Skip to content

Write a new Rule in PacBot

Santhoshi Gorle edited this page Jan 9, 2019 · 41 revisions

PacBot user has to perform below steps to write new rule. The new rule can be Managed/Federated/Server-less rule. At the time of Rule configuration you will give option to select these rule steps.

  1. Create Rule class using any editor

  2. Configure Policy/Rule from PacBot Admin page

  3. Visualize Rule compliance using PacBot generic Dashboards

  4. Troubleshooting

Create Rule Class

Create Federated Custom Rule in PacBot

To create federated custom rule in pacbot follow below steps.

Step 1:

Go to Eclipse(Package Explorer)-->Right click-->New-->Maven-->Maven Project

Step 2:

Add below dependencies in your pom.xml

1.Add the batch common dependency

2.Rule engine dependency

Step 3:

1.Create a java class and extend the BaseRule class from the batch commons

2.Override the execute and getHelpText methods

3.Add the class annotation as @PacmanRule with its key,description as shown below

4.Add your business logic inside the execute()

Step 4:

Have RuleExecutor.main method from the rule-engine in your main method for local execution to test your code as shown

Step 5:

Go to Debug configuration-->Java Application-->New-->give class name-->select project-->select the class as shown

Step 6:

Go to Debug configuration-->Java Application-->select the class you mentioned earlier-->click environment tab--enter the BASE_AWS_ACCOUNT and ES_URI as shown

NOTE : BASE_AWS_ACCOUNT is required in the env only when you describing the client in your code,otherwise can't create the client exception will come. ES_URI is to get the inventory and to post the issues

Step 7:

Go to Eclipse now-->debug configuration-->Java Application-->Select the class which you wanted to test-->add the arguments as shown below-->apply-->debug

Main Method Test

Visualize Rule compliance using PacBot generic Dashboards

Dashboard 1:

Go to compliance overview and search for the rule which you have created by its display name or ruleId

Click on the the policy title,you will be directed to policy compliance page

Dashboard 2:

Go to policy violation and search for the rule where you can see the open issue details

Click on any of the issue id, then you will go to policy violation details page

Dashboard 3:

Go to policy knowledge base and search for the rule.

Click on the rule you selected, it will take you to the policy details page where you can see, rule description, resolution details

Managed Rule

Maanged Rule is associated with Rule Class. Managed rules are PacBot Owned/Managed Rules and all these rule are part of aws rules package and all rules will have common jar. To add new managed rule add your class to this repo and submit PR. To work in your organization you need to build the Jar and upload it to S3 bucket(pacbot-data-us-east-1-youraccountnumber). Rule Engine will be accessing rules from this jar by based on the rule class you have maintained at the time of rule configuration.

Federated Rule

Federated Rule is also associated with Rule Class. the only difference with Managed Rule it will have individual jar for every federated rule class and at the time of rule Configuration you will have option to upload the jar.

Server-less Rule

It's rest API endpoint and it should able to return 200 response for the success scenario and 500 response code for policy violation scenario.As it's API endpoint no jar associated.

Clone this wiki locally