-
Notifications
You must be signed in to change notification settings - Fork 277
Write a new Rule in PacBot
PacBot user has to perform below steps to write new rule. The new rule can be Managed/Federated/Server-less rule. At the time of Rule configuration you will give option to select these rule steps.
To create federated custom rule in pacbot follow below steps.
Go to Eclipse(Package Explorer)-->Right click-->New-->Maven-->Maven Project
Add below dependencies in your pom.xml
1.Add the batch common dependency
1.Create a java class and extend the BaseRule class from the batch commons
2.Override the execute and getHelpText methods
3.Add the class annotation as @PacmanRule with its key,description as shown below
4.Add your business logic inside the execute()
Have RuleExecutor.main method from the rule-engine in your main method for local execution to test your code as shown
Go to Debug configuration-->Java Application-->New-->give class name-->select project-->select the class as shown
Go to Debug configuration-->Java Application-->select the class you mentioned earlier-->click environment tab--enter the BASE_AWS_ACCOUNT and ES_URI as shown
NOTE : BASE_AWS_ACCOUNT is required in the env only when you describing the client in your code,otherwise can't create the client exception will come. ES_URI is to get the inventory and to post the issues
Go to Eclipse now-->debug configuration-->Java Application-->Select the class which you wanted to test-->add the arguments as shown below-->apply-->debug
Go to compliance overview and search for the rule which you have created by its display name or ruleId
Click on the the policy title,you will be directed to policy compliance page
Go to policy violation and search for the rule where you can see the open issue details
Click on any of the issue id, then you will go to policy violation details page
Go to policy knowledge base and search for the rule.
Click on the rule you selected, it will take you to the policy details page where you can see, rule description, resolution details
Maanged Rule is associated with Rule Class. Managed rules are PacBot Owned/Managed Rules and all these rule are part of aws rules package and all rules will have common jar. To add new managed rule add your class to this repo and submit PR. To work in your organization you need to build the Jar and upload it to S3 bucket(pacbot-data-us-east-1-youraccountnumber). Rule Engine will be accessing rules from this jar by based on the rule class you have maintained at the time of rule configuration.
Federated Rule is also associated with Rule Class. the only difference with Managed Rule it will have individual jar for every federated rule class and at the time of rule Configuration you will have option to upload the jar.
It's rest API endpoint and it should able to return 200 response for the success scenario and 500 response code for policy violation scenario.As it's API endpoint no jar associated.