diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c8355cb..6bde7ec 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,11 +1,12 @@ repos: - repo: https://github.com/phantomcyber/dev-cicd-tools - rev: v1.16 + rev: v1.24 hooks: - id: org-hook - id: package-app-dependencies + - id: readme-check - repo: https://github.com/Yelp/detect-secrets - rev: v1.4.0 + rev: v1.5.0 hooks: - id: detect-secrets args: ['--no-verify', '--exclude-files', '^awswafv2.json$'] diff --git a/README.md b/README.md index 7b60883..0141c87 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,11 @@ # AWS WAF V2 Publisher: Splunk -Connector Version: 2.1.8 +Connector Version: 2.1.9 Product Vendor: AWS Product Name: WAF V2 Product Version Supported (regex): ".\*" -Minimum Product Version: 6.1.1 +Minimum Product Version: 6.3.0 This app integrates with AWS WAF to add and delete IP addresses using API version V2 @@ -47,8 +47,8 @@ actions within a playbook. For more information, please see the [AWS Identity an documentation](https://docs.aws.amazon.com/iam/index.html) . -### Configuration Variables -The below configuration variables are required for this Connector to operate. These variables are specified when configuring a WAF V2 asset in SOAR. +### Configuration variables +This table lists the configuration variables required to operate AWS WAF V2. These variables are specified when configuring a WAF V2 asset in Splunk SOAR. VARIABLE | REQUIRED | TYPE | DESCRIPTION -------- | -------- | ---- | ----------- diff --git a/awswafv2.json b/awswafv2.json index 7f7a7aa..de29f4d 100644 --- a/awswafv2.json +++ b/awswafv2.json @@ -10,11 +10,11 @@ "product_version_regex": ".*", "publisher": "Splunk", "license": "Copyright (c) 2021-2024 Splunk Inc.", - "app_version": "2.1.8", - "utctime_updated": "2022-01-07T20:07:08.000000Z", + "app_version": "2.1.9", + "utctime_updated": "2024-12-16T14:09:02.000000Z", "package_name": "phantom_awswafv2", "main_module": "awswafv2_connector.py", - "min_phantom_version": "6.1.1", + "min_phantom_version": "6.3.0", "fips_compliant": true, "app_wizard_version": "1.0.0", "python_version": "3", @@ -918,21 +918,9 @@ "module": "jmespath", "input_file": "wheels/shared/jmespath-0.10.0-py2.py3-none-any.whl" }, - { - "module": "python_dateutil", - "input_file": "wheels/shared/python_dateutil-2.8.2-py2.py3-none-any.whl" - }, { "module": "s3transfer", "input_file": "wheels/shared/s3transfer-0.3.7-py2.py3-none-any.whl" - }, - { - "module": "six", - "input_file": "wheels/shared/six-1.16.0-py2.py3-none-any.whl" - }, - { - "module": "urllib3", - "input_file": "wheels/shared/urllib3-1.26.18-py2.py3-none-any.whl" } ] } diff --git a/awswafv2_connector.py b/awswafv2_connector.py index fb77cb6..d211fc7 100644 --- a/awswafv2_connector.py +++ b/awswafv2_connector.py @@ -87,7 +87,7 @@ def _sanitize_data(self, cur_obj): new_dict.update(page) return new_dict except Exception as e: - return {'error': e} + return {"error": e} return cur_obj @@ -101,8 +101,7 @@ def _make_boto_call(self, action_result, method, paginate=False, empty_payload=F resp_json = boto_func(Scope=self._scope, **kwargs) except Exception as e: exception_message = e.args[0].strip() - return RetVal(action_result.set_status(phantom.APP_ERROR, 'boto3 call to WAF failed', exception_message), - None) + return RetVal(action_result.set_status(phantom.APP_ERROR, "boto3 call to WAF failed", exception_message), None) return phantom.APP_SUCCESS, self._sanitize_data(resp_json) @@ -114,12 +113,12 @@ def _create_client(self, action_result, param=None): # Try getting and using temporary assume role credentials from parameters temp_credentials = dict() - if param and 'credentials' in param: + if param and "credentials" in param: try: - temp_credentials = ast.literal_eval(param['credentials']) - self._access_key = temp_credentials.get('AccessKeyId', '') - self._secret_key = temp_credentials.get('SecretAccessKey', '') - self._session_token = temp_credentials.get('SessionToken', '') + temp_credentials = ast.literal_eval(param["credentials"]) + self._access_key = temp_credentials.get("AccessKeyId", "") + self._secret_key = temp_credentials.get("SecretAccessKey", "") + self._session_token = temp_credentials.get("SessionToken", "") self.save_progress("Using temporary assume role credentials for action") except Exception as e: @@ -134,13 +133,11 @@ def _create_client(self, action_result, param=None): aws_access_key_id=self._access_key, aws_secret_access_key=self._secret_key, aws_session_token=self._session_token, - config=boto_config) + config=boto_config, + ) else: self.debug_print("Creating boto3 client without API keys") - self._client = client( - AWSWAF_VERSION_V2, - region_name=self._region, - config=boto_config) + self._client = client(AWSWAF_VERSION_V2, region_name=self._region, config=boto_config) except Exception as e: return action_result.set_status(phantom.APP_ERROR, "Could not create boto3 client: {0}".format(e)) @@ -152,14 +149,14 @@ def _verify_ip_set(self, action_result, ip_set, id, name): ip_set_name = "" if id: param = id - key = 'Id' + key = "Id" else: param = name - key = 'Name' + key = "Name" for ipset in ip_set: if ipset.get(key) == param: - ip_set_id = ipset.get('Id') - ip_set_name = ipset.get('Name') + ip_set_id = ipset.get("Id") + ip_set_name = ipset.get("Name") break return ip_set_id, ip_set_name @@ -169,30 +166,30 @@ def _validate_ip(self, ip_address): if not x: return None - ip_add = ip_address.split('/')[0] + ip_add = ip_address.split("/")[0] try: ipaddress.IPv4Address(ip_add) - return 'IPV4' + return "IPV4" except Exception: pass try: ipaddress.IPv6Address(ip_add) - return 'IPV6' + return "IPV6" except Exception: return None def _ip_update(self, action_result, ip_address_list, ip_set_id, ip_set_name): # get_ip_set call for retrieving lock_token and ip_address try: - ret_val, resp_json = self._make_boto_call(action_result, 'get_ip_set', Name=ip_set_name, Id=ip_set_id) + ret_val, resp_json = self._make_boto_call(action_result, "get_ip_set", Name=ip_set_name, Id=ip_set_id) if phantom.is_fail(ret_val): return action_result.set_status(phantom.APP_ERROR, AWSWAF_ERR_GET_IPSET) except Exception as e: return action_result.set_status(phantom.APP_ERROR, str(e)) # getting existing ip addresses from ip set - list_addresses = resp_json.get('IPSet', {}).get('Addresses', []) - lock_token = resp_json.get('LockToken') + list_addresses = resp_json.get("IPSet", {}).get("Addresses", []) + lock_token = resp_json.get("LockToken") # update ip address based on action if AWSWAF_ADD_IP == self.get_action_identifier(): @@ -206,9 +203,9 @@ def _ip_update(self, action_result, ip_address_list, ip_set_id, ip_set_name): # Update call using lock token and updated list of ip_address try: - ret_val, resp_json = self._make_boto_call(action_result, 'update_ip_set', Name=ip_set_name, - Id=ip_set_id, Addresses=list_addresses, - LockToken=lock_token) + ret_val, resp_json = self._make_boto_call( + action_result, "update_ip_set", Name=ip_set_name, Id=ip_set_id, Addresses=list_addresses, LockToken=lock_token + ) if phantom.is_fail(ret_val): return action_result.get_status() except Exception as e: @@ -224,11 +221,11 @@ def paginator(self, limit, action_result, param): return action_result.get_status() action_identifier_map = { - 'list_ip_sets': ['list_ip_sets', 'IPSets'], - 'list_acls': ['list_web_acls', 'WebACLs'], - 'add_ip': ['list_ip_sets', 'IPSets'], - 'delete_ip': ['list_ip_sets', 'IPSets'], - 'delete_ip_set': ['list_ip_sets', 'IPSets'] + "list_ip_sets": ["list_ip_sets", "IPSets"], + "list_acls": ["list_web_acls", "WebACLs"], + "add_ip": ["list_ip_sets", "IPSets"], + "delete_ip": ["list_ip_sets", "IPSets"], + "delete_ip_set": ["list_ip_sets", "IPSets"], } action_identifier = self.get_action_identifier() @@ -242,11 +239,12 @@ def paginator(self, limit, action_result, param): set_list = list() while True: - if not resp_json.get('NextMarker'): + if not resp_json.get("NextMarker"): ret_val, resp_json = self._make_boto_call(action_result, method_name, Limit=AWSWAF_DEFAULT_LIMIT) else: - ret_val, resp_json = self._make_boto_call(action_result, method_name, Limit=AWSWAF_DEFAULT_LIMIT, - NextMarker=resp_json.get('NextMarker')) + ret_val, resp_json = self._make_boto_call( + action_result, method_name, Limit=AWSWAF_DEFAULT_LIMIT, NextMarker=resp_json.get("NextMarker") + ) if phantom.is_fail(ret_val) or resp_json is None: self.save_progress("Error while getting the {}".format(set_name)) @@ -257,7 +255,7 @@ def paginator(self, limit, action_result, param): break else: set_list.extend(resp_json.get(set_name)) - if not resp_json.get('NextMarker'): + if not resp_json.get("NextMarker"): break if limit: limit -= AWSWAF_DEFAULT_LIMIT @@ -266,7 +264,7 @@ def paginator(self, limit, action_result, param): def validate_params(self, action_result, ip_set_id, ip_set_name, ip_address_list): - ip_type = '' + ip_type = "" if not ip_set_id and not ip_set_name: return action_result.set_status(phantom.APP_ERROR, AWSWAF_INSUFFICIENT_PARAM) @@ -288,7 +286,7 @@ def _handle_test_connectivity(self, param): self.save_progress(AWSWAF_INFO_CHECK_CREDENTIALS) - if self._scope == AWSWAF_SCOPE_CLOUDFRONT and not self._region == 'us-east-1': + if self._scope == AWSWAF_SCOPE_CLOUDFRONT and not self._region == "us-east-1": self.save_progress(AWSWAF_INFO_SCOPE) return action_result.set_status(phantom.APP_ERROR) @@ -296,7 +294,7 @@ def _handle_test_connectivity(self, param): return action_result.get_status() # make rest call - ret_val, resp_json = self._make_boto_call(action_result, 'list_rule_groups') + ret_val, resp_json = self._make_boto_call(action_result, "list_rule_groups") if phantom.is_fail(ret_val) or resp_json is None: self.save_progress(AWSWAF_TEST_CONNECTIVITY_FAILED) @@ -313,36 +311,37 @@ def _handle_add_ip(self, param): # Add an action result object to self (BaseConnector) to represent the action for this param action_result = self.add_action_result(ActionResult(dict(param))) - ip_set_id = param.get('ip_set_id') - ip_set_name = param.get('ip_set_name') - ip_address = param.get('ip_address') - ip_address_list = [x.strip() for x in ip_address.split(',') if x.strip()] + ip_set_id = param.get("ip_set_id") + ip_set_name = param.get("ip_set_name") + ip_address = param.get("ip_address") + ip_address_list = [x.strip() for x in ip_address.split(",") if x.strip()] ip_type = self.validate_params(action_result, ip_set_id, ip_set_name, ip_address_list) ip_set = self.paginator(AWSWAF_DEFAULT_LIMIT, action_result, param) ip_set_id, ip_set_name = self._verify_ip_set(action_result, ip_set, ip_set_id, ip_set_name) if not ip_set_id: - ip_set_name = param.get('ip_set_name') + ip_set_name = param.get("ip_set_name") # create a new IP set with given IP addresses - ret_val, resp_json = self._make_boto_call(action_result, 'create_ip_set', Name=ip_set_name, - IPAddressVersion=ip_type, Addresses=ip_address_list) + ret_val, resp_json = self._make_boto_call( + action_result, "create_ip_set", Name=ip_set_name, IPAddressVersion=ip_type, Addresses=ip_address_list + ) if phantom.is_fail(ret_val): return action_result.set_status(phantom.APP_ERROR, AWSWAF_ERR_CREATE_IPSET) action_result.set_status(phantom.APP_SUCCESS) - ip_set_id = resp_json.get('Summary', {}).get('Id') - action_result.add_data({'Id': ip_set_id}) + ip_set_id = resp_json.get("Summary", {}).get("Id") + action_result.add_data({"Id": ip_set_id}) else: ret_val = self._ip_update(action_result, ip_address_list, ip_set_id, ip_set_name) summary = action_result.update_summary({}) if phantom.is_fail(ret_val): - summary['ip_status'] = AWSWAF_ADD_IP_FAILED + summary["ip_status"] = AWSWAF_ADD_IP_FAILED - summary['ip_status'] = AWSWAF_ADD_IP_SUCCESS + summary["ip_status"] = AWSWAF_ADD_IP_SUCCESS return action_result.get_status() @@ -353,11 +352,11 @@ def _handle_delete_ip(self, param): # Add an action result object to self (BaseConnector) to represent the action for this param action_result = self.add_action_result(ActionResult(dict(param))) - ip_set_id = param.get('ip_set_id') - ip_set_name = param.get('ip_set_name') - ip_address = param.get('ip_address') + ip_set_id = param.get("ip_set_id") + ip_set_name = param.get("ip_set_name") + ip_address = param.get("ip_address") - ip_address_list = [x.strip() for x in ip_address.split(',') if x.strip()] + ip_address_list = [x.strip() for x in ip_address.split(",") if x.strip()] _ = self.validate_params(action_result, ip_set_id, ip_set_name, ip_address_list) ip_set = self.paginator(AWSWAF_DEFAULT_LIMIT, action_result, param) @@ -372,9 +371,9 @@ def _handle_delete_ip(self, param): summary = action_result.update_summary({}) if phantom.is_fail(ret_val): - summary['ip_status'] = AWSWAF_DELETE_IP_FAILED + summary["ip_status"] = AWSWAF_DELETE_IP_FAILED - summary['ip_status'] = AWSWAF_DELETE_IP_SUCCESS + summary["ip_status"] = AWSWAF_DELETE_IP_SUCCESS return action_result.get_status() @@ -384,8 +383,8 @@ def _handle_delete_ip_set(self, param): # Add an action result object to self (BaseConnector) to represent the action for this param action_result = self.add_action_result(ActionResult(dict(param))) - ip_set_id = param.get('ip_set_id') - ip_set_name = param.get('ip_set_name') + ip_set_id = param.get("ip_set_id") + ip_set_name = param.get("ip_set_name") ip_set = self.paginator(AWSWAF_DEFAULT_LIMIT, action_result, param) @@ -395,26 +394,25 @@ def _handle_delete_ip_set(self, param): return action_result.set_status(phantom.APP_ERROR, AWSWAF_INVALID_INPUT) try: - ret_val, resp_json = self._make_boto_call(action_result, 'get_ip_set', Name=ip_set_name, Id=ip_set_id) + ret_val, resp_json = self._make_boto_call(action_result, "get_ip_set", Name=ip_set_name, Id=ip_set_id) if phantom.is_fail(ret_val): return action_result.set_status(phantom.APP_ERROR, AWSWAF_ERR_GET_IPSET) except Exception as e: return action_result.set_status(phantom.APP_ERROR, str(e)) - lock_token = resp_json.get('LockToken') + lock_token = resp_json.get("LockToken") try: - ret_val, resp_json = self._make_boto_call(action_result, 'delete_ip_set', Name=ip_set_name, - Id=ip_set_id, LockToken=lock_token) + ret_val, resp_json = self._make_boto_call(action_result, "delete_ip_set", Name=ip_set_name, Id=ip_set_id, LockToken=lock_token) except Exception as e: return action_result.set_status(phantom.APP_ERROR, str(e)) summary = action_result.update_summary({}) if phantom.is_fail(ret_val): - summary['delete_status'] = AWSWAF_DELETE_IPSET_FAILED + summary["delete_status"] = AWSWAF_DELETE_IPSET_FAILED return action_result.get_status() - summary['delete_status'] = AWSWAF_DELETE_IPSET_SUCCESS + summary["delete_status"] = AWSWAF_DELETE_IPSET_SUCCESS action_result.add_data(resp_json) @@ -427,7 +425,7 @@ def _handle_list_acls(self, param): # Add an action result object to self (BaseConnector) to represent the action for this param action_result = self.add_action_result(ActionResult(dict(param))) - limit = param.get('limit') + limit = param.get("limit") if limit == 0 or (limit and (not str(limit).isdigit() or limit <= 0)): return action_result.set_status(phantom.APP_ERROR, AWSWAF_INVALID_LIMIT) @@ -441,7 +439,7 @@ def _handle_list_acls(self, param): # Add a dictionary that is made up of the most important values from data into the summary summary = action_result.update_summary({}) - summary['number of acls'] = len(set_list) + summary["number of acls"] = len(set_list) return action_result.set_status(phantom.APP_SUCCESS) @@ -451,7 +449,7 @@ def _handle_list_ip_sets(self, param): # Add an action result object to self (BaseConnector) to represent the action for this param action_result = self.add_action_result(ActionResult(dict(param))) - limit = param.get('limit') + limit = param.get("limit") if limit == 0 or (limit and (not str(limit).isdigit() or limit <= 0)): return action_result.set_status(phantom.APP_ERROR, AWSWAF_INVALID_LIMIT) @@ -466,7 +464,7 @@ def _handle_list_ip_sets(self, param): # Add a dictionary that is made up of the most important values from data into the summary summary = action_result.update_summary({}) - summary['number of ip sets'] = len(set_list) + summary["number of ip sets"] = len(set_list) return action_result.set_status(phantom.APP_SUCCESS) @@ -476,12 +474,12 @@ def handle_action(self, param): self.debug_print("action_id", self.get_action_identifier()) action_mapping = { - 'test_connectivity': self._handle_test_connectivity, - 'add_ip': self._handle_add_ip, - 'delete_ip': self._handle_delete_ip, - 'delete_ip_set': self._handle_delete_ip_set, - 'list_acls': self._handle_list_acls, - 'list_ip_sets': self._handle_list_ip_sets + "test_connectivity": self._handle_test_connectivity, + "add_ip": self._handle_add_ip, + "delete_ip": self._handle_delete_ip, + "delete_ip_set": self._handle_delete_ip_set, + "list_acls": self._handle_list_acls, + "list_ip_sets": self._handle_list_ip_sets, } action = self.get_action_identifier() @@ -509,16 +507,16 @@ def initialize(self): config = self.get_config() self._proxy = {} - env_vars = config.get('_reserved_environment_variables', {}) - if 'HTTP_PROXY' in env_vars: - self._proxy['http'] = env_vars['HTTP_PROXY']['value'] - if 'HTTPS_PROXY' in env_vars: - self._proxy['https'] = env_vars['HTTPS_PROXY']['value'] + env_vars = config.get("_reserved_environment_variables", {}) + if "HTTP_PROXY" in env_vars: + self._proxy["http"] = env_vars["HTTP_PROXY"]["value"] + if "HTTPS_PROXY" in env_vars: + self._proxy["https"] = env_vars["HTTPS_PROXY"]["value"] self._region = AWSWAF_REGION_DICT.get(config[AWSWAF_REGION]) self._scope = config.get(AWSWAF_SCOPE) - if config.get('use_role'): + if config.get("use_role"): credentials = self._handle_get_ec2_role() if not credentials: return self.set_status(phantom.APP_ERROR, "Failed to get EC2 role credentials") @@ -543,7 +541,7 @@ def finalize(self): return phantom.APP_SUCCESS -if __name__ == '__main__': +if __name__ == "__main__": import argparse @@ -553,9 +551,9 @@ def finalize(self): argparser = argparse.ArgumentParser() - argparser.add_argument('input_test_json', help='Input Test JSON file') - argparser.add_argument('-u', '--username', help='username', required=False) - argparser.add_argument('-p', '--password', help='password', required=False) + argparser.add_argument("input_test_json", help="Input Test JSON file") + argparser.add_argument("-u", "--username", help="username", required=False) + argparser.add_argument("-p", "--password", help="password", required=False) args = argparser.parse_args() session_id = None @@ -563,31 +561,31 @@ def finalize(self): username = args.username password = args.password - if (username is not None and password is None): + if username is not None and password is None: # User specified a username but not a password, so ask import getpass password = getpass.getpass("Password: ") - if (username and password): + if username and password: login_url = BaseConnector._get_phantom_base_url() + "login" try: print("Accessing the Login page") r = requests.get(login_url, verify=False) - csrftoken = r.cookies['csrftoken'] + csrftoken = r.cookies["csrftoken"] data = dict() - data['username'] = username - data['password'] = password - data['csrfmiddlewaretoken'] = csrftoken + data["username"] = username + data["password"] = password + data["csrfmiddlewaretoken"] = csrftoken headers = dict() - headers['Cookie'] = 'csrftoken=' + csrftoken - headers['Referer'] = login_url + headers["Cookie"] = "csrftoken=" + csrftoken + headers["Referer"] = login_url print("Logging into Platform to get the session id") r2 = requests.post(login_url, verify=False, data=data, headers=headers) - session_id = r2.cookies['sessionid'] + session_id = r2.cookies["sessionid"] except Exception as e: print("Unable to get session id from the platform. Error: " + str(e)) exit(1) @@ -600,9 +598,9 @@ def finalize(self): connector = AwsWafConnector() connector.print_progress_message = True - if (session_id is not None): - in_json['user_session_token'] = session_id - connector._set_csrf_info(csrftoken, headers['Referer']) + if session_id is not None: + in_json["user_session_token"] = session_id + connector._set_csrf_info(csrftoken, headers["Referer"]) ret_val = connector._handle_action(json.dumps(in_json), None) print(json.dumps(json.loads(ret_val), indent=4)) diff --git a/awswafv2_consts.py b/awswafv2_consts.py index 1ba5ef9..475d468 100644 --- a/awswafv2_consts.py +++ b/awswafv2_consts.py @@ -12,35 +12,36 @@ # the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, # either express or implied. See the License for the specific language governing permissions # and limitations under the License. -AWSWAF_VERSION_V2 = 'wafv2' -AWSWAF_ACCESS_KEY = 'access_key_id' -AWSWAF_SECRET_KEY = 'access_key_secret' # pragma: allowlist secret -AWSWAF_REGION = 'region' -AWSWAF_SCOPE = 'scope' -AWSWAF_SCOPE_CLOUDFRONT = 'CLOUDFRONT' -AWSWAF_ADD_IP = 'add_ip' -AWSWAF_DELETE_IP = 'delete_ip' +AWSWAF_VERSION_V2 = "wafv2" +AWSWAF_ACCESS_KEY = "access_key_id" +AWSWAF_SECRET_KEY = "access_key_secret" # pragma: allowlist secret +AWSWAF_REGION = "region" +AWSWAF_SCOPE = "scope" +AWSWAF_SCOPE_CLOUDFRONT = "CLOUDFRONT" +AWSWAF_ADD_IP = "add_ip" +AWSWAF_DELETE_IP = "delete_ip" AWSWAF_DEFAULT_LIMIT = 100 -AWSWAF_INSUFFICIENT_PARAM = 'Insufficient parameters. Please provide either ip_set_name or ip_set_id' -AWSWAF_ERR_TOKEN = 'Error in connection while getting the token' -AWSWAF_ERR_CREATE_IPSET = 'Error in connection while creating a new IP set' -AWSWAF_ERR_GET_IPSET = 'Error in connection while getting an IP set' -AWSWAF_ERR_UPDATE_IPSET = 'Error in connection while updating an IP set' +AWSWAF_INSUFFICIENT_PARAM = "Insufficient parameters. Please provide either ip_set_name or ip_set_id" +AWSWAF_ERR_TOKEN = "Error in connection while getting the token" +AWSWAF_ERR_CREATE_IPSET = "Error in connection while creating a new IP set" +AWSWAF_ERR_GET_IPSET = "Error in connection while getting an IP set" +AWSWAF_ERR_UPDATE_IPSET = "Error in connection while updating an IP set" AWSWAF_ERR_LIST_WEBACLS = "Error while connecting list_web_acls api" AWSWAF_ERR_LIST_IPSET = "Error while connecting list_ip_sets api" AWSWAF_ERR_IP_NOT_FOUND = "IP could not be found in the given ip set. Please provide valid input parameters" -AWSWAF_INVALID_INPUT = 'The given input ip_set_id/ip_set_name is not valid. Please provide valid input parameters' -AWSWAF_INVALID_IP = 'Please enter IP in a proper format which includes the mask of the IP (e.g. 126.0.0.0/24 or ' \ - '1111:0000:0000:0000:0000:0000:0000:0115/128)' -AWSWAF_INVALID_LIMIT = 'Please provide a non-zero positive integer in limit' -AWSWAF_TEST_CONNECTIVITY_FAILED = 'Test Connectivity Failed' -AWSWAF_TEST_CONNECTIVITY_PASSED = 'Test Connectivity Passed' -AWSWAF_ADD_IP_SUCCESS = 'IP(s) added successfully' -AWSWAF_ADD_IP_FAILED = 'IP could not be added' -AWSWAF_DELETE_IP_FAILED = 'IP could not be deleted' -AWSWAF_DELETE_IP_SUCCESS = 'IP(s) deleted successfully' -AWSWAF_DELETE_IPSET_FAILED = 'IP Set could not be deleted' -AWSWAF_DELETE_IPSET_SUCCESS = 'IP Set deleted successfully' +AWSWAF_INVALID_INPUT = "The given input ip_set_id/ip_set_name is not valid. Please provide valid input parameters" +AWSWAF_INVALID_IP = ( + "Please enter IP in a proper format which includes the mask of the IP (e.g. 126.0.0.0/24 or " "1111:0000:0000:0000:0000:0000:0000:0115/128)" +) +AWSWAF_INVALID_LIMIT = "Please provide a non-zero positive integer in limit" +AWSWAF_TEST_CONNECTIVITY_FAILED = "Test Connectivity Failed" +AWSWAF_TEST_CONNECTIVITY_PASSED = "Test Connectivity Passed" +AWSWAF_ADD_IP_SUCCESS = "IP(s) added successfully" +AWSWAF_ADD_IP_FAILED = "IP could not be added" +AWSWAF_DELETE_IP_FAILED = "IP could not be deleted" +AWSWAF_DELETE_IP_SUCCESS = "IP(s) deleted successfully" +AWSWAF_DELETE_IPSET_FAILED = "IP Set could not be deleted" +AWSWAF_DELETE_IPSET_SUCCESS = "IP Set deleted successfully" AWSWAF_BAD_ASSET_CFG_ERR_MSG = "Please provide access keys or select assume role check box in asset configuration" AWSWAF_INFO_CHECK_CREDENTIALS = "Querying AWS to check credentials" AWSWAF_INFO_SCOPE = "To work with CloudFront scope, you must specify the Region US East (N. Virginia)" @@ -65,5 +66,5 @@ "EU (Stockholm)": "eu-north-1", "South America (Sao Paulo)": "sa-east-1", "AWS GovCloud (US-East)": "us-gov-east-1", - "AWS GovCloud (US)": "us-gov-west-1" + "AWS GovCloud (US)": "us-gov-west-1", } diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..4c594fc --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,8 @@ +[tool.black] +line-length = 145 +target-version = ['py39'] +verbose = true + +[tool.isort] +line_length = 145 +profile = "black" diff --git a/release_notes/2.1.9.md b/release_notes/2.1.9.md new file mode 100644 index 0000000..b0ab132 --- /dev/null +++ b/release_notes/2.1.9.md @@ -0,0 +1 @@ +* [PSAAS-20421] update dependencies \ No newline at end of file diff --git a/tox.ini b/tox.ini index c4644ad..720a141 100644 --- a/tox.ini +++ b/tox.ini @@ -1,7 +1,4 @@ [flake8] max-line-length = 145 max-complexity = 28 -extend-ignore = F403,E128,E126,E111,E121,E127,E731,E201,E202,F405,E722,D,W292 - -[isort] -line_length = 145 +extend-ignore = F403,E128,E126,E121,E127,E731,E201,E202,E203,E701,F405,E722,D,W503