aws_recon 0.2.36 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws_recon/collectors/guardduty.rb +36 -7
- data/lib/aws_recon/collectors/rds.rb +12 -12
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +4 -4
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9a7f479006111ba869fcdccea5264ffb5a3cc4c0536e0b2cf4a6b3581ff65146
|
|
4
|
+
data.tar.gz: dfa1191aea8a07fcd9a54be418f913b777f0bd43cf5cf9cbdfb0b8f8707dc8aa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8f5a65342608fd58234383c704ddb416333e1439ca024e8e09bb0b3e96cfe2df0d53b5489ad040317b7b47b0f523c4c8252753af81e018866f081ef2c06cf414
|
|
7
|
+
data.tar.gz: '0867e52a15899ff2e63f141ab376b2992f968c4b19a0a64b57b1506d1cc036a8724b289c231a8a15dd4118bad65eff6945b891629150d8fe6bf9afb284bca0dd'
|
|
@@ -28,14 +28,20 @@ class GuardDuty < Mapper
|
|
|
28
28
|
struct.findings_statistics = @client.get_findings_statistics({
|
|
29
29
|
detector_id: detector,
|
|
30
30
|
finding_statistic_types: ['COUNT_BY_SEVERITY'],
|
|
31
|
-
finding_criteria:
|
|
32
|
-
criterion: {
|
|
33
|
-
'service.archived': {
|
|
34
|
-
eq: ['false']
|
|
35
|
-
}
|
|
36
|
-
}
|
|
37
|
-
}
|
|
31
|
+
finding_criteria: finding_criteria
|
|
38
32
|
}).finding_statistics.to_h
|
|
33
|
+
# get_findings_statistics (only active findings older than 7 days)
|
|
34
|
+
struct.findings_statistics_aged_short = @client.get_findings_statistics({
|
|
35
|
+
detector_id: detector,
|
|
36
|
+
finding_statistic_types: ['COUNT_BY_SEVERITY'],
|
|
37
|
+
finding_criteria: finding_criteria(7)
|
|
38
|
+
}).finding_statistics.to_h
|
|
39
|
+
# get_findings_statistics (only active findings older than 30 days)
|
|
40
|
+
struct.findings_statistics_aged_long = @client.get_findings_statistics({
|
|
41
|
+
detector_id: detector,
|
|
42
|
+
finding_statistic_types: ['COUNT_BY_SEVERITY'],
|
|
43
|
+
finding_criteria: finding_criteria(30)
|
|
44
|
+
}).finding_statistics.to_h
|
|
39
45
|
|
|
40
46
|
# get_master_account
|
|
41
47
|
struct.master_account = @client.get_master_account({ detector_id: detector }).master.to_h
|
|
@@ -46,4 +52,27 @@ class GuardDuty < Mapper
|
|
|
46
52
|
|
|
47
53
|
resources
|
|
48
54
|
end
|
|
55
|
+
|
|
56
|
+
private
|
|
57
|
+
|
|
58
|
+
def finding_criteria(days = 1)
|
|
59
|
+
criteria = {
|
|
60
|
+
criterion: {
|
|
61
|
+
'service.archived': { eq: ['false'] }
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
if days > 1
|
|
66
|
+
days_ago = (Time.now.to_f * 1000).to_i - (60 * 60 * 24 * 1000 * days) # with miliseconds
|
|
67
|
+
|
|
68
|
+
criteria = {
|
|
69
|
+
criterion: {
|
|
70
|
+
'service.archived': { eq: ['false'] },
|
|
71
|
+
'updatedAt': { less_than: days_ago }
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
criteria
|
|
77
|
+
end
|
|
49
78
|
end
|
|
@@ -88,18 +88,18 @@ class RDS < Mapper
|
|
|
88
88
|
#
|
|
89
89
|
# describe_db_engine_versions
|
|
90
90
|
#
|
|
91
|
-
unless @options.skip_slow
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
end
|
|
91
|
+
### unless @options.skip_slow
|
|
92
|
+
### @client.describe_db_engine_versions.each_with_index do |response, page|
|
|
93
|
+
### log(response.context.operation_name, page)
|
|
94
|
+
|
|
95
|
+
### response.db_engine_versions.each do |version|
|
|
96
|
+
### struct = OpenStruct.new(version.to_h)
|
|
97
|
+
### struct.type = 'db_engine_version'
|
|
98
|
+
|
|
99
|
+
### resources.push(struct.to_h)
|
|
100
|
+
### end
|
|
101
|
+
### end
|
|
102
|
+
### end
|
|
103
103
|
|
|
104
104
|
resources
|
|
105
105
|
end
|
data/lib/aws_recon/version.rb
CHANGED
data/readme.md
CHANGED
|
@@ -54,13 +54,13 @@ To run locally, first install the gem:
|
|
|
54
54
|
|
|
55
55
|
```
|
|
56
56
|
$ gem install aws_recon
|
|
57
|
-
Fetching aws_recon-0.
|
|
57
|
+
Fetching aws_recon-0.3.0.gem
|
|
58
58
|
Fetching aws-sdk-3.0.1.gem
|
|
59
59
|
Fetching parallel-1.20.1.gem
|
|
60
60
|
...
|
|
61
61
|
Successfully installed aws-sdk-3.0.1
|
|
62
62
|
Successfully installed parallel-1.20.1
|
|
63
|
-
Successfully installed aws_recon-0.
|
|
63
|
+
Successfully installed aws_recon-0.3.0
|
|
64
64
|
```
|
|
65
65
|
|
|
66
66
|
Or add it to your Gemfile using `bundle`:
|
|
@@ -72,7 +72,7 @@ Resolving dependencies...
|
|
|
72
72
|
...
|
|
73
73
|
Using aws-sdk 3.0.1
|
|
74
74
|
Using parallel-1.20.1
|
|
75
|
-
Using aws_recon 0.
|
|
75
|
+
Using aws_recon 0.3.0
|
|
76
76
|
```
|
|
77
77
|
|
|
78
78
|
## Usage
|
|
@@ -225,7 +225,7 @@ Most users will want to limit collection to relevant services and regions. Runni
|
|
|
225
225
|
```
|
|
226
226
|
$ aws_recon -h
|
|
227
227
|
|
|
228
|
-
AWS Recon - AWS Inventory Collector (0.
|
|
228
|
+
AWS Recon - AWS Inventory Collector (0.3.0)
|
|
229
229
|
|
|
230
230
|
Usage: aws_recon [options]
|
|
231
231
|
-r, --regions [REGIONS] Regions to scan, separated by comma (default: all)
|