab9793 100755 --- a/hammer/library/jiraoperations.py +++ b/hammer/library/jiraoperations.py @@ -23,7 +23,7 @@ def __init__(self, config): def add_issue(self, issue_summary, issue_description, - priority, labels, + risk, labels, account_id, owner=None, bu=None, product=None, @@ -42,8 +42,9 @@ def add_issue(self, "summary": issue_summary, "description": issue_description, "issuetype": {"name": self.config.jira.issue_type}, - "priority": {"name": priority}, - "labels": labels + "labels": labels, + # Risk Rating field + "customfield_16602": {"value": risk} } ticket_id = self.jira.create_ticket(issue_data) diff --git a/hammer/reporting-remediation/reporting/create_ebs_public_snapshot_issue_tickets.py b/hammer/reporting-remediation/reporting/create_ebs_public_snapshot_issue_tickets.py index 711af0e7..422b1f71 100755 --- a/hammer/reporting-remediation/reporting/create_ebs_public_snapshot_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_ebs_public_snapshot_issue_tickets.py @@ -91,9 +91,10 @@ def create_tickets_ebs_public_snapshots(self): issue_summary = (f"EBS public snapshot '{snapshot_id}' " f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}") + issue_risk = "High" issue_description = ( f"The EBS volume snapshot is marked as public.\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*AccountID*: {account_id}\n" f"*Region*: {region}\n" @@ -120,7 +121,7 @@ def create_tickets_ebs_public_snapshots(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["public_snapshots"], + risk=issue_risk, labels=["public_snapshots"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_iam_key_inactive_tickets.py b/hammer/reporting-remediation/reporting/create_iam_key_inactive_tickets.py index 3599985f..40ef13a5 100755 --- a/hammer/reporting-remediation/reporting/create_iam_key_inactive_tickets.py +++ b/hammer/reporting-remediation/reporting/create_iam_key_inactive_tickets.py @@ -71,9 +71,10 @@ def create_jira_ticket(self): create_date = dateutil.parser.parse(issue.issue_details.create_date).replace(tzinfo=None).isoformat(' ', 'minutes') last_used = dateutil.parser.parse(issue.issue_details.last_used).replace(tzinfo=None).isoformat(' ', 'minutes') + issue_risk = "Low" issue_description = ( f"IAM access key has not been used for {self.config.iamUserInactiveKeys.inactive_criteria_days.days} days.\n\n" - f"*Risk*: Low\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*User Name*: {username}\n" @@ -94,7 +95,7 @@ def create_jira_ticket(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["inactive-iam-keys"], + risk=issue_risk, labels=["inactive-iam-keys"], account_id=account_id, ) except Exception: diff --git a/hammer/reporting-remediation/reporting/create_iam_key_rotation_tickets.py b/hammer/reporting-remediation/reporting/create_iam_key_rotation_tickets.py index 1ba4d351..e807937b 100755 --- a/hammer/reporting-remediation/reporting/create_iam_key_rotation_tickets.py +++ b/hammer/reporting-remediation/reporting/create_iam_key_rotation_tickets.py @@ -70,9 +70,10 @@ def create_jira_ticket(self): f"in '{account_name} / {account_id}' account") create_date = dateutil.parser.parse(issue.issue_details.create_date).replace(tzinfo=None).isoformat(' ', 'minutes') + issue_risk = "Low" issue_description = ( f"IAM access key has not been rotated for {self.config.iamUserKeysRotation.rotation_criteria_days.days} days.\n\n" - f"*Risk*: Low\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*User Name*: {username}\n" @@ -92,7 +93,7 @@ def create_jira_ticket(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["iam-key-rotation"], + risk=issue_risk, labels=["iam-key-rotation"], account_id=account_id, ) except Exception: diff --git a/hammer/reporting-remediation/reporting/create_public_ami_issue_tickets.py b/hammer/reporting-remediation/reporting/create_public_ami_issue_tickets.py index 3e33173f..3e21d148 100644 --- a/hammer/reporting-remediation/reporting/create_public_ami_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_public_ami_issue_tickets.py @@ -95,11 +95,13 @@ def create_tickets_public_ami(self): issue_summary = (f"AMI '{ami_id}' with public access " f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}") + issue_risk = "High" + issue_description = ( f"AMI allows public access.\n\n" f"*Threat*: " f" .\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*Region*: {ami_region}\n" @@ -120,7 +122,7 @@ def create_tickets_public_ami(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["public-ami"], + risk=issue_risk, labels=["public-ami"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_rds_public_snapshot_issue_tickets.py b/hammer/reporting-remediation/reporting/create_rds_public_snapshot_issue_tickets.py index a8562f28..b0168f46 100755 --- a/hammer/reporting-remediation/reporting/create_rds_public_snapshot_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_rds_public_snapshot_issue_tickets.py @@ -90,9 +90,11 @@ def create_tickets_rds_public_snapshots(self): issue_summary = (f"RDS public snapshot '{snapshot_id}'" f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}") + issue_risk = "High" + issue_description = ( f"The RDS snapshot is marked as public.\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*Region*: {region}\n" @@ -117,7 +119,7 @@ def create_tickets_rds_public_snapshots(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["rds-public-snapshots"], + risk=issue_risk, labels=["rds-public-snapshots"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_rds_unencrypted_instance_issue_tickets.py b/hammer/reporting-remediation/reporting/create_rds_unencrypted_instance_issue_tickets.py index 9ab1a12a..08095a35 100644 --- a/hammer/reporting-remediation/reporting/create_rds_unencrypted_instance_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_rds_unencrypted_instance_issue_tickets.py @@ -91,6 +91,8 @@ def create_tickets_rds_unencrypted_instances(self): issue_summary = (f"RDS unencrypted instance '{instance_name}'" f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}") + issue_risk = "High" + issue_description = ( f"The RDS instance is unencrypted.\n\n" f"*Threat*: " @@ -98,7 +100,7 @@ def create_tickets_rds_unencrypted_instances(self): f"intellectual property of the organization needs to be encrypted. Additionally, as part of the " f"initiative of Encryption Everywhere, it is necessary to encrypt the data in order to ensure the " f"confidentiality and integrity of the data.\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*Region*: {region}\n" @@ -114,7 +116,7 @@ def create_tickets_rds_unencrypted_instances(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["rds-unencrypted-instances"], + risk=issue_risk, labels=["rds-unencrypted-instances"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_s3_unencrypted_bucket_issue_tickets.py b/hammer/reporting-remediation/reporting/create_s3_unencrypted_bucket_issue_tickets.py index 431b97a4..60c74c27 100644 --- a/hammer/reporting-remediation/reporting/create_s3_unencrypted_bucket_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_s3_unencrypted_bucket_issue_tickets.py @@ -99,6 +99,8 @@ def create_tickets_s3_unencrypted_buckets(self): issue_summary = (f"S3 bucket '{bucket_name}' unencrypted " f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}") + issue_risk = "High" + issue_description = ( f"Bucket is unencrypted.\n\n" f"*Threat*: " @@ -106,7 +108,7 @@ def create_tickets_s3_unencrypted_buckets(self): f"intellectual property of the organization needs to be encrypted. Additionally, as part of the " f"initiative of Encryption Everywhere, it is necessary to encrypt the data in order to ensure the " f"confidentiality and integrity of the data.\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*S3 Bucket name*: {bucket_name}\n" @@ -127,7 +129,7 @@ def create_tickets_s3_unencrypted_buckets(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["s3-unencrypted"], + risk=issue_risk, labels=["s3-unencrypted"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_s3bucket_acl_issue_tickets.py b/hammer/reporting-remediation/reporting/create_s3bucket_acl_issue_tickets.py index 455c94a5..a8f75228 100755 --- a/hammer/reporting-remediation/reporting/create_s3bucket_acl_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_s3bucket_acl_issue_tickets.py @@ -107,11 +107,13 @@ def create_tickets_s3buckets(self): issue_summary = (f"S3 bucket '{bucket_name}' with public acl " f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}") + issue_risk = "High" + issue_description = ( f"Bucket ACL allows unrestricted public access.\n\n" f"*Threat*: " f"This creates potential security vulnerabilities by allowing anyone to add, modify, or remove items in a bucket.\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*S3 Bucket name*: {bucket_name}\n" @@ -139,7 +141,7 @@ def create_tickets_s3buckets(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["publics3"], + risk=issue_risk, labels=["publics3"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_s3bucket_policy_issue_tickets.py b/hammer/reporting-remediation/reporting/create_s3bucket_policy_issue_tickets.py index eeab5efb..b6014dd5 100755 --- a/hammer/reporting-remediation/reporting/create_s3bucket_policy_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_s3bucket_policy_issue_tickets.py @@ -111,11 +111,13 @@ def create_tickets_s3buckets(self): issue_summary = (f"S3 bucket '{bucket_name}' with public policy " f"in '{account_name} / {account_id}' account{' [' + bu + ']' if bu else ''}") + issue_risk = "High" + issue_description = ( f"Bucket policy allows unrestricted public access.\n\n" f"*Threat*: " f"This creates potential security vulnerabilities by allowing anyone to add, modify, or remove items in a bucket.\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*S3 Bucket name*: {bucket_name}\n" @@ -142,7 +144,7 @@ def create_tickets_s3buckets(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["publics3"], + risk=issue_risk, labels=["publics3"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_security_groups_tickets.py b/hammer/reporting-remediation/reporting/create_security_groups_tickets.py index a431924d..c9021612 100755 --- a/hammer/reporting-remediation/reporting/create_security_groups_tickets.py +++ b/hammer/reporting-remediation/reporting/create_security_groups_tickets.py @@ -297,7 +297,9 @@ def create_tickets_securitygroups(self): open_port_details = self.build_open_ports_table_jira(issue.issue_details.perms) - account_details = (f"*Risk*: High\n\n" + issue_risk = "High" + + account_details = (f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*SG Name*: {group_name}\n" @@ -360,7 +362,6 @@ def create_tickets_securitygroups(self): source_description = "allows access from some definite public ip addresses or networks" if sg_public: - priority = "Critical" summary_status = "Internet" issue_description = (f"Security group has EC2 instances in public subnets " f"with public IP address attached and " @@ -379,7 +380,6 @@ def create_tickets_securitygroups(self): f"critical services.\n" ) elif sg_blind_public: - priority = "Critical" summary_status = "Internet" issue_description = (f"Security group has EC2 instances in private subnets " f"with public IP address attached and " @@ -393,7 +393,6 @@ def create_tickets_securitygroups(self): f"instances when someone is probing the public IP of the instances. " f"However, there will be no return traffic due to the lack of an IGW.\n") elif not sg_in_use: - priority = "Minor" summary_status = "Unused" issue_description = (f"Security group has no EC2 instances attached and " f"{source_description} " @@ -404,7 +403,6 @@ def create_tickets_securitygroups(self): f"opportunities for malicious activity (hacking, denial-of-service attacks, " f"loss of data).\n") else: - priority = "Major" summary_status = "Intranet" issue_description = ( f"Security group has EC2 instances in in private subnets and " @@ -455,7 +453,7 @@ def create_tickets_securitygroups(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority=priority, labels=["insecure-services"], + risk=issue_risk, labels=["insecure-services"], owner=owner, account_id=account_id, bu=bu, product=product, diff --git a/hammer/reporting-remediation/reporting/create_sqs_policy_issue_tickets.py b/hammer/reporting-remediation/reporting/create_sqs_policy_issue_tickets.py index 42f934d3..a7bbe900 100644 --- a/hammer/reporting-remediation/reporting/create_sqs_policy_issue_tickets.py +++ b/hammer/reporting-remediation/reporting/create_sqs_policy_issue_tickets.py @@ -114,11 +114,13 @@ def create_tickets_sqs_policy(self): f"in '{account_name} / {account_id}' account, '{queue_region}' region" f"{' [' + bu + ']' if bu else ''}") + issue_risk = "High" + issue_description = ( f"Queue policy allows unrestricted public access.\n\n" f"*Threat*: " f"This creates potential security vulnerabilities by allowing anyone to add, modify, or remove items in a SQS.\n\n" - f"*Risk*: High\n\n" + f"*Risk*: {issue_risk}\n\n" f"*Account Name*: {account_name}\n" f"*Account ID*: {account_id}\n" f"*SQS queue url*: {queue_url}\n" @@ -146,7 +148,7 @@ def create_tickets_sqs_policy(self): try: response = jira.add_issue( issue_summary=issue_summary, issue_description=issue_description, - priority="Major", labels=["publicsqs"], + risk=issue_risk, labels=["publicsqs"], owner=owner, account_id=account_id, bu=bu, product=product, From 2d6ee59792602cfc19a9d3acf61ab0c902fb8f60 Mon Sep 17 00:00:00 2001 From: "yevheniia.pasiechna@dowjones.com" Date: Fri, 12 Apr 2019 14:56:02 +0300 Subject: [PATCH 2/5] Normalize Risks and stop using Priority while creating tickets --- deployment/configs/config.json | 4 +++- hammer/library/config.py | 8 ++++++++ hammer/library/jiraoperations.py | 25 ++++++++++++++++++------- 3 files changed, 29 insertions(+), 8 deletions(-) diff --git a/deployment/configs/config.json b/deployment/configs/config.json index 68bb3bef..13479a80 100755 --- a/deployment/configs/config.json +++ b/deployment/configs/config.json @@ -7,7 +7,9 @@ "enabled": false, "server": "https://issues.example.com", "issue_type": "Task", - "text_field_character_limit": 32767 + "text_field_character_limit": 32767, + "risk_field_id": "", + "risk_field_param": "", }, "slack": { "enabled": true, diff --git a/hammer/library/config.py b/hammer/library/config.py index 504f1a1d..d9af1964 100755 --- a/hammer/library/config.py +++ b/hammer/library/config.py @@ -276,6 +276,14 @@ def enabled(self): def text_field_character_limit(self): return self._config.get("text_field_character_limit", 0) + @property + def risk_field_id(self): + return self._config.get("risk_field_id", "") + + @property + def risk_field_param(self): + return self._config.get("risk_field_param", "") + def __getattr__(self, key): """ Search for any attribute in config, if not found - raise exception """ if key in self._config: diff --git a/hammer/library/jiraoperations.py b/hammer/library/jiraoperations.py index f9ab9793..81bb36ae 100755 --- a/hammer/library/jiraoperations.py +++ b/hammer/library/jiraoperations.py @@ -2,17 +2,23 @@ import logging import urllib3 - from collections import namedtuple from jira import JIRA from jira import JIRAError from library.utility import empty_converter - NewIssue = namedtuple('NewIssue', [ 'ticket_id', 'ticket_assignee_id' - ]) +]) + +risk_priority_mapping = { + "Critical": "Blocker", + "High": "Critical", + "Medium": "Major", + "Low": "Minor", + "Information": "Trivial" +} class JiraReporting(object): @@ -43,9 +49,14 @@ def add_issue(self, "description": issue_description, "issuetype": {"name": self.config.jira.issue_type}, "labels": labels, - # Risk Rating field - "customfield_16602": {"value": risk} + "priority": {"name": risk_priority_mapping[risk]}, } + + if self.config.jira.risk_field_id: + issue_data[self.config.jira.risk_field_id] = { + self.config.jira.risk_field_param: risk + } + ticket_id = self.jira.create_ticket(issue_data) parent_ticket_id = self.config.owners.ticket_parent( @@ -331,8 +342,8 @@ def add_comment(self, ticket_id, comment): def add_watcher(self, ticket_id, user): """ Adding jira ticket watcher. - - :param ticket_id: jira ticket id + + :param ticket_id: jira ticket id :param user: watcher user id :return: nothing """ From 7b5872d6b46d55fe7f5b79bd223a80a2d7737524 Mon Sep 17 00:00:00 2001 From: "yevheniia.pasiechna@dowjones.com" Date: Fri, 24 May 2019 17:32:59 +0300 Subject: [PATCH 3/5] Normalize Risks and stop using Priority while creating tickets --- hammer/library/jiraoperations.py | 10 +++++--- .../create_security_groups_tickets.py | 23 +++++++++++-------- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/hammer/library/jiraoperations.py b/hammer/library/jiraoperations.py index 81bb36ae..eed2d775 100755 --- a/hammer/library/jiraoperations.py +++ b/hammer/library/jiraoperations.py @@ -17,7 +17,7 @@ "High": "Critical", "Medium": "Major", "Low": "Minor", - "Information": "Trivial" + "Info": "Trivial" } @@ -48,14 +48,17 @@ def add_issue(self, "summary": issue_summary, "description": issue_description, "issuetype": {"name": self.config.jira.issue_type}, - "labels": labels, - "priority": {"name": risk_priority_mapping[risk]}, + "labels": labels } if self.config.jira.risk_field_id: issue_data[self.config.jira.risk_field_id] = { self.config.jira.risk_field_param: risk } + else: + issue_data["priority"] = { + {"name": risk_priority_mapping[risk]} + } ticket_id = self.jira.create_ticket(issue_data) @@ -126,6 +129,7 @@ def ticket_url(self, ticket_id): def add_label(self, ticket_id, label): self.jira.add_label(ticket_id, label) + class JiraOperations(object): """ Base class for interaction with JIRA """ def __init__(self, config): diff --git a/hammer/reporting-remediation/reporting/create_security_groups_tickets.py b/hammer/reporting-remediation/reporting/create_security_groups_tickets.py index f398d84b..0fd4847f 100755 --- a/hammer/reporting-remediation/reporting/create_security_groups_tickets.py +++ b/hammer/reporting-remediation/reporting/create_security_groups_tickets.py @@ -297,16 +297,7 @@ def create_tickets_securitygroups(self): open_port_details = self.build_open_ports_table_jira(issue.issue_details.perms) - issue_risk = "High" - - account_details = (f"*Risk*: {issue_risk}\n\n" - f"*Account Name*: {account_name}\n" - f"*Account ID*: {account_id}\n" - f"*SG Name*: {group_name}\n" - f"*SG ID*: {group_id}\n" - f"*Region*: {group_region}\n") - account_details += f"*VPC*: {group_vpc_id}\n\n" if group_vpc_id else "\n" account = Account(id=account_id, name=account_name, @@ -326,6 +317,8 @@ def create_tickets_securitygroups(self): rds_instance_details = elb_instance_details = None + issue_risk = "High" + if ec2_client is not None: ec2_instances = EC2Operations.get_instance_details_of_sg_associated(ec2_client, group_id) sg_instance_details, instance_profile_details,\ @@ -362,6 +355,7 @@ def create_tickets_securitygroups(self): source_description = "allows access from some definite public ip addresses or networks" if sg_public: + issue_risk = 'Critical' summary_status = "Internet" issue_description = (f"Security group has EC2 instances in public subnets " f"with public IP address attached and " @@ -380,6 +374,7 @@ def create_tickets_securitygroups(self): f"critical services.\n" ) elif sg_blind_public: + issue_risk = 'Critical' summary_status = "Internet" issue_description = (f"Security group has EC2 instances in private subnets " f"with public IP address attached and " @@ -393,6 +388,7 @@ def create_tickets_securitygroups(self): f"instances when someone is probing the public IP of the instances. " f"However, there will be no return traffic due to the lack of an IGW.\n") elif not sg_in_use: + issue_risk = 'Medium' summary_status = "Unused" issue_description = (f"Security group has no EC2 instances attached and " f"{source_description} " @@ -416,6 +412,15 @@ def create_tickets_securitygroups(self): tags_table = JiraOperations.build_tags_table(tags) + account_details = (f"*Risk*: {issue_risk}\n\n" + f"*Account Name*: {account_name}\n" + f"*Account ID*: {account_id}\n" + f"*SG Name*: {group_name}\n" + f"*SG ID*: {group_id}\n" + f"*Region*: {group_region}\n") + + account_details += f"*VPC*: {group_vpc_id}\n\n" if group_vpc_id else "\n" + issue_description = ( f"{issue_description}" f"{open_port_details}" From 1f5c8cfa9150c7c0559168dd5c698617576a8c88 Mon Sep 17 00:00:00 2001 From: "yevheniia.pasiechna@dowjones.com" Date: Fri, 7 Jun 2019 17:17:07 +0300 Subject: [PATCH 4/5] Normalize Risks and stop using Priority while creating tickets --- deployment/configs/config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/configs/config.json b/deployment/configs/config.json index 13479a80..8c073376 100755 --- a/deployment/configs/config.json +++ b/deployment/configs/config.json @@ -9,7 +9,7 @@ "issue_type": "Task", "text_field_character_limit": 32767, "risk_field_id": "", - "risk_field_param": "", + "risk_field_param": "" }, "slack": { "enabled": true, From 3b31acb04a4a3780467534203d07d81ef546715b Mon Sep 17 00:00:00 2001 From: "yevheniia.pasiechna@dowjones.com" Date: Fri, 7 Jun 2019 18:03:19 +0300 Subject: [PATCH 5/5] Normalize "Risks" and stop using Priority while creating tickets --- hammer/library/jiraoperations.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/hammer/library/jiraoperations.py b/hammer/library/jiraoperations.py index eed2d775..74dd2da5 100755 --- a/hammer/library/jiraoperations.py +++ b/hammer/library/jiraoperations.py @@ -55,10 +55,9 @@ def add_issue(self, issue_data[self.config.jira.risk_field_id] = { self.config.jira.risk_field_param: risk } + issue_data["priority"] = {"name": 'Major'} else: - issue_data["priority"] = { - {"name": risk_priority_mapping[risk]} - } + issue_data["priority"] = {"name": risk_priority_mapping[risk]} ticket_id = self.jira.create_ticket(issue_data)