From 2f5f6db310014652856b5586341f3c09232270a7 Mon Sep 17 00:00:00 2001 From: Himanshu Sharma Date: Tue, 15 Nov 2022 22:16:20 +0530 Subject: [PATCH 1/2] Updating security hub layers in new aws regions --- cloudwatchlogs-with-dlq/test_cwl_lambda.py | 64 ++++++++++++++----- .../sam/create_layer.sh | 2 + .../sam/requirements.txt | 2 + 3 files changed, 51 insertions(+), 17 deletions(-) diff --git a/cloudwatchlogs-with-dlq/test_cwl_lambda.py b/cloudwatchlogs-with-dlq/test_cwl_lambda.py index 3a0c9db..23e6b42 100644 --- a/cloudwatchlogs-with-dlq/test_cwl_lambda.py +++ b/cloudwatchlogs-with-dlq/test_cwl_lambda.py @@ -167,22 +167,26 @@ def _parse_template(self, template): def upload_code_in_multiple_regions(): regions = [ - "us-east-2", - "us-east-1", - "us-west-1", - "us-west-2", - "ap-south-1", - "ap-northeast-2", - "ap-southeast-1", - "ap-southeast-2", - "ap-northeast-1", - "ca-central-1", - # "cn-north-1", - "eu-central-1", - "eu-west-1", - "eu-west-2", - "eu-west-3", - "sa-east-1" + "me-central-1", + "eu-central-2", + "ap-northeast-3", + "ap-southeast-3" + # "us-east-2", + # "us-east-1", + # "us-west-1", + # "us-west-2", + # "ap-south-1", + # "ap-northeast-2", + # "ap-southeast-1", + # "ap-southeast-2", + # "ap-northeast-1", + # "ca-central-1", + # # "cn-north-1", + # "eu-central-1", + # "eu-west-1", + # "eu-west-2", + # "eu-west-3", + # "sa-east-1" ] # for region in regions: @@ -191,9 +195,35 @@ def upload_code_in_multiple_regions(): for region in regions: upload_code_in_S3(region) +region_map = { + "us-east-1" : "appdevzipfiles-us-east-1", + "us-east-2" : "appdevzipfiles-us-east-2", + "us-west-1" : "appdevzipfiles-us-west-1", + "us-west-2" : "appdevzipfiles-us-west-2", + "ap-south-1": "appdevzipfiles-ap-south-1", + "ap-northeast-2":"appdevzipfiles-ap-northeast-2", + "ap-southeast-1":"appdevzipfiles-ap-southeast-1", + "ap-southeast-2":"appdevzipfiles-ap-southeast-2", + "ap-northeast-1":"appdevzipfiles-ap-northeast-1", + "ca-central-1": "appdevzipfiles-ca-central-1", + "eu-central-1":"appdevzipfiles-eu-central-1", + "eu-west-1":"appdevzipfiles-eu-west-1", + "eu-west-2":"appdevzipfiles-eu-west-2", + "eu-west-3":"appdevzipfiles-eu-west-3", + "eu-north-1":"appdevzipfiles-eu-north-1s", + "sa-east-1":"appdevzipfiles-sa-east-1", + "ap-east-1":"appdevzipfiles-ap-east-1s", + "af-south-1":"appdevzipfiles-af-south-1s", + "eu-south-1":"appdevzipfiles-eu-south-1", + "me-south-1":"appdevzipfiles-me-south-1s", + "me-central-1": "appdevzipfiles-me-central-1", + "eu-central-2":"appdevzipfiles-eu-central-2", + "ap-northeast-3" :"appdevzipfiles-ap-northeast-3", + "ap-southeast-3": "appdevzipfiles-ap-southeast-3" +} def get_bucket_name(region): - return '%s-%s' % (BUCKET_PREFIX, region) + return region_map[region] def create_bucket(region): diff --git a/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh b/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh index 99ea7a9..0a473fb 100644 --- a/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh +++ b/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh @@ -11,6 +11,8 @@ fi declare -a regions=("us-east-2" "us-east-1" "us-west-1" "us-west-2" "ap-south-1" "ap-northeast-2" "ap-southeast-1" "ap-southeast-2" "ap-northeast-1" "ca-central-1" "eu-central-1" "eu-west-1" "eu-west-2" "eu-west-3" "sa-east-1") +# Buckets names that are different from region name (e.g appdevzipfiles-eu-north-1s) - eu-north-1 , ap-east-1, af-south-1, me-south-1 + for i in "${regions[@]}" do echo "Deploying layer in $i" diff --git a/securityhub-org/sumologic-securityhub-collector-awsorg/sam/requirements.txt b/securityhub-org/sumologic-securityhub-collector-awsorg/sam/requirements.txt index e69de29..4c6f976 100644 --- a/securityhub-org/sumologic-securityhub-collector-awsorg/sam/requirements.txt +++ b/securityhub-org/sumologic-securityhub-collector-awsorg/sam/requirements.txt @@ -0,0 +1,2 @@ +boto3==1.9.60 +requests==2.7.0 From 51171a2e09788bf9765c4f404073401740e1587e Mon Sep 17 00:00:00 2001 From: Himanshu Sharma Date: Mon, 21 Nov 2022 16:48:31 +0530 Subject: [PATCH 2/2] Updating bucket names --- cloudwatchlogs-with-dlq/test_cwl_lambda.py | 4 ++-- .../sam/create_layer.sh | 11 ++++++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/cloudwatchlogs-with-dlq/test_cwl_lambda.py b/cloudwatchlogs-with-dlq/test_cwl_lambda.py index 23e6b42..f798597 100644 --- a/cloudwatchlogs-with-dlq/test_cwl_lambda.py +++ b/cloudwatchlogs-with-dlq/test_cwl_lambda.py @@ -217,8 +217,8 @@ def upload_code_in_multiple_regions(): "eu-south-1":"appdevzipfiles-eu-south-1", "me-south-1":"appdevzipfiles-me-south-1s", "me-central-1": "appdevzipfiles-me-central-1", - "eu-central-2":"appdevzipfiles-eu-central-2", - "ap-northeast-3" :"appdevzipfiles-ap-northeast-3", + "eu-central-2":"appdevzipfiles-eu-central-2ss", + "ap-northeast-3" :"appdevzipfiles-ap-northeast-3s", "ap-southeast-3": "appdevzipfiles-ap-southeast-3" } diff --git a/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh b/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh index 0a473fb..ca04bc2 100644 --- a/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh +++ b/securityhub-org/sumologic-securityhub-collector-awsorg/sam/create_layer.sh @@ -11,7 +11,16 @@ fi declare -a regions=("us-east-2" "us-east-1" "us-west-1" "us-west-2" "ap-south-1" "ap-northeast-2" "ap-southeast-1" "ap-southeast-2" "ap-northeast-1" "ca-central-1" "eu-central-1" "eu-west-1" "eu-west-2" "eu-west-3" "sa-east-1") -# Buckets names that are different from region name (e.g appdevzipfiles-eu-north-1s) - eu-north-1 , ap-east-1, af-south-1, me-south-1 +# Some buckets names have 's' or 'ss' in the region suffix. It is kept intentional as bucket names were not available. +# Buckets names which are intentional - +# 1. appdevzipfiles-eu-north-1s +# 2. appdevzipfiles-ap-east-1s +# 3. appdevzipfiles-af-south-1s +# 4. appdevzipfiles-me-south-1s +# 5. appdevzipfiles-me-central-1 +# 6. appdevzipfiles-eu-central-2ss +# 7. appdevzipfiles-ap-northeast-3s +# 8. appdevzipfiles-ap-southeast-3" for i in "${regions[@]}" do