forked from tailwarden/komiser
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
340 lines (318 loc) · 16.5 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
package main
import (
"fmt"
"log"
"net/http"
"os"
"strings"
"time"
"github.com/gorilla/handlers"
"github.com/gorilla/mux"
. "github.com/mlabouardy/komiser/handlers/aws"
. "github.com/mlabouardy/komiser/handlers/digitalocean"
. "github.com/mlabouardy/komiser/handlers/gcp"
. "github.com/mlabouardy/komiser/handlers/integrations"
. "github.com/mlabouardy/komiser/handlers/ovh"
. "github.com/mlabouardy/komiser/services/cache"
"github.com/robfig/cron"
"github.com/rs/cors"
// . "github.com/mlabouardy/komiser/services/ini"
. "github.com/mlabouardy/komiser/handlers/azure"
"github.com/urfave/cli"
)
const (
DEFAULT_PORT = 3000
DEFAULT_DURATION = 30
DEFAULT_ALERT_SCHEDULE = "0 9 * * * *"
)
func startServer(port int, cache Cache, dataset string, multiple bool, schedule string, regions []string) {
cache.Connect()
digitaloceanHandler := NewDigitalOceanHandler(cache)
gcpHandler := NewGCPHandler(cache, dataset)
awsHandler := NewAWSHandler(cache, multiple, regions)
ovhHandler := NewOVHHandler(cache, "")
azureHandler := NewAzureHandler(cache)
alertHandler := NewAlertHandler(awsHandler, gcpHandler, azureHandler)
c := cron.New()
c.AddFunc(schedule, alertHandler.DailyNotifHandler)
c.Start()
r := mux.NewRouter()
r.HandleFunc("/aws/profiles", awsHandler.ConfigProfilesHandler)
r.HandleFunc("/aws/iam/users", awsHandler.IAMUsersHandler)
r.HandleFunc("/aws/iam/account", awsHandler.IAMUserHandler)
r.HandleFunc("/aws/cost/current", awsHandler.CurrentCostHandler)
r.HandleFunc("/aws/cost/history", awsHandler.CostAndUsageHandler)
r.HandleFunc("/aws/resources/regions", awsHandler.UsedRegionsHandler)
r.HandleFunc("/aws/cloudwatch/alarms", awsHandler.CloudWatchAlarmsHandler)
r.HandleFunc("/aws/ec2/regions", awsHandler.EC2InstancesHandler)
r.HandleFunc("/aws/lambda/functions", awsHandler.LambdaFunctionHandler)
r.HandleFunc("/aws/lambda/invocations", awsHandler.GetLambdaInvocationMetrics)
r.HandleFunc("/aws/s3/buckets", awsHandler.S3BucketsHandler)
r.HandleFunc("/aws/s3/size", awsHandler.S3BucketsSizeHandler)
r.HandleFunc("/aws/s3/objects", awsHandler.S3BucketsObjectsHandler)
r.HandleFunc("/aws/glacier", awsHandler.GlacierVaultsHandler)
r.HandleFunc("/aws/ebs", awsHandler.EBSHandler)
r.HandleFunc("/aws/rds/instances", awsHandler.RDSInstanceHandler)
r.HandleFunc("/aws/dynamodb/tables", awsHandler.DynamoDBTableHandler)
r.HandleFunc("/aws/elasticache/clusters", awsHandler.ElasticacheClustersHandler)
r.HandleFunc("/aws/vpc", awsHandler.VPCHandler)
r.HandleFunc("/aws/acl", awsHandler.ACLHandler)
r.HandleFunc("/aws/route_tables", awsHandler.RouteTableHandler)
r.HandleFunc("/aws/cloudfront/requests", awsHandler.CloudFrontRequestsHandler)
r.HandleFunc("/aws/cloudfront/distributions", awsHandler.CloudFrontDistributionsHandler)
r.HandleFunc("/aws/apigateway/requests", awsHandler.APIGatewayRequestsHandler)
r.HandleFunc("/aws/apigateway/apis", awsHandler.APIGatewayRestAPIsHandler)
r.HandleFunc("/aws/elb/requests", awsHandler.ELBRequestsHandler)
r.HandleFunc("/aws/elb/family", awsHandler.ElasticLoadBalancerHandler)
r.HandleFunc("/aws/kms", awsHandler.KMSKeysHandler)
r.HandleFunc("/aws/key_pairs", awsHandler.KeyPairHandler)
r.HandleFunc("/aws/security_groups", awsHandler.SecurityGroupHandler)
r.HandleFunc("/aws/security_groups/unrestricted", awsHandler.ListUnrestrictedSecurityGroups)
r.HandleFunc("/aws/acm/certificates", awsHandler.APIGatewayListCertificatesHandler)
r.HandleFunc("/aws/acm/expired", awsHandler.APIGatewayExpiredCertificatesHandler)
r.HandleFunc("/aws/sqs/messages", awsHandler.GetNumberOfMessagesSentAndDeletedSQSHandler)
r.HandleFunc("/aws/sqs/queues", awsHandler.SQSQueuesHandler)
r.HandleFunc("/aws/sns/topics", awsHandler.SNSTopicsHandler)
r.HandleFunc("/aws/mq/brokers", awsHandler.ActiveMQBrokersHandler)
r.HandleFunc("/aws/kinesis/streams", awsHandler.KinesisListStreamsHandler)
r.HandleFunc("/aws/kinesis/shards", awsHandler.KinesisListShardsHandler)
r.HandleFunc("/aws/glue/crawlers", awsHandler.GlueGetCrawlersHandler)
r.HandleFunc("/aws/glue/jobs", awsHandler.GlueGetJobsHandler)
r.HandleFunc("/aws/datapipeline/pipelines", awsHandler.DataPipelineListPipelines)
r.HandleFunc("/aws/es/domains", awsHandler.ESListDomainsHandler)
r.HandleFunc("/aws/swf/domains", awsHandler.SWFListDomainsHandler)
r.HandleFunc("/aws/support/open", awsHandler.SupportOpenTicketsHandler)
r.HandleFunc("/aws/support/history", awsHandler.SupportTicketsInLastSixMonthsHandlers)
r.HandleFunc("/aws/ecs", awsHandler.ECSHandler)
r.HandleFunc("/aws/route53/zones", awsHandler.Route53HostedZonesHandler)
r.HandleFunc("/aws/route53/records", awsHandler.Route53ARecordsHandler)
r.HandleFunc("/aws/logs/volume", awsHandler.LogsVolumeHandler)
r.HandleFunc("/aws/cloudtrail/sign_in_event", awsHandler.CloudTrailConsoleSignInEventsHandler)
r.HandleFunc("/aws/cloudtrail/source_ip", awsHandler.CloudTrailConsoleSignInSourceIpEventsHandler)
r.HandleFunc("/aws/lambda/errors", awsHandler.GetLambdaErrorsMetrics)
r.HandleFunc("/aws/ec2/scheduled", awsHandler.ScheduledEC2Instances)
r.HandleFunc("/aws/ec2/reserved", awsHandler.ReservedEC2Instances)
r.HandleFunc("/aws/ec2/spot", awsHandler.SpotEC2Instances)
r.HandleFunc("/aws/cost/instance_type", awsHandler.CostAndUsagePerInstanceTypeHandler)
r.HandleFunc("/aws/eks/clusters", awsHandler.EKSClustersHandler)
r.HandleFunc("/aws/logs/retention", awsHandler.MaximumLogsRetentionPeriodHandler)
r.HandleFunc("/aws/nat/traffic", awsHandler.GetNatGatewayTrafficHandler)
r.HandleFunc("/aws/iam/organization", awsHandler.DescribeOrganizationHandler)
r.HandleFunc("/aws/service/limits", awsHandler.DescribeServiceLimitsChecks)
r.HandleFunc("/aws/s3/empty", awsHandler.GetEmptyBucketsHandler)
r.HandleFunc("/aws/eip/detached", awsHandler.ElasticIPHandler)
r.HandleFunc("/aws/redshift/clusters", awsHandler.DescribeRedshiftClustersHandler)
r.HandleFunc("/aws/vpc/subnets", awsHandler.DescribeSubnetsHandler)
r.HandleFunc("/aws/cost/forecast", awsHandler.DescribeForecastPriceHandler)
r.HandleFunc("/gcp/resourcemanager/projects", gcpHandler.ProjectsHandler)
r.HandleFunc("/gcp/compute/instances", gcpHandler.ComputeInstancesHandler)
r.HandleFunc("/gcp/iam/roles", gcpHandler.IAMRolesHandler)
r.HandleFunc("/gcp/dns/zones", gcpHandler.DNSManagedZonesHandler)
r.HandleFunc("/gcp/storage/buckets", gcpHandler.StorageBucketsHandler)
r.HandleFunc("/gcp/cloudfunctions/functions", gcpHandler.CloudFunctionsHandler)
r.HandleFunc("/gcp/compute/disks", gcpHandler.ComputeDisksHandler)
r.HandleFunc("/gcp/pubsub/topics", gcpHandler.PubSubTopicsHandler)
r.HandleFunc("/gcp/sql/instances", gcpHandler.SqlInstancesHandler)
r.HandleFunc("/gcp/vpc/networks", gcpHandler.VpcNetworksHandler)
r.HandleFunc("/gcp/vpc/firewalls", gcpHandler.VpcFirewallsHandler)
r.HandleFunc("/gcp/vpc/routers", gcpHandler.VpcRoutersHandler)
r.HandleFunc("/gcp/compute/snapshots", gcpHandler.DiskSnapshotsHandler)
r.HandleFunc("/gcp/storage/size", gcpHandler.StorageBucketsSizeHandler)
r.HandleFunc("/gcp/storage/objects", gcpHandler.StorageBucketsObjectsHandler)
r.HandleFunc("/gcp/logging/bytes_ingested", gcpHandler.LoggingBillableReceivedBytesHandler)
r.HandleFunc("/gcp/kubernetes/clusters", gcpHandler.KubernetesClustersHandler)
r.HandleFunc("/gcp/compute/images", gcpHandler.ComputeImagesHandler)
r.HandleFunc("/gcp/redis/instances", gcpHandler.RedisInstancesHandler)
r.HandleFunc("/gcp/compute/cpu", gcpHandler.ComputeCPUUtilizationHandler)
r.HandleFunc("/gcp/iam/users", gcpHandler.IAMUsersHandler)
r.HandleFunc("/gcp/bigquery/statements", gcpHandler.BigQueryScannedStatementsHandler)
r.HandleFunc("/gcp/bigquery/storage", gcpHandler.BigQueryStoredBytesHandler)
r.HandleFunc("/gcp/bigquery/datasets", gcpHandler.BigQueryDatasetsHandler)
r.HandleFunc("/gcp/bigquery/tables", gcpHandler.BigQueryTablesHandler)
r.HandleFunc("/gcp/compute/quotas", gcpHandler.ComputeQuotasHandler)
r.HandleFunc("/gcp/lb/requests", gcpHandler.LoadBalancersRequestsHandler)
r.HandleFunc("/gcp/api/requests", gcpHandler.ConsumedAPIRequestsHandler)
r.HandleFunc("/gcp/lb/total", gcpHandler.LoadBalancersTotalHandler)
r.HandleFunc("/gcp/vpc/subnets", gcpHandler.VpcSubnetsHandler)
r.HandleFunc("/gcp/vpc/addresses", gcpHandler.VpcExternalAddressesHandler)
r.HandleFunc("/gcp/vpn/tunnels", gcpHandler.VpnTunnelsHandler)
r.HandleFunc("/gcp/ssl/certificates", gcpHandler.SSLCertificatesHandler)
r.HandleFunc("/gcp/ssl/policies", gcpHandler.SSLPoliciesHandler)
r.HandleFunc("/gcp/security/policies", gcpHandler.SecurityPoliciesHandler)
r.HandleFunc("/gcp/kms/cryptokeys", gcpHandler.KMSCryptoKeysHandler)
r.HandleFunc("/gcp/gae/bandwidth", gcpHandler.AppEngineOutgoingBandwidthHandler)
r.HandleFunc("/gcp/serviceusage/apis", gcpHandler.EnabledAPIsHandler)
r.HandleFunc("/gcp/dataproc/jobs", gcpHandler.DataprocJobsHandler)
r.HandleFunc("/gcp/dataproc/clusters", gcpHandler.DataprocClustersHandler)
r.HandleFunc("/gcp/billing/history", gcpHandler.BillingLastSixMonthsHandler)
r.HandleFunc("/gcp/billing/service", gcpHandler.BillingPerServiceHandler)
r.HandleFunc("/gcp/dns/records", gcpHandler.DNSARecordsHandler)
r.HandleFunc("/gcp/iam/service_accounts", gcpHandler.IAMServiceAccountsHandler)
r.HandleFunc("/gcp/dataflow/jobs", gcpHandler.DataflowJobsHandler)
r.HandleFunc("/gcp/nat/gateways", gcpHandler.NatGatewaysHandler)
r.HandleFunc("/ovh/cloud/projects", ovhHandler.DescribeCloudProjectsHandler)
r.HandleFunc("/ovh/cloud/instances", ovhHandler.DescribeCloudInstancesHandler)
r.HandleFunc("/ovh/cloud/storage", ovhHandler.DescribeCloudStorageContainersHandler)
r.HandleFunc("/ovh/cloud/users", ovhHandler.DescribeCloudUsersHandler)
r.HandleFunc("/ovh/cloud/volumes", ovhHandler.DescribeCloudVolumesHandler)
r.HandleFunc("/ovh/cloud/snapshots", ovhHandler.DescribeCloudSnapshotsHandler)
r.HandleFunc("/ovh/cloud/alerts", ovhHandler.DescribeCloudAlertsandler)
r.HandleFunc("/ovh/cloud/current", ovhHandler.DescribeCurrentUsageHandler)
r.HandleFunc("/ovh/cloud/images", ovhHandler.DescribeCloudImagesHandler)
r.HandleFunc("/ovh/cloud/ip", ovhHandler.DescribeCloudIpsHandler)
r.HandleFunc("/ovh/cloud/network/private", ovhHandler.DescribeCloudPrivateNetworksHandler)
r.HandleFunc("/ovh/cloud/network/public", ovhHandler.DescribeCloudPublicNetworksHandler)
r.HandleFunc("/ovh/cloud/failover/ip", ovhHandler.DescribeCloudFailoverIpsHandler)
r.HandleFunc("/ovh/cloud/vrack", ovhHandler.DescribeCloudVRacksHandler)
r.HandleFunc("/ovh/cloud/kube/clusters", ovhHandler.DescribeCloudKubeClustersHandler)
r.HandleFunc("/ovh/cloud/kube/nodes", ovhHandler.DescribeCloudKubeNodesHandler)
r.HandleFunc("/ovh/cloud/sshkeys", ovhHandler.DescribeCloudSSHKeysHandler)
r.HandleFunc("/ovh/cloud/quotas", ovhHandler.DescribeCloudLimitsHandler)
r.HandleFunc("/ovh/cloud/ssl/certificates", ovhHandler.DescribeSSLCertificatesHandler)
r.HandleFunc("/ovh/cloud/ssl/gateways", ovhHandler.DescribeSSLGatewaysHandler)
r.HandleFunc("/ovh/cloud/profile", ovhHandler.DescribeProfileHandler)
r.HandleFunc("/ovh/cloud/tickets", ovhHandler.DescribeTicketsHandler)
r.HandleFunc("/digitalocean/account", digitaloceanHandler.AccountProfileHandler)
r.HandleFunc("/digitalocean/actions", digitaloceanHandler.ActionsHistoryHandler)
r.HandleFunc("/digitalocean/cdns", digitaloceanHandler.ContentDeliveryNetworksHandler)
r.HandleFunc("/digitalocean/certificates", digitaloceanHandler.CertificatesHandler)
r.HandleFunc("/digitalocean/databases", digitaloceanHandler.DatabasesHandler)
r.HandleFunc("/digitalocean/domains", digitaloceanHandler.DomainsHandler)
r.HandleFunc("/digitalocean/droplets", digitaloceanHandler.DropletsHandler)
r.HandleFunc("/digitalocean/firewalls/list", digitaloceanHandler.DescribeFirewallsHandler)
r.HandleFunc("/digitalocean/firewalls/unsecure", digitaloceanHandler.DescribeUnsecureFirewallsHandler)
r.HandleFunc("/digitalocean/floatingips", digitaloceanHandler.FloatingIpsHandler)
r.HandleFunc("/digitalocean/k8s", digitaloceanHandler.KubernetesHandler)
r.HandleFunc("/digitalocean/keys", digitaloceanHandler.SSHKeysHandler)
r.HandleFunc("/digitalocean/loadbalancers", digitaloceanHandler.LoadBalancersHandler)
r.HandleFunc("/digitalocean/projects", digitaloceanHandler.ProjectsHandler)
r.HandleFunc("/digitalocean/records", digitaloceanHandler.RecordsHandler)
r.HandleFunc("/digitalocean/snapshots", digitaloceanHandler.SnapshotsHandler)
r.HandleFunc("/digitalocean/volumes", digitaloceanHandler.VolumesHandler)
r.HandleFunc("/azure/acm/certificates", azureHandler.APIGatewayListCertificatesHandler)
r.HandleFunc("/azure/acm/expired", azureHandler.APIGatewayExpiredCertificatesHandler)
r.HandleFunc("/azure/compute/vms", azureHandler.VMHandler)
r.HandleFunc("/azure/compute/disks", azureHandler.DiskHandler)
r.HandleFunc("/azure/resources/regions", azureHandler.SubscriptionHandler)
r.HandleFunc("/azure/managedclusters/clusters", azureHandler.ClusterHandler)
r.HandleFunc("/azure/compute/snapshots", azureHandler.SnapshotHandler)
r.HandleFunc("/azure/storage/mysqls", azureHandler.MySQLHandler)
r.HandleFunc("/azure/storage/postgresqls", azureHandler.PostgreSQLHandler)
r.HandleFunc("/azure/storage/redis", azureHandler.RedisHandler)
r.HandleFunc("/azure/security/firewalls", azureHandler.FirewallsHandler)
r.HandleFunc("/azure/network/publicips", azureHandler.PublicIPHandler)
r.HandleFunc("/azure/network/loadbalancers", azureHandler.LoadBalancersHandler)
r.HandleFunc("/azure/security/profiles", azureHandler.ProfilesHandler)
r.HandleFunc("/azure/security/securitygroups", azureHandler.SecurityGroupsHandler)
r.HandleFunc("/azure/security/securityrules", azureHandler.SecurityRulesHandler)
r.HandleFunc("/azure/network/routetables", azureHandler.RouteTablesHandler)
r.HandleFunc("/azure/network/virtualnetworks", azureHandler.VirtualNetworksHandler)
r.HandleFunc("/azure/network/subnets", azureHandler.SubnetsHandler)
r.HandleFunc("/azure/network/dnszones", azureHandler.DNSZonesHandler)
r.HandleFunc("/azure/billing/total", azureHandler.InvoiceHandler)
r.HandleFunc("/integrations", alertHandler.ListIntegrationsHandler)
r.HandleFunc("/integrations/slack", alertHandler.SetupSlackHandler).Methods("POST")
r.PathPrefix("/").Handler(http.FileServer(assetFS()))
cors := cors.New(cors.Options{
AllowedOrigins: []string{"*"},
AllowedMethods: []string{"GET", "POST", "OPTIONS"},
AllowedHeaders: []string{"profile", "X-Requested-With", "Content-Type", "Authorization"},
})
loggedRouter := handlers.LoggingHandler(os.Stdout, cors.Handler(r))
err := http.ListenAndServe(fmt.Sprintf(":%d", port), loggedRouter)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Server started on port %d", port)
}
}
func main() {
app := cli.NewApp()
app.Name = "Komiser"
app.Version = "2.11.0"
app.Usage = "Cloud Environment Inspector"
app.Copyright = "Komiser - https://komiser.io"
app.Compiled = time.Now()
app.Authors = []cli.Author{
cli.Author{
Name: "Mohamed Labouardy",
Email: "[email protected]",
},
}
app.Commands = []cli.Command{
{
Name: "start",
Usage: "Start server",
Flags: []cli.Flag{
cli.IntFlag{
Name: "port, p",
Usage: "Server port",
Value: DEFAULT_PORT,
},
cli.IntFlag{
Name: "duration, d",
Usage: "Cache expiration time",
Value: DEFAULT_DURATION,
},
cli.StringFlag{
Name: "redis, r",
Usage: "Redis server",
},
cli.StringFlag{
Name: "dataset, ds",
Usage: "BigQuery Bill dataset",
},
cli.StringFlag{
Name: "regions, re",
Usage: "Restrict Komiser inspection to list of regions",
},
cli.StringFlag{
Name: "cron, c",
Usage: "Daily budget alert schedule",
Value: DEFAULT_ALERT_SCHEDULE,
},
cli.BoolFlag{
Name: "multiple, m",
Usage: "Enable multiple AWS accounts",
},
},
Action: func(c *cli.Context) error {
port := c.Int("port")
duration := c.Int("duration")
redis := c.String("redis")
dataset := c.String("dataset")
multiple := c.Bool("multiple")
schedule := c.String("cron")
regions := c.String("regions")
listOfRegions := []string{}
if len(regions) > 0 {
listOfRegions = strings.Split(regions, ",")
log.Println("Restrict Komiser inspection to the following AWS regions:", listOfRegions)
}
var cache Cache
if port == 0 {
port = DEFAULT_PORT
}
if duration == 0 {
duration = DEFAULT_DURATION
}
if redis == "" {
cache = &Memory{
Expiration: time.Duration(duration),
}
} else {
cache = &Redis{
Addr: redis,
Expiration: time.Duration(duration),
}
}
startServer(port, cache, dataset, multiple, schedule, listOfRegions)
return nil
},
},
}
app.CommandNotFound = func(c *cli.Context, command string) {
fmt.Fprintf(c.App.Writer, "Command not found %q !", command)
}
app.Run(os.Args)
}