mirror of
				https://github.com/falcosecurity/falco.git
				synced 2025-10-22 03:49:36 +00:00 
			
		
		
		
	* Add a falco-sns utility which publishes to an AWS SNS topic * Add an script for deploying function in AWS Lambda * Bump dependencies * Use an empty topic and pass AWS_DEFAULT_REGION environment variable * Add gitignore * Install ca-certificates. Are used when we publish to a SNS topic. * Add myself as a maintainer * Decode events from SNS based messages * Add Terraform manifests for getting an EKS up and running Please, take attention to setup kubectl and how to join workers: https://www.terraform.io/docs/providers/aws/guides/eks-getting-started.html#obtaining-kubectl-configuration-from-terraform https://www.terraform.io/docs/providers/aws/guides/eks-getting-started.html#required-kubernetes-configuration-to-join-worker-nodes * Ignore terraform generated files * Remove autogenerated files * Also publish MessageAttributes which allows to use Filter Policies This allows to subscribe only to errors, or warnings or several priorities or by rule names. It covers same funcionality than NATS publishe does. * Add kubeconfig and aws-iam-authenticator from heptio to Lambda environment * Add role trust from cluster creator to lambda role * Enable CloudWatch for Lambda stuff * Generate kubeconfig, kubeconfig for lambdas and the lambda arn This is used by deployment script * Just a cosmetic change * Add a Makefile which creates the cluster and configures it * Use terraform and artifacts which belongs to this repository for deploying * Move CNCF related deployment to its own directory * Create only SNS and Lambda stuff. Assume that the EKS cluster will be created outside * Bridge IAM with RBAC This allows to use the role for lambdas for authenticating against Kubernetes * Do not rely on terraform for deploying a playbook in lambda * Clean whitespace * Move rebased playbooks to functions * Fix rebase issues with deployment and rbac stuff * Add a clean target to Makefile * Inject sys.path modification to Kubeless function deployment * Add documentation and instructions
		
			
				
	
	
		
			21 lines
		
	
	
		
			484 B
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			21 lines
		
	
	
		
			484 B
		
	
	
	
		
			Python
		
	
	
	
	
	
| import sys
 | |
| import os.path
 | |
| sys.path.append(os.path.join(os.path.abspath(os.path.dirname(__file__))))
 | |
| 
 | |
| import os
 | |
| import playbooks
 | |
| from playbooks import infrastructure
 | |
| 
 | |
| 
 | |
| playbook = playbooks.StartSysdigCaptureForContainer(
 | |
|     infrastructure.KubernetesClient(),
 | |
|     int(os.environ.get('CAPTURE_DURATION', 120)),
 | |
|     os.environ['AWS_S3_BUCKET'],
 | |
|     os.environ['AWS_ACCESS_KEY_ID'],
 | |
|     os.environ['AWS_SECRET_ACCESS_KEY']
 | |
| )
 | |
| 
 | |
| 
 | |
| def handler(event, context):
 | |
|     playbook.run(event['data'])
 |