aws_recon 0.2.18 → 0.2.19

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws_recon/collectors/applicationautoscaling.rb +25 -0
  3. data/lib/aws_recon/collectors/dynamodb.rb +13 -0
  4. data/lib/aws_recon/collectors/ec2.rb +15 -0
  5. data/lib/aws_recon/collectors/iam.rb +5 -5
  6. data/lib/aws_recon/collectors/organizations.rb +1 -1
  7. data/lib/aws_recon/collectors/s3.rb +1 -1
  8. data/lib/aws_recon/collectors/sns.rb +2 -2
  9. data/lib/aws_recon/collectors/sqs.rb +1 -1
  10. data/lib/aws_recon/services.yaml +2 -0
  11. data/lib/aws_recon/version.rb +1 -1
  12. data/readme.md +1 -0
  13. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: eda49a53171d4ca65cdead1238f92429a594e80a644a199eb5bbcccc13514671
4
- data.tar.gz: 1fa1d7b45fe39c8ef90f49e31bebbf7a5c5569b524fc9a5aa0bfe08262d760fa
3
+ metadata.gz: aceb7412370bc6945f910f6579dcc9f7a188070fd35f7ec3325300d544f01d12
4
+ data.tar.gz: f35b334bead563849a2a1bce8623076c7d23237c21eb85409b7371d93ebc9f9d
5
5
  SHA512:
6
- metadata.gz: b68650f9efd7f4a522b5aa6240ddaba6d31837634b5d897361838fb17abab065fb756f8d5e9cd94480980fefdfd89317fabbcf1245add3e8fda83a2e5ccf259c
7
- data.tar.gz: 85a2604470ec75b83cb82ad2829411fa6927183cba241a6fb72ed409c0ee277443101f999cf883620d056ee90d13edbb3e84787e1e37dde415670a9ff196bdb0
6
+ metadata.gz: 9f31da81396ac07fee4d331a05cbe5706fde48bc9c0617a5bc5640c61e68b56f499b4be8b659d6cdf61335665c898f638f20380968df68ad536c5114966d25bd
7
+ data.tar.gz: 958d528054caefa1c8d3e9b7d2a005f52ddaeaa0b89d566e5a3fddcfb81300e497a40e3fab039656fa2dc091d89d15535d76b863f4ded6c133118aea2fc59df9
data/lib/aws_recon/collectors/applicationautoscaling.rb ADDED
@@ -0,0 +1,25 @@
1
+ class ApplicationAutoScaling < Mapper
2
+ #
3
+ # Returns an array of resources.
4
+ #
5
+ def collect
6
+ resources = []
7
+
8
+ #
9
+ # DynamoDB auto-scaling policies
10
+ #
11
+ @client.describe_scaling_policies({ service_namespace: 'dynamodb' }).each_with_index do |response, page|
12
+ log(response.context.operation_name, page)
13
+
14
+ response.scaling_policies.each do |policy|
15
+ struct = OpenStruct.new(policy.to_h)
16
+ struct.type = 'auto_scaling_policy'
17
+ struct.arn = policy.policy_arn
18
+
19
+ resources.push(struct.to_h)
20
+ end
21
+ end
22
+
23
+ resources
24
+ end
25
+ end
data/lib/aws_recon/collectors/dynamodb.rb CHANGED
@@ -5,6 +5,19 @@ class DynamoDB < Mapper
5
5
  def collect
6
6
  resources = []
7
7
 
8
+ #
9
+ # describe_limits
10
+ #
11
+ @client.describe_limits.each_with_index do |response, page|
12
+ log(response.context.operation_name, page)
13
+
14
+ struct = OpenStruct.new(response)
15
+ struct.type = 'limits'
16
+ struct.arn = "arn:aws:dynamodb:#{@region}:#{@account}:limits"
17
+
18
+ resources.push(struct.to_h)
19
+ end
20
+
8
21
  #
9
22
  # list_tables
10
23
  #
data/lib/aws_recon/collectors/ec2.rb CHANGED
@@ -130,6 +130,21 @@ class EC2 < Mapper
130
130
  end
131
131
  end
132
132
 
133
+ #
134
+ # describe_network_acls
135
+ #
136
+ @client.describe_network_acls.each_with_index do |response, page|
137
+ log(response.context.operation_name, page)
138
+
139
+ response.network_acls.each do |network_acl|
140
+ struct = OpenStruct.new(network_acl.to_h)
141
+ struct.type = 'network_acl'
142
+ struct.arn = network_acl.network_acl_id # no true ARN
143
+
144
+ resources.push(struct.to_h)
145
+ end
146
+ end
147
+
133
148
  #
134
149
  # describe_subnets
135
150
  #
data/lib/aws_recon/collectors/iam.rb CHANGED
@@ -26,7 +26,7 @@ class IAM < Mapper
26
26
  user.user_policy_list.map do |p|
27
27
  {
28
28
  policy_name: p.policy_name,
29
- policy_document: JSON.parse(CGI.unescape(p.policy_document))
29
+ policy_document: p.policy_document.parse_policy
30
30
  }
31
31
  end
32
32
  end
@@ -42,7 +42,7 @@ class IAM < Mapper
42
42
  group.group_policy_list.map do |p|
43
43
  {
44
44
  policy_name: p.policy_name,
45
- policy_document: JSON.parse(CGI.unescape(p.policy_document))
45
+ policy_document: p.policy_document.parse_policy
46
46
  }
47
47
  end
48
48
  end
@@ -54,12 +54,12 @@ class IAM < Mapper
54
54
  response.role_detail_list.each do |role|
55
55
  struct = OpenStruct.new(role.to_h)
56
56
  struct.type = 'role'
57
- struct.assume_role_policy_document = JSON.parse(CGI.unescape(role.assume_role_policy_document))
57
+ struct.assume_role_policy_document = role.assume_role_policy_document.parse_policy
58
58
  struct.role_policy_list = if role.role_policy_list
59
59
  role.role_policy_list.map do |p|
60
60
  {
61
61
  policy_name: p.policy_name,
62
- policy_document: JSON.parse(CGI.unescape(p.policy_document))
62
+ policy_document: p.policy_document.parse_policy
63
63
  }
64
64
  end
65
65
  end
@@ -75,7 +75,7 @@ class IAM < Mapper
75
75
  policy.policy_version_list.map do |p|
76
76
  {
77
77
  version_id: p.version_id,
78
- document: JSON.parse(CGI.unescape(p.document)),
78
+ document: p.document.parse_policy,
79
79
  is_default_version: p.is_default_version,
80
80
  create_date: p.create_date
81
81
  }
data/lib/aws_recon/collectors/organizations.rb CHANGED
@@ -40,7 +40,7 @@ class Organizations < Mapper
40
40
  response.policies.each do |policy|
41
41
  struct = OpenStruct.new(policy.to_h)
42
42
  struct.type = 'service_control_policy'
43
- struct.content = JSON.parse(CGI.unescape(@client.describe_policy({ policy_id: policy.id }).policy.content))
43
+ struct.content = @client.describe_policy({ policy_id: policy.id }).policy.content.parse_policy
44
44
 
45
45
  resources.push(struct.to_h)
46
46
  end
data/lib/aws_recon/collectors/s3.rb CHANGED
@@ -55,7 +55,7 @@ class S3 < Mapper
55
55
  resp = client.send(op.func, { bucket: bucket.name })
56
56
 
57
57
  struct[op.key] = if op.key == 'policy'
58
- JSON.parse(CGI.unescape(resp.policy.string))
58
+ resp.policy.string.parse_policy
59
59
  else
60
60
  op.field ? resp.send(op.field).to_h : resp.to_h
61
61
  end
data/lib/aws_recon/collectors/sns.rb CHANGED
@@ -18,8 +18,8 @@ class SNS < Mapper
18
18
  struct = OpenStruct.new(@client.get_topic_attributes({ topic_arn: topic.topic_arn }).attributes.to_h)
19
19
  struct.type = 'topic'
20
20
  struct.arn = topic.topic_arn
21
- struct.policy = JSON.parse(CGI.unescape(struct.Policy))
22
- struct.effective_delivery_policy = JSON.parse(CGI.unescape(struct.EffectiveDeliveryPolicy))
21
+ struct.policy = struct.delete_field('Policy').parse_policy
22
+ struct.effective_delivery_policy = struct.delete_field('EffectiveDeliveryPolicy').parse_policy
23
23
  struct.subscriptions = []
24
24
 
25
25
  # list_subscriptions_by_topic
data/lib/aws_recon/collectors/sqs.rb CHANGED
@@ -18,7 +18,7 @@ class SQS < Mapper
18
18
  struct = OpenStruct.new(@client.get_queue_attributes({ queue_url: queue, attribute_names: ['All'] }).attributes.to_h)
19
19
  struct.type = 'queue'
20
20
  struct.arn = struct.QueueArn
21
- struct.policy = JSON.parse(CGI.unescape(struct.Policy))
21
+ struct.policy = struct.delete_field('Policy').parse_policy
22
22
 
23
23
  resources.push(struct.to_h)
24
24
  end
data/lib/aws_recon/services.yaml CHANGED
@@ -4,6 +4,8 @@
4
4
  alias: organizations
5
5
  - name: AccessAnalyzer
6
6
  alias: aa
7
+ - name: ApplicationAutoScaling
8
+ alias: aas
7
9
  - name: ConfigService
8
10
  alias: config
9
11
  - name: CodeBuild
data/lib/aws_recon/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AwsRecon
2
- VERSION = "0.2.18"
2
+ VERSION = "0.2.19"
3
3
  end
data/readme.md CHANGED
@@ -224,6 +224,7 @@ AWS Recon aims to collect all resources and metadata that are relevant in determ
224
224
 
225
225
  - [x] AccessAnalyzer
226
226
  - [x] AdvancedShield
227
+ - [x] ApplicationAutoScaling
227
228
  - [x] Athena
228
229
  - [x] GuardDuty
229
230
  - [ ] Macie
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws_recon
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.18
4
+ version: 0.2.19
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Larsen
@@ -184,6 +184,7 @@ files:
184
184
  - lib/aws_recon/collectors/acm.rb
185
185
  - lib/aws_recon/collectors/apigateway.rb
186
186
  - lib/aws_recon/collectors/apigatewayv2.rb
187
+ - lib/aws_recon/collectors/applicationautoscaling.rb
187
188
  - lib/aws_recon/collectors/athena.rb
188
189
  - lib/aws_recon/collectors/autoscaling.rb
189
190
  - lib/aws_recon/collectors/cloudformation.rb