Table of Contents |
---|
Introduction
With the introduction of the Clouds feature, you can supply details of your cloud, be-it Amazon AWS or Microsoft Azure, and Open-AudIT will use the relevant API to retrieve a list of locations, networks and instances, then discover each instance within.
Full cloud auditing with all the details from a regular Open-AudIT audit AND details such as the machine type and size.
Note | ||
---|---|---|
| ||
To use this feature you must enable the configuration items match_mac (for AWS) and match_hostname (for Azure). This will be done automatically the first time a cloud discovery is executed. For more on Open-AudIT's matching rules see HERE: Matching Devices |
How Does it Work?
Once you have your cloud credentials, it is simply a matter of creating a new cloud and running the discovery - or scheduling the discovery. Make sure you also have the credentials required to log on to your cloud machines, and it is all done for you just like a regular discovery.
Racks are a feature available to Open-AudIT Enterprise licensed customers.
Creating a Clouds Entry
Simply go to menu -> Discover -> Clouds -> Create Clouds.
You will need to supply a cloud name and type and depending on the type selected, supply the relevant credentials. Screenshots are below showing the currently supported types of AWS and Azure.
Database Schema
NOTE - Columns in the system table are as at 2018-11-05 subject to change.
CREATE TABLE `clouds` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`name` varchar(100) NOT NULL DEFAULT '',
`org_id` int(10) unsigned NOT NULL DEFAULT '1',
`description` text NOT NULL,
`type` enum('amazon','microsoft','google','digitalocean','') NOT NULL DEFAULT '',
`credentials` text NOT NULL,
`status` varchar(50) NOT NULL DEFAULT 'created',
`options` text NOT NULL,
`edited_by` varchar(200) NOT NULL DEFAULT '',
`edited_date` datetime NOT NULL DEFAULT '2000-01-01 00:00:00',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `cloud_log` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`cloud_id` int(10) unsigned DEFAULT NULL,
`timestamp` datetime NOT NULL DEFAULT '2000-01-01 00:00:00',
`severity_text` enum('debug','info','notice','warning','error','critical','alert','emergency') NOT NULL DEFAULT 'notice',
`pid` int(10) unsigned NOT NULL DEFAULT '0',
`message` text NOT NULL,
PRIMARY KEY (`id`),
KEY `pid` (`pid`),
KEY `cloud_id` (`cloud_id`),
CONSTRAINT `cloud_log_cloud_id` FOREIGN KEY (`cloud_id`) REFERENCES `clouds` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
New colums in the system table.
`cloud_id` int(10) unsigned DEFAULT NULL,
`instance_provider` varchar(200) NOT NULL DEFAULT '',
`instance_ident` varchar(200) NOT NULL DEFAULT '',
`instance_type` varchar(200) NOT NULL DEFAULT '',
`instance_state` varchar(200) NOT NULL DEFAULT '',
`instance_reservation_ident` varchar(200) NOT NULL DEFAULT '',
`instance_tags` text NOT NULL,
`instance_options` text NOT NULL,
API / Web Access
You can access the /licenses collection using the normal Open-AudIT JSON based API. Just like any other collection. Please see the API documentation for further details.
Access is provided as part of a roles permissions. Licenses is a standard resource and can have create, read, update and delete permissions.
The API routes below are usable from both a JSON Restful API and the web interface. The Web application routes are specifically designed to be called from the web interface (a browser).
API Routes
Request Method | ID | Action | Resulting Function | Permission Required | URL Example | Notes |
---|---|---|---|---|---|---|
POST | n | create | clouds::create | /clouds | Insert a new clouds entry. | |
GET | y | read | clouds::read | /clouds/{id} | Returns a clouds details. | |
PATCH | y | update | clouds::update | /clouds/{id} | Update an attribute of a clouds entry. | |
DELETE | y | delete | clouds::delete | /clouds/{id} | Delete a clouds entry. | |
GET | n | collection | clouds::read | /clouds | Returns a list of clouds. | |
GET | y | execute | clouds::read | /clouds/{id}/execute | Execute discovery upon a cloud. |
Web Application Routes
Request Method | ID | Action | Resulting Function | Permission Required | URL Example | Notes |
---|---|---|---|---|---|---|
GET | n | create | create_form | clouds::create | /clouds/create | Displays a standard web form for submission to POST /clouds. |
GET | y | update | update_form | clouds::update | /clouds/{id}/update | Show the racks details with the option to update attributes using PATCH to /clouds/{id} |