aws_recon 0.2.19 → 0.2.20

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws_recon/collectors/guardduty.rb +14 -1
  3. data/lib/aws_recon/collectors/secretsmanager.rb +26 -0
  4. data/lib/aws_recon/collectors/securityhub.rb +23 -0
  5. data/lib/aws_recon/services.yaml +4 -0
  6. data/lib/aws_recon/version.rb +1 -1
  7. data/readme.md +2 -0
  8. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: aceb7412370bc6945f910f6579dcc9f7a188070fd35f7ec3325300d544f01d12
4
- data.tar.gz: f35b334bead563849a2a1bce8623076c7d23237c21eb85409b7371d93ebc9f9d
3
+ metadata.gz: 6b945e5c44370658e13ee470fee26d7e0b46fb6102a661485be9513af305f45d
4
+ data.tar.gz: 969330b10b9a8264bdb5759b1c910b74ccf05e855f8f380cdebdac8b3694fb11
5
5
  SHA512:
6
- metadata.gz: 9f31da81396ac07fee4d331a05cbe5706fde48bc9c0617a5bc5640c61e68b56f499b4be8b659d6cdf61335665c898f638f20380968df68ad536c5114966d25bd
7
- data.tar.gz: 958d528054caefa1c8d3e9b7d2a005f52ddaeaa0b89d566e5a3fddcfb81300e497a40e3fab039656fa2dc091d89d15535d76b863f4ded6c133118aea2fc59df9
6
+ metadata.gz: a7d26039b60a21370bd7000d7ccaca93cfc5efc7c0dba88ae5d7ea12d63d3a7b8f973b06d3a1a2633fb82804a716f163ffda23f96a00ee73251eb85956f14dfd
7
+ data.tar.gz: 61b1aa696e9ec44fd6b93d4ced975be8a2bb514537ed232db8a11cb840045bc52132a215a21a99e573f4df0b557b1612eb4dda458c249c0e5f86939b83049680
data/lib/aws_recon/collectors/guardduty.rb CHANGED
@@ -21,8 +21,21 @@ class GuardDuty < Mapper
21
21
  struct.type = 'detector'
22
22
  struct.arn = "arn:aws:guardduty:#{@region}:detector/#{detector}"
23
23
 
24
+ # get_findings_statistics (only active findings)
25
+ struct.findings_statistics = @client.get_findings_statistics({
26
+ detector_id: detector,
27
+ finding_statistic_types: ['COUNT_BY_SEVERITY'],
28
+ finding_criteria: {
29
+ criterion: {
30
+ 'service.archived': {
31
+ eq: ['false']
32
+ }
33
+ }
34
+ }
35
+ }).finding_statistics.to_h
36
+
24
37
  # get_master_account
25
- struct.master_account = @client.get_master_account({ detector_id: detector }).to_h
38
+ struct.master_account = @client.get_master_account({ detector_id: detector }).master.to_h
26
39
 
27
40
  resources.push(struct.to_h)
28
41
  end
data/lib/aws_recon/collectors/secretsmanager.rb ADDED
@@ -0,0 +1,26 @@
1
+ class SecretsManager < Mapper
2
+ #
3
+ # Returns an array of resources.
4
+ #
5
+ def collect
6
+ resources = []
7
+
8
+ #
9
+ # describe_auto_scaling_groups
10
+ #
11
+ @client.list_secrets.each_with_index do |response, page|
12
+ log(response.context.operation_name, page)
13
+
14
+ response.secret_list.each_with_index do |secret, i|
15
+ log(response.context.operation_name, i)
16
+
17
+ struct = OpenStruct.new(secret.to_h)
18
+ struct.type = 'secret'
19
+
20
+ resources.push(struct.to_h)
21
+ end
22
+ end
23
+
24
+ resources
25
+ end
26
+ end
data/lib/aws_recon/collectors/securityhub.rb ADDED
@@ -0,0 +1,23 @@
1
+ class SecurityHub < Mapper
2
+ #
3
+ # Returns an array of resources.
4
+ #
5
+ def collect
6
+ resources = []
7
+
8
+ #
9
+ # describe_hub
10
+ #
11
+ @client.describe_hub.each do |response|
12
+ log(response.context.operation_name)
13
+
14
+ struct = OpenStruct.new(response.to_h)
15
+ struct.type = 'hub'
16
+ struct.arn = response.hub_arn
17
+
18
+ resources.push(struct.to_h)
19
+ end
20
+
21
+ resources
22
+ end
23
+ end
data/lib/aws_recon/services.yaml CHANGED
@@ -91,6 +91,10 @@
91
91
  alias: cloudwatchlogs
92
92
  - name: Kafka
93
93
  alias: kafka
94
+ - name: SecretsManager
95
+ alias: sm
96
+ - name: SecurityHub
97
+ alias: sh
94
98
  - name: Support
95
99
  global: true
96
100
  alias: support
data/lib/aws_recon/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AwsRecon
2
- VERSION = "0.2.19"
2
+ VERSION = "0.2.20"
3
3
  end
data/readme.md CHANGED
@@ -270,6 +270,8 @@ AWS Recon aims to collect all resources and metadata that are relevant in determ
270
270
  - [x] S3
271
271
  - [x] SageMaker
272
272
  - [x] SES
273
+ - [x] SecretsManager
274
+ - [x] SecurityHub
273
275
  - [x] ServiceQuotas
274
276
  - [x] Shield
275
277
  - [x] SNS
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws_recon
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.19
4
+ version: 0.2.20
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Larsen
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2020-11-25 00:00:00.000000000 Z
12
+ date: 2020-11-26 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: aws-sdk
@@ -223,6 +223,8 @@ files:
223
223
  - lib/aws_recon/collectors/route53domains.rb
224
224
  - lib/aws_recon/collectors/s3.rb
225
225
  - lib/aws_recon/collectors/sagemaker.rb
226
+ - lib/aws_recon/collectors/secretsmanager.rb
227
+ - lib/aws_recon/collectors/securityhub.rb
226
228
  - lib/aws_recon/collectors/servicequotas.rb
227
229
  - lib/aws_recon/collectors/ses.rb
228
230
  - lib/aws_recon/collectors/shield.rb