aws_recon 0.2.11 → 0.2.16

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/docker-build.yml +38 -0
  3. data/.github/workflows/smoke-test.yml +23 -0
  4. data/Dockerfile +2 -1
  5. data/lib/aws_recon/collectors/accessanalyzer.rb +24 -0
  6. data/lib/aws_recon/collectors/cloudtrail.rb +1 -0
  7. data/lib/aws_recon/collectors/ec2.rb +12 -0
  8. data/lib/aws_recon/services.yaml +2 -0
  9. data/lib/aws_recon/version.rb +1 -1
  10. data/readme.md +2 -0
  11. metadata +5 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 342238f4c9197721172d05451ed5c3346475b52ae807f27607b83036d15280dd
4
- data.tar.gz: 3f26ec0ad41491836331076bac849ab967db5640e9295413db30b21f1567a324
3
+ metadata.gz: af7cd78c7eed6c8f3c0679561e0c8831f5839545daa75b3579c670ad5ed342b5
4
+ data.tar.gz: 8eae0b3544a30f71e8fea38a00326bb4b40cd44bdfc38bf6e4f330fe2c96b7e0
5
5
  SHA512:
6
- metadata.gz: b1591c03b3d1608d9a4f38987ff2f7ffce879d685966214184eaa7e8bdc6bb5f39cc2e7e0a99235e48ee6f2b25d927189bc8f8873b693b212ff2671819bd641b
7
- data.tar.gz: 407bb475473ba08694681a77a7c8212b4406b8587ba668dfdff0947f514c48fba065cfd5f94e08d8a5cc0567886af944a31c3d0518d1a15537bb8682049078b2
6
+ metadata.gz: 746f85c95fa41ed06b63a95f16196d8fb04be14627d6121813f5ba0eefd4c5920f6ad3dc664ffb59e0d06fe6ce09232789aea81cf6dad73a96ea32272e66724e
7
+ data.tar.gz: 22a3823f86304c6dd28ec9ff02c78f1142571b53263ea055543fe353d95226856fef00e64975a5fd856b0f462bc60bf8206bd6f09ae034c32fa71608396a59e4
data/.github/workflows/docker-build.yml ADDED
@@ -0,0 +1,38 @@
1
+ name: docker-build
2
+
3
+ on:
4
+ push:
5
+ branches: build
6
+ paths:
7
+ - 'lib/aws_recon/version.rb'
8
+
9
+ jobs:
10
+ docker-build:
11
+ runs-on: ubuntu-20.04
12
+ steps:
13
+ - name: Checkout
14
+ uses: actions/checkout@v2
15
+ with:
16
+ fetch-depth: 1
17
+ - name: Set up QEMU
18
+ uses: docker/setup-qemu-action@v1
19
+ - name: Set up Docker Buildx
20
+ uses: docker/setup-buildx-action@v1
21
+ - name: Login to DockerHub
22
+ uses: docker/login-action@v1
23
+ with:
24
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
25
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
26
+ - name: Set version tag
27
+ run: |
28
+ echo "VERSION_TAG=$(grep VERSION lib/aws_recon/version.rb | awk -F\" '{print $2}')" >> $GITHUB_ENV
29
+ - name: Build and push
30
+ id: docker_build
31
+ uses: docker/build-push-action@v2
32
+ with:
33
+ push: true
34
+ build-args: |
35
+ VERSION=${{ env.VERSION_TAG }}
36
+ tags: |
37
+ darkbitio/aws_recon:${{ env.VERSION_TAG }}
38
+ darkbitio/aws_recon:latest
data/.github/workflows/smoke-test.yml ADDED
@@ -0,0 +1,23 @@
1
+ name: smoke-test
2
+
3
+ on:
4
+ push:
5
+ branches: main
6
+
7
+ jobs:
8
+ smoke-test:
9
+ runs-on: ubuntu-20.04
10
+ steps:
11
+ - name: Checkout
12
+ uses: actions/checkout@v2
13
+ with:
14
+ fetch-depth: 1
15
+ - name: Set version tag
16
+ run: |
17
+ echo "VERSION_TAG=$(grep VERSION lib/aws_recon/version.rb | awk -F\" '{print $2}')" >> $GITHUB_ENV
18
+ - name: Smoke Test :${{ env.VERSION_TAG }}
19
+ run: |
20
+ docker run -t --rm darkbitio/aws_recon:${{ env.VERSION_TAG }} aws_recon
21
+ - name: Smoke Test :latest
22
+ run: |
23
+ docker run -t --rm darkbitio/aws_recon:latest aws_recon
data/Dockerfile CHANGED
@@ -3,9 +3,10 @@ FROM ruby:${RUBY_VERSION}-alpine
3
3
 
4
4
  LABEL maintainer="Darkbit <info@darkbit.io>"
5
5
 
6
+ # Supply AWS Recon version at build time
7
+ ARG VERSION
6
8
  ARG USER=recon
7
9
  ARG GEM=aws_recon
8
- ARG VERSION=0.2.10
9
10
  ARG BUNDLER_VERSION=2.1.4
10
11
 
11
12
  # Install new Bundler version
data/lib/aws_recon/collectors/accessanalyzer.rb ADDED
@@ -0,0 +1,24 @@
1
+ class AccessAnalyzer < Mapper
2
+ #
3
+ # Returns an array of resources.
4
+ #
5
+ def collect
6
+ resources = []
7
+
8
+ #
9
+ # list_analyzers
10
+ #
11
+ @client.list_analyzers.each_with_index do |response, page|
12
+ log(response.context.operation_name, page)
13
+
14
+ # analyzers
15
+ response.analyzers.each do |analyzer|
16
+ struct = OpenStruct.new(analyzer.to_h)
17
+ struct.type = 'analyzer'
18
+ resources.push(struct.to_h)
19
+ end
20
+ end
21
+
22
+ resources
23
+ end
24
+ end
data/lib/aws_recon/collectors/cloudtrail.rb CHANGED
@@ -21,6 +21,7 @@ class CloudTrail < Mapper
21
21
  struct = OpenStruct.new(trail.to_h)
22
22
  struct.tags = client.list_tags({ resource_id_list: [trail.trail_arn] }).resource_tag_list.first.tags_list
23
23
  struct.type = 'cloud_trail'
24
+ struct.event_selectors = client.get_event_selectors({ trail_name: trail.name }).to_h
24
25
  struct.status = client.get_trail_status({ name: trail.name }).to_h
25
26
  struct.arn = trail.trail_arn
26
27
 
data/lib/aws_recon/collectors/ec2.rb CHANGED
@@ -31,6 +31,18 @@ class EC2 < Mapper
31
31
 
32
32
  # regional calls
33
33
  if @region != 'global'
34
+ #
35
+ # get_ebs_encryption_by_default
36
+ #
37
+ @client.get_ebs_encryption_by_default.each do |response|
38
+ log(response.context.operation_name)
39
+
40
+ struct = OpenStruct.new(response.to_h)
41
+ struct.type = 'ebs_encryption_settings'
42
+
43
+ resources.push(struct.to_h)
44
+ end
45
+
34
46
  #
35
47
  # describe_instances
36
48
  #
data/lib/aws_recon/services.yaml CHANGED
@@ -2,6 +2,8 @@
2
2
  - name: Organizations
3
3
  global: true
4
4
  alias: organizations
5
+ - name: AccessAnalyzer
6
+ alias: aa
5
7
  - name: ConfigService
6
8
  alias: config
7
9
  - name: CodeBuild
data/lib/aws_recon/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AwsRecon
2
- VERSION = "0.2.11"
2
+ VERSION = "0.2.16"
3
3
  end
data/readme.md CHANGED
@@ -1,3 +1,4 @@
1
+ ![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/darkbitio/aws-recon/smoke-test/main)
1
2
  [![Gem Version](https://badge.fury.io/rb/aws_recon.svg)](https://badge.fury.io/rb/aws_recon)
2
3
 
3
4
  # AWS Recon
@@ -221,6 +222,7 @@ Current "coverage" by service is listed below. The services without coverage wil
221
222
 
222
223
  AWS Recon aims to collect all resources and metadata that are relevant in determining the security posture of your AWS account(s). However, it does not actually examine the resources for security posture - that is the job of other tools that take the output of AWS Recon as input.
223
224
 
225
+ - [x] AccessAnalyzer
224
226
  - [x] AdvancedShield
225
227
  - [x] Athena
226
228
  - [x] GuardDuty
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws_recon
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.11
4
+ version: 0.2.16
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Larsen
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2020-11-17 00:00:00.000000000 Z
12
+ date: 2020-11-18 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: aws-sdk
@@ -163,6 +163,8 @@ extensions: []
163
163
  extra_rdoc_files: []
164
164
  files:
165
165
  - ".github/stale.yml"
166
+ - ".github/workflows/docker-build.yml"
167
+ - ".github/workflows/smoke-test.yml"
166
168
  - ".gitignore"
167
169
  - ".rubocop.yml"
168
170
  - ".travis.yml"
@@ -178,6 +180,7 @@ files:
178
180
  - lib/aws_recon.rb
179
181
  - lib/aws_recon/aws_recon.rb
180
182
  - lib/aws_recon/collectors.rb
183
+ - lib/aws_recon/collectors/accessanalyzer.rb
181
184
  - lib/aws_recon/collectors/acm.rb
182
185
  - lib/aws_recon/collectors/apigateway.rb
183
186
  - lib/aws_recon/collectors/apigatewayv2.rb