Merge branch 'Enhancement/ec2-instance-tags' of https://github.com/kl…

…auern/ScoutSuite into klauern-Enhancement/ec2-instance-tags # Conflicts: # ScoutSuite/providers/aws/resources/ec2/ami.py
nccgroup · Feb 5, 2020 · 8f8cb40 · 8f8cb40
2 parents 2147f84 + 4f2fb68
commit 8f8cb40
Show file tree

Hide file tree

Showing 6 changed files with 40 additions and 12 deletions.
diff --git a/ScoutSuite/providers/aws/facade/ec2.py b/ScoutSuite/providers/aws/facade/ec2.py
@@ -94,12 +94,19 @@ async def get_network_interfaces(self, region: str, vpc: str):
     async def get_volumes(self, region: str):
         try:
             volumes = await AWSFacadeUtils.get_all_pages('ec2', region, self.session, 'describe_volumes', 'Volumes')
-            await get_and_set_concurrently([self._get_and_set_key_manager], volumes, region=region)
+            await get_and_set_concurrently([self._get_and_set_key_manager, self._get_and_set_volume_tags], volumes, region=region)
             return volumes
         except Exception as e:
             print_exception('Failed to get EC2 volumes: {}'.format(e))
             return []
 
+    async def _get_and_set_volume_tags(self, volume: {}, region: str):
+        if "Tags" in volume:
+            volume["tags"] = {x["Key"]: x["Value"] for x in volume["Tags"]}
+        else:
+            volume["tags"] = {}
+        return volume
+
     async def _get_and_set_key_manager(self, volume: {}, region: str):
         kms_client = AWSFacadeUtils.get_client('kms', self.session, region)
         if 'KmsKeyId' in volume:
@@ -180,6 +187,13 @@ async def _get_and_set_subnet_flow_logs(self, subnet: {}, region: str):
             [flow_log for flow_log in self.flow_logs_cache[region]
              if flow_log['ResourceId'] == subnet['SubnetId'] or flow_log['ResourceId'] == subnet['VpcId']]
 
+    async def get_and_set_ec2_instance_tags(self, raw_instance: {}):
+        if 'Tags' in raw_instance:
+            instance = {x['Key']: x['Value'] for x in raw_instance['Tags']}
+        else:
+            instance = {}
+        return instance
+
     async def get_peering_connections(self, region):
         try:
             peering_connections = await AWSFacadeUtils.get_all_pages('ec2', region, self.session, 'describe_vpc_peering_connections', 'VpcPeeringConnections')

diff --git a/ScoutSuite/providers/aws/resources/ec2/ami.py b/ScoutSuite/providers/aws/resources/ec2/ami.py
@@ -1,5 +1,5 @@
-from ScoutSuite.providers.aws.resources.base import AWSResources
 from ScoutSuite.providers.aws.facade.base import AWSFacade
+from ScoutSuite.providers.aws.resources.base import AWSResources
 
 
 class AmazonMachineImages(AWSResources):
@@ -14,6 +14,10 @@ async def fetch_all(self):
             self[name] = resource
 
     def _parse_image(self, raw_image):
+
         raw_image['id'] = raw_image.get('ImageId')
         raw_image['name'] = raw_image.get('Name')
+        if 'Tags' in raw_image:
+            raw_image['tags'] = {x["Key"]: x["Value"] for x in raw_image["Tags"]}
+
         return raw_image['id'], raw_image
diff --git a/ScoutSuite/providers/aws/resources/ec2/instances.py b/ScoutSuite/providers/aws/resources/ec2/instances.py
@@ -19,24 +19,25 @@ async def fetch_all(self):
 
     async def _parse_instance(self, raw_instance):
         instance = {}
-        id = raw_instance['InstanceId']
-        instance['id'] = id
+
+        instance['id'] = raw_instance['InstanceId']
         instance['reservation_id'] = raw_instance['ReservationId']
         instance['monitoring_enabled'] = raw_instance['Monitoring']['State'] == 'enabled'
-        instance['user_data'] = await self.facade.ec2.get_instance_user_data(self.region, id)
+        instance['user_data'] = await self.facade.ec2.get_instance_user_data(self.region, instance['id'])
         instance['user_data_secrets'] = self._identify_user_data_secrets(instance['user_data'])
 
         get_name(raw_instance, instance, 'InstanceId')
         get_keys(raw_instance, instance,
-                 ['KeyName', 'LaunchTime', 'InstanceType', 'State', 'IamInstanceProfile', 'SubnetId'])
+                 ['KeyName', 'LaunchTime', 'InstanceType', 'State', 'IamInstanceProfile', 'SubnetId', 'Tags'])
 
         instance['network_interfaces'] = {}
         for eni in raw_instance['NetworkInterfaces']:
             nic = {}
             get_keys(eni, nic, ['Association', 'Groups', 'PrivateIpAddresses', 'SubnetId', 'Ipv6Addresses'])
             instance['network_interfaces'][eni['NetworkInterfaceId']] = nic
 
-        return id, instance
+        instance['tags'] = await self.facade.ec2.get_and_set_ec2_instance_tags(raw_instance)
+        return instance['id'], instance
 
     @staticmethod
     def _identify_user_data_secrets(user_data):

diff --git a/ScoutSuite/providers/aws/resources/ec2/snapshots.py b/ScoutSuite/providers/aws/resources/ec2/snapshots.py
@@ -1,5 +1,5 @@
-from ScoutSuite.providers.aws.resources.base import AWSResources
 from ScoutSuite.providers.aws.facade.base import AWSFacade
+from ScoutSuite.providers.aws.resources.base import AWSResources
 from ScoutSuite.providers.aws.utils import get_name
 
 
@@ -15,9 +15,14 @@ async def fetch_all(self):
             self[name] = resource
 
     def _parse_snapshot(self, raw_snapshot):
+
         raw_snapshot['id'] = raw_snapshot.pop('SnapshotId')
         raw_snapshot['name'] = get_name(raw_snapshot, raw_snapshot, 'id')
         raw_snapshot['public'] = self._is_public(raw_snapshot)
+
+        if "Tags" in raw_snapshot:
+            raw_snapshot['tags'] = {x["Key"]: x["Value"] for x in raw_snapshot["Tags"]}
+
         return raw_snapshot['id'], raw_snapshot
 
     @staticmethod

diff --git a/ScoutSuite/providers/aws/resources/ec2/volumes.py b/ScoutSuite/providers/aws/resources/ec2/volumes.py
@@ -1,5 +1,5 @@
-from ScoutSuite.providers.aws.resources.base import AWSResources
 from ScoutSuite.providers.aws.facade.base import AWSFacade
+from ScoutSuite.providers.aws.resources.base import AWSResources
 from ScoutSuite.providers.aws.utils import get_name
 
 
@@ -15,6 +15,10 @@ async def fetch_all(self):
             self[name] = resource
 
     def _parse_volume(self, raw_volume):
-        raw_volume['id'] = raw_volume.pop('VolumeId')
+
+        raw_volume['id'] = raw_volume.get('VolumeId')
         raw_volume['name'] = get_name(raw_volume, raw_volume, 'id')
+        if "Tags" in raw_volume:
+            raw_volume['tags'] = {x["Key"]: x["Value"] for x in raw_volume["Tags"]}
+
         return raw_volume['id'], raw_volume
diff --git a/ScoutSuite/providers/aws/services.py b/ScoutSuite/providers/aws/services.py
@@ -48,8 +48,8 @@ class AWSServicesConfig(BaseServicesConfig):
     :ivar rds:                          RDS configuration
     :ivar redshift:                     Redshift configuration
     :ivar s3:                           S3 configuration
-    :ivar ses:                          SES configuration:
-    "ivar sns:                          SNS configuration
+    :ivar ses:                          SES configuration
+    :ivar sns:                          SNS configuration
     :ivar sqs:                          SQS configuration
     """