def _parse_grant(self, raw_grant): grant_dict = { 'key_id': raw_grant.get('KeyId'), 'grant_id': raw_grant.get('GrantId'), 'name': raw_grant.get('Name'), 'create_date': raw_grant.get('CreationDate'), 'grantee_principal': raw_grant.get('GranteePrincipal'), 'retiring_principal': raw_grant.get('ReitirngPrincipal'), 'issuing_account': raw_grant.get('IssuingAccount'), 'operations': raw_grant.get('Operations'), 'constraints': raw_grant.get('Constraints'), 'arn': format_arn(self.partition, self.service, self.region, raw_grant.get('IssuingAccount').split(':')[4], raw_grant.get('GrantId'), self.resource_type) if ':' in raw_grant.get('IssuingAccount') else format_arn( self.partition, self.service, self.region, raw_grant.get('IssuingAccount'), raw_grant.get('GrantId'), self.resource_type) } return grant_dict['grant_id'], grant_dict
def _parse_security_group(self, raw_security_group): security_group = {} security_group['name'] = raw_security_group['GroupName'] security_group['id'] = raw_security_group['GroupId'] security_group['arn'] = format_arn(self.partition, self.service, self.region, raw_security_group.get('OwnerId'), raw_security_group.get('GroupId'), self.resource_type) security_group['description'] = raw_security_group['Description'] security_group['owner_id'] = raw_security_group['OwnerId'] if 'Tags' in raw_security_group: security_group['tags'] = {x['Key']: x['Value'] for x in raw_security_group['Tags']} security_group['rules'] = {'ingress': {}, 'egress': {}} ingress_protocols, ingress_rules_count = self._parse_security_group_rules( raw_security_group['IpPermissions']) security_group['rules']['ingress']['protocols'] = ingress_protocols security_group['rules']['ingress']['count'] = ingress_rules_count egress_protocols, egress_rules_count = self._parse_security_group_rules( raw_security_group['IpPermissionsEgress']) security_group['rules']['egress']['protocols'] = egress_protocols security_group['rules']['egress']['count'] = egress_rules_count security_group['is_default_configuration'] = \ self._has_default_egress_rule(raw_security_group['IpPermissionsEgress']) and \ self._has_default_ingress_rule(raw_security_group['IpPermissions'], raw_security_group['GroupId']) return security_group['id'], security_group
def _parse_load_balancer(self, raw_load_balancer): load_balancer = {'name': raw_load_balancer['LoadBalancerName']} get_keys(raw_load_balancer, load_balancer, [ 'DNSName', 'CreatedTime', 'AvailabilityZones', 'Subnets', 'Scheme', 'attributes' ]) load_balancer['security_groups'] = [] load_balancer['arn'] = format_arn( self.partition, self.service, self.region, self.facade.owner_id, raw_load_balancer.get('LoadBalancerName'), self.resource_type) for sg in raw_load_balancer['SecurityGroups']: load_balancer['security_groups'].append({'GroupId': sg}) load_balancer['listeners'] = {} for l in raw_load_balancer['ListenerDescriptions']: listener = l['Listener'] load_balancer['listeners'][l['Listener'] ['LoadBalancerPort']] = listener load_balancer['instances'] = [] for i in raw_load_balancer['Instances']: load_balancer['instances'].append(i['InstanceId']) if 'Tags' in raw_load_balancer and raw_load_balancer['Tags']: load_balancer['tags'] = { x['Key']: x['Value'] for x in raw_load_balancer['Tags'] } return get_non_provider_id(load_balancer['name']), load_balancer
def _parse_cluster(self, raw_cluster): name = raw_cluster.pop('ClusterIdentifier') raw_cluster['name'] = name raw_cluster['arn'] = format_arn(self.partition, self.service, self.region, self.facade.owner_id, name, self.resource_type) return name, raw_cluster
async def fetch_all(self): raw_policies = await self.facade.ses.get_identity_policies( self.region, self.identity_name) for policy_name, raw_policy in raw_policies.items(): self[policy_name] = json.loads(raw_policy) self[policy_name]['arn'] = format_arn(self.partition, self.service, self.region, '', policy_name, self.resource_type)
def _parse_volume(self, raw_volume): raw_volume['id'] = raw_volume.pop('VolumeId') raw_volume['name'] = get_name(raw_volume, raw_volume, 'id') raw_volume['arn'] = format_arn(self.partition, self.service, self.region, self.facade.owner_id, raw_volume.get('id'), self.resource_type) return raw_volume['id'], raw_volume
def _parse_peering_connections(self, raw_peering_connection): raw_peering_connection['id'] = raw_peering_connection[ 'name'] = raw_peering_connection['VpcPeeringConnectionId'] raw_peering_connection['arn'] = format_arn( self.partition, self.service, self.region, '', raw_peering_connection['VpcPeeringConnectionId'], self.resource_type) return raw_peering_connection['id'], raw_peering_connection
def _parse_connection(self, raw_connection): raw_connection['id'] = raw_connection.pop('connectionId') raw_connection['name'] = raw_connection.pop('connectionName') raw_connection['arn'] = format_arn(self.partition, self.service, self.region, raw_connection.get('ownerAccount'), raw_connection.get('id'), self.resource_type) return raw_connection['id'], raw_connection
def _parse_parameter(self, raw_parameter): parameter = { 'value': raw_parameter['ParameterValue'], 'source': raw_parameter['Source'] } raw_parameter['arn'] = format_arn(self.partition, self.service, self.region, '', raw_parameter.get('ParameterName'), self.resource_type) return raw_parameter['ParameterName'], parameter
def _parse_network_interface(self, raw_network_interface): raw_network_interface['name'] = raw_network_interface[ 'NetworkInterfaceId'] raw_network_interface['arn'] = format_arn( self.partition, self.service, self.region, raw_network_interface.get('OwnerId'), raw_network_interface.get('NetworkInterfaceId'), self.resource_type) return raw_network_interface[ 'NetworkInterfaceId'], raw_network_interface
def _parse_parameter_group(self, raw_parameter_group): parameter_group = {} parameter_group['name'] = raw_parameter_group.get('ParameterGroupName') parameter_group['id'] = get_non_provider_id(parameter_group['name']) parameter_group['arn'] = format_arn(self.partition, self.service, self.region, self.facade.owner_id, raw_parameter_group.get('ParameterGroupName'), self.resource_type) parameter_group['family'] = raw_parameter_group.get('ParameterGroupFamily') parameter_group['description'] = raw_parameter_group.get('Description') parameter_group['is_default'] = self._is_default(raw_parameter_group) parameter_group['tags'] = raw_parameter_group.get('Tags') return parameter_group['id'], parameter_group
def _parse_identity(self, raw_identity): identity_name, dkim_attributes = raw_identity identity = {} identity['name'] = identity_name identity['DkimEnabled'] = dkim_attributes['DkimEnabled'] identity['DkimVerificationStatus'] = dkim_attributes[ 'DkimVerificationStatus'] identity['arn'] = format_arn(self.partition, self.service, self.region, self.facade.owner_id, identity_name, self.resource_type) return get_non_provider_id(identity_name), identity
def _parse_domain(self, raw_domain): domain_dict = {} domain_dict['id'] = get_non_provider_id(raw_domain.get('DomainName')) domain_dict['name'] = raw_domain.get('DomainName') domain_dict['auto_renew'] = raw_domain.get('AutoRenew') domain_dict['transfer_lock'] = raw_domain.get('TransferLock') domain_dict['expiry'] = raw_domain.get('Expiry') domain_dict['arn'] = format_arn(self.partition, self.service, self.region, self.facade.owner_id, domain_dict.get('id'), self.resource_type) return domain_dict['id'], domain_dict
def _parse_network_acl(self, raw_network_acl): raw_network_acl['id'] = raw_network_acl.pop('NetworkAclId') get_name(raw_network_acl, raw_network_acl, 'id') raw_network_acl['rules'] = {} raw_network_acl['rules']['ingress'] = self._parse_network_acl_entries( raw_network_acl['Entries'], False) raw_network_acl['rules']['egress'] = self._parse_network_acl_entries( raw_network_acl['Entries'], True) raw_network_acl.pop('Entries') raw_network_acl['arn'] = format_arn(self.partition, self.service, self.region, raw_network_acl.get('OwnerId'), raw_network_acl.get('id'), self.resource_type) return raw_network_acl['id'], raw_network_acl
async def _parse_instance(self, raw_instance): instance = {} id = raw_instance['InstanceId'] instance['id'] = id instance['arn'] = format_arn(self.partition, self.service, self.region, raw_instance['OwnerId'], raw_instance['InstanceId'], self.resource_type) instance['reservation_id'] = raw_instance['ReservationId'] instance['availability_zone'] = raw_instance.get( 'Placement', {}).get('AvailabilityZone') instance['monitoring_enabled'] = raw_instance['Monitoring'][ 'State'] == 'enabled' instance['user_data'] = await self.facade.ec2.get_instance_user_data( self.region, id) instance['user_data_secrets'] = self._identify_user_data_secrets( instance['user_data']) get_name(raw_instance, instance, 'InstanceId') get_keys(raw_instance, instance, [ 'KeyName', 'LaunchTime', 'InstanceType', 'State', 'IamInstanceProfile', 'SubnetId', 'Tags' ]) if "IamInstanceProfile" in raw_instance: instance['iam_instance_profile_id'] = raw_instance[ 'IamInstanceProfile']['Id'] instance['iam_instance_profile_arn'] = raw_instance[ 'IamInstanceProfile']['Arn'] instance['network_interfaces'] = {} for eni in raw_instance['NetworkInterfaces']: nic = {} get_keys(eni, nic, [ 'Association', 'Groups', 'PrivateIpAddresses', 'SubnetId', 'Ipv6Addresses' ]) instance['network_interfaces'][eni['NetworkInterfaceId']] = nic instance['metadata_options'] = raw_instance.get('MetadataOptions', {}) if 'IamInstanceProfile' in raw_instance: instance['iam_role'] = raw_instance['IamInstanceProfile'][ 'Arn'].split('/')[-1] else: instance['iam_role'] = None return id, instance
def _parse_metric_filter(self, raw_metric_filter): metric_filter_dict = {} metric_filter_dict['id'] = get_non_provider_id('{}{}'.format( raw_metric_filter.get('filterName'), raw_metric_filter.get('creationTime'))) metric_filter_dict['name'] = raw_metric_filter.get('filterName') metric_filter_dict['creation_time'] = raw_metric_filter.get( 'creationTime') metric_filter_dict['pattern'] = raw_metric_filter.get('filterPattern') metric_filter_dict['metric_transformations'] = raw_metric_filter.get( 'metricTransformations') metric_filter_dict['log_group_name'] = raw_metric_filter.get( 'logGroupName') metric_filter_dict['arn'] = format_arn( self.partition, self.service, self.region, '', raw_metric_filter.get('filterName'), self.resource_type) return metric_filter_dict['id'], metric_filter_dict
async def _parse_hosted_zone(self, raw_hosted_zone): hosted_zone_dict = {} hosted_zone_dict['id'] = raw_hosted_zone.get('Id') hosted_zone_dict['name'] = raw_hosted_zone.get('Name') hosted_zone_dict['caller_reference'] = raw_hosted_zone.get( 'CallerReference') hosted_zone_dict['config'] = raw_hosted_zone.get('Config') hosted_zone_dict[ 'resource_record_sets'] = await self.facade.route53.get_resource_records( hosted_zone_dict['id']) hosted_zone_dict['resource_record_set_count'] = raw_hosted_zone.get( 'ResourceRecordSetCount') hosted_zone_dict['arn'] = format_arn(self.partition, self.service, self.region, '', raw_hosted_zone.get('Id'), self.resource_type) return hosted_zone_dict['id'], hosted_zone_dict
def _parse_vpc(self, raw_vpc): vpc = {} vpc['id'] = raw_vpc['VpcId'] vpc['cidr_block'] = raw_vpc['CidrBlock'] vpc['default'] = raw_vpc['IsDefault'] vpc['state'] = raw_vpc['State'] vpc['arn'] = format_arn(self.partition, self.service, self.region, raw_vpc.get('OwnerId'), raw_vpc.get('VpcId'), self.resource_type) # Pull the name from tags name_tag = next((d for i, d in enumerate(raw_vpc.get('Tags', [])) if d.get('Key') == 'Name'), None) if name_tag: vpc['name'] = name_tag.get('Value') else: vpc['name'] = raw_vpc['VpcId'] return vpc['id'], vpc
def _parse_bucket(self, raw_bucket): """ Parse a single S3 bucket TODO: - CORS - Lifecycle - Notification ? - Get bucket's policy :param bucket: :param params: :return: """ raw_bucket['name'] = raw_bucket.pop('Name') raw_bucket['CreationDate'] = str(raw_bucket['CreationDate']) raw_bucket['id'] = get_non_provider_id(raw_bucket['name']) # Passing empty strings for 'region' and 'account-id' since S3 bucket ARNs omit them raw_bucket['arn'] = format_arn(self.partition, self.service, '', '', '*', raw_bucket['name']) return raw_bucket['id'], raw_bucket
def _parse_snapshot(self, raw_snapshot): snapshot_dict = {} snapshot_dict['id'] = raw_snapshot.get('SnapshotId') snapshot_dict['name'] = get_name(raw_snapshot, raw_snapshot, 'SnapshotId') snapshot_dict['description'] = raw_snapshot.get('Description') snapshot_dict['public'] = self._is_public(raw_snapshot) snapshot_dict['encrypted'] = raw_snapshot.get('Encrypted') snapshot_dict['kms_key_id'] = raw_snapshot.get('KmsKeyId') snapshot_dict['owner_id'] = raw_snapshot.get('OwnerId') snapshot_dict['progress'] = raw_snapshot.get('Progress') snapshot_dict['start_time'] = raw_snapshot.get('StartTime') snapshot_dict['state'] = raw_snapshot.get('State') snapshot_dict['volume_id'] = raw_snapshot.get('VolumeId') snapshot_dict['volume_size'] = raw_snapshot.get('VolumeSize') snapshot_dict['create_volume_permissions'] = raw_snapshot.get( 'CreateVolumePermissions') snapshot_dict['arn'] = format_arn(self.partition, self.service, self.region, raw_snapshot.get('OwnerId'), raw_snapshot.get('SnapshotId'), self.resource_type) return snapshot_dict['id'], snapshot_dict
def _parse_log(self, raw_flow_log): flow_log_dict = {} flow_log_dict['name'] = flow_log_dict['id'] = raw_flow_log.get( 'FlowLogId') flow_log_dict['creation_time'] = raw_flow_log.get('CreationTime') flow_log_dict['deliver_logs_error_message'] = raw_flow_log.get( 'DeliverLogsErrorMessage') flow_log_dict['deliver_logs_status'] = raw_flow_log.get( 'DeliverLogsStatus') flow_log_dict['flow_log_status'] = raw_flow_log.get('FlowLogStatus') flow_log_dict['resource_id'] = raw_flow_log.get('ResourceId') flow_log_dict['traffic_type'] = raw_flow_log.get('TrafficType') flow_log_dict['log_destination_type'] = raw_flow_log.get( 'LogDestinationType') flow_log_dict['log_destination'] = raw_flow_log.get('LogDestination') flow_log_dict['log_format'] = raw_flow_log.get('LogFormat') flow_log_dict['tags'] = raw_flow_log.get('Tags') flow_log_dict['max_aggregation_interval'] = raw_flow_log.get( 'MaxAggregationInterval') flow_log_dict['arn'] = format_arn(self.partition, self.service, self.region, '', raw_flow_log.get('FlowLogId'), self.resource_type) return flow_log_dict['id'], flow_log_dict
def _parse_policy(self, raw_policy): raw_policy['name'] = raw_policy.pop('PolicyName') policy_id = get_non_provider_id(raw_policy['name']) raw_policy['arn'] = format_arn(self.partition, self.service, self.region, '', raw_policy['name'], self.resource_type) return policy_id, raw_policy
def _parse_file_system(self, raw_file_system): fs_id = raw_file_system.pop('FileSystemId') raw_file_system['name'] = raw_file_system.pop('Name') if 'Name' in raw_file_system else None raw_file_system['tags'] = raw_file_system.pop('Tags') raw_file_system['arn'] = format_arn(self.partition, self.service, self.region, raw_file_system.get('OwnerId'), fs_id, self.resource_type) return fs_id, raw_file_system