Merge pull request #184 from nccgroup/feature/10-DynamoDB-findings

Feature/10 dynamo db findings

ScoutSuite/output/data/inc-scoutsuite/scoutsuite.js

@@ -990,12 +990,13 @@ function make_title (title) {
         return 'CloudFormation';
     } else if (title == 'awslambda') {
         return 'Lambda';
+    } else if (title == 'dynamodb') {
+        return 'DynamoDB';
     } else if (title == 'elasticache') {
         return 'ElastiCache';
     } else if (title == 'redshift') {
         return 'RedShift';
     } else if (title == 'cloudstorage') {
-
         return 'Cloud Storage';
     } else if (title == 'cloudsql') {
         return 'Cloud SQL';

ScoutSuite/providers/aws/configs/services.py

@@ -26,13 +26,19 @@
 from ScoutSuite.providers.base.configs.services import BaseServicesConfig
 from ScoutSuite.utils import format_service_name
 
+try:
+    from ScoutSuite.providers.aws.services.dynamodb_private import DynamoDBConfig
+except ImportError:
+    pass
+
 
 class AWSServicesConfig(BaseServicesConfig):
     """
     Object that holds the necessary AWS configuration for all services in scope.
                                         
     :ivar cloudtrail:                   CloudTrail configuration
     :ivar cloudwatch:                   CloudWatch configuration: TODO
+    :ivar dynamodb:                     DynomaDB configuration
     :ivar ec2:                          EC2 configuration
     :ivar iam:                          IAM configuration
     :ivar kms:                          KMS configuration
@@ -69,6 +75,11 @@ def __init__(self, metadata=None, thread_config=4, **kwargs):
         self.sqs = SQSConfig(metadata['messaging']['sqs'], thread_config)
         self.vpc = VPCConfig(metadata['network']['vpc'], thread_config)
 
+        try:
+            self.dynamodb = DynamoDBConfig(metadata['database']['dynamodb'], thread_config)
+        except NameError as e:
+            pass
+
     def _is_provider(self, provider_name):
         return provider_name == 'aws'
 

ScoutSuite/providers/aws/metadata.json

@@ -380,6 +380,15 @@
                 ]
             }
         },
+        "dynamodb": {
+            "resources": {
+                "tables": {
+                    "api_call": "list_tables",
+                    "response": "TableNames",
+                    "path": "services.dynamodb.regions.id.tables"
+                }
+            }
+        },
         "elasticache": {
             "resources": {
                 "clusters": {

ScoutSuite/providers/aws/services/iam.py

@@ -35,7 +35,6 @@ class IAMConfig(AWSBaseConfig):
         ('credential_reports', '', '', {}, False),
         ('password_policy', '', '', {}, False)
         # TODO: Federations
-        # TODO: KMS ?
     )
 
     def __init__(self, target_config):