aws_recon 0.2.12 → 0.2.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/docker-build.yml +1 -1
- data/lib/aws_recon/collectors/cloudtrail.rb +1 -0
- data/lib/aws_recon/collectors/ec2.rb +4 -0
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +2 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 159d7d490c5b41da69cb442673e9f7786d1c357fa2468f5c921b25c9d4288601
|
|
4
|
+
data.tar.gz: cf0dd0209b158f601ed1c03238d6c5f3316ff53d140653ada4977dcbad6214b1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e512e73eadfb67572ba726c652b174a2c819341afb29417b44d35faca7cf47def127df9f1dd01456e0f47cc5567f919f68940e72633f19051cdef544dbde83f6
|
|
7
|
+
data.tar.gz: bb31739580f8b14244a96319e8e952cf8ed51ee2bd1408a6942245ac4204ed5dae9dc1caa2a44ab83a36fdee9e21605a3c405b6b7f8c72884cb475577606e7c9
|
|
@@ -21,6 +21,7 @@ class CloudTrail < Mapper
|
|
|
21
21
|
struct = OpenStruct.new(trail.to_h)
|
|
22
22
|
struct.tags = client.list_tags({ resource_id_list: [trail.trail_arn] }).resource_tag_list.first.tags_list
|
|
23
23
|
struct.type = 'cloud_trail'
|
|
24
|
+
struct.event_selectors = client.get_event_selectors({ trail_name: trail.name }).to_h
|
|
24
25
|
struct.status = client.get_trail_status({ name: trail.name }).to_h
|
|
25
26
|
struct.arn = trail.trail_arn
|
|
26
27
|
|
|
@@ -215,6 +215,10 @@ class EC2 < Mapper
|
|
|
215
215
|
struct = OpenStruct.new(snapshot.to_h)
|
|
216
216
|
struct.type = 'snapshot'
|
|
217
217
|
struct.arn = snapshot.snapshot_id # no true ARN
|
|
218
|
+
struct.create_volume_permissions = @client.describe_snapshot_attribute({
|
|
219
|
+
attribute: 'createVolumePermission',
|
|
220
|
+
snapshot_id: snapshot.snapshot_id
|
|
221
|
+
}).create_volume_permissions.map(&:to_h)
|
|
218
222
|
|
|
219
223
|
resources.push(struct.to_h)
|
|
220
224
|
end
|
data/lib/aws_recon/version.rb
CHANGED
data/readme.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
[](https://github.com/darkbitio/aws-recon/actions?query=branch%3Amain)
|
|
2
2
|
[](https://badge.fury.io/rb/aws_recon)
|
|
3
3
|
|
|
4
4
|
# AWS Recon
|
|
@@ -222,6 +222,7 @@ Current "coverage" by service is listed below. The services without coverage wil
|
|
|
222
222
|
|
|
223
223
|
AWS Recon aims to collect all resources and metadata that are relevant in determining the security posture of your AWS account(s). However, it does not actually examine the resources for security posture - that is the job of other tools that take the output of AWS Recon as input.
|
|
224
224
|
|
|
225
|
+
- [x] AccessAnalyzer
|
|
225
226
|
- [x] AdvancedShield
|
|
226
227
|
- [x] Athena
|
|
227
228
|
- [x] GuardDuty
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws_recon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.17
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Larsen
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2020-11-
|
|
12
|
+
date: 2020-11-24 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: aws-sdk
|