Add Auto-remediation for check EKS-001 #67
Open
gmagella-ca wants to merge 3 commits intocloudconformity:mainfrom
Open
Add Auto-remediation for check EKS-001 #67gmagella-ca wants to merge 3 commits intocloudconformity:mainfrom
gmagella-ca wants to merge 3 commits intocloudconformity:mainfrom
Conversation
PatrickQuintal
requested review from
PatrickQuintal
and removed request for
PatrickQuintal
binli0114
suggested changes
Jul 4, 2020
Contributor
binli0114
left a comment
binli0114
left a comment
There was a problem hiding this comment.
sorry about the delay PR review.
Left some comments and please let me know if any problem.
| return handleError('Invalid event') | ||
| } | ||
|
|
||
| const clustername=event.resource.split('/')[1]; |
Contributor
There was a problem hiding this comment.
Suggested change
| const clustername=event.resource.split('/')[1]; | |
| const resourceItems = event.resource.split('/'); | |
| if (resourceItems.length<1){ | |
| return handleError('Invalid resource'); | |
| } | |
| const clustername=resourceItems[1]; |
| } | ||
| }; | ||
|
|
||
| let eks = new AWS.EKS({region: event.region}) |
Contributor
There was a problem hiding this comment.
Suggested change
| let eks = new AWS.EKS({region: event.region}) | |
| const eks = new AWS.EKS({region: event.region}) |
Comment on lines
+26
to
+27
| if (err) console.log(err, err.stack); // an error occurred | ||
| else console.log(data); // successful response |
Contributor
There was a problem hiding this comment.
These if condition can be removed because line 29 handles it
Suggested change
| if (err) console.log(err, err.stack); // an error occurred | |
| else console.log(data); // successful response | |
|
|
||
| let eks = new AWS.EKS({region: event.region}) | ||
|
|
||
| eks.updateClusterConfig(params, function(err, data) { |
Contributor
There was a problem hiding this comment.
suggest to use asynchronous flow instead of using callbacks.
ref: https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/using-promises.html
| module.exports.handler = (event, context, callback) => { | ||
| console.log('Received event: ', JSON.stringify(event, null, 2)) | ||
| console.log('Config settings: ', JSON.stringify(CONFIG, null, 2)) | ||
| //console.log('Config settings: ', JSON.stringify(CONFIG, null, 2)) |
Contributor
There was a problem hiding this comment.
remove unused code
Suggested change
| //console.log('Config settings: ', JSON.stringify(CONFIG, null, 2)) | |
| else{ | ||
|
|
||
| //Compose the function name based on its own name... | ||
| let FunctionName = |
Contributor
There was a problem hiding this comment.
Suggested change
| let FunctionName = | |
| const FunctionName = |
| Properties: | ||
| MessageRetentionPeriod: 7200 #2 Hours | ||
| QueueName: CloudConformityAutoRemediate | ||
|
|
Contributor
There was a problem hiding this comment.
The SQS queue must be encrypted at rest. Please configure KMS KeyId in the queue property
| 'region': 'us-east-1' | ||
| } | ||
|
|
||
| let AutoRemediate = require('../functions/AutoRemediateEKS-001') |
Contributor
There was a problem hiding this comment.
Suggested change
| let AutoRemediate = require('../functions/AutoRemediateEKS-001') | |
| const AutoRemediate = require('../functions/AutoRemediateEKS-001') |
| @@ -0,0 +1,11 @@ | |||
| let event = { | |||
Contributor
There was a problem hiding this comment.
Suggested change
| let event = { | |
| const event = { |
|
|
||
| let AutoRemediate = require('../functions/AutoRemediateEKS-001') | ||
|
|
||
| AutoRemediate.handler(event, {}, function (err, data) { |
Contributor
There was a problem hiding this comment.
Please add valid unit tests here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add auto-remediation for check EKS-001.
LambdaVersionhad to be disabled in serverless.yaml to support the number of resources needed.