From 2e0ed5617d0b58eb94d135c3e0e86e96cc153543 Mon Sep 17 00:00:00 2001 From: Joanne Wang Date: Wed, 21 Aug 2024 10:56:35 -0700 Subject: [PATCH] Fix S3 validation errors not caught by action listener (#1257) * catch errors and fail action listener Signed-off-by: Joanne Wang * add test to validate behavior Signed-off-by: Joanne Wang --------- Signed-off-by: Joanne Wang --- .../services/STIX2IOCFetchService.java | 9 +++- .../SATIFSourceConfigRestApiIT.java | 51 +++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/opensearch/securityanalytics/services/STIX2IOCFetchService.java b/src/main/java/org/opensearch/securityanalytics/services/STIX2IOCFetchService.java index b9a0a6424..31f4c6f2a 100644 --- a/src/main/java/org/opensearch/securityanalytics/services/STIX2IOCFetchService.java +++ b/src/main/java/org/opensearch/securityanalytics/services/STIX2IOCFetchService.java @@ -141,7 +141,14 @@ public void onlyIndexIocs(SATIFSourceConfig saTifSourceConfig, } public void downloadAndIndexIOCs(SATIFSourceConfig saTifSourceConfig, ActionListener listener) { - S3ConnectorConfig s3ConnectorConfig = constructS3ConnectorConfig(saTifSourceConfig); + S3ConnectorConfig s3ConnectorConfig; + try { + s3ConnectorConfig = constructS3ConnectorConfig(saTifSourceConfig); + } catch (SecurityAnalyticsException e) { + listener.onFailure(e); + return; + } + Connector s3Connector = constructS3Connector(s3ConnectorConfig); STIX2IOCFeedStore feedStore = new STIX2IOCFeedStore(client, clusterService, saTifSourceConfig, listener); STIX2IOCConsumer consumer = new STIX2IOCConsumer(batchSize, feedStore, UpdateType.REPLACE); diff --git a/src/test/java/org/opensearch/securityanalytics/resthandler/SATIFSourceConfigRestApiIT.java b/src/test/java/org/opensearch/securityanalytics/resthandler/SATIFSourceConfigRestApiIT.java index ae870b772..484709001 100644 --- a/src/test/java/org/opensearch/securityanalytics/resthandler/SATIFSourceConfigRestApiIT.java +++ b/src/test/java/org/opensearch/securityanalytics/resthandler/SATIFSourceConfigRestApiIT.java @@ -788,6 +788,57 @@ public void testWhenBucketObjectDoesNotExist() { } } + public void testWhenRoleArnIsEmpty() throws IOException { + // Try to create a source config with empty roleArn + source = new S3Source("bucketName", "objectKey", "region", ""); + + // Create test feed + String feedName = "download_test_feed_name"; + String feedFormat = "STIX2"; + SourceConfigType sourceConfigType = SourceConfigType.S3_CUSTOM; + IntervalSchedule schedule = new IntervalSchedule(Instant.now(), 1, ChronoUnit.MINUTES); + List iocTypes = List.of(IOCType.IPV4_TYPE); + + SATIFSourceConfigDto saTifSourceConfigDto = new SATIFSourceConfigDto( + null, + null, + feedName, + feedFormat, + sourceConfigType, + null, + null, + Instant.now(), + source, + null, + Instant.now(), + schedule, + null, + null, + Instant.now(), + null, + true, + iocTypes, + true + ); + + Exception exception = assertThrows(ResponseException.class, () -> + makeRequest(client(), "POST", SecurityAnalyticsPlugin.THREAT_INTEL_SOURCE_URI, Collections.emptyMap(), toHttpEntity(saTifSourceConfigDto)) + ); + + String expectedError = "Role arn is empty or malformed"; + assertTrue("Exception contains unexpected message: " + exception.getMessage(), exception.getMessage().contains(expectedError)); + + // ensure that source config is not created + String request = "{\n" + + " \"query\" : {\n" + + " \"match_all\":{\n" + + " }\n" + + " }\n" + + "}"; + List hits = executeSearch(JOB_INDEX_NAME, request); + Assert.assertEquals(0, hits.size()); + } + /** * Calls the get source config api and checks if the last updated time is different from the time that was passed in * @param createdId