def get(self):
''' Attempt to get all Public IPs from RDS instances. '''
resources = []
# Once again, the AWS API doesn't appear to allow filtering by RDS
# instances where PubliclyAccessible is True. As a result, we'll
# need to do this manually
marker = ''
while marker is not None:
if marker:
candidates = self.client.describe_db_instances(Marker=marker)
else:
candidates = self.client.describe_db_instances()
# Check if we need to continue paging.
if "Marker" in candidates:
self.logger.debug(
"'Marker' found, additional page of results to fetch")
marker = candidates["Marker"]
else:
marker = None
for rds in candidates["DBInstances"]:
# Skip instances still being created as they may not yet have
# endpoints created / generated.
if rds["DBInstanceStatus"] == "creating":
self.logger.debug(
"Skipping instance as it's still being provisioned")
continue
self.logger.debug("Inspecting RDS instance %s",
rds["DBInstanceIdentifier"])
if not rds["PubliclyAccessible"]:
self.logger.debug("RDS instance is not internet facing")
continue
# Lookup the DNS name to get the current IPs. We're ignoring
# the configured port for the time being, although this could
# present a trivial optimisation for scanning speed up.
try:
resources.append({
"service":
self.SERVICE,
"identifier":
rds["DBInstanceArn"],
"cname":
rds["Endpoint"]["Address"],
"addresses":
dns_lookup(rds["Endpoint"]["Address"]),
})
except KeyError:
self.logger.warning(
"Skipping RDS instance %s due to error when enumerating endpoints",
rds["DBInstanceArn"])
self.logger.info("Got IPs for %s resources", len(resources))
return resources
def get(self):
''' Attempt to get all Public IPs from ELBs. '''
resources = []
# Iterate over results until AWS no longer returns a 'NextMarker' in
# order to ensure all results are retrieved.
marker = ''
while marker is not None:
# Unfortunately, Marker=None or Marker='' is invalid for this API
# call, so it looks like we can't just set this to a None value,
# or use a ternary here.
if marker:
candidates = self.client.describe_load_balancers(
Marker=marker
)
else:
candidates = self.client.describe_load_balancers()
# Check if we need to continue paging.
if "NextMarker" in candidates:
self.logger.debug(
"'NextMarker' found, additional page of results to fetch"
)
marker = candidates["NextMarker"]
else:
marker = None
# For some odd reason the AWS API doesn't appear to allow a
# filter on describe operations for ELBs, so we'll have to filter
# manually.
for elb in candidates["LoadBalancerDescriptions"]:
self.logger.debug(
"Inspecting ELB %s", elb["LoadBalancerName"],
)
if elb["Scheme"] != "internet-facing":
self.logger.debug("ELB is not internet facing")
continue
# Lookup the DNS name for this ELB to get the current IPs. We
# also need to construct the ARN, as it's not provided in the
# output from a describe operation (?!)
resources.append({
"service": self.SERVICE,
"identifier": aws_elb_arn(
self.region,
elb["LoadBalancerName"]
),
"cname": elb["DNSName"],
"addresses": dns_lookup(elb["DNSName"]),
})
self.logger.info("Got IPs for %s resources", len(resources))
return resources
def get(self):
''' Attempt to get IPs associated with Elasticsearch endpoints. '''
resources = []
# Get a list of all domains and then manually prune it based on
# whether the domains are created, being deleted, etc.
candidates = self.client.list_domain_names()
for es in candidates["DomainNames"]:
# Query for data about this domain based on the enumerated name.
domain = self.client.describe_elasticsearch_domain(
DomainName=es["DomainName"])
self.logger.debug("Inspecting ES domain %s", es["DomainName"])
if domain["DomainStatus"]["Created"] == False:
self.logger.debug(
"Skipping ES domain as it's still being provisioned")
continue
if domain["DomainStatus"]["Deleted"] == True:
self.logger.debug(
"Skipping ES domain as it's currently being deleted")
continue
# Skip VPC endpoints.
if "Endpoints" in domain["DomainStatus"]:
self.logger.debug(
"Skipping ES domain as it has VPC only endpoints")
continue
# Lookup the DNS name to get the current IPs.
try:
resources.append({
"service":
self.SERVICE,
"identifier":
domain["DomainStatus"]["ARN"],
"cname":
domain["DomainStatus"]["Endpoint"],
"addresses":
dns_lookup(domain["DomainStatus"]["Endpoint"]),
})
except KeyError:
self.logger.warning(
"Skipping ES domain due to error when enumerating endpoints",
)
self.logger.info("Got IPs for %s resources", len(resources))
return resources
def get(self):
''' Attempt to get all Public IPs from ELBv2 instances. '''
resources = []
# Iterate over results until AWS no longer returns a 'NextMarker' in
# order to ensure all results are retrieved.
marker = ''
while marker is not None:
# Unfortunately, Marker=None or Marker='' is invalid for this API
# call, so it looks like we can't just set this to a None value,
# or use a ternary here.
if marker:
candidates = self.client.describe_load_balancers(
Marker=marker
)
else:
candidates = self.client.describe_load_balancers()
# Check if we need to continue paging.
if "NextMarker" in candidates:
self.logger.debug(
"'NextMarker' found, additional page of results to fetch"
)
marker = candidates["NextMarker"]
else:
marker = None
# For some odd reason the AWS API doesn't appear to allow a
# filter on describe operations for ELBs, so we'll have to filter
# manually.
for elb in candidates["LoadBalancers"]:
self.logger.debug(
"Inspecting ELBv2 instance %s", elb["LoadBalancerArn"],
)
if elb["Scheme"] != "internet-facing":
self.logger.debug(
"ELBv2 instance is not internet facing"
)
continue
# If a network load balancer, IPs will be present in the
# describe output. If not, then we'll need to resolve the DNS
# name to get the current LB IPs.
if "LoadBalancerAddresses" in elb["AvailabilityZones"][0]:
addresses = []
for az in elb["AvailabilityZones"]:
# Each AZ has an associated IP allocation.
for address in az["LoadBalancerAddresses"]:
addresses.append(address["IpAddress"])
resources.append({
"service": self.SERVICE,
"identifier": elb["LoadBalancerArn"],
"addresses": addresses,
})
else:
resources.append({
"service": self.SERVICE,
"identifier": elb["LoadBalancerArn"],
"addresses": dns_lookup(elb["DNSName"]),
})
self.logger.info("Got IPs for %s resources", len(resources))
return resources