def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") resources_found = [] filters = [{"Name": "vpc-id", "Values": [self.vpc_options.vpc_id]}] response = client.describe_subnets(Filters=filters) if self.vpc_options.verbose: message_handler("Collecting data from Subnets...", "HEADER") for data in response["Subnets"]: nametag = get_name_tag(data) name = data["SubnetId"] if nametag is None else nametag subnet_digest = ResourceDigest(id=data["SubnetId"], type="aws_subnet") resources_found.append( Resource( digest=subnet_digest, name=name, details="Subnet using CidrBlock {} and AZ {}".format( data["CidrBlock"], data["AvailabilityZone"]), group="network", tags=resource_tags(data), )) self.relations_found.append( ResourceEdge(from_node=subnet_digest, to_node=self.vpc_options.vpc_digest())) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") client_vpn_endpoints = client.describe_client_vpn_endpoints() resources: List[Resource] = [] for client_vpn_endpoint in client_vpn_endpoints["ClientVpnEndpoints"]: if client_vpn_endpoint["VpcId"] == self.vpc_options.vpc_id: digest = ResourceDigest( id=client_vpn_endpoint["ClientVpnEndpointId"], type="aws_vpn_client_endpoint", ) nametag = get_name_tag(client_vpn_endpoint) name = (client_vpn_endpoint["ClientVpnEndpointId"] if nametag is None else nametag) resources.append( Resource( digest=digest, name=name, group="network", tags=resource_tags(client_vpn_endpoint), )) self.relations_found.append( ResourceEdge(from_node=digest, to_node=self.vpc_options.vpc_digest())) return resources
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") resources_found = [] filters = [{"Name": "vpc-id", "Values": [self.vpc_options.vpc_id]}] response = client.describe_route_tables(Filters=filters) if self.vpc_options.verbose: message_handler("Collecting data from Route Tables...", "HEADER") # Iterate to get all route table filtered for route_table in response["RouteTables"]: nametag = get_name_tag(route_table) name = route_table["RouteTableId"] if nametag is None else nametag table_digest = ResourceDigest(id=route_table["RouteTableId"], type="aws_route_table") is_main = False for association in route_table["Associations"]: if association["Main"] is True: is_main = True if is_main: self.relations_found.append( ResourceEdge( from_node=table_digest, to_node=self.vpc_options.vpc_digest(), )) else: for association in route_table["Associations"]: if "SubnetId" in association: self.relations_found.append( ResourceEdge( from_node=table_digest, to_node=ResourceDigest( id=association["SubnetId"], type="aws_subnet"), )) is_public = False for route in route_table["Routes"]: if ("DestinationCidrBlock" in route and route["DestinationCidrBlock"] == "0.0.0.0/0" and "GatewayId" in route and route["GatewayId"].startswith("igw-")): is_public = True resources_found.append( Resource( digest=table_digest, name=name, details="default: {}, public: {}".format( is_main, is_public), group="network", tags=resource_tags(route_table), )) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") resources_found = [] response = client.describe_instances() if self.vpc_options.verbose: message_handler("Collecting data from EC2 Instances...", "HEADER") for data in response["Reservations"]: for instances in data["Instances"]: if "VpcId" in instances: if instances["VpcId"] == self.vpc_options.vpc_id: nametag = get_name_tag(instances) asg_name = get_tag(instances, "aws:autoscaling:groupName") instance_name = ( instances["InstanceId"] if nametag is None else nametag ) ec2_digest = ResourceDigest( id=instances["InstanceId"], type="aws_instance" ) resources_found.append( Resource( digest=ec2_digest, name=instance_name, details="", group="compute", tags=resource_tags(instances), ) ) self.relations_found.append( ResourceEdge( from_node=ec2_digest, to_node=ResourceDigest( id=instances["SubnetId"], type="aws_subnet" ), ) ) if asg_name is not None: self.relations_found.append( ResourceEdge( from_node=ec2_digest, to_node=ResourceDigest( id=asg_name, type="aws_autoscaling_group" ), ) ) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("efs") resources_found = [] # get filesystems available response = client.describe_file_systems() if self.vpc_options.verbose: message_handler("Collecting data from EFS Mount Targets...", "HEADER") for data in response["FileSystems"]: filesystem = client.describe_mount_targets( FileSystemId=data["FileSystemId"]) nametag = get_name_tag(data) filesystem_name = data[ "FileSystemId"] if nametag is None else nametag # iterate filesystems to get mount targets for datafilesystem in filesystem["MountTargets"]: # Using subnet to check VPC subnets = describe_subnet( vpc_options=self.vpc_options, subnet_ids=datafilesystem["SubnetId"]) if subnets is not None: if subnets["Subnets"][0][ "VpcId"] == self.vpc_options.vpc_id: digest = ResourceDigest(id=data["FileSystemId"], type="aws_efs_file_system") resources_found.append( Resource( digest=digest, name=filesystem_name, details="", group="storage", tags=resource_tags(data), )) self.relations_found.append( ResourceEdge( from_node=digest, to_node=ResourceDigest( id=datafilesystem["SubnetId"], type="aws_subnet"), )) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") resources_found = [] response = client.describe_vpc_peering_connections() if self.vpc_options.verbose: message_handler("Collecting data from VPC Peering...", "HEADER") for data in response["VpcPeeringConnections"]: if (data["AccepterVpcInfo"]["VpcId"] == self.vpc_options.vpc_id or data["RequesterVpcInfo"]["VpcId"] == self.vpc_options.vpc_id): nametag = get_name_tag(data) name = data[ "VpcPeeringConnectionId"] if nametag is None else nametag peering_digest = ResourceDigest( id=data["VpcPeeringConnectionId"], type="aws_vpc_peering_connection", ) resources_found.append( Resource( digest=peering_digest, name=name, details= "Vpc Peering Accepter OwnerId {}, Accepter Region {}, Accepter VpcId {} \ Requester OwnerId {}, Requester Region {}, \ Requester VpcId {}". format( data["AccepterVpcInfo"]["OwnerId"], data["AccepterVpcInfo"]["Region"], data["AccepterVpcInfo"]["VpcId"], data["RequesterVpcInfo"]["OwnerId"], data["RequesterVpcInfo"]["Region"], data["RequesterVpcInfo"]["VpcId"], ), group="network", tags=resource_tags(data), )) self.relations_found.append( ResourceEdge( from_node=peering_digest, to_node=self.vpc_options.vpc_digest(), )) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("workspaces") resources_found = [] response = client.describe_workspaces() if self.vpc_options.verbose: message_handler("Collecting data from Workspaces...", "HEADER") for data in response["Workspaces"]: # Get tag name tags = client.describe_tags(ResourceId=data["WorkspaceId"]) nametag = get_name_tag(tags) workspace_name = data["WorkspaceId"] if nametag is None else nametag directory_service = self.vpc_options.client("ds") directories = directory_service.describe_directories( DirectoryIds=[data["DirectoryId"]]) for directorie in directories["DirectoryDescriptions"]: if "VpcSettings" in directorie: if directorie["VpcSettings"][ "VpcId"] == self.vpc_options.vpc_id: workspace_digest = ResourceDigest( id=data["WorkspaceId"], type="aws_workspaces") resources_found.append( Resource( digest=workspace_digest, name=workspace_name, details="", group="enduser", tags=resource_tags(tags), )) self.relations_found.append( ResourceEdge( from_node=workspace_digest, to_node=ResourceDigest( id=directorie["DirectoryId"], type="aws_ds"), )) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") resources_found = [] filters = [{"Name": "vpc-id", "Values": [self.vpc_options.vpc_id]}] response = client.describe_nat_gateways(Filters=filters) if self.vpc_options.verbose: message_handler("Collecting data from NAT Gateways...", "HEADER") for data in response["NatGateways"]: if data["VpcId"] == self.vpc_options.vpc_id and data[ "State"] != "deleted": nametag = get_name_tag(data) name = data["NatGatewayId"] if nametag is None else nametag nat_digest = ResourceDigest(id=data["NatGatewayId"], type="aws_nat_gateway") resources_found.append( Resource( digest=nat_digest, name=name, details= "NAT Gateway Private IP {}, Public IP {}, Subnet id {}" .format( data["NatGatewayAddresses"][0]["PrivateIp"], data["NatGatewayAddresses"][0]["PublicIp"], data["SubnetId"], ), group="network", tags=resource_tags(data), )) self.relations_found.append( ResourceEdge( from_node=nat_digest, to_node=ResourceDigest(id=data["SubnetId"], type="aws_subnet"), )) return resources_found
def add_customer_gateway(self, client, connection_digest, resources, vpn_connection): customer_gateway_id = vpn_connection["CustomerGatewayId"] vcw_gateway_response = client.describe_customer_gateways( CustomerGatewayIds=[customer_gateway_id]) vcw_gateway_digest = ResourceDigest(id=customer_gateway_id, type="aws_customer_gateway") vcw_nametag = get_name_tag(vcw_gateway_response["CustomerGateways"][0]) vcw_name = customer_gateway_id if vcw_nametag is None else vcw_nametag resources.append( Resource( digest=vcw_gateway_digest, name=vcw_name, group="network", tags=resource_tags( vcw_gateway_response["CustomerGateways"][0]), )) self.relations_found.append( ResourceEdge(from_node=connection_digest, to_node=vcw_gateway_digest))
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") resources_found = [] filters = [{"Name": "vpc-id", "Values": [self.vpc_options.vpc_id]}] response = client.describe_network_acls(Filters=filters) if self.vpc_options.verbose: message_handler("Collecting data from NACLs...", "HEADER") for data in response["NetworkAcls"]: nacl_digest = ResourceDigest(id=data["NetworkAclId"], type="aws_network_acl") subnet_ids = [] for subnet in data["Associations"]: subnet_ids.append(subnet["SubnetId"]) self.relations_found.append( ResourceEdge( from_node=nacl_digest, to_node=ResourceDigest(id=subnet["SubnetId"], type="aws_subnet"), )) nametag = get_name_tag(data) name = data["NetworkAclId"] if nametag is None else nametag resources_found.append( Resource( digest=nacl_digest, name=name, details="NACL using Subnets {}".format( ", ".join(subnet_ids)), group="network", tags=resource_tags(data), )) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") resources_found = [] filters = [{ "Name": "attachment.vpc-id", "Values": [self.vpc_options.vpc_id] }] response = client.describe_internet_gateways(Filters=filters) if self.vpc_options.verbose: message_handler("Collecting data from Internet Gateways...", "HEADER") # One VPC has only 1 IGW then it's a direct check if len(response["InternetGateways"]) > 0: nametag = get_name_tag(response["InternetGateways"][0]) name = (response["InternetGateways"][0]["InternetGatewayId"] if nametag is None else nametag) igw_digest = ResourceDigest( id=response["InternetGateways"][0]["InternetGatewayId"], type="aws_internet_gateway", ) resources_found.append( Resource( digest=igw_digest, name=name, details="", group="network", tags=resource_tags(response["InternetGateways"][0]), )) self.relations_found.append( ResourceEdge(from_node=igw_digest, to_node=self.vpc_options.vpc_digest())) return resources_found
def get_resources(self) -> List[Resource]: client = self.vpc_options.client("ec2") vpn_response = client.describe_vpn_connections() resources: List[Resource] = [] for vpn_connection in vpn_response["VpnConnections"]: if ("VpnGatewayId" in vpn_connection and vpn_connection["VpnGatewayId"] != ""): vpn_gateway_id = vpn_connection["VpnGatewayId"] vpn_gateway_response = client.describe_vpn_gateways( Filters=[{ "Name": "attachment.vpc-id", "Values": [ self.vpc_options.vpc_id, ], }], VpnGatewayIds=[vpn_gateway_id], ) if vpn_gateway_response["VpnGateways"]: connection_digest = ResourceDigest( id=vpn_connection["VpnConnectionId"], type="aws_vpn_connection") vpn_nametag = get_name_tag(vpn_connection) vpn_name = (vpn_connection["VpnConnectionId"] if vpn_nametag is None else vpn_nametag) resources.append( Resource( digest=connection_digest, name=vpn_name, group="network", tags=resource_tags(vpn_connection), )) self.relations_found.append( ResourceEdge( from_node=connection_digest, to_node=self.vpc_options.vpc_digest(), )) vpn_gateway_digest = ResourceDigest(id=vpn_gateway_id, type="aws_vpn_gateway") vgw_nametag = get_name_tag( vpn_gateway_response["VpnGateways"][0]) vgw_name = vpn_gateway_id if vgw_nametag is None else vgw_nametag resources.append( Resource( digest=vpn_gateway_digest, name=vgw_name, group="network", tags=resource_tags( vpn_gateway_response["VpnGateways"][0]), )) self.relations_found.append( ResourceEdge(from_node=connection_digest, to_node=vpn_gateway_digest)) if ("CustomerGatewayId" in vpn_connection and vpn_connection["CustomerGatewayId"] != ""): self.add_customer_gateway(client, connection_digest, resources, vpn_connection) return resources