aws_recon 0.2.9 → 0.2.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Dockerfile +1 -1
- data/lib/aws_recon/collectors/organizations.rb +15 -0
- data/lib/aws_recon/collectors/sqs.rb +1 -0
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +6 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ed0fd50b4c2a0542194d2844f4e95c98e2f09ce3802878c0463f78cec8a8f92
|
|
4
|
+
data.tar.gz: 5112bb3ec8e07f61a4ba0f673044486f8423fb61710893650c11cc0e793bd9e1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2dc80a5605f4c8673efb9f026e7485a66f7d190fb57e9eb636fd67a8e31db39b857f1d2045b9e56b9ced86dd31f186290f94eac2ef87de3671e4709e604a2d20
|
|
7
|
+
data.tar.gz: a045657734baf60b898d8f78dc94eef3ae69645fcccae85288beddfb2cd46ed1d330edc773fd88e058b1ddaf5031e939df36523398c8b3cc8cdf42e17cb74e64
|
data/Dockerfile
CHANGED
|
@@ -31,6 +31,21 @@ class Organizations < Mapper
|
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
+
#
|
|
35
|
+
# list_policies
|
|
36
|
+
#
|
|
37
|
+
@client.list_policies({ filter: 'SERVICE_CONTROL_POLICY' }).each_with_index do |response, page|
|
|
38
|
+
log(response.context.operation_name, page)
|
|
39
|
+
|
|
40
|
+
response.policies.each do |policy|
|
|
41
|
+
struct = OpenStruct.new(policy.to_h)
|
|
42
|
+
struct.type = 'service_control_policy'
|
|
43
|
+
struct.content = JSON.parse(CGI.unescape(@client.describe_policy({ policy_id: policy.id }).policy.content))
|
|
44
|
+
|
|
45
|
+
resources.push(struct.to_h)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
34
49
|
resources
|
|
35
50
|
end
|
|
36
51
|
end
|
|
@@ -18,6 +18,7 @@ class SQS < Mapper
|
|
|
18
18
|
struct = OpenStruct.new(@client.get_queue_attributes({ queue_url: queue, attribute_names: ['All'] }).attributes.to_h)
|
|
19
19
|
struct.type = 'queue'
|
|
20
20
|
struct.arn = struct.QueueArn
|
|
21
|
+
struct.Policy = JSON.parse(CGI.unescape(struct.Policy))
|
|
21
22
|
|
|
22
23
|
resources.push(struct.to_h)
|
|
23
24
|
end
|
data/lib/aws_recon/version.rb
CHANGED
data/readme.md
CHANGED
|
@@ -158,6 +158,12 @@ $ AWS_PROFILE=<profile> aws_recon -s S3,EC2 -r global,us-east-1,us-east-2
|
|
|
158
158
|
$ AWS_PROFILE=<profile> aws_recon --services S3,EC2 --regions global,us-east-1,us-east-2
|
|
159
159
|
```
|
|
160
160
|
|
|
161
|
+
Example [OpenCSPM](https://github.com/OpenCSPM/opencspm) formatted output.
|
|
162
|
+
|
|
163
|
+
```
|
|
164
|
+
$ AWS_PROFILE=<profile> aws_recon -s S3,EC2 -r global,us-east-1,us-east-2 -f custom > output.json
|
|
165
|
+
```
|
|
166
|
+
|
|
161
167
|
#### Errors
|
|
162
168
|
|
|
163
169
|
An exception will be raised on `AccessDeniedException` errors. This typically means your user/role doesn't have the necessary permissions to get/list/describe for that service. These exceptions are raised so troubleshooting access issues is easier.
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws_recon
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Larsen
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2020-11-
|
|
12
|
+
date: 2020-11-16 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: aws-sdk
|