Example 1 with GatekeeperRDSInstance
use of org.finra.gatekeeper.services.aws.model.GatekeeperRDSInstance in project Gatekeeper by FINRAOS.
the class RdsLookupService method loadToGatekeeperRDSInstance.
/**
* Loads the DB instances from a aws fetch call for RDS databases into a list of Gatekeeper RDS Objects
* @param instances
* @return
*/
private List<GatekeeperRDSInstance> loadToGatekeeperRDSInstance(AmazonRDSClient client, List<DBInstance> instances, List<String> securityGroupIds) {
ArrayList<GatekeeperRDSInstance> gatekeeperRDSInstances = new ArrayList<>();
instances.forEach(item -> {
String application = getApplicationTagforInstanceArn(client, item.getDBInstanceArn());
if (item.getDBInstanceStatus().equalsIgnoreCase("available")) {
Boolean enabled = item.getVpcSecurityGroups().stream().anyMatch(sg -> {
return securityGroupIds.contains(sg.getVpcSecurityGroupId());
});
String status = item.getDBInstanceStatus();
String dbName = item.getDBName();
if (dbName == null && item.getEngine().equalsIgnoreCase("postgres")) {
dbName = item.getEngine().toLowerCase();
}
if (!enabled) {
status = "Missing FINRA-RDS-support Security Group";
} else {
try {
String dbStatus = databaseConnectionService.checkDb(item.getEngine(), item.getEndpoint().getAddress() + ":" + item.getEndpoint().getPort() + "/" + dbName);
status = !dbStatus.isEmpty() ? dbStatus : status;
} catch (GKUnsupportedDBException e) {
logger.error("Database Engine is not supported", e);
status = "DB Engine not supported";
}
}
gatekeeperRDSInstances.add(new GatekeeperRDSInstance(item.getDbiResourceId(), item.getDBInstanceIdentifier(), dbName != null ? dbName : "", item.getEngine(), status, item.getDBInstanceArn(), item.getEndpoint().getAddress() + ":" + item.getEndpoint().getPort(), application, enabled));
}
});
return gatekeeperRDSInstances;
}
Also used :
GKUnsupportedDBException(org.finra.gatekeeper.services.db.exception.GKUnsupportedDBException)
GatekeeperRDSInstance(org.finra.gatekeeper.services.aws.model.GatekeeperRDSInstance)
Example 2 with GatekeeperRDSInstance
use of org.finra.gatekeeper.services.aws.model.GatekeeperRDSInstance in project Gatekeeper by FINRAOS.
the class RdsLookupService method loadInstances.
private List<GatekeeperRDSInstance> loadInstances(AWSEnvironment environment) {
logger.info("Refreshing RDS Instance Data");
Long startTime = System.currentTimeMillis();
DescribeDBInstancesRequest describeDBInstancesRequest = new DescribeDBInstancesRequest();
List<String> securityGroupIds = sgLookupService.fetchSgsForAccountRegion(environment);
AmazonRDSClient amazonRDSClient = awsSessionService.getRDSSession(environment);
DescribeDBInstancesResult result = amazonRDSClient.describeDBInstances(describeDBInstancesRequest);
List<GatekeeperRDSInstance> gatekeeperRDSInstances = loadToGatekeeperRDSInstance(amazonRDSClient, result.getDBInstances(), securityGroupIds);
// At a certain point (Usually ~100 instances) amazon starts paging the rds results, so we need to get each page, which is keyed off by a marker.
while (result.getMarker() != null) {
result = amazonRDSClient.describeDBInstances(describeDBInstancesRequest.withMarker(result.getMarker()));
gatekeeperRDSInstances.addAll(loadToGatekeeperRDSInstance(amazonRDSClient, result.getDBInstances(), securityGroupIds));
}
logger.info("Refreshed instance data in " + ((double) (System.currentTimeMillis() - startTime) / 1000) + " Seconds");
return gatekeeperRDSInstances;
}
Also used :
AmazonRDSClient(com.amazonaws.services.rds.AmazonRDSClient)
GatekeeperRDSInstance(org.finra.gatekeeper.services.aws.model.GatekeeperRDSInstance)
Aggregations
GatekeeperRDSInstance (org.finra.gatekeeper.services.aws.model.GatekeeperRDSInstance)2
AmazonRDSClient (com.amazonaws.services.rds.AmazonRDSClient)1
GKUnsupportedDBException (org.finra.gatekeeper.services.db.exception.GKUnsupportedDBException)1
