Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactoring - Leverage boto3 for Authentication #215

Merged
merged 25 commits into from Mar 5, 2019
Merged

Refactoring - Leverage boto3 for Authentication #215

merged 25 commits into from Mar 5, 2019

Conversation

vifor2
Copy link
Contributor

@vifor2 vifor2 commented Mar 4, 2019

PR in response to this issue.
Currently WIP till further feedback/approval.

What has been done :

  • Got rid of credentials.py which came from Opinel and by the same move we also got rid of Requests
  • Authentification is now made with boto3's Session() instead
  • Removed the functionality of using Scout Suite with a CSV (since if you can create one you can also simply modify the .aws/credentials file, which is the standard/documented AWS method)
  • Removed the prompt for MFA code since it was only called on one specific case (with roles) and it doesn't really make it easier to use Scout Suite

@vifor2 vifor2 added this to the Iteration #4 milestone Mar 4, 2019
@vifor2 vifor2 added this to In progress in Scout Suite via automation Mar 4, 2019
@vifor2 vifor2 requested a review from x4v13r64 March 4, 2019 02:43
@codecov-io
Copy link

codecov-io commented Mar 4, 2019
edited

Codecov Report

Merging #215 into develop will increase coverage by 0.51%.
The diff coverage is 31.57%.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop     #215      +/-   ##
===========================================
+ Coverage    29.95%   30.47%   +0.51%     
===========================================
  Files           74       73       -1     
  Lines         5428     5067     -361     
===========================================
- Hits          1626     1544      -82     
+ Misses        3802     3523     -279
Impacted Files Coverage Δ
ScoutSuite/core/cli_parser.py 97.18% <ø> (-0.19%) ⬇️
ScoutSuite/providers/__init__.py 50% <ø> (ø) ⬆️
ScoutSuite/core/console.py 22.22% <ø> (-1.26%) ⬇️
ScoutSuite/providers/aws/profiles.py 32.67% <ø> (-1.88%) ⬇️
ScoutSuite/providers/base/configs/services.py 22.22% <0%> (+1.53%) ⬆️
ScoutSuite/providers/aws/aws.py 17.1% <0%> (ø) ⬆️
ScoutSuite/providers/base/provider.py 10.08% <28.57%> (+0.25%) ⬆️
ScoutSuite/providers/aws/provider.py 10.33% <33.33%> (+0.02%) ⬆️
ScoutSuite/__main__.py 66.3% <50%> (-0.73%) ⬇️
ScoutSuite/output/utils.py 23.68% <0%> (-15.79%) ⬇️
... and 3 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e480f11...1563b9b. Read the comment docs.

@vifor2 vifor2 force-pushed the refactoring/9-leverage-boto3-for-authentication branch from 6621ec7 to b3f3650 Compare March 4, 2019 17:00
@vifor2 vifor2 force-pushed the refactoring/9-leverage-boto3-for-authentication branch from b3f3650 to 5371c19 Compare March 4, 2019 17:08
Remi05
Remi05 reviewed Mar 4, 2019
View reviewed changes
ScoutSuite/__main__.py Outdated Show resolved Hide resolved
Remi05
Remi05 approved these changes Mar 4, 2019
View reviewed changes
Copy link
Contributor

@Remi05 Remi05 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good job! 👍

ScoutSuite/core/console.py Outdated Show resolved Hide resolved
ScoutSuite/providers/base/provider.py Show resolved Hide resolved
tests/test-scoutsuite.py Outdated Show resolved Hide resolved
@vifor2 vifor2 requested review from Aboisier and misg March 5, 2019 00:51
@vifor2 vifor2 changed the title WIP - Refactoring/9 leverage boto3 for authentication Refactoring/9 leverage boto3 for authentication Mar 5, 2019
@vifor2 vifor2 changed the title Refactoring/9 leverage boto3 for authentication Refactoring - Leverage boto3 for Authentication Mar 5, 2019
@x4v13r64
Copy link
Collaborator

x4v13r64 commented Mar 5, 2019
edited

Made some changes & tested for:

  • Named profile
  • No named profile, which reverted to default configured profile
  • No named profile or default configured profile, which reverted to credentials configured in environment variables (this should therefore work for EC2/Lambda/ECS)
  • GCP/Azure to test integration

README should be updated. It would also be worthwhile to link to https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/ for MFA configuration.

@vifor2 vifor2 merged commit 0441a20 into develop Mar 5, 2019
Scout Suite automation moved this from In progress to Done Mar 5, 2019
@vifor2 vifor2 deleted the refactoring/9-leverage-boto3-for-authentication branch March 5, 2019 17:48
@vifor2 vifor2 mentioned this pull request Mar 5, 2019
Merged
Aboisier added a commit that referenced this pull request Mar 6, 2019
@Aboisier
Merge pull request #223 from nccgroup/cleanup/readme-mfa-update
ad1410d 
Updated README following PR #215
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Remi05 Remi05 Remi05 approved these changes

@x4v13r64 x4v13r64 Awaiting requested review from x4v13r64

@Aboisier Aboisier Awaiting requested review from Aboisier

@misg misg Awaiting requested review from misg

Assignees

@vifor2 vifor2

@zer0x64 zer0x64

Labels
component-core Affects core component-provider-aws Affects AWS provider refactoring
Projects
No open projects
Scout Suite
  
Done
Milestone
Iteration #4
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@vifor2 @codecov-io @x4v13r64 @Remi05 @zer0x64