-
Notifications
You must be signed in to change notification settings - Fork 277
Write a new Rule in PacBot
PacBot user has to perform below steps to write new rule. The new rule can be Federated/Managed/Server-less rule.
Troubleshooting : If you are not able to see the rule result then go to troubleshoot page
To create federated custom rule in pacbot follow below steps.
Go to Eclipse(Package Explorer)-->Right click-->New-->Maven-->Maven Project
Add below dependencies in your pom.xml
1.Add the batch common dependency
1.Create a java class and extend the BaseRule class from the batch commons
2.Override the execute and getHelpText methods
3.Add the class annotation as @PacmanRule with its key,description as shown below
4.Add your business logic inside the execute()
Have RuleExecutor.main method from the rule-engine in your main method for local execution to test your code as shown
Go to Debug configuration-->Java Application-->New-->give class name-->select project-->select the class as shown
Go to Debug configuration-->Java Application-->select the class you mentioned earlier-->click environment tab--enter the BASE_AWS_ACCOUNT and ES_URI as shown
NOTE : BASE_AWS_ACCOUNT is required in the env only when you describing the client in your code,otherwise can't create the client exception will come. ES_URI is to get the inventory and to post the issues
Go to Eclipse now-->debug configuration-->Java Application-->Select the class which you wanted to test-->add the arguments as shown below-->apply-->debug
Go to compliance overview and search for the rule which you have created by its display name or ruleId
Click on the the policy title,you will be directed to policy compliance page
Go to policy violation and search for the rule where you can see the open issue details
Click on any of the issue id, then you will go to policy violation details page
Go to policy knowledge base and search for the rule.
Click on the rule you selected, it will take you to the policy details page where you can see, rule description, resolution details
Managed Rules are PacBot Owned/Managed Rules and all these rule are part of aws rules package To add new managed rule add to this repo and submit PR. To work in your organization you need to build the Jar and upload it to S3 bucket.
Federated Rule is nothing but