Skip to content

Commit

Permalink
RDS CA Handling for issue #136
Browse files Browse the repository at this point in the history
  • Loading branch information
@kuettai
kuettai committed Aug 29, 2024
1 parent 376cc81 commit fb9337a
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions services/rds/drivers/RdsCommon.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ def __init__(self, db, rdsClient, ctClient, cwClient):
self.rdsClient = rdsClient
self.cwClient = cwClient
self.ctClient = ctClient
self.certInfo = None

self.__configPrefix = 'rds::' + db['Engine'] + '::' + db['EngineVersion'] + '::'
self.isCluster = True
Expand All @@ -42,6 +43,10 @@ def getCAInfo(self):
if self.isCluster == True:
return

if not 'CACertificateIdentifier'in self.db:
_warn("Unable to locate CACertificateIdentifier")
return

ca = self.db['CACertificateIdentifier']
k = 'RDSCaInfo::' + ca

Expand Down Expand Up @@ -452,6 +457,9 @@ def _checkOldSnapshots(self):
self.results['ManualSnapshotTooOld'] = [-1, days]

def _checkCAExpiry(self):
if self.certInfo == None:
return

if self.isCluster == False and self.certInfo['isExpireIn365days'] == True:
exp = self.certInfo['ValidTill'].strftime("%Y-%m-%d")
self.results['CACertExpiringIn365days'] = [-1, "Expired on {}, ({} days left)".format(exp, self.certInfo['expiredInDays'])]
Expand Down

0 comments on commit fb9337a

Please sign in to comment.