aws_recon 0.2.34 → 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws_recon/collectors/ec2.rb +1 -0
  3. data/lib/aws_recon/collectors/emr.rb +1 -0
  4. data/lib/aws_recon/collectors/guardduty.rb +36 -7
  5. data/lib/aws_recon/collectors/iam.rb +22 -0
  6. data/lib/aws_recon/collectors/rds.rb +12 -12
  7. data/lib/aws_recon/collectors/route53.rb +1 -1
  8. data/lib/aws_recon/collectors/ses.rb +1 -1
  9. data/lib/aws_recon/collectors/ssm.rb +1 -1
  10. data/lib/aws_recon/collectors/wafv2.rb +5 -5
  11. data/lib/aws_recon/collectors/xray.rb +1 -0
  12. data/lib/aws_recon/version.rb +1 -1
  13. data/readme.md +4 -4
  14. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9097aec2d8a54e8604fd3859277dddfb4c124d4ff5e2637896f07300e8453a69
4
- data.tar.gz: af2804e4ef46dce207506e3bae4123b4a6fe5279e5ede5751427e0b3cd12db64
3
+ metadata.gz: 4cbcf69491befc3f3fb506855f5f11597ac6f7325e697f9e77161e80eeceea08
4
+ data.tar.gz: 00d9aaa7ca5c58f1ad05c892d50f90b8468d37b4b7b20396a19c09a84d408b30
5
5
  SHA512:
6
- metadata.gz: 51d6793e2bf680f0915f4edec1b9741c147d6e393a3ecb08b3bc8b01e0a664bd6a4bfb55644f7bff94b83cca8c1315bccbeffa417a392bd958e93000135ffda7
7
- data.tar.gz: e8df00ba291a752e0573892e6aaf513ec72176416fdef2fb4553e09fa13af6f12684034b3198e5a9529f8a2baf06ea658b4bb92961eadd6163aef46390b9d344
6
+ metadata.gz: 8e60879ad2fd773f359d5b75fdac5f846cb9c1708d223396f28c448f4a47b79e683b43135e2700171e5cbc68eefef43f75d9ff3e1a1885076fbd24e97b605c54
7
+ data.tar.gz: c58078ba779cb25cfa5600549c31381e533ae8bcbc1479581d49c5c3462e9354e0df3714d796ca0d678c8fdc2059a041c08d953c99d4ed04e6f3ee1744d2fc89
data/lib/aws_recon/collectors/ec2.rb CHANGED
@@ -29,6 +29,7 @@ class EC2 < Mapper
29
29
  struct = OpenStruct.new
30
30
  struct.attributes = response.account_attributes.map(&:to_h)
31
31
  struct.type = 'account'
32
+ struct.arn = "arn:aws::#{@account}"
32
33
 
33
34
  resources.push(struct.to_h)
34
35
  end
data/lib/aws_recon/collectors/emr.rb CHANGED
@@ -18,6 +18,7 @@ class EMR < Mapper
18
18
 
19
19
  struct = OpenStruct.new(response.block_public_access_configuration.to_h)
20
20
  struct.type = 'configuration'
21
+ struct.arn = "arn:aws:emr:#{@region}:#{@account}/block_public_access_configuration"
21
22
 
22
23
  resources.push(struct.to_h)
23
24
  end
data/lib/aws_recon/collectors/guardduty.rb CHANGED
@@ -28,14 +28,20 @@ class GuardDuty < Mapper
28
28
  struct.findings_statistics = @client.get_findings_statistics({
29
29
  detector_id: detector,
30
30
  finding_statistic_types: ['COUNT_BY_SEVERITY'],
31
- finding_criteria: {
32
- criterion: {
33
- 'service.archived': {
34
- eq: ['false']
35
- }
36
- }
37
- }
31
+ finding_criteria: finding_criteria
38
32
  }).finding_statistics.to_h
33
+ # get_findings_statistics (only active findings older than 7 days)
34
+ struct.findings_statistics_aged_short = @client.get_findings_statistics({
35
+ detector_id: detector,
36
+ finding_statistic_types: ['COUNT_BY_SEVERITY'],
37
+ finding_criteria: finding_criteria(7)
38
+ }).finding_statistics.to_h
39
+ # get_findings_statistics (only active findings older than 30 days)
40
+ struct.findings_statistics_aged_long = @client.get_findings_statistics({
41
+ detector_id: detector,
42
+ finding_statistic_types: ['COUNT_BY_SEVERITY'],
43
+ finding_criteria: finding_criteria(30)
44
+ }).finding_statistics.to_h
39
45
 
40
46
  # get_master_account
41
47
  struct.master_account = @client.get_master_account({ detector_id: detector }).master.to_h
@@ -46,4 +52,27 @@ class GuardDuty < Mapper
46
52
 
47
53
  resources
48
54
  end
55
+
56
+ private
57
+
58
+ def finding_criteria(days = 1)
59
+ criteria = {
60
+ criterion: {
61
+ 'service.archived': { eq: ['false'] }
62
+ }
63
+ }
64
+
65
+ if days > 1
66
+ days_ago = (Time.now.to_f * 1000).to_i - (60 * 60 * 24 * 1000 * days) # with miliseconds
67
+
68
+ criteria = {
69
+ criterion: {
70
+ 'service.archived': { eq: ['false'] },
71
+ 'updatedAt': { less_than: days_ago }
72
+ }
73
+ }
74
+ end
75
+
76
+ criteria
77
+ end
49
78
  end
data/lib/aws_recon/collectors/iam.rb CHANGED
@@ -91,6 +91,28 @@ class IAM < Mapper
91
91
  end
92
92
  end
93
93
 
94
+ #
95
+ # list_instance_profiles
96
+ #
97
+ @client.list_instance_profiles.each_with_index do |response, page|
98
+ log(response.context.operation_name, page)
99
+
100
+ # instance_profiles
101
+ response.instance_profiles.each do |profile|
102
+ struct = OpenStruct.new(profile.to_h)
103
+ struct.type = 'instance_profile'
104
+ struct.arn = profile.arn
105
+ struct.roles = []
106
+
107
+ profile.roles&.each do |role|
108
+ role.assume_role_policy_document = role.assume_role_policy_document.parse_policy
109
+ struct.roles.push(role.to_h)
110
+ end
111
+
112
+ resources.push(struct.to_h)
113
+ end
114
+ end
115
+
94
116
  #
95
117
  # get_account_password_policy
96
118
  #
data/lib/aws_recon/collectors/rds.rb CHANGED
@@ -88,18 +88,18 @@ class RDS < Mapper
88
88
  #
89
89
  # describe_db_engine_versions
90
90
  #
91
- unless @options.skip_slow
92
- @client.describe_db_engine_versions.each_with_index do |response, page|
93
- log(response.context.operation_name, page)
94
-
95
- response.db_engine_versions.each do |version|
96
- struct = OpenStruct.new(version.to_h)
97
- struct.type = 'db_engine_version'
98
-
99
- resources.push(struct.to_h)
100
- end
101
- end
102
- end
91
+ ### unless @options.skip_slow
92
+ ### @client.describe_db_engine_versions.each_with_index do |response, page|
93
+ ### log(response.context.operation_name, page)
94
+
95
+ ### response.db_engine_versions.each do |version|
96
+ ### struct = OpenStruct.new(version.to_h)
97
+ ### struct.type = 'db_engine_version'
98
+
99
+ ### resources.push(struct.to_h)
100
+ ### end
101
+ ### end
102
+ ### end
103
103
 
104
104
  resources
105
105
  end
data/lib/aws_recon/collectors/route53.rb CHANGED
@@ -19,7 +19,7 @@ class Route53 < Mapper
19
19
  response.hosted_zones.each do |zone|
20
20
  struct = OpenStruct.new(zone.to_h)
21
21
  struct.type = 'zone'
22
- struct.arn = zone.id
22
+ struct.arn = "aws:route53:#{@region}:#{@account}:zone/#{zone.name}"
23
23
  struct.logging_config = @client
24
24
  .list_query_logging_configs({ hosted_zone_id: zone.id })
25
25
  .query_logging_configs.first.to_h
data/lib/aws_recon/collectors/ses.rb CHANGED
@@ -19,7 +19,7 @@ class SES < Mapper
19
19
  response.identities.each do |identity|
20
20
  struct = OpenStruct.new
21
21
  struct.type = 'identity'
22
- struct.arn = "aws:ses:#{@region}:#{@account}:identity/#{identity}"
22
+ struct.arn = "arn:aws:ses:#{@region}:#{@account}:identity/#{identity}"
23
23
 
24
24
  # get_identity_dkim_attributes
25
25
  struct.dkim_attributes = @client.get_identity_dkim_attributes({ identities: [identity] }).dkim_attributes[identity].to_h
data/lib/aws_recon/collectors/ssm.rb CHANGED
@@ -35,7 +35,7 @@ class SSM < Mapper
35
35
  struct = OpenStruct.new(parameter.to_h)
36
36
  struct.string_type = parameter.type
37
37
  struct.type = 'parameter'
38
- struct.arn = "arn:aws:#{@service}:#{@region}::parameter:#{parameter.name}"
38
+ struct.arn = "arn:aws:#{@service}:#{@region}:#{@account}:parameter:#{parameter.name}"
39
39
 
40
40
  resources.push(struct.to_h)
41
41
  end
data/lib/aws_recon/collectors/wafv2.rb CHANGED
@@ -34,14 +34,14 @@ class WAFV2 < Mapper
34
34
  }
35
35
 
36
36
  # get_web_acl
37
- @client.get_web_acl(params).each do |response|
38
- struct.arn = response.web_acl.arn
39
- struct.details = response.web_acl
37
+ @client.get_web_acl(params).each do |r|
38
+ struct.arn = r.web_acl.arn
39
+ struct.details = r.web_acl
40
40
  end
41
41
 
42
42
  # list_resources_for_web_acl
43
- @client.list_resources_for_web_acl({ web_acl_arn: 'ResourceArn' }).each do |response|
44
- struct.resources = response.resource_arns.map(&:to_h)
43
+ @client.list_resources_for_web_acl({ web_acl_arn: 'ResourceArn' }).each do |r|
44
+ struct.resources = r.resource_arns.map(&:to_h)
45
45
  end
46
46
 
47
47
  resources.push(struct.to_h)
data/lib/aws_recon/collectors/xray.rb CHANGED
@@ -16,6 +16,7 @@ class XRay < Mapper
16
16
  struct = OpenStruct.new
17
17
  struct.config = @client.get_encryption_config.encryption_config.to_h
18
18
  struct.type = 'config'
19
+ struct.arn = "arn:aws:xray:#{@region}:#{@account}/config"
19
20
 
20
21
  resources.push(struct.to_h)
21
22
 
data/lib/aws_recon/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AwsRecon
2
- VERSION = "0.2.34"
2
+ VERSION = "0.3.2"
3
3
  end
data/readme.md CHANGED
@@ -54,13 +54,13 @@ To run locally, first install the gem:
54
54
 
55
55
  ```
56
56
  $ gem install aws_recon
57
- Fetching aws_recon-0.2.28.gem
57
+ Fetching aws_recon-0.3.0.gem
58
58
  Fetching aws-sdk-3.0.1.gem
59
59
  Fetching parallel-1.20.1.gem
60
60
  ...
61
61
  Successfully installed aws-sdk-3.0.1
62
62
  Successfully installed parallel-1.20.1
63
- Successfully installed aws_recon-0.2.28
63
+ Successfully installed aws_recon-0.3.0
64
64
  ```
65
65
 
66
66
  Or add it to your Gemfile using `bundle`:
@@ -72,7 +72,7 @@ Resolving dependencies...
72
72
  ...
73
73
  Using aws-sdk 3.0.1
74
74
  Using parallel-1.20.1
75
- Using aws_recon 0.2.28
75
+ Using aws_recon 0.3.0
76
76
  ```
77
77
 
78
78
  ## Usage
@@ -225,7 +225,7 @@ Most users will want to limit collection to relevant services and regions. Runni
225
225
  ```
226
226
  $ aws_recon -h
227
227
 
228
- AWS Recon - AWS Inventory Collector (0.2.28)
228
+ AWS Recon - AWS Inventory Collector (0.3.0)
229
229
 
230
230
  Usage: aws_recon [options]
231
231
  -r, --regions [REGIONS] Regions to scan, separated by comma (default: all)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws_recon
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.34
4
+ version: 0.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Larsen
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2021-02-02 00:00:00.000000000 Z
12
+ date: 2021-02-11 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: aws-sdk