Skip to content

Commit

Permalink
one failed service shouldn't break eveything
Browse files Browse the repository at this point in the history
  • Loading branch information
costasko committed May 14, 2024
1 parent 8f94946 commit 6e089f6
Show file tree
Hide file tree
Showing 8 changed files with 19 additions and 9 deletions.
4 changes: 2 additions & 2 deletions awsxenos/scan.py
Original file line number Diff line number Diff line change
Expand Up @@ -119,8 +119,8 @@ def load_and_run(config_file, accounts) -> Findings:
results.update(future.result())
except Exception as e:
# TODO: Better handling, add logger
print(e)
results[name] = str(e) # Store the exception if the function call fails
print(f"Failed at {name} with: {e}")
# results[name] = str(e) # Store the exception if the function call fails
return results


Expand Down
2 changes: 2 additions & 0 deletions awsxenos/services/efs.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ def get_efs_policies(self) -> Resources:
efs = boto3.client("efs")
paginator = efs.get_paginator("describe_file_systems")
for page in paginator.paginate():
if "FileSystems" not in page:
continue
for fs in page["FileSystems"]:
filesystems[fs["FileSystemArn"]] = json.loads(
efs.describe_file_system_policy(FileSystemId=fs["FileSystemId"])["Policy"]
Expand Down
2 changes: 2 additions & 0 deletions awsxenos/services/kms.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ def get_kms_keys(self) -> Resources:
paginator = kms.get_paginator("list_keys")
kms_paginator = paginator.paginate()
for kms_resp in kms_paginator:
if "Keys" not in kms_resp:
continue
for key in kms_resp["Keys"]:
keys[key["KeyArn"]] = json.loads(kms.get_key_policy(KeyId=key["KeyId"], PolicyName="default")["Policy"])
return keys
2 changes: 2 additions & 0 deletions awsxenos/services/lambda.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ def get_lambda_policies(self) -> Resources:
lam = boto3.client("lambda")
paginator = lam.get_paginator("list_functions")
for lam_resp in paginator.paginate():
if "Functions" not in lam_resp:
continue
for func in lam_resp["Functions"]:
try:
lambdas[func["FunctionArn"]] = json.loads(
Expand Down
2 changes: 2 additions & 0 deletions awsxenos/services/s3.py
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,8 @@ def get_vault_policies(self) -> Resources:
paginator = glacier.get_paginator("list_vaults")
glacier_iterator = paginator.paginate()
for glacier_resp in glacier_iterator:
if "VaultList" not in glacier_resp:
continue
for vault in glacier_resp["VaultList"]:
vaults[vault["VaultARN"]] = json.loads(
glacier.get_vault_access_policy(vaultName=vault["VaultName"])["policy"]["Policy"]
Expand Down
2 changes: 2 additions & 0 deletions awsxenos/services/secretsmanager.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ def get_secret_policies(self) -> Resources:
paginator = sm.get_paginator("list_secrets")
sm_iterator = paginator.paginate()
for sm_resp in sm_iterator:
if "SecretList" not in sm_resp:
continue
for secret in sm_resp["SecretList"]:
secrets[secret["ARN"]] = json.loads(sm.get_resource_policy(SecretId=secret["ARN"])["ResourcePolicy"])

Expand Down
12 changes: 6 additions & 6 deletions awsxenos/services/sqs.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,18 +16,18 @@ def fetch( # type: ignore
exclude_service: Optional[bool] = True,
exclude_aws: Optional[bool] = True,
) -> Findings:
return super().collate(accounts, self.get_sqs_policies(exclude_service, exclude_aws))
return super().collate(accounts, self.get_sqs_policies())

def get_sqs_policies(self, exclude_service: Optional[bool] = True, exclude_aws: Optional[bool] = True) -> Resources:
def get_sqs_policies(self) -> Resources:
queues = Resources()
sqs = boto3.client("sqs")
paginator = sqs.get_paginator("list_queues")
for sqs_resp in paginator.paginate():
if "QueueUrls" not in sqs_resp:
continue
for queue in sqs_resp["QueueUrls"]:
queues[queue["QueueUrl"]] = json.loads(
sqs.get_queue_attributes(QueueUrl=queue["QueueUrl"], AttributeNames=["Policy"])["Attributes"][
"Policy"
]
queues[queue] = json.loads(
sqs.get_queue_attributes(QueueUrl=queue, AttributeNames=["Policy"])["Attributes"]["Policy"]
)

return queues
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
requirements = fh.read()
setup(
name="AWSXenos",
version="0.2.0",
version="0.3.0",
author="Costas Kourmpoglou",
author_email="[email protected]",
license="MIT",
Expand Down

0 comments on commit 6e089f6

Please sign in to comment.