A chalice API gateway wrapper around aws_ir.
Highly experimental
- Create a role to associate with the privileges in this api ( incident-pony-role.json Coming soon. )
- Deploy that role. Allow lambda.amazonaws.com to assumerole.
- Update aws_ir-api/.chalice/config.json with the new role ARN. If this deployment is for Ephemeral Systems Incident-Pony do nothing.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
- Checkout aws_ir git submodule
git submodule update - Install the requirements for the chalice project
pip install -r aws_ir-api/requirements.txt - Install aws_ir requirements `pip install -r aws_ir-api/aws_ir/requirements.txt
- Run from within aws_ir-api
chalice deploy
- This is equipped with a variety of py.tests. You can run them by running
py.test tests/or live reload run using nosebin/nosetests --with-watch
Note: Some of these tests require explicit creation of "dummy users" in a testing account. See the section on CFN templates.
In order to use the cloudformation stack templates in CFN folder you will need to set up two boto3 profiles. The default should be your
ThreatResponse account credential for incident pony access and the second should be your "test" account mocking a user or consumer of
the IR tool suite. The tests assume that this boto profile is a "named" profile for proper test coverage. The name should be "incident-account" do this by editing ~/.aws/credentials.
[default]
aws_access_key_id = AKIA***************
aws_secret_access_key = 19*******************************
[incident-account]
aws_access_key_id = AK*************************
aws_secret_access_key = Uzkb**************************
CloudFormation assumes that you're testing in us-west-2. You'll need an ssh keypair called incident-pony-response setup in the incident-accout. I store the private part of my keypair in Credstash.