if regions:
"""generate output header"""
output_bucket.append(iam_helper.inventory_managed_policies_header(encode))
"""go through each account"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
"""make an iam type client connection"""
iam = get_session.connect(
role, 'iam')
"""
call iam.list_policies() in multithreading mode
"""
thread_call = threading.Thread(
target=iam_helper.inventory_managed_policies,
args=(iam, account, output_bucket, encode))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""output or export results"""
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an ec2 type client connection"""
ec2 = get_session.connect(
role,
'ec2',
region_name=region.get('RegionName'))
"""
call ec2.describe_instances() in multithreading mode
for better performance. otherwise performance sucks.
"""
thread_call = threading.Thread(
target=ec2_helper.describe_images,
args=(ec2, account, region, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
output_bucket.append(vpc_helper.describe_route_tables_header())
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get("Regions"):
"""make an ec2 type client connection"""
ec2 = get_session.connect(role, "ec2", region_name=region.get("RegionName"))
"""
call ec2.describe_instances() in multithreading mode
for better performance. otherwise performance sucks.
"""
thread_call = threading.Thread(
target=vpc_helper.describe_route_tables, args=(ec2, account, region, output_bucket)
)
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an elb type client connection"""
elb = get_session.connect(
role,
'elb',
region_name=region.get('RegionName'))
"""make an ec2 type client connection"""
ec2 = get_session.connect(
role,
'ec2',
region_name=region.get('RegionName'))
"""
call elb.describe_load_balancers() in multithreading mode
for better performance. otherwise performance sucks.
"""
thread_call = threading.Thread(
target=elb_helper.sg_rule_sets_by_elb,
args=(elb, ec2, account, region, output_bucket))
regions = get_session.regions()
if regions:
"""generate output header"""
output_bucket.append(s3_helper.list_potential_exposed_files_header())
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
"""make an s3 type client connection"""
s3 = get_session.connect(role, 's3')
"""
call s3.list_exposed_files() in multithreading mode
"""
thread_call = threading.Thread(
target=s3_helper.list_potential_exposed_files,
args=(s3, account, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""output or export results"""
#if output_bucket:
# misc.output_lines(output_bucket)
if regions:
"""generate output header"""
output_bucket.append(
iam_helper.inventory_group_policies_header(encode))
"""go through each account"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
"""make an iam type client connection"""
iam = get_session.connect(role, 'iam')
"""
call iam.list_group_policies() in multithreading mode
"""
thread_call = threading.Thread(
target=iam_helper.inventory_group_policies,
args=(iam, account, output_bucket, encode))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""output or export results"""
if output_bucket:
misc.output_lines(output_bucket)
if regions:
"""generate output header"""
output_bucket.append(cloudtrail_helper.list_cloudtrails_header())
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an cloudtrail type client connection"""
cltr = get_session.connect(
role,
'cloudtrail',
region_name=region.get('RegionName'))
"""
call list_cloudtrails() in multithreading mode
for better performance.
"""
thread_call = threading.Thread(
target=cloudtrail_helper.list_cloudtrails,
args=(cltr, account, region, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""output or export results"""
if output_bucket:
if regions:
"""generate output header"""
output_bucket.append(s3_helper.list_bucket_acls_header())
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
"""make an s3 type client connection"""
s3 = get_session.connect(
role, 's3')
"""
call s3.list_buckets() in multithreading mode
"""
thread_call = threading.Thread(
target=s3_helper.list_bucket_acls,
args=(s3, account, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""output or export results"""
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an rds type client connection"""
rds = get_session.connect(
role,
'rds',
region_name=region.get('RegionName'))
"""
call rds.describe_db_instances() in multithreading mode
for better performance. otherwise performance sucks.
"""
thread_call = threading.Thread(
target=rds_helper.describe_rds_instances,
args=(rds, account, region, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
if regions:
"""generate output header"""
output_bucket.append(codedeploy_helper.list_apps_header())
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an codedeploy type client connection"""
codedeploy = get_session.connect(
role,
'codedeploy',
region_name=region.get('RegionName'))
"""
call codedeploy in multithreading mode
for better performance.
"""
thread_call = threading.Thread(
target=codedeploy_helper.list_apps,
args=(codedeploy, account, region, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""output or export results"""
if output_bucket:
output_bucket.append(codedeploy_helper.list_apps_header())
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get("Regions"):
"""make an codedeploy type client connection"""
codedeploy = get_session.connect(role, "codedeploy", region_name=region.get("RegionName"))
"""
call codedeploy in multithreading mode
for better performance.
"""
thread_call = threading.Thread(
target=codedeploy_helper.list_apps, args=(codedeploy, account, region, output_bucket)
)
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an cwl type client connection"""
cwl = get_session.connect(
role,
'logs',
region_name=region.get('RegionName'))
"""
call cwl.filter_log_events() in multithreading mode
for better performance.
Note: using wildcard filters in cloudwatch, you get
inconsistent results.(at least with this code)
"""
for search_filter in search_filters:
thread_call = threading.Thread(
target=cwl_helper.filter_log_events,
args=(cwl, account, region, output_bucket,
search_filter, log_group, startTime, encode)
)
multi_thread.append(thread_call)
if regions:
"""generate output header"""
output_bucket.append(rds_helper.describe_rds_instances_header())
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an rds type client connection"""
rds = get_session.connect(
role, 'rds', region_name=region.get('RegionName'))
"""
call rds.describe_db_instances() in multithreading mode
for better performance. otherwise performance sucks.
"""
thread_call = threading.Thread(
target=rds_helper.describe_rds_instances,
args=(rds, account, region, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
"""output or export results"""
if output_bucket:
misc.output_lines(output_bucket)
"""go through each account and traverse each region"""
"""------------------------------------------------"""
multi_thread = []
"""get tuple: account -> dict:, temp role creds -> dict:"""
for account in accounts_db.accounts:
"""get temp creds from trusting roles"""
role = assume_role.new_role(account)
if role:
for region in regions.get('Regions'):
"""make an cloudtrail type client connection"""
cltr = get_session.connect(
role,
'cloudtrail',
region_name=region.get('RegionName'))
"""
call list_cloudtrails() in multithreading mode
for better performance.
"""
thread_call = threading.Thread(
target=cloudtrail_helper.list_cloudtrails,
args=(cltr, account, region, output_bucket))
multi_thread.append(thread_call)
thread_call.start()
"""wait for all threads to finish"""
for t in multi_thread:
t.join()
