Provide utility method in non-internal package to retrieve providers …

…configuration (closes #117)
DataDog · May 25, 2022 · a044663 · a044663
1 parent b9abe6e
commit a044663
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 2 deletions.
diff --git a/examples/custom/detonate_custom_technique.go b/examples/custom/detonate_custom_technique.go
@@ -6,7 +6,6 @@ import (
 	"errors"
 	"fmt"
 	"github.com/aws/aws-sdk-go-v2/service/iam"
-	"github.com/datadog/stratus-red-team/internal/providers"
 	"github.com/datadog/stratus-red-team/pkg/stratus"
 	_ "github.com/datadog/stratus-red-team/pkg/stratus/loader" // Note: This import is needed
 	"github.com/datadog/stratus-red-team/pkg/stratus/mitreattack"
@@ -34,7 +33,7 @@ func buildCustomAttackTechnique() *stratus.AttackTechnique {
 
 func detonate(params map[string]string) error {
 	iamUserName := params["iam_user_name"]
-	iamClient := iam.NewFromConfig(providers.AWS().GetConnection())
+	iamClient := iam.NewFromConfig(stratus.AWSProvider().GetConnection())
 
 	userResponse, err := iamClient.GetUser(context.Background(), &iam.GetUserInput{
 		UserName: &iamUserName,

diff --git a/pkg/stratus/providers.go b/pkg/stratus/providers.go
@@ -0,0 +1,35 @@
+package stratus
+
+import (
+	"errors"
+	"github.com/datadog/stratus-red-team/internal/providers"
+)
+
+func AWSProvider() *providers.AWSProvider {
+	return providers.AWS()
+}
+
+func K8sProvider() *providers.K8sProvider {
+	return providers.K8s()
+}
+
+// EnsureAuthenticated ensures that the current user is properly authenticated against a specific platform
+func EnsureAuthenticated(platform Platform) error {
+	switch platform {
+	case AWS:
+		if !providers.AWS().IsAuthenticatedAgainstAWS() {
+			return errors.New("you are not authenticated against AWS, or you have not set your region. " +
+				"Make sure you are authenticated against AWS, and you have a default region set in your AWS config " +
+				"or environment (export AWS_DEFAULT_REGION=us-east-1)")
+		}
+	case Kubernetes:
+		if !providers.K8s().IsAuthenticated() {
+			return errors.New("You do not have a kubeconfig set up, or you do not have proper permissions for " +
+				"this cluster. Make sure you have proper credentials set in " + providers.GetKubeConfigPath())
+		}
+	default:
+		return errors.New("unhandled platform " + string(platform))
+	}
+
+	return nil
+}