Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix AWSRecreateSG EC2 breaking change bug #32962

Merged
merged 8 commits into from Feb 26, 2024
Merged

Fix AWSRecreateSG EC2 breaking change bug #32962

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
2ae48da
fixed
jlevypaloalto Feb 15, 2024
5e9695e
remove print
jlevypaloalto Feb 15, 2024
9dcd997
update docker + RN
jlevypaloalto Feb 21, 2024
c5fce78
add BC warning
jlevypaloalto Feb 21, 2024
a115db5
remove duplicate
jlevypaloalto Feb 22, 2024
9cbb3c5
fixed unit-tests
jlevypaloalto Feb 23, 2024
8d082e5
newline
jlevypaloalto Feb 25, 2024
7294274
Merge branch 'master' into jl-AWSRecreateSG-fix
jlevypaloalto Feb 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
9 changes: 9 additions & 0 deletions Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_16.md
View file
Open in desktop
@@ -0,0 +1,9 @@

#### Scripts

##### AWSRecreateSG

- Fixed an issue where the script failed with the latest version of the `AWS - EC2` integration.
- Updated the Docker image to: *demisto/python3:3.10.13.87159*.

**NOTE:** The `AWS - EC2` integration version must be greater than `1.4.0` for this script to run.
30 changes: 3 additions & 27 deletions Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.py
View file
Open in desktop
@@ -1,36 +1,13 @@
import demistomock as demisto # noqa: F401
from CommonServerPython import * # noqa: F401


from typing import Any
import traceback
from random import randint

ROLE_SESSION_NAME = "xsoar-session"


def get_context_path(context: dict, path: str):
"""Get a context output ignoring the DT suffix.

Args:
context (dict): The context output with DT paths as keys.
path (str): The outputs prefix path without the DT transform under which the required data is held.

Return:
(Any): The context data under the prefix.

Example:
>>> output = demisto.executeCommand('aws-ec2-describe-addresses')
>>> output
{'Contents': {'path.to.data(val.Id && val.Id == obj.Id)': [1, 2, 3, 4]}}
>>> get_context_path(output, 'path.to.data')
[1, 2, 3, 4]
"""
return context.get(
next((key for key in context if key.partition('(')[0] == path), None)
)


def split_rule(rule: dict, port: int, protocol: str) -> list[dict]:
"""
If there are rules with ranges of ports, split them up
Expand Down Expand Up @@ -93,7 +70,7 @@ def sg_fix(sg_info: list, port: int, protocol: str, assume_role: str, instance_t
Returns:
Dict: Dict of the new SG to be used
"""
info = get_context_path(sg_info[0]['Contents'], 'AWS.EC2.SecurityGroups')[0] # type: ignore
info = dict_safe_get(sg_info, (0, 'Contents', 0))
recreate_list = []
# Keep track of change in SG or not.
change = False
Expand Down Expand Up @@ -160,7 +137,7 @@ def sg_fix(sg_info: list, port: int, protocol: str, assume_role: str, instance_t
new_sg = demisto.executeCommand("aws-ec2-create-security-group", cmd_args)
if isError(new_sg):
raise ValueError('Error on creating new security group')
new_id = new_sg[0]['Contents']['AWS.EC2.SecurityGroups']['GroupId']
new_id = dict_safe_get(new_sg, (0, 'Contents', 'GroupId'))
for item in recreate_list:
cmd_args = {"groupId": new_id, "IpPermissionsFull": item, "using": instance_to_use}
if assume_role:
Expand Down Expand Up @@ -293,8 +270,7 @@ def instance_info(instance_id: str, public_ip: str, assume_role: str, region: st
# Need a for loop in case multiple AWS-EC2 integrations are configured.
match = False
for instance in instance_info:
# Check if returned error, in the case of multiple integration instances only one should pass.
interfaces = get_context_path(instance.get('Contents'), 'AWS.EC2.Instances')[0].get('NetworkInterfaces') # type: ignore
interfaces = dict_safe_get(instance, ('Contents', 0, 'NetworkInterfaces'))
if not isError(instance) and interfaces:
mapping_dict = {}
for interface in interfaces:
Expand Down
2 changes: 1 addition & 1 deletion Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.yml
View file
Open in desktop
Expand Up @@ -51,7 +51,7 @@ dependson:
- AWS - EC2|||aws-ec2-authorize-security-group-egress-rule
- AWS - EC2|||aws-ec2-revoke-security-group-ingress-rule
- AWS - EC2|||aws-ec2-revoke-security-group-egress-rule
dockerimage: demisto/python3:3.10.13.84405
dockerimage: demisto/python3:3.10.13.87159
enabled: true
name: AWSRecreateSG
runas: DBotWeakRole
Expand Down
2 changes: 1 addition & 1 deletion Packs/AWS-Enrichment-Remediation/pack_metadata.json
View file
Open in desktop
Expand Up @@ -2,7 +2,7 @@
"name": "AWS Enrichment and Remediation",
"description": "Playbooks using multiple AWS content packs for enrichment and remediation purposes",
"support": "xsoar",
"currentVersion": "1.1.15",
"currentVersion": "1.1.16",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down