aws_recon 0.2.1

data/lib/aws_recon/collectors/sagemaker.rb

@@ -0,0 +1,25 @@
+class SageMaker < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # list_notebook_instances
+    #
+    @client.list_notebook_instances.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.notebook_instances.each do |instance|
+        struct = OpenStruct.new(instance.to_h)
+        struct.type = 'notebook_instance'
+        struct.arn = instance.notebook_instance_arn
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/servicequotas.rb

@@ -0,0 +1,44 @@
+class ServiceQuotas < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # list_service_quotas
+    #
+    # TODO: expand to more services as needed
+    #
+    # service_codes = %w[autoscaling ec2 ecr eks elasticloadbalancing fargate iam vpc]
+    service_codes = %w[ec2 eks iam]
+
+    service_codes.each do |service|
+      @client.list_service_quotas({ service_code: service }).each_with_index do |response, page|
+        log(response.context.operation_name, service, page)
+
+        response.quotas.each do |quota|
+          struct = OpenStruct.new(quota.to_h)
+          struct.type = 'quota'
+          struct.arn = quota.quota_arn
+
+          resources.push(struct.to_h)
+        end
+      end
+    rescue Aws::ServiceQuotas::Errors::ServiceError => e
+      log_error(e.code, service)
+      raise e unless suppressed_errors.include?(e.code)
+    end
+
+    resources
+  end
+
+  private
+
+  # not an error
+  def suppressed_errors
+    %w[
+      NoSuchResourceException
+    ]
+  end
+end

data/lib/aws_recon/collectors/ses.rb

@@ -0,0 +1,28 @@
+class SES < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # list_identities
+    #
+    @client.list_identities.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.identities.each do |identity|
+        struct = OpenStruct.new
+        struct.type = 'identity'
+        struct.arn = "aws:ses:#{@region}::identity/#{identity}"
+
+        # get_identity_dkim_attributes
+        struct.dkim_attributes = @client.get_identity_dkim_attributes({ identities: [identity] }).dkim_attributes[identity].to_h
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/shield.rb

@@ -0,0 +1,67 @@
+class Shield < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # describe_subscription
+    #
+    @client.describe_subscription.each do |response|
+      log(response.context.operation_name)
+
+      struct = OpenStruct.new(response.subscription.to_h)
+      struct.type = 'subscription'
+      struct.arn = "arn:aws:shield:#{@region}:#{account}:subscription"
+
+      resources.push(struct.to_h)
+    end
+
+    #
+    # describe_emergency_contact_settings
+    #
+    @client.describe_emergency_contact_settings.each do |response|
+      log(response.context.operation_name)
+
+      struct = OpenStruct.new
+      struct.type = 'contact_list'
+      struct.arn = "arn:aws:shield:#{@region}:#{account}:contact_list"
+      struct.contacts = response.emergency_contact_list.map(&:to_h)
+
+      resources.push(struct.to_h)
+    end
+
+    #
+    # list_protections
+    #
+    @client.list_protections.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      # describe_protection
+      response.protections.each do |protection|
+        struct = OpenStruct.new(@client.describe_protection({ protection_id: protection.id }).protection.to_h)
+        struct.type = 'protection'
+        struct.arn = protection.resource_arn
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  rescue Aws::Shield::Errors::ServiceError => e
+    log_error(e.code)
+    raise e unless suppressed_errors.include?(e.code)
+
+    [] # no access or service isn't enabled
+  end
+
+  private
+
+  # not an error
+  def suppressed_errors
+    %w[
+      ResourceNotFoundException
+    ]
+  end
+end

data/lib/aws_recon/collectors/sns.rb

@@ -0,0 +1,38 @@
+class SNS < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # list_topics
+    #
+    @client.list_topics.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.topics.each do |topic|
+        log(response.context.operation_name, topic.topic_arn, page)
+
+        # get_topic_attributes
+        struct = OpenStruct.new(@client.get_topic_attributes({ topic_arn: topic.topic_arn }).attributes.to_h)
+        struct.type = 'topic'
+        struct.arn = topic.topic_arn
+        struct.subscriptions = []
+
+        # list_subscriptions_by_topic
+        @client.list_subscriptions_by_topic({ topic_arn: topic.topic_arn }).each_with_index do |response, page|
+          log(response.context.operation_name, topic.topic_arn, page)
+
+          response.subscriptions.each do |sub|
+            struct.subscriptions.push(sub.to_h)
+          end
+        end
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/sqs.rb

@@ -0,0 +1,28 @@
+class SQS < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # list_queues
+    #
+    @client.list_queues.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.queue_urls.each do |queue|
+        log(response.context.operation_name, queue.downcase.split('/').last, page)
+
+        # get_queue_attributes
+        struct = OpenStruct.new(@client.get_queue_attributes({ queue_url: queue, attribute_names: ['All'] }).attributes.to_h)
+        struct.type = 'queue'
+        struct.arn = struct.QueueArn
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/ssm.rb

@@ -0,0 +1,41 @@
+class SSM < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # describe_instance_information
+    #
+    @client.describe_instance_information.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.instance_information_list.each do |instance|
+        struct = OpenStruct.new(instance.to_h)
+        struct.type = 'instance'
+        struct.arn = instance.instance_id
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    #
+    # describe_parameters
+    #
+    @client.describe_parameters.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.parameters.each do |parameter|
+        struct = OpenStruct.new(parameter.to_h)
+        struct.string_type = parameter.type
+        struct.type = 'parameter'
+        struct.arn = "arn:aws:#{@service}:#{@region}::parameter/#{parameter.name}"
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/support.rb

@@ -0,0 +1,43 @@
+class Support < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # describe_trusted_advisor_checks
+    #
+    @client.describe_trusted_advisor_checks({ language: 'en' }).each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.checks.each do |check|
+        struct = OpenStruct.new(check.to_h)
+        struct.type = 'trusted_advisor_check'
+        struct.arn = "arn:aws:support::trusted_advisor_check/#{check.id}"
+
+        # describe_trusted_advisor_check_result
+        struct.result = @client.describe_trusted_advisor_check_result({ check_id: check.id }).result.to_h
+        log(response.context.operation_name, 'describe_trusted_advisor_check_result', check.id)
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  rescue Aws::Support::Errors::ServiceError => e
+    log_error(e.code)
+    raise e unless suppressed_errors.include?(e.code)
+
+    [] # no Support subscription
+  end
+
+  private
+
+  # not an error
+  def suppressed_errors
+    %w[
+      SubscriptionRequiredException
+    ]
+  end
+end

data/lib/aws_recon/collectors/transfer.rb

@@ -0,0 +1,24 @@
+class Transfer < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # list_servers
+    #
+    @client.list_servers.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.servers.each do |server|
+        struct = OpenStruct.new(server.to_h)
+        struct.type = 'server'
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/wafv2.rb

@@ -0,0 +1,49 @@
+class WAFV2 < Mapper
+  #
+  # Returns an array of resources.
+  #
+  # TODO: test live
+  # TODO: resolve scope (e.g. CLOUDFRONT supported?)
+  # TODO: confirm paging behavior
+  #
+  def collect
+    resources = []
+
+    #
+    # list_web_acls
+    #
+    # %w[CLOUDFRONT REGIONAL].each do |scope|
+    %w[REGIONAL].each do |scope|
+      @client.list_web_acls({ scope: scope }).each_with_index do |response, page|
+        log(response.context.operation_name, page)
+
+        response.web_acls.each do |acl|
+          struct = OpenStruct.new(acl.to_h)
+          struct.type = 'web_acl'
+          # struct.arn = "arn:aws:#{@service}:#{@region}::web_acl/#{acl.id}"
+
+          params = {
+            name: acl.name,
+            scope: scope,
+            id: acl.id
+          }
+
+          # get_web_acl
+          @client.get_web_acl(params).each do |response|
+            struct.arn = response.web_acl.arn
+            struct.details = response.web_acl
+          end
+
+          # list_resources_for_web_acl
+          @client.list_resources_for_web_acl({ web_acl_arn: 'ResourceArn' }).each do |response|
+            struct.resources = response.resource_arns.map(&:to_h)
+          end
+
+          resources.push(struct.to_h)
+        end
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/workspaces.rb

@@ -0,0 +1,24 @@
+class WorkSpaces < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+    #
+    # describe_workspaces
+    #
+    @client.describe_workspaces.each_with_index do |response, page|
+      log(response.context.operation_name, page)
+
+      response.workspaces.each do |workspace|
+        struct = OpenStruct.new(workspace.to_h)
+        struct.type = 'workspace'
+        struct.arn = "arn:aws:workspaces:#{@region}::workspace/#{workspace.workspace_id}"
+
+        resources.push(struct.to_h)
+      end
+    end
+
+    resources
+  end
+end

data/lib/aws_recon/collectors/xray.rb

@@ -0,0 +1,19 @@
+class XRay < Mapper
+  #
+  # Returns an array of resources.
+  #
+  def collect
+    resources = []
+
+    #
+    # get_encryption_config
+    #
+    struct = OpenStruct.new
+    struct.config = @client.get_encryption_config.encryption_config.to_h
+    struct.type = 'config'
+
+    resources.push(struct.to_h)
+
+    resources
+  end
+end