aws_recon 0.5.7 → 0.5.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/aws_recon.gemspec +6 -6
- data/lib/aws_recon/aws_recon.rb +3 -3
- data/lib/aws_recon/collectors/lambda.rb +4 -0
- data/lib/aws_recon/options.rb +3 -2
- data/lib/aws_recon/services.yaml +0 -4
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +11 -1
- metadata +24 -24
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3ea4667e1cffb4bcb1b24cd4b1c90fad8fbb982da034c36e4607dc5c5c9f594f
|
|
4
|
+
data.tar.gz: 9912c7b9e2ba754afcb360784f84685d9ae4afe20b61e42476af6563e3fbf532
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ef0144c50299ddcbd9fb577f6632d48de2cf056128485f0ac562803a05414e83450f6b841f725c989b43ac6451b0ce0c1dc0ba59e7daa2378bd8f8399248ed84
|
|
7
|
+
data.tar.gz: c0ef0154ce8731c40c170412230e967c0e241821ae562b46bde85077a205aad0f62d28273c9666e31418a07665ee930652c8bc3326a2273a6b0c83583328b7b2
|
data/aws_recon.gemspec
CHANGED
|
@@ -24,14 +24,14 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.require_paths = ['lib']
|
|
25
25
|
|
|
26
26
|
spec.add_dependency 'aws-sdk', '~> 3.0'
|
|
27
|
-
spec.add_dependency 'parallel', '~> 1.
|
|
27
|
+
spec.add_dependency 'parallel', '~> 1.20.1'
|
|
28
28
|
|
|
29
|
-
spec.add_development_dependency 'bundler', '~>
|
|
29
|
+
spec.add_development_dependency 'bundler', '~> 2.2.17'
|
|
30
|
+
spec.add_development_dependency 'byebug', '~> 11.1'
|
|
30
31
|
spec.add_development_dependency 'gem-release', '~> 2.1'
|
|
31
|
-
spec.add_development_dependency 'rake', '~> 12.3'
|
|
32
32
|
spec.add_development_dependency 'minitest', '~> 5.0'
|
|
33
|
-
spec.add_development_dependency 'solargraph', '~> 0.39.11'
|
|
34
|
-
spec.add_development_dependency 'rubocop', '~> 0.87.1'
|
|
35
33
|
spec.add_development_dependency 'pry', '~> 0.13.1'
|
|
36
|
-
spec.add_development_dependency '
|
|
34
|
+
spec.add_development_dependency 'rake', '~> 12.3'
|
|
35
|
+
spec.add_development_dependency 'rubocop', '~> 1.15'
|
|
36
|
+
spec.add_development_dependency 'solargraph', '~> 0.40.4'
|
|
37
37
|
end
|
data/lib/aws_recon/aws_recon.rb
CHANGED
|
@@ -34,7 +34,7 @@ module AwsRecon
|
|
|
34
34
|
# formatter
|
|
35
35
|
@formatter = Formatter.new
|
|
36
36
|
|
|
37
|
-
return
|
|
37
|
+
return if @options.stream_output
|
|
38
38
|
|
|
39
39
|
puts "\nStarting collection with #{@options.threads} threads...\n"
|
|
40
40
|
end
|
|
@@ -66,7 +66,7 @@ module AwsRecon
|
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
#
|
|
69
|
-
# Format @resources as either
|
|
69
|
+
# Format @resources as either JSON or JSONL
|
|
70
70
|
#
|
|
71
71
|
def formatted_json
|
|
72
72
|
if @options.jsonl
|
|
@@ -117,7 +117,7 @@ module AwsRecon
|
|
|
117
117
|
ensure
|
|
118
118
|
elapsed = Process.clock_gettime(Process::CLOCK_MONOTONIC) - @starting
|
|
119
119
|
|
|
120
|
-
puts "\nFinished in #{elapsed.to_i} seconds.\n\n"
|
|
120
|
+
puts "\nFinished in #{elapsed.to_i} seconds.\n\n" unless @options.stream_output
|
|
121
121
|
|
|
122
122
|
# write output file
|
|
123
123
|
if @options.output_file && !@options.s3
|
|
@@ -17,6 +17,9 @@ class Lambda < Mapper
|
|
|
17
17
|
struct = OpenStruct.new(function)
|
|
18
18
|
struct.type = 'function'
|
|
19
19
|
struct.arn = function.function_arn
|
|
20
|
+
struct.vpc_config = function.vpc_config.to_h
|
|
21
|
+
struct.tracing_config = function.tracing_config.to_h
|
|
22
|
+
struct.layers = function.layers ? function.layers.map(&:to_h) : []
|
|
20
23
|
struct.policy = @client.get_policy({ function_name: function.function_name }).policy.parse_policy
|
|
21
24
|
|
|
22
25
|
rescue Aws::Lambda::Errors::ResourceNotFoundException => e
|
|
@@ -36,6 +39,7 @@ class Lambda < Mapper
|
|
|
36
39
|
struct = OpenStruct.new(layer)
|
|
37
40
|
struct.type = 'layer'
|
|
38
41
|
struct.arn = layer.layer_arn
|
|
42
|
+
struct.latest_matching_version = layer.latest_matching_version.to_h
|
|
39
43
|
|
|
40
44
|
# list_layer_versions
|
|
41
45
|
struct.versions = @client.list_layer_versions({ layer_name: layer.layer_name }).layer_versions.map(&:to_h)
|
data/lib/aws_recon/options.rb
CHANGED
|
@@ -100,6 +100,7 @@ class Parser
|
|
|
100
100
|
|
|
101
101
|
# write output file to S3 bucket
|
|
102
102
|
opts.on('-b', '--s3-bucket [BUCKET:REGION]', 'Write output file to S3 bucket (default: \'\')') do |bucket_with_region|
|
|
103
|
+
args.stream_output = false
|
|
103
104
|
args.s3 = bucket_with_region
|
|
104
105
|
end
|
|
105
106
|
|
|
@@ -109,8 +110,8 @@ class Parser
|
|
|
109
110
|
end
|
|
110
111
|
|
|
111
112
|
# output format
|
|
112
|
-
opts.on('-f', '--format [FORMAT]', 'Specify output format (default: aws)') do |
|
|
113
|
-
args.output_format =
|
|
113
|
+
opts.on('-f', '--format [FORMAT]', 'Specify output format (default: aws)') do |f|
|
|
114
|
+
args.output_format = f.downcase if %w[aws custom].include?(f.downcase)
|
|
114
115
|
end
|
|
115
116
|
|
|
116
117
|
# threads
|
data/lib/aws_recon/services.yaml
CHANGED
|
@@ -83,8 +83,6 @@
|
|
|
83
83
|
- name: Shield
|
|
84
84
|
global: true
|
|
85
85
|
alias: shield
|
|
86
|
-
excluded_regions:
|
|
87
|
-
- ap-northeast-3
|
|
88
86
|
- name: CloudFormation
|
|
89
87
|
alias: cloudformation
|
|
90
88
|
- name: SES
|
|
@@ -126,7 +124,6 @@
|
|
|
126
124
|
- af-south-1
|
|
127
125
|
- ap-east-1
|
|
128
126
|
- ap-northeast-3
|
|
129
|
-
- eu-north-1
|
|
130
127
|
- eu-south-1
|
|
131
128
|
- me-south-1
|
|
132
129
|
- sa-east-1
|
|
@@ -153,7 +150,6 @@
|
|
|
153
150
|
alias: transfer
|
|
154
151
|
excluded_regions:
|
|
155
152
|
- ap-northeast-3
|
|
156
|
-
- eu-south-1
|
|
157
153
|
- name: DirectConnect
|
|
158
154
|
alias: directconnect
|
|
159
155
|
- name: DirectoryService
|
data/lib/aws_recon/version.rb
CHANGED
data/readme.md
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
[](https://hub.docker.com/r/darkbitio/aws_recon)
|
|
2
2
|
[](https://rubygems.org/gems/aws_recon)
|
|
3
|
+
[](https://github.com/darkbitio/aws-recon/actions?query=branch%3Amain)
|
|
3
4
|
[](https://github.com/darkbitio/aws-recon/actions/workflows/check-aws-regions.yml)
|
|
4
5
|
# AWS Recon
|
|
5
6
|
|
|
@@ -191,6 +192,15 @@ $ AWS_PROFILE=<profile> aws_recon \
|
|
|
191
192
|
|
|
192
193
|
Example [OpenCSPM](https://github.com/OpenCSPM/opencspm) formatted (NDJSON) output.
|
|
193
194
|
|
|
195
|
+
```
|
|
196
|
+
$ AWS_PROFILE=<profile> aws_recon -l \
|
|
197
|
+
-s S3,EC2 \
|
|
198
|
+
-r global,us-east-1,us-east-2 \
|
|
199
|
+
-f custom
|
|
200
|
+
```
|
|
201
|
+
|
|
202
|
+
or
|
|
203
|
+
|
|
194
204
|
```
|
|
195
205
|
$ AWS_PROFILE=<profile> aws_recon -j \
|
|
196
206
|
-s S3,EC2 \
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws_recon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.12
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Larsen
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2021-
|
|
12
|
+
date: 2021-06-26 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: aws-sdk
|
|
@@ -31,56 +31,56 @@ dependencies:
|
|
|
31
31
|
requirements:
|
|
32
32
|
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
|
-
version:
|
|
34
|
+
version: 1.20.1
|
|
35
35
|
type: :runtime
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
39
|
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
|
-
version:
|
|
41
|
+
version: 1.20.1
|
|
42
42
|
- !ruby/object:Gem::Dependency
|
|
43
43
|
name: bundler
|
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
|
45
45
|
requirements:
|
|
46
46
|
- - "~>"
|
|
47
47
|
- !ruby/object:Gem::Version
|
|
48
|
-
version:
|
|
48
|
+
version: 2.2.17
|
|
49
49
|
type: :development
|
|
50
50
|
prerelease: false
|
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
53
|
- - "~>"
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
|
-
version:
|
|
55
|
+
version: 2.2.17
|
|
56
56
|
- !ruby/object:Gem::Dependency
|
|
57
|
-
name:
|
|
57
|
+
name: byebug
|
|
58
58
|
requirement: !ruby/object:Gem::Requirement
|
|
59
59
|
requirements:
|
|
60
60
|
- - "~>"
|
|
61
61
|
- !ruby/object:Gem::Version
|
|
62
|
-
version: '
|
|
62
|
+
version: '11.1'
|
|
63
63
|
type: :development
|
|
64
64
|
prerelease: false
|
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
|
66
66
|
requirements:
|
|
67
67
|
- - "~>"
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
|
-
version: '
|
|
69
|
+
version: '11.1'
|
|
70
70
|
- !ruby/object:Gem::Dependency
|
|
71
|
-
name:
|
|
71
|
+
name: gem-release
|
|
72
72
|
requirement: !ruby/object:Gem::Requirement
|
|
73
73
|
requirements:
|
|
74
74
|
- - "~>"
|
|
75
75
|
- !ruby/object:Gem::Version
|
|
76
|
-
version: '
|
|
76
|
+
version: '2.1'
|
|
77
77
|
type: :development
|
|
78
78
|
prerelease: false
|
|
79
79
|
version_requirements: !ruby/object:Gem::Requirement
|
|
80
80
|
requirements:
|
|
81
81
|
- - "~>"
|
|
82
82
|
- !ruby/object:Gem::Version
|
|
83
|
-
version: '
|
|
83
|
+
version: '2.1'
|
|
84
84
|
- !ruby/object:Gem::Dependency
|
|
85
85
|
name: minitest
|
|
86
86
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -96,61 +96,61 @@ dependencies:
|
|
|
96
96
|
- !ruby/object:Gem::Version
|
|
97
97
|
version: '5.0'
|
|
98
98
|
- !ruby/object:Gem::Dependency
|
|
99
|
-
name:
|
|
99
|
+
name: pry
|
|
100
100
|
requirement: !ruby/object:Gem::Requirement
|
|
101
101
|
requirements:
|
|
102
102
|
- - "~>"
|
|
103
103
|
- !ruby/object:Gem::Version
|
|
104
|
-
version: 0.
|
|
104
|
+
version: 0.13.1
|
|
105
105
|
type: :development
|
|
106
106
|
prerelease: false
|
|
107
107
|
version_requirements: !ruby/object:Gem::Requirement
|
|
108
108
|
requirements:
|
|
109
109
|
- - "~>"
|
|
110
110
|
- !ruby/object:Gem::Version
|
|
111
|
-
version: 0.
|
|
111
|
+
version: 0.13.1
|
|
112
112
|
- !ruby/object:Gem::Dependency
|
|
113
|
-
name:
|
|
113
|
+
name: rake
|
|
114
114
|
requirement: !ruby/object:Gem::Requirement
|
|
115
115
|
requirements:
|
|
116
116
|
- - "~>"
|
|
117
117
|
- !ruby/object:Gem::Version
|
|
118
|
-
version:
|
|
118
|
+
version: '12.3'
|
|
119
119
|
type: :development
|
|
120
120
|
prerelease: false
|
|
121
121
|
version_requirements: !ruby/object:Gem::Requirement
|
|
122
122
|
requirements:
|
|
123
123
|
- - "~>"
|
|
124
124
|
- !ruby/object:Gem::Version
|
|
125
|
-
version:
|
|
125
|
+
version: '12.3'
|
|
126
126
|
- !ruby/object:Gem::Dependency
|
|
127
|
-
name:
|
|
127
|
+
name: rubocop
|
|
128
128
|
requirement: !ruby/object:Gem::Requirement
|
|
129
129
|
requirements:
|
|
130
130
|
- - "~>"
|
|
131
131
|
- !ruby/object:Gem::Version
|
|
132
|
-
version:
|
|
132
|
+
version: '1.15'
|
|
133
133
|
type: :development
|
|
134
134
|
prerelease: false
|
|
135
135
|
version_requirements: !ruby/object:Gem::Requirement
|
|
136
136
|
requirements:
|
|
137
137
|
- - "~>"
|
|
138
138
|
- !ruby/object:Gem::Version
|
|
139
|
-
version:
|
|
139
|
+
version: '1.15'
|
|
140
140
|
- !ruby/object:Gem::Dependency
|
|
141
|
-
name:
|
|
141
|
+
name: solargraph
|
|
142
142
|
requirement: !ruby/object:Gem::Requirement
|
|
143
143
|
requirements:
|
|
144
144
|
- - "~>"
|
|
145
145
|
- !ruby/object:Gem::Version
|
|
146
|
-
version:
|
|
146
|
+
version: 0.40.4
|
|
147
147
|
type: :development
|
|
148
148
|
prerelease: false
|
|
149
149
|
version_requirements: !ruby/object:Gem::Requirement
|
|
150
150
|
requirements:
|
|
151
151
|
- - "~>"
|
|
152
152
|
- !ruby/object:Gem::Version
|
|
153
|
-
version:
|
|
153
|
+
version: 0.40.4
|
|
154
154
|
description: AWS Recon is a command line tool to collect resources from an Amazon
|
|
155
155
|
Web Services (AWS) account. The tool outputs JSON suitable for processing with other
|
|
156
156
|
tools.
|