konsthol/SecDep
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Now it's all microservices, I hope the fad persists.

Browse Source
This commit is contained in:
konsthol
2023-03-18 13:21:13 +02:00
parent bf96cdc75b
commit bbc1542fa1
1 changed files with 146 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

197
secdep.py
View File

@@ -6,16 +6,16 @@
# 3) Amazon Web Services (EC2)
# A user will be able to
# 1) create an instance
# 2) delete an instance or all of them
# 3) list all instances across all cloud providers
# 4) start a stopped instance or all of them
# 5) stop a running instance or all of them
# 6) reboot a running instance or all of them
# 2) delete an instance or all of them across all or one cloud provider
# 3) list all instances across all cloud providers or a specific one
# 4) start a stopped instance or all of them across all or one cloud provider
# 5) stop a running instance or all of them across all or one cloud provider
# 6) reboot a running instance or all of them across all or one cloud provider
# 7) list images available for a provider
# 8) list sizes available for a provider
# 9) list locations available for a provider
# 10) run a script during the creation of a new instance
# 11) ssh to an instance
# 11) ssh to an instance with a choice across all or one cloud provider
# from the command line using flags
import os
@@ -30,6 +30,10 @@ from libcloud.compute.providers import get_driver
from libcloud.compute.base import NodeAuthSSHKey
from libcloud.compute.deployment import ScriptDeployment, SSHKeyDeployment, MultiStepDeployment
# from azure.common.credentials import ServicePrincipalCredentials
# from azure.mgmt.network import NetworkManagementClient
# from azure.mgmt.network.models import NetworkSecurityGroup, SecurityRule
# Disable SSL certificate verification
# Disable SHA-2 variants of RSA key verification algorithm for backward compatibility reasons
@@ -978,11 +982,13 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
if sec_group.name == name+"-sec_group":
print("A security group with that name already exists, please try a different virtual machine name to differentiate the security group name")
exit(0)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
# for ip in ips:
# if ip.name == name+"-ip":
# print("An ip with that name already exists, please try a different virtual machine name to differentiate the ip name")
# exit(0)
driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
networks = driver.ex_list_networks()
for network in networks:
@@ -997,10 +1003,37 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
print('Current virtual network\'s location: %s' % (ex_network.location))
exit(0)
subnet = driver.ex_list_subnets(network=ex_network)[0]
# public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip_allocation_method="Static")
public_ip = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)[0]
network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip=public_ip)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=network_interface, ex_os_disk_delete=True)
nic = driver.ex_list_nics(resource_group=SECDEP_AZURE_RESOURCE_GROUP)[0]
sec_group = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)[0]
params = {"ipConfigurations":[{"name":"myip1","id":nic.id,"type":"Microsoft.Network/networkInterfaces/ipConfigurations","properties":{"provisioningState":"Succeeded","privateIPAddress":"10.0.0.4","privateIPAllocationMethod":"Dynamic","publicIPAddress":{"id":public_ip.id},"subnet":{"id":subnet.id},"primary":"true","privateIPAddressVersion":"IPv4"}}],"dnsSettings":{"dnsServers":[]},"enableAcceleratedNetworking":"false","enableIPForwarding":"false","disableTcpStateTracking":"false","networkSecurityGroup":{"id":sec_group.id},"nicType":"Standard"}
newnic = driver.ex_update_nic_properties(nic, SECDEP_AZURE_RESOURCE_GROUP, params)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True)
# subscription_id = SECDEP_AZURE_SUB_ID
# credentials = ServicePrincipalCredentials(
# client_id = SECDEP_AZURE_APP_ID,
# secret = SECDEP_AZURE_PASSWORD,
# tenant = SECDEP_AZURE_TENANT_ID
# )
#
# network_client = NetworkManagementClient(
# credentials,
# subscription_id
# )
#
# network_client.security_rules.begin_create_or_update(SECDEP_AZURE_RESOURCE_GROUP,sec_group.name,"allowAllInbound",SecurityRule(
# protocol='*',
# source_address_prefix='*',
# destination_address_prefix='*',
# access='Allow',
# direction='Inbound', description='Allow all',source_port_range='*',
# destination_port_range='*',
# priority=4096, name="allowAll"))
else:
keys = driver.list_key_pairs()
for key in keys:
@@ -1044,12 +1077,14 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
if sec_group.name == name+"-sec_group":
print("A security group with that name already exists, please try a different virtual machine name to differentiate the security group name")
exit(0)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
# for ip in ips:
# if ip.name == name+"-ip":
# print("An ip with that name already exists, please try a different virtual machine name to differentiate the ip name")
# exit(0)
# driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
networks = driver.ex_list_networks()
for network in networks:
if network.name == SECDEP_AZURE_VIRTUAL_NETWORK:
@@ -1063,10 +1098,37 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
print('Current virtual network\'s location: %s' % (ex_network.location))
exit(0)
subnet = driver.ex_list_subnets(network=ex_network)[0]
# public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip_allocation_method="Static")
public_ip = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)[0]
network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip=public_ip)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=network_interface, ex_os_disk_delete=True)
nic = driver.ex_list_nics(resource_group=SECDEP_AZURE_RESOURCE_GROUP)[0]
sec_group = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)[0]
params = {"ipConfigurations":[{"name":"myip1","id":nic.id,"type":"Microsoft.Network/networkInterfaces/ipConfigurations","properties":{"provisioningState":"Succeeded","privateIPAddress":"10.0.0.4","privateIPAllocationMethod":"Dynamic","publicIPAddress":{"id":public_ip.id},"subnet":{"id":subnet.id},"primary":"true","privateIPAddressVersion":"IPv4"}}],"dnsSettings":{"dnsServers":[]},"enableAcceleratedNetworking":"false","enableIPForwarding":"false","disableTcpStateTracking":"false","networkSecurityGroup":{"id":sec_group.id},"nicType":"Standard"}
newnic = driver.ex_update_nic_properties(nic, SECDEP_AZURE_RESOURCE_GROUP, params)
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True)
# subscription_id = SECDEP_AZURE_SUB_ID
# credentials = ServicePrincipalCredentials(
# client_id = SECDEP_AZURE_APP_ID,
# secret = SECDEP_AZURE_PASSWORD,
# tenant = SECDEP_AZURE_TENANT_ID
# )
#
# network_client = NetworkManagementClient(
# credentials,
# subscription_id
# )
#
# network_client.security_rules.begin_create_or_update(SECDEP_AZURE_RESOURCE_GROUP,sec_group.name,"allowAllInbound",SecurityRule(
# protocol='*',
# source_address_prefix='*',
# destination_address_prefix='*',
# access='Allow',
# direction='Inbound', description='Allow all',source_port_range='*',
# destination_port_range='*',
# priority=4096, name="allowAll"))
else:
keys = driver.list_key_pairs()
for key in keys:
@@ -1103,37 +1165,68 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
print("\nIP: %s\n" % (node.public_ips))
return node
def list_all_nodes(filterIn=None):
def list_all_nodes(provider, filterIn=None):
print("Getting all nodes...")
print("Loading 0%...")
nodes = []
if SECDEP_GCE_CLIENT_ID != "":
print("Getting GCE nodes...")
driver = get_corresponding_driver("gce")
gceNodes = driver.list_nodes()
if len(gceNodes) > 0:
for node in gceNodes:
nodes.append(node)
print("Loading %s%%..." % (int((1/providers_quantity)*100)))
if SECDEP_AZURE_APP_ID != "":
print("Getting AZURE nodes...")
driver2 = get_corresponding_driver("azure")
azureNodes = driver2.list_nodes()
if len(azureNodes) > 0:
for node in azureNodes:
nodes.append(node)
print("Loading %s%%..." % (int((2/providers_quantity)*100)))
if SECDEP_AWS_ACCESS_KEY != "":
print("Getting AWS nodes...")
awsLocations = ["ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", "eu-central-1", "eu-north-1", "eu-west-1", "eu-west-2", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"]
for region in awsLocations:
driver3 = get_driver(Provider.EC2)(SECDEP_AWS_ACCESS_KEY, SECDEP_AWS_SECRET_KEY,region=region)
# make it so it tries all drivers
awsNodes = driver3.list_nodes()
if len(awsNodes) > 0:
for node in awsNodes:
if provider is None:
if SECDEP_GCE_CLIENT_ID != "":
print("Getting GCE nodes...")
driver = get_corresponding_driver("gce")
gceNodes = driver.list_nodes()
if len(gceNodes) > 0:
for node in gceNodes:
nodes.append(node)
print("Loading %s%%..." % (int((3/providers_quantity)*100)))
print("Loading %s%%..." % (int((1/providers_quantity)*100)))
if SECDEP_AZURE_APP_ID != "":
print("Getting AZURE nodes...")
driver2 = get_corresponding_driver("azure")
azureNodes = driver2.list_nodes()
if len(azureNodes) > 0:
for node in azureNodes:
nodes.append(node)
print("Loading %s%%..." % (int((2/providers_quantity)*100)))
if SECDEP_AWS_ACCESS_KEY != "":
print("Getting AWS nodes...")
awsLocations = ["ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", "eu-central-1", "eu-north-1", "eu-west-1", "eu-west-2", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"]
for region in awsLocations:
driver3 = get_driver(Provider.EC2)(SECDEP_AWS_ACCESS_KEY, SECDEP_AWS_SECRET_KEY,region=region)
# make it so it tries all drivers
awsNodes = driver3.list_nodes()
if len(awsNodes) > 0:
for node in awsNodes:
nodes.append(node)
print("Loading %s%%..." % (int((3/providers_quantity)*100)))
elif provider == "gce":
if SECDEP_GCE_CLIENT_ID != "":
print("Getting GCE nodes...")
driver = get_corresponding_driver("gce")
gceNodes = driver.list_nodes()
if len(gceNodes) > 0:
for node in gceNodes:
nodes.append(node)
print("Loading %s%%..." % (int((1/providers_quantity)*100)))
elif provider == "azure":
if SECDEP_AZURE_APP_ID != "":
print("Getting AZURE nodes...")
driver2 = get_corresponding_driver("azure")
azureNodes = driver2.list_nodes()
if len(azureNodes) > 0:
for node in azureNodes:
nodes.append(node)
print("Loading %s%%..." % (int((2/providers_quantity)*100)))
elif provider == "aws":
if SECDEP_AWS_ACCESS_KEY != "":
print("Getting AWS nodes...")
awsLocations = ["ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", "eu-central-1", "eu-north-1", "eu-west-1", "eu-west-2", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"]
for region in awsLocations:
driver3 = get_driver(Provider.EC2)(SECDEP_AWS_ACCESS_KEY, SECDEP_AWS_SECRET_KEY,region=region)
# make it so it tries all drivers
awsNodes = driver3.list_nodes()
if len(awsNodes) > 0:
for node in awsNodes:
nodes.append(node)
print("Loading %s%%..." % (int((3/providers_quantity)*100)))
count = 0
if len(nodes) == 0:
print("No nodes")
@@ -1156,12 +1249,12 @@ def list_all_nodes(filterIn=None):
print("{}) {}\n\nState: {}\nPublic IPs: {}\nPrivate IPs: {}\nDriver: {}\nSize: {}\nImage: {}\nCreation Date: {}\nExtra: {}\n".format(count, node.name, node.state, node.public_ips, node.private_ips, node.driver, node.size, node.image, node.created_at, node.extra))
return nodes
def get_node():
node = choose_from_list(list_all_nodes(), "node")
def get_node(provider):
node = choose_from_list(list_all_nodes(provider), "node")
return node
def node_action(action):
node = choose_from_list(list_all_nodes(action), "node")
def node_action(action, provider):
node = choose_from_list(list_all_nodes(provider, action), "node")
if node is None:
print("Nothing was chosen")
exit(0)
@@ -1201,15 +1294,16 @@ def node_action(action):
break
sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
for sec_group in sec_groups:
if sec_group.name == node.name+"-sec_group":
driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
# driver.ex_delete_resource(sec_group)
if sec_group.name == node.name+"-sec_group":
driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
# for ip in ips:
# if ip.name == node.name+"-ip":
# driver.ex_delete_public_ip(ip)
def node_action_all(action):
nodes = list_all_nodes(action)
def node_action_all(action, provider):
nodes = list_all_nodes(provider, action)
for node in nodes:
providerName = node.name.split("-")[0]
if providerName == "gce":
@@ -1248,6 +1342,7 @@ def node_action_all(action):
break
sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
for sec_group in sec_groups:
# driver.ex_delete_resource(sec_group)
if sec_group.name == node.name+"-sec_group":
driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
@@ -1255,8 +1350,8 @@ def node_action_all(action):
# if ip.name == node.name+"-ip":
# driver.ex_delete_public_ip(ip)
def ssh():
node = choose_from_list(list_all_nodes(), "node")
def ssh(provider):
node = choose_from_list(list_all_nodes(provider), "node")
ip = node.public_ips[0]
port = 22
username = "secdep"
@@ -1318,19 +1413,19 @@ if args.create:
exit(0)
if args.list:
if args.print:
print(get_node())
print(get_node(args.provider))
else:
list_all_nodes()
list_all_nodes(args.provider)
exit(0)
# If args.action contains the word all execute the node_action_all function, otherwise the node_action function
if args.action:
if(args.action.endswith("all")):
node_action_all(args.action)
node_action_all(args.action, args.provider)
else:
node_action(args.action)
node_action(args.action, args.provider)
exit(0)
if args.ssh:
ssh()
ssh(args.provider)
exit(0)
if args.image or args.size or args.name or args.region or args.yes and not args.create:
print("Image, size, name, region and yes parameters only go along with the create flag")