Merge pull request #243 from SumoLogic/sumo-257879

Recovered GIS app from RCE

Author: akhil-sumologic

aws-observability/apps/gis/gis.template.yaml

@@ -0,0 +1,144 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Transform: 'AWS::Serverless-2016-10-31'
+Description: "Version - v2.12.0: Template to setup the Sumo Logic AWS Inventory Source and Root Cause Explorer app."
+
+Metadata:
+  'AWS::CloudFormation::Interface':
+    ParameterGroups:
+      - Label:
+          default: "Sumo Logic Access Configuration (Required)"
+        Parameters:
+          - Section1aSumoDeployment
+          - Section1bSumoAccessID
+          - Section1cSumoAccessKey
+          - Section1dSumoOrganizationId
+          - Section1eRemoveSumoResourcesOnDeleteStack
+
+      - Label:
+          default: "App Details - Sumo Logic Collector Configuration"
+        Parameters:
+          - Section2aInstallApp
+
+      - Label:
+          default: "Local Parameters. Do Not Edit the values."
+        Parameters:
+          - Section3aParentStackLambdaARN
+          - Section3bNestedTemplateVersion
+
+      - Label:
+          default: "App Installation and sharing"
+        Parameters:
+          - Section4aAppInstallLocation
+          - Section4bShare
+
+    ParameterLabels:
+      Section1aSumoDeployment:
+        default: "Sumo Logic Deployment Name"
+      Section1bSumoAccessID:
+        default: "Sumo Logic Access ID"
+      Section1cSumoAccessKey:
+        default: "Sumo Logic Access Key"
+      Section1dSumoOrganizationId:
+        default: "Sumo Logic Organization Id"
+      Section1eRemoveSumoResourcesOnDeleteStack:
+        default: "Delete Sumo Logic Resources when stack is deleted"
+
+      Section2aInstallApp:
+        default: "Create AWS Root Cause Explorer App"
+
+      Section3aParentStackLambdaARN:
+        default: "If Any, Lambda ARN from parent Stack"
+      Section3bNestedTemplateVersion:
+        default: "Nested Templates Version"
+
+      Section4aAppInstallLocation:
+        default: "App Installation location"
+      Section4bShare:
+        default: "Share"
+
+Parameters:
+  Section1aSumoDeployment:
+    Type: String
+    Default: ""
+    Description: "Enter au, ca, de, eu, fed, jp, kr, us1 or us2"
+  Section1bSumoAccessID:
+    Type: String
+    Description: "Sumo Logic Access ID. Used for Sumo Logic API calls."
+    AllowedPattern: ".+"
+    ConstraintDescription: "Sumo Logic Access ID can not be empty."
+  Section1cSumoAccessKey:
+    Type: String
+    Description: "Sumo Logic Access Key. Used for Sumo Logic API calls."
+    AllowedPattern: ".+"
+    ConstraintDescription: "Sumo Logic Access Key can not be empty."
+    NoEcho: true
+  Section1dSumoOrganizationId:
+    Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources."
+    Type: String
+    AllowedPattern: ".+"
+    ConstraintDescription: "Sumo Logic Organization Id can not be empty."
+  Section1eRemoveSumoResourcesOnDeleteStack:
+    AllowedValues:
+      - true
+      - false
+    Default: true
+    Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True.
+                  Deletes the resources created by the stack. Deletion of updated resources will be skipped."
+    Type: String
+  Section2aInstallApp:
+    Type: String
+    Description: "Yes - Installs the Root Cause Explorer App for the Sumo Logic AWS Observability Solution.
+                  No - Skips the installation of this app."
+    Default: 'Yes'
+    AllowedValues:
+      - 'Yes'
+      - 'No'
+  Section3aParentStackLambdaARN:
+    Type: String
+    Default: "ParentStackLambdaARN"
+    Description: Parent Stack Lambda ARN. Do Not Edit the value.
+  Section3bNestedTemplateVersion:
+    Type: String
+    Description: "Provide the version for the nested templates. Default is the latest version."
+    AllowedPattern: ".+"
+  Section4aAppInstallLocation:
+    Type: String
+    Description: "Personal Folder - Installs App in user's Personal folder.
+                  Admin Recommended Folder - Installs App in admin Recommended Folder"
+    Default: 'Personal Folder'
+    AllowedValues:
+      - 'Personal Folder'
+      - 'Admin Recommended Folder'
+  Section4bShare:
+    Type: String
+    Description: "True - Installed App will be visible to all members of the organisation.
+                  False - Installed App will be visible to you only."
+    Default: 'True'
+    AllowedValues:
+      - 'True'
+      - 'False'
+
+Conditions:
+  install_app: !Equals [!Ref Section2aInstallApp, 'Yes']
+
+Resources:
+  CloudTrailDevOps:
+    Type: Custom::App
+    Condition: install_app
+    Properties:
+      ServiceToken: !Ref Section3aParentStackLambdaARN
+      Region: !Ref "AWS::Region"
+      AppName: "Global Intelligence for CloudTrail DevOps"
+      AppId: "c7e195de-f169-460a-8e8b-7bb23af0ee5e"
+      AppSources:
+        CloudTrailLogSrc: "account=* eventSource"
+      FolderName: !Sub "AWS Observability ${Section3bNestedTemplateVersion} "
+      RetainOldAppOnUpdate: true
+      RemoveOnDeleteStack: !Ref Section1eRemoveSumoResourcesOnDeleteStack
+      SumoAccessID: !Ref Section1bSumoAccessID
+      SumoAccessKey: !Ref Section1cSumoAccessKey
+      SumoDeployment: !Ref Section1aSumoDeployment
+      location: !Ref Section4aAppInstallLocation
+      share: !Ref Section4bShare
+      orgid: !Ref Section1dSumoOrganizationId
+

aws-observability/templates/sumologic_observability.master.template.yaml

@@ -1008,3 +1008,23 @@ Resources:
         Section5aAppInstallLocation: !Ref Section10aAppInstallLocation
         Section5bShare: !Ref Section10bShare
         Section1eOrgId: !Ref Section1dSumoLogicOrganizationId
+
+  sumoGISAppStack:
+    Type: AWS::CloudFormation::Stack
+    DependsOn: sumoAlbMetricsAppStack
+    Properties:
+      TemplateURL: !Sub
+        - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/gis/gis.template.yaml"
+        - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName]
+          Version: !FindInMap [CommonData, NestedTemplate, Version]
+      Parameters:
+        Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment
+        Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID
+        Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey
+        Section1dSumoOrganizationId: !Ref Section1dSumoLogicOrganizationId
+        Section1eRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack
+        Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.EnterpriseCheck, "No"]
+        Section3aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN
+        Section3bNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version]
+        Section4aAppInstallLocation: !Ref Section10aAppInstallLocation
+        Section4bShare: !Ref Section10bShare

aws-observability/templates/sumologic_observability.mp.test.yaml

@@ -1019,4 +1019,24 @@ Resources:
         Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName]
         Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version]
         Section5aAppInstallLocation: !Ref Section10aAppInstallLocation
-        Section5bShare: !Ref Section10bShare
+        Section5bShare: !Ref Section10bShare
+
+  sumoGISAppStack:
+    Type: AWS::CloudFormation::Stack
+    DependsOn: sumoAlbMetricsAppStack
+    Properties:
+      TemplateURL: !Sub
+        - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/gis/gis.template.yaml"
+        - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName]
+          Version: !FindInMap [CommonData, NestedTemplate, Version]
+      Parameters:
+        Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment
+        Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID
+        Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey
+        Section1dSumoOrganizationId: !Ref Section1dSumoLogicOrganizationId
+        Section1eRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack
+        Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.EnterpriseCheck, "No"]
+        Section3aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN
+        Section3bNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version]
+        Section4aAppInstallLocation: !Ref Section10aAppInstallLocation
+        Section4bShare: !Ref Section10bShare

aws-observability/templates/sumologic_observability.mp.yaml

@@ -1017,4 +1017,24 @@ Resources:
         Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName]
         Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version]
         Section5aAppInstallLocation: !Ref Section10aAppInstallLocation
-        Section5bShare: !Ref Section10bShare
+        Section5bShare: !Ref Section10bShare
+
+  sumoGISAppStack:
+    Type: AWS::CloudFormation::Stack
+    DependsOn: sumoAlbMetricsAppStack
+    Properties:
+      TemplateURL: !Sub
+        - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/gis/gis.template.yaml"
+        - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName]
+          Version: !FindInMap [CommonData, NestedTemplate, Version]
+      Parameters:
+        Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment
+        Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID
+        Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey
+        Section1dSumoOrganizationId: !Ref Section1dSumoLogicOrganizationId
+        Section1eRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack
+        Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.EnterpriseCheck, "No"]
+        Section3aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN
+        Section3bNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version]
+        Section4aAppInstallLocation: !Ref Section10aAppInstallLocation
+        Section4bShare: !Ref Section10bShare

aws-observability/templates/test/testcases/infra/create_source_existing_bucket_existing_sources.yaml

@@ -58,6 +58,7 @@ TestCase:
           - CreateCommonResources
           - sumoEC2MetricsAppStack
           - sumoAlbMetricsAppStack
+          - sumoGISAppStack
           - sumoElbMetricsAppStack
           - sumoDynamoDBMetricsAppStack
           - sumoRdsMetricsAppStack

aws-observability/templates/test/testcases/infra/default_param_no_alias_and_csv.yaml

@@ -41,6 +41,7 @@ TestCase:
           - sumoLambdaMetricsAppStack
           - sumoECSMetricsAppStack
           - sumoElasticCacheMetricsAppStack
+          - sumoGISAppStack
           - CreateCommonResources.AddAccountField
           - CreateCommonResources.AddRegionField
           - CreateCommonResources.AddNamespaceField
@@ -176,6 +177,7 @@ TestCase:
           - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule
           - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule
           - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule
+          - sumoGISAppStack.CloudTrailDevOps
     - AssertType: OutputsCheck
       Assert:
         Outputs:

aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_invalid_mapping_csv.yaml

@@ -41,6 +41,7 @@ TestCase:
           - sumoLambdaMetricsAppStack
           - sumoECSMetricsAppStack
           - sumoElasticCacheMetricsAppStack
+          - sumoGISAppStack
           - CreateCommonResources.AddAccountField
           - CreateCommonResources.AddRegionField
           - CreateCommonResources.AddNamespaceField
@@ -176,6 +177,7 @@ TestCase:
           - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule
           - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule
           - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule
+          - sumoGISAppStack.CloudTrailDevOps
     - AssertType: OutputsCheck
       Assert:
         Outputs:

aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_valid_mapping_csv.yaml

@@ -41,6 +41,7 @@ TestCase:
           - sumoLambdaMetricsAppStack
           - sumoECSMetricsAppStack
           - sumoElasticCacheMetricsAppStack
+          - sumoGISAppStack
           - CreateCommonResources.AddAccountField
           - CreateCommonResources.AddRegionField
           - CreateCommonResources.AddNamespaceField
@@ -176,6 +177,7 @@ TestCase:
           - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule
           - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule
           - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule
+          - sumoGISAppStack.CloudTrailDevOps
     - AssertType: OutputsCheck
       Assert:
         Outputs:

aws-observability/templates/test/testcases/infra/existing_cloudtrail_alb_source.yaml

@@ -114,6 +114,7 @@ TestCase:
           - sumoLambdaMetricsAppStack
           - sumoECSMetricsAppStack
           - sumoElasticCacheMetricsAppStack
+          - sumoGISAppStack
           - CreateCommonResources.AddAccountField
           - CreateCommonResources.AddRegionField
           - CreateCommonResources.AddNamespaceField
@@ -206,6 +207,7 @@ TestCase:
           - CreateCommonResources.LambdaRoleAlias
           - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule
           - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule
+          - sumoGISAppStack.CloudTrailDevOps
     - AssertType: OutputsCheck
       Assert:
         Outputs:

aws-observability/templates/test/testcases/infra/existing_cloudtrail_bucket.yaml

@@ -56,6 +56,7 @@ TestCase:
           - sumoLambdaMetricsAppStack
           - sumoECSMetricsAppStack
           - sumoElasticCacheMetricsAppStack
+          - sumoGISAppStack
           - CreateCommonResources.AddAccountField
           - CreateCommonResources.AddRegionField
           - CreateCommonResources.AddNamespaceField