def __init__(self, profile='default', report_dir=None, timestamp=None, services=None, skipped_services=None, result_format='json', **kwargs): services = [] if services is None else services skipped_services = [] if skipped_services is None else skipped_services self.metadata_path = '%s/metadata.json' % os.path.split( os.path.abspath(__file__))[0] self.sg_map = {} self.subnet_map = {} self.profile = profile self.services_config = AWSServicesConfig self.provider_code = 'aws' self.provider_name = 'Amazon Web Services' self.environment = self.profile self.result_format = result_format self.credentials = kwargs['credentials'] self.partition = get_partition_name(self.credentials.session) self.account_id = get_aws_account_id(self.credentials.session) super(AWSProvider, self).__init__(report_dir, timestamp, services, skipped_services, result_format)
async def _fetch(self, service, regions=None, excluded_regions=None): try: print_info('Fetching resources for the {} service'.format( format_service_name(service))) service_config = getattr(self, service) # call fetch method for the service if 'fetch_all' in dir(service_config): method_args = {} if regions: method_args['regions'] = regions if excluded_regions: method_args['excluded_regions'] = excluded_regions if self._is_provider('aws'): if service != 'iam': method_args['partition_name'] = get_partition_name( self.credentials.session) await service_config.fetch_all(**method_args) if hasattr(service_config, 'finalize'): await service_config.finalize() else: print_debug('No method to fetch service %s.' % service) except Exception as e: print_exception(f'Could not fetch {service} configuration: {e}')
async def _fetch(self, service, regions): try: print_info('Fetching resources for the {} service'.format( format_service_name(service))) service_config = getattr(self, service) # call fetch method for the service if 'fetch_all' in dir(service_config): method_args = { 'credentials': self.credentials, 'regions': regions } if self._is_provider('aws'): if service != 'iam': method_args['partition_name'] = get_partition_name( self.credentials) await service_config.fetch_all(**method_args) if hasattr(service_config, 'finalize'): await service_config.finalize() else: print_debug('No method to fetch service %s.' % service) except Exception as e: print_error('Error: could not fetch %s configuration.' % service) print_exception(e)
async def fetch_all(self): self.partition = get_partition_name(self.facade.session) self.service = 's3' raw_buckets = await self.facade.s3.get_buckets() for raw_bucket in raw_buckets: name, resource = self._parse_bucket(raw_bucket) self[name] = resource
def test_get_partition_name(self): with mock.patch( "ScoutSuite.providers.aws.utils.get_caller_identity", return_value={"Arn": "a:b:c:d:e:f:"}, ): assert get_partition_name("") == "b"
def __init__(self, credentials=None): super().__init__() self.owner_id = get_aws_account_id(credentials.session) self.partition = get_partition_name(credentials.session) self.session = credentials.session self._instantiate_facades()