golang_surface_attack_api

command module

v0.0.0-...-cd372c4 Latest Latest Go to latest Published: May 14, 2020 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/govital/golang_surface_attack_api

Links

Open Source Insights

README ¶

DESCRIPTION:

A service that you can query and get the attack surface of a VM -
meaning which other machines can access and attack it.



DETAILS:

Cloud environment

The input for the service is a JSON document(/data/input.json) describing the cloud environment.
A cloud environment is described using 2 types of objects: VMs and firewall rules.

The structure of the cloud environment JSON is:

{
“vms”: [ virtual machines ],
“fw_rules”: [ firewall rules ]
}

Virtual Machine

A virtual machine has the following structure:
{
"vm_id": "vm-xxxxxxx",
"name": "jira server",
"tags": ["tag1", ..]
}

vm_id - an identifier that uniquely identifies a virtual machines
name - a user-friendly display name
tags - a list of zero or more tag strings

Firewall Rule

By default, a virtual machine has no access from external sources.
If an administrator wants to make a virtual machine accessible to other machines, it defines a
firewall rule to allow traffic

Firewall rules have the following structure:
{
"fw_id": "fw-xxxxx",
"source_tag": "tag1",
"dest_tag": "tag2"
}

fw_id - an identifier that uniquely identifies a firewall rule
source_tag - a string that represents the source tag of a traffic
dest_tag - a string that represents the destination tag of a traffic
In the example above, all traffic from virtual machines that have “tag1” is allowed to virtual
machines that have “tag2”.



GOAL:

This service has two REST endpoints:

● /attack - which will get a vm_id as a query parameter and return a JSON list of the virtual
machine ids that can potentially attack it

● /stats - which will return service statistics in a JSON format: number of virtual machines
in the cloud environment, number of requests to all endpoints & average request
processing time (in milliseconds).

Statistics are from process startup.

Example of using the attack endpoint:
$ curl 'http://localhost/api/v1/attack?vm_id=vm-a211de'
["vm-c7bac01a07"]

Example of using the stats endpoint:
$ curl 'http://localhost/api/v1/stats'
{"vm_count":2,"request_count":1120232,"average_request_time":0.0030322
68166772597}


TODO NEXT:
● add unit testing & integration testing




more info:

the relevant json file should be placed inside /data folder with file name: input.json

to run: cd into script and:

sh ./start.sh

this will launch the server on port 8080

examples for postman:

http://localhost:8080/api/v1/stats
http://localhost:8080/api/v1/attack?vm_id=vm-ab51cba10

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
consts
handlers
global/errorHandle
global/logger
jsonHandler
middleware
models
providers
crudProvider
webHandlers

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL