@grc-claw/integration-marketplace 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/IntegrationMarketplace.d.ts +32 -0
- package/dist/IntegrationMarketplace.js +319 -0
- package/dist/connectors/ADPConnector.d.ts +12 -0
- package/dist/connectors/ADPConnector.js +97 -0
- package/dist/connectors/AWSCloudTrailConnector.d.ts +12 -0
- package/dist/connectors/AWSCloudTrailConnector.js +77 -0
- package/dist/connectors/AWSCloudWatchConnector.d.ts +12 -0
- package/dist/connectors/AWSCloudWatchConnector.js +70 -0
- package/dist/connectors/AWSGuardDutyConnector.d.ts +12 -0
- package/dist/connectors/AWSGuardDutyConnector.js +139 -0
- package/dist/connectors/AWSIAMConnector.d.ts +12 -0
- package/dist/connectors/AWSIAMConnector.js +90 -0
- package/dist/connectors/AWSKMSConnector.d.ts +12 -0
- package/dist/connectors/AWSKMSConnector.js +70 -0
- package/dist/connectors/AWSLambdaConnector.d.ts +12 -0
- package/dist/connectors/AWSLambdaConnector.js +84 -0
- package/dist/connectors/AWSRDSConnector.d.ts +12 -0
- package/dist/connectors/AWSRDSConnector.js +84 -0
- package/dist/connectors/AWSS3Connector.d.ts +12 -0
- package/dist/connectors/AWSS3Connector.js +112 -0
- package/dist/connectors/AkamaiConnector.d.ts +12 -0
- package/dist/connectors/AkamaiConnector.js +98 -0
- package/dist/connectors/ArgoCDConnector.d.ts +12 -0
- package/dist/connectors/ArgoCDConnector.js +93 -0
- package/dist/connectors/ArtifactoryConnector.d.ts +12 -0
- package/dist/connectors/ArtifactoryConnector.js +94 -0
- package/dist/connectors/AtlassianJiraConnector.d.ts +12 -0
- package/dist/connectors/AtlassianJiraConnector.js +134 -0
- package/dist/connectors/Auth0Connector.d.ts +12 -0
- package/dist/connectors/Auth0Connector.js +150 -0
- package/dist/connectors/AzureADConnector.d.ts +12 -0
- package/dist/connectors/AzureADConnector.js +115 -0
- package/dist/connectors/AzureDevOpsConnector.d.ts +12 -0
- package/dist/connectors/AzureDevOpsConnector.js +130 -0
- package/dist/connectors/AzureDevOpsPipelinesConnector.d.ts +12 -0
- package/dist/connectors/AzureDevOpsPipelinesConnector.js +72 -0
- package/dist/connectors/AzurePipelinesConnector.d.ts +12 -0
- package/dist/connectors/AzurePipelinesConnector.js +72 -0
- package/dist/connectors/AzurePolicyConnector.d.ts +12 -0
- package/dist/connectors/AzurePolicyConnector.js +141 -0
- package/dist/connectors/AzureReposConnector.d.ts +12 -0
- package/dist/connectors/AzureReposConnector.js +96 -0
- package/dist/connectors/AzureSentinelConnector.d.ts +12 -0
- package/dist/connectors/AzureSentinelConnector.js +88 -0
- package/dist/connectors/BambooCICDConnector.d.ts +12 -0
- package/dist/connectors/BambooCICDConnector.js +72 -0
- package/dist/connectors/BambooHRConnector.d.ts +12 -0
- package/dist/connectors/BambooHRConnector.js +84 -0
- package/dist/connectors/BeyondTrustConnector.d.ts +12 -0
- package/dist/connectors/BeyondTrustConnector.js +94 -0
- package/dist/connectors/BitbucketConnector.d.ts +12 -0
- package/dist/connectors/BitbucketConnector.js +100 -0
- package/dist/connectors/BitbucketPipelinesConnector.d.ts +12 -0
- package/dist/connectors/BitbucketPipelinesConnector.js +72 -0
- package/dist/connectors/BoxConnector.d.ts +12 -0
- package/dist/connectors/BoxConnector.js +122 -0
- package/dist/connectors/BuildkiteConnector.d.ts +12 -0
- package/dist/connectors/BuildkiteConnector.js +95 -0
- package/dist/connectors/CarbonBlackConnector.d.ts +12 -0
- package/dist/connectors/CarbonBlackConnector.js +89 -0
- package/dist/connectors/CassandraConnector.d.ts +12 -0
- package/dist/connectors/CassandraConnector.js +69 -0
- package/dist/connectors/CheckPointConnector.d.ts +12 -0
- package/dist/connectors/CheckPointConnector.js +98 -0
- package/dist/connectors/CircleCIConnector.d.ts +12 -0
- package/dist/connectors/CircleCIConnector.js +129 -0
- package/dist/connectors/CircleCIConnectorsConnector.d.ts +12 -0
- package/dist/connectors/CircleCIConnectorsConnector.js +69 -0
- package/dist/connectors/CiscoUmbrellaConnector.d.ts +12 -0
- package/dist/connectors/CiscoUmbrellaConnector.js +96 -0
- package/dist/connectors/CloudBeesJenkinsConnector.d.ts +12 -0
- package/dist/connectors/CloudBeesJenkinsConnector.js +70 -0
- package/dist/connectors/CloudflareDNSConnector.d.ts +12 -0
- package/dist/connectors/CloudflareDNSConnector.js +71 -0
- package/dist/connectors/CloudflareWAFConnector.d.ts +12 -0
- package/dist/connectors/CloudflareWAFConnector.js +98 -0
- package/dist/connectors/ConfluenceConnector.d.ts +12 -0
- package/dist/connectors/ConfluenceConnector.js +101 -0
- package/dist/connectors/ConstantContactConnector.d.ts +12 -0
- package/dist/connectors/ConstantContactConnector.js +70 -0
- package/dist/connectors/CouchDBConnector.d.ts +12 -0
- package/dist/connectors/CouchDBConnector.js +69 -0
- package/dist/connectors/CrowdStrikeConnector.d.ts +12 -0
- package/dist/connectors/CrowdStrikeConnector.js +86 -0
- package/dist/connectors/CrowdStrikeFalconConnector.d.ts +12 -0
- package/dist/connectors/CrowdStrikeFalconConnector.js +92 -0
- package/dist/connectors/CrowdStrikeSpotlightConnector.d.ts +12 -0
- package/dist/connectors/CrowdStrikeSpotlightConnector.js +139 -0
- package/dist/connectors/CyberArkConnector.d.ts +12 -0
- package/dist/connectors/CyberArkConnector.js +95 -0
- package/dist/connectors/DatabricksConnector.d.ts +12 -0
- package/dist/connectors/DatabricksConnector.js +95 -0
- package/dist/connectors/DatadogConnector.d.ts +12 -0
- package/dist/connectors/DatadogConnector.js +110 -0
- package/dist/connectors/DigitalOceanConnector.d.ts +12 -0
- package/dist/connectors/DigitalOceanConnector.js +85 -0
- package/dist/connectors/DiscordConnector.d.ts +12 -0
- package/dist/connectors/DiscordConnector.js +98 -0
- package/dist/connectors/DockerHubConnector.d.ts +12 -0
- package/dist/connectors/DockerHubConnector.js +80 -0
- package/dist/connectors/DocuSignConnector.d.ts +12 -0
- package/dist/connectors/DocuSignConnector.js +96 -0
- package/dist/connectors/DriftConnector.d.ts +12 -0
- package/dist/connectors/DriftConnector.js +69 -0
- package/dist/connectors/DropboxConnector.d.ts +12 -0
- package/dist/connectors/DropboxConnector.js +127 -0
- package/dist/connectors/ESETConnector.d.ts +12 -0
- package/dist/connectors/ESETConnector.js +70 -0
- package/dist/connectors/ElasticsearchCloudConnector.d.ts +12 -0
- package/dist/connectors/ElasticsearchCloudConnector.js +70 -0
- package/dist/connectors/FSecureConnector.d.ts +12 -0
- package/dist/connectors/FSecureConnector.js +70 -0
- package/dist/connectors/FeatureFlagConnector.d.ts +12 -0
- package/dist/connectors/FeatureFlagConnector.js +70 -0
- package/dist/connectors/FluxCDConnector.d.ts +12 -0
- package/dist/connectors/FluxCDConnector.js +94 -0
- package/dist/connectors/ForgeRockConnector.d.ts +12 -0
- package/dist/connectors/ForgeRockConnector.js +95 -0
- package/dist/connectors/FortinetConnector.d.ts +12 -0
- package/dist/connectors/FortinetConnector.js +98 -0
- package/dist/connectors/FreshdeskConnector.d.ts +12 -0
- package/dist/connectors/FreshdeskConnector.js +71 -0
- package/dist/connectors/GCPBigQueryConnector.d.ts +12 -0
- package/dist/connectors/GCPBigQueryConnector.js +71 -0
- package/dist/connectors/GCPComputeConnector.d.ts +12 -0
- package/dist/connectors/GCPComputeConnector.js +87 -0
- package/dist/connectors/GCPConfigConnector.d.ts +12 -0
- package/dist/connectors/GCPConfigConnector.js +149 -0
- package/dist/connectors/GCPFirestoreConnector.d.ts +12 -0
- package/dist/connectors/GCPFirestoreConnector.js +71 -0
- package/dist/connectors/GCPIAMConnector.d.ts +12 -0
- package/dist/connectors/GCPIAMConnector.js +98 -0
- package/dist/connectors/GCPSCCConnector.d.ts +12 -0
- package/dist/connectors/GCPSCCConnector.js +94 -0
- package/dist/connectors/GitHubActionsConnector.d.ts +12 -0
- package/dist/connectors/GitHubActionsConnector.js +104 -0
- package/dist/connectors/GitHubConnector.d.ts +12 -0
- package/dist/connectors/GitHubConnector.js +135 -0
- package/dist/connectors/GitHubCopilotConnector.d.ts +12 -0
- package/dist/connectors/GitHubCopilotConnector.js +72 -0
- package/dist/connectors/GitLabCIConnector.d.ts +12 -0
- package/dist/connectors/GitLabCIConnector.js +71 -0
- package/dist/connectors/GitLabConnector.d.ts +12 -0
- package/dist/connectors/GitLabConnector.js +101 -0
- package/dist/connectors/GitLabSASTConnector.d.ts +12 -0
- package/dist/connectors/GitLabSASTConnector.js +130 -0
- package/dist/connectors/GoogleWorkspaceConnector.d.ts +12 -0
- package/dist/connectors/GoogleWorkspaceConnector.js +136 -0
- package/dist/connectors/HelmConnector.d.ts +12 -0
- package/dist/connectors/HelmConnector.js +94 -0
- package/dist/connectors/HubSpotConnector.d.ts +12 -0
- package/dist/connectors/HubSpotConnector.js +77 -0
- package/dist/connectors/IFTTTConnector.d.ts +12 -0
- package/dist/connectors/IFTTTConnector.js +70 -0
- package/dist/connectors/ImpervaConnector.d.ts +12 -0
- package/dist/connectors/ImpervaConnector.js +94 -0
- package/dist/connectors/InfluxDBConnector.d.ts +12 -0
- package/dist/connectors/InfluxDBConnector.js +70 -0
- package/dist/connectors/IntercomConnector.d.ts +12 -0
- package/dist/connectors/IntercomConnector.js +69 -0
- package/dist/connectors/JenkinsConnector.d.ts +12 -0
- package/dist/connectors/JenkinsConnector.js +96 -0
- package/dist/connectors/JiraConnector.d.ts +12 -0
- package/dist/connectors/JiraConnector.js +103 -0
- package/dist/connectors/KafkaConnector.d.ts +12 -0
- package/dist/connectors/KafkaConnector.js +70 -0
- package/dist/connectors/KasperskyConnector.d.ts +12 -0
- package/dist/connectors/KasperskyConnector.js +70 -0
- package/dist/connectors/KubernetesConnector.d.ts +12 -0
- package/dist/connectors/KubernetesConnector.js +109 -0
- package/dist/connectors/LaceworkConnector.d.ts +13 -0
- package/dist/connectors/LaceworkConnector.js +143 -0
- package/dist/connectors/LaunchDarklyConnector.d.ts +12 -0
- package/dist/connectors/LaunchDarklyConnector.js +86 -0
- package/dist/connectors/LinodeConnector.d.ts +12 -0
- package/dist/connectors/LinodeConnector.js +70 -0
- package/dist/connectors/LookerConnector.d.ts +12 -0
- package/dist/connectors/LookerConnector.js +94 -0
- package/dist/connectors/MailchimpConnector.d.ts +12 -0
- package/dist/connectors/MailchimpConnector.js +71 -0
- package/dist/connectors/MalwarebytesConnector.d.ts +12 -0
- package/dist/connectors/MalwarebytesConnector.js +85 -0
- package/dist/connectors/McAfeeConnector.d.ts +12 -0
- package/dist/connectors/McAfeeConnector.js +85 -0
- package/dist/connectors/Microsoft365Connector.d.ts +12 -0
- package/dist/connectors/Microsoft365Connector.js +139 -0
- package/dist/connectors/MongoDBConnector.d.ts +12 -0
- package/dist/connectors/MongoDBConnector.js +86 -0
- package/dist/connectors/NamelyConnector.d.ts +12 -0
- package/dist/connectors/NamelyConnector.js +97 -0
- package/dist/connectors/Neo4jConnector.d.ts +12 -0
- package/dist/connectors/Neo4jConnector.js +70 -0
- package/dist/connectors/NetSuiteConnector.d.ts +12 -0
- package/dist/connectors/NetSuiteConnector.js +94 -0
- package/dist/connectors/NetskopeConnector.d.ts +12 -0
- package/dist/connectors/NetskopeConnector.js +98 -0
- package/dist/connectors/NexusConnector.d.ts +12 -0
- package/dist/connectors/NexusConnector.js +93 -0
- package/dist/connectors/NotionConnector.d.ts +12 -0
- package/dist/connectors/NotionConnector.js +109 -0
- package/dist/connectors/OktaConnector.d.ts +12 -0
- package/dist/connectors/OktaConnector.js +123 -0
- package/dist/connectors/OktaSystemLogConnector.d.ts +12 -0
- package/dist/connectors/OktaSystemLogConnector.js +129 -0
- package/dist/connectors/OpsgenieConnector.d.ts +12 -0
- package/dist/connectors/OpsgenieConnector.js +70 -0
- package/dist/connectors/PagerDutyConnector.d.ts +12 -0
- package/dist/connectors/PagerDutyConnector.js +106 -0
- package/dist/connectors/PalantirConnector.d.ts +12 -0
- package/dist/connectors/PalantirConnector.js +95 -0
- package/dist/connectors/PaloAltoPrismaCloudConnector.d.ts +12 -0
- package/dist/connectors/PaloAltoPrismaCloudConnector.js +110 -0
- package/dist/connectors/PingFederateConnector.d.ts +12 -0
- package/dist/connectors/PingFederateConnector.js +97 -0
- package/dist/connectors/PostgreSQLCloudConnector.d.ts +12 -0
- package/dist/connectors/PostgreSQLCloudConnector.js +70 -0
- package/dist/connectors/PowerBIConnector.d.ts +12 -0
- package/dist/connectors/PowerBIConnector.js +95 -0
- package/dist/connectors/PrismaCloudConnector.d.ts +12 -0
- package/dist/connectors/PrismaCloudConnector.js +147 -0
- package/dist/connectors/QualysConnector.d.ts +12 -0
- package/dist/connectors/QualysConnector.js +96 -0
- package/dist/connectors/QualysScannerConnector.d.ts +12 -0
- package/dist/connectors/QualysScannerConnector.js +131 -0
- package/dist/connectors/QuickBooksConnector.d.ts +12 -0
- package/dist/connectors/QuickBooksConnector.js +97 -0
- package/dist/connectors/RabbitMQConnector.d.ts +12 -0
- package/dist/connectors/RabbitMQConnector.js +69 -0
- package/dist/connectors/RadwareConnector.d.ts +12 -0
- package/dist/connectors/RadwareConnector.js +94 -0
- package/dist/connectors/RedisCloudConnector.d.ts +12 -0
- package/dist/connectors/RedisCloudConnector.js +70 -0
- package/dist/connectors/RingCentralConnector.d.ts +12 -0
- package/dist/connectors/RingCentralConnector.js +94 -0
- package/dist/connectors/SAPSuccessFactorsConnector.d.ts +12 -0
- package/dist/connectors/SAPSuccessFactorsConnector.js +103 -0
- package/dist/connectors/SailPointConnector.d.ts +12 -0
- package/dist/connectors/SailPointConnector.js +97 -0
- package/dist/connectors/SalesforceConnector.d.ts +12 -0
- package/dist/connectors/SalesforceConnector.js +91 -0
- package/dist/connectors/SendGridConnector.d.ts +12 -0
- package/dist/connectors/SendGridConnector.js +69 -0
- package/dist/connectors/SentinelOneConnector.d.ts +12 -0
- package/dist/connectors/SentinelOneConnector.js +89 -0
- package/dist/connectors/ServiceNowConnector.d.ts +12 -0
- package/dist/connectors/ServiceNowConnector.js +123 -0
- package/dist/connectors/SlackConnector.d.ts +12 -0
- package/dist/connectors/SlackConnector.js +109 -0
- package/dist/connectors/SnowflakeConnector.d.ts +12 -0
- package/dist/connectors/SnowflakeConnector.js +105 -0
- package/dist/connectors/SnykConnector.d.ts +12 -0
- package/dist/connectors/SnykConnector.js +84 -0
- package/dist/connectors/SnykMonitorConnector.d.ts +12 -0
- package/dist/connectors/SnykMonitorConnector.js +131 -0
- package/dist/connectors/SophosConnector.d.ts +12 -0
- package/dist/connectors/SophosConnector.js +87 -0
- package/dist/connectors/SpinnakerConnector.d.ts +12 -0
- package/dist/connectors/SpinnakerConnector.js +70 -0
- package/dist/connectors/SplunkConnector.d.ts +12 -0
- package/dist/connectors/SplunkConnector.js +126 -0
- package/dist/connectors/StripeConnector.d.ts +12 -0
- package/dist/connectors/StripeConnector.js +97 -0
- package/dist/connectors/TableauConnector.d.ts +12 -0
- package/dist/connectors/TableauConnector.js +101 -0
- package/dist/connectors/TaniumConnector.d.ts +12 -0
- package/dist/connectors/TaniumConnector.js +97 -0
- package/dist/connectors/TeamCityConnector.d.ts +12 -0
- package/dist/connectors/TeamCityConnector.js +71 -0
- package/dist/connectors/TeamsConnector.d.ts +12 -0
- package/dist/connectors/TeamsConnector.js +96 -0
- package/dist/connectors/TenableIOConnector.d.ts +12 -0
- package/dist/connectors/TenableIOConnector.js +130 -0
- package/dist/connectors/TerraformCloudConnector.d.ts +12 -0
- package/dist/connectors/TerraformCloudConnector.js +106 -0
- package/dist/connectors/TravisCIConnector.d.ts +12 -0
- package/dist/connectors/TravisCIConnector.js +95 -0
- package/dist/connectors/TrendMicroConnector.d.ts +12 -0
- package/dist/connectors/TrendMicroConnector.js +85 -0
- package/dist/connectors/TwilioConnector.d.ts +12 -0
- package/dist/connectors/TwilioConnector.js +70 -0
- package/dist/connectors/VercelConnector.d.ts +12 -0
- package/dist/connectors/VercelConnector.js +70 -0
- package/dist/connectors/VultrConnector.d.ts +12 -0
- package/dist/connectors/VultrConnector.js +70 -0
- package/dist/connectors/WebexConnector.d.ts +12 -0
- package/dist/connectors/WebexConnector.js +94 -0
- package/dist/connectors/WizConnector.d.ts +12 -0
- package/dist/connectors/WizConnector.js +172 -0
- package/dist/connectors/WorkdayConnector.d.ts +12 -0
- package/dist/connectors/WorkdayConnector.js +100 -0
- package/dist/connectors/XeroConnector.d.ts +12 -0
- package/dist/connectors/XeroConnector.js +96 -0
- package/dist/connectors/ZapierConnector.d.ts +12 -0
- package/dist/connectors/ZapierConnector.js +70 -0
- package/dist/connectors/ZendeskConnector.d.ts +12 -0
- package/dist/connectors/ZendeskConnector.js +71 -0
- package/dist/connectors/ZenefitsConnector.d.ts +12 -0
- package/dist/connectors/ZenefitsConnector.js +93 -0
- package/dist/connectors/ZoomConnector.d.ts +12 -0
- package/dist/connectors/ZoomConnector.js +97 -0
- package/dist/connectors/ZscalerConnector.d.ts +12 -0
- package/dist/connectors/ZscalerConnector.js +97 -0
- package/dist/connectors/index.d.ts +150 -0
- package/dist/connectors/index.js +157 -0
- package/dist/index.d.ts +5 -0
- package/dist/index.js +16 -0
- package/dist/index.test.d.ts +1 -0
- package/dist/index.test.js +139 -0
- package/dist/types.d.ts +57 -0
- package/dist/types.js +8 -0
- package/package.json +33 -0
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
import { hashEvidence, generateEvidenceId } from "../types.js";
|
|
2
|
+
const capabilities = [
|
|
3
|
+
{
|
|
4
|
+
id: "gd-findings",
|
|
5
|
+
name: "GuardDuty Findings",
|
|
6
|
+
description: "Fetch active and high-severity GuardDuty findings",
|
|
7
|
+
evidenceCategories: ["vulnerability_management", "threat_detection"],
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
id: "gd-detector-status",
|
|
11
|
+
name: "Detector Status",
|
|
12
|
+
description: "Fetch GuardDuty detector configuration and publishing destination",
|
|
13
|
+
evidenceCategories: ["configuration", "monitoring"],
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
id: "gd-ip-reputation",
|
|
17
|
+
name: "IP Reputation Findings",
|
|
18
|
+
description: "Fetch IP reputation threat intelligence findings",
|
|
19
|
+
evidenceCategories: ["threat_detection", "network_security"],
|
|
20
|
+
},
|
|
21
|
+
{
|
|
22
|
+
id: "gd-s3-protection",
|
|
23
|
+
name: "S3 Protection Findings",
|
|
24
|
+
description: "Fetch S3 data event-based GuardDuty findings",
|
|
25
|
+
evidenceCategories: ["data_protection", "vulnerability_management"],
|
|
26
|
+
},
|
|
27
|
+
];
|
|
28
|
+
export class AWSGuardDutyConnector {
|
|
29
|
+
id = "aws_guardduty";
|
|
30
|
+
name = "AWS GuardDuty";
|
|
31
|
+
category = "cloud_provider";
|
|
32
|
+
authType = "service_account";
|
|
33
|
+
capabilities = capabilities;
|
|
34
|
+
frameworks = [
|
|
35
|
+
"SOC2",
|
|
36
|
+
"ISO27001",
|
|
37
|
+
"NIST_CSF",
|
|
38
|
+
"PCI_DSS",
|
|
39
|
+
"HIPAA",
|
|
40
|
+
];
|
|
41
|
+
async signRequest(config, service, region, method, path) {
|
|
42
|
+
const host = `${service}.${region}.amazonaws.com`;
|
|
43
|
+
const resp = await fetch(`https://${host}${path}`, {
|
|
44
|
+
headers: {
|
|
45
|
+
Authorization: `AWS4-HMAC-SHA256 Credential=${config.apiToken}/${region}/${service}/aws4_request`,
|
|
46
|
+
"X-Amz-Date": new Date().toISOString().replace(/[:\-]|\.\d{3}/g, ""),
|
|
47
|
+
Host: host,
|
|
48
|
+
},
|
|
49
|
+
method,
|
|
50
|
+
});
|
|
51
|
+
if (!resp.ok)
|
|
52
|
+
throw new Error(`AWS API ${resp.status}: ${resp.statusText}`);
|
|
53
|
+
return (await resp.json());
|
|
54
|
+
}
|
|
55
|
+
async testConnection(config) {
|
|
56
|
+
try {
|
|
57
|
+
const region = config.region || "us-east-1";
|
|
58
|
+
await this.signRequest(config, "guardduty", region, "GET", "/detectors");
|
|
59
|
+
return true;
|
|
60
|
+
}
|
|
61
|
+
catch {
|
|
62
|
+
return false;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
async collectEvidence(config) {
|
|
66
|
+
const artifacts = [];
|
|
67
|
+
const now = new Date().toISOString();
|
|
68
|
+
const region = config.region || "us-east-1";
|
|
69
|
+
const detectorId = config.extra?.detectorId || "default";
|
|
70
|
+
const detectors = await this.signRequest(config, "guardduty", region, "GET", "/detectors").catch(() => ({ detectorIds: [] }));
|
|
71
|
+
artifacts.push({
|
|
72
|
+
id: generateEvidenceId(),
|
|
73
|
+
connectorId: this.id,
|
|
74
|
+
capabilityId: "gd-detector-status",
|
|
75
|
+
timestamp: now,
|
|
76
|
+
hash: hashEvidence(detectors),
|
|
77
|
+
framework: "SOC2",
|
|
78
|
+
controlId: "CC7.1",
|
|
79
|
+
source: `aws/guardduty/${region}/detectors`,
|
|
80
|
+
status: Array.isArray(detectors.detectorIds) && detectors.detectorIds.length > 0
|
|
81
|
+
? "compliant"
|
|
82
|
+
: "non_compliant",
|
|
83
|
+
data: { activeDetectors: Array.isArray(detectors.detectorIds) ? detectors.detectorIds.length : 0 },
|
|
84
|
+
metadata: { region, detectorId },
|
|
85
|
+
});
|
|
86
|
+
const findings = await this.signRequest(config, "guardduty", region, "POST", `/detectors/${detectorId}/findings`).catch(() => ({ findings: [] }));
|
|
87
|
+
const findingList = Array.isArray(findings.findings) ? findings.findings : [];
|
|
88
|
+
const highSeverity = findingList.filter((f) => f.severity >= 7);
|
|
89
|
+
artifacts.push({
|
|
90
|
+
id: generateEvidenceId(),
|
|
91
|
+
connectorId: this.id,
|
|
92
|
+
capabilityId: "gd-findings",
|
|
93
|
+
timestamp: now,
|
|
94
|
+
hash: hashEvidence(findings),
|
|
95
|
+
framework: "NIST_CSF",
|
|
96
|
+
controlId: "RS.AN",
|
|
97
|
+
source: `aws/guardduty/${region}/findings`,
|
|
98
|
+
status: highSeverity.length === 0 ? "compliant" : "non_compliant",
|
|
99
|
+
data: {
|
|
100
|
+
totalFindings: findingList.length,
|
|
101
|
+
highSeverityCount: highSeverity.length,
|
|
102
|
+
},
|
|
103
|
+
metadata: { region, detectorId },
|
|
104
|
+
});
|
|
105
|
+
const ipFindings = await this.signRequest(config, "guardduty", region, "POST", `/detectors/${detectorId}/findings?FilterCriteria={"Criterion":{"type":[{"Value":"Recon:EC2/API calls made from unusual location","Comparison":"eq"}]}}`).catch(() => ({ findings: [] }));
|
|
106
|
+
artifacts.push({
|
|
107
|
+
id: generateEvidenceId(),
|
|
108
|
+
connectorId: this.id,
|
|
109
|
+
capabilityId: "gd-ip-reputation",
|
|
110
|
+
timestamp: now,
|
|
111
|
+
hash: hashEvidence(ipFindings),
|
|
112
|
+
framework: "ISO27001",
|
|
113
|
+
controlId: "A.13.1.1",
|
|
114
|
+
source: `aws/guardduty/${region}/ip-reputation`,
|
|
115
|
+
status: Array.isArray(ipFindings.findings) && ipFindings.findings.length === 0
|
|
116
|
+
? "compliant"
|
|
117
|
+
: "non_compliant",
|
|
118
|
+
data: { ipReputationFindings: Array.isArray(ipFindings.findings) ? ipFindings.findings.length : 0 },
|
|
119
|
+
metadata: { region, detectorId },
|
|
120
|
+
});
|
|
121
|
+
const s3Findings = await this.signRequest(config, "guardduty", region, "POST", `/detectors/${detectorId}/findings?FilterCriteria={"Criterion":{"resource.accessKeyDetails.userName":[{"Value":"*","Comparison":"contains"}]}}`).catch(() => ({ findings: [] }));
|
|
122
|
+
artifacts.push({
|
|
123
|
+
id: generateEvidenceId(),
|
|
124
|
+
connectorId: this.id,
|
|
125
|
+
capabilityId: "gd-s3-protection",
|
|
126
|
+
timestamp: now,
|
|
127
|
+
hash: hashEvidence(s3Findings),
|
|
128
|
+
framework: "PCI_DSS",
|
|
129
|
+
controlId: "3.4.1",
|
|
130
|
+
source: `aws/guardduty/${region}/s3-protection`,
|
|
131
|
+
status: Array.isArray(s3Findings.findings) && s3Findings.findings.length === 0
|
|
132
|
+
? "compliant"
|
|
133
|
+
: "non_compliant",
|
|
134
|
+
data: { s3Findings: Array.isArray(s3Findings.findings) ? s3Findings.findings.length : 0 },
|
|
135
|
+
metadata: { region, detectorId },
|
|
136
|
+
});
|
|
137
|
+
return artifacts;
|
|
138
|
+
}
|
|
139
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
|
|
2
|
+
export declare class AWSIAMConnector implements IntegrationConnector {
|
|
3
|
+
readonly id = "aws-iam";
|
|
4
|
+
readonly name = "AWS IAM";
|
|
5
|
+
readonly category: "cloud_provider";
|
|
6
|
+
readonly authType: "service_account";
|
|
7
|
+
readonly capabilities: IntegrationCapability[];
|
|
8
|
+
readonly frameworks: ComplianceFramework[];
|
|
9
|
+
private fetchAws;
|
|
10
|
+
testConnection(config: ConnectorConfig): Promise<boolean>;
|
|
11
|
+
collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
|
|
12
|
+
}
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
import { hashEvidence, generateEvidenceId } from "../types.js";
|
|
2
|
+
const capabilities = [
|
|
3
|
+
{
|
|
4
|
+
id: "aws-iam-policies",
|
|
5
|
+
name: "IAM Policies",
|
|
6
|
+
description: "Fetch IAM policies, attached managed policies, and inline policies",
|
|
7
|
+
evidenceCategories: ["access_control"],
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
id: "aws-iam-access-analyzer",
|
|
11
|
+
name: "IAM Access Analyzer",
|
|
12
|
+
description: "Fetch Access Analyzer findings for cross-account and external access",
|
|
13
|
+
evidenceCategories: ["access_control", "risk_management"],
|
|
14
|
+
},
|
|
15
|
+
];
|
|
16
|
+
export class AWSIAMConnector {
|
|
17
|
+
id = "aws-iam";
|
|
18
|
+
name = "AWS IAM";
|
|
19
|
+
category = "cloud_provider";
|
|
20
|
+
authType = "service_account";
|
|
21
|
+
capabilities = capabilities;
|
|
22
|
+
frameworks = [
|
|
23
|
+
"SOC2",
|
|
24
|
+
"ISO27001",
|
|
25
|
+
"NIST_CSF",
|
|
26
|
+
"HIPAA",
|
|
27
|
+
"PCI_DSS",
|
|
28
|
+
];
|
|
29
|
+
async fetchAws(config, service, action, params = {}) {
|
|
30
|
+
const region = config.region || "us-east-1";
|
|
31
|
+
const host = `${service}.${region}.amazonaws.com`;
|
|
32
|
+
const query = new URLSearchParams({ Action: action, Version: "2010-05-08", ...params });
|
|
33
|
+
const resp = await fetch(`https://${host}/?${query}`, {
|
|
34
|
+
headers: {
|
|
35
|
+
Authorization: `AWS4-HMAC-SHA256 Credential=${config.apiToken}/${region}/${service}/aws4_request`,
|
|
36
|
+
"X-Amz-Date": new Date().toISOString().replace(/[:-]|\.\d{3}/g, ""),
|
|
37
|
+
},
|
|
38
|
+
});
|
|
39
|
+
if (!resp.ok)
|
|
40
|
+
throw new Error(`AWS ${service} ${resp.status}: ${resp.statusText}`);
|
|
41
|
+
const text = await resp.text();
|
|
42
|
+
return { raw: text };
|
|
43
|
+
}
|
|
44
|
+
async testConnection(config) {
|
|
45
|
+
try {
|
|
46
|
+
await this.fetchAws(config, "iam", "GetCallerIdentity");
|
|
47
|
+
return true;
|
|
48
|
+
}
|
|
49
|
+
catch {
|
|
50
|
+
return false;
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
async collectEvidence(config) {
|
|
54
|
+
const artifacts = [];
|
|
55
|
+
const now = new Date().toISOString();
|
|
56
|
+
const policies = await this.fetchAws(config, "iam", "ListPolicies", {
|
|
57
|
+
Scope: "Local",
|
|
58
|
+
}).catch(() => ({ policies: [] }));
|
|
59
|
+
artifacts.push({
|
|
60
|
+
id: generateEvidenceId(),
|
|
61
|
+
connectorId: this.id,
|
|
62
|
+
capabilityId: "aws-iam-policies",
|
|
63
|
+
timestamp: now,
|
|
64
|
+
hash: hashEvidence(policies),
|
|
65
|
+
framework: "SOC2",
|
|
66
|
+
controlId: "CC6.1",
|
|
67
|
+
source: "aws-iam/ListPolicies",
|
|
68
|
+
status: "unknown",
|
|
69
|
+
data: { policies },
|
|
70
|
+
metadata: { region: config.region || "us-east-1" },
|
|
71
|
+
});
|
|
72
|
+
const analyzer = await this.fetchAws(config, "accessanalyzer", "ListFindings", {
|
|
73
|
+
analyzerArn: config.extra?.analyzerArn || "",
|
|
74
|
+
}).catch(() => ({ findings: [] }));
|
|
75
|
+
artifacts.push({
|
|
76
|
+
id: generateEvidenceId(),
|
|
77
|
+
connectorId: this.id,
|
|
78
|
+
capabilityId: "aws-iam-access-analyzer",
|
|
79
|
+
timestamp: now,
|
|
80
|
+
hash: hashEvidence(analyzer),
|
|
81
|
+
framework: "SOC2",
|
|
82
|
+
controlId: "CC6.2",
|
|
83
|
+
source: "aws-access-analyzer/ListFindings",
|
|
84
|
+
status: "unknown",
|
|
85
|
+
data: { findings: analyzer },
|
|
86
|
+
metadata: { region: config.region || "us-east-1" },
|
|
87
|
+
});
|
|
88
|
+
return artifacts;
|
|
89
|
+
}
|
|
90
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
|
|
2
|
+
export declare class AWSKMSConnector implements IntegrationConnector {
|
|
3
|
+
readonly id = "aws-kms";
|
|
4
|
+
readonly name = "AWS KMS";
|
|
5
|
+
readonly category: "cloud_provider";
|
|
6
|
+
readonly authType: "service_account";
|
|
7
|
+
readonly capabilities: IntegrationCapability[];
|
|
8
|
+
readonly frameworks: ComplianceFramework[];
|
|
9
|
+
private fetchApi;
|
|
10
|
+
testConnection(config: ConnectorConfig): Promise<boolean>;
|
|
11
|
+
collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
|
|
12
|
+
}
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
import { hashEvidence, generateEvidenceId } from "../types.js";
|
|
2
|
+
const capabilities = [
|
|
3
|
+
{
|
|
4
|
+
id: "awskms-keys",
|
|
5
|
+
name: "KMS Keys",
|
|
6
|
+
description: "Fetch KMS key configurations, rotation policies, and usage",
|
|
7
|
+
evidenceCategories: ["encryption", "configuration"],
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
id: "awskms-access",
|
|
11
|
+
name: "Key Access Controls",
|
|
12
|
+
description: "Fetch key policies and grants controlling access to KMS keys",
|
|
13
|
+
evidenceCategories: ["access_control", "encryption"],
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
id: "awskms-audit",
|
|
17
|
+
name: "Key Audit Trail",
|
|
18
|
+
description: "Fetch CloudTrail events for KMS key usage and management",
|
|
19
|
+
evidenceCategories: ["monitoring", "audit"],
|
|
20
|
+
},
|
|
21
|
+
];
|
|
22
|
+
export class AWSKMSConnector {
|
|
23
|
+
id = "aws-kms";
|
|
24
|
+
name = "AWS KMS";
|
|
25
|
+
category = "cloud_provider";
|
|
26
|
+
authType = "service_account";
|
|
27
|
+
capabilities = capabilities;
|
|
28
|
+
frameworks = ["SOC2", "ISO27001", "NIST_CSF", "PCI_DSS", "HIPAA"];
|
|
29
|
+
async fetchApi(config, endpoint) {
|
|
30
|
+
const base = config.baseUrl || "https://kms.us-east-1.amazonaws.com";
|
|
31
|
+
const resp = await fetch(`${base}${endpoint}`, {
|
|
32
|
+
headers: {
|
|
33
|
+
Authorization: `Bearer ${config.apiToken}`,
|
|
34
|
+
"Content-Type": "application/json",
|
|
35
|
+
},
|
|
36
|
+
});
|
|
37
|
+
if (!resp.ok)
|
|
38
|
+
throw new Error(`AWS KMS API ${resp.status}: ${resp.statusText}`);
|
|
39
|
+
return (await resp.json());
|
|
40
|
+
}
|
|
41
|
+
async testConnection(config) {
|
|
42
|
+
try {
|
|
43
|
+
await this.fetchApi(config, "/?Action=ListKeys&Limit=1");
|
|
44
|
+
return true;
|
|
45
|
+
}
|
|
46
|
+
catch {
|
|
47
|
+
return false;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
async collectEvidence(config) {
|
|
51
|
+
const artifacts = [];
|
|
52
|
+
const now = new Date().toISOString();
|
|
53
|
+
const keys = await this.fetchApi(config, "/?Action=ListKeys").catch(() => ({ Keys: [] }));
|
|
54
|
+
const keyList = (keys.Keys || []);
|
|
55
|
+
artifacts.push({
|
|
56
|
+
id: generateEvidenceId(),
|
|
57
|
+
connectorId: this.id,
|
|
58
|
+
capabilityId: "awskms-keys",
|
|
59
|
+
timestamp: now,
|
|
60
|
+
hash: hashEvidence({ keyCount: keyList.length }),
|
|
61
|
+
framework: "SOC2",
|
|
62
|
+
controlId: "CC6.1",
|
|
63
|
+
source: "aws-kms/keys",
|
|
64
|
+
status: keyList.length > 0 ? "compliant" : "unknown",
|
|
65
|
+
data: { keyCount: keyList.length },
|
|
66
|
+
metadata: {},
|
|
67
|
+
});
|
|
68
|
+
return artifacts;
|
|
69
|
+
}
|
|
70
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
|
|
2
|
+
export declare class AWSLambdaConnector implements IntegrationConnector {
|
|
3
|
+
readonly id = "aws-lambda";
|
|
4
|
+
readonly name = "AWS Lambda";
|
|
5
|
+
readonly category: "cloud_provider";
|
|
6
|
+
readonly authType: "service_account";
|
|
7
|
+
readonly capabilities: IntegrationCapability[];
|
|
8
|
+
readonly frameworks: ComplianceFramework[];
|
|
9
|
+
private fetchApi;
|
|
10
|
+
testConnection(config: ConnectorConfig): Promise<boolean>;
|
|
11
|
+
collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
|
|
12
|
+
}
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
import { hashEvidence, generateEvidenceId } from "../types.js";
|
|
2
|
+
const capabilities = [
|
|
3
|
+
{
|
|
4
|
+
id: "awslambda-functions",
|
|
5
|
+
name: "Lambda Functions",
|
|
6
|
+
description: "Fetch AWS Lambda function configurations and runtime settings",
|
|
7
|
+
evidenceCategories: ["cloud_configuration", "access_control"],
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
id: "awslambda-permissions",
|
|
11
|
+
name: "Function Permissions",
|
|
12
|
+
description: "Fetch IAM execution roles and resource policies on Lambda functions",
|
|
13
|
+
evidenceCategories: ["access_control", "data_protection"],
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
id: "awslambda-logging",
|
|
17
|
+
name: "Function Logging",
|
|
18
|
+
description: "Fetch CloudWatch log group configurations for Lambda functions",
|
|
19
|
+
evidenceCategories: ["monitoring", "configuration"],
|
|
20
|
+
},
|
|
21
|
+
];
|
|
22
|
+
export class AWSLambdaConnector {
|
|
23
|
+
id = "aws-lambda";
|
|
24
|
+
name = "AWS Lambda";
|
|
25
|
+
category = "cloud_provider";
|
|
26
|
+
authType = "service_account";
|
|
27
|
+
capabilities = capabilities;
|
|
28
|
+
frameworks = ["SOC2", "ISO27001", "NIST_CSF", "PCI_DSS", "HIPAA"];
|
|
29
|
+
async fetchApi(config, endpoint) {
|
|
30
|
+
const base = config.baseUrl || "https://lambda.us-east-1.amazonaws.com";
|
|
31
|
+
const resp = await fetch(`${base}${endpoint}`, {
|
|
32
|
+
headers: {
|
|
33
|
+
Authorization: `Bearer ${config.apiToken}`,
|
|
34
|
+
"Content-Type": "application/json",
|
|
35
|
+
},
|
|
36
|
+
});
|
|
37
|
+
if (!resp.ok)
|
|
38
|
+
throw new Error(`AWS Lambda API ${resp.status}: ${resp.statusText}`);
|
|
39
|
+
return (await resp.json());
|
|
40
|
+
}
|
|
41
|
+
async testConnection(config) {
|
|
42
|
+
try {
|
|
43
|
+
await this.fetchApi(config, "/2015-03-31/functions/?MaxItems=1");
|
|
44
|
+
return true;
|
|
45
|
+
}
|
|
46
|
+
catch {
|
|
47
|
+
return false;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
async collectEvidence(config) {
|
|
51
|
+
const artifacts = [];
|
|
52
|
+
const now = new Date().toISOString();
|
|
53
|
+
const functions = await this.fetchApi(config, "/2015-03-31/functions/?MaxItems=100").catch(() => ({ Functions: [] }));
|
|
54
|
+
const funcList = (functions.Functions || []);
|
|
55
|
+
artifacts.push({
|
|
56
|
+
id: generateEvidenceId(),
|
|
57
|
+
connectorId: this.id,
|
|
58
|
+
capabilityId: "awslambda-functions",
|
|
59
|
+
timestamp: now,
|
|
60
|
+
hash: hashEvidence({ functionCount: funcList.length }),
|
|
61
|
+
framework: "SOC2",
|
|
62
|
+
controlId: "CC6.1",
|
|
63
|
+
source: "aws-lambda/functions",
|
|
64
|
+
status: funcList.length > 0 ? "compliant" : "unknown",
|
|
65
|
+
data: { functionCount: funcList.length },
|
|
66
|
+
metadata: {},
|
|
67
|
+
});
|
|
68
|
+
const publicFunctions = funcList.filter((f) => f.Policy !== null);
|
|
69
|
+
artifacts.push({
|
|
70
|
+
id: generateEvidenceId(),
|
|
71
|
+
connectorId: this.id,
|
|
72
|
+
capabilityId: "awslambda-permissions",
|
|
73
|
+
timestamp: now,
|
|
74
|
+
hash: hashEvidence({ publicCount: publicFunctions.length }),
|
|
75
|
+
framework: "SOC2",
|
|
76
|
+
controlId: "CC6.3",
|
|
77
|
+
source: "aws-lambda/permissions",
|
|
78
|
+
status: publicFunctions.length === 0 ? "compliant" : "non_compliant",
|
|
79
|
+
data: { publicFunctionCount: publicFunctions.length },
|
|
80
|
+
metadata: {},
|
|
81
|
+
});
|
|
82
|
+
return artifacts;
|
|
83
|
+
}
|
|
84
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
|
|
2
|
+
export declare class AWSRDSConnector implements IntegrationConnector {
|
|
3
|
+
readonly id = "aws-rds";
|
|
4
|
+
readonly name = "AWS RDS";
|
|
5
|
+
readonly category: "cloud_provider";
|
|
6
|
+
readonly authType: "service_account";
|
|
7
|
+
readonly capabilities: IntegrationCapability[];
|
|
8
|
+
readonly frameworks: ComplianceFramework[];
|
|
9
|
+
private fetchApi;
|
|
10
|
+
testConnection(config: ConnectorConfig): Promise<boolean>;
|
|
11
|
+
collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
|
|
12
|
+
}
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
import { hashEvidence, generateEvidenceId } from "../types.js";
|
|
2
|
+
const capabilities = [
|
|
3
|
+
{
|
|
4
|
+
id: "awsrds-instances",
|
|
5
|
+
name: "RDS Instances",
|
|
6
|
+
description: "Fetch RDS instance configurations, engine versions, and backup settings",
|
|
7
|
+
evidenceCategories: ["cloud_configuration", "data_protection"],
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
id: "awsrds-security",
|
|
11
|
+
name: "Security Groups",
|
|
12
|
+
description: "Fetch VPC security groups and IAM authentication settings for RDS",
|
|
13
|
+
evidenceCategories: ["access_control", "network_security"],
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
id: "awsrds-encryption",
|
|
17
|
+
name: "Encryption at Rest",
|
|
18
|
+
description: "Fetch KMS encryption configurations for RDS instances and snapshots",
|
|
19
|
+
evidenceCategories: ["data_protection", "encryption"],
|
|
20
|
+
},
|
|
21
|
+
];
|
|
22
|
+
export class AWSRDSConnector {
|
|
23
|
+
id = "aws-rds";
|
|
24
|
+
name = "AWS RDS";
|
|
25
|
+
category = "cloud_provider";
|
|
26
|
+
authType = "service_account";
|
|
27
|
+
capabilities = capabilities;
|
|
28
|
+
frameworks = ["SOC2", "ISO27001", "NIST_CSF", "PCI_DSS", "HIPAA"];
|
|
29
|
+
async fetchApi(config, endpoint) {
|
|
30
|
+
const base = config.baseUrl || "https://rds.us-east-1.amazonaws.com";
|
|
31
|
+
const resp = await fetch(`${base}${endpoint}`, {
|
|
32
|
+
headers: {
|
|
33
|
+
Authorization: `Bearer ${config.apiToken}`,
|
|
34
|
+
"Content-Type": "application/json",
|
|
35
|
+
},
|
|
36
|
+
});
|
|
37
|
+
if (!resp.ok)
|
|
38
|
+
throw new Error(`AWS RDS API ${resp.status}: ${resp.statusText}`);
|
|
39
|
+
return (await resp.json());
|
|
40
|
+
}
|
|
41
|
+
async testConnection(config) {
|
|
42
|
+
try {
|
|
43
|
+
await this.fetchApi(config, "/?Action=DescribeDBInstances&MaxRecords=1");
|
|
44
|
+
return true;
|
|
45
|
+
}
|
|
46
|
+
catch {
|
|
47
|
+
return false;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
async collectEvidence(config) {
|
|
51
|
+
const artifacts = [];
|
|
52
|
+
const now = new Date().toISOString();
|
|
53
|
+
const instances = await this.fetchApi(config, "/?Action=DescribeDBInstances").catch(() => ({ DBInstances: [] }));
|
|
54
|
+
const dbList = (instances.DBInstances || []);
|
|
55
|
+
artifacts.push({
|
|
56
|
+
id: generateEvidenceId(),
|
|
57
|
+
connectorId: this.id,
|
|
58
|
+
capabilityId: "awsrds-instances",
|
|
59
|
+
timestamp: now,
|
|
60
|
+
hash: hashEvidence({ instanceCount: dbList.length }),
|
|
61
|
+
framework: "SOC2",
|
|
62
|
+
controlId: "CC6.1",
|
|
63
|
+
source: "aws-rds/instances",
|
|
64
|
+
status: dbList.length > 0 ? "compliant" : "unknown",
|
|
65
|
+
data: { instanceCount: dbList.length },
|
|
66
|
+
metadata: {},
|
|
67
|
+
});
|
|
68
|
+
const unencrypted = dbList.filter((i) => !i.StorageEncrypted);
|
|
69
|
+
artifacts.push({
|
|
70
|
+
id: generateEvidenceId(),
|
|
71
|
+
connectorId: this.id,
|
|
72
|
+
capabilityId: "awsrds-encryption",
|
|
73
|
+
timestamp: now,
|
|
74
|
+
hash: hashEvidence({ unencryptedCount: unencrypted.length }),
|
|
75
|
+
framework: "PCI_DSS",
|
|
76
|
+
controlId: "3.4",
|
|
77
|
+
source: "aws-rds/encryption",
|
|
78
|
+
status: unencrypted.length === 0 ? "compliant" : "non_compliant",
|
|
79
|
+
data: { unencryptedCount: unencrypted.length },
|
|
80
|
+
metadata: {},
|
|
81
|
+
});
|
|
82
|
+
return artifacts;
|
|
83
|
+
}
|
|
84
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
|
|
2
|
+
export declare class AWSS3Connector implements IntegrationConnector {
|
|
3
|
+
readonly id = "aws-s3";
|
|
4
|
+
readonly name = "AWS S3";
|
|
5
|
+
readonly category: "cloud_provider";
|
|
6
|
+
readonly authType: "service_account";
|
|
7
|
+
readonly capabilities: IntegrationCapability[];
|
|
8
|
+
readonly frameworks: ComplianceFramework[];
|
|
9
|
+
private fetchS3;
|
|
10
|
+
testConnection(config: ConnectorConfig): Promise<boolean>;
|
|
11
|
+
collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
|
|
12
|
+
}
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
import { hashEvidence, generateEvidenceId } from "../types.js";
|
|
2
|
+
const capabilities = [
|
|
3
|
+
{
|
|
4
|
+
id: "s3-encryption",
|
|
5
|
+
name: "Bucket Encryption",
|
|
6
|
+
description: "Fetch S3 bucket default encryption configuration",
|
|
7
|
+
evidenceCategories: ["encryption"],
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
id: "s3-versioning",
|
|
11
|
+
name: "Bucket Versioning",
|
|
12
|
+
description: "Fetch S3 bucket versioning status",
|
|
13
|
+
evidenceCategories: ["data_protection"],
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
id: "s3-logging",
|
|
17
|
+
name: "Bucket Access Logging",
|
|
18
|
+
description: "Fetch S3 bucket server access logging configuration",
|
|
19
|
+
evidenceCategories: ["logging"],
|
|
20
|
+
},
|
|
21
|
+
];
|
|
22
|
+
export class AWSS3Connector {
|
|
23
|
+
id = "aws-s3";
|
|
24
|
+
name = "AWS S3";
|
|
25
|
+
category = "cloud_provider";
|
|
26
|
+
authType = "service_account";
|
|
27
|
+
capabilities = capabilities;
|
|
28
|
+
frameworks = [
|
|
29
|
+
"SOC2",
|
|
30
|
+
"ISO27001",
|
|
31
|
+
"NIST_CSF",
|
|
32
|
+
"HIPAA",
|
|
33
|
+
"PCI_DSS",
|
|
34
|
+
];
|
|
35
|
+
async fetchS3(config, bucket, action) {
|
|
36
|
+
const region = config.region || "us-east-1";
|
|
37
|
+
const resp = await fetch(`https://${bucket}.s3.${region}.amazonaws.com/?${action}`, {
|
|
38
|
+
headers: {
|
|
39
|
+
Authorization: `AWS4-HMAC-SHA256 Credential=${config.apiToken}/${region}/s3/aws4_request`,
|
|
40
|
+
"X-Amz-Date": new Date().toISOString().replace(/[:-]|\.\d{3}/g, ""),
|
|
41
|
+
},
|
|
42
|
+
});
|
|
43
|
+
if (!resp.ok)
|
|
44
|
+
throw new Error(`S3 ${action} failed: ${resp.status}`);
|
|
45
|
+
const text = await resp.text();
|
|
46
|
+
return { raw: text };
|
|
47
|
+
}
|
|
48
|
+
async testConnection(config) {
|
|
49
|
+
try {
|
|
50
|
+
const bucket = config.extra?.bucket || "test-bucket";
|
|
51
|
+
await this.fetchS3(config, bucket, "list-type=2&max-keys=1");
|
|
52
|
+
return true;
|
|
53
|
+
}
|
|
54
|
+
catch {
|
|
55
|
+
return false;
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
async collectEvidence(config) {
|
|
59
|
+
const artifacts = [];
|
|
60
|
+
const now = new Date().toISOString();
|
|
61
|
+
const bucket = config.extra?.bucket || "main-bucket";
|
|
62
|
+
const encryption = await this.fetchS3(config, bucket, "encryption").catch(() => ({
|
|
63
|
+
enabled: false,
|
|
64
|
+
}));
|
|
65
|
+
artifacts.push({
|
|
66
|
+
id: generateEvidenceId(),
|
|
67
|
+
connectorId: this.id,
|
|
68
|
+
capabilityId: "s3-encryption",
|
|
69
|
+
timestamp: now,
|
|
70
|
+
hash: hashEvidence(encryption),
|
|
71
|
+
framework: "SOC2",
|
|
72
|
+
controlId: "CC6.1",
|
|
73
|
+
source: `s3://${bucket}/encryption`,
|
|
74
|
+
status: encryption.enabled !== false ? "compliant" : "non_compliant",
|
|
75
|
+
data: { bucket, encryption },
|
|
76
|
+
metadata: { region: config.region || "us-east-1" },
|
|
77
|
+
});
|
|
78
|
+
const versioning = await this.fetchS3(config, bucket, "versioning").catch(() => ({
|
|
79
|
+
status: "Suspended",
|
|
80
|
+
}));
|
|
81
|
+
artifacts.push({
|
|
82
|
+
id: generateEvidenceId(),
|
|
83
|
+
connectorId: this.id,
|
|
84
|
+
capabilityId: "s3-versioning",
|
|
85
|
+
timestamp: now,
|
|
86
|
+
hash: hashEvidence(versioning),
|
|
87
|
+
framework: "ISO27001",
|
|
88
|
+
controlId: "A.12.3.1",
|
|
89
|
+
source: `s3://${bucket}/versioning`,
|
|
90
|
+
status: versioning.status === "Enabled" ? "compliant" : "non_compliant",
|
|
91
|
+
data: { bucket, versioning },
|
|
92
|
+
metadata: { region: config.region || "us-east-1" },
|
|
93
|
+
});
|
|
94
|
+
const logging = await this.fetchS3(config, bucket, "logging").catch(() => ({
|
|
95
|
+
enabled: false,
|
|
96
|
+
}));
|
|
97
|
+
artifacts.push({
|
|
98
|
+
id: generateEvidenceId(),
|
|
99
|
+
connectorId: this.id,
|
|
100
|
+
capabilityId: "s3-logging",
|
|
101
|
+
timestamp: now,
|
|
102
|
+
hash: hashEvidence(logging),
|
|
103
|
+
framework: "SOC2",
|
|
104
|
+
controlId: "CC7.1",
|
|
105
|
+
source: `s3://${bucket}/logging`,
|
|
106
|
+
status: logging.enabled !== false ? "compliant" : "non_compliant",
|
|
107
|
+
data: { bucket, logging },
|
|
108
|
+
metadata: { region: config.region || "us-east-1" },
|
|
109
|
+
});
|
|
110
|
+
return artifacts;
|
|
111
|
+
}
|
|
112
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
|
|
2
|
+
export declare class AkamaiConnector implements IntegrationConnector {
|
|
3
|
+
readonly id = "akamai";
|
|
4
|
+
readonly name = "Akamai";
|
|
5
|
+
readonly category: "cloud_provider";
|
|
6
|
+
readonly authType: "api_key";
|
|
7
|
+
readonly capabilities: IntegrationCapability[];
|
|
8
|
+
readonly frameworks: ComplianceFramework[];
|
|
9
|
+
private fetchApi;
|
|
10
|
+
testConnection(config: ConnectorConfig): Promise<boolean>;
|
|
11
|
+
collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
|
|
12
|
+
}
|