aws_recon 0.5.4 → 0.5.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Dockerfile +1 -1
- data/lib/aws_recon/aws_recon.rb +3 -3
- data/lib/aws_recon/collectors/lambda.rb +4 -0
- data/lib/aws_recon/collectors/wafv2.rb +1 -4
- data/lib/aws_recon/options.rb +3 -2
- data/lib/aws_recon/services.yaml +3 -4
- data/lib/aws_recon/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f63df658eeddb1e81970f6dc99a1f05a2fa2d1d62b037e35665c46d4016ead29
|
4
|
+
data.tar.gz: c8328a76621f50123f5552681ce3d54e17567c194ad2c12e0eab8a2e6c8cd2c9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fa3f60bce87b3d2c1124baf02cc05274596234e5510a54cdf0d880027aac8b6fe604729ceab7c5e01af955ef9b3e43407c37edd7a7854235190b1d1f28fd61d3
|
7
|
+
data.tar.gz: 56cd4b818b3e62f9d7ffaa7ae1c9badb9ba99583e1cea27d58160add1606b3e0b4145e712ef9340946423ca13470a5df7bc9955d7c63e45e1aa87496b2e7c5e2
|
data/Dockerfile
CHANGED
data/lib/aws_recon/aws_recon.rb
CHANGED
@@ -34,7 +34,7 @@ module AwsRecon
|
|
34
34
|
# formatter
|
35
35
|
@formatter = Formatter.new
|
36
36
|
|
37
|
-
return
|
37
|
+
return if @options.stream_output
|
38
38
|
|
39
39
|
puts "\nStarting collection with #{@options.threads} threads...\n"
|
40
40
|
end
|
@@ -66,7 +66,7 @@ module AwsRecon
|
|
66
66
|
end
|
67
67
|
|
68
68
|
#
|
69
|
-
# Format @resources as either
|
69
|
+
# Format @resources as either JSON or JSONL
|
70
70
|
#
|
71
71
|
def formatted_json
|
72
72
|
if @options.jsonl
|
@@ -117,7 +117,7 @@ module AwsRecon
|
|
117
117
|
ensure
|
118
118
|
elapsed = Process.clock_gettime(Process::CLOCK_MONOTONIC) - @starting
|
119
119
|
|
120
|
-
puts "\nFinished in #{elapsed.to_i} seconds.\n\n"
|
120
|
+
puts "\nFinished in #{elapsed.to_i} seconds.\n\n" unless @options.stream_output
|
121
121
|
|
122
122
|
# write output file
|
123
123
|
if @options.output_file && !@options.s3
|
@@ -17,6 +17,9 @@ class Lambda < Mapper
|
|
17
17
|
struct = OpenStruct.new(function)
|
18
18
|
struct.type = 'function'
|
19
19
|
struct.arn = function.function_arn
|
20
|
+
struct.vpc_config = function.vpc_config.to_h
|
21
|
+
struct.tracing_config = function.tracing_config.to_h
|
22
|
+
struct.layers = function.layers ? function.layers.map(&:to_h) : []
|
20
23
|
struct.policy = @client.get_policy({ function_name: function.function_name }).policy.parse_policy
|
21
24
|
|
22
25
|
rescue Aws::Lambda::Errors::ResourceNotFoundException => e
|
@@ -36,6 +39,7 @@ class Lambda < Mapper
|
|
36
39
|
struct = OpenStruct.new(layer)
|
37
40
|
struct.type = 'layer'
|
38
41
|
struct.arn = layer.layer_arn
|
42
|
+
struct.latest_matching_version = layer.latest_matching_version.to_h
|
39
43
|
|
40
44
|
# list_layer_versions
|
41
45
|
struct.versions = @client.list_layer_versions({ layer_name: layer.layer_name }).layer_versions.map(&:to_h)
|
@@ -7,9 +7,7 @@ class WAFV2 < Mapper
|
|
7
7
|
#
|
8
8
|
# Returns an array of resources.
|
9
9
|
#
|
10
|
-
# TODO: test live
|
11
10
|
# TODO: resolve scope (e.g. CLOUDFRONT supported?)
|
12
|
-
# TODO: confirm paging behavior
|
13
11
|
#
|
14
12
|
def collect
|
15
13
|
resources = []
|
@@ -25,7 +23,6 @@ class WAFV2 < Mapper
|
|
25
23
|
response.web_acls.each do |acl|
|
26
24
|
struct = OpenStruct.new(acl.to_h)
|
27
25
|
struct.type = 'web_acl'
|
28
|
-
# struct.arn = "arn:aws:#{@service}:#{@region}::web_acl/#{acl.id}"
|
29
26
|
|
30
27
|
params = {
|
31
28
|
name: acl.name,
|
@@ -40,7 +37,7 @@ class WAFV2 < Mapper
|
|
40
37
|
end
|
41
38
|
|
42
39
|
# list_resources_for_web_acl
|
43
|
-
@client.list_resources_for_web_acl({ web_acl_arn:
|
40
|
+
@client.list_resources_for_web_acl({ web_acl_arn: acl.arn }).each do |r|
|
44
41
|
struct.resources = r.resource_arns.map(&:to_h)
|
45
42
|
end
|
46
43
|
|
data/lib/aws_recon/options.rb
CHANGED
@@ -100,6 +100,7 @@ class Parser
|
|
100
100
|
|
101
101
|
# write output file to S3 bucket
|
102
102
|
opts.on('-b', '--s3-bucket [BUCKET:REGION]', 'Write output file to S3 bucket (default: \'\')') do |bucket_with_region|
|
103
|
+
args.stream_output = false
|
103
104
|
args.s3 = bucket_with_region
|
104
105
|
end
|
105
106
|
|
@@ -109,8 +110,8 @@ class Parser
|
|
109
110
|
end
|
110
111
|
|
111
112
|
# output format
|
112
|
-
opts.on('-f', '--format [FORMAT]', 'Specify output format (default: aws)') do |
|
113
|
-
args.output_format =
|
113
|
+
opts.on('-f', '--format [FORMAT]', 'Specify output format (default: aws)') do |f|
|
114
|
+
args.output_format = f.downcase if %w[aws custom].include?(f.downcase)
|
114
115
|
end
|
115
116
|
|
116
117
|
# threads
|
data/lib/aws_recon/services.yaml
CHANGED
@@ -56,7 +56,7 @@
|
|
56
56
|
- name: ECR
|
57
57
|
alias: ecr
|
58
58
|
- name: DynamoDB
|
59
|
-
alias:
|
59
|
+
alias: dynamodb
|
60
60
|
- name: KMS
|
61
61
|
alias: kms
|
62
62
|
- name: Kinesis
|
@@ -102,7 +102,7 @@
|
|
102
102
|
- af-south-1
|
103
103
|
- ap-northeast-3
|
104
104
|
- name: SecretsManager
|
105
|
-
alias:
|
105
|
+
alias: secretsmanager
|
106
106
|
- name: SecurityHub
|
107
107
|
alias: securityhub
|
108
108
|
- name: Support
|
@@ -153,9 +153,8 @@
|
|
153
153
|
alias: transfer
|
154
154
|
excluded_regions:
|
155
155
|
- ap-northeast-3
|
156
|
-
- eu-south-1
|
157
156
|
- name: DirectConnect
|
158
|
-
alias:
|
157
|
+
alias: directconnect
|
159
158
|
- name: DirectoryService
|
160
159
|
alias: ds
|
161
160
|
excluded_regions:
|
data/lib/aws_recon/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws_recon
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Josh Larsen
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2021-04-
|
12
|
+
date: 2021-04-29 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: aws-sdk
|