Skip to content

Commit

Permalink
Branch was auto-updated.
Browse files Browse the repository at this point in the history
  • Loading branch information
@srv-rr-gh-researchbt
srv-rr-gh-researchbt committed Aug 17, 2023
2 parents daceae5 + 5fea0af commit 7f8a7d8
Show file tree
Hide file tree
Showing 4 changed files with 480 additions and 0 deletions.
284 changes: 284 additions & 0 deletions playbooks/AWS_IAM_Account_Unlocking.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,284 @@
{
"blockly": false,
"blockly_xml": "<xml></xml>",
"category": "Account Unlocking",
"coa": {
"data": {
"description": "Accepts user name that needs to be enabled in AWS IAM. Enabling an account involves reattaching their login profile which will require setting a new password. Generates an observable output based on the status of account unlocking or enabling.",
"edges": [
{
"id": "port_0_to_port_2",
"sourceNode": "0",
"sourcePort": "0_out",
"targetNode": "2",
"targetPort": "2_in"
},
{
"id": "port_6_to_port_1",
"sourceNode": "6",
"sourcePort": "6_out",
"targetNode": "1",
"targetPort": "1_in"
},
{
"id": "port_3_to_port_7",
"sourceNode": "3",
"sourcePort": "3_out",
"targetNode": "7",
"targetPort": "7_in"
},
{
"conditions": [
{
"index": 0
}
],
"id": "port_2_to_port_3",
"sourceNode": "2",
"sourcePort": "2_out",
"targetNode": "3",
"targetPort": "3_in"
},
{
"conditions": [
{
"index": 0
}
],
"id": "port_7_to_port_6",
"sourceNode": "7",
"sourcePort": "7_out",
"targetNode": "6",
"targetPort": "6_in"
}
],
"hash": "b2fe53c9f23ab72c164e6ad04defb56936a35804",
"nodes": {
"0": {
"data": {
"advanced": {
"join": []
},
"functionName": "on_start",
"id": "0",
"type": "start"
},
"errors": {},
"id": "0",
"type": "start",
"warnings": {},
"x": 19.999999999999986,
"y": -5.755396159656812e-13
},
"1": {
"data": {
"advanced": {
"join": []
},
"functionName": "on_finish",
"id": "1",
"type": "end"
},
"errors": {},
"id": "1",
"type": "end",
"warnings": {},
"x": 19.999999999999986,
"y": 860
},
"2": {
"data": {
"advanced": {
"customName": "username filter",
"customNameId": 0,
"description": "Filter user name inputs to route inputs to appropriate actions.",
"join": [],
"note": "Filter user name inputs to route inputs to appropriate actions."
},
"conditions": [
{
"comparisons": [
{
"conditionIndex": 0,
"op": "!=",
"param": "playbook_input:user",
"value": ""
}
],
"conditionIndex": 0,
"customName": "username_filter",
"logic": "and"
}
],
"functionId": 1,
"functionName": "username_filter",
"id": "2",
"type": "filter"
},
"errors": {},
"id": "2",
"type": "filter",
"warnings": {},
"x": 60,
"y": 140
},
"3": {
"data": {
"action": "enable user",
"actionType": "correct",
"advanced": {
"customName": "enable user account",
"customNameId": 0,
"description": "Enable user account from filtered playbook inputs.",
"join": [],
"note": "Enable user account from filtered playbook inputs."
},
"connector": "AWS IAM",
"connectorConfigs": [
"aws_iam"
],
"connectorId": "7d06523f-d524-4dbd-befd-7f30f5492882",
"connectorVersion": "v1",
"functionId": 1,
"functionName": "enable_user_account",
"id": "3",
"parameters": {
"enable_access_keys": true,
"password": "Ch@ng3M3!123",
"username": "filtered-data:username_filter:condition_1:playbook_input:user"
},
"requiredParameters": [
{
"data_type": "string",
"field": "password"
},
{
"data_type": "string",
"field": "username"
},
{
"data_type": "boolean",
"default": true,
"field": "enable_access_keys"
}
],
"type": "action"
},
"errors": {},
"id": "3",
"type": "action",
"warnings": {},
"x": 0,
"y": 320
},
"6": {
"data": {
"advanced": {
"customName": "username observables",
"customNameId": 0,
"description": "Format a normalized output for each user.",
"join": [],
"note": "Format a normalized output for each user."
},
"functionId": 2,
"functionName": "username_observables",
"id": "6",
"inputParameters": [
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.parameter.disable_access_keys",
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.parameter.username",
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.parameter.credentials",
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.data.*.RequestId",
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.message",
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.status"
],
"outputVariables": [
"observable_array"
],
"type": "code"
},
"errors": {},
"id": "6",
"type": "code",
"userCode": "\n # Write your custom code here...\n username_observables__observable_array = []\n \n for access_key, usrname, creds, req_id, msg, status in zip(filtered_result_0_parameter_disable_access_keys, filtered_result_0_parameter_username, filtered_result_0_parameter_credentials, filtered_result_0_data___requestid, filtered_result_0_message, filtered_result_0_status):\n user_acc_status = {\n \"type\": \"aws iam user name\",\n \"value\": usrname,\n \"message\": msg,\n \"status\": status\n }\n\n username_observables__observable_array.append(user_acc_status)\n #phantom.debug(username_observables__observable_array)\n",
"warnings": {},
"x": 0,
"y": 680
},
"7": {
"data": {
"advanced": {
"customName": "filter enable result",
"customNameId": 0,
"description": "filter check if the user is enabled successfully.",
"join": [],
"note": "filter check if the user is enabled successfully."
},
"conditions": [
{
"comparisons": [
{
"conditionIndex": 0,
"op": "==",
"param": "enable_user_account:action_result.status",
"value": "success"
}
],
"conditionIndex": 0,
"customName": "enable_success",
"logic": "and"
}
],
"functionId": 2,
"functionName": "filter_enable_result",
"id": "7",
"type": "filter"
},
"errors": {},
"id": "7",
"type": "filter",
"warnings": {},
"x": 60,
"y": 500
}
},
"notes": "Inputs: users\nInteractions: AWS IAM\nActions: enable user\nOutputs: observables"
},
"input_spec": [
{
"contains": [
"user name",
"aws iam user name"
],
"description": "A user name provided for account restoration - AWS IAM",
"name": "user"
}
],
"output_spec": [
{
"contains": [],
"datapaths": [
"username_observables:custom_function:observable_array"
],
"deduplicate": false,
"description": "An array of observable dictionaries ",
"metadata": {},
"name": "observable"
}
],
"playbook_type": "data",
"python_version": "3",
"schema": "5.0.10",
"version": "6.0.1.123902"
},
"create_time": "2023-08-14T15:09:52.076731+00:00",
"draft_mode": false,
"labels": [
"*"
],
"tags": [
"user",
"aws_iam",
"enable_account",
"D3-RUAA"
]
}
Binary file added playbooks/AWS_IAM_Account_Unlocking.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading

0 comments on commit 7f8a7d8

Please sign in to comment.