varroa


Namevarroa JSON
Version 0.11.1 PyPI version JSON
download
home_pagehttps://github.com/NeCTAR-RC/varroa
SummaryVulnerability management for Opentack
upload_time2024-10-18 00:47:58
maintainerNone
docs_urlNone
authorARDC Nectar Cloud Services
requires_pythonNone
licenseApache-2.0
keywords varroa
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage
            # Varroa

Varroa is a security related openstack service. It is named after the varroa mite
which could be considered a vulnerability to bees.
It has several functions:

 * Track IP ownership over time in openstack
 * Store and manage discovered security risks from openstack resources.

It's main/initial purpose is to ingest security scan data, link these IP addresses to
openstack resources and provide the ability for the owners of those resources to see
these security risks.

## Client
To install the client:
 pip install varroaclient

Source: https://github.com/NeCTAR-RC/python-varroaclient

## Concepts

### IP Usage
Varroa will keep track of what openstack resource owned an IP address for what period.
It does this by consuming port create/update/delete events from neutron.

### Security Risk Type
A security risk type is an admin defined type of security risk. An example could be "Password SSH allowed"

A security risk type has a name and a description. The description should describe what the security risk is
and ideally the steps taken to fix this risk.

### Security Risk
A security risk is the linkage of a security risk type to an openstack resource.
eg. Compute instance with id XYZ has a "Password SSH allowed" security risk.

Only the IP address of the affected resource needs to be entered when creating a new security risk. Varroa
will then process this entry and attempt to link that IP address to an Openstack resource.

#### Security Risk workflow/states

When you create a new security risk it will have the initial state of NEW.
Varroa will attempt to link all NEW security risks with an openstack resource.
If varroa finds a matching resource then it will add these details to the security risk
Once varroa has attempted to link the IP to a resource it will change the status of the
security risk to PROCESSED. If project_id/resource_id is null and status = PROCESSED it
means varroa couldn't find a matching resource.

## Installation
You can install varroa using helm onto a k8s cluster
see https://github.com/NeCTAR-RC/varroa-helm


            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/NeCTAR-RC/varroa",
    "name": "varroa",
    "maintainer": null,
    "docs_url": null,
    "requires_python": null,
    "maintainer_email": null,
    "keywords": "varroa",
    "author": "ARDC Nectar Cloud Services",
    "author_email": "coreservices@ardc.edu.au",
    "download_url": "https://files.pythonhosted.org/packages/cf/62/83b95f33b21b22f4be0868ad4104a7135f0a0e74189c36f25bbd880d592b/varroa-0.11.1.tar.gz",
    "platform": null,
    "description": "# Varroa\n\nVarroa is a security related openstack service. It is named after the varroa mite\nwhich could be considered a vulnerability to bees.\nIt has several functions:\n\n * Track IP ownership over time in openstack\n * Store and manage discovered security risks from openstack resources.\n\nIt's main/initial purpose is to ingest security scan data, link these IP addresses to\nopenstack resources and provide the ability for the owners of those resources to see\nthese security risks.\n\n## Client\nTo install the client:\n pip install varroaclient\n\nSource: https://github.com/NeCTAR-RC/python-varroaclient\n\n## Concepts\n\n### IP Usage\nVarroa will keep track of what openstack resource owned an IP address for what period.\nIt does this by consuming port create/update/delete events from neutron.\n\n### Security Risk Type\nA security risk type is an admin defined type of security risk. An example could be \"Password SSH allowed\"\n\nA security risk type has a name and a description. The description should describe what the security risk is\nand ideally the steps taken to fix this risk.\n\n### Security Risk\nA security risk is the linkage of a security risk type to an openstack resource.\neg. Compute instance with id XYZ has a \"Password SSH allowed\" security risk.\n\nOnly the IP address of the affected resource needs to be entered when creating a new security risk. Varroa\nwill then process this entry and attempt to link that IP address to an Openstack resource.\n\n#### Security Risk workflow/states\n\nWhen you create a new security risk it will have the initial state of NEW.\nVarroa will attempt to link all NEW security risks with an openstack resource.\nIf varroa finds a matching resource then it will add these details to the security risk\nOnce varroa has attempted to link the IP to a resource it will change the status of the\nsecurity risk to PROCESSED. If project_id/resource_id is null and status = PROCESSED it\nmeans varroa couldn't find a matching resource.\n\n## Installation\nYou can install varroa using helm onto a k8s cluster\nsee https://github.com/NeCTAR-RC/varroa-helm\n\n",
    "bugtrack_url": null,
    "license": "Apache-2.0",
    "summary": "Vulnerability management for Opentack",
    "version": "0.11.1",
    "project_urls": {
        "Homepage": "https://github.com/NeCTAR-RC/varroa"
    },
    "split_keywords": [
        "varroa"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "174e53a951830707d9691f30a7bb229bcebbae19827597c7fa2fa69fb5bd802f",
                "md5": "d2fc56deabeca816701d2e271ec78eab",
                "sha256": "341a7154b3004dc54c42c0d60e0355219e1294f1ee1936f6c78880affb4d0c55"
            },
            "downloads": -1,
            "filename": "varroa-0.11.1-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "d2fc56deabeca816701d2e271ec78eab",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": null,
            "size": 58863,
            "upload_time": "2024-10-18T00:47:56",
            "upload_time_iso_8601": "2024-10-18T00:47:56.142871Z",
            "url": "https://files.pythonhosted.org/packages/17/4e/53a951830707d9691f30a7bb229bcebbae19827597c7fa2fa69fb5bd802f/varroa-0.11.1-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "cf6283b95f33b21b22f4be0868ad4104a7135f0a0e74189c36f25bbd880d592b",
                "md5": "bde0fb6d8e39489a482a317003e47224",
                "sha256": "4f39a78f9bc8ae73d906dff280c3fba767cef9703a1e8e3d64bd8193e16d0238"
            },
            "downloads": -1,
            "filename": "varroa-0.11.1.tar.gz",
            "has_sig": false,
            "md5_digest": "bde0fb6d8e39489a482a317003e47224",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 33564,
            "upload_time": "2024-10-18T00:47:58",
            "upload_time_iso_8601": "2024-10-18T00:47:58.374206Z",
            "url": "https://files.pythonhosted.org/packages/cf/62/83b95f33b21b22f4be0868ad4104a7135f0a0e74189c36f25bbd880d592b/varroa-0.11.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-10-18 00:47:58",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "NeCTAR-RC",
    "github_project": "varroa",
    "travis_ci": false,
    "coveralls": true,
    "github_actions": false,
    "requirements": [],
    "tox": true,
    "lcname": "varroa"
}
        
Elapsed time: 0.33332s