Example #1
0
def describe_route_tables(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    rtable_list = ec2.describe_route_tables().get('RouteTables')
    for rtable_obj in rtable_list:
        #subnet_assocs = str(len(rtable_obj.get('Associations')))
        subnet_assocs = rtable_q_assocs(rtable_obj)
        r_entry_list = rtable_obj.get('Routes')
        for r_entry in r_entry_list:
            output_bucket.append(
                misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(region.get('RegionName')),
                    misc.check_if(rtable_obj.get('VpcId')),
                    misc.check_if(subnet_assocs),
                    misc.check_if(rtable_obj.get('RouteTableId')),
                    misc.check_if(check_tag(rtable_obj, str('Name'))),
                    misc.check_if(rtable_q_dest(r_entry)),
                    misc.check_if(rtable_q_target(r_entry)),
                    misc.check_if(r_entry.get('State')),
                    misc.check_if(rtable_q_propagate(r_entry)),
                )))
Example #2
0
def list_buckets(s3, account, output_bucket):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')

    for s3_obj in s3_bucket_list:
        site = []
        try:
            site = s3.get_bucket_website(Bucket=s3_obj.get('Name'))
        except Exception, e:
            error_code = e 

        if site:
            site_enabled = 'true'
        else:
            site_enabled = 'false'

        url = 'https://{0}.s3.amazonaws.com'.format(    
                str(s3_obj.get('Name'))
                )
            
        output_bucket.append(misc.format_line((
            misc.check_if(account.get('name')),
            misc.check_if(site_enabled),
            misc.check_if(s3_obj.get('Name')),
            misc.check_if(url),
            )))
Example #3
0
def describe_route_tables(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    rtable_list = ec2.describe_route_tables().get("RouteTables")
    for rtable_obj in rtable_list:
        # subnet_assocs = str(len(rtable_obj.get('Associations')))
        subnet_assocs = rtable_q_assocs(rtable_obj)
        r_entry_list = rtable_obj.get("Routes")
        for r_entry in r_entry_list:
            output_bucket.append(
                misc.format_line(
                    (
                        misc.check_if(account.get("name")),
                        misc.check_if(region.get("RegionName")),
                        misc.check_if(rtable_obj.get("VpcId")),
                        misc.check_if(subnet_assocs),
                        misc.check_if(rtable_obj.get("RouteTableId")),
                        misc.check_if(check_tag(rtable_obj, str("Name"))),
                        misc.check_if(rtable_q_dest(r_entry)),
                        misc.check_if(rtable_q_target(r_entry)),
                        misc.check_if(r_entry.get("State")),
                        misc.check_if(rtable_q_propagate(r_entry)),
                    )
                )
            )
Example #4
0
def list_buckets(s3, account, output_bucket):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')

    for s3_obj in s3_bucket_list:
        site = []
        try:
            site = s3.get_bucket_website(Bucket=s3_obj.get('Name'))
        except Exception, e:
            error_code = e

        if site:
            site_enabled = 'true'
        else:
            site_enabled = 'false'

        url = 'https://{0}.s3.amazonaws.com'.format(str(s3_obj.get('Name')))

        output_bucket.append(
            misc.format_line((
                misc.check_if(account.get('name')),
                misc.check_if(site_enabled),
                misc.check_if(s3_obj.get('Name')),
                misc.check_if(url),
            )))
Example #5
0
def describe_instances(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    ec2_list =  [i for r in
                ec2.describe_instances().get('Reservations') for i in
                r.get('Instances')]

    for ec2_obj in ec2_list:
            #print ec2_obj
            output_bucket.append(misc.format_line((
                  misc.check_if(account.get('name')),
                  misc.check_if(region.get('RegionName')),
                  misc.check_if(ec2_obj.get('VpcId')),
                  misc.check_if(ec2_obj.get('InstanceId')),
                  misc.check_if(ec2_obj.get('InstanceType')),
                  misc.check_if(ec2_obj.get('State').get('Name')),
                  misc.check_if(check_tag(ec2_obj, str('Name'))),
                  misc.check_if(ec2_obj.get('PrivateIpAddress')),
                  misc.check_if(ec2_obj.get('PublicIpAddress')),
                  misc.check_if(ec2_obj.get('KeyName'))
                  )))
Example #6
0
def inventory_users(iam, account, output_bucket):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    users_list = iam.list_users().get('Users')

    for user in users_list:
        output_bucket.append(
            misc.format_line((
                misc.check_if(account.get('name')),
                misc.check_if(user.get('UserName')),
                misc.check_if(user.get('CreateDate').strftime('%Y_%m_%d')),
                misc.check_if(is_password_set(iam, user.get('UserName'))),
                misc.check_if(misc.date_to_days(user.get('PasswordLastUsed'))),
                misc.check_if(count_active_keys(iam, user.get('UserName'))),
                misc.check_if(mfa_enabled(iam, user.get('UserName'))),
                misc.check_if(list_groups_for_user(iam, user.get('UserName'))),
                misc.check_if(
                    list_user_policies_for_user(iam, user.get('UserName'))),
            )))
Example #7
0
def describe_vpcs(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    vpc_list = ec2.describe_vpcs().get("Vpcs")
    for vpc_obj in vpc_list:
        output_bucket.append(
            misc.format_line(
                (
                    misc.check_if(account.get("name")),
                    misc.check_if(region.get("RegionName")),
                    misc.check_if(vpc_obj.get("VpcId")),
                    misc.check_if(check_tag(vpc_obj, str("Name"))),
                    misc.check_if(vpc_obj.get("State")),
                    misc.check_if(vpc_obj.get("CidrBlock")),
                    misc.check_if(str(vpc_obj.get("IsDefault"))),
                    misc.check_if(vpc_obj.get("InstanceTenancy")),
                    misc.check_if(vpc_obj.get("DhcpOptionsId")),
                )
            )
        )
Example #8
0
def describe_rds_instances(rds, account, region, output_bucket):
    """continue from multithread call
    Args: 
        rds (object): rds client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    rds_list = rds.describe_db_instances().get('DBInstances')

    for rds_obj in rds_list:
        #print rds_obj
        output_bucket.append(
            misc.format_line(
                (misc.check_if(account.get('name')),
                 misc.check_if(region.get('RegionName')),
                 misc.check_if(rds_obj.get('DBSubnetGroup').get('VpcId')),
                 misc.check_if(rds_obj.get('DBInstanceIdentifier')),
                 misc.check_if(rds_obj.get('DBInstanceClass')),
                 misc.check_if(str(rds_obj.get('PubliclyAccessible'))),
                 misc.check_if(rds_obj.get('Endpoint').get('Address')),
                 misc.lookup(rds_obj.get('Endpoint').get('Address')),
                 misc.check_if(str(rds_obj.get('Endpoint').get('Port'))))))
Example #9
0
def describe_snapshots(ec2, account, region, output_bucket):
    """continue from multithread describe_snapshots() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    '''extract owner_id from role'''
    owner_id = str(re.split(':',account.get('role_arn'))[4])

    '''get list of snapshots owned by owner_id'''
    snap_list =  ec2.describe_snapshots(OwnerIds=[owner_id]).get('Snapshots')

    for snap_obj in snap_list:
            output_bucket.append(misc.format_line((
                  misc.check_if(account.get('name')),
                  misc.check_if(region.get('RegionName')),
                  misc.check_if(str(snap_obj.get('SnapshotId'))),
                  misc.check_if(str(misc.date_to_days(snap_obj.get('StartTime')))),
                  misc.check_if(str(snap_obj.get('StartTime').strftime('%Y_%m_%d'))),
                  misc.check_if(str(snap_obj.get('VolumeSize'))),
                  misc.check_if(str(snap_obj.get('Encrypted'))),
                  #'''get rid of commas if present'''
                  misc.check_if(str(re.sub('[,]','', snap_obj.get('Description')))),
                  )))
Example #10
0
def describe_rds_instances(rds, account, region, output_bucket):
    """continue from multithread call
    Args: 
        rds (object): rds client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    rds_list = rds.describe_db_instances().get('DBInstances')

    for rds_obj in rds_list:
        #print rds_obj
        output_bucket.append(misc.format_line((
            misc.check_if(account.get('name')),
            misc.check_if(region.get('RegionName')),
            misc.check_if(rds_obj.get('DBSubnetGroup').get('VpcId')),
            misc.check_if(rds_obj.get('DBInstanceIdentifier')),
            misc.check_if(rds_obj.get('DBInstanceClass')),
            misc.check_if(str(rds_obj.get('PubliclyAccessible'))),
            misc.check_if(rds_obj.get('Endpoint').get('Address')),
            misc.lookup(rds_obj.get('Endpoint').get('Address')),
            misc.check_if(str(rds_obj.get('Endpoint').get('Port')))
            )))
Example #11
0
def list_bucket_acls(s3, account, output_bucket):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')

    for s3_obj in s3_bucket_list:
        grants = []
        try:
            grants = s3.get_bucket_acl(Bucket=s3_obj.get('Name')).get('Grants')
        except Exception, e:
            error_code = e
        
        if grants: 
            for grant in grants:
                if grant.get('Grantee').get('DisplayName'):
                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(s3_obj.get('Name')),
                        misc.check_if(grant.get('Grantee').get('DisplayName')),
                        misc.check_if(grant.get('Permission'))
                    )))

                if grant.get('Grantee').get('URI'):
                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(s3_obj.get('Name')),
                        misc.check_if(grant.get('Grantee').get('URI')),
                        misc.check_if(grant.get('Permission'))
                    )))
Example #12
0
def describe_key_pairs(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_key_pairs() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    for key_pair in ec2.describe_key_pairs().get('KeyPairs'):
        output_bucket.append(misc.format_line((
            misc.check_if(account.get('name')),
            misc.check_if(region.get('RegionName')),
            misc.check_if(key_pair.get('KeyName')),
            misc.check_if(key_pair.get('KeyFingerprint'))
            )))
Example #13
0
def describe_images(ec2, account, region, output_bucket):
    """continue from multithread describe_snapshots() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    '''extract owner_id from role'''
    owner_id = str(re.split(':',account.get('role_arn'))[4])

    '''get list of amis owned by owner_id'''
    ami_list =  ec2.describe_images(Owners=[owner_id]).get('Images')

    for ami_obj in ami_list:
            output_bucket.append(misc.format_line((
                  misc.check_if(account.get('name')),
                  misc.check_if(region.get('RegionName')),
                  misc.check_if(str(ami_obj.get('ImageId'))),
                  misc.check_if(str(ami_obj.get('State'))),
                  misc.check_if(str(date_to_days(ami_obj.get('CreationDate')))),
                  misc.check_if(str(ami_obj.get('Public'))),
                  #'''get rid of commas if present'''
                  misc.check_if(str(re.sub('[,]','', ami_obj.get('Name')))),
                  )))
Example #14
0
def describe_vpn_connections(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    vpn_list = ec2.describe_vpn_connections().get("VpnConnections")
    for vpn_obj in vpn_list:
        """extract VpcId from virtual private gateway information"""
        vpn_cgw = ec2.describe_vpn_gateways(VpnGatewayIds=[vpn_obj.get("VpnGatewayId")]).get("VpnGateways")
        for cgw_attachment in vpn_cgw:
            for vpc_obj in cgw_attachment.get("VpcAttachments"):
                vpc_id = str(vpc_obj.get("VpcId"))
                """now extract vpc cidr info"""
                vpc_obj2 = ec2.describe_vpcs(VpcIds=[vpc_id]).get("Vpcs")
                for vpc_net in vpc_obj2:
                    vpc_cidr = str(vpc_net.get("CidrBlock"))

        """need customer gateway to extract remote customer ip"""
        customer_gw = ec2.describe_customer_gateways(CustomerGatewayIds=[vpn_obj.get("CustomerGatewayId")]).get(
            "CustomerGateways"
        )

        output_bucket.append(
            misc.format_line(
                (
                    misc.check_if(account.get("name")),
                    misc.check_if(region.get("RegionName")),
                    misc.check_if(vpc_id),
                    misc.check_if(vpc_cidr),
                    misc.check_if(check_tag(vpn_obj, str("Name"))),
                    misc.check_if(vpn_obj.get("VpnConnectionId")),
                    misc.check_if(vpn_obj.get("State")),
                    misc.check_if(vpn_obj.get("CustomerGatewayId")),
                    misc.check_if(str("/".join(i.get("IpAddress") for i in customer_gw))),
                    misc.check_if(vpn_obj.get("Type")),
                )
            )
        )
Example #15
0
def inventory_access_keys(iam, account, output_bucket):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    """get list of keys from the list of users"""
    for user in iam.list_users().get('Users'):
        for key in iam.list_access_keys(
                UserName=user.get('UserName')).get('AccessKeyMetadata'):
            """find out which keys have been used"""
            last_used = iam.get_access_key_last_used(
                AccessKeyId=key.get('AccessKeyId')).get('AccessKeyLastUsed')

            key_lastused = None
            key_lastused_days = None
            key_service = None
            """get info for active keys"""
            if last_used.get('LastUsedDate'):
                key_lastused = last_used.get('LastUsedDate').strftime(
                    '%Y_%m_%d')
                key_lastused_days = misc.date_to_days(
                    last_used.get('LastUsedDate'))
                key_service = last_used.get('ServiceName')
            else:
                """mark inactive keys"""
                key_lastused = 'Never'
                key_lastused_days = '-1'
                key_service = 'N/A'

            output_bucket.append(
                misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(user.get('UserName')),
                    misc.check_if(key.get('AccessKeyId')),
                    misc.check_if(str(misc.date_to_days(
                        key.get('CreateDate')))),
                    misc.check_if(key.get('CreateDate').strftime('%Y_%m_%d')),
                    misc.check_if(key.get('Status')),
                    misc.check_if(str(key_lastused_days)),
                    misc.check_if(key_lastused),
                    misc.check_if(key_service),
                )))
Example #16
0
def describe_vpn_connections(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    vpn_list = ec2.describe_vpn_connections().get('VpnConnections')
    for vpn_obj in vpn_list:
        '''extract VpcId from virtual private gateway information'''
        vpn_cgw = ec2.describe_vpn_gateways(
            VpnGatewayIds=[vpn_obj.get('VpnGatewayId')]).get('VpnGateways')
        for cgw_attachment in vpn_cgw:
            for vpc_obj in cgw_attachment.get('VpcAttachments'):
                vpc_id = str(vpc_obj.get('VpcId'))
                '''now extract vpc cidr info'''
                vpc_obj2 = ec2.describe_vpcs(VpcIds=[vpc_id]).get('Vpcs')
                for vpc_net in vpc_obj2:
                    vpc_cidr = str(vpc_net.get('CidrBlock'))
        '''need customer gateway to extract remote customer ip'''
        customer_gw = ec2.describe_customer_gateways(
            CustomerGatewayIds=[vpn_obj.get('CustomerGatewayId')]).get(
                'CustomerGateways')

        output_bucket.append(
            misc.format_line((
                misc.check_if(account.get('name')),
                misc.check_if(region.get('RegionName')),
                misc.check_if(vpc_id),
                misc.check_if(vpc_cidr),
                misc.check_if(check_tag(vpn_obj, str('Name'))),
                misc.check_if(vpn_obj.get('VpnConnectionId')),
                misc.check_if(vpn_obj.get('State')),
                misc.check_if(vpn_obj.get('CustomerGatewayId')),
                misc.check_if(
                    str('/'.join(i.get('IpAddress') for i in customer_gw))),
                misc.check_if(vpn_obj.get('Type')),
            )))
Example #17
0
def list_potential_exposed_files(s3, account, output_bucket):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')

    for s3_obj in s3_bucket_list:
        object_list = []
        try:
            object_list = s3.list_objects(Bucket=s3_obj.get('Name'))
        except Exception, e:
            error_code = e

        try:
            for obj_keys in object_list.get('Contents'):
                obj_acl_list = s3.get_object_acl(
                     Bucket=s3_obj.get('Name'),
                     Key=obj_keys.get('Key')
                ).get('Grants')

                if obj_acl_list:
                    for obj_acl in obj_acl_list:
                        if 'AllUsers' in str(obj_acl.get('Grantee')):
                            #output_bucket.append(misc.format_line((
                            url = 'http://{0}.s3.amazonaws.com/{1}'.format( 
                                    str(s3_obj.get('Name')),
                                    str(obj_keys.get('Key'))
                                    )
                            print (misc.format_line((
                                misc.check_if(account.get('name')),
                                misc.check_if(obj_acl.get('Permission')),
                                misc.check_if('AllUsers'),
                                misc.check_if(url),
                                )))
        except Exception, e:
            error_code = e
Example #18
0
def list_potential_exposed_files(s3, account, output_bucket):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')

    for s3_obj in s3_bucket_list:
        object_list = []
        try:
            object_list = s3.list_objects(Bucket=s3_obj.get('Name'))
        except Exception, e:
            error_code = e

        try:
            for obj_keys in object_list.get('Contents'):
                obj_acl_list = s3.get_object_acl(
                    Bucket=s3_obj.get('Name'),
                    Key=obj_keys.get('Key')).get('Grants')

                if obj_acl_list:
                    for obj_acl in obj_acl_list:
                        if 'AllUsers' in str(obj_acl.get('Grantee')):
                            #output_bucket.append(misc.format_line((
                            url = 'http://{0}.s3.amazonaws.com/{1}'.format(
                                str(s3_obj.get('Name')),
                                str(obj_keys.get('Key')))
                            print(
                                misc.format_line((
                                    misc.check_if(account.get('name')),
                                    misc.check_if(obj_acl.get('Permission')),
                                    misc.check_if('AllUsers'),
                                    misc.check_if(url),
                                )))
        except Exception, e:
            error_code = e
Example #19
0
def inventory_access_keys(iam, account, output_bucket):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """

    """get list of keys from the list of users"""
    for user in iam.list_users().get('Users'):
        for key in iam.list_access_keys(
                   UserName=user.get('UserName')).get('AccessKeyMetadata'):

            """find out which keys have been used"""
            last_used = iam.get_access_key_last_used(
                        AccessKeyId=key.get('AccessKeyId')).get('AccessKeyLastUsed')

            key_lastused = None
            key_lastused_days = None
            key_service = None
            """get info for active keys"""
            if last_used.get('LastUsedDate'):
                key_lastused = last_used.get('LastUsedDate').strftime('%Y_%m_%d') 
                key_lastused_days = misc.date_to_days(last_used.get('LastUsedDate'))
                key_service = last_used.get('ServiceName')
            else:
                """mark inactive keys"""
                key_lastused = 'Never'
                key_lastused_days = '-1'
                key_service = 'N/A'

            output_bucket.append(misc.format_line((
                misc.check_if(account.get('name')),
                misc.check_if(user.get('UserName')),
                misc.check_if(key.get('AccessKeyId')),
                misc.check_if(str(misc.date_to_days(key.get('CreateDate')))),
                misc.check_if(key.get('CreateDate').strftime('%Y_%m_%d')),
                misc.check_if(key.get('Status')),
                misc.check_if(str(key_lastused_days)),
                misc.check_if(key_lastused),
                misc.check_if(key_service),
                )))
Example #20
0
def describe_vpcs(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    vpc_list = ec2.describe_vpcs().get('Vpcs')
    for vpc_obj in vpc_list:
        output_bucket.append(
            misc.format_line((misc.check_if(account.get('name')),
                              misc.check_if(region.get('RegionName')),
                              misc.check_if(vpc_obj.get('VpcId')),
                              misc.check_if(check_tag(vpc_obj, str('Name'))),
                              misc.check_if(vpc_obj.get('State')),
                              misc.check_if(vpc_obj.get('CidrBlock')),
                              misc.check_if(str(vpc_obj.get('IsDefault'))),
                              misc.check_if(vpc_obj.get('InstanceTenancy')),
                              misc.check_if(vpc_obj.get('DhcpOptionsId')))))
Example #21
0
def inventory_users(iam, account, output_bucket):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    users_list = iam.list_users().get('Users')

    for user in users_list:
        output_bucket.append(misc.format_line((
            misc.check_if(account.get('name')),
            misc.check_if(user.get('UserName')),
            misc.check_if(user.get('CreateDate').strftime('%Y_%m_%d')),
            misc.check_if(is_password_set(iam, user.get('UserName'))),
            misc.check_if(misc.date_to_days(user.get('PasswordLastUsed'))),
            misc.check_if(count_active_keys(iam, user.get('UserName'))),
            misc.check_if(mfa_enabled(iam, user.get('UserName'))),
            misc.check_if(list_groups_for_user(iam, user.get('UserName'))),
            misc.check_if(list_user_policies_for_user(iam, user.get('UserName'))),
            )))
Example #22
0
def inventory_group_policies(iam, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
        
    """
    group_list = iam.list_groups().get('Groups')
    for group in group_list:
        """pull out inline group policies"""
        policies = iam.list_group_policies(
            GroupName=group.get('GroupName')).get('PolicyNames')

        for policy_name in policies:
            policy = misc.json_pretty_print(
                iam.get_group_policy(
                    GroupName=group.get('GroupName'),
                    PolicyName=policy_name).get('PolicyDocument'))
            """inline group policy entry"""
            if encode == 'on':
                output_bucket.append(
                    misc.format_line((
                        misc.check_if(base64.b64encode(account.get('name'))),
                        misc.check_if(base64.b64encode(
                            group.get('GroupName'))),
                        misc.check_if(base64.b64encode(str(policy_name))),
                        misc.check_if(
                            base64.b64encode(str('<pre>' + policy +
                                                 '</pre>'))),
                    )))
            else:
                output_bucket.append(
                    misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(group.get('GroupName')),
                        misc.check_if(str(policy_name)),
                        misc.check_if(str(policy)),
                    )))
Example #23
0
def inventory_user_policies(iam, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
        
    """
    user_list = iam.list_users().get('Users')
    for user in user_list:
        """pull out inline user policies"""
        policies = iam.list_user_policies(
                   UserName=user.get('UserName')).get('PolicyNames')

        for policy_name in policies:
            policy = misc.json_pretty_print(
                         iam.get_user_policy(
                         UserName=user.get('UserName'),
                         PolicyName=policy_name
                         ).get('PolicyDocument')
                     )
        
            """inline user policy entry"""
            if encode == 'on':
                output_bucket.append(misc.format_line((
                    misc.check_if(base64.b64encode(account.get('name'))),
                    misc.check_if(base64.b64encode(user.get('UserName'))),
                    misc.check_if(base64.b64encode(str(policy_name))),
                    misc.check_if(base64.b64encode(str('<pre>' + policy + '</pre>'))),
                )))
            else:
                output_bucket.append(misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(user.get('UserName')),
                    misc.check_if(str(policy_name)),
                    misc.check_if(str(policy)),
                )))
Example #24
0
def security_group_list(ec2, account, region, output_bucket):
    """generate list of ec2s to check agains security groups
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """

    """could not find ec2.instances() anywhere in boto3"""
    ec2_list =  [i for r in
                ec2.describe_instances().get('Reservations') for i in
                r.get('Instances')]

    """generate security group list"""
    sg_list = ec2.describe_security_groups().get('SecurityGroups')

    for sg_obj in sg_list:
        ec2count = 0
        """find out how many ec2s are using a security group"""
        for ec2_obj in ec2_list:
            for sg in ec2_obj.get('SecurityGroups'):
                if sg_obj.get('GroupId') == sg.get('GroupId'):
                    ec2count += 1

        output_bucket.append(misc.format_line((
                  misc.check_if(account.get('name')),
                  misc.check_if(sg_obj.get('VpcId')),
                  misc.check_if(region.get('RegionName')),
                  misc.check_if(sg_obj.get('GroupId')),
                  misc.check_if(str(ec2count)),
                  misc.check_if(sg_obj.get('GroupName')),
                  misc.check_if(check_tag(sg_obj, str('RFC'))),
                  misc.check_if(re.sub('[,]', '-', sg_obj.get('Description')))
                  )))
Example #25
0
def list_bucket_policies(s3, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')
    for s3_obj in s3_bucket_list:
        bucket_policy = []
        """get bucket policy if defined """
        try:
            bucket_policy = s3.get_bucket_policy(Bucket=s3_obj.get('Name')).get('Policy')
        except Exception, e:
            error_code = e
        
        if bucket_policy:
            if encode == 'on':
                output_bucket.append(misc.format_line((
                    misc.check_if(base64.b64encode(account.get('name'))),
                    misc.check_if(base64.b64encode(s3_obj.get('Name'))),
                    misc.check_if(base64.b64encode('s3:bucket_policy')),
                    misc.check_if(base64.b64encode(
                              '<pre>' + 
                              misc.json_pretty_print(json.loads(bucket_policy)) + 
                              '</pre>'))
                )))
            else:
                output_bucket.append(misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(s3_obj.get('Name')),
                    misc.check_if(str('s3:bucket_policy')),
                    misc.check_if(
                              misc.json_pretty_print(json.loads(bucket_policy))) 
                )))
Example #26
0
def list_bucket_policies(s3, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')
    for s3_obj in s3_bucket_list:
        bucket_policy = []
        """get bucket policy if defined """
        try:
            bucket_policy = s3.get_bucket_policy(
                Bucket=s3_obj.get('Name')).get('Policy')
        except Exception, e:
            error_code = e

        if bucket_policy:
            if encode == 'on':
                output_bucket.append(
                    misc.format_line(
                        (misc.check_if(base64.b64encode(account.get('name'))),
                         misc.check_if(base64.b64encode(s3_obj.get('Name'))),
                         misc.check_if(base64.b64encode('s3:bucket_policy')),
                         misc.check_if(
                             base64.b64encode('<pre>' + misc.json_pretty_print(
                                 json.loads(bucket_policy)) + '</pre>')))))
            else:
                output_bucket.append(
                    misc.format_line((misc.check_if(account.get('name')),
                                      misc.check_if(s3_obj.get('Name')),
                                      misc.check_if(str('s3:bucket_policy')),
                                      misc.check_if(
                                          misc.json_pretty_print(
                                              json.loads(bucket_policy))))))
Example #27
0
def list_bucket_acls(s3, account, output_bucket):
    """continue from multithread call
    Args: 
        s3 (object): s3 client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    s3_bucket_list = s3.list_buckets().get('Buckets')

    for s3_obj in s3_bucket_list:
        grants = []
        try:
            grants = s3.get_bucket_acl(Bucket=s3_obj.get('Name')).get('Grants')
        except Exception, e:
            error_code = e

        if grants:
            for grant in grants:
                if grant.get('Grantee').get('DisplayName'):
                    output_bucket.append(
                        misc.format_line(
                            (misc.check_if(account.get('name')),
                             misc.check_if(s3_obj.get('Name')),
                             misc.check_if(
                                 grant.get('Grantee').get('DisplayName')),
                             misc.check_if(grant.get('Permission')))))

                if grant.get('Grantee').get('URI'):
                    output_bucket.append(
                        misc.format_line(
                            (misc.check_if(account.get('name')),
                             misc.check_if(s3_obj.get('Name')),
                             misc.check_if(grant.get('Grantee').get('URI')),
                             misc.check_if(grant.get('Permission')))))
Example #28
0
def inventory_role_policies(iam, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
        
    """
    role_list = iam.list_roles().get('Roles')
    for role in role_list:
        assume_role_policy = misc.json_pretty_print(role.get('AssumeRolePolicyDocument'))

        """trust relationship policy"""
        if encode == 'on':
            output_bucket.append(misc.format_line((
                misc.check_if(base64.b64encode(account.get('name'))),
                misc.check_if(base64.b64encode(str('iam:trust_policy'))),
                misc.check_if(base64.b64encode(role.get('RoleName'))),
                misc.check_if(base64.b64encode(role.get('Arn'))),
                misc.check_if(base64.b64encode(str('<pre>' + assume_role_policy + '</pre>'))),
            )))
        else:
            output_bucket.append(misc.format_line((
                misc.check_if(account.get('name')),
                misc.check_if(str('iam:trust_policy')),
                misc.check_if(role.get('RoleName')),
                misc.check_if(role.get('Arn')),
                misc.check_if(str(assume_role_policy)),
            )))

        """pull out inline role policies"""
        policies = iam.list_role_policies(
                   RoleName=role.get('RoleName')).get('PolicyNames')

        for policy_name in policies:
            policy = misc.json_pretty_print(
                         iam.get_role_policy(
                         RoleName=role.get('RoleName'),
                         PolicyName=policy_name
                         ).get('PolicyDocument')
                     )

            """inline role policy entry"""
            if encode == 'on':
                output_bucket.append(misc.format_line((
                    misc.check_if(base64.b64encode(account.get('name'))),
                    misc.check_if(base64.b64encode(str('iam:inline_policy'))),
                    misc.check_if(base64.b64encode(role.get('RoleName'))),
                    misc.check_if(base64.b64encode(str(policy_name))),
                    misc.check_if(base64.b64encode(str('<pre>' + policy + '</pre>'))),
                )))
            else:
                output_bucket.append(misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(str('iam:inline_policy')),
                    misc.check_if(role.get('RoleName')),
                    misc.check_if(str(policy_name)),
                    misc.check_if(str(policy)),
                )))
Example #29
0
def inventory_managed_policies(iam, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
        
    """
    policy_list = iam.list_policies(
                  OnlyAttached=True).get('Policies')
    
    for policy in policy_list:
        policy_body = iam.get_policy_version(
                      PolicyArn=policy.get('Arn'),
                      VersionId=policy.get('DefaultVersionId')
        ).get('PolicyVersion').get('Document')
        
        policy_body = misc.json_pretty_print(policy_body)
        """get list of groups using this policy"""
        policy_groups = iam.list_entities_for_policy(
                        PolicyArn=policy.get('Arn')).get('PolicyGroups')
        """get list of roles using this policy"""
        policy_roles = iam.list_entities_for_policy(
                        PolicyArn=policy.get('Arn')).get('PolicyRoles')
        """get list of users using this policy"""
        policy_users = iam.list_entities_for_policy(
                        PolicyArn=policy.get('Arn')).get('PolicyUsers')

        if policy_groups:
            for group_entity in policy_groups:
                if encode == 'on':
                    output_bucket.append(misc.format_line((
                        misc.check_if(base64.b64encode(account.get('name'))),
                        misc.check_if(base64.b64encode(str('group_policy'))),
                        misc.check_if(base64.b64encode(group_entity.get('GroupName'))),
                        misc.check_if(base64.b64encode(policy.get('PolicyName'))),
                        misc.check_if(base64.b64encode(str('<pre>' + policy_body + '</pre>'))),
                    )))
                else:
                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(str('group_policy')),
                        misc.check_if(group_entity.get('GroupName')),
                        misc.check_if(policy.get('PolicyName')),
                        misc.check_if(str(policy_body)),
                    )))

        if policy_roles:
            for role_entity in policy_roles:
                if encode == 'on':
                    output_bucket.append(misc.format_line((
                        misc.check_if(base64.b64encode(account.get('name'))),
                        misc.check_if(base64.b64encode(str('role_policy'))),
                        misc.check_if(base64.b64encode(role_entity.get('RoleName'))),
                        misc.check_if(base64.b64encode(policy.get('PolicyName'))),
                        misc.check_if(base64.b64encode(str('<pre>' + policy_body + '</pre>'))),
                    )))
                else:
                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(str('role_policy')),
                        misc.check_if(role_entity.get('RoleName')),
                        misc.check_if(policy.get('PolicyName')),
                        misc.check_if(str(policy_body)),
                    )))

        if policy_users:
            for user_entity in policy_users:
                if encode == 'on':
                    output_bucket.append(misc.format_line((
                        misc.check_if(base64.b64encode(account.get('name'))),
                        misc.check_if(base64.b64encode(str('user_policy'))),
                        misc.check_if(base64.b64encode(user_entity.get('UserName'))),
                        misc.check_if(base64.b64encode(policy.get('PolicyName'))),
                        misc.check_if(base64.b64encode(str('<pre>' + policy_body + '</pre>'))),
                    )))
                else:
                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(str('user_policy')),
                        misc.check_if(user_entity.get('UserName')),
                        misc.check_if(policy.get('PolicyName')),
                        misc.check_if(str(policy_body)),
                    )))
Example #30
0
def sg_rule_sets_by_rds(rds, ec2, account, region, output_bucket):
    """generate list of security group rule sets by rds instance 
    Args: 
        rds (object): rds client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    """generate list of rds instances"""
    rds_list = rds.describe_db_instances().get('DBInstances')

    """generate list of security groups to get rule set details"""
    sg_list = ec2.describe_security_groups().get('SecurityGroups')

    for sg_obj in sg_list:
        """find out how many rdss are using a security group"""
        for rds_obj in rds_list:
            for rdssg in rds_obj.get('VpcSecurityGroups'):
                """check if security group is associated to rds instance"""
                if sg_obj.get('GroupId') == rdssg.get('VpcSecurityGroupId'):
                    
                    """move on to rule entries"""
                    for rule in sg_obj.get('IpPermissions'):
                        """cidr as source"""
                        for cidr in rule.get('IpRanges'):
                            if cidr.get('CidrIp'):
                                output_bucket.append(misc.format_line((
                                    misc.check_if(account.get('name')),
                                    misc.check_if(region.get('RegionName')),
                                    misc.check_if(rds_obj.get('DBSubnetGroup').get('VpcId')),
                                    misc.check_if(rds_obj.get('DBInstanceIdentifier')),
                                    misc.check_if(str(rds_obj.get('PubliclyAccessible'))),
                                    misc.check_if(rds_obj.get('Endpoint').get('Address')),
                                    misc.check_if(str(rds_obj.get('Endpoint').get('Port'))),
                                    misc.check_if(sg_obj.get('GroupId')),
                                    misc.check_if(sg_obj.get('GroupName')),
                                    misc.check_if(str(cidr.get('CidrIp'))),
                                    misc.check_if(str(check_port(rule.get('FromPort')))),
                                    misc.check_if(str(check_port(rule.get('ToPort')))),
                                    misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                                    )))

                        """security groups as source"""
                        for group in rule.get('UserIdGroupPairs'):
                            if group.get('GroupId'):
                                output_bucket.append(misc.format_line((
                                    misc.check_if(account.get('name')),
                                    misc.check_if(region.get('RegionName')),
                                    misc.check_if(rds_obj.get('DBSubnetGroup').get('VpcId')),
                                    misc.check_if(rds_obj.get('DBInstanceIdentifier')),
                                    misc.check_if(str(rds_obj.get('PubliclyAccessible'))),
                                    misc.check_if(rds_obj.get('Endpoint').get('Address')),
                                    misc.check_if(str(rds_obj.get('Endpoint').get('Port'))),
                                    misc.check_if(sg_obj.get('GroupId')),
                                    misc.check_if(sg_obj.get('GroupName')),
                                    misc.check_if(group.get('GroupId')),
                                    misc.check_if(str(check_port(rule.get('FromPort')))),
                                    misc.check_if(str(check_port(rule.get('ToPort')))),
                                    misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                                    )))
Example #31
0
def describe_vpc_peering(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    peer_list = ec2.describe_vpc_peering_connections().get("VpcPeeringConnections")
    for peer_obj in peer_list:
        output_bucket.append(
            misc.format_line(
                (
                    misc.check_if(account.get("name")),
                    misc.check_if(region.get("RegionName")),
                    misc.check_if(check_tag(peer_obj, str("Name"))),
                    #'''redact account owner number'''
                    misc.check_if("..." + str(peer_obj.get("RequesterVpcInfo").get("OwnerId")[6:])),
                    misc.check_if(peer_obj.get("RequesterVpcInfo").get("VpcId")),
                    misc.check_if(peer_obj.get("RequesterVpcInfo").get("CidrBlock")),
                    #'''redact account owner number'''
                    misc.check_if("..." + str(peer_obj.get("AccepterVpcInfo").get("OwnerId")[6:])),
                    misc.check_if(peer_obj.get("AccepterVpcInfo").get("VpcId")),
                    misc.check_if(peer_obj.get("AccepterVpcInfo").get("CidrBlock")),
                    misc.check_if(peer_obj.get("Status").get("Message")),
                    misc.check_if(peer_obj.get("VpcPeeringConnectionId")),
                )
            )
        )
Example #32
0
            for group_name in app_groups:
                dep_group = codedeploy.get_deployment_group(
                    applicationName=app_obj,
                    deploymentGroupName=group_name).get('deploymentGroupInfo')

                deployments = codedeploy.list_deployments(
                    applicationName=app_obj,
                    deploymentGroupName=group_name).get('deployments')
                for deployment_name in deployments:
                    instances = '<br>'.join(
                        codedeploy.list_deployment_instances(
                            deploymentId=deployment_name).get('instancesList'))

                    output_bucket.append(
                        misc.format_line((
                            misc.check_if(account.get('name')),
                            misc.check_if(region.get('RegionName')),
                            misc.check_if(str(
                                app_info.get('applicationName'))),
                            misc.check_if(str(app_info.get('linkedToGitHub'))),
                            misc.check_if(
                                str(
                                    app_info.get('createTime').strftime(
                                        '%Y_%m_%d'))),
                            misc.check_if(
                                str(
                                    misc.date_to_days(
                                        app_info.get('createTime')))),
                            misc.check_if(str(group_name)),
                            misc.check_if(
                                str(
Example #33
0
def sg_rule_sets_by_rds(rds, ec2, account, region, output_bucket):
    """generate list of security group rule sets by rds instance 
    Args: 
        rds (object): rds client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    """generate list of rds instances"""
    rds_list = rds.describe_db_instances().get('DBInstances')
    """generate list of security groups to get rule set details"""
    sg_list = ec2.describe_security_groups().get('SecurityGroups')

    for sg_obj in sg_list:
        """find out how many rdss are using a security group"""
        for rds_obj in rds_list:
            for rdssg in rds_obj.get('VpcSecurityGroups'):
                """check if security group is associated to rds instance"""
                if sg_obj.get('GroupId') == rdssg.get('VpcSecurityGroupId'):
                    """move on to rule entries"""
                    for rule in sg_obj.get('IpPermissions'):
                        """cidr as source"""
                        for cidr in rule.get('IpRanges'):
                            if cidr.get('CidrIp'):
                                output_bucket.append(
                                    misc.format_line(
                                        (misc.check_if(account.get('name')),
                                         misc.check_if(
                                             region.get('RegionName')),
                                         misc.check_if(
                                             rds_obj.get('DBSubnetGroup').get(
                                                 'VpcId')),
                                         misc.check_if(
                                             rds_obj.get(
                                                 'DBInstanceIdentifier')),
                                         misc.check_if(
                                             str(
                                                 rds_obj.get(
                                                     'PubliclyAccessible'))),
                                         misc.check_if(
                                             rds_obj.get('Endpoint').get(
                                                 'Address')),
                                         misc.check_if(
                                             str(
                                                 rds_obj.get('Endpoint').get(
                                                     'Port'))),
                                         misc.check_if(sg_obj.get('GroupId')),
                                         misc.check_if(
                                             sg_obj.get('GroupName')),
                                         misc.check_if(str(
                                             cidr.get('CidrIp'))),
                                         misc.check_if(
                                             str(
                                                 check_port(
                                                     rule.get('FromPort')))),
                                         misc.check_if(
                                             str(check_port(
                                                 rule.get('ToPort')))),
                                         misc.check_if(
                                             str(
                                                 check_proto(
                                                     rule.get('IpProtocol'))))
                                         )))
                        """security groups as source"""
                        for group in rule.get('UserIdGroupPairs'):
                            if group.get('GroupId'):
                                output_bucket.append(
                                    misc.format_line(
                                        (misc.check_if(account.get('name')),
                                         misc.check_if(
                                             region.get('RegionName')),
                                         misc.check_if(
                                             rds_obj.get('DBSubnetGroup').get(
                                                 'VpcId')),
                                         misc.check_if(
                                             rds_obj.get(
                                                 'DBInstanceIdentifier')),
                                         misc.check_if(
                                             str(
                                                 rds_obj.get(
                                                     'PubliclyAccessible'))),
                                         misc.check_if(
                                             rds_obj.get('Endpoint').get(
                                                 'Address')),
                                         misc.check_if(
                                             str(
                                                 rds_obj.get('Endpoint').get(
                                                     'Port'))),
                                         misc.check_if(sg_obj.get('GroupId')),
                                         misc.check_if(
                                             sg_obj.get('GroupName')),
                                         misc.check_if(group.get('GroupId')),
                                         misc.check_if(
                                             str(
                                                 check_port(
                                                     rule.get('FromPort')))),
                                         misc.check_if(
                                             str(check_port(
                                                 rule.get('ToPort')))),
                                         misc.check_if(
                                             str(
                                                 check_proto(
                                                     rule.get('IpProtocol'))))
                                         )))
Example #34
0
             
            for group_name in app_groups:
                dep_group = codedeploy.get_deployment_group(
                                 applicationName=app_obj,
                                 deploymentGroupName=group_name
                                 ).get('deploymentGroupInfo')

                deployments = codedeploy.list_deployments(
                                 applicationName=app_obj,
                                 deploymentGroupName=group_name
                                 ).get('deployments')
                for deployment_name in deployments:
                    instances = '<br>'.join(codedeploy.list_deployment_instances(
                                deploymentId=deployment_name
                                ).get('instancesList'))

                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(region.get('RegionName')),
                        misc.check_if(str(app_info.get('applicationName'))),
                        misc.check_if(str(app_info.get('linkedToGitHub'))),
                        misc.check_if(str(app_info.get('createTime').strftime('%Y_%m_%d'))),
                        misc.check_if(str(misc.date_to_days(app_info.get('createTime')))),
                        misc.check_if(str(group_name)),
                        misc.check_if(str(dep_group.get('targetRevision').get('revisionType'))),
                        misc.check_if(str(instances)),
                        misc.check_if(str(dep_group.get('serviceRoleArn'))),
                        )))


Example #35
0
def describe_vpc_peering(ec2, account, region, output_bucket):
    """continue from multithread ec2.describe_instances() call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    peer_list = ec2.describe_vpc_peering_connections().get(
        'VpcPeeringConnections')
    for peer_obj in peer_list:
        output_bucket.append(
            misc.format_line((
                misc.check_if(account.get('name')),
                misc.check_if(region.get('RegionName')),
                misc.check_if(check_tag(peer_obj, str('Name'))),
                #'''redact account owner number'''
                misc.check_if(
                    '...' +
                    str(peer_obj.get('RequesterVpcInfo').get('OwnerId')[6:])),
                misc.check_if(peer_obj.get('RequesterVpcInfo').get('VpcId')),
                misc.check_if(
                    peer_obj.get('RequesterVpcInfo').get('CidrBlock')),
                #'''redact account owner number'''
                misc.check_if(
                    '...' +
                    str(peer_obj.get('AccepterVpcInfo').get('OwnerId')[6:])),
                misc.check_if(peer_obj.get('AccepterVpcInfo').get('VpcId')),
                misc.check_if(
                    peer_obj.get('AccepterVpcInfo').get('CidrBlock')),
                misc.check_if(peer_obj.get('Status').get('Message')),
                misc.check_if(peer_obj.get('VpcPeeringConnectionId')),
            )))
Example #36
0
def describe_elb_instances(elb, account, region, output_bucket):
    """continue from multithread call
    Args: 
        elb (object): elb client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')

    for elb_obj in elb_list:
        #print elb_obj
        """dns lookup fqdn"""
        elb_ip = misc.lookup(elb_obj.get('DNSName'))
        """get list of attached ec2 ids"""
        ec2id = get_ec2s(elb_obj.get('Instances'))

        for elb_listener in elb_obj.get('ListenerDescriptions'):
 
            output_bucket.append(misc.format_line((
                misc.check_if(account.get('name')),
                misc.check_if(region.get('RegionName')),
                misc.check_if(elb_obj.get('VPCId')),
                misc.check_if(elb_obj.get('LoadBalancerName')),
                misc.check_if(elb_obj.get('Scheme')),
                misc.check_if(elb_ip),
                misc.check_if(elb_obj.get('DNSName')),
                misc.check_if(str(elb_listener.get('Listener').get('LoadBalancerPort'))),
                misc.check_if(elb_listener.get('Listener').get('Protocol')),
                misc.check_if(ec2id),
                misc.check_if(str(elb_listener.get('Listener').get('InstancePort'))),
                misc.check_if(elb_listener.get('Listener').get('InstanceProtocol'))
                )))
Example #37
0
def sg_rule_sets(ec2, account, region, output_bucket):
    """generate list of security group rule sets 
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """

    """generate security group list"""
    sg_list = ec2.describe_security_groups().get('SecurityGroups')

    for sg_obj in sg_list:
        for rule in sg_obj.get('IpPermissions'):
            """cidr as source"""
            for cidr in rule.get('IpRanges'):
                if cidr.get('CidrIp'):
                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(sg_obj.get('VpcId')),
                        misc.check_if(region.get('RegionName')),
                        misc.check_if(sg_obj.get('GroupId')),
                        misc.check_if(sg_obj.get('GroupName')),
                        misc.check_if(str(cidr.get('CidrIp'))),
                        misc.check_if(str(check_port(rule.get('FromPort')))),
                        misc.check_if(str(check_port(rule.get('ToPort')))),
                        misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                        )))

            """security groups as source"""
            for group in rule.get('UserIdGroupPairs'):
                if group.get('GroupId'):
                    output_bucket.append(misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(sg_obj.get('VpcId')),
                        misc.check_if(region.get('RegionName')),
                        misc.check_if(sg_obj.get('GroupId')),
                        misc.check_if(sg_obj.get('GroupName')),
                        misc.check_if(group.get('GroupId')),
                        misc.check_if(str(check_port(rule.get('FromPort')))),
                        misc.check_if(str(check_port(rule.get('ToPort')))),
                        misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                        )))
Example #38
0
def describe_network_acls(ec2, account, region, output_bucket):
    """continue from multithread call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    netacl_list = ec2.describe_network_acls().get("NetworkAcls")
    for acl_obj in netacl_list:

        for rule_obj in acl_obj.get("Entries"):
            """extract direction"""
            direction = "inbound"
            if str(rule_obj.get("Egress")) == "True":
                direction = "outbound"

            output_bucket.append(
                misc.format_line(
                    (
                        misc.check_if(account.get("name")),
                        misc.check_if(region.get("RegionName")),
                        misc.check_if(acl_obj.get("VpcId")),
                        misc.check_if(check_tag(acl_obj, str("Name"))),
                        misc.check_if(acl_obj.get("NetworkAclId")),
                        misc.check_if(str(acl_obj.get("IsDefault"))),
                        misc.check_if(str(rule_obj.get("RuleNumber"))),
                        misc.check_if(str(direction)),
                        misc.check_if(str(rule_obj.get("Protocol"))),
                        misc.check_if(str(rule_obj.get("CidrBlock"))),
                        misc.check_if(str(rule_obj.get("RuleAction"))),
                    )
                )
            )
Example #39
0
def inventory_role_policies(iam, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
        
    """
    role_list = iam.list_roles().get('Roles')
    for role in role_list:
        assume_role_policy = misc.json_pretty_print(
            role.get('AssumeRolePolicyDocument'))
        """trust relationship policy"""
        if encode == 'on':
            output_bucket.append(
                misc.format_line((
                    misc.check_if(base64.b64encode(account.get('name'))),
                    misc.check_if(base64.b64encode(str('iam:trust_policy'))),
                    misc.check_if(base64.b64encode(role.get('RoleName'))),
                    misc.check_if(base64.b64encode(role.get('Arn'))),
                    misc.check_if(
                        base64.b64encode(
                            str('<pre>' + assume_role_policy + '</pre>'))),
                )))
        else:
            output_bucket.append(
                misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(str('iam:trust_policy')),
                    misc.check_if(role.get('RoleName')),
                    misc.check_if(role.get('Arn')),
                    misc.check_if(str(assume_role_policy)),
                )))
        """pull out inline role policies"""
        policies = iam.list_role_policies(
            RoleName=role.get('RoleName')).get('PolicyNames')

        for policy_name in policies:
            policy = misc.json_pretty_print(
                iam.get_role_policy(
                    RoleName=role.get('RoleName'),
                    PolicyName=policy_name).get('PolicyDocument'))
            """inline role policy entry"""
            if encode == 'on':
                output_bucket.append(
                    misc.format_line((
                        misc.check_if(base64.b64encode(account.get('name'))),
                        misc.check_if(
                            base64.b64encode(str('iam:inline_policy'))),
                        misc.check_if(base64.b64encode(role.get('RoleName'))),
                        misc.check_if(base64.b64encode(str(policy_name))),
                        misc.check_if(
                            base64.b64encode(str('<pre>' + policy +
                                                 '</pre>'))),
                    )))
            else:
                output_bucket.append(
                    misc.format_line((
                        misc.check_if(account.get('name')),
                        misc.check_if(str('iam:inline_policy')),
                        misc.check_if(role.get('RoleName')),
                        misc.check_if(str(policy_name)),
                        misc.check_if(str(policy)),
                    )))
Example #40
0
def inventory_managed_policies(iam, account, output_bucket, encode):
    """continue from multithread call
    Args: 
        iam (object): iam client object 
        account (dict): aws accounts 
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
        
    """
    policy_list = iam.list_policies(OnlyAttached=True).get('Policies')

    for policy in policy_list:
        policy_body = iam.get_policy_version(
            PolicyArn=policy.get('Arn'),
            VersionId=policy.get('DefaultVersionId')).get('PolicyVersion').get(
                'Document')

        policy_body = misc.json_pretty_print(policy_body)
        """get list of groups using this policy"""
        policy_groups = iam.list_entities_for_policy(
            PolicyArn=policy.get('Arn')).get('PolicyGroups')
        """get list of roles using this policy"""
        policy_roles = iam.list_entities_for_policy(
            PolicyArn=policy.get('Arn')).get('PolicyRoles')
        """get list of users using this policy"""
        policy_users = iam.list_entities_for_policy(
            PolicyArn=policy.get('Arn')).get('PolicyUsers')

        if policy_groups:
            for group_entity in policy_groups:
                if encode == 'on':
                    output_bucket.append(
                        misc.format_line((
                            misc.check_if(base64.b64encode(
                                account.get('name'))),
                            misc.check_if(base64.b64encode(
                                str('group_policy'))),
                            misc.check_if(
                                base64.b64encode(
                                    group_entity.get('GroupName'))),
                            misc.check_if(
                                base64.b64encode(policy.get('PolicyName'))),
                            misc.check_if(
                                base64.b64encode(
                                    str('<pre>' + policy_body + '</pre>'))),
                        )))
                else:
                    output_bucket.append(
                        misc.format_line((
                            misc.check_if(account.get('name')),
                            misc.check_if(str('group_policy')),
                            misc.check_if(group_entity.get('GroupName')),
                            misc.check_if(policy.get('PolicyName')),
                            misc.check_if(str(policy_body)),
                        )))

        if policy_roles:
            for role_entity in policy_roles:
                if encode == 'on':
                    output_bucket.append(
                        misc.format_line((
                            misc.check_if(base64.b64encode(
                                account.get('name'))),
                            misc.check_if(base64.b64encode(
                                str('role_policy'))),
                            misc.check_if(
                                base64.b64encode(role_entity.get('RoleName'))),
                            misc.check_if(
                                base64.b64encode(policy.get('PolicyName'))),
                            misc.check_if(
                                base64.b64encode(
                                    str('<pre>' + policy_body + '</pre>'))),
                        )))
                else:
                    output_bucket.append(
                        misc.format_line((
                            misc.check_if(account.get('name')),
                            misc.check_if(str('role_policy')),
                            misc.check_if(role_entity.get('RoleName')),
                            misc.check_if(policy.get('PolicyName')),
                            misc.check_if(str(policy_body)),
                        )))

        if policy_users:
            for user_entity in policy_users:
                if encode == 'on':
                    output_bucket.append(
                        misc.format_line((
                            misc.check_if(base64.b64encode(
                                account.get('name'))),
                            misc.check_if(base64.b64encode(
                                str('user_policy'))),
                            misc.check_if(
                                base64.b64encode(user_entity.get('UserName'))),
                            misc.check_if(
                                base64.b64encode(policy.get('PolicyName'))),
                            misc.check_if(
                                base64.b64encode(
                                    str('<pre>' + policy_body + '</pre>'))),
                        )))
                else:
                    output_bucket.append(
                        misc.format_line((
                            misc.check_if(account.get('name')),
                            misc.check_if(str('user_policy')),
                            misc.check_if(user_entity.get('UserName')),
                            misc.check_if(policy.get('PolicyName')),
                            misc.check_if(str(policy_body)),
                        )))
Example #41
0
def describe_network_acls(ec2, account, region, output_bucket):
    """continue from multithread call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    netacl_list = ec2.describe_network_acls().get('NetworkAcls')
    for acl_obj in netacl_list:

        for rule_obj in acl_obj.get('Entries'):
            '''extract direction'''
            direction = 'inbound'
            if str(rule_obj.get('Egress')) == 'True':
                direction = 'outbound'

            output_bucket.append(
                misc.format_line(
                    (misc.check_if(account.get('name')),
                     misc.check_if(region.get('RegionName')),
                     misc.check_if(acl_obj.get('VpcId')),
                     misc.check_if(check_tag(acl_obj, str('Name'))),
                     misc.check_if(acl_obj.get('NetworkAclId')),
                     misc.check_if(str(acl_obj.get('IsDefault'))),
                     misc.check_if(str(rule_obj.get('RuleNumber'))),
                     misc.check_if(str(direction)),
                     misc.check_if(str(rule_obj.get('Protocol'))),
                     misc.check_if(str(rule_obj.get('CidrBlock'))),
                     misc.check_if(str(rule_obj.get('RuleAction'))))))
Example #42
0
def describe_elb_instances(elb, account, region, output_bucket):
    """continue from multithread call
    Args: 
        elb (object): elb client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')

    for elb_obj in elb_list:
        #print elb_obj
        """dns lookup fqdn"""
        elb_ip = misc.lookup(elb_obj.get('DNSName'))
        """get list of attached ec2 ids"""
        ec2id = get_ec2s(elb_obj.get('Instances'))

        for elb_listener in elb_obj.get('ListenerDescriptions'):

            output_bucket.append(
                misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(region.get('RegionName')),
                    misc.check_if(elb_obj.get('VPCId')),
                    misc.check_if(elb_obj.get('LoadBalancerName')),
                    misc.check_if(elb_obj.get('Scheme')),
                    misc.check_if(elb_ip),
                    misc.check_if(elb_obj.get('DNSName')),
                    misc.check_if(
                        str(
                            elb_listener.get('Listener').get(
                                'LoadBalancerPort'))),
                    misc.check_if(
                        elb_listener.get('Listener').get('Protocol')),
                    misc.check_if(ec2id),
                    misc.check_if(
                        str(elb_listener.get('Listener').get('InstancePort'))),
                    misc.check_if(
                        elb_listener.get('Listener').get('InstanceProtocol'))
                )))
Example #43
0
def describe_subnets(ec2, account, region, output_bucket):
    """continue from multithread call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    subnet_list = ec2.describe_subnets().get('Subnets')
    for subnet_obj in subnet_list:
        """check if flow have been enabled for this subnet"""
        sub_flow_logs = None
        try:
            sub_flow_logs = ec2.describe_flow_logs(
                Filter=[{
                    'Name': 'resource-id',
                    'Values': [subnet_obj.get('SubnetId')]
                }]).get('FlowLogs')

        except Exception, e:
            error_code = e

        if sub_flow_logs:
            flow_enabled = str('True')
        else:
            flow_enabled = str('False')

        output_bucket.append(
            misc.format_line(
                (misc.check_if(account.get('name')),
                 misc.check_if(region.get('RegionName')),
                 misc.check_if(subnet_obj.get('VpcId')),
                 misc.check_if(check_tag(subnet_obj, str('Name'))),
                 misc.check_if(subnet_obj.get('SubnetId')),
                 misc.check_if(subnet_obj.get('State')),
                 misc.check_if(flow_enabled),
                 misc.check_if(subnet_obj.get('CidrBlock')),
                 misc.check_if(str(subnet_obj.get('AvailableIpAddressCount'))),
                 misc.check_if(str(subnet_obj.get('DefaultForAz'))),
                 misc.check_if(str(subnet_obj.get('MapPublicIpOnLaunch'))))))
Example #44
0
def describe_subnets(ec2, account, region, output_bucket):
    """continue from multithread call
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    subnet_list = ec2.describe_subnets().get("Subnets")
    for subnet_obj in subnet_list:
        """check if flow have been enabled for this subnet"""
        sub_flow_logs = None
        try:
            sub_flow_logs = ec2.describe_flow_logs(
                Filter=[{"Name": "resource-id", "Values": [subnet_obj.get("SubnetId")]}]
            ).get("FlowLogs")

        except Exception, e:
            error_code = e

        if sub_flow_logs:
            flow_enabled = str("True")
        else:
            flow_enabled = str("False")

        output_bucket.append(
            misc.format_line(
                (
                    misc.check_if(account.get("name")),
                    misc.check_if(region.get("RegionName")),
                    misc.check_if(subnet_obj.get("VpcId")),
                    misc.check_if(check_tag(subnet_obj, str("Name"))),
                    misc.check_if(subnet_obj.get("SubnetId")),
                    misc.check_if(subnet_obj.get("State")),
                    misc.check_if(flow_enabled),
                    misc.check_if(subnet_obj.get("CidrBlock")),
                    misc.check_if(str(subnet_obj.get("AvailableIpAddressCount"))),
                    misc.check_if(str(subnet_obj.get("DefaultForAz"))),
                    misc.check_if(str(subnet_obj.get("MapPublicIpOnLaunch"))),
                )
            )
        )
Example #45
0
    except Exception, e:
        error_code = e

    if trail_list:
        for trail in trail_list:
            trail_status = cltr.get_trail_status(Name=trail.get('Name'))
            cw_log_group = 'no-record'
            cloudwatch_enabled = 'False'
            if trail.get('CloudWatchLogsLogGroupArn'):
                cloudwatch_enabled = 'True'
                cw_log_group = re.split(
                    ":", trail.get('CloudWatchLogsLogGroupArn'))[6]

            output_bucket.append(
                misc.format_line((
                    misc.check_if(account.get('name')),
                    misc.check_if(region.get('RegionName')),
                    misc.check_if(trail.get('Name')),
                    misc.check_if(str(trail_status.get('IsLogging'))),
                    misc.check_if(str(cloudwatch_enabled)),
                    misc.check_if(
                        str(
                            trail_status.get('LatestDeliveryTime').strftime(
                                '%Y_%m_%d %I:%M %p'))),
                    misc.check_if(str(cw_log_group)),
                    misc.check_if(trail.get('S3BucketName')),
                )))

    else:
        output_bucket.append(
            misc.format_line((
Example #46
0
def sg_rule_sets_by_ec2_with_role(ec2, account, region, output_bucket):
    """generate list of security group rule sets by ec2 instance 
    Args: 
        ec2 (object): ec2 client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """

    """could not find ec2.instances() anywhere in boto3"""
    ec2_list =  [i for r in
                ec2.describe_instances().get('Reservations') for i in
                r.get('Instances')]

    """generate security group list"""
    sg_list = ec2.describe_security_groups().get('SecurityGroups')


    for sg_obj in sg_list:
       """find out how many ec2s are using a security group"""
       for ec2_obj in ec2_list:
          """check if ec2 is attached to a role"""
          if ec2_obj.get('IamInstanceProfile'):
             ec2_role = re.split('/',ec2_obj.get('IamInstanceProfile').get('Arn'))[1]
             for ec2sg in ec2_obj.get('SecurityGroups'):
                 if sg_obj.get('GroupId') == ec2sg.get('GroupId'):
                    """move on to rule entries"""
                    for rule in sg_obj.get('IpPermissions'):
                        """cidr as source"""
                        for cidr in rule.get('IpRanges'):
                            if cidr.get('CidrIp'):
                                output_bucket.append(misc.format_line((
                                    misc.check_if(account.get('name')),
                                    misc.check_if(region.get('RegionName')),
                                    misc.check_if(sg_obj.get('VpcId')),
                                    misc.check_if(ec2_obj.get('InstanceId')),
                                    misc.check_if(ec2_role),
                                    misc.check_if(ec2_obj.get('State').get('Name')),
                                    misc.check_if(check_tag(ec2_obj, str('Name'))),
                                    misc.check_if(ec2_obj.get('PrivateIpAddress')),
                                    misc.check_if(ec2_obj.get('PublicIpAddress')),
                                    misc.check_if(sg_obj.get('GroupId')),
                                    misc.check_if(sg_obj.get('GroupName')),
                                    misc.check_if(str(cidr.get('CidrIp'))),
                                    misc.check_if(str(check_port(rule.get('FromPort')))),
                                    misc.check_if(str(check_port(rule.get('ToPort')))),
                                    misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                                    )))

                        """security groups as source"""
                        for group in rule.get('UserIdGroupPairs'):
                            if group.get('GroupId'):
                                output_bucket.append(misc.format_line((
                                    misc.check_if(account.get('name')),
                                    misc.check_if(region.get('RegionName')),
                                    misc.check_if(sg_obj.get('VpcId')),
                                    misc.check_if(ec2_obj.get('InstanceId')),
                                    misc.check_if(ec2_role),
                                    misc.check_if(ec2_obj.get('State').get('Name')),
                                    misc.check_if(check_tag(ec2_obj, str('Name'))),
                                    misc.check_if(ec2_obj.get('PrivateIpAddress')),
                                    misc.check_if(ec2_obj.get('PublicIpAddress')),
                                    misc.check_if(sg_obj.get('GroupId')),
                                    misc.check_if(sg_obj.get('GroupName')),
                                    misc.check_if(group.get('GroupId')),
                                    misc.check_if(str(check_port(rule.get('FromPort')))),
                                    misc.check_if(str(check_port(rule.get('ToPort')))),
                                    misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                                    ))) 
Example #47
0
def sg_rule_sets_by_elb(elb, ec2, account, region, output_bucket):
    """generate list of security group rule sets by elb instance 
    Args: 
        elb (object): elb client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    """generate list of elb instances"""
    elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')

    """generate list of security groups to get rule set details"""
    sg_list = ec2.describe_security_groups().get('SecurityGroups')

    for sg_obj in sg_list:
        """find out how many elbs are using a security group"""
        for elb_obj in elb_list:
            for elbsg in elb_obj.get('SecurityGroups'):
                """check if security group is associated to elb instance"""
                if sg_obj.get('GroupId') == elbsg:
                    
                    elb_ip = misc.lookup(elb_obj.get('DNSName')) 
                    """move on to rule entries"""
                    for rule in sg_obj.get('IpPermissions'):
                        """cidr as source"""
                        for cidr in rule.get('IpRanges'):
                            if cidr.get('CidrIp'):
                                output_bucket.append(misc.format_line((
                                    misc.check_if(account.get('name')),
                                    misc.check_if(region.get('RegionName')),
                                    misc.check_if(elb_obj.get('VPCId')),
                                    misc.check_if(elb_obj.get('LoadBalancerName')),
                                    misc.check_if(elb_obj.get('Scheme')),
                                    misc.check_if(elb_ip),
                                    misc.check_if(elb_obj.get('DNSName')),
                                    misc.check_if(sg_obj.get('GroupId')),
                                    misc.check_if(sg_obj.get('GroupName')),
                                    misc.check_if(str(cidr.get('CidrIp'))),
                                    misc.check_if(str(check_port(rule.get('FromPort')))),
                                    misc.check_if(str(check_port(rule.get('ToPort')))),
                                    misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                                    )))

                        """security groups as source"""
                        for group in rule.get('UserIdGroupPairs'):
                            if group.get('GroupId'):
                                output_bucket.append(misc.format_line((
                                    misc.check_if(account.get('name')),
                                    misc.check_if(region.get('RegionName')),
                                    misc.check_if(elb_obj.get('VPCId')),
                                    misc.check_if(elb_obj.get('LoadBalancerName')),
                                    misc.check_if(elb_obj.get('Scheme')),
                                    misc.check_if(elb_ip),
                                    misc.check_if(elb_obj.get('DNSName')),
                                    misc.check_if(sg_obj.get('GroupId')),
                                    misc.check_if(sg_obj.get('GroupName')),
                                    misc.check_if(group.get('GroupId')),
                                    misc.check_if(str(check_port(rule.get('FromPort')))),
                                    misc.check_if(str(check_port(rule.get('ToPort')))),
                                    misc.check_if(str(check_proto(rule.get('IpProtocol'))))
                                    )))
Example #48
0
def sg_rule_sets_by_elb(elb, ec2, account, region, output_bucket):
    """generate list of security group rule sets by elb instance 
    Args: 
        elb (object): elb client object 
        account (dict): aws accounts 
        region (dict): regions
        output_bucket (list): results bucket holder 
    Returns:
        nothing. appends results to output_bucket
    """
    """generate list of elb instances"""
    elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')
    """generate list of security groups to get rule set details"""
    sg_list = ec2.describe_security_groups().get('SecurityGroups')

    for sg_obj in sg_list:
        """find out how many elbs are using a security group"""
        for elb_obj in elb_list:
            for elbsg in elb_obj.get('SecurityGroups'):
                """check if security group is associated to elb instance"""
                if sg_obj.get('GroupId') == elbsg:

                    elb_ip = misc.lookup(elb_obj.get('DNSName'))
                    """move on to rule entries"""
                    for rule in sg_obj.get('IpPermissions'):
                        """cidr as source"""
                        for cidr in rule.get('IpRanges'):
                            if cidr.get('CidrIp'):
                                output_bucket.append(
                                    misc.format_line(
                                        (misc.check_if(account.get('name')),
                                         misc.check_if(
                                             region.get('RegionName')),
                                         misc.check_if(elb_obj.get('VPCId')),
                                         misc.check_if(
                                             elb_obj.get('LoadBalancerName')),
                                         misc.check_if(elb_obj.get('Scheme')),
                                         misc.check_if(elb_ip),
                                         misc.check_if(elb_obj.get('DNSName')),
                                         misc.check_if(sg_obj.get('GroupId')),
                                         misc.check_if(
                                             sg_obj.get('GroupName')),
                                         misc.check_if(str(
                                             cidr.get('CidrIp'))),
                                         misc.check_if(
                                             str(
                                                 check_port(
                                                     rule.get('FromPort')))),
                                         misc.check_if(
                                             str(check_port(
                                                 rule.get('ToPort')))),
                                         misc.check_if(
                                             str(
                                                 check_proto(
                                                     rule.get('IpProtocol'))))
                                         )))
                        """security groups as source"""
                        for group in rule.get('UserIdGroupPairs'):
                            if group.get('GroupId'):
                                output_bucket.append(
                                    misc.format_line(
                                        (misc.check_if(account.get('name')),
                                         misc.check_if(
                                             region.get('RegionName')),
                                         misc.check_if(elb_obj.get('VPCId')),
                                         misc.check_if(
                                             elb_obj.get('LoadBalancerName')),
                                         misc.check_if(elb_obj.get('Scheme')),
                                         misc.check_if(elb_ip),
                                         misc.check_if(elb_obj.get('DNSName')),
                                         misc.check_if(sg_obj.get('GroupId')),
                                         misc.check_if(
                                             sg_obj.get('GroupName')),
                                         misc.check_if(group.get('GroupId')),
                                         misc.check_if(
                                             str(
                                                 check_port(
                                                     rule.get('FromPort')))),
                                         misc.check_if(
                                             str(check_port(
                                                 rule.get('ToPort')))),
                                         misc.check_if(
                                             str(
                                                 check_proto(
                                                     rule.get('IpProtocol'))))
                                         )))
Example #49
0
        for message in search_logGroup.get('events'):
            event_name = (json.loads(message.get('message'))).get('eventName')
            event_time = (json.loads(message.get('message'))).get('eventTime')
            arn = (json.loads(
                message.get('message'))).get('userIdentity').get('arn')
            source_address = (json.loads(
                message.get('message'))).get('sourceIPAddress')
            request_param = misc.json_pretty_print(
                (json.loads(message.get('message'))).get('requestParameters'))
            response_elem = misc.json_pretty_print(
                (json.loads(message.get('message'))).get('responseElements'))

            if encode == 'on':
                output_bucket.append(
                    misc.format_line((
                        misc.check_if(base64.b64encode(account.get('name'))),
                        misc.check_if(
                            base64.b64encode(region.get('RegionName'))),
                        misc.check_if(base64.b64encode(event_name)),
                        misc.check_if(base64.b64encode(str(event_time))),
                        misc.check_if(base64.b64encode(misc.check_if(arn))),
                        misc.check_if(base64.b64encode(str(source_address))),
                        misc.check_if(
                            base64.b64encode(
                                str('<pre>' + request_param + '</pre>'))),
                        misc.check_if(
                            base64.b64encode(
                                str('<pre>' + response_elem + '</pre>'))),
                    )))
            else:
                output_bucket.append(
Example #50
0
    except Exception, e:
        error_code = e
        #print e

    if search_logGroup:
       for message in search_logGroup.get('events'):
           event_name = (json.loads(message.get('message'))).get('eventName')
           event_time = (json.loads(message.get('message'))).get('eventTime')
           arn = (json.loads(message.get('message'))).get('userIdentity').get('arn')
           source_address = (json.loads(message.get('message'))).get('sourceIPAddress')
           request_param = misc.json_pretty_print((json.loads(message.get('message'))).get('requestParameters'))
           response_elem = misc.json_pretty_print((json.loads(message.get('message'))).get('responseElements'))

           if encode == 'on':
               output_bucket.append(misc.format_line((
                   misc.check_if(base64.b64encode(account.get('name'))),
                   misc.check_if(base64.b64encode(region.get('RegionName'))),
                   misc.check_if(base64.b64encode(event_name)),
                   misc.check_if(base64.b64encode(str(event_time))),
                   misc.check_if(base64.b64encode(misc.check_if(arn))),
                   misc.check_if(base64.b64encode(str(source_address))),
                   misc.check_if(base64.b64encode(str('<pre>' + request_param + '</pre>'))),
                   misc.check_if(base64.b64encode(str('<pre>' + response_elem + '</pre>'))),
                   )))
           else:
               output_bucket.append(misc.format_line((
                   misc.check_if(account.get('name')),
                   misc.check_if(region.get('RegionName')),
                   misc.check_if(event_name),
                   misc.check_if(str(event_time)),
                   misc.check_if(arn),
Example #51
0
    except Exception, e:
        error_code = e

    if trail_list:
        for trail in trail_list:
            trail_status = cltr.get_trail_status(
                       Name=trail.get('Name')
                       )
            cw_log_group = 'no-record'
            cloudwatch_enabled = 'False'
            if trail.get('CloudWatchLogsLogGroupArn'):
                cloudwatch_enabled = 'True'
                cw_log_group = re.split(":",trail.get('CloudWatchLogsLogGroupArn'))[6]

            output_bucket.append(misc.format_line((
                 misc.check_if(account.get('name')),
                 misc.check_if(region.get('RegionName')),
                 misc.check_if(trail.get('Name')),
                 misc.check_if(str(trail_status.get('IsLogging'))),
                 misc.check_if(str(cloudwatch_enabled)),
                 misc.check_if(str(trail_status.get('LatestDeliveryTime').strftime('%Y_%m_%d %I:%M %p'))),
                 misc.check_if(str(cw_log_group)),
                 misc.check_if(trail.get('S3BucketName')),
                 )))

    else:
        output_bucket.append(misc.format_line((
             misc.check_if(account.get('name')),
             misc.check_if(region.get('RegionName')),
             misc.check_if(str('not-configured')),
             misc.check_if(str('False')),