Versions Compared

Old Version 1

changes.mady.by.user Mark Unwin

Saved on

compared with

New Version Current

changes.mady.by.user Mark Unwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

With the introduction of the Clouds feature, you can supply details of your cloud, be-it Amazon AWS or Microsoft Azure, and Open-AudIT will use the relevant API to retrieve a list of locations, networks, and instances, then discover each instance withinof these instances.

Full cloud auditing with all the details from a regular Open-AudIT audit AND details such as the machine type and size.

Note
titleDevice Matching Rules

To use this feature you must enable the configuration items match_mac (for AWS) and match_hostname (for Azure). This will be done automatically the first time a cloud discovery is executed. For more on Open-AudIT's matching rules see HERE: Matching Devices

How Does it Work?

Once you have your cloud credentials, it is simply merely a matter of creating a new cloud and running the discovery - or scheduling the discoveryfirst/future discoveries. Make sure you also have the credentials required to log on to your cloud machines, and it is all done for you just like a regular discovery.

Racks Clouds are a feature available to Open-AudIT Enterprise licensed customers.

Creating a Clouds Entry

Simply go to menu -> Discover -> Clouds -> Create Clouds.

You will need to supply a cloud name and type and depending on the type selected, supply the relevant credentials. Screenshots are below showing the currently supported types of AWS and Azure.


Database Schema

NOTE - Columns in the system table are as at 2018-11-05 subject to change.

CREATE TABLE `clouds` (
 `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
 `name` varchar(100) NOT NULL DEFAULT '',
 `org_id` int(10) unsigned NOT NULL DEFAULT '1',
 `description` text NOT NULL,
 `type` enum('amazon','microsoft','google','digitalocean','') NOT NULL DEFAULT '',
 `credentials` text NOT NULL,
 `status` varchar(50) NOT NULL DEFAULT 'created',
 `options` text NOT NULL,
 `edited_by` varchar(200) NOT NULL DEFAULT '',
 `edited_date` datetime NOT NULL DEFAULT '2000-01-01 00:00:00',
 PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `cloud_log` (
 `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
 `cloud_id` int(10) unsigned DEFAULT NULL,
 `timestamp` datetime NOT NULL DEFAULT '2000-01-01 00:00:00',
 `severity_text` enum('debug','info','notice','warning','error','critical','alert','emergency') NOT NULL DEFAULT 'notice',
 `pid` int(10) unsigned NOT NULL DEFAULT '0',
 `message` text NOT NULL,
 PRIMARY KEY (`id`),
 KEY `pid` (`pid`),
 KEY `cloud_id` (`cloud_id`),
 CONSTRAINT `cloud_log_cloud_id` FOREIGN KEY (`cloud_id`) REFERENCES `clouds` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

New colums in the system table.

`cloud_id` int(10) unsigned DEFAULT NULL,
 `instance_provider` varchar(200) NOT NULL DEFAULT '',
 `instance_ident` varchar(200) NOT NULL DEFAULT '',
 `instance_type` varchar(200) NOT NULL DEFAULT '',
 `instance_state` varchar(200) NOT NULL DEFAULT '',
 `instance_reservation_ident` varchar(200) NOT NULL DEFAULT '',
 `instance_tags` text NOT NULL,
 `instance_options` text NOT NULL,

The database schema can be found in the application is the user has database::read permission by going to menu: Admin -> Database -> List Tables, then clicking on the details button for the table.


API / Web Access

You can access the

/licenses

collection using the normal Open-AudIT JSON based API. Just like any other collection. Please

see the

see The Open-AudIT API documentation for further details

.

Access is provided as part of a roles permissions. Licenses is a standard resource and can have create, read, update and delete permissions.

The API routes below are usable from both a JSON Restful API and the web interface. The Web application routes are specifically designed to be called from the web interface (a browser)

.

API Routes

Request Method
ID
Action
Resulting Function
Permission Required
URL Example
Notes
POSTn createclouds::create/cloudsInsert a new clouds entry.
GETy readclouds::read/clouds/{id}Returns a clouds details.
PATCHy updateclouds::update/clouds/{id}Update an attribute of a clouds entry.
DELETEy deleteclouds::delete/clouds/{id}Delete a clouds entry.
GETn collectionclouds::read/cloudsReturns a list of clouds.
GETy executeclouds::read/clouds/{id}/executeExecute discovery upon a cloud.

Web Application Routes

Request Method
ID
Action
Resulting Function
Permission Required
URL Example
Notes
GETncreatecreate_formclouds::create/clouds/createDisplays a standard web form for submission to POST /clouds.GETyupdateupdate_formclouds::update/clouds/{id}/updateShow the racks details with the option to update attributes using PATCH to /clouds/{id}