aws_recon 0.5.23 → 0.5.26
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws_recon/aws_recon.rb +4 -0
- data/lib/aws_recon/collectors/ecr.rb +22 -2
- data/lib/aws_recon/collectors/emr.rb +16 -0
- data/lib/aws_recon/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ff3d14f71d26d19cfee5137ed0257d5b2c620a00fd378dd2f289411451abeb3b
|
|
4
|
+
data.tar.gz: 118f02623ca139db1bd4da2a6425534b1f896b59ac464e21985519fb3527a09c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b98e02e9fc9258cc70e9c91a12260795cec288c9e442a711c039841608ad0eaa37ebcf74fa6f1b4112fc163230bae1a879e40e5cb5a79d4a620b069f6c1d94bf
|
|
7
|
+
data.tar.gz: 7e08840e1604decccc201b6e327aceedac4dcf37c6b306bac3868750c5d69c72144f6fbd1a12f7ab291fb7eea0e9e01196d02c3eda4a106102054e6c7204f652
|
data/lib/aws_recon/aws_recon.rb
CHANGED
|
@@ -63,6 +63,10 @@ module AwsRecon
|
|
|
63
63
|
|
|
64
64
|
# add resources to resources array for output to file
|
|
65
65
|
@resources.concat(collection) if @options.output_file
|
|
66
|
+
rescue Aws::Errors::ServiceError => e
|
|
67
|
+
raise if @options.quit_on_exception
|
|
68
|
+
|
|
69
|
+
puts "Ignoring exception: '#{e.message}'\n"
|
|
66
70
|
end
|
|
67
71
|
|
|
68
72
|
#
|
|
@@ -23,6 +23,25 @@ class ECR < Mapper
|
|
|
23
23
|
struct.policy = @client
|
|
24
24
|
.get_repository_policy({ repository_name: repo.repository_name }).policy_text.parse_policy
|
|
25
25
|
|
|
26
|
+
struct.images = []
|
|
27
|
+
#
|
|
28
|
+
# describe images
|
|
29
|
+
#
|
|
30
|
+
@client.list_images( {repository_name: repo.repository_name}).image_ids.each_with_index do | image, page |
|
|
31
|
+
log(response.context.operation_name, 'list_images', page)
|
|
32
|
+
image_hash = image.to_h
|
|
33
|
+
#
|
|
34
|
+
# describe image scan results
|
|
35
|
+
#
|
|
36
|
+
result = @client.describe_image_scan_findings({ repository_name: repo.repository_name, image_id: { image_digest: image.image_digest, image_tag: image.image_tag } })
|
|
37
|
+
image_hash["image_scan_status"] = result.image_scan_status.to_h
|
|
38
|
+
image_hash["image_scan_findings"] = result.image_scan_findings.to_h
|
|
39
|
+
|
|
40
|
+
rescue Aws::ECR::Errors::ScanNotFoundException => e
|
|
41
|
+
# No scan result for this image. No action needed
|
|
42
|
+
ensure
|
|
43
|
+
struct.images << image_hash
|
|
44
|
+
end
|
|
26
45
|
rescue Aws::ECR::Errors::ServiceError => e
|
|
27
46
|
log_error(e.code)
|
|
28
47
|
|
|
@@ -40,7 +59,8 @@ class ECR < Mapper
|
|
|
40
59
|
# not an error
|
|
41
60
|
def suppressed_errors
|
|
42
61
|
%w[
|
|
43
|
-
RepositoryPolicyNotFoundException
|
|
44
|
-
|
|
62
|
+
RepositoryPolicyNotFoundException,
|
|
63
|
+
ScanNotFoundException
|
|
64
|
+
]
|
|
45
65
|
end
|
|
46
66
|
end
|
|
@@ -46,6 +46,22 @@ class EMR < Mapper
|
|
|
46
46
|
end
|
|
47
47
|
end
|
|
48
48
|
|
|
49
|
+
#
|
|
50
|
+
# list_security_configurations
|
|
51
|
+
#
|
|
52
|
+
@client.list_security_configurations.each_with_index do |response, page|
|
|
53
|
+
log(response.context.operation_name, page)
|
|
54
|
+
|
|
55
|
+
response.security_configurations.each do |security_configuration|
|
|
56
|
+
log(response.context.operation_name, security_configuration.name)
|
|
57
|
+
|
|
58
|
+
struct = OpenStruct.new(@client.describe_security_configuration({ name: security_configuration.name }).security_configuration.parse_policy)
|
|
59
|
+
struct.type = 'security_configuration'
|
|
60
|
+
struct.arn = "arn:aws:emr:#{@region}:#{@account}:security-configuration/#{security_configuration.name}" # no true ARN
|
|
61
|
+
resources.push(struct.to_h)
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
49
65
|
resources
|
|
50
66
|
end
|
|
51
67
|
|
data/lib/aws_recon/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws_recon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.26
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Larsen
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2022-
|
|
12
|
+
date: 2022-03-15 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: aws-sdk
|