-
Notifications
You must be signed in to change notification settings - Fork 1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'refactoring/resource-configs' into refactoring/aws/efs
- Loading branch information
Showing
29 changed files
with
239 additions
and
124 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,20 @@ | ||
from ScoutSuite.providers.aws.facade.utils import AWSFacadeUtils | ||
from ScoutSuite.providers.utils import run_concurrently | ||
|
||
|
||
class CloudTrailFacade: | ||
def get_trails(self, region): | ||
async def get_trails(self, region): | ||
client = AWSFacadeUtils.get_client('cloudtrail', region) | ||
trails = client.describe_trails()['trailList'] | ||
trails = await run_concurrently( | ||
lambda: client.describe_trails()['trailList'] | ||
) | ||
|
||
for trail in trails: | ||
trail.update(client.get_trail_status(Name=trail['TrailARN'])) | ||
trail['EventSelectors'] = client.get_event_selectors(TrailName=trail['TrailARN'])['EventSelectors'] | ||
trail.update(await run_concurrently( | ||
lambda: client.get_trail_status(Name=trail['TrailARN']) | ||
)) | ||
trail['EventSelectors'] = await run_concurrently( | ||
lambda: client.get_event_selectors(TrailName=trail['TrailARN'])['EventSelectors'] | ||
) | ||
|
||
return trails | ||
return trails |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,32 @@ | ||
from typing import Callable | ||
import boto3 | ||
|
||
from ScoutSuite.providers.utils import run_concurrently | ||
|
||
|
||
# TODO: Add docstrings | ||
class AWSFacadeUtils: | ||
_clients = {} | ||
|
||
@staticmethod | ||
def get_all_pages(service: str, region: str, paginator_name: str, response_key: str, **paginator_args): | ||
pages = AWSFacadeUtils.get_client(service, region) \ | ||
.get_paginator(paginator_name) \ | ||
.paginate(**paginator_args) | ||
|
||
return AWSFacadeUtils._get_from_all_pages(pages, response_key) | ||
async def get_all_pages(service: str, region: str, paginator_name: str, response_key: str, **paginator_args): | ||
client = AWSFacadeUtils.get_client(service, region) | ||
# Building a paginator doesn't require any API call so no need to do it concurrently: | ||
paginator = client.get_paginator(paginator_name).paginate(**paginator_args) | ||
|
||
# Getting all pages from a paginator requires API calls so we need to do it concurrently: | ||
return await run_concurrently(lambda: AWSFacadeUtils._get_all_pages_from_paginator(paginator, response_key)) | ||
|
||
@staticmethod | ||
def _get_from_all_pages(pages: [], key:str): | ||
def _get_all_pages_from_paginator(paginator, key): | ||
resources = [] | ||
for page in pages: | ||
# There's an API call hidden behind each iteration: | ||
for page in paginator: | ||
resources.extend(page[key]) | ||
|
||
return resources | ||
|
||
@staticmethod | ||
def get_client(service: str, region: str): | ||
return AWSFacadeUtils._clients.setdefault((service, region), boto3.client(service, region_name=region)) | ||
# TODO: investigate the use of a mutex to avoid useless creation of a same type of client among threads: | ||
client = boto3.client(service, region_name=region) | ||
return AWSFacadeUtils._clients.setdefault((service, region), client) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,13 @@ | ||
from ScoutSuite.providers.aws.resources.resources import AWSResources | ||
from ScoutSuite.providers.aws.facade.facade import AWSFacade | ||
|
||
|
||
class NetworkInterfaces(AWSResources): | ||
async def fetch_all(self, **kwargs): | ||
raw_security_groups = self.facade.ec2.get_network_interfaces(self.scope['region'], self.scope['vpc']) | ||
raw_security_groups = await self.facade.ec2.get_network_interfaces(self.scope['region'], self.scope['vpc']) | ||
for raw_security_groups in raw_security_groups: | ||
name, resource = self._parse_network_interface(raw_security_groups) | ||
self[name] = resource | ||
|
||
def _parse_network_interface(self, raw_network_interace): | ||
raw_network_interace['name'] = raw_network_interace['NetworkInterfaceId'] | ||
return raw_network_interace['NetworkInterfaceId'], raw_network_interace | ||
def _parse_network_interface(self, raw_network_interface): | ||
raw_network_interface['name'] = raw_network_interface['NetworkInterfaceId'] | ||
return raw_network_interface['NetworkInterfaceId'], raw_network_interface |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,16 +1,15 @@ | ||
from ScoutSuite.providers.aws.resources.resources import AWSResources | ||
from ScoutSuite.providers.aws.facade.facade import AWSFacade | ||
from ScoutSuite.providers.aws.aws import get_name | ||
|
||
|
||
class Volumes(AWSResources): | ||
async def fetch_all(self, **kwargs): | ||
raw_volumes = self.facade.ec2.get_volumes(self.scope['region']) | ||
raw_volumes = await self.facade.ec2.get_volumes(self.scope['region']) | ||
for raw_volume in raw_volumes: | ||
name, resource = self._parse_volumes(raw_volume) | ||
name, resource = self._parse_volume(raw_volume) | ||
self[name] = resource | ||
|
||
def _parse_volumes(self, raw_volume): | ||
def _parse_volume(self, raw_volume): | ||
raw_volume['id'] = raw_volume.pop('VolumeId') | ||
raw_volume['name'] = get_name(raw_volume, raw_volume, 'id') | ||
return raw_volume['id'], raw_volume |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.