def __init__(self,
profile='default',
report_dir=None,
timestamp=None,
services=None,
skipped_services=None,
result_format='json',
**kwargs):
services = [] if services is None else services
skipped_services = [] if skipped_services is None else skipped_services
self.metadata_path = '%s/metadata.json' % os.path.split(
os.path.abspath(__file__))[0]
self.sg_map = {}
self.subnet_map = {}
self.profile = profile
self.services_config = AWSServicesConfig
self.provider_code = 'aws'
self.provider_name = 'Amazon Web Services'
self.environment = self.profile
self.result_format = result_format
self.credentials = kwargs['credentials']
self.account_id = get_aws_account_id(self.credentials.session)
super(AWSProvider, self).__init__(report_dir, timestamp, services,
skipped_services, result_format)
async def _get_and_set_instance_tags(self, instance: {}, region: str):
client = AWSFacadeUtils.get_client('rds', self.session, region)
account_id = get_aws_account_id(self.session)
try:
instance_tagset = await run_concurrently(lambda: client.list_tags_for_resource(
ResourceName="arn:aws:rds:"+region+":"+account_id+":db:"+instance['DBInstanceIdentifier']))
instance['Tags'] = {x['Key']: x['Value'] for x in instance_tagset['TagList']}
except ClientError as e:
if e.response['Error']['Code'] != 'NoSuchTagSet':
print_exception('Failed to get db instance tags for {}: {}'.format(instance['DBInstanceIdentifier'], e))
except Exception as e:
print_exception('Failed to get db instance tags for {}: {}'.format(instance['DBInstanceIdentifier'], e))
instance['Tags'] = {}
def __init__(self, credentials=None):
super().__init__()
self.owner_id = get_aws_account_id(credentials.session)
self.session = credentials.session
self._instantiate_facades()
def __init__(self, credentials=None):
super(AWSFacade, self).__init__()
self.owner_id = get_aws_account_id(credentials)
self._set_session(credentials)
self._instantiate_facades()
def test_get_identity(self):
with mock.patch(
"ScoutSuite.providers.aws.utils.get_caller_identity",
return_value={"Arn": "a:b:c:d:e:f:"},
):
assert get_aws_account_id("") == "e"
