-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathindex.js
136 lines (117 loc) · 4.54 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
var AWS = require('aws-sdk');
var url = require('url');
var https = require('https');
var config = require('./config');
const WEBHOOK_URL = config.WEBHOOK_URL;
const COLOR_DANGER = config.COLOR_DANGER;
const COLOR_WARNING = config.COLOR_WARNING;
const COLOR_OK = config.COLOR_OK;
// Post the message to the chat URL
var postMessage = function(message, callback) {
var body = JSON.stringify(message);
var options = url.parse(WEBHOOK_URL);
options.method = 'POST';
options.headers = {
'Content-Type': 'application/json',
'Content-Length': Buffer.byteLength(body),
};
var postReq = https.request(options, function(res) {
var chunks = [];
res.setEncoding('utf8');
res.on('data', function(chunk) {
return chunks.push(chunk);
});
res.on('end', function() {
var body = chunks.join('');
if (callback) {
callback({
body: body,
statusCode: res.statusCode,
statusMessage: res.statusMessage
});
}
});
return res;
});
postReq.write(body);
postReq.end();
};
// Format the message for IAM events
var handleIAM = function(event, context) {
var subject = "AWS IAM Notification";
var detail = event.detail;
var message = { 'summary': subject, 'sections': [] };
try {
message['title'] = `${subject} - account ${event.account}`;
// Decode the important details of the event...
var event_details = { 'facts':[] };
switch(detail.eventName.split(/(?=[A-Z])/)[0]){
case "Create":
message['themeColor'] = COLOR_DANGER;
event_details['facts'].push( { 'name': 'Event Name', 'value': detail.eventName });
event_details['facts'].push( { 'name': 'Actor', 'value': `${detail.userIdentity.userName} (${detail.userIdentity.type})` });
event_details['facts'].push( { 'name': 'Affected User', 'value': detail.requestParameters.userName });
break;
case "Delete":
message['themeColor'] = COLOR_OK;
event_details['facts'].push( { 'name': 'Event Name', 'value': detail.eventName });
event_details['facts'].push( { 'name': 'Actor', 'value': `${detail.userIdentity.userName} (${detail.userIdentity.type})` });
event_details['facts'].push( { 'name': 'Affected User', 'value': detail.requestParameters.userName });
break;
case "Start":
message['themeColor'] = COLOR_OK;
event_details['facts'].push( { 'name': 'Event Name', 'value': detail.eventName } );
event_details['facts'].push( { 'name': 'Actor', 'value': `${detail.userIdentity.sessionContext.sessionIssuer.userName} (${detail.userIdentity.type})`} );
break;
default:
message['themeColor'] = COLOR_WARNING;
break;
}
// Add in some common facts...
event_details['facts'].push( { 'name': 'Event ID', 'value': `[${detail.eventID}](https://console.aws.amazon.com/cloudtrail/home?region=${event.region}#/events?EventId=${detail.eventID})` });
event_details['facts'].push( { 'name': 'Region', 'value': detail.awsRegion });
message['sections'].push(event_details);
} catch(e) {
message = processError(e, event);
}
return message;
};
// Build a suitable error message
var processError = function(e, event){
var message = { 'summary': 'Error processing event', 'sections': [] };
message['title'] = message['summary'];
message['themeColor'] = COLOR_DANGER;
var error_details = {};
error_details['title'] = "Error Details";
error_details['facts'] = [
{ 'name': 'NodeJS', 'value': `> "${e}"` },
{ 'name': 'Event', 'value': `> ${JSON.stringify(event)}` }
];
message['sections'].push(error_details);
return message;
};
// Main handler
exports.handler = function(event, context, callback) {
// console.log("sns received:" + JSON.stringify(event, null, 2));
var message = null;
switch(event.source) {
case "aws.iam":
console.log("processing IAM notification...");
message = handleIAM(event,context);
break;
default:
console.log("processing unknown notification...");
message = processError(null, event);
}
postMessage(message, function(response) {
if (response.statusCode < 400) {
callback(null, 'message posted successfully');
} else if (response.statusCode < 500) {
// Don't retry because the error is due to a problem with the request
callback(null, `error posting message to API: ${response.statusCode} - ${response.statusMessage}`);
} else {
// Let Lambda retry
callback(`server error when processing message: ${response.statusCode} - ${response.statusMessage}`);
}
});
};