Python format_arn 예제들

예제 #1

 def _parse_grant(self, raw_grant):
     grant_dict = {
         'key_id':
         raw_grant.get('KeyId'),
         'grant_id':
         raw_grant.get('GrantId'),
         'name':
         raw_grant.get('Name'),
         'create_date':
         raw_grant.get('CreationDate'),
         'grantee_principal':
         raw_grant.get('GranteePrincipal'),
         'retiring_principal':
         raw_grant.get('ReitirngPrincipal'),
         'issuing_account':
         raw_grant.get('IssuingAccount'),
         'operations':
         raw_grant.get('Operations'),
         'constraints':
         raw_grant.get('Constraints'),
         'arn':
         format_arn(self.partition, self.service, self.region,
                    raw_grant.get('IssuingAccount').split(':')[4],
                    raw_grant.get('GrantId'), self.resource_type)
         if ':' in raw_grant.get('IssuingAccount') else format_arn(
             self.partition, self.service, self.region,
             raw_grant.get('IssuingAccount'), raw_grant.get('GrantId'),
             self.resource_type)
     }
     return grant_dict['grant_id'], grant_dict

예제 #2

파일: securitygroups.py 프로젝트: nccgroup/ScoutSuite

    def _parse_security_group(self, raw_security_group):
        security_group = {}
        security_group['name'] = raw_security_group['GroupName']
        security_group['id'] = raw_security_group['GroupId']
        security_group['arn'] = format_arn(self.partition, self.service, self.region, raw_security_group.get('OwnerId'), raw_security_group.get('GroupId'), self.resource_type)
        security_group['description'] = raw_security_group['Description']
        security_group['owner_id'] = raw_security_group['OwnerId']

        if 'Tags' in raw_security_group:
            security_group['tags'] = {x['Key']: x['Value'] for x in raw_security_group['Tags']}

        security_group['rules'] = {'ingress': {}, 'egress': {}}
        ingress_protocols, ingress_rules_count = self._parse_security_group_rules(
            raw_security_group['IpPermissions'])
        security_group['rules']['ingress']['protocols'] = ingress_protocols
        security_group['rules']['ingress']['count'] = ingress_rules_count

        egress_protocols, egress_rules_count = self._parse_security_group_rules(
            raw_security_group['IpPermissionsEgress'])
        security_group['rules']['egress']['protocols'] = egress_protocols
        security_group['rules']['egress']['count'] = egress_rules_count

        security_group['is_default_configuration'] = \
            self._has_default_egress_rule(raw_security_group['IpPermissionsEgress']) and \
            self._has_default_ingress_rule(raw_security_group['IpPermissions'], raw_security_group['GroupId'])

        return security_group['id'], security_group

예제 #3

파일: load_balancers.py 프로젝트: nccgroup/ScoutSuite

    def _parse_load_balancer(self, raw_load_balancer):
        load_balancer = {'name': raw_load_balancer['LoadBalancerName']}
        get_keys(raw_load_balancer, load_balancer, [
            'DNSName', 'CreatedTime', 'AvailabilityZones', 'Subnets', 'Scheme',
            'attributes'
        ])

        load_balancer['security_groups'] = []
        load_balancer['arn'] = format_arn(
            self.partition, self.service, self.region, self.facade.owner_id,
            raw_load_balancer.get('LoadBalancerName'), self.resource_type)

        for sg in raw_load_balancer['SecurityGroups']:
            load_balancer['security_groups'].append({'GroupId': sg})

        load_balancer['listeners'] = {}
        for l in raw_load_balancer['ListenerDescriptions']:
            listener = l['Listener']
            load_balancer['listeners'][l['Listener']
                                       ['LoadBalancerPort']] = listener

        load_balancer['instances'] = []
        for i in raw_load_balancer['Instances']:
            load_balancer['instances'].append(i['InstanceId'])

        if 'Tags' in raw_load_balancer and raw_load_balancer['Tags']:
            load_balancer['tags'] = {
                x['Key']: x['Value']
                for x in raw_load_balancer['Tags']
            }

        return get_non_provider_id(load_balancer['name']), load_balancer

예제 #4

파일: clusters.py 프로젝트: nccgroup/ScoutSuite

 def _parse_cluster(self, raw_cluster):
     name = raw_cluster.pop('ClusterIdentifier')
     raw_cluster['name'] = name
     raw_cluster['arn'] = format_arn(self.partition, self.service,
                                     self.region, self.facade.owner_id,
                                     name, self.resource_type)
     return name, raw_cluster

예제 #5

파일: identity_policies.py 프로젝트: nccgroup/ScoutSuite

 async def fetch_all(self):
     raw_policies = await self.facade.ses.get_identity_policies(
         self.region, self.identity_name)
     for policy_name, raw_policy in raw_policies.items():
         self[policy_name] = json.loads(raw_policy)
         self[policy_name]['arn'] = format_arn(self.partition, self.service,
                                               self.region, '', policy_name,
                                               self.resource_type)

예제 #6

 def _parse_volume(self, raw_volume):
     raw_volume['id'] = raw_volume.pop('VolumeId')
     raw_volume['name'] = get_name(raw_volume, raw_volume, 'id')
     raw_volume['arn'] = format_arn(self.partition, self.service,
                                    self.region, self.facade.owner_id,
                                    raw_volume.get('id'),
                                    self.resource_type)
     return raw_volume['id'], raw_volume

예제 #7

 def _parse_peering_connections(self, raw_peering_connection):
     raw_peering_connection['id'] = raw_peering_connection[
         'name'] = raw_peering_connection['VpcPeeringConnectionId']
     raw_peering_connection['arn'] = format_arn(
         self.partition, self.service, self.region, '',
         raw_peering_connection['VpcPeeringConnectionId'],
         self.resource_type)
     return raw_peering_connection['id'], raw_peering_connection

예제 #8

 def _parse_connection(self, raw_connection):
     raw_connection['id'] = raw_connection.pop('connectionId')
     raw_connection['name'] = raw_connection.pop('connectionName')
     raw_connection['arn'] = format_arn(self.partition, self.service,
                                        self.region,
                                        raw_connection.get('ownerAccount'),
                                        raw_connection.get('id'),
                                        self.resource_type)
     return raw_connection['id'], raw_connection

예제 #9

 def _parse_parameter(self, raw_parameter):
     parameter = {
         'value': raw_parameter['ParameterValue'],
         'source': raw_parameter['Source']
     }
     raw_parameter['arn'] = format_arn(self.partition, self.service,
                                       self.region, '',
                                       raw_parameter.get('ParameterName'),
                                       self.resource_type)
     return raw_parameter['ParameterName'], parameter

예제 #10

 def _parse_network_interface(self, raw_network_interface):
     raw_network_interface['name'] = raw_network_interface[
         'NetworkInterfaceId']
     raw_network_interface['arn'] = format_arn(
         self.partition, self.service, self.region,
         raw_network_interface.get('OwnerId'),
         raw_network_interface.get('NetworkInterfaceId'),
         self.resource_type)
     return raw_network_interface[
         'NetworkInterfaceId'], raw_network_interface

예제 #11

 def _parse_parameter_group(self, raw_parameter_group):
     parameter_group = {}
     parameter_group['name'] = raw_parameter_group.get('ParameterGroupName')
     parameter_group['id'] = get_non_provider_id(parameter_group['name'])
     parameter_group['arn'] = format_arn(self.partition, self.service, self.region, self.facade.owner_id, raw_parameter_group.get('ParameterGroupName'), self.resource_type)
     parameter_group['family'] = raw_parameter_group.get('ParameterGroupFamily')
     parameter_group['description'] = raw_parameter_group.get('Description')
     parameter_group['is_default'] = self._is_default(raw_parameter_group)
     parameter_group['tags'] = raw_parameter_group.get('Tags')
     return parameter_group['id'], parameter_group

예제 #12

파일: identities.py 프로젝트: nccgroup/ScoutSuite

 def _parse_identity(self, raw_identity):
     identity_name, dkim_attributes = raw_identity
     identity = {}
     identity['name'] = identity_name
     identity['DkimEnabled'] = dkim_attributes['DkimEnabled']
     identity['DkimVerificationStatus'] = dkim_attributes[
         'DkimVerificationStatus']
     identity['arn'] = format_arn(self.partition, self.service, self.region,
                                  self.facade.owner_id, identity_name,
                                  self.resource_type)
     return get_non_provider_id(identity_name), identity

예제 #13

 def _parse_domain(self, raw_domain):
     domain_dict = {}
     domain_dict['id'] = get_non_provider_id(raw_domain.get('DomainName'))
     domain_dict['name'] = raw_domain.get('DomainName')
     domain_dict['auto_renew'] = raw_domain.get('AutoRenew')
     domain_dict['transfer_lock'] = raw_domain.get('TransferLock')
     domain_dict['expiry'] = raw_domain.get('Expiry')
     domain_dict['arn'] = format_arn(self.partition, self.service,
                                     self.region, self.facade.owner_id,
                                     domain_dict.get('id'),
                                     self.resource_type)
     return domain_dict['id'], domain_dict

예제 #14

파일: network_acls.py 프로젝트: nccgroup/ScoutSuite

 def _parse_network_acl(self, raw_network_acl):
     raw_network_acl['id'] = raw_network_acl.pop('NetworkAclId')
     get_name(raw_network_acl, raw_network_acl, 'id')
     raw_network_acl['rules'] = {}
     raw_network_acl['rules']['ingress'] = self._parse_network_acl_entries(
         raw_network_acl['Entries'], False)
     raw_network_acl['rules']['egress'] = self._parse_network_acl_entries(
         raw_network_acl['Entries'], True)
     raw_network_acl.pop('Entries')
     raw_network_acl['arn'] = format_arn(self.partition, self.service,
                                         self.region,
                                         raw_network_acl.get('OwnerId'),
                                         raw_network_acl.get('id'),
                                         self.resource_type)
     return raw_network_acl['id'], raw_network_acl

예제 #15

    async def _parse_instance(self, raw_instance):
        instance = {}
        id = raw_instance['InstanceId']
        instance['id'] = id
        instance['arn'] = format_arn(self.partition, self.service, self.region,
                                     raw_instance['OwnerId'],
                                     raw_instance['InstanceId'],
                                     self.resource_type)
        instance['reservation_id'] = raw_instance['ReservationId']
        instance['availability_zone'] = raw_instance.get(
            'Placement', {}).get('AvailabilityZone')
        instance['monitoring_enabled'] = raw_instance['Monitoring'][
            'State'] == 'enabled'
        instance['user_data'] = await self.facade.ec2.get_instance_user_data(
            self.region, id)
        instance['user_data_secrets'] = self._identify_user_data_secrets(
            instance['user_data'])

        get_name(raw_instance, instance, 'InstanceId')
        get_keys(raw_instance, instance, [
            'KeyName', 'LaunchTime', 'InstanceType', 'State',
            'IamInstanceProfile', 'SubnetId', 'Tags'
        ])

        if "IamInstanceProfile" in raw_instance:
            instance['iam_instance_profile_id'] = raw_instance[
                'IamInstanceProfile']['Id']
            instance['iam_instance_profile_arn'] = raw_instance[
                'IamInstanceProfile']['Arn']

        instance['network_interfaces'] = {}
        for eni in raw_instance['NetworkInterfaces']:
            nic = {}
            get_keys(eni, nic, [
                'Association', 'Groups', 'PrivateIpAddresses', 'SubnetId',
                'Ipv6Addresses'
            ])
            instance['network_interfaces'][eni['NetworkInterfaceId']] = nic

        instance['metadata_options'] = raw_instance.get('MetadataOptions', {})

        if 'IamInstanceProfile' in raw_instance:
            instance['iam_role'] = raw_instance['IamInstanceProfile'][
                'Arn'].split('/')[-1]
        else:
            instance['iam_role'] = None

        return id, instance

예제 #16

 def _parse_metric_filter(self, raw_metric_filter):
     metric_filter_dict = {}
     metric_filter_dict['id'] = get_non_provider_id('{}{}'.format(
         raw_metric_filter.get('filterName'),
         raw_metric_filter.get('creationTime')))
     metric_filter_dict['name'] = raw_metric_filter.get('filterName')
     metric_filter_dict['creation_time'] = raw_metric_filter.get(
         'creationTime')
     metric_filter_dict['pattern'] = raw_metric_filter.get('filterPattern')
     metric_filter_dict['metric_transformations'] = raw_metric_filter.get(
         'metricTransformations')
     metric_filter_dict['log_group_name'] = raw_metric_filter.get(
         'logGroupName')
     metric_filter_dict['arn'] = format_arn(
         self.partition, self.service, self.region, '',
         raw_metric_filter.get('filterName'), self.resource_type)
     return metric_filter_dict['id'], metric_filter_dict

예제 #17

파일: hosted_zones.py 프로젝트: nccgroup/ScoutSuite

 async def _parse_hosted_zone(self, raw_hosted_zone):
     hosted_zone_dict = {}
     hosted_zone_dict['id'] = raw_hosted_zone.get('Id')
     hosted_zone_dict['name'] = raw_hosted_zone.get('Name')
     hosted_zone_dict['caller_reference'] = raw_hosted_zone.get(
         'CallerReference')
     hosted_zone_dict['config'] = raw_hosted_zone.get('Config')
     hosted_zone_dict[
         'resource_record_sets'] = await self.facade.route53.get_resource_records(
             hosted_zone_dict['id'])
     hosted_zone_dict['resource_record_set_count'] = raw_hosted_zone.get(
         'ResourceRecordSetCount')
     hosted_zone_dict['arn'] = format_arn(self.partition, self.service,
                                          self.region, '',
                                          raw_hosted_zone.get('Id'),
                                          self.resource_type)
     return hosted_zone_dict['id'], hosted_zone_dict

예제 #18

    def _parse_vpc(self, raw_vpc):
        vpc = {}
        vpc['id'] = raw_vpc['VpcId']
        vpc['cidr_block'] = raw_vpc['CidrBlock']
        vpc['default'] = raw_vpc['IsDefault']
        vpc['state'] = raw_vpc['State']
        vpc['arn'] = format_arn(self.partition, self.service, self.region,
                                raw_vpc.get('OwnerId'), raw_vpc.get('VpcId'),
                                self.resource_type)

        # Pull the name from tags
        name_tag = next((d for i, d in enumerate(raw_vpc.get('Tags', []))
                         if d.get('Key') == 'Name'), None)
        if name_tag:
            vpc['name'] = name_tag.get('Value')
        else:
            vpc['name'] = raw_vpc['VpcId']

        return vpc['id'], vpc

예제 #19

파일: buckets.py 프로젝트: nccgroup/ScoutSuite

    def _parse_bucket(self, raw_bucket):
        """
        Parse a single S3 bucket

        TODO:
        - CORS
        - Lifecycle
        - Notification ?
        - Get bucket's policy

        :param bucket:
        :param params:
        :return:
        """
        raw_bucket['name'] = raw_bucket.pop('Name')
        raw_bucket['CreationDate'] = str(raw_bucket['CreationDate'])

        raw_bucket['id'] = get_non_provider_id(raw_bucket['name'])
        # Passing empty strings for 'region' and 'account-id' since S3 bucket ARNs omit them
        raw_bucket['arn'] = format_arn(self.partition, self.service, '', '', '*', raw_bucket['name'])
        return raw_bucket['id'], raw_bucket

예제 #20

 def _parse_snapshot(self, raw_snapshot):
     snapshot_dict = {}
     snapshot_dict['id'] = raw_snapshot.get('SnapshotId')
     snapshot_dict['name'] = get_name(raw_snapshot, raw_snapshot,
                                      'SnapshotId')
     snapshot_dict['description'] = raw_snapshot.get('Description')
     snapshot_dict['public'] = self._is_public(raw_snapshot)
     snapshot_dict['encrypted'] = raw_snapshot.get('Encrypted')
     snapshot_dict['kms_key_id'] = raw_snapshot.get('KmsKeyId')
     snapshot_dict['owner_id'] = raw_snapshot.get('OwnerId')
     snapshot_dict['progress'] = raw_snapshot.get('Progress')
     snapshot_dict['start_time'] = raw_snapshot.get('StartTime')
     snapshot_dict['state'] = raw_snapshot.get('State')
     snapshot_dict['volume_id'] = raw_snapshot.get('VolumeId')
     snapshot_dict['volume_size'] = raw_snapshot.get('VolumeSize')
     snapshot_dict['create_volume_permissions'] = raw_snapshot.get(
         'CreateVolumePermissions')
     snapshot_dict['arn'] = format_arn(self.partition, self.service,
                                       self.region,
                                       raw_snapshot.get('OwnerId'),
                                       raw_snapshot.get('SnapshotId'),
                                       self.resource_type)
     return snapshot_dict['id'], snapshot_dict

예제 #21

 def _parse_log(self, raw_flow_log):
     flow_log_dict = {}
     flow_log_dict['name'] = flow_log_dict['id'] = raw_flow_log.get(
         'FlowLogId')
     flow_log_dict['creation_time'] = raw_flow_log.get('CreationTime')
     flow_log_dict['deliver_logs_error_message'] = raw_flow_log.get(
         'DeliverLogsErrorMessage')
     flow_log_dict['deliver_logs_status'] = raw_flow_log.get(
         'DeliverLogsStatus')
     flow_log_dict['flow_log_status'] = raw_flow_log.get('FlowLogStatus')
     flow_log_dict['resource_id'] = raw_flow_log.get('ResourceId')
     flow_log_dict['traffic_type'] = raw_flow_log.get('TrafficType')
     flow_log_dict['log_destination_type'] = raw_flow_log.get(
         'LogDestinationType')
     flow_log_dict['log_destination'] = raw_flow_log.get('LogDestination')
     flow_log_dict['log_format'] = raw_flow_log.get('LogFormat')
     flow_log_dict['tags'] = raw_flow_log.get('Tags')
     flow_log_dict['max_aggregation_interval'] = raw_flow_log.get(
         'MaxAggregationInterval')
     flow_log_dict['arn'] = format_arn(self.partition, self.service,
                                       self.region, '',
                                       raw_flow_log.get('FlowLogId'),
                                       self.resource_type)
     return flow_log_dict['id'], flow_log_dict

예제 #22

파일: policies.py 프로젝트: nccgroup/ScoutSuite

 def _parse_policy(self, raw_policy):
     raw_policy['name'] = raw_policy.pop('PolicyName')
     policy_id = get_non_provider_id(raw_policy['name'])
     raw_policy['arn'] = format_arn(self.partition, self.service, self.region, '', raw_policy['name'], self.resource_type)
     return policy_id, raw_policy

예제 #23

 def _parse_file_system(self, raw_file_system):
     fs_id = raw_file_system.pop('FileSystemId')
     raw_file_system['name'] = raw_file_system.pop('Name') if 'Name' in raw_file_system else None
     raw_file_system['tags'] = raw_file_system.pop('Tags')
     raw_file_system['arn'] = format_arn(self.partition, self.service, self.region, raw_file_system.get('OwnerId'), fs_id, self.resource_type)
     return fs_id, raw_file_system