Merge pull request #4 from awslabs/1.0.1

1.0.1

.gitignore

@@ -0,0 +1,126 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/

CHANGELOG.md

@@ -0,0 +1,20 @@
+# Changelog
+
+## [1.0.0] - 2022-02-22
+
+### Added
+* AWS CloudSaga
+    * Main file
+    * Subfunction files
+    * LICENSE file
+    * README file
+    * NOTICE file
+    * THIRD-PARTY file
+    * CODE_OF_CONDUCT file
+    * CONTRIBUTING file
+
+## [1.0.1] - 2022-02-25
+
+### Changed
+* README file to reflect new installation instructions
+    * AWS CloudSaga is used via pip3 installer

README.md

@@ -8,7 +8,7 @@ AWS CloudSaga is for customers who want to test their environment against docume
 
 ## Usage
 ```
-python3 cloudsaga.py
+cloudsaga
 
 
 
@@ -117,23 +117,31 @@ The code in it's current form can be ran inside the following:
 * AWS CloudShell (preferred)
 * Locally (with IAM credentials, not preferred)
 
+## Prerequisites
+The following prerequisites are required to use AWS CloudSaga
+* Python 3.7 or later
+* boto3 1.21.7 or later
+* pip3 (for installation of AWS CloudSaga)
+
+## Installing the code
+Installation of the code is done via pip3:
+```
+pip3 install cloudsaga
+```
+
 ## Step-by-Step Instructions (for running in AWS CloudShell)
 1. Log into the AWS Console of the account you want to run AWS CloudSaga.
 2. Click on the icon for AWS Cloudshell next to the search bar.
    * Ensure that you're in a region where AWS CloudShell is currently available.
-3. Once the session begins, download AWS CloudSaga within the AWS CloudShell session.
-```
-git clone https://github.com/awslabs/aws-cloudsaga.git
-```
-4. Change the directory to the folder cloned from the link in Step 3:
+3. Once the session begins, install AWS CloudSaga via pip3:
 ```
-cd aws-cloudsaga
+pip3 install cloudsaga
 ```
-5. Run the following command to review the help page for AWS CloudSaga.
+4. Once installed, run the following command to review the help page for AWS CloudSaga.
 ```
-python3 cloudsaga.py -h
+cloudsaga.py -h
 ```
-6. Review the scenarios, select the one that you want to run for generating your security event for testing.
+5. Review the scenarios, select the one that you want to run for generating your security event for testing.
 
 ### Logging
 A log file containing the detailed output of actions will be placed in the root directory of AWS CloudSaga. The format of the file will be cloudsaga_timestamp_here.log

cloudsaga.py → cloudsaga/cloudsaga.py

@@ -1,17 +1,16 @@
+#!/usr/bin/env python3
 #// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 #// SPDX-License-Identifier: Apache-2.0
 # AWS CloudSaga - Simulate security events in AWS
 # Joshua "DozerCat" McKiddy - Customer Incident Response Team (CIRT) - AWS
 
 
 import logging
-import boto3
 import time
 import datetime
 import argparse
-from botocore.exceptions import ClientError
 from datetime import timezone
-from scenarios import iam_credentials, imds_reveal, mining_bitcoin, network_changes, public_resources
+from .scenarios import iam_credentials, imds_reveal, mining_bitcoin, network_changes, public_resources
 
 
 current_date = datetime.datetime.now(tz=timezone.utc)
@@ -157,4 +156,4 @@ def main():
 
 
 if __name__ == '__main__':
-    main()
+    main()

scenarios/public_resources.py → cloudsaga/scenarios/public_resources.py

@@ -21,7 +21,7 @@
 
 
 sts = boto3.client('sts')
-region = os.environ['AWS_REGION']
+region = os.environ.get('AWS_REGION', 'us-east-1')
 
 
 region_list = ['af-south-1', 'ap-east-1', 'ap-south-1', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'eu-north-1', 'eu-south-1', 'me-south-1', 'sa-east-1', 'us-east-1', 'us-east-2', 'us-west-1', 'us-west-2']

pyproject.toml

@@ -0,0 +1,29 @@
+[tool.poetry]
+name = "cloudsaga"
+version = "1.0.1"
+description = "AWS CloudSaga is a tool to test security controls and alerts within their Amazon Web Services (AWS) environment"
+readme = "README.md"
+repository = "https://github.com/awslabs/aws-cloudsaga"
+
+authors = ["Joshua McKiddy"]
+include = [
+    "CODE_OF_CONDUCT.md",
+    "CONTRIBUTING.md",
+    "LICENSE",
+    "NOTICE",
+    "README.md",
+    "THIRD-PARTY",
+]
+
+[tool.poetry.dependencies]
+python = "^3.7"
+boto3 = "^1.21.7"
+
+[tool.poetry.dev-dependencies]
+
+[tool.poetry.scripts]
+cloudsaga = "cloudsaga.cloudsaga:main"
+
+[build-system]
+requires = ["poetry-core>=1.0.0"]
+build-backend = "poetry.core.masonry.api"