def describe_rds_instances(rds, account, region, output_bucket):
"""continue from multithread call
Args:
rds (object): rds client object
account (dict): aws accounts
region (dict): regions
output_bucket (list): results bucket holder
Returns:
nothing. appends results to output_bucket
"""
rds_list = rds.describe_db_instances().get('DBInstances')
for rds_obj in rds_list:
#print rds_obj
output_bucket.append(
misc.format_line(
(misc.check_if(account.get('name')),
misc.check_if(region.get('RegionName')),
misc.check_if(rds_obj.get('DBSubnetGroup').get('VpcId')),
misc.check_if(rds_obj.get('DBInstanceIdentifier')),
misc.check_if(rds_obj.get('DBInstanceClass')),
misc.check_if(str(rds_obj.get('PubliclyAccessible'))),
misc.check_if(rds_obj.get('Endpoint').get('Address')),
misc.lookup(rds_obj.get('Endpoint').get('Address')),
misc.check_if(str(rds_obj.get('Endpoint').get('Port'))))))
def describe_rds_instances(rds, account, region, output_bucket):
"""continue from multithread call
Args:
rds (object): rds client object
account (dict): aws accounts
region (dict): regions
output_bucket (list): results bucket holder
Returns:
nothing. appends results to output_bucket
"""
rds_list = rds.describe_db_instances().get('DBInstances')
for rds_obj in rds_list:
#print rds_obj
output_bucket.append(misc.format_line((
misc.check_if(account.get('name')),
misc.check_if(region.get('RegionName')),
misc.check_if(rds_obj.get('DBSubnetGroup').get('VpcId')),
misc.check_if(rds_obj.get('DBInstanceIdentifier')),
misc.check_if(rds_obj.get('DBInstanceClass')),
misc.check_if(str(rds_obj.get('PubliclyAccessible'))),
misc.check_if(rds_obj.get('Endpoint').get('Address')),
misc.lookup(rds_obj.get('Endpoint').get('Address')),
misc.check_if(str(rds_obj.get('Endpoint').get('Port')))
)))
def describe_elb_instances(elb, account, region, output_bucket):
"""continue from multithread call
Args:
elb (object): elb client object
account (dict): aws accounts
region (dict): regions
output_bucket (list): results bucket holder
Returns:
nothing. appends results to output_bucket
"""
elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')
for elb_obj in elb_list:
#print elb_obj
"""dns lookup fqdn"""
elb_ip = misc.lookup(elb_obj.get('DNSName'))
"""get list of attached ec2 ids"""
ec2id = get_ec2s(elb_obj.get('Instances'))
for elb_listener in elb_obj.get('ListenerDescriptions'):
output_bucket.append(misc.format_line((
misc.check_if(account.get('name')),
misc.check_if(region.get('RegionName')),
misc.check_if(elb_obj.get('VPCId')),
misc.check_if(elb_obj.get('LoadBalancerName')),
misc.check_if(elb_obj.get('Scheme')),
misc.check_if(elb_ip),
misc.check_if(elb_obj.get('DNSName')),
misc.check_if(str(elb_listener.get('Listener').get('LoadBalancerPort'))),
misc.check_if(elb_listener.get('Listener').get('Protocol')),
misc.check_if(ec2id),
misc.check_if(str(elb_listener.get('Listener').get('InstancePort'))),
misc.check_if(elb_listener.get('Listener').get('InstanceProtocol'))
)))
def describe_elb_instances(elb, account, region, output_bucket):
"""continue from multithread call
Args:
elb (object): elb client object
account (dict): aws accounts
region (dict): regions
output_bucket (list): results bucket holder
Returns:
nothing. appends results to output_bucket
"""
elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')
for elb_obj in elb_list:
#print elb_obj
"""dns lookup fqdn"""
elb_ip = misc.lookup(elb_obj.get('DNSName'))
"""get list of attached ec2 ids"""
ec2id = get_ec2s(elb_obj.get('Instances'))
for elb_listener in elb_obj.get('ListenerDescriptions'):
output_bucket.append(
misc.format_line((
misc.check_if(account.get('name')),
misc.check_if(region.get('RegionName')),
misc.check_if(elb_obj.get('VPCId')),
misc.check_if(elb_obj.get('LoadBalancerName')),
misc.check_if(elb_obj.get('Scheme')),
misc.check_if(elb_ip),
misc.check_if(elb_obj.get('DNSName')),
misc.check_if(
str(
elb_listener.get('Listener').get(
'LoadBalancerPort'))),
misc.check_if(
elb_listener.get('Listener').get('Protocol')),
misc.check_if(ec2id),
misc.check_if(
str(elb_listener.get('Listener').get('InstancePort'))),
misc.check_if(
elb_listener.get('Listener').get('InstanceProtocol'))
)))
def sg_rule_sets_by_elb(elb, ec2, account, region, output_bucket):
"""generate list of security group rule sets by elb instance
Args:
elb (object): elb client object
account (dict): aws accounts
region (dict): regions
output_bucket (list): results bucket holder
Returns:
nothing. appends results to output_bucket
"""
"""generate list of elb instances"""
elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')
"""generate list of security groups to get rule set details"""
sg_list = ec2.describe_security_groups().get('SecurityGroups')
for sg_obj in sg_list:
"""find out how many elbs are using a security group"""
for elb_obj in elb_list:
for elbsg in elb_obj.get('SecurityGroups'):
"""check if security group is associated to elb instance"""
if sg_obj.get('GroupId') == elbsg:
elb_ip = misc.lookup(elb_obj.get('DNSName'))
"""move on to rule entries"""
for rule in sg_obj.get('IpPermissions'):
"""cidr as source"""
for cidr in rule.get('IpRanges'):
if cidr.get('CidrIp'):
output_bucket.append(
misc.format_line(
(misc.check_if(account.get('name')),
misc.check_if(
region.get('RegionName')),
misc.check_if(elb_obj.get('VPCId')),
misc.check_if(
elb_obj.get('LoadBalancerName')),
misc.check_if(elb_obj.get('Scheme')),
misc.check_if(elb_ip),
misc.check_if(elb_obj.get('DNSName')),
misc.check_if(sg_obj.get('GroupId')),
misc.check_if(
sg_obj.get('GroupName')),
misc.check_if(str(
cidr.get('CidrIp'))),
misc.check_if(
str(
check_port(
rule.get('FromPort')))),
misc.check_if(
str(check_port(
rule.get('ToPort')))),
misc.check_if(
str(
check_proto(
rule.get('IpProtocol'))))
)))
"""security groups as source"""
for group in rule.get('UserIdGroupPairs'):
if group.get('GroupId'):
output_bucket.append(
misc.format_line(
(misc.check_if(account.get('name')),
misc.check_if(
region.get('RegionName')),
misc.check_if(elb_obj.get('VPCId')),
misc.check_if(
elb_obj.get('LoadBalancerName')),
misc.check_if(elb_obj.get('Scheme')),
misc.check_if(elb_ip),
misc.check_if(elb_obj.get('DNSName')),
misc.check_if(sg_obj.get('GroupId')),
misc.check_if(
sg_obj.get('GroupName')),
misc.check_if(group.get('GroupId')),
misc.check_if(
str(
check_port(
rule.get('FromPort')))),
misc.check_if(
str(check_port(
rule.get('ToPort')))),
misc.check_if(
str(
check_proto(
rule.get('IpProtocol'))))
)))
def sg_rule_sets_by_elb(elb, ec2, account, region, output_bucket):
"""generate list of security group rule sets by elb instance
Args:
elb (object): elb client object
account (dict): aws accounts
region (dict): regions
output_bucket (list): results bucket holder
Returns:
nothing. appends results to output_bucket
"""
"""generate list of elb instances"""
elb_list = elb.describe_load_balancers().get('LoadBalancerDescriptions')
"""generate list of security groups to get rule set details"""
sg_list = ec2.describe_security_groups().get('SecurityGroups')
for sg_obj in sg_list:
"""find out how many elbs are using a security group"""
for elb_obj in elb_list:
for elbsg in elb_obj.get('SecurityGroups'):
"""check if security group is associated to elb instance"""
if sg_obj.get('GroupId') == elbsg:
elb_ip = misc.lookup(elb_obj.get('DNSName'))
"""move on to rule entries"""
for rule in sg_obj.get('IpPermissions'):
"""cidr as source"""
for cidr in rule.get('IpRanges'):
if cidr.get('CidrIp'):
output_bucket.append(misc.format_line((
misc.check_if(account.get('name')),
misc.check_if(region.get('RegionName')),
misc.check_if(elb_obj.get('VPCId')),
misc.check_if(elb_obj.get('LoadBalancerName')),
misc.check_if(elb_obj.get('Scheme')),
misc.check_if(elb_ip),
misc.check_if(elb_obj.get('DNSName')),
misc.check_if(sg_obj.get('GroupId')),
misc.check_if(sg_obj.get('GroupName')),
misc.check_if(str(cidr.get('CidrIp'))),
misc.check_if(str(check_port(rule.get('FromPort')))),
misc.check_if(str(check_port(rule.get('ToPort')))),
misc.check_if(str(check_proto(rule.get('IpProtocol'))))
)))
"""security groups as source"""
for group in rule.get('UserIdGroupPairs'):
if group.get('GroupId'):
output_bucket.append(misc.format_line((
misc.check_if(account.get('name')),
misc.check_if(region.get('RegionName')),
misc.check_if(elb_obj.get('VPCId')),
misc.check_if(elb_obj.get('LoadBalancerName')),
misc.check_if(elb_obj.get('Scheme')),
misc.check_if(elb_ip),
misc.check_if(elb_obj.get('DNSName')),
misc.check_if(sg_obj.get('GroupId')),
misc.check_if(sg_obj.get('GroupName')),
misc.check_if(group.get('GroupId')),
misc.check_if(str(check_port(rule.get('FromPort')))),
misc.check_if(str(check_port(rule.get('ToPort')))),
misc.check_if(str(check_proto(rule.get('IpProtocol'))))
)))
