# Varroa
Varroa is a security related openstack service. It is named after the varroa mite
which could be considered a vulnerability to bees.
It has several functions:
* Track IP ownership over time in openstack
* Store and manage discovered security risks from openstack resources.
It's main/initial purpose is to ingest security scan data, link these IP addresses to
openstack resources and provide the ability for the owners of those resources to see
these security risks.
## Client
To install the client:
pip install varroaclient
Source: https://github.com/NeCTAR-RC/python-varroaclient
## Concepts
### IP Usage
Varroa will keep track of what openstack resource owned an IP address for what period.
It does this by consuming port create/update/delete events from neutron.
### Security Risk Type
A security risk type is an admin defined type of security risk. An example could be "Password SSH allowed"
A security risk type has a name and a description. The description should describe what the security risk is
and ideally the steps taken to fix this risk.
### Security Risk
A security risk is the linkage of a security risk type to an openstack resource.
eg. Compute instance with id XYZ has a "Password SSH allowed" security risk.
Only the IP address of the affected resource needs to be entered when creating a new security risk. Varroa
will then process this entry and attempt to link that IP address to an Openstack resource.
#### Security Risk workflow/states
When you create a new security risk it will have the initial state of NEW.
Varroa will attempt to link all NEW security risks with an openstack resource.
If varroa finds a matching resource then it will add these details to the security risk
Once varroa has attempted to link the IP to a resource it will change the status of the
security risk to PROCESSED. If project_id/resource_id is null and status = PROCESSED it
means varroa couldn't find a matching resource.
## Installation
You can install varroa using helm onto a k8s cluster
see https://github.com/NeCTAR-RC/varroa-helm
Raw data
{
"_id": null,
"home_page": "https://github.com/NeCTAR-RC/varroa",
"name": "varroa",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "varroa",
"author": "ARDC Nectar Cloud Services",
"author_email": "coreservices@ardc.edu.au",
"download_url": "https://files.pythonhosted.org/packages/cf/62/83b95f33b21b22f4be0868ad4104a7135f0a0e74189c36f25bbd880d592b/varroa-0.11.1.tar.gz",
"platform": null,
"description": "# Varroa\n\nVarroa is a security related openstack service. It is named after the varroa mite\nwhich could be considered a vulnerability to bees.\nIt has several functions:\n\n * Track IP ownership over time in openstack\n * Store and manage discovered security risks from openstack resources.\n\nIt's main/initial purpose is to ingest security scan data, link these IP addresses to\nopenstack resources and provide the ability for the owners of those resources to see\nthese security risks.\n\n## Client\nTo install the client:\n pip install varroaclient\n\nSource: https://github.com/NeCTAR-RC/python-varroaclient\n\n## Concepts\n\n### IP Usage\nVarroa will keep track of what openstack resource owned an IP address for what period.\nIt does this by consuming port create/update/delete events from neutron.\n\n### Security Risk Type\nA security risk type is an admin defined type of security risk. An example could be \"Password SSH allowed\"\n\nA security risk type has a name and a description. The description should describe what the security risk is\nand ideally the steps taken to fix this risk.\n\n### Security Risk\nA security risk is the linkage of a security risk type to an openstack resource.\neg. Compute instance with id XYZ has a \"Password SSH allowed\" security risk.\n\nOnly the IP address of the affected resource needs to be entered when creating a new security risk. Varroa\nwill then process this entry and attempt to link that IP address to an Openstack resource.\n\n#### Security Risk workflow/states\n\nWhen you create a new security risk it will have the initial state of NEW.\nVarroa will attempt to link all NEW security risks with an openstack resource.\nIf varroa finds a matching resource then it will add these details to the security risk\nOnce varroa has attempted to link the IP to a resource it will change the status of the\nsecurity risk to PROCESSED. If project_id/resource_id is null and status = PROCESSED it\nmeans varroa couldn't find a matching resource.\n\n## Installation\nYou can install varroa using helm onto a k8s cluster\nsee https://github.com/NeCTAR-RC/varroa-helm\n\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "Vulnerability management for Opentack",
"version": "0.11.1",
"project_urls": {
"Homepage": "https://github.com/NeCTAR-RC/varroa"
},
"split_keywords": [
"varroa"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "174e53a951830707d9691f30a7bb229bcebbae19827597c7fa2fa69fb5bd802f",
"md5": "d2fc56deabeca816701d2e271ec78eab",
"sha256": "341a7154b3004dc54c42c0d60e0355219e1294f1ee1936f6c78880affb4d0c55"
},
"downloads": -1,
"filename": "varroa-0.11.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "d2fc56deabeca816701d2e271ec78eab",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 58863,
"upload_time": "2024-10-18T00:47:56",
"upload_time_iso_8601": "2024-10-18T00:47:56.142871Z",
"url": "https://files.pythonhosted.org/packages/17/4e/53a951830707d9691f30a7bb229bcebbae19827597c7fa2fa69fb5bd802f/varroa-0.11.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "cf6283b95f33b21b22f4be0868ad4104a7135f0a0e74189c36f25bbd880d592b",
"md5": "bde0fb6d8e39489a482a317003e47224",
"sha256": "4f39a78f9bc8ae73d906dff280c3fba767cef9703a1e8e3d64bd8193e16d0238"
},
"downloads": -1,
"filename": "varroa-0.11.1.tar.gz",
"has_sig": false,
"md5_digest": "bde0fb6d8e39489a482a317003e47224",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 33564,
"upload_time": "2024-10-18T00:47:58",
"upload_time_iso_8601": "2024-10-18T00:47:58.374206Z",
"url": "https://files.pythonhosted.org/packages/cf/62/83b95f33b21b22f4be0868ad4104a7135f0a0e74189c36f25bbd880d592b/varroa-0.11.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-10-18 00:47:58",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "NeCTAR-RC",
"github_project": "varroa",
"travis_ci": false,
"coveralls": true,
"github_actions": false,
"requirements": [],
"tox": true,
"lcname": "varroa"
}
JSON
