SecurityMonkey for GovClod region #247
Comments
Hi @skdubey, we would love to do some additional testing to get it to work with GovCloud. Can you provide additional details on what you are seeing? |
One major challenge is that only a small subset of AWS technologies are available in GovCloud, so you may see some missing functionality as a result. |
You may need to do some refactoring... For example:
You would need to remove the govcloud region from the |
Thanks for the quick reply, But i am not able to see anything in Dashboard, nor any server log which should say that it is attempting to do something on system. Services are running fine. |
Hi Mikegrima, What is ROUBLED_REGIONS ? Does it means, all the regions mentioned in this list, system will not check for those regions ? |
@skdubey : Take, for example the code here: security_monkey/security_monkey/watchers/sqs.py Lines 58 to 67 in 03c1594
If an Exception is raised, it will skip over the regions defined in What happens if you remove the GovCloud region from that constant? I would try that first, and post the results. |
@mikegrima : Thanks, i will update you the result after making changes shortly. |
Hello Mike, Which file is this? I tried to find this string globally in security_monkey On Mon, Nov 9, 2015 at 8:17 AM, Mike Grima notifications@github.com wrote:
Regards, |
Sorry got it "constants.py". Should i restart the service to take effect or On Mon, Nov 9, 2015 at 12:40 PM, sandeep dubey sandeep.sanash@gmail.com
Regards, |
Hello Mike, After removing the govcloud region and restarting the supervisor, i am On Mon, Nov 9, 2015 at 12:43 PM, sandeep dubey sandeep.sanash@gmail.com
Regards, |
Hey @skdubey - We'd love to be able to get security_monkey to work in govcloud. Unfortunately, we don't have access to it. If you'd feel comfortable doing a google hangout sometime so we can try and work through the issues, that would be great for the project. Do you know if GovCloud is going to support Lambda in the future? I don't see it on the current list: |
Im at the same point working with Security Monkey in GovCloud. I would like to try a Google Hangout to try to resolve this. I have the web interface up and running but nothing is being returned. I removed the GovCloud entry from troubled regions and still SM returns nothing. For Lambda, not sure if they will or not. Its kind of driven from user demand what they put in GovCloud. |
Sorry Patrick for late reply, I was traveling. Let me know what is the right time to skype/hangout ? Regarding Lambda, not sure when AWS will introduce this service in On Tue, Nov 10, 2015 at 12:19 AM, Patrick Kelley notifications@github.com
Regards, |
@skdubey the error message: "Error loading resource from API. Error: " --# If we can't get the region, default to us-east-1 so we can fillout For example in your case, Security Monkey is trying to connect to ec2.us-east-1.amazonaws.com when it is supposed to connect to ec2.us-gov-west-1.amazonaws.com. GovCloud knows nothing about the commercial regions. A possible fix is to query the metadata server for availability-zone and then set the default region. |
@hellovadi, I replaced the default region in s3.py and restarted the @patrick, Should we go on remote session to work on this if you have time. On Wed, Nov 18, 2015 at 1:05 AM, hellovadi notifications@github.com wrote:
Regards, |
Just noticed below error. Seems that i should replace all the connection 2015-11-25 08:48:50,173 INFO: 0 deleted Security Groups in On Wed, Nov 25, 2015 at 2:25 PM, sandeep dubey sandeep.sanash@gmail.com
Regards, |
@skdubey you need to work with a contributor to fix this. When I run: find src/security_monkey -type f | xargs grep us-east-1 there are many hits. In many cases SM just assumes us-east-1 as the default region. If you want a quick turnaround: clone SM repo, edit the source to handle every line of the output of the command I have given above. Sorry I used to have GovCloud access, now I do not. |
Closing as "wontfix". Really, I'd love for it to run in govcloud. I'd love to have a PR for this. I don't have the ability to do so myself, and Netflix doesn't need it. |
Hi,
I am trying to setup SecurityMonkey for GovCloud region, but later found that non of the region is being listed in Dashboard. Is there any change require to make it work on GovCloud ?
The text was updated successfully, but these errors were encountered: