Skip to content

Commit

Permalink
add functionality to set param (#102)
Browse files Browse the repository at this point in the history 
* add functionality to set param

* fix linter error

* action comments and one fix

* fix spacing issue

* fix test
  • Loading branch information
@JDragovichAlertLogic
JDragovichAlertLogic authored Apr 6, 2020
1 parent 06338ff commit 900969c
Show file tree
Hide file tree
Showing 4 changed files with 80 additions and 5 deletions.
5 changes: 4 additions & 1 deletion cfn/paws-collector.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -672,7 +672,10 @@
},
{
"Effect":"Allow",
"Action":"ssm:GetParameter",
"Action":[
"ssm:GetParameter",
"ssm:PutParameter"
],
"Resource":[
{ "Fn::Join":["", [
"arn:aws:ssm:",
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@alertlogic/paws-collector",
"version": "1.1.7",
"version": "1.1.8",
"license": "MIT",
"description": "Alert Logic AWS based API Poll Log Collector Library",
"repository": {
Expand Down
39 changes: 37 additions & 2 deletions paws_collector.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,42 @@ class PawsCollector extends AlAwsCollector {
prepareErrorStatus(errorString, streamName = 'none') {
return super.prepareErrorStatus(errorString, streamName, this.pawsCollectorType);
}


setPawsSecret(secretValue){
const encryptPromise = new Promise((resolve, reject) => {
const kms = new AWS.KMS();
const params = {
KeyId: process.env.paws_kms_key_arn,
Plaintext: secretValue
};
kms.encrypt(params, function(err, data) {
if (err) {
return reject(err, err.stack);
}
const base64 = new Buffer(data.CiphertextBlob).toString('base64');
return resolve(base64);
});
});

return encryptPromise.then((base64) => {
return new Promise((resolve, reject) => {
var ssm = new AWS.SSM();
var params = {
Name: process.env.paws_secret_param_name,
Type: 'String',
Value: base64
};
ssm.putParameter(params, function(err, data) {
if (err) return reject(err, err.stack);
else return resolve(data);
});
}).catch(err => {
console.error('PAWS000300 Error setting new secret', err);
return err;
});
})
}

register(event) {
let collector = this;
let pawsRegisterProps = this.getProperties();
Expand All @@ -134,7 +169,7 @@ class PawsCollector extends AlAwsCollector {
}
], function(err, customRegister) {
if (err) {
console.err('PAWS000101 Error during registration', err);
console.error('PAWS000101 Error during registration', err);
return collector.done(err);
} else {
let registerProps = Object.assign(pawsRegisterProps, customRegister);
Expand Down
39 changes: 38 additions & 1 deletion test/paws_test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -313,7 +313,44 @@ describe('Unit Tests', function() {
});
});
});


it('sets the secret param properly', (done) => {
let ctx = {
invokedFunctionArn : pawsMock.FUNCTION_ARN,
fail : function(error) {
assert.fail(error);
done();
},
succeed : function() {
done();
}
};

AWS.restore('KMS');

let putParameterSpy = sinon.spy((params, callback) => callback(null, {Version: 2, Tier:'Standard'}));
AWS.mock('SSM', 'putParameter', putParameterSpy);

AWS.mock('KMS', 'encrypt', function (params, callback) {
const data = {
CiphertextBlob : params.Plaintext
};
return callback(null, data);
});

TestCollector.load().then(function(creds) {
const collector = new TestCollector(ctx, creds);
const secretValue = 'a-secret';
const base64 = new Buffer(secretValue).toString('base64');
collector.setPawsSecret(secretValue).then(() => {
assert.equal(putParameterSpy.getCall(0).args[0].Value, base64);
AWS.restore('KMS');
AWS.restore('SSM');
done();
});
});
});

it('reportCollectionDelay', function(done) {
let ctx = {
invokedFunctionArn : pawsMock.FUNCTION_ARN,
Expand Down

0 comments on commit 900969c

Please sign in to comment.