aws_recon 0.2.24 → 0.2.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +17 -1
- data/lib/aws_recon/collectors/accessanalyzer.rb +5 -0
- data/lib/aws_recon/collectors/acm.rb +5 -0
- data/lib/aws_recon/collectors/apigateway.rb +5 -0
- data/lib/aws_recon/collectors/apigatewayv2.rb +5 -0
- data/lib/aws_recon/collectors/applicationautoscaling.rb +5 -0
- data/lib/aws_recon/collectors/athena.rb +5 -0
- data/lib/aws_recon/collectors/autoscaling.rb +5 -0
- data/lib/aws_recon/collectors/backup.rb +5 -0
- data/lib/aws_recon/collectors/cloudformation.rb +5 -0
- data/lib/aws_recon/collectors/cloudfront.rb +5 -0
- data/lib/aws_recon/collectors/cloudtrail.rb +5 -0
- data/lib/aws_recon/collectors/cloudwatch.rb +5 -0
- data/lib/aws_recon/collectors/cloudwatchlogs.rb +5 -0
- data/lib/aws_recon/collectors/codebuild.rb +5 -0
- data/lib/aws_recon/collectors/codepipeline.rb +29 -9
- data/lib/aws_recon/collectors/configservice.rb +5 -0
- data/lib/aws_recon/collectors/directconnect.rb +5 -0
- data/lib/aws_recon/collectors/{directyservice.rb → directoryservice.rb} +5 -0
- data/lib/aws_recon/collectors/dms.rb +5 -0
- data/lib/aws_recon/collectors/dynamodb.rb +5 -0
- data/lib/aws_recon/collectors/ec2.rb +6 -3
- data/lib/aws_recon/collectors/ecr.rb +8 -1
- data/lib/aws_recon/collectors/ecs.rb +12 -9
- data/lib/aws_recon/collectors/efs.rb +5 -0
- data/lib/aws_recon/collectors/eks.rb +5 -0
- data/lib/aws_recon/collectors/elasticache.rb +5 -0
- data/lib/aws_recon/collectors/elasticloadbalancing.rb +5 -0
- data/lib/aws_recon/collectors/elasticloadbalancingv2.rb +5 -0
- data/lib/aws_recon/collectors/elasticsearch.rb +5 -0
- data/lib/aws_recon/collectors/emr.rb +5 -0
- data/lib/aws_recon/collectors/firehose.rb +5 -0
- data/lib/aws_recon/collectors/guardduty.rb +5 -2
- data/lib/aws_recon/collectors/iam.rb +9 -2
- data/lib/aws_recon/collectors/kafka.rb +5 -0
- data/lib/aws_recon/collectors/kinesis.rb +5 -0
- data/lib/aws_recon/collectors/kms.rb +7 -1
- data/lib/aws_recon/collectors/lambda.rb +5 -0
- data/lib/aws_recon/collectors/lightsail.rb +5 -0
- data/lib/aws_recon/collectors/organizations.rb +7 -1
- data/lib/aws_recon/collectors/rds.rb +7 -0
- data/lib/aws_recon/collectors/redshift.rb +5 -0
- data/lib/aws_recon/collectors/route53.rb +5 -0
- data/lib/aws_recon/collectors/route53domains.rb +5 -0
- data/lib/aws_recon/collectors/s3.rb +8 -1
- data/lib/aws_recon/collectors/sagemaker.rb +25 -1
- data/lib/aws_recon/collectors/secretsmanager.rb +5 -0
- data/lib/aws_recon/collectors/securityhub.rb +7 -1
- data/lib/aws_recon/collectors/servicequotas.rb +7 -1
- data/lib/aws_recon/collectors/ses.rb +5 -0
- data/lib/aws_recon/collectors/shield.rb +8 -2
- data/lib/aws_recon/collectors/sns.rb +5 -0
- data/lib/aws_recon/collectors/sqs.rb +6 -1
- data/lib/aws_recon/collectors/ssm.rb +5 -0
- data/lib/aws_recon/collectors/support.rb +7 -1
- data/lib/aws_recon/collectors/transfer.rb +5 -0
- data/lib/aws_recon/collectors/wafv2.rb +5 -0
- data/lib/aws_recon/collectors/workspaces.rb +5 -0
- data/lib/aws_recon/collectors/xray.rb +5 -0
- data/lib/aws_recon/lib/mapper.rb +8 -6
- data/lib/aws_recon/lib/patch.rb +2 -0
- data/lib/aws_recon/options.rb +12 -6
- data/lib/aws_recon/services.yaml +23 -0
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +84 -37
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a607b768fb5220d5db2fb904b74a06669ac5f3b966260bd401cc63eed5fc0c66
|
|
4
|
+
data.tar.gz: 4798d7b5d6ee9ec3353a2cb0d5a00d284102030b46b2a0a66637d0741a439f9f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4846c6ec9026d462b18a9ccecd0efa628d61b06431568c80d11c6b845fba94b964f564fb3ad018cfc2c3786ba57a7faf6080aba6617905d6fb3003b53ad21034
|
|
7
|
+
data.tar.gz: 4de17a7300f269790a9406788943c8260617022914a3b0c9e84e2f3a1b8557552a7ada8b4f0681442a9cba70784f2309c4a395b4fc4e4e4755dc73fdbaa52cb0
|
data/.rubocop.yml
CHANGED
|
@@ -9,4 +9,20 @@
|
|
|
9
9
|
#
|
|
10
10
|
# See https://docs.rubocop.org/rubocop/configuration
|
|
11
11
|
Layout/LineLength:
|
|
12
|
-
Max:
|
|
12
|
+
Max: 100
|
|
13
|
+
Style/FrozenStringLiteralComment:
|
|
14
|
+
EnforcedStyle: always_true
|
|
15
|
+
Safe: true
|
|
16
|
+
SafeAutoCorrect: true
|
|
17
|
+
Style/ClassAndModuleChildren:
|
|
18
|
+
Enabled: false
|
|
19
|
+
Metrics/BlockLength:
|
|
20
|
+
Enabled: false
|
|
21
|
+
Metrics/MethodLength:
|
|
22
|
+
Enabled: false
|
|
23
|
+
Metrics/PerceivedComplexity:
|
|
24
|
+
Enabled: false
|
|
25
|
+
Metrics/CyclomaticComplexity:
|
|
26
|
+
Enabled: false
|
|
27
|
+
Metrics/AbcSize:
|
|
28
|
+
Enabled: false
|
|
@@ -1,3 +1,8 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
#
|
|
4
|
+
# Collect CodePipeline resources
|
|
5
|
+
#
|
|
1
6
|
class CodePipeline < Mapper
|
|
2
7
|
#
|
|
3
8
|
# Returns an array of resources.
|
|
@@ -8,20 +13,35 @@ class CodePipeline < Mapper
|
|
|
8
13
|
#
|
|
9
14
|
# list_pipelines
|
|
10
15
|
#
|
|
11
|
-
|
|
12
|
-
|
|
16
|
+
begin
|
|
17
|
+
@client.list_pipelines.each_with_index do |response, page|
|
|
18
|
+
log(response.context.operation_name, page)
|
|
13
19
|
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
+
# get_pipeline
|
|
21
|
+
response.pipelines.each do |pipeline|
|
|
22
|
+
resp = @client.get_pipeline(name: pipeline.name)
|
|
23
|
+
struct = OpenStruct.new(resp.pipeline.to_h)
|
|
24
|
+
struct.type = 'pipeline'
|
|
25
|
+
struct.arn = resp.metadata.pipeline_arn
|
|
20
26
|
|
|
21
|
-
|
|
27
|
+
resources.push(struct.to_h)
|
|
28
|
+
end
|
|
22
29
|
end
|
|
30
|
+
rescue Aws::CodePipeline::Errors::ServiceError => e
|
|
31
|
+
log_error(e.code)
|
|
32
|
+
|
|
33
|
+
raise e unless suppressed_errors.include?(e.code) && !@options.quit_on_exception
|
|
23
34
|
end
|
|
24
35
|
|
|
25
36
|
resources
|
|
26
37
|
end
|
|
38
|
+
|
|
39
|
+
private
|
|
40
|
+
|
|
41
|
+
# not an error
|
|
42
|
+
def suppressed_errors
|
|
43
|
+
%w[
|
|
44
|
+
AccessDeniedException
|
|
45
|
+
]
|
|
46
|
+
end
|
|
27
47
|
end
|
|
@@ -1,3 +1,8 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
#
|
|
4
|
+
# Collect EC2 resources
|
|
5
|
+
#
|
|
1
6
|
class EC2 < Mapper
|
|
2
7
|
#
|
|
3
8
|
# Returns an array of resources.
|
|
@@ -71,9 +76,7 @@ class EC2 < Mapper
|
|
|
71
76
|
if user_data_raw
|
|
72
77
|
user_data = Base64.decode64(user_data_raw)
|
|
73
78
|
|
|
74
|
-
if user_data.force_encoding('UTF-8').ascii_only?
|
|
75
|
-
struct.user_data = user_data
|
|
76
|
-
end
|
|
79
|
+
struct.user_data = user_data if user_data.force_encoding('UTF-8').ascii_only?
|
|
77
80
|
end
|
|
78
81
|
end
|
|
79
82
|
|
|
@@ -1,3 +1,8 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
#
|
|
4
|
+
# Collect ECR resources
|
|
5
|
+
#
|
|
1
6
|
class ECR < Mapper
|
|
2
7
|
#
|
|
3
8
|
# Returns an array of resources.
|
|
@@ -19,7 +24,9 @@ class ECR < Mapper
|
|
|
19
24
|
.get_repository_policy({ repository_name: repo.repository_name }).policy_text.parse_policy
|
|
20
25
|
|
|
21
26
|
rescue Aws::ECR::Errors::ServiceError => e
|
|
22
|
-
|
|
27
|
+
log_error(e.code)
|
|
28
|
+
|
|
29
|
+
raise e unless suppressed_errors.include?(e.code) && !@options.quit_on_exception
|
|
23
30
|
ensure
|
|
24
31
|
resources.push(struct.to_h)
|
|
25
32
|
end
|
|
@@ -1,31 +1,34 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
#
|
|
4
|
+
# Collect ECS resources
|
|
5
|
+
#
|
|
1
6
|
class ECS < Mapper
|
|
2
7
|
#
|
|
3
8
|
# Returns an array of resources.
|
|
4
9
|
#
|
|
5
|
-
# TODO: test live
|
|
6
|
-
#
|
|
7
10
|
def collect
|
|
8
11
|
resources = []
|
|
9
12
|
|
|
10
13
|
#
|
|
11
|
-
#
|
|
14
|
+
# list_clusters
|
|
12
15
|
#
|
|
13
|
-
@client.
|
|
16
|
+
@client.list_clusters.each_with_index do |response, page|
|
|
14
17
|
log(response.context.operation_name, page)
|
|
15
18
|
|
|
16
|
-
response.
|
|
17
|
-
struct = OpenStruct.new(cluster.to_h)
|
|
19
|
+
response.cluster_arns.each do |cluster|
|
|
20
|
+
struct = OpenStruct.new(@client.describe_clusters({ clusters: [cluster] }).clusters.first.to_h)
|
|
18
21
|
struct.type = 'cluster'
|
|
19
|
-
struct.arn = cluster
|
|
22
|
+
struct.arn = cluster
|
|
20
23
|
struct.tasks = []
|
|
21
24
|
|
|
22
25
|
# list_tasks
|
|
23
|
-
@client.list_tasks({ cluster: cluster
|
|
26
|
+
@client.list_tasks({ cluster: cluster }).each_with_index do |response, page|
|
|
24
27
|
log(response.context.operation_name, 'list_tasks', page)
|
|
25
28
|
|
|
26
29
|
# describe_tasks
|
|
27
30
|
response.task_arns.each do |task_arn|
|
|
28
|
-
@client.describe_tasks({ cluster: cluster
|
|
31
|
+
@client.describe_tasks({ cluster: cluster, tasks: [task_arn] }).tasks.each do |task|
|
|
29
32
|
struct.tasks.push(task)
|
|
30
33
|
end
|
|
31
34
|
end
|