Sha256: 248cae62bdeda87d62d02088c2c32244cc5bd4a81e34fb396e3e69ca2493477d

Contents?: true

Size: 1.52 KB

Versions: 34

Compression:

Stored size: 1.52 KB

Contents

#! /usr/bin/env ruby
#
# check-kms-key
#
# DESCRIPTION:
#   Check KMS values by KMS API.
#
# OUTPUT:
#   plain-text
#
# PLATFORMS:
#   Linux
#
# DEPENDENCIES:
#   gem: aws-sdk
#   gem: sensu-plugin
#
# USAGE:
#   check-kms-key -k key_id
#
#   Critical if KMS key id doesn't exist
#   Warning if KMS key id exists but is not enabled
#   Ok if KMS key id exists and is enabled
#   Unknown if no key_id is provided
#
# NOTES:
#
# LICENSE:
#   Released under the same terms as Sensu (the MIT license); see LICENSE
#   for details.
#

require 'sensu-plugin/check/cli'
require 'sensu-plugins-aws'
require 'aws-sdk'

class CheckKMSKey < Sensu::Plugin::Check::CLI
  include Common

  option :aws_region,
         short:       '-r AWS_REGION',
         long:        '--aws-region REGION',
         description: 'AWS Region.',
         default: 'us-east-1'

  option :key_id,
         short:       '-k ID',
         long:        '--key-id ID',
         description: 'KMS key identifier',
         default:     nil

  def kms_client
    @kms_client ||= Aws::KMS::Client.new
  end

  def check_key(id)
    return kms_client.describe_key(key_id: id)['key_metadata']['enabled']
  rescue Aws::KMS::Errors::NotFoundException
    critical 'Key doesnt exist'
  rescue => e
    unknown "Failed to check key #{id}: #{e}"
  end

  def run
    if config[:key_id].nil?
      unknown 'No KMS key id provided.  See help for usage details'
    elsif check_key(config[:key_id])
      ok 'Key exists and is enabled'
    else
      warning 'Key exists but is not enabled'
    end
  end
end

Version data entries

34 entries across 34 versions & 1 rubygems

Version Path
sensu-plugins-aws-10.1.1 bin/check-kms-key.rb
sensu-plugins-aws-10.1.0 bin/check-kms-key.rb
sensu-plugins-aws-10.0.3 bin/check-kms-key.rb
sensu-plugins-aws-10.0.2 bin/check-kms-key.rb
sensu-plugins-aws-10.0.1 bin/check-kms-key.rb
sensu-plugins-aws-10.0.0 bin/check-kms-key.rb
sensu-plugins-aws-9.0.1 bin/check-kms-key.rb
sensu-plugins-aws-9.0.0 bin/check-kms-key.rb
sensu-plugins-aws-8.3.1 bin/check-kms-key.rb
sensu-plugins-aws-8.3.0 bin/check-kms-key.rb
sensu-plugins-aws-8.2.0 bin/check-kms-key.rb
sensu-plugins-aws-8.1.0 bin/check-kms-key.rb
sensu-plugins-aws-8.0.0 bin/check-kms-key.rb
sensu-plugins-aws-7.1.0 bin/check-kms-key.rb
sensu-plugins-aws-7.0.1 bin/check-kms-key.rb
sensu-plugins-aws-7.0.0 bin/check-kms-key.rb
sensu-plugins-aws-6.3.0 bin/check-kms-key.rb
sensu-plugins-aws-6.2.0 bin/check-kms-key.rb
sensu-plugins-aws-6.1.1 bin/check-kms-key.rb
sensu-plugins-aws-6.1.0 bin/check-kms-key.rb