Skip to content

Commit

Permalink
Merge pull request #137 from kuettai/main
Browse files Browse the repository at this point in the history
Added handling for RDS CACert, Fix #136
  • Loading branch information
kuettai authored Aug 29, 2024
2 parents 4876efd + 5e1e591 commit 3d005f7
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 1 deletion.
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
boto3~=1.26.114
boto3~=1.33.13
packaging~=23.1
XlsxWriter~=3.1.0
netaddr~=0.9.0
Expand Down
8 changes: 8 additions & 0 deletions services/rds/drivers/RdsCommon.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ def __init__(self, db, rdsClient, ctClient, cwClient):
self.rdsClient = rdsClient
self.cwClient = cwClient
self.ctClient = ctClient
self.certInfo = None

self.__configPrefix = 'rds::' + db['Engine'] + '::' + db['EngineVersion'] + '::'
self.isCluster = True
Expand All @@ -42,6 +43,10 @@ def getCAInfo(self):
if self.isCluster == True:
return

if not 'CACertificateIdentifier'in self.db:
_warn("Unable to locate CACertificateIdentifier")
return

ca = self.db['CACertificateIdentifier']
k = 'RDSCaInfo::' + ca

Expand Down Expand Up @@ -452,6 +457,9 @@ def _checkOldSnapshots(self):
self.results['ManualSnapshotTooOld'] = [-1, days]

def _checkCAExpiry(self):
if self.certInfo == None:
return

if self.isCluster == False and self.certInfo['isExpireIn365days'] == True:
exp = self.certInfo['ValidTill'].strftime("%Y-%m-%d")
self.results['CACertExpiringIn365days'] = [-1, "Expired on {}, ({} days left)".format(exp, self.certInfo['expiredInDays'])]
Expand Down

0 comments on commit 3d005f7

Please sign in to comment.