aws_recon 0.2.9 → 0.2.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Dockerfile +1 -1
- data/lib/aws_recon/collectors/organizations.rb +15 -0
- data/lib/aws_recon/collectors/sqs.rb +1 -0
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +6 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ed0fd50b4c2a0542194d2844f4e95c98e2f09ce3802878c0463f78cec8a8f92
|
|
4
|
+
data.tar.gz: 5112bb3ec8e07f61a4ba0f673044486f8423fb61710893650c11cc0e793bd9e1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2dc80a5605f4c8673efb9f026e7485a66f7d190fb57e9eb636fd67a8e31db39b857f1d2045b9e56b9ced86dd31f186290f94eac2ef87de3671e4709e604a2d20
|
|
7
|
+
data.tar.gz: a045657734baf60b898d8f78dc94eef3ae69645fcccae85288beddfb2cd46ed1d330edc773fd88e058b1ddaf5031e939df36523398c8b3cc8cdf42e17cb74e64
|
data/Dockerfile
CHANGED
|
@@ -31,6 +31,21 @@ class Organizations < Mapper
|
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
+
#
|
|
35
|
+
# list_policies
|
|
36
|
+
#
|
|
37
|
+
@client.list_policies({ filter: 'SERVICE_CONTROL_POLICY' }).each_with_index do |response, page|
|
|
38
|
+
log(response.context.operation_name, page)
|
|
39
|
+
|
|
40
|
+
response.policies.each do |policy|
|
|
41
|
+
struct = OpenStruct.new(policy.to_h)
|
|
42
|
+
struct.type = 'service_control_policy'
|
|
43
|
+
struct.content = JSON.parse(CGI.unescape(@client.describe_policy({ policy_id: policy.id }).policy.content))
|
|
44
|
+
|
|
45
|
+
resources.push(struct.to_h)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
34
49
|
resources
|
|
35
50
|
end
|
|
36
51
|
end
|
|
@@ -18,6 +18,7 @@ class SQS < Mapper
|
|
|
18
18
|
struct = OpenStruct.new(@client.get_queue_attributes({ queue_url: queue, attribute_names: ['All'] }).attributes.to_h)
|
|
19
19
|
struct.type = 'queue'
|
|
20
20
|
struct.arn = struct.QueueArn
|
|
21
|
+
struct.Policy = JSON.parse(CGI.unescape(struct.Policy))
|
|
21
22
|
|
|
22
23
|
resources.push(struct.to_h)
|
|
23
24
|
end
|
data/lib/aws_recon/version.rb
CHANGED
data/readme.md
CHANGED
|
@@ -158,6 +158,12 @@ $ AWS_PROFILE=<profile> aws_recon -s S3,EC2 -r global,us-east-1,us-east-2
|
|
|
158
158
|
$ AWS_PROFILE=<profile> aws_recon --services S3,EC2 --regions global,us-east-1,us-east-2
|
|
159
159
|
```
|
|
160
160
|
|
|
161
|
+
Example [OpenCSPM](https://github.com/OpenCSPM/opencspm) formatted output.
|
|
162
|
+
|
|
163
|
+
```
|
|
164
|
+
$ AWS_PROFILE=<profile> aws_recon -s S3,EC2 -r global,us-east-1,us-east-2 -f custom > output.json
|
|
165
|
+
```
|
|
166
|
+
|
|
161
167
|
#### Errors
|
|
162
168
|
|
|
163
169
|
An exception will be raised on `AccessDeniedException` errors. This typically means your user/role doesn't have the necessary permissions to get/list/describe for that service. These exceptions are raised so troubleshooting access issues is easier.
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws_recon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Larsen
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2020-11-
|
|
12
|
+
date: 2020-11-16 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: aws-sdk
|