mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-04 19:21:51 +00:00
chore(prowler): change all methods from services from format double underscore to single underscore (#4910)
This commit is contained in:
committed by
GitHub
parent
007c1febf7
commit
9797c11152
@@ -592,7 +592,7 @@ is following the actual format, add one function where the client is passed to b
|
||||
`mock_api_<endpoint>_calls` (*endpoint* refers to the first attribute pointed after *client*).
|
||||
|
||||
In the example of BigQuery the function is called `mock_api_dataset_calls`. And inside of this function we found an assignation to
|
||||
be used in the `__get_datasets__` method in BigQuery class:
|
||||
be used in the `_get_datasets` method in BigQuery class:
|
||||
|
||||
```python
|
||||
# Mocking datasets
|
||||
@@ -765,7 +765,7 @@ from tests.providers.azure.azure_fixtures import (
|
||||
set_mocked_azure_provider,
|
||||
)
|
||||
|
||||
# Function to mock the service function __get_components__, this function task is to return a possible value that real function could returns
|
||||
# Function to mock the service function _get_components, this function task is to return a possible value that real function could returns
|
||||
def mock_appinsights_get_components(_):
|
||||
return {
|
||||
AZURE_SUBSCRIPTION_ID: {
|
||||
@@ -779,12 +779,12 @@ def mock_appinsights_get_components(_):
|
||||
|
||||
# Patch decorator to use the mocked function instead the function with the real API call
|
||||
@patch(
|
||||
"prowler.providers.azure.services.appinsights.appinsights_service.AppInsights.__get_components__",
|
||||
"prowler.providers.azure.services.appinsights.appinsights_service.AppInsights._get_components",
|
||||
new=mock_appinsights_get_components,
|
||||
)
|
||||
class Test_AppInsights_Service:
|
||||
# Mandatory test for every service, this method test the instance of the client is correct
|
||||
def test__get_client__(self):
|
||||
def test_get_client(self):
|
||||
app_insights = AppInsights(set_mocked_azure_provider())
|
||||
assert (
|
||||
app_insights.clients[AZURE_SUBSCRIPTION_ID].__class__.__name__
|
||||
@@ -794,8 +794,8 @@ class Test_AppInsights_Service:
|
||||
def test__get_subscriptions__(self):
|
||||
app_insights = AppInsights(set_mocked_azure_provider())
|
||||
assert app_insights.subscriptions.__class__.__name__ == "dict"
|
||||
# Test for the function __get_components__, inside this client is used the mocked function
|
||||
def test__get_components__(self):
|
||||
# Test for the function _get_components, inside this client is used the mocked function
|
||||
def test_get_components(self):
|
||||
appinsights = AppInsights(set_mocked_azure_provider())
|
||||
assert len(appinsights.components) == 1
|
||||
assert (
|
||||
|
||||
@@ -14,11 +14,11 @@ class AccessAnalyzer(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.analyzers = []
|
||||
self.__threading_call__(self.__list_analyzers__)
|
||||
self.__list_findings__()
|
||||
self.__get_finding_status__()
|
||||
self.__threading_call__(self._list_analyzers)
|
||||
self._list_findings()
|
||||
self._get_finding_status()
|
||||
|
||||
def __list_analyzers__(self, regional_client):
|
||||
def _list_analyzers(self, regional_client):
|
||||
logger.info("AccessAnalyzer - Listing Analyzers...")
|
||||
try:
|
||||
list_analyzers_paginator = regional_client.get_paginator("list_analyzers")
|
||||
@@ -57,7 +57,7 @@ class AccessAnalyzer(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_finding_status__(self):
|
||||
def _get_finding_status(self):
|
||||
logger.info("AccessAnalyzer - Get Finding status...")
|
||||
try:
|
||||
for analyzer in self.analyzers:
|
||||
@@ -87,7 +87,7 @@ class AccessAnalyzer(AWSService):
|
||||
|
||||
# TODO: We need to include ListFindingsV2
|
||||
# https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/accessanalyzer/client/list_findings_v2.html
|
||||
def __list_findings__(self):
|
||||
def _list_findings(self):
|
||||
logger.info("AccessAnalyzer - Listing Findings per Analyzer...")
|
||||
try:
|
||||
for analyzer in self.analyzers:
|
||||
|
||||
@@ -13,10 +13,10 @@ class Account(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.number_of_contacts = 4
|
||||
self.contact_base = self.__get_contact_information__()
|
||||
self.contacts_billing = self.__get_alternate_contact__("BILLING")
|
||||
self.contacts_security = self.__get_alternate_contact__("SECURITY")
|
||||
self.contacts_operations = self.__get_alternate_contact__("OPERATIONS")
|
||||
self.contact_base = self._get_contact_information()
|
||||
self.contacts_billing = self._get_alternate_contact("BILLING")
|
||||
self.contacts_security = self._get_alternate_contact("SECURITY")
|
||||
self.contacts_operations = self._get_alternate_contact("OPERATIONS")
|
||||
|
||||
if self.contact_base:
|
||||
# Set of contact phone numbers
|
||||
@@ -42,7 +42,7 @@ class Account(AWSService):
|
||||
self.contacts_operations.email,
|
||||
}
|
||||
|
||||
def __get_contact_information__(self):
|
||||
def _get_contact_information(self):
|
||||
try:
|
||||
primary_account_contact = self.client.get_contact_information()[
|
||||
"ContactInformation"
|
||||
@@ -65,7 +65,7 @@ class Account(AWSService):
|
||||
)
|
||||
return Contact(type="PRIMARY")
|
||||
|
||||
def __get_alternate_contact__(self, contact_type: str):
|
||||
def _get_alternate_contact(self, contact_type: str):
|
||||
try:
|
||||
account_contact = self.client.get_alternate_contact(
|
||||
AlternateContactType=contact_type
|
||||
|
||||
@@ -14,13 +14,13 @@ class APIGateway(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.rest_apis = []
|
||||
self.__threading_call__(self.__get_rest_apis__)
|
||||
self.__get_authorizers__()
|
||||
self.__get_rest_api__()
|
||||
self.__get_stages__()
|
||||
self.__get_resources__()
|
||||
self.__threading_call__(self._get_rest_apis)
|
||||
self._get_authorizers()
|
||||
self._get_rest_api()
|
||||
self._get_stages()
|
||||
self._get_resources()
|
||||
|
||||
def __get_rest_apis__(self, regional_client):
|
||||
def _get_rest_apis(self, regional_client):
|
||||
logger.info("APIGateway - Getting Rest APIs...")
|
||||
try:
|
||||
get_rest_apis_paginator = regional_client.get_paginator("get_rest_apis")
|
||||
@@ -44,7 +44,7 @@ class APIGateway(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_authorizers__(self):
|
||||
def _get_authorizers(self):
|
||||
logger.info("APIGateway - Getting Rest APIs authorizer...")
|
||||
try:
|
||||
for rest_api in self.rest_apis:
|
||||
@@ -75,7 +75,7 @@ class APIGateway(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_rest_api__(self):
|
||||
def _get_rest_api(self):
|
||||
logger.info("APIGateway - Describing Rest API...")
|
||||
try:
|
||||
for rest_api in self.rest_apis:
|
||||
@@ -103,7 +103,7 @@ class APIGateway(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_stages__(self):
|
||||
def _get_stages(self):
|
||||
logger.info("APIGateway - Getting stages for Rest APIs...")
|
||||
try:
|
||||
for rest_api in self.rest_apis:
|
||||
@@ -151,7 +151,7 @@ class APIGateway(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_resources__(self):
|
||||
def _get_resources(self):
|
||||
logger.info("APIGateway - Getting API resources...")
|
||||
try:
|
||||
for rest_api in self.rest_apis:
|
||||
|
||||
@@ -13,11 +13,11 @@ class ApiGatewayV2(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.apis = []
|
||||
self.__threading_call__(self.__get_apis__)
|
||||
self.__get_authorizers__()
|
||||
self.__get_stages__()
|
||||
self.__threading_call__(self._get_apis)
|
||||
self._get_authorizers()
|
||||
self._get_stages()
|
||||
|
||||
def __get_apis__(self, regional_client):
|
||||
def _get_apis(self, regional_client):
|
||||
logger.info("APIGatewayv2 - Getting APIs...")
|
||||
try:
|
||||
get_apis_paginator = regional_client.get_paginator("get_apis")
|
||||
@@ -41,7 +41,7 @@ class ApiGatewayV2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_authorizers__(self):
|
||||
def _get_authorizers(self):
|
||||
logger.info("APIGatewayv2 - Getting APIs authorizer...")
|
||||
try:
|
||||
for api in self.apis:
|
||||
@@ -54,7 +54,7 @@ class ApiGatewayV2(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __get_stages__(self):
|
||||
def _get_stages(self):
|
||||
logger.info("APIGatewayv2 - Getting stages for APIs...")
|
||||
try:
|
||||
for api in self.apis:
|
||||
|
||||
@@ -13,10 +13,10 @@ class AppStream(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.fleets = []
|
||||
self.__threading_call__(self.__describe_fleets__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._describe_fleets)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __describe_fleets__(self, regional_client):
|
||||
def _describe_fleets(self, regional_client):
|
||||
logger.info("AppStream - Describing Fleets...")
|
||||
try:
|
||||
describe_fleets_paginator = regional_client.get_paginator("describe_fleets")
|
||||
@@ -50,7 +50,7 @@ class AppStream(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("AppStream - List Tags...")
|
||||
try:
|
||||
for fleet in self.fleets:
|
||||
|
||||
@@ -13,12 +13,12 @@ class Athena(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.workgroups = {}
|
||||
self.__threading_call__(self.__list_workgroups__)
|
||||
self.__get_workgroups__()
|
||||
self.__list_query_executions__()
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_workgroups)
|
||||
self._get_workgroups()
|
||||
self._list_query_executions()
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_workgroups__(self, regional_client):
|
||||
def _list_workgroups(self, regional_client):
|
||||
logger.info("Athena - Listing WorkGroups...")
|
||||
try:
|
||||
list_workgroups = regional_client.list_work_groups()
|
||||
@@ -44,7 +44,7 @@ class Athena(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_workgroups__(self):
|
||||
def _get_workgroups(self):
|
||||
logger.info("Athena - Getting WorkGroups...")
|
||||
try:
|
||||
for workgroup in self.workgroups.values():
|
||||
@@ -88,7 +88,7 @@ class Athena(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_query_executions__(self):
|
||||
def _list_query_executions(self):
|
||||
logger.info("Athena - Listing Queries...")
|
||||
try:
|
||||
for workgroup in self.workgroups.values():
|
||||
@@ -109,7 +109,7 @@ class Athena(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("Athena - Listing Tags...")
|
||||
try:
|
||||
for workgroup in self.workgroups.values():
|
||||
|
||||
@@ -11,11 +11,11 @@ class AutoScaling(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.launch_configurations = []
|
||||
self.__threading_call__(self.__describe_launch_configurations__)
|
||||
self.__threading_call__(self._describe_launch_configurations)
|
||||
self.groups = []
|
||||
self.__threading_call__(self.__describe_auto_scaling_groups__)
|
||||
self.__threading_call__(self._describe_auto_scaling_groups)
|
||||
|
||||
def __describe_launch_configurations__(self, regional_client):
|
||||
def _describe_launch_configurations(self, regional_client):
|
||||
logger.info("AutoScaling - Describing Launch Configurations...")
|
||||
try:
|
||||
describe_launch_configurations_paginator = regional_client.get_paginator(
|
||||
@@ -44,7 +44,7 @@ class AutoScaling(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_auto_scaling_groups__(self, regional_client):
|
||||
def _describe_auto_scaling_groups(self, regional_client):
|
||||
logger.info("AutoScaling - Describing AutoScaling Groups...")
|
||||
try:
|
||||
describe_auto_scaling_groups_paginator = regional_client.get_paginator(
|
||||
|
||||
+1
-1
@@ -12,7 +12,7 @@ class awslambda_function_no_secrets_in_code(Check):
|
||||
def execute(self):
|
||||
findings = []
|
||||
if awslambda_client.functions:
|
||||
for function, function_code in awslambda_client.__get_function_code__():
|
||||
for function, function_code in awslambda_client._get_function_code():
|
||||
if function_code:
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = function.region
|
||||
|
||||
@@ -19,12 +19,12 @@ class Lambda(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.functions = {}
|
||||
self.__threading_call__(self.__list_functions__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self.__get_policy__)
|
||||
self.__threading_call__(self.__get_function_url_config__)
|
||||
self.__threading_call__(self._list_functions)
|
||||
self._list_tags_for_resource()
|
||||
self.__threading_call__(self._get_policy)
|
||||
self.__threading_call__(self._get_function_url_config)
|
||||
|
||||
def __list_functions__(self, regional_client):
|
||||
def _list_functions(self, regional_client):
|
||||
logger.info("Lambda - Listing Functions...")
|
||||
try:
|
||||
list_functions_paginator = regional_client.get_paginator("list_functions")
|
||||
@@ -61,12 +61,12 @@ class Lambda(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __get_function_code__(self):
|
||||
def _get_function_code(self):
|
||||
logger.info("Lambda - Getting Function Code...")
|
||||
# Use a thread pool handle the queueing and execution of the __fetch_function_code__ tasks, up to max_workers tasks concurrently.
|
||||
# Use a thread pool handle the queueing and execution of the _fetch_function_code tasks, up to max_workers tasks concurrently.
|
||||
lambda_functions_to_fetch = {
|
||||
self.thread_pool.submit(
|
||||
self.__fetch_function_code__, function.name, function.region
|
||||
self._fetch_function_code, function.name, function.region
|
||||
): function
|
||||
for function in self.functions.values()
|
||||
}
|
||||
@@ -82,7 +82,7 @@ class Lambda(AWSService):
|
||||
f"{function.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __fetch_function_code__(self, function_name, function_region):
|
||||
def _fetch_function_code(self, function_name, function_region):
|
||||
try:
|
||||
regional_client = self.regional_clients[function_region]
|
||||
function_information = regional_client.get_function(
|
||||
@@ -101,7 +101,7 @@ class Lambda(AWSService):
|
||||
)
|
||||
raise
|
||||
|
||||
def __get_policy__(self, regional_client):
|
||||
def _get_policy(self, regional_client):
|
||||
logger.info("Lambda - Getting Policy...")
|
||||
try:
|
||||
for function in self.functions.values():
|
||||
@@ -124,7 +124,7 @@ class Lambda(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __get_function_url_config__(self, regional_client):
|
||||
def _get_function_url_config(self, regional_client):
|
||||
logger.info("Lambda - Getting Function URL Config...")
|
||||
try:
|
||||
for function in self.functions.values():
|
||||
@@ -153,7 +153,7 @@ class Lambda(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("Lambda - List Tags...")
|
||||
try:
|
||||
for function in self.functions.values():
|
||||
|
||||
@@ -18,13 +18,13 @@ class Backup(AWSService):
|
||||
self.report_plan_arn_template = f"arn:{self.audited_partition}:backup:{self.region}:{self.audited_account}:report-plan"
|
||||
self.backup_vault_arn_template = f"arn:{self.audited_partition}:backup:{self.region}:{self.audited_account}:backup-vault"
|
||||
self.backup_vaults = []
|
||||
self.__threading_call__(self.__list_backup_vaults__)
|
||||
self.__threading_call__(self._list_backup_vaults)
|
||||
self.backup_plans = []
|
||||
self.__threading_call__(self.__list_backup_plans__)
|
||||
self.__threading_call__(self._list_backup_plans)
|
||||
self.backup_report_plans = []
|
||||
self.__threading_call__(self.__list_backup_report_plans__)
|
||||
self.__threading_call__(self._list_backup_report_plans)
|
||||
|
||||
def __list_backup_vaults__(self, regional_client):
|
||||
def _list_backup_vaults(self, regional_client):
|
||||
logger.info("Backup - Listing Backup Vaults...")
|
||||
try:
|
||||
list_backup_vaults_paginator = regional_client.get_paginator(
|
||||
@@ -70,7 +70,7 @@ class Backup(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_backup_plans__(self, regional_client):
|
||||
def _list_backup_plans(self, regional_client):
|
||||
logger.info("Backup - Listing Backup Plans...")
|
||||
try:
|
||||
list_backup_plans_paginator = regional_client.get_paginator(
|
||||
@@ -105,7 +105,7 @@ class Backup(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_backup_report_plans__(self, regional_client):
|
||||
def _list_backup_report_plans(self, regional_client):
|
||||
logger.info("Backup - Listing Backup Report Plans...")
|
||||
|
||||
try:
|
||||
|
||||
@@ -14,10 +14,10 @@ class CloudFormation(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.stacks = []
|
||||
self.__threading_call__(self.__describe_stacks__)
|
||||
self.__describe_stack__()
|
||||
self.__threading_call__(self._describe_stacks)
|
||||
self._describe_stack()
|
||||
|
||||
def __describe_stacks__(self, regional_client):
|
||||
def _describe_stacks(self, regional_client):
|
||||
"""Get ALL CloudFormation Stacks"""
|
||||
logger.info("CloudFormation - Describing Stacks...")
|
||||
try:
|
||||
@@ -47,7 +47,7 @@ class CloudFormation(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_stack__(self):
|
||||
def _describe_stack(self):
|
||||
"""Get Details for a CloudFormation Stack"""
|
||||
logger.info("CloudFormation - Describing Stack to get specific details...")
|
||||
for stack in self.stacks:
|
||||
|
||||
@@ -14,11 +14,11 @@ class CloudFront(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider, global_service=True)
|
||||
self.distributions = {}
|
||||
self.__list_distributions__(self.client, self.region)
|
||||
self.__get_distribution_config__(self.client, self.distributions, self.region)
|
||||
self.__list_tags_for_resource__(self.client, self.distributions, self.region)
|
||||
self._list_distributions(self.client, self.region)
|
||||
self._get_distribution_config(self.client, self.distributions, self.region)
|
||||
self._list_tags_for_resource(self.client, self.distributions, self.region)
|
||||
|
||||
def __list_distributions__(self, client, region) -> dict:
|
||||
def _list_distributions(self, client, region) -> dict:
|
||||
logger.info("CloudFront - Listing Distributions...")
|
||||
try:
|
||||
list_ditributions_paginator = client.get_paginator("list_distributions")
|
||||
@@ -44,7 +44,7 @@ class CloudFront(AWSService):
|
||||
f"{region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_distribution_config__(self, client, distributions, region) -> dict:
|
||||
def _get_distribution_config(self, client, distributions, region) -> dict:
|
||||
logger.info("CloudFront - Getting Distributions...")
|
||||
try:
|
||||
for distribution_id in distributions.keys():
|
||||
@@ -87,7 +87,7 @@ class CloudFront(AWSService):
|
||||
f"{region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self, client, distributions, region):
|
||||
def _list_tags_for_resource(self, client, distributions, region):
|
||||
logger.info("CloudFront - List Tags...")
|
||||
try:
|
||||
for distribution in distributions.values():
|
||||
|
||||
+1
-1
@@ -32,7 +32,7 @@ class cloudtrail_multi_region_enabled(Check):
|
||||
"No CloudTrail trails enabled with logging were found."
|
||||
)
|
||||
report.resource_arn = (
|
||||
cloudtrail_client.__get_trail_arn_template__(region)
|
||||
cloudtrail_client._get_trail_arn_template(region)
|
||||
)
|
||||
report.resource_id = cloudtrail_client.audited_account
|
||||
# If there are no trails logging it is needed to store the FAIL once all the trails have been checked
|
||||
|
||||
+1
-3
@@ -14,9 +14,7 @@ class cloudtrail_multi_region_enabled_logging_management_events(Check):
|
||||
report.status_extended = "No CloudTrail trails enabled and logging management events were found."
|
||||
report.region = region
|
||||
report.resource_id = cloudtrail_client.audited_account
|
||||
report.resource_arn = cloudtrail_client.__get_trail_arn_template__(
|
||||
region
|
||||
)
|
||||
report.resource_arn = cloudtrail_client._get_trail_arn_template(region)
|
||||
trail_is_logging_management_events = False
|
||||
for trail in cloudtrail_client.trails.values():
|
||||
if trail.region == region or trail.is_multiregion:
|
||||
|
||||
@@ -16,21 +16,21 @@ class Cloudtrail(AWSService):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.trail_arn_template = f"arn:{self.audited_partition}:cloudtrail:{self.region}:{self.audited_account}:trail"
|
||||
self.trails = {}
|
||||
self.__threading_call__(self.__get_trails__)
|
||||
self.__threading_call__(self._get_trails)
|
||||
if self.trails:
|
||||
self.__get_trail_status__()
|
||||
self.__get_insight_selectors__()
|
||||
self.__get_event_selectors__()
|
||||
self.__list_tags_for_resource__()
|
||||
self._get_trail_status()
|
||||
self._get_insight_selectors()
|
||||
self._get_event_selectors()
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __get_trail_arn_template__(self, region):
|
||||
def _get_trail_arn_template(self, region):
|
||||
return (
|
||||
f"arn:{self.audited_partition}:cloudtrail:{region}:{self.audited_account}:trail"
|
||||
if region
|
||||
else f"arn:{self.audited_partition}:cloudtrail:{self.region}:{self.audited_account}:trail"
|
||||
)
|
||||
|
||||
def __get_trails__(self, regional_client):
|
||||
def _get_trails(self, regional_client):
|
||||
logger.info("Cloudtrail - Getting trails...")
|
||||
try:
|
||||
describe_trails = regional_client.describe_trails()["trailList"]
|
||||
@@ -70,7 +70,7 @@ class Cloudtrail(AWSService):
|
||||
if trails_count == 0:
|
||||
if self.trails is None:
|
||||
self.trails = {}
|
||||
self.trails[self.__get_trail_arn_template__(regional_client.region)] = (
|
||||
self.trails[self._get_trail_arn_template(regional_client.region)] = (
|
||||
Trail(
|
||||
region=regional_client.region,
|
||||
)
|
||||
@@ -91,7 +91,7 @@ class Cloudtrail(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_trail_status__(self):
|
||||
def _get_trail_status(self):
|
||||
logger.info("Cloudtrail - Getting trail status")
|
||||
try:
|
||||
for trail in self.trails.values():
|
||||
@@ -109,7 +109,7 @@ class Cloudtrail(AWSService):
|
||||
f"{client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_event_selectors__(self):
|
||||
def _get_event_selectors(self):
|
||||
logger.info("Cloudtrail - Getting event selector")
|
||||
try:
|
||||
for trail in self.trails.values():
|
||||
@@ -142,7 +142,7 @@ class Cloudtrail(AWSService):
|
||||
f"{client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_insight_selectors__(self):
|
||||
def _get_insight_selectors(self):
|
||||
logger.info("Cloudtrail - Getting trail insight selectors...")
|
||||
|
||||
try:
|
||||
@@ -192,7 +192,7 @@ class Cloudtrail(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __lookup_events__(self, trail, event_name, minutes):
|
||||
def _lookup_events(self, trail, event_name, minutes):
|
||||
logger.info("CloudTrail - Lookup Events...")
|
||||
try:
|
||||
regional_client = self.regional_clients[trail.region]
|
||||
@@ -208,7 +208,7 @@ class Cloudtrail(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("CloudTrail - List Tags...")
|
||||
try:
|
||||
for trail in self.trails.values():
|
||||
|
||||
+3
-3
@@ -33,7 +33,7 @@ class cloudtrail_threat_detection_enumeration(Check):
|
||||
)
|
||||
for trail in trails_to_scan:
|
||||
for event_name in enumeration_actions:
|
||||
for event_log in cloudtrail_client.__lookup_events__(
|
||||
for event_log in cloudtrail_client._lookup_events(
|
||||
trail=trail,
|
||||
event_name=event_name,
|
||||
minutes=threat_detection_minutes,
|
||||
@@ -52,7 +52,7 @@ class cloudtrail_threat_detection_enumeration(Check):
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = cloudtrail_client.region
|
||||
report.resource_id = cloudtrail_client.audited_account
|
||||
report.resource_arn = cloudtrail_client.__get_trail_arn_template__(
|
||||
report.resource_arn = cloudtrail_client._get_trail_arn_template(
|
||||
cloudtrail_client.region
|
||||
)
|
||||
report.status = "FAIL"
|
||||
@@ -62,7 +62,7 @@ class cloudtrail_threat_detection_enumeration(Check):
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = cloudtrail_client.region
|
||||
report.resource_id = cloudtrail_client.audited_account
|
||||
report.resource_arn = cloudtrail_client.__get_trail_arn_template__(
|
||||
report.resource_arn = cloudtrail_client._get_trail_arn_template(
|
||||
cloudtrail_client.region
|
||||
)
|
||||
report.status = "PASS"
|
||||
|
||||
+3
-3
@@ -34,7 +34,7 @@ class cloudtrail_threat_detection_privilege_escalation(Check):
|
||||
)
|
||||
for trail in trails_to_scan:
|
||||
for event_name in privilege_escalation_actions:
|
||||
for event_log in cloudtrail_client.__lookup_events__(
|
||||
for event_log in cloudtrail_client._lookup_events(
|
||||
trail=trail,
|
||||
event_name=event_name,
|
||||
minutes=threat_detection_minutes,
|
||||
@@ -58,7 +58,7 @@ class cloudtrail_threat_detection_privilege_escalation(Check):
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = cloudtrail_client.region
|
||||
report.resource_id = cloudtrail_client.audited_account
|
||||
report.resource_arn = cloudtrail_client.__get_trail_arn_template__(
|
||||
report.resource_arn = cloudtrail_client._get_trail_arn_template(
|
||||
cloudtrail_client.region
|
||||
)
|
||||
report.status = "FAIL"
|
||||
@@ -68,7 +68,7 @@ class cloudtrail_threat_detection_privilege_escalation(Check):
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = cloudtrail_client.region
|
||||
report.resource_id = cloudtrail_client.audited_account
|
||||
report.resource_arn = cloudtrail_client.__get_trail_arn_template__(
|
||||
report.resource_arn = cloudtrail_client._get_trail_arn_template(
|
||||
cloudtrail_client.region
|
||||
)
|
||||
report.status = "PASS"
|
||||
|
||||
@@ -15,11 +15,11 @@ class CloudWatch(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.metric_alarms = []
|
||||
self.__threading_call__(self.__describe_alarms__)
|
||||
self.__threading_call__(self._describe_alarms)
|
||||
if self.metric_alarms:
|
||||
self.__list_tags_for_resource__()
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __describe_alarms__(self, regional_client):
|
||||
def _describe_alarms(self, regional_client):
|
||||
logger.info("CloudWatch - Describing alarms...")
|
||||
try:
|
||||
describe_alarms_paginator = regional_client.get_paginator("describe_alarms")
|
||||
@@ -61,7 +61,7 @@ class CloudWatch(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("CloudWatch - List Tags...")
|
||||
try:
|
||||
for metric_alarm in self.metric_alarms:
|
||||
@@ -84,8 +84,8 @@ class Logs(AWSService):
|
||||
self.log_group_arn_template = f"arn:{self.audited_partition}:logs:{self.region}:{self.audited_account}:log-group"
|
||||
self.metric_filters = []
|
||||
self.log_groups = []
|
||||
self.__threading_call__(self.__describe_metric_filters__)
|
||||
self.__threading_call__(self.__describe_log_groups__)
|
||||
self.__threading_call__(self._describe_metric_filters)
|
||||
self.__threading_call__(self._describe_log_groups)
|
||||
if self.log_groups:
|
||||
if (
|
||||
"cloudwatch_log_group_no_secrets_in_logs"
|
||||
@@ -94,10 +94,10 @@ class Logs(AWSService):
|
||||
self.events_per_log_group_threshold = (
|
||||
1000 # The threshold for number of events to return per log group.
|
||||
)
|
||||
self.__threading_call__(self.__get_log_events__)
|
||||
self.__threading_call__(self.__list_tags_for_resource__, self.log_groups)
|
||||
self.__threading_call__(self._get_log_events)
|
||||
self.__threading_call__(self._list_tags_for_resource, self.log_groups)
|
||||
|
||||
def __describe_metric_filters__(self, regional_client):
|
||||
def _describe_metric_filters(self, regional_client):
|
||||
logger.info("CloudWatch Logs - Describing metric filters...")
|
||||
try:
|
||||
describe_metric_filters_paginator = regional_client.get_paginator(
|
||||
@@ -137,7 +137,7 @@ class Logs(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_log_groups__(self, regional_client):
|
||||
def _describe_log_groups(self, regional_client):
|
||||
logger.info("CloudWatch Logs - Describing log groups...")
|
||||
try:
|
||||
describe_log_groups_paginator = regional_client.get_paginator(
|
||||
@@ -182,7 +182,7 @@ class Logs(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_log_events__(self, regional_client):
|
||||
def _get_log_events(self, regional_client):
|
||||
regional_log_groups = [
|
||||
log_group
|
||||
for log_group in self.log_groups
|
||||
@@ -214,7 +214,7 @@ class Logs(AWSService):
|
||||
f"CloudWatch Logs - Finished retrieving log events in {regional_client.region}..."
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self, log_group):
|
||||
def _list_tags_for_resource(self, log_group):
|
||||
logger.info(f"CloudWatch Logs - List Tags for Log Group {log_group.name}...")
|
||||
try:
|
||||
regional_client = self.regional_clients[log_group.region]
|
||||
|
||||
@@ -16,11 +16,11 @@ class CodeArtifact(AWSService):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
# repositories is a dictionary containing all the codeartifact service information
|
||||
self.repositories = {}
|
||||
self.__threading_call__(self.__list_repositories__)
|
||||
self.__threading_call__(self.__list_packages__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_repositories)
|
||||
self.__threading_call__(self._list_packages)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_repositories__(self, regional_client):
|
||||
def _list_repositories(self, regional_client):
|
||||
logger.info("CodeArtifact - Listing Repositories...")
|
||||
try:
|
||||
list_repositories_paginator = regional_client.get_paginator(
|
||||
@@ -52,7 +52,7 @@ class CodeArtifact(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __list_packages__(self, regional_client):
|
||||
def _list_packages(self, regional_client):
|
||||
logger.info("CodeArtifact - Listing Packages and retrieving information...")
|
||||
for repository in self.repositories:
|
||||
try:
|
||||
@@ -169,7 +169,7 @@ class CodeArtifact(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("CodeArtifact - List Tags...")
|
||||
try:
|
||||
for repository in self.repositories.values():
|
||||
|
||||
@@ -14,14 +14,14 @@ class CognitoIDP(AWSService):
|
||||
super().__init__("cognito-idp", provider)
|
||||
|
||||
self.user_pools = {}
|
||||
self.__threading_call__(self.__list_user_pools__)
|
||||
self.__describe_user_pools__()
|
||||
self.__list_user_pool_clients__()
|
||||
self.__describe_user_pool_clients__()
|
||||
self.__get_user_pool_mfa_config__()
|
||||
self.__get_user_pool_risk_configuration__()
|
||||
self.__threading_call__(self._list_user_pools)
|
||||
self._describe_user_pools()
|
||||
self._list_user_pool_clients()
|
||||
self._describe_user_pool_clients()
|
||||
self._get_user_pool_mfa_config()
|
||||
self._get_user_pool_risk_configuration()
|
||||
|
||||
def __list_user_pools__(self, regional_client):
|
||||
def _list_user_pools(self, regional_client):
|
||||
logger.info("Cognito - Listing User Pools...")
|
||||
try:
|
||||
user_pools_paginator = regional_client.get_paginator("list_user_pools")
|
||||
@@ -51,7 +51,7 @@ class CognitoIDP(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_user_pools__(self):
|
||||
def _describe_user_pools(self):
|
||||
logger.info("Cognito - Describing User Pools...")
|
||||
try:
|
||||
for user_pool in self.user_pools.values():
|
||||
@@ -114,7 +114,7 @@ class CognitoIDP(AWSService):
|
||||
f"{user_pool.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_user_pool_clients__(self):
|
||||
def _list_user_pool_clients(self):
|
||||
logger.info("Cognito - Listing User Pool Clients...")
|
||||
try:
|
||||
for user_pool in self.user_pools.values():
|
||||
@@ -143,7 +143,7 @@ class CognitoIDP(AWSService):
|
||||
f"{user_pool.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_user_pool_clients__(self):
|
||||
def _describe_user_pool_clients(self):
|
||||
logger.info("Cognito - Describing User Pool Clients...")
|
||||
try:
|
||||
for user_pool in self.user_pools.values():
|
||||
@@ -175,7 +175,7 @@ class CognitoIDP(AWSService):
|
||||
f"{user_pool.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_user_pool_mfa_config__(self):
|
||||
def _get_user_pool_mfa_config(self):
|
||||
logger.info("Cognito - Getting User Pool MFA Configuration...")
|
||||
try:
|
||||
for user_pool in self.user_pools.values():
|
||||
@@ -202,7 +202,7 @@ class CognitoIDP(AWSService):
|
||||
f"{user_pool.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_user_pool_risk_configuration__(self):
|
||||
def _get_user_pool_risk_configuration(self):
|
||||
logger.info("Cognito - Getting User Pool Risk Configuration...")
|
||||
try:
|
||||
for user_pool in self.user_pools.values():
|
||||
@@ -265,11 +265,11 @@ class CognitoIdentity(AWSService):
|
||||
def __init__(self, provider):
|
||||
super().__init__("cognito-identity", provider)
|
||||
self.identity_pools = {}
|
||||
self.__threading_call__(self.__list_identity_pools__)
|
||||
self.__describe_identity_pools__()
|
||||
self.__get_identity_pool_roles__()
|
||||
self.__threading_call__(self._list_identity_pools)
|
||||
self._describe_identity_pools()
|
||||
self._get_identity_pool_roles()
|
||||
|
||||
def __list_identity_pools__(self, regional_client):
|
||||
def _list_identity_pools(self, regional_client):
|
||||
logger.info("Cognito - Listing Identity Pools...")
|
||||
try:
|
||||
identity_pools_paginator = regional_client.get_paginator(
|
||||
@@ -297,7 +297,7 @@ class CognitoIdentity(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_identity_pools__(self):
|
||||
def _describe_identity_pools(self):
|
||||
logger.info("Cognito - Describing Identity Pools...")
|
||||
try:
|
||||
for identity_pool in self.identity_pools.values():
|
||||
@@ -325,7 +325,7 @@ class CognitoIdentity(AWSService):
|
||||
f"{identity_pool.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_identity_pool_roles__(self):
|
||||
def _get_identity_pool_roles(self):
|
||||
logger.info("Cognito - Getting Identity Pool Roles...")
|
||||
try:
|
||||
for identity_pool in self.identity_pools.values():
|
||||
|
||||
+1
-1
@@ -8,7 +8,7 @@ class config_recorder_all_regions_enabled(Check):
|
||||
for recorder in config_client.recorders:
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = recorder.region
|
||||
report.resource_arn = config_client.__get_recorder_arn_template__(
|
||||
report.resource_arn = config_client._get_recorder_arn_template(
|
||||
recorder.region
|
||||
)
|
||||
report.resource_id = (
|
||||
|
||||
@@ -13,12 +13,12 @@ class Config(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.recorders = []
|
||||
self.__threading_call__(self.__describe_configuration_recorder_status__)
|
||||
self.__threading_call__(self._describe_configuration_recorder_status)
|
||||
|
||||
def __get_recorder_arn_template__(self, region):
|
||||
def _get_recorder_arn_template(self, region):
|
||||
return f"arn:{self.audited_partition}:config:{region}:{self.audited_account}:recorder"
|
||||
|
||||
def __describe_configuration_recorder_status__(self, regional_client):
|
||||
def _describe_configuration_recorder_status(self, regional_client):
|
||||
logger.info("Config - Listing Recorders...")
|
||||
try:
|
||||
recorders = regional_client.describe_configuration_recorder_status()[
|
||||
|
||||
@@ -16,14 +16,14 @@ class DirectoryService(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__("ds", provider)
|
||||
self.directories = {}
|
||||
self.__threading_call__(self.__describe_directories__)
|
||||
self.__threading_call__(self.__list_log_subscriptions__)
|
||||
self.__threading_call__(self.__describe_event_topics__)
|
||||
self.__threading_call__(self.__list_certificates__)
|
||||
self.__threading_call__(self.__get_snapshot_limits__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._describe_directories)
|
||||
self.__threading_call__(self._list_log_subscriptions)
|
||||
self.__threading_call__(self._describe_event_topics)
|
||||
self.__threading_call__(self._list_certificates)
|
||||
self.__threading_call__(self._get_snapshot_limits)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __describe_directories__(self, regional_client):
|
||||
def _describe_directories(self, regional_client):
|
||||
logger.info("DirectoryService - Describing Directories...")
|
||||
try:
|
||||
describe_fleets_paginator = regional_client.get_paginator(
|
||||
@@ -71,7 +71,7 @@ class DirectoryService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_log_subscriptions__(self, regional_client):
|
||||
def _list_log_subscriptions(self, regional_client):
|
||||
logger.info("DirectoryService - Listing Log Subscriptions...")
|
||||
try:
|
||||
for directory in self.directories.values():
|
||||
@@ -101,7 +101,7 @@ class DirectoryService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_event_topics__(self, regional_client):
|
||||
def _describe_event_topics(self, regional_client):
|
||||
logger.info("DirectoryService - Describing Event Topics...")
|
||||
try:
|
||||
for directory in self.directories.values():
|
||||
@@ -128,7 +128,7 @@ class DirectoryService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_certificates__(self, regional_client):
|
||||
def _list_certificates(self, regional_client):
|
||||
logger.info("DirectoryService - Listing Certificates...")
|
||||
try:
|
||||
for directory in self.directories.values():
|
||||
@@ -178,7 +178,7 @@ class DirectoryService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_snapshot_limits__(self, regional_client):
|
||||
def _get_snapshot_limits(self, regional_client):
|
||||
logger.info("DirectoryService - Getting Snapshot Limits...")
|
||||
try:
|
||||
for directory in self.directories.values():
|
||||
@@ -213,7 +213,7 @@ class DirectoryService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("Directory Service - List Tags...")
|
||||
try:
|
||||
for directory in self.directories.values():
|
||||
|
||||
+1
-1
@@ -16,7 +16,7 @@ class dlm_ebs_snapshot_lifecycle_policy_exists(Check):
|
||||
report.status_extended = "No EBS Snapshot lifecycle policies found."
|
||||
report.region = region
|
||||
report.resource_id = dlm_client.audited_account
|
||||
report.resource_arn = dlm_client.__get_lifecycle_policy_arn_template__(
|
||||
report.resource_arn = dlm_client._get_lifecycle_policy_arn_template(
|
||||
region
|
||||
)
|
||||
if dlm_client.lifecycle_policies[region]:
|
||||
|
||||
@@ -10,14 +10,14 @@ class DLM(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.lifecycle_policies = {}
|
||||
self.__threading_call__(self.__get_lifecycle_policies__)
|
||||
self.__threading_call__(self._get_lifecycle_policies)
|
||||
|
||||
def __get_lifecycle_policy_arn_template__(self, region):
|
||||
def _get_lifecycle_policy_arn_template(self, region):
|
||||
return (
|
||||
f"arn:{self.audited_partition}:dlm:{region}:{self.audited_account}:policy"
|
||||
)
|
||||
|
||||
def __get_lifecycle_policies__(self, regional_client):
|
||||
def _get_lifecycle_policies(self, regional_client):
|
||||
logger.info("DLM - Getting EBS Snapshots Lifecycle Policies...")
|
||||
try:
|
||||
lifecycle_policies = regional_client.get_lifecycle_policies()
|
||||
|
||||
@@ -11,9 +11,9 @@ class DMS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.instances = []
|
||||
self.__threading_call__(self.__describe_replication_instances__)
|
||||
self.__threading_call__(self._describe_replication_instances)
|
||||
|
||||
def __describe_replication_instances__(self, regional_client):
|
||||
def _describe_replication_instances(self, regional_client):
|
||||
logger.info("DMS - Describing DMS Replication Instances...")
|
||||
try:
|
||||
describe_replication_instances_paginator = regional_client.get_paginator(
|
||||
|
||||
@@ -11,9 +11,7 @@ class drs_job_exist(Check):
|
||||
report.status_extended = "DRS is not enabled for this region."
|
||||
report.region = drs.region
|
||||
report.resource_tags = []
|
||||
report.resource_arn = drs_client.__get_recovery_job_arn_template__(
|
||||
drs.region
|
||||
)
|
||||
report.resource_arn = drs_client._get_recovery_job_arn_template(drs.region)
|
||||
report.resource_id = drs_client.audited_account
|
||||
if drs.status == "ENABLED":
|
||||
report.status_extended = "DRS is enabled for this region without jobs."
|
||||
|
||||
@@ -12,12 +12,12 @@ class DRS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.drs_services = []
|
||||
self.__threading_call__(self.__describe_jobs__)
|
||||
self.__threading_call__(self._describe_jobs)
|
||||
|
||||
def __get_recovery_job_arn_template__(self, region):
|
||||
def _get_recovery_job_arn_template(self, region):
|
||||
return f"arn:{self.audited_partition}:drs:{region}:{self.audited_account}:recovery-job"
|
||||
|
||||
def __describe_jobs__(self, regional_client):
|
||||
def _describe_jobs(self, regional_client):
|
||||
logger.info("DRS - Describe Jobs...")
|
||||
try:
|
||||
try:
|
||||
|
||||
@@ -15,13 +15,13 @@ class DynamoDB(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.tables = []
|
||||
self.__threading_call__(self.__list_tables__)
|
||||
self.__describe_table__()
|
||||
self.__describe_continuous_backups__()
|
||||
self.__get_resource_policy__()
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_tables)
|
||||
self._describe_table()
|
||||
self._describe_continuous_backups()
|
||||
self._get_resource_policy()
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_tables__(self, regional_client):
|
||||
def _list_tables(self, regional_client):
|
||||
logger.info("DynamoDB - Listing tables...")
|
||||
try:
|
||||
list_tables_paginator = regional_client.get_paginator("list_tables")
|
||||
@@ -45,7 +45,7 @@ class DynamoDB(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_table__(self):
|
||||
def _describe_table(self):
|
||||
logger.info("DynamoDB - Describing Table...")
|
||||
try:
|
||||
for table in self.tables:
|
||||
@@ -63,7 +63,7 @@ class DynamoDB(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __describe_continuous_backups__(self):
|
||||
def _describe_continuous_backups(self):
|
||||
logger.info("DynamoDB - Describing Continuous Backups...")
|
||||
try:
|
||||
for table in self.tables:
|
||||
@@ -95,7 +95,7 @@ class DynamoDB(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __get_resource_policy__(self):
|
||||
def _get_resource_policy(self):
|
||||
logger.info("DynamoDB - Get Resource Policy...")
|
||||
try:
|
||||
for table in self.tables:
|
||||
@@ -124,7 +124,7 @@ class DynamoDB(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("DynamoDB - List Tags...")
|
||||
try:
|
||||
for table in self.tables:
|
||||
@@ -156,10 +156,10 @@ class DAX(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.clusters = []
|
||||
self.__threading_call__(self.__describe_clusters__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._describe_clusters)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __describe_clusters__(self, regional_client):
|
||||
def _describe_clusters(self, regional_client):
|
||||
logger.info("DynamoDB DAX - Describing clusters...")
|
||||
try:
|
||||
describe_clusters_paginator = regional_client.get_paginator(
|
||||
@@ -189,7 +189,7 @@ class DAX(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("DAX - List Tags...")
|
||||
for cluster in self.clusters:
|
||||
try:
|
||||
|
||||
+1
-1
@@ -9,7 +9,7 @@ class ec2_ebs_default_encryption(Check):
|
||||
if ebs_encryption.volumes or ec2_client.provider.scan_unused_services:
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = ebs_encryption.region
|
||||
report.resource_arn = ec2_client.__get_volume_arn_template__(
|
||||
report.resource_arn = ec2_client._get_volume_arn_template(
|
||||
ebs_encryption.region
|
||||
)
|
||||
report.resource_id = ec2_client.audited_account
|
||||
|
||||
@@ -16,50 +16,50 @@ class EC2(AWSService):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.account_arn_template = f"arn:{self.audited_partition}:ec2:{self.region}:{self.audited_account}:account"
|
||||
self.instances = []
|
||||
self.__threading_call__(self.__describe_instances__)
|
||||
self.__threading_call__(self.__get_instance_user_data__, self.instances)
|
||||
self.__threading_call__(self._describe_instances)
|
||||
self.__threading_call__(self._get_instance_user_data, self.instances)
|
||||
self.security_groups = {}
|
||||
self.regions_with_sgs = []
|
||||
self.__threading_call__(self.__describe_security_groups__)
|
||||
self.__threading_call__(self._describe_security_groups)
|
||||
self.network_acls = []
|
||||
self.__threading_call__(self.__describe_network_acls__)
|
||||
self.__threading_call__(self._describe_network_acls)
|
||||
self.snapshots = []
|
||||
self.volumes_with_snapshots = {}
|
||||
self.regions_with_snapshots = {}
|
||||
self.__threading_call__(self.__describe_snapshots__)
|
||||
self.__threading_call__(self.__determine_public_snapshots__, self.snapshots)
|
||||
self.__threading_call__(self._describe_snapshots)
|
||||
self.__threading_call__(self._determine_public_snapshots, self.snapshots)
|
||||
self.network_interfaces = []
|
||||
self.__threading_call__(self.__describe_network_interfaces__)
|
||||
self.__threading_call__(self._describe_network_interfaces)
|
||||
self.images = []
|
||||
self.__threading_call__(self.__describe_images__)
|
||||
self.__threading_call__(self._describe_images)
|
||||
self.volumes = []
|
||||
self.__threading_call__(self.__describe_volumes__)
|
||||
self.__threading_call__(self._describe_volumes)
|
||||
self.attributes_for_regions = {}
|
||||
self.__threading_call__(self.__get_resources_for_regions__)
|
||||
self.__threading_call__(self._get_resources_for_regions)
|
||||
self.ebs_encryption_by_default = []
|
||||
self.__threading_call__(self.__get_ebs_encryption_settings__)
|
||||
self.__threading_call__(self._get_ebs_encryption_settings)
|
||||
self.elastic_ips = []
|
||||
self.__threading_call__(self.__describe_ec2_addresses__)
|
||||
self.__threading_call__(self._describe_ec2_addresses)
|
||||
self.ebs_block_public_access_snapshots_states = []
|
||||
self.__threading_call__(self.__get_snapshot_block_public_access_state__)
|
||||
self.__threading_call__(self._get_snapshot_block_public_access_state)
|
||||
self.instance_metadata_defaults = []
|
||||
self.__threading_call__(self.__get_instance_metadata_defaults__)
|
||||
self.__threading_call__(self._get_instance_metadata_defaults)
|
||||
self.launch_templates = []
|
||||
self.__threading_call__(self.__describe_launch_templates)
|
||||
self.__threading_call__(self._describe_launch_templates)
|
||||
self.__threading_call__(
|
||||
self.__get_launch_template_versions__, self.launch_templates
|
||||
self._get_launch_template_versions, self.launch_templates
|
||||
)
|
||||
self.vpn_endpoints = {}
|
||||
self.__threading_call__(self._describe_vpn_endpoints)
|
||||
self.transit_gateways = {}
|
||||
self.__threading_call__(self._describe_transit_gateways)
|
||||
|
||||
def __get_volume_arn_template__(self, region):
|
||||
def _get_volume_arn_template(self, region):
|
||||
return (
|
||||
f"arn:{self.audited_partition}:ec2:{region}:{self.audited_account}:volume"
|
||||
)
|
||||
|
||||
def __describe_instances__(self, regional_client):
|
||||
def _describe_instances(self, regional_client):
|
||||
try:
|
||||
describe_instances_paginator = regional_client.get_paginator(
|
||||
"describe_instances"
|
||||
@@ -107,7 +107,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_security_groups__(self, regional_client):
|
||||
def _describe_security_groups(self, regional_client):
|
||||
try:
|
||||
describe_security_groups_paginator = regional_client.get_paginator(
|
||||
"describe_security_groups"
|
||||
@@ -141,7 +141,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_network_acls__(self, regional_client):
|
||||
def _describe_network_acls(self, regional_client):
|
||||
try:
|
||||
describe_network_acls_paginator = regional_client.get_paginator(
|
||||
"describe_network_acls"
|
||||
@@ -171,7 +171,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_snapshots__(self, regional_client):
|
||||
def _describe_snapshots(self, regional_client):
|
||||
try:
|
||||
snapshots_in_region = False
|
||||
describe_snapshots_paginator = regional_client.get_paginator(
|
||||
@@ -204,7 +204,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __determine_public_snapshots__(self, snapshot):
|
||||
def _determine_public_snapshots(self, snapshot):
|
||||
try:
|
||||
regional_client = self.regional_clients[snapshot.region]
|
||||
snapshot_public = regional_client.describe_snapshot_attribute(
|
||||
@@ -227,7 +227,7 @@ class EC2(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_network_interfaces__(self, regional_client):
|
||||
def _describe_network_interfaces(self, regional_client):
|
||||
try:
|
||||
# Get Network Interfaces with Public IPs
|
||||
describe_network_interfaces_paginator = regional_client.get_paginator(
|
||||
@@ -254,7 +254,7 @@ class EC2(AWSService):
|
||||
# 'GroupName': 'default',
|
||||
# },
|
||||
# ],
|
||||
self.__add_network_interfaces_to_security_groups__(
|
||||
self._add_network_interfaces_to_security_groups(
|
||||
eni, interface.get("Groups", [])
|
||||
)
|
||||
|
||||
@@ -263,7 +263,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __add_network_interfaces_to_security_groups__(
|
||||
def _add_network_interfaces_to_security_groups(
|
||||
self, interface, interface_security_groups
|
||||
):
|
||||
try:
|
||||
@@ -276,7 +276,7 @@ class EC2(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_instance_user_data__(self, instance):
|
||||
def _get_instance_user_data(self, instance):
|
||||
try:
|
||||
regional_client = self.regional_clients[instance.region]
|
||||
user_data = regional_client.describe_instance_attribute(
|
||||
@@ -294,7 +294,7 @@ class EC2(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_images__(self, regional_client):
|
||||
def _describe_images(self, regional_client):
|
||||
try:
|
||||
for image in regional_client.describe_images(Owners=["self"])["Images"]:
|
||||
arn = f"arn:{self.audited_partition}:ec2:{regional_client.region}:{self.audited_account}:image/{image['ImageId']}"
|
||||
@@ -316,7 +316,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_volumes__(self, regional_client):
|
||||
def _describe_volumes(self, regional_client):
|
||||
try:
|
||||
describe_volumes_paginator = regional_client.get_paginator(
|
||||
"describe_volumes"
|
||||
@@ -341,7 +341,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_ec2_addresses__(self, regional_client):
|
||||
def _describe_ec2_addresses(self, regional_client):
|
||||
try:
|
||||
for address in regional_client.describe_addresses()["Addresses"]:
|
||||
public_ip = None
|
||||
@@ -372,7 +372,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_ebs_encryption_settings__(self, regional_client):
|
||||
def _get_ebs_encryption_settings(self, regional_client):
|
||||
try:
|
||||
volumes_in_region = self.attributes_for_regions.get(
|
||||
regional_client.region, []
|
||||
@@ -392,7 +392,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_snapshot_block_public_access_state__(self, regional_client):
|
||||
def _get_snapshot_block_public_access_state(self, regional_client):
|
||||
try:
|
||||
snapshots_in_region = self.attributes_for_regions.get(
|
||||
regional_client.region, []
|
||||
@@ -412,7 +412,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_instance_metadata_defaults__(self, regional_client):
|
||||
def _get_instance_metadata_defaults(self, regional_client):
|
||||
try:
|
||||
instances_in_region = self.attributes_for_regions.get(
|
||||
regional_client.region, []
|
||||
@@ -432,7 +432,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_resources_for_regions__(self, regional_client):
|
||||
def _get_resources_for_regions(self, regional_client):
|
||||
try:
|
||||
has_instances = False
|
||||
for instance in self.instances:
|
||||
@@ -459,7 +459,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_launch_templates(self, regional_client):
|
||||
def _describe_launch_templates(self, regional_client):
|
||||
try:
|
||||
describe_launch_templates_paginator = regional_client.get_paginator(
|
||||
"describe_launch_templates"
|
||||
@@ -486,7 +486,7 @@ class EC2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_launch_template_versions__(self, launch_template):
|
||||
def _get_launch_template_versions(self, launch_template):
|
||||
try:
|
||||
regional_client = self.regional_clients[launch_template.region]
|
||||
describe_launch_template_versions_paginator = regional_client.get_paginator(
|
||||
|
||||
@@ -14,10 +14,10 @@ class ECS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.task_definitions = []
|
||||
self.__threading_call__(self.__list_task_definitions__)
|
||||
self.__describe_task_definition__()
|
||||
self.__threading_call__(self._list_task_definitions)
|
||||
self._describe_task_definition()
|
||||
|
||||
def __list_task_definitions__(self, regional_client):
|
||||
def _list_task_definitions(self, regional_client):
|
||||
logger.info("ECS - Listing Task Definitions...")
|
||||
try:
|
||||
list_ecs_paginator = regional_client.get_paginator("list_task_definitions")
|
||||
@@ -41,7 +41,7 @@ class ECS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_task_definition__(self):
|
||||
def _describe_task_definition(self):
|
||||
logger.info("ECS - Describing Task Definitions...")
|
||||
try:
|
||||
for task_definition in self.task_definitions:
|
||||
|
||||
@@ -15,10 +15,10 @@ class EFS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.filesystems = []
|
||||
self.__threading_call__(self.__describe_file_systems__)
|
||||
self.__describe_file_system_policies__()
|
||||
self.__threading_call__(self._describe_file_systems)
|
||||
self._describe_file_system_policies()
|
||||
|
||||
def __describe_file_systems__(self, regional_client):
|
||||
def _describe_file_systems(self, regional_client):
|
||||
logger.info("EFS - Describing file systems...")
|
||||
try:
|
||||
describe_efs_paginator = regional_client.get_paginator(
|
||||
@@ -47,7 +47,7 @@ class EFS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_file_system_policies__(self):
|
||||
def _describe_file_system_policies(self):
|
||||
logger.info("EFS - Describing file system policies...")
|
||||
try:
|
||||
for filesystem in self.filesystems:
|
||||
|
||||
@@ -13,10 +13,10 @@ class EKS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.clusters = []
|
||||
self.__threading_call__(self.__list_clusters__)
|
||||
self.__describe_cluster__(self.regional_clients)
|
||||
self.__threading_call__(self._list_clusters)
|
||||
self._describe_cluster(self.regional_clients)
|
||||
|
||||
def __list_clusters__(self, regional_client):
|
||||
def _list_clusters(self, regional_client):
|
||||
logger.info("EKS listing clusters...")
|
||||
try:
|
||||
list_clusters_paginator = regional_client.get_paginator("list_clusters")
|
||||
@@ -39,7 +39,7 @@ class EKS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_cluster__(self, regional_clients):
|
||||
def _describe_cluster(self, regional_clients):
|
||||
logger.info("EKS listing clusters...")
|
||||
try:
|
||||
for cluster in self.clusters:
|
||||
|
||||
+1
-1
@@ -9,7 +9,7 @@ class emr_cluster_account_public_block_enabled(Check):
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = region
|
||||
report.resource_id = emr_client.audited_account
|
||||
report.resource_arn = emr_client.__get_cluster_arn_template__(region)
|
||||
report.resource_arn = emr_client._get_cluster_arn_template(region)
|
||||
if emr_client.block_public_access_configuration[
|
||||
region
|
||||
].block_public_security_group_rules:
|
||||
|
||||
@@ -16,14 +16,14 @@ class EMR(AWSService):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.clusters = {}
|
||||
self.block_public_access_configuration = {}
|
||||
self.__threading_call__(self.__list_clusters__)
|
||||
self.__threading_call__(self.__describe_cluster__)
|
||||
self.__threading_call__(self.__get_block_public_access_configuration__)
|
||||
self.__threading_call__(self._list_clusters)
|
||||
self.__threading_call__(self._describe_cluster)
|
||||
self.__threading_call__(self._get_block_public_access_configuration)
|
||||
|
||||
def __get_cluster_arn_template__(self, region):
|
||||
def _get_cluster_arn_template(self, region):
|
||||
return f"arn:{self.audited_partition}:elasticmapreduce:{region}:{self.audited_account}:cluster"
|
||||
|
||||
def __list_clusters__(self, regional_client):
|
||||
def _list_clusters(self, regional_client):
|
||||
logger.info("EMR - Listing Clusters...")
|
||||
try:
|
||||
list_clusters_paginator = regional_client.get_paginator("list_clusters")
|
||||
@@ -54,7 +54,7 @@ class EMR(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __describe_cluster__(self, regional_client):
|
||||
def _describe_cluster(self, regional_client):
|
||||
logger.info("EMR - Describing Clusters...")
|
||||
try:
|
||||
for cluster in self.clusters.values():
|
||||
@@ -131,7 +131,7 @@ class EMR(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __get_block_public_access_configuration__(self, regional_client):
|
||||
def _get_block_public_access_configuration(self, regional_client):
|
||||
"""Returns the Amazon EMR block public access configuration for your Amazon Web Services account in the current Region."""
|
||||
logger.info("EMR - Getting Block Public Access Configuration...")
|
||||
try:
|
||||
|
||||
@@ -15,11 +15,11 @@ class EventBridge(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__("events", provider)
|
||||
self.buses = {}
|
||||
self.__threading_call__(self.__list_event_buses__)
|
||||
self.__threading_call__(self.__describe_event_bus__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_event_buses)
|
||||
self.__threading_call__(self._describe_event_bus)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_event_buses__(self, regional_client):
|
||||
def _list_event_buses(self, regional_client):
|
||||
logger.info("EventBridge - Listing Event Buses...")
|
||||
try:
|
||||
for bus in regional_client.list_event_buses()["EventBuses"]:
|
||||
@@ -37,7 +37,7 @@ class EventBridge(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_event_bus__(self, regional_client):
|
||||
def _describe_event_bus(self, regional_client):
|
||||
logger.info("EventBridge - Describing Event Buses...")
|
||||
try:
|
||||
for bus in self.buses.values():
|
||||
@@ -55,7 +55,7 @@ class EventBridge(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("EventBridge - Listing Tags...")
|
||||
try:
|
||||
for bus in self.buses.values():
|
||||
@@ -98,10 +98,10 @@ class Schema(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__("schemas", provider)
|
||||
self.registries = {}
|
||||
self.__threading_call__(self.__list_registries__)
|
||||
self.__threading_call__(self.__get_resource_policy__)
|
||||
self.__threading_call__(self._list_registries)
|
||||
self.__threading_call__(self._get_resource_policy)
|
||||
|
||||
def __list_registries__(self, regional_client):
|
||||
def _list_registries(self, regional_client):
|
||||
logger.info("EventBridge - Listing Schema Registries...")
|
||||
try:
|
||||
for registry in regional_client.list_registries()["Registries"]:
|
||||
@@ -123,7 +123,7 @@ class Schema(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_resource_policy__(self, regional_client):
|
||||
def _get_resource_policy(self, regional_client):
|
||||
logger.info("EventBridge - Getting Registry Resource Policy...")
|
||||
try:
|
||||
for registry in self.registries.values():
|
||||
|
||||
@@ -14,10 +14,10 @@ class FMS(AWSService):
|
||||
self.policy_arn_template = f"arn:{self.audited_partition}:fms:{self.region}:{self.audited_account}:policy"
|
||||
self.fms_admin_account = True
|
||||
self.fms_policies = []
|
||||
self.__list_policies__()
|
||||
self.__list_compliance_status__()
|
||||
self._list_policies()
|
||||
self._list_compliance_status()
|
||||
|
||||
def __list_policies__(self):
|
||||
def _list_policies(self):
|
||||
logger.info("FMS - Listing Policies...")
|
||||
try:
|
||||
list_policies_paginator = self.client.get_paginator("list_policies")
|
||||
@@ -64,7 +64,7 @@ class FMS(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __list_compliance_status__(self):
|
||||
def _list_compliance_status(self):
|
||||
logger.info("FMS - Listing Policies...")
|
||||
try:
|
||||
for fms_policy in self.fms_policies:
|
||||
|
||||
@@ -15,11 +15,11 @@ class Glacier(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.vaults = {}
|
||||
self.__threading_call__(self.__list_vaults__)
|
||||
self.__threading_call__(self.__get_vault_access_policy__)
|
||||
self.__list_tags_for_vault__()
|
||||
self.__threading_call__(self._list_vaults)
|
||||
self.__threading_call__(self._get_vault_access_policy)
|
||||
self._list_tags_for_vault()
|
||||
|
||||
def __list_vaults__(self, regional_client):
|
||||
def _list_vaults(self, regional_client):
|
||||
logger.info("Glacier - Listing Vaults...")
|
||||
try:
|
||||
list_vaults_paginator = regional_client.get_paginator("list_vaults")
|
||||
@@ -44,7 +44,7 @@ class Glacier(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __get_vault_access_policy__(self, regional_client):
|
||||
def _get_vault_access_policy(self, regional_client):
|
||||
logger.info("Glacier - Getting Vault Access Policy...")
|
||||
try:
|
||||
for vault in self.vaults.values():
|
||||
@@ -66,7 +66,7 @@ class Glacier(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_vault__(self):
|
||||
def _list_tags_for_vault(self):
|
||||
logger.info("Glacier - List Tags...")
|
||||
try:
|
||||
for vault in self.vaults.values():
|
||||
|
||||
@@ -17,9 +17,9 @@ class GlobalAccelerator(AWSService):
|
||||
# That is, for example, specify --region us-west-2 on AWS CLI commands.
|
||||
self.region = "us-west-2"
|
||||
self.client = self.session.client(self.service, self.region)
|
||||
self.__list_accelerators__()
|
||||
self._list_accelerators()
|
||||
|
||||
def __list_accelerators__(self):
|
||||
def _list_accelerators(self):
|
||||
logger.info("GlobalAccelerator - Listing Accelerators...")
|
||||
try:
|
||||
list_accelerators_paginator = self.client.get_paginator("list_accelerators")
|
||||
|
||||
+1
-1
@@ -10,7 +10,7 @@ class glue_data_catalogs_connection_passwords_encryption_enabled(Check):
|
||||
if encryption.tables or glue_client.provider.scan_unused_services:
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.resource_id = glue_client.audited_account
|
||||
report.resource_arn = glue_client.__get_data_catalog_arn_template__(
|
||||
report.resource_arn = glue_client._get_data_catalog_arn_template(
|
||||
encryption.region
|
||||
)
|
||||
report.region = encryption.region
|
||||
|
||||
+1
-1
@@ -10,7 +10,7 @@ class glue_data_catalogs_metadata_encryption_enabled(Check):
|
||||
if encryption.tables or glue_client.provider.scan_unused_services:
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.resource_id = glue_client.audited_account
|
||||
report.resource_arn = glue_client.__get_data_catalog_arn_template__(
|
||||
report.resource_arn = glue_client._get_data_catalog_arn_template(
|
||||
encryption.region
|
||||
)
|
||||
report.region = encryption.region
|
||||
|
||||
@@ -14,22 +14,22 @@ class Glue(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.connections = []
|
||||
self.__threading_call__(self.__get_connections__)
|
||||
self.__threading_call__(self._get_connections)
|
||||
self.tables = []
|
||||
self.__threading_call__(self.__search_tables__)
|
||||
self.__threading_call__(self._search_tables)
|
||||
self.catalog_encryption_settings = []
|
||||
self.__threading_call__(self.__get_data_catalog_encryption_settings__)
|
||||
self.__threading_call__(self._get_data_catalog_encryption_settings)
|
||||
self.dev_endpoints = []
|
||||
self.__threading_call__(self.__get_dev_endpoints__)
|
||||
self.__threading_call__(self._get_dev_endpoints)
|
||||
self.security_configs = []
|
||||
self.__threading_call__(self.__get_security_configurations__)
|
||||
self.__threading_call__(self._get_security_configurations)
|
||||
self.jobs = []
|
||||
self.__threading_call__(self.__get_jobs__)
|
||||
self.__threading_call__(self._get_jobs)
|
||||
|
||||
def __get_data_catalog_arn_template__(self, region):
|
||||
def _get_data_catalog_arn_template(self, region):
|
||||
return f"arn:{self.audited_partition}:glue:{region}:{self.audited_account}:data-catalog"
|
||||
|
||||
def __get_connections__(self, regional_client):
|
||||
def _get_connections(self, regional_client):
|
||||
logger.info("Glue - Getting connections...")
|
||||
try:
|
||||
get_connections_paginator = regional_client.get_paginator("get_connections")
|
||||
@@ -53,7 +53,7 @@ class Glue(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_dev_endpoints__(self, regional_client):
|
||||
def _get_dev_endpoints(self, regional_client):
|
||||
logger.info("Glue - Getting dev endpoints...")
|
||||
try:
|
||||
get_dev_endpoints_paginator = regional_client.get_paginator(
|
||||
@@ -90,7 +90,7 @@ class Glue(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_jobs__(self, regional_client):
|
||||
def _get_jobs(self, regional_client):
|
||||
logger.info("Glue - Getting jobs...")
|
||||
try:
|
||||
get_jobs_paginator = regional_client.get_paginator("get_jobs")
|
||||
@@ -114,7 +114,7 @@ class Glue(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_security_configurations__(self, regional_client):
|
||||
def _get_security_configurations(self, regional_client):
|
||||
logger.info("Glue - Getting security configs...")
|
||||
try:
|
||||
get_security_configurations_paginator = regional_client.get_paginator(
|
||||
@@ -154,7 +154,7 @@ class Glue(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __search_tables__(self, regional_client):
|
||||
def _search_tables(self, regional_client):
|
||||
logger.info("Glue - Search Tables...")
|
||||
try:
|
||||
for table in regional_client.search_tables()["TableList"]:
|
||||
@@ -176,7 +176,7 @@ class Glue(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_data_catalog_encryption_settings__(self, regional_client):
|
||||
def _get_data_catalog_encryption_settings(self, regional_client):
|
||||
logger.info("Glue - Catalog Encryption Settings...")
|
||||
try:
|
||||
settings = regional_client.get_data_catalog_encryption_settings()[
|
||||
|
||||
@@ -13,14 +13,14 @@ class GuardDuty(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.detectors = []
|
||||
self.__threading_call__(self.__list_detectors__)
|
||||
self.__get_detector__()
|
||||
self.__list_findings__()
|
||||
self.__list_members__()
|
||||
self.__get_administrator_account__()
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_detectors)
|
||||
self._get_detector()
|
||||
self._list_findings()
|
||||
self._list_members()
|
||||
self._get_administrator_account()
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_detectors__(self, regional_client):
|
||||
def _list_detectors(self, regional_client):
|
||||
logger.info("GuardDuty - listing detectors...")
|
||||
try:
|
||||
detectors = False
|
||||
@@ -51,7 +51,7 @@ class GuardDuty(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_detector__(self):
|
||||
def _get_detector(self):
|
||||
logger.info("GuardDuty - getting detector info...")
|
||||
try:
|
||||
for detector in self.detectors:
|
||||
@@ -75,7 +75,7 @@ class GuardDuty(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __get_administrator_account__(self):
|
||||
def _get_administrator_account(self):
|
||||
logger.info("GuardDuty - getting administrator account...")
|
||||
try:
|
||||
for detector in self.detectors:
|
||||
@@ -105,7 +105,7 @@ class GuardDuty(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __list_members__(self):
|
||||
def _list_members(self):
|
||||
logger.info("GuardDuty - listing members...")
|
||||
try:
|
||||
for detector in self.detectors:
|
||||
@@ -130,7 +130,7 @@ class GuardDuty(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __list_findings__(self):
|
||||
def _list_findings(self):
|
||||
logger.info("GuardDuty - listing findings...")
|
||||
try:
|
||||
for detector in self.detectors:
|
||||
@@ -164,7 +164,7 @@ class GuardDuty(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("Guardduty - List Tags...")
|
||||
try:
|
||||
for detector in self.detectors:
|
||||
|
||||
@@ -57,50 +57,50 @@ class IAM(AWSService):
|
||||
self.mfa_arn_template = (
|
||||
f"arn:{self.audited_partition}:iam:{self.region}:{self.audited_account}:mfa"
|
||||
)
|
||||
self.users = self.__get_users__()
|
||||
self.roles = self.__get_roles__()
|
||||
self.account_summary = self.__get_account_summary__()
|
||||
self.virtual_mfa_devices = self.__list_virtual_mfa_devices__()
|
||||
self.credential_report = self.__get_credential_report__()
|
||||
self.groups = self.__get_groups__()
|
||||
self.__get_group_users__()
|
||||
self.__list_attached_group_policies__()
|
||||
self.__list_attached_user_policies__()
|
||||
self.__list_attached_role_policies__()
|
||||
self.__list_mfa_devices__()
|
||||
self.password_policy = self.__get_password_policy__()
|
||||
self.users = self._get_users()
|
||||
self.roles = self._get_roles()
|
||||
self.account_summary = self._get_account_summary()
|
||||
self.virtual_mfa_devices = self._list_virtual_mfa_devices()
|
||||
self.credential_report = self._get_credential_report()
|
||||
self.groups = self._get_groups()
|
||||
self._get_group_users()
|
||||
self._list_attached_group_policies()
|
||||
self._list_attached_user_policies()
|
||||
self._list_attached_role_policies()
|
||||
self._list_mfa_devices()
|
||||
self.password_policy = self._get_password_policy()
|
||||
support_policy_arn = (
|
||||
"arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy"
|
||||
)
|
||||
self.entities_role_attached_to_support_policy = (
|
||||
self.__list_entities_role_for_policy__(support_policy_arn)
|
||||
self._list_entities_role_for_policy(support_policy_arn)
|
||||
)
|
||||
securityaudit_policy_arn = "arn:aws:iam::aws:policy/SecurityAudit"
|
||||
self.entities_role_attached_to_securityaudit_policy = (
|
||||
self.__list_entities_role_for_policy__(securityaudit_policy_arn)
|
||||
self._list_entities_role_for_policy(securityaudit_policy_arn)
|
||||
)
|
||||
# List both Customer (attached and unattached) and AWS Managed (only attached) policies
|
||||
self.policies = []
|
||||
self.policies.extend(self.__list_policies__("AWS"))
|
||||
self.policies.extend(self.__list_policies__("Local"))
|
||||
self.__list_policies_version__(self.policies)
|
||||
self.__list_inline_user_policies__()
|
||||
self.__list_inline_group_policies__()
|
||||
self.__list_inline_role_policies__()
|
||||
self.saml_providers = self.__list_saml_providers__()
|
||||
self.server_certificates = self.__list_server_certificates__()
|
||||
self.__list_tags_for_resource__()
|
||||
self.policies.extend(self._list_policies("AWS"))
|
||||
self.policies.extend(self._list_policies("Local"))
|
||||
self._list_policies_version(self.policies)
|
||||
self._list_inline_user_policies()
|
||||
self._list_inline_group_policies()
|
||||
self._list_inline_role_policies()
|
||||
self.saml_providers = self._list_saml_providers()
|
||||
self.server_certificates = self._list_server_certificates()
|
||||
self._list_tags_for_resource()
|
||||
self.access_keys_metadata = {}
|
||||
self.__get_access_keys_metadata__()
|
||||
self._get_access_keys_metadata()
|
||||
self.last_accessed_services = {}
|
||||
self.__get_last_accessed_services__()
|
||||
self._get_last_accessed_services()
|
||||
self.user_temporary_credentials_usage = {}
|
||||
self.__get_user_temporary_credentials_usage__()
|
||||
self._get_user_temporary_credentials_usage()
|
||||
|
||||
def __get_client__(self):
|
||||
def _get_client(self):
|
||||
return self.client
|
||||
|
||||
def __get_roles__(self):
|
||||
def _get_roles(self):
|
||||
logger.info("IAM - List Roles...")
|
||||
try:
|
||||
roles = []
|
||||
@@ -135,7 +135,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return roles
|
||||
|
||||
def __get_credential_report__(self):
|
||||
def _get_credential_report(self):
|
||||
logger.info("IAM - Get Credential Report...")
|
||||
report_is_completed = False
|
||||
credential_list = []
|
||||
@@ -168,7 +168,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return credential_list
|
||||
|
||||
def __get_groups__(self):
|
||||
def _get_groups(self):
|
||||
logger.info("IAM - Get Groups...")
|
||||
try:
|
||||
groups = []
|
||||
@@ -187,7 +187,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return groups
|
||||
|
||||
def __get_account_summary__(self):
|
||||
def _get_account_summary(self):
|
||||
logger.info("IAM - Get Account Summary...")
|
||||
try:
|
||||
account_summary = self.client.get_account_summary()
|
||||
@@ -199,7 +199,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return account_summary
|
||||
|
||||
def __get_password_policy__(self):
|
||||
def _get_password_policy(self):
|
||||
logger.info("IAM - Get Password Policy...")
|
||||
try:
|
||||
stored_password_policy = None
|
||||
@@ -267,7 +267,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return stored_password_policy
|
||||
|
||||
def __get_users__(self):
|
||||
def _get_users(self):
|
||||
logger.info("IAM - List Users...")
|
||||
try:
|
||||
get_users_paginator = self.client.get_paginator("list_users")
|
||||
@@ -304,7 +304,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return users
|
||||
|
||||
def __list_virtual_mfa_devices__(self):
|
||||
def _list_virtual_mfa_devices(self):
|
||||
logger.info("IAM - List Virtual MFA Devices...")
|
||||
try:
|
||||
mfa_devices = []
|
||||
@@ -322,7 +322,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return mfa_devices
|
||||
|
||||
def __list_attached_group_policies__(self):
|
||||
def _list_attached_group_policies(self):
|
||||
logger.info("IAM - List Attached Group Policies...")
|
||||
try:
|
||||
for group in self.groups:
|
||||
@@ -347,7 +347,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_group_users__(self):
|
||||
def _get_group_users(self):
|
||||
logger.info("IAM - Get Group Users...")
|
||||
try:
|
||||
for group in self.groups:
|
||||
@@ -373,7 +373,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_mfa_devices__(self):
|
||||
def _list_mfa_devices(self):
|
||||
logger.info("IAM - List MFA Devices...")
|
||||
try:
|
||||
for user in self.users:
|
||||
@@ -397,7 +397,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_attached_user_policies__(self):
|
||||
def _list_attached_user_policies(self):
|
||||
logger.info("IAM - List Attached User Policies...")
|
||||
try:
|
||||
for user in self.users:
|
||||
@@ -433,7 +433,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_attached_role_policies__(self):
|
||||
def _list_attached_role_policies(self):
|
||||
logger.info("IAM - List Attached User Policies...")
|
||||
try:
|
||||
if self.roles:
|
||||
@@ -470,7 +470,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_inline_user_policies__(self):
|
||||
def _list_inline_user_policies(self):
|
||||
logger.info("IAM - List Inline User Policies...")
|
||||
for user in self.users:
|
||||
try:
|
||||
@@ -528,7 +528,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_inline_group_policies__(self):
|
||||
def _list_inline_group_policies(self):
|
||||
logger.info("IAM - List Inline Group Policies...")
|
||||
for group in self.groups:
|
||||
try:
|
||||
@@ -588,7 +588,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_inline_role_policies__(self):
|
||||
def _list_inline_role_policies(self):
|
||||
logger.info("IAM - List Inline Role Policies...")
|
||||
if self.roles:
|
||||
for role in self.roles:
|
||||
@@ -651,7 +651,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_entities_role_for_policy__(self, policy_arn):
|
||||
def _list_entities_role_for_policy(self, policy_arn):
|
||||
logger.info("IAM - List Entities Role For Policy...")
|
||||
try:
|
||||
roles = []
|
||||
@@ -676,7 +676,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return roles
|
||||
|
||||
def __list_policies__(self, scope):
|
||||
def _list_policies(self, scope):
|
||||
logger.info("IAM - List Policies...")
|
||||
try:
|
||||
policies = []
|
||||
@@ -707,7 +707,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return policies
|
||||
|
||||
def __list_policies_version__(self, policies):
|
||||
def _list_policies_version(self, policies):
|
||||
logger.info("IAM - List Policies Version...")
|
||||
try:
|
||||
for policy in policies:
|
||||
@@ -731,7 +731,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_saml_providers__(self):
|
||||
def _list_saml_providers(self):
|
||||
logger.info("IAM - List SAML Providers...")
|
||||
try:
|
||||
saml_providers = self.client.list_saml_providers()["SAMLProviderList"]
|
||||
@@ -743,7 +743,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return saml_providers
|
||||
|
||||
def __list_server_certificates__(self):
|
||||
def _list_server_certificates(self):
|
||||
logger.info("IAM - List Server Certificates...")
|
||||
try:
|
||||
server_certificates = []
|
||||
@@ -768,7 +768,7 @@ class IAM(AWSService):
|
||||
finally:
|
||||
return server_certificates
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("IAM - List Tags...")
|
||||
try:
|
||||
if self.roles:
|
||||
@@ -838,7 +838,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_last_accessed_services__(self):
|
||||
def _get_last_accessed_services(self):
|
||||
logger.info("IAM - Getting Last Accessed Services ...")
|
||||
try:
|
||||
for user in self.users:
|
||||
@@ -876,7 +876,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_access_keys_metadata__(self):
|
||||
def _get_access_keys_metadata(self):
|
||||
logger.info("IAM - Getting Access Keys Metadata ...")
|
||||
try:
|
||||
for user in self.users:
|
||||
@@ -905,7 +905,7 @@ class IAM(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_user_temporary_credentials_usage__(self):
|
||||
def _get_user_temporary_credentials_usage(self):
|
||||
logger.info("IAM - Getting User Temporary Credentials Usage ...")
|
||||
try:
|
||||
temporary_credentials_usage = False
|
||||
|
||||
@@ -10,10 +10,10 @@ class Inspector2(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.inspectors = []
|
||||
self.__threading_call__(self.__batch_get_account_status__)
|
||||
self.__threading_call__(self.__list_active_findings__, self.inspectors)
|
||||
self.__threading_call__(self._batch_get_account_status)
|
||||
self.__threading_call__(self._list_active_findings, self.inspectors)
|
||||
|
||||
def __batch_get_account_status__(self, regional_client):
|
||||
def _batch_get_account_status(self, regional_client):
|
||||
# We use this function to check if inspector2 is enabled
|
||||
logger.info("Inspector2 - Getting account status...")
|
||||
try:
|
||||
@@ -33,7 +33,7 @@ class Inspector2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_active_findings__(self, inspector):
|
||||
def _list_active_findings(self, inspector):
|
||||
logger.info("Inspector2 - Listing active findings...")
|
||||
try:
|
||||
regional_client = self.regional_clients[inspector.region]
|
||||
|
||||
@@ -10,11 +10,11 @@ class Kafka(AWSService):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.account_arn_template = f"arn:{self.audited_partition}:kafka:{self.region}:{self.audited_account}:cluster"
|
||||
self.clusters = {}
|
||||
self.__threading_call__(self.__list_clusters__)
|
||||
self.__threading_call__(self._list_clusters)
|
||||
self.kafka_versions = []
|
||||
self.__threading_call__(self.__list_kafka_versions__)
|
||||
self.__threading_call__(self._list_kafka_versions)
|
||||
|
||||
def __list_clusters__(self, regional_client):
|
||||
def _list_clusters(self, regional_client):
|
||||
try:
|
||||
cluster_paginator = regional_client.get_paginator("list_clusters")
|
||||
|
||||
@@ -70,7 +70,7 @@ class Kafka(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_kafka_versions__(self, regional_client):
|
||||
def _list_kafka_versions(self, regional_client):
|
||||
try:
|
||||
kafka_versions_paginator = regional_client.get_paginator(
|
||||
"list_kafka_versions"
|
||||
|
||||
@@ -14,14 +14,14 @@ class KMS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.keys = []
|
||||
self.__threading_call__(self.__list_keys__)
|
||||
self.__threading_call__(self._list_keys)
|
||||
if self.keys:
|
||||
self.__describe_key__()
|
||||
self.__get_key_rotation_status__()
|
||||
self.__get_key_policy__()
|
||||
self.__list_resource_tags__()
|
||||
self._describe_key()
|
||||
self._get_key_rotation_status()
|
||||
self._get_key_policy()
|
||||
self._list_resource_tags()
|
||||
|
||||
def __list_keys__(self, regional_client):
|
||||
def _list_keys(self, regional_client):
|
||||
logger.info("KMS - Listing Keys...")
|
||||
try:
|
||||
list_keys_paginator = regional_client.get_paginator("list_keys")
|
||||
@@ -42,7 +42,7 @@ class KMS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __describe_key__(self):
|
||||
def _describe_key(self):
|
||||
logger.info("KMS - Describing Key...")
|
||||
try:
|
||||
for key in self.keys:
|
||||
@@ -57,7 +57,7 @@ class KMS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __get_key_rotation_status__(self):
|
||||
def _get_key_rotation_status(self):
|
||||
logger.info("KMS - Get Key Rotation Status...")
|
||||
try:
|
||||
for key in self.keys:
|
||||
@@ -76,7 +76,7 @@ class KMS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __get_key_policy__(self):
|
||||
def _get_key_policy(self):
|
||||
logger.info("KMS - Get Key Policy...")
|
||||
try:
|
||||
for key in self.keys:
|
||||
@@ -94,7 +94,7 @@ class KMS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __list_resource_tags__(self):
|
||||
def _list_resource_tags(self):
|
||||
logger.info("KMS - List Tags...")
|
||||
for key in self.keys:
|
||||
if (
|
||||
|
||||
@@ -11,13 +11,13 @@ class Lightsail(AWSService):
|
||||
def __init__(self, provider):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.instances = {}
|
||||
self.__threading_call__(self.__get_instances__)
|
||||
self.__threading_call__(self._get_instances)
|
||||
self.databases = {}
|
||||
self.__threading_call__(self.__get_databases__)
|
||||
self.__threading_call__(self._get_databases)
|
||||
self.static_ips = {}
|
||||
self.__threading_call__(self.__get_static_ips__)
|
||||
self.__threading_call__(self._get_static_ips)
|
||||
|
||||
def __get_instances__(self, regional_client):
|
||||
def _get_instances(self, regional_client):
|
||||
logger.info("Lightsail - Getting instances...")
|
||||
try:
|
||||
instance_paginator = regional_client.get_paginator("get_instances")
|
||||
@@ -87,7 +87,7 @@ class Lightsail(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_databases__(self, regional_client):
|
||||
def _get_databases(self, regional_client):
|
||||
logger.info("Lightsail - Getting databases...")
|
||||
try:
|
||||
databases_paginator = regional_client.get_paginator(
|
||||
@@ -125,7 +125,7 @@ class Lightsail(AWSService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_static_ips__(self, regional_client):
|
||||
def _get_static_ips(self, regional_client):
|
||||
logger.info("Lightsail - Getting static IPs...")
|
||||
try:
|
||||
static_ips_paginator = regional_client.get_paginator("get_static_ips")
|
||||
|
||||
@@ -9,9 +9,7 @@ class macie_is_enabled(Check):
|
||||
for session in macie_client.sessions:
|
||||
report = Check_Report_AWS(self.metadata())
|
||||
report.region = session.region
|
||||
report.resource_arn = macie_client.__get_session_arn_template__(
|
||||
session.region
|
||||
)
|
||||
report.resource_arn = macie_client._get_session_arn_template(session.region)
|
||||
report.resource_id = macie_client.audited_account
|
||||
if session.status == "ENABLED":
|
||||
report.status = "PASS"
|
||||
|
||||
@@ -10,12 +10,12 @@ class Macie(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__("macie2", provider)
|
||||
self.sessions = []
|
||||
self.__threading_call__(self.__get_macie_session__)
|
||||
self.__threading_call__(self._get_macie_session)
|
||||
|
||||
def __get_session_arn_template__(self, region):
|
||||
def _get_session_arn_template(self, region):
|
||||
return f"arn:{self.audited_partition}:macie:{region}:{self.audited_account}:session"
|
||||
|
||||
def __get_macie_session__(self, regional_client):
|
||||
def _get_macie_session(self, regional_client):
|
||||
logger.info("Macie - Get Macie Session...")
|
||||
try:
|
||||
self.sessions.append(
|
||||
|
||||
@@ -11,10 +11,10 @@ class NetworkFirewall(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__("network-firewall", provider)
|
||||
self.network_firewalls = []
|
||||
self.__threading_call__(self.__list_firewalls__)
|
||||
self.__describe_firewall__()
|
||||
self.__threading_call__(self._list_firewalls)
|
||||
self._describe_firewall()
|
||||
|
||||
def __list_firewalls__(self, regional_client):
|
||||
def _list_firewalls(self, regional_client):
|
||||
logger.info("Network Firewall - Listing Network Firewalls...")
|
||||
try:
|
||||
list_network_firewalls_paginator = regional_client.get_paginator(
|
||||
@@ -39,7 +39,7 @@ class NetworkFirewall(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_firewall__(self):
|
||||
def _describe_firewall(self):
|
||||
logger.info("Network Firewall - Describe Network Firewalls...")
|
||||
try:
|
||||
for network_firewall in self.network_firewalls:
|
||||
|
||||
@@ -14,12 +14,12 @@ class OpenSearchService(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__("opensearch", provider)
|
||||
self.opensearch_domains = []
|
||||
self.__threading_call__(self.__list_domain_names__)
|
||||
self.__describe_domain_config__(self.regional_clients)
|
||||
self.__describe_domain__(self.regional_clients)
|
||||
self.__list_tags__()
|
||||
self.__threading_call__(self._list_domain_names)
|
||||
self._describe_domain_config(self.regional_clients)
|
||||
self._describe_domain(self.regional_clients)
|
||||
self._list_tags()
|
||||
|
||||
def __list_domain_names__(self, regional_client):
|
||||
def _list_domain_names(self, regional_client):
|
||||
logger.info("OpenSearch - listing domain names...")
|
||||
try:
|
||||
domains = regional_client.list_domain_names()
|
||||
@@ -40,7 +40,7 @@ class OpenSearchService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_domain_config__(self, regional_clients):
|
||||
def _describe_domain_config(self, regional_clients):
|
||||
logger.info("OpenSearch - describing domain configurations...")
|
||||
try:
|
||||
for domain in self.opensearch_domains:
|
||||
@@ -79,7 +79,7 @@ class OpenSearchService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_domain__(self, regional_clients):
|
||||
def _describe_domain(self, regional_clients):
|
||||
logger.info("OpenSearch - describing domain configurations...")
|
||||
try:
|
||||
for domain in self.opensearch_domains:
|
||||
@@ -132,7 +132,7 @@ class OpenSearchService(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags__(self):
|
||||
def _list_tags(self):
|
||||
logger.info("OpenSearch - List Tags...")
|
||||
for domain in self.opensearch_domains:
|
||||
try:
|
||||
|
||||
@@ -24,9 +24,9 @@ class Organizations(AWSService):
|
||||
self.organizations = []
|
||||
self.policies = []
|
||||
self.delegated_administrators = []
|
||||
self.__describe_organization__()
|
||||
self._describe_organization()
|
||||
|
||||
def __describe_organization__(self):
|
||||
def _describe_organization(self):
|
||||
logger.info("Organizations - Describe Organization...")
|
||||
|
||||
try:
|
||||
@@ -37,10 +37,10 @@ class Organizations(AWSService):
|
||||
organization_id = organization_desc.get("Id")
|
||||
organization_master_id = organization_desc.get("MasterAccountId")
|
||||
# Fetch policies for organization:
|
||||
organization_policies = self.__list_policies__()
|
||||
organization_policies = self._list_policies()
|
||||
# Fetch delegated administrators for organization:
|
||||
organization_delegated_administrator = (
|
||||
self.__list_delegated_administrators__()
|
||||
self._list_delegated_administrators()
|
||||
)
|
||||
except ClientError as error:
|
||||
if (
|
||||
@@ -90,7 +90,7 @@ class Organizations(AWSService):
|
||||
)
|
||||
|
||||
# I'm using list_policies instead of list_policies_for_target, because the last one only returns "Attached directly" policies but not "Inherited from..." policies.
|
||||
def __list_policies__(self):
|
||||
def _list_policies(self):
|
||||
logger.info("Organizations - List policies...")
|
||||
|
||||
try:
|
||||
@@ -103,8 +103,8 @@ class Organizations(AWSService):
|
||||
for page in list_policies_paginator.paginate(Filter=policy_type):
|
||||
for policy in page["Policies"]:
|
||||
policy_id = policy.get("Id")
|
||||
policy_content = self.__describe_policy__(policy_id)
|
||||
policy_targets = self.__list_targets_for_policy__(policy_id)
|
||||
policy_content = self._describe_policy(policy_id)
|
||||
policy_targets = self._list_targets_for_policy(policy_id)
|
||||
self.policies.append(
|
||||
Policy(
|
||||
arn=policy.get("Arn"),
|
||||
@@ -128,7 +128,7 @@ class Organizations(AWSService):
|
||||
finally:
|
||||
return self.policies
|
||||
|
||||
def __describe_policy__(self, policy_id) -> dict:
|
||||
def _describe_policy(self, policy_id) -> dict:
|
||||
logger.info("Organizations - Describe policy: %s ...", policy_id)
|
||||
|
||||
# This operation can be called only from the organization’s management account or by a member account that is a delegated administrator for an Amazon Web Services service.
|
||||
@@ -151,7 +151,7 @@ class Organizations(AWSService):
|
||||
)
|
||||
return {}
|
||||
|
||||
def __list_targets_for_policy__(self, policy_id) -> list:
|
||||
def _list_targets_for_policy(self, policy_id) -> list:
|
||||
logger.info("Organizations - List Targets for policy: %s ...", policy_id)
|
||||
|
||||
try:
|
||||
@@ -169,7 +169,7 @@ class Organizations(AWSService):
|
||||
)
|
||||
return []
|
||||
|
||||
def __list_delegated_administrators__(self):
|
||||
def _list_delegated_administrators(self):
|
||||
logger.info("Organizations - List Delegated Administrators")
|
||||
|
||||
try:
|
||||
|
||||
+1
-3
@@ -11,9 +11,7 @@ class rds_instance_event_subscription_security_groups(Check):
|
||||
report.status = "FAIL"
|
||||
report.status_extended = "RDS security group event categories of configuration change and failure are not subscribed."
|
||||
report.resource_id = rds_client.audited_account
|
||||
report.resource_arn = rds_client.__get_rds_arn_template__(
|
||||
db_event.region
|
||||
)
|
||||
report.resource_arn = rds_client._get_rds_arn_template(db_event.region)
|
||||
report.region = db_event.region
|
||||
if db_event.source_type == "db-security-group" and db_event.enabled:
|
||||
if db_event.event_list == []:
|
||||
|
||||
@@ -21,26 +21,26 @@ class RDS(AWSService):
|
||||
self.db_cluster_parameters = {}
|
||||
self.db_cluster_snapshots = []
|
||||
self.db_event_subscriptions = []
|
||||
self.__threading_call__(self.__describe_db_instances__)
|
||||
self.__threading_call__(self.__describe_db_certificate__)
|
||||
self.__threading_call__(self.__describe_db_parameters__)
|
||||
self.__threading_call__(self.__describe_db_snapshots__)
|
||||
self.__threading_call__(self.__describe_db_snapshot_attributes__)
|
||||
self.__threading_call__(self.__describe_db_clusters__)
|
||||
self.__threading_call__(self.__describe_db_cluster_parameters__)
|
||||
self.__threading_call__(self.__describe_db_cluster_snapshots__)
|
||||
self.__threading_call__(self.__describe_db_cluster_snapshot_attributes__)
|
||||
self.__threading_call__(self.__describe_db_engine_versions__)
|
||||
self.__threading_call__(self.__describe_db_event_subscriptions__)
|
||||
self.__threading_call__(self._describe_db_instances)
|
||||
self.__threading_call__(self._describe_db_certificate)
|
||||
self.__threading_call__(self._describe_db_parameters)
|
||||
self.__threading_call__(self._describe_db_snapshots)
|
||||
self.__threading_call__(self._describe_db_snapshot_attributes)
|
||||
self.__threading_call__(self._describe_db_clusters)
|
||||
self.__threading_call__(self._describe_db_cluster_parameters)
|
||||
self.__threading_call__(self._describe_db_cluster_snapshots)
|
||||
self.__threading_call__(self._describe_db_cluster_snapshot_attributes)
|
||||
self.__threading_call__(self._describe_db_engine_versions)
|
||||
self.__threading_call__(self._describe_db_event_subscriptions)
|
||||
|
||||
def __get_rds_arn_template__(self, region):
|
||||
def _get_rds_arn_template(self, region):
|
||||
return (
|
||||
f"arn:{self.audited_partition}:rds:{region}:{self.audited_account}:account"
|
||||
if region
|
||||
else f"arn:{self.audited_partition}:rds:{self.region}:{self.audited_account}:account"
|
||||
)
|
||||
|
||||
def __describe_db_instances__(self, regional_client):
|
||||
def _describe_db_instances(self, regional_client):
|
||||
logger.info("RDS - Describe Instances...")
|
||||
try:
|
||||
describe_db_instances_paginator = regional_client.get_paginator(
|
||||
@@ -106,7 +106,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_parameters__(self, regional_client):
|
||||
def _describe_db_parameters(self, regional_client):
|
||||
logger.info("RDS - Describe DB Parameters...")
|
||||
try:
|
||||
for (
|
||||
@@ -129,7 +129,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_certificate__(self, regional_client):
|
||||
def _describe_db_certificate(self, regional_client):
|
||||
logger.info("RDS - Describe DB Certificate...")
|
||||
try:
|
||||
for instance in self.db_instances.values():
|
||||
@@ -160,7 +160,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_snapshots__(self, regional_client):
|
||||
def _describe_db_snapshots(self, regional_client):
|
||||
logger.info("RDS - Describe Snapshots...")
|
||||
try:
|
||||
describe_db_snapshots_paginator = regional_client.get_paginator(
|
||||
@@ -188,7 +188,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_snapshot_attributes__(self, regional_client):
|
||||
def _describe_db_snapshot_attributes(self, regional_client):
|
||||
logger.info("RDS - Describe Snapshot Attributes...")
|
||||
for snapshot in self.db_snapshots:
|
||||
try:
|
||||
@@ -210,7 +210,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_clusters__(self, regional_client):
|
||||
def _describe_db_clusters(self, regional_client):
|
||||
logger.info("RDS - Describe Clusters...")
|
||||
try:
|
||||
describe_db_clusters_paginator = regional_client.get_paginator(
|
||||
@@ -277,7 +277,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_cluster_parameters__(self, regional_client):
|
||||
def _describe_db_cluster_parameters(self, regional_client):
|
||||
logger.info("RDS - Describe DB Cluster Parameters...")
|
||||
try:
|
||||
for cluster in self.db_clusters.values():
|
||||
@@ -326,7 +326,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_cluster_snapshots__(self, regional_client):
|
||||
def _describe_db_cluster_snapshots(self, regional_client):
|
||||
logger.info("RDS - Describe Cluster Snapshots...")
|
||||
try:
|
||||
describe_db_snapshots_paginator = regional_client.get_paginator(
|
||||
@@ -357,7 +357,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_cluster_snapshot_attributes__(self, regional_client):
|
||||
def _describe_db_cluster_snapshot_attributes(self, regional_client):
|
||||
logger.info("RDS - Describe Cluster Snapshot Attributes...")
|
||||
try:
|
||||
for snapshot in self.db_cluster_snapshots:
|
||||
@@ -382,7 +382,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_engine_versions__(self, regional_client):
|
||||
def _describe_db_engine_versions(self, regional_client):
|
||||
logger.info("RDS - Describe Engine Versions...")
|
||||
try:
|
||||
describe_db_engine_versions_paginator = regional_client.get_paginator(
|
||||
@@ -412,7 +412,7 @@ class RDS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_db_event_subscriptions__(self, regional_client):
|
||||
def _describe_db_event_subscriptions(self, regional_client):
|
||||
logger.info("RDS - Describe Event Subscriptions...")
|
||||
try:
|
||||
describe_event_subscriptions_paginator = regional_client.get_paginator(
|
||||
|
||||
@@ -13,11 +13,11 @@ class Redshift(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.clusters = []
|
||||
self.__threading_call__(self.__describe_clusters__)
|
||||
self.__describe_logging_status__(self.regional_clients)
|
||||
self.__describe_cluster_snapshots__(self.regional_clients)
|
||||
self.__threading_call__(self._describe_clusters)
|
||||
self._describe_logging_status(self.regional_clients)
|
||||
self._describe_cluster_snapshots(self.regional_clients)
|
||||
|
||||
def __describe_clusters__(self, regional_client):
|
||||
def _describe_clusters(self, regional_client):
|
||||
logger.info("Redshift - describing clusters...")
|
||||
try:
|
||||
list_clusters_paginator = regional_client.get_paginator("describe_clusters")
|
||||
@@ -53,7 +53,7 @@ class Redshift(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_logging_status__(self, regional_clients):
|
||||
def _describe_logging_status(self, regional_clients):
|
||||
logger.info("Redshift - describing logging status...")
|
||||
try:
|
||||
for cluster in self.clusters:
|
||||
@@ -74,7 +74,7 @@ class Redshift(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_cluster_snapshots__(self, regional_clients):
|
||||
def _describe_cluster_snapshots(self, regional_clients):
|
||||
logger.info("Redshift - describing logging status...")
|
||||
try:
|
||||
for cluster in self.clusters:
|
||||
|
||||
@@ -13,9 +13,9 @@ class ResourceExplorer2(AWSService):
|
||||
super().__init__("resource-explorer-2", provider)
|
||||
self.index_arn_template = f"arn:{self.audited_partition}:resource-explorer:{self.region}:{self.audited_account}:index"
|
||||
self.indexes = []
|
||||
self.__threading_call__(self.__list_indexes__)
|
||||
self.__threading_call__(self._list_indexes)
|
||||
|
||||
def __list_indexes__(self, regional_client):
|
||||
def _list_indexes(self, regional_client):
|
||||
logger.info("ResourceExplorer - list indexes...")
|
||||
try:
|
||||
list_indexes_paginator = regional_client.get_paginator("list_indexes")
|
||||
|
||||
@@ -14,12 +14,12 @@ class Route53(AWSService):
|
||||
super().__init__(__class__.__name__, provider, global_service=True)
|
||||
self.hosted_zones = {}
|
||||
self.record_sets = []
|
||||
self.__list_hosted_zones__()
|
||||
self.__list_query_logging_configs__()
|
||||
self.__list_tags_for_resource__()
|
||||
self.__list_resource_record_sets__()
|
||||
self._list_hosted_zones()
|
||||
self._list_query_logging_configs()
|
||||
self._list_tags_for_resource()
|
||||
self._list_resource_record_sets()
|
||||
|
||||
def __list_hosted_zones__(self):
|
||||
def _list_hosted_zones(self):
|
||||
logger.info("Route53 - Listing Hosting Zones...")
|
||||
try:
|
||||
list_hosted_zones_paginator = self.client.get_paginator("list_hosted_zones")
|
||||
@@ -46,7 +46,7 @@ class Route53(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_resource_record_sets__(self):
|
||||
def _list_resource_record_sets(self):
|
||||
logger.info("Route53 - Listing Hosting Zones...")
|
||||
try:
|
||||
list_resource_record_sets_paginator = self.client.get_paginator(
|
||||
@@ -78,7 +78,7 @@ class Route53(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_query_logging_configs__(self):
|
||||
def _list_query_logging_configs(self):
|
||||
logger.info("Route53 - Listing Query Logging Configs...")
|
||||
try:
|
||||
for hosted_zone in self.hosted_zones.values():
|
||||
@@ -100,7 +100,7 @@ class Route53(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("Route53Domains - List Tags...")
|
||||
for hosted_zone in self.hosted_zones.values():
|
||||
try:
|
||||
@@ -148,11 +148,11 @@ class Route53Domains(AWSService):
|
||||
# but you must specify the US East (N. Virginia) Region to create, update, or otherwise work with domains.
|
||||
self.region = "us-east-1"
|
||||
self.client = self.session.client(self.service, self.region)
|
||||
self.__list_domains__()
|
||||
self.__get_domain_detail__()
|
||||
self.__list_tags_for_domain__()
|
||||
self._list_domains()
|
||||
self._get_domain_detail()
|
||||
self._list_tags_for_domain()
|
||||
|
||||
def __list_domains__(self):
|
||||
def _list_domains(self):
|
||||
logger.info("Route53Domains - Listing Domains...")
|
||||
try:
|
||||
list_domains_zones_paginator = self.client.get_paginator("list_domains")
|
||||
@@ -169,7 +169,7 @@ class Route53Domains(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_domain_detail__(self):
|
||||
def _get_domain_detail(self):
|
||||
logger.info("Route53Domains - Getting Domain Detail...")
|
||||
try:
|
||||
for domain in self.domains.values():
|
||||
@@ -182,7 +182,7 @@ class Route53Domains(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_domain__(self):
|
||||
def _list_tags_for_domain(self):
|
||||
logger.info("Route53Domains - List Tags...")
|
||||
for domain in self.domains.values():
|
||||
try:
|
||||
|
||||
@@ -16,15 +16,15 @@ class SageMaker(AWSService):
|
||||
self.sagemaker_notebook_instances = []
|
||||
self.sagemaker_models = []
|
||||
self.sagemaker_training_jobs = []
|
||||
self.__threading_call__(self.__list_notebook_instances__)
|
||||
self.__threading_call__(self.__list_models__)
|
||||
self.__threading_call__(self.__list_training_jobs__)
|
||||
self.__describe_model__(self.regional_clients)
|
||||
self.__describe_notebook_instance__(self.regional_clients)
|
||||
self.__describe_training_job__(self.regional_clients)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_notebook_instances)
|
||||
self.__threading_call__(self._list_models)
|
||||
self.__threading_call__(self._list_training_jobs)
|
||||
self._describe_model(self.regional_clients)
|
||||
self._describe_notebook_instance(self.regional_clients)
|
||||
self._describe_training_job(self.regional_clients)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_notebook_instances__(self, regional_client):
|
||||
def _list_notebook_instances(self, regional_client):
|
||||
logger.info("SageMaker - listing notebook instances...")
|
||||
try:
|
||||
list_notebook_instances_paginator = regional_client.get_paginator(
|
||||
@@ -50,7 +50,7 @@ class SageMaker(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_models__(self, regional_client):
|
||||
def _list_models(self, regional_client):
|
||||
logger.info("SageMaker - listing models...")
|
||||
try:
|
||||
list_models_paginator = regional_client.get_paginator("list_models")
|
||||
@@ -71,7 +71,7 @@ class SageMaker(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_training_jobs__(self, regional_client):
|
||||
def _list_training_jobs(self, regional_client):
|
||||
logger.info("SageMaker - listing training jobs...")
|
||||
try:
|
||||
list_training_jobs_paginator = regional_client.get_paginator(
|
||||
@@ -96,7 +96,7 @@ class SageMaker(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_notebook_instance__(self, regional_clients):
|
||||
def _describe_notebook_instance(self, regional_clients):
|
||||
logger.info("SageMaker - describing notebook instances...")
|
||||
try:
|
||||
for notebook_instance in self.sagemaker_notebook_instances:
|
||||
@@ -135,7 +135,7 @@ class SageMaker(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_model__(self, regional_clients):
|
||||
def _describe_model(self, regional_clients):
|
||||
logger.info("SageMaker - describing models...")
|
||||
try:
|
||||
for model in self.sagemaker_models:
|
||||
@@ -153,7 +153,7 @@ class SageMaker(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_training_job__(self, regional_clients):
|
||||
def _describe_training_job(self, regional_clients):
|
||||
logger.info("SageMaker - describing training jobs...")
|
||||
try:
|
||||
for training_job in self.sagemaker_training_jobs:
|
||||
@@ -188,7 +188,7 @@ class SageMaker(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("SageMaker - List Tags...")
|
||||
try:
|
||||
for model in self.sagemaker_models:
|
||||
|
||||
@@ -13,9 +13,9 @@ class SecretsManager(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.secrets = {}
|
||||
self.__threading_call__(self.__list_secrets__)
|
||||
self.__threading_call__(self._list_secrets)
|
||||
|
||||
def __list_secrets__(self, regional_client):
|
||||
def _list_secrets(self, regional_client):
|
||||
logger.info("SecretsManager - Listing Secrets...")
|
||||
try:
|
||||
list_secrets_paginator = regional_client.get_paginator("list_secrets")
|
||||
|
||||
@@ -12,9 +12,9 @@ class SecurityHub(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.securityhubs = []
|
||||
self.__threading_call__(self.__describe_hub__)
|
||||
self.__threading_call__(self._describe_hub)
|
||||
|
||||
def __describe_hub__(self, regional_client):
|
||||
def _describe_hub(self, regional_client):
|
||||
logger.info("SecurityHub - Describing Hub...")
|
||||
try:
|
||||
# Check if SecurityHub is active
|
||||
|
||||
@@ -11,11 +11,11 @@ class Shield(AWSService):
|
||||
super().__init__(__class__.__name__, provider, global_service=True)
|
||||
self.protections = {}
|
||||
self.enabled = False
|
||||
self.enabled = self.__get_subscription_state__()
|
||||
self.enabled = self._get_subscription_state()
|
||||
if self.enabled:
|
||||
self.__list_protections__()
|
||||
self._list_protections()
|
||||
|
||||
def __get_subscription_state__(self):
|
||||
def _get_subscription_state(self):
|
||||
logger.info("Shield - Getting Subscription State...")
|
||||
try:
|
||||
return (
|
||||
@@ -28,7 +28,7 @@ class Shield(AWSService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_protections__(self):
|
||||
def _list_protections(self):
|
||||
logger.info("Shield - Listing Protections...")
|
||||
try:
|
||||
list_protections_paginator = self.client.get_paginator("list_protections")
|
||||
|
||||
@@ -14,12 +14,12 @@ class SNS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.topics = []
|
||||
self.__threading_call__(self.__list_topics__)
|
||||
self.__get_topic_attributes__(self.regional_clients)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__list_subscriptions_by_topic__()
|
||||
self.__threading_call__(self._list_topics)
|
||||
self._get_topic_attributes(self.regional_clients)
|
||||
self._list_tags_for_resource()
|
||||
self._list_subscriptions_by_topic()
|
||||
|
||||
def __list_topics__(self, regional_client):
|
||||
def _list_topics(self, regional_client):
|
||||
logger.info("SNS - listing topics...")
|
||||
try:
|
||||
list_topics_paginator = regional_client.get_paginator("list_topics")
|
||||
@@ -42,7 +42,7 @@ class SNS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_topic_attributes__(self, regional_clients):
|
||||
def _get_topic_attributes(self, regional_clients):
|
||||
logger.info("SNS - getting topic attributes...")
|
||||
try:
|
||||
for topic in self.topics:
|
||||
@@ -61,7 +61,7 @@ class SNS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("SNS - List Tags...")
|
||||
try:
|
||||
for topic in self.topics:
|
||||
@@ -75,7 +75,7 @@ class SNS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_subscriptions_by_topic__(self):
|
||||
def _list_subscriptions_by_topic(self):
|
||||
logger.info("SNS - Listing subscriptions by topic...")
|
||||
try:
|
||||
for topic in self.topics:
|
||||
|
||||
@@ -15,11 +15,11 @@ class SQS(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.queues = []
|
||||
self.__threading_call__(self.__list_queues__)
|
||||
self.__get_queue_attributes__()
|
||||
self.__list_queue_tags__()
|
||||
self.__threading_call__(self._list_queues)
|
||||
self._get_queue_attributes()
|
||||
self._list_queue_tags()
|
||||
|
||||
def __list_queues__(self, regional_client):
|
||||
def _list_queues(self, regional_client):
|
||||
logger.info("SQS - describing queues...")
|
||||
try:
|
||||
list_queues_paginator = regional_client.get_paginator("list_queues")
|
||||
@@ -49,7 +49,7 @@ class SQS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_queue_attributes__(self):
|
||||
def _get_queue_attributes(self):
|
||||
try:
|
||||
logger.info("SQS - describing queue attributes...")
|
||||
for queue in self.queues:
|
||||
@@ -94,7 +94,7 @@ class SQS(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_queue_tags__(self):
|
||||
def _list_queue_tags(self):
|
||||
logger.info("SQS - List Tags...")
|
||||
try:
|
||||
for queue in self.queues:
|
||||
|
||||
@@ -19,13 +19,13 @@ class SSM(AWSService):
|
||||
self.documents = {}
|
||||
self.compliance_resources = {}
|
||||
self.managed_instances = {}
|
||||
self.__threading_call__(self.__list_documents__)
|
||||
self.__threading_call__(self.__get_document__)
|
||||
self.__threading_call__(self.__describe_document_permission__)
|
||||
self.__threading_call__(self.__list_resource_compliance_summaries__)
|
||||
self.__threading_call__(self.__describe_instance_information__)
|
||||
self.__threading_call__(self._list_documents)
|
||||
self.__threading_call__(self._get_document)
|
||||
self.__threading_call__(self._describe_document_permission)
|
||||
self.__threading_call__(self._list_resource_compliance_summaries)
|
||||
self.__threading_call__(self._describe_instance_information)
|
||||
|
||||
def __list_documents__(self, regional_client):
|
||||
def _list_documents(self, regional_client):
|
||||
logger.info("SSM - Listing Documents...")
|
||||
try:
|
||||
# To retrieve only the documents owned by the account
|
||||
@@ -62,7 +62,7 @@ class SSM(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __get_document__(self, regional_client):
|
||||
def _get_document(self, regional_client):
|
||||
logger.info("SSM - Getting Document...")
|
||||
for document in self.documents.values():
|
||||
try:
|
||||
@@ -88,7 +88,7 @@ class SSM(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __describe_document_permission__(self, regional_client):
|
||||
def _describe_document_permission(self, regional_client):
|
||||
logger.info("SSM - Describing Document Permission...")
|
||||
try:
|
||||
for document in self.documents.values():
|
||||
@@ -107,7 +107,7 @@ class SSM(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __list_resource_compliance_summaries__(self, regional_client):
|
||||
def _list_resource_compliance_summaries(self, regional_client):
|
||||
logger.info("SSM - List Resources Compliance Summaries...")
|
||||
try:
|
||||
list_resource_compliance_summaries_paginator = (
|
||||
@@ -136,7 +136,7 @@ class SSM(AWSService):
|
||||
f" {error}"
|
||||
)
|
||||
|
||||
def __describe_instance_information__(self, regional_client):
|
||||
def _describe_instance_information(self, regional_client):
|
||||
logger.info("SSM - Describing Instance Information...")
|
||||
try:
|
||||
describe_instance_information_paginator = regional_client.get_paginator(
|
||||
|
||||
@@ -19,13 +19,13 @@ class SSMIncidents(AWSService):
|
||||
super().__init__("ssm-incidents", provider)
|
||||
self.replication_set_arn_template = f"arn:{self.audited_partition}:ssm-incidents:{self.region}:{self.audited_account}:replication-set"
|
||||
self.replication_set = []
|
||||
self.__list_replication_sets__()
|
||||
self.__get_replication_set__()
|
||||
self._list_replication_sets()
|
||||
self._get_replication_set()
|
||||
self.response_plans = []
|
||||
self.__threading_call__(self.__list_response_plans__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_response_plans)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_replication_sets__(self):
|
||||
def _list_replication_sets(self):
|
||||
logger.info("SSMIncidents - Listing Replication Sets...")
|
||||
try:
|
||||
if self.regional_clients:
|
||||
@@ -61,7 +61,7 @@ class SSMIncidents(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __get_replication_set__(self):
|
||||
def _get_replication_set(self):
|
||||
logger.info("SSMIncidents - Getting Replication Sets...")
|
||||
try:
|
||||
if not self.replication_set:
|
||||
@@ -100,7 +100,7 @@ class SSMIncidents(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __list_response_plans__(self, regional_client):
|
||||
def _list_response_plans(self, regional_client):
|
||||
logger.info("SSMIncidents - Listing Response Plans...")
|
||||
try:
|
||||
list_response_plans_paginator = regional_client.get_paginator(
|
||||
@@ -120,7 +120,7 @@ class SSMIncidents(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("SSMIncidents - List Tags...")
|
||||
try:
|
||||
for response_plan in self.response_plans:
|
||||
|
||||
@@ -13,11 +13,11 @@ class StorageGateway(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.fileshares = []
|
||||
self.__threading_call__(self.__list_file_shares__)
|
||||
self.__threading_call__(self.__describe_nfs_file_shares__)
|
||||
self.__threading_call__(self.__describe_smb_file_shares__)
|
||||
self.__threading_call__(self._list_file_shares)
|
||||
self.__threading_call__(self._describe_nfs_file_shares)
|
||||
self.__threading_call__(self._describe_smb_file_shares)
|
||||
|
||||
def __list_file_shares__(self, regional_client):
|
||||
def _list_file_shares(self, regional_client):
|
||||
try:
|
||||
list_file_share_paginator = regional_client.get_paginator(
|
||||
"list_file_shares"
|
||||
@@ -45,7 +45,7 @@ class StorageGateway(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_nfs_file_shares__(self, regional_client):
|
||||
def _describe_nfs_file_shares(self, regional_client):
|
||||
logger.info("StorageGateway - Describe NFS FileShares...")
|
||||
try:
|
||||
for fileshare in self.fileshares:
|
||||
@@ -64,7 +64,7 @@ class StorageGateway(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_smb_file_shares__(self, regional_client):
|
||||
def _describe_smb_file_shares(self, regional_client):
|
||||
logger.info("StorageGateway - Describe SMB FileShares...")
|
||||
try:
|
||||
for fileshare in self.fileshares:
|
||||
|
||||
@@ -24,12 +24,12 @@ class TrustedAdvisor(AWSService):
|
||||
support_region = "us-gov-west-1"
|
||||
self.client = self.session.client(self.service, region_name=support_region)
|
||||
self.client.region = support_region
|
||||
self.__describe_services__()
|
||||
self._describe_services()
|
||||
if getattr(self.premium_support, "enabled", False):
|
||||
self.__describe_trusted_advisor_checks__()
|
||||
self.__describe_trusted_advisor_check_result__()
|
||||
self._describe_trusted_advisor_checks()
|
||||
self._describe_trusted_advisor_check_result()
|
||||
|
||||
def __describe_trusted_advisor_checks__(self):
|
||||
def _describe_trusted_advisor_checks(self):
|
||||
logger.info("TrustedAdvisor - Describing Checks...")
|
||||
try:
|
||||
for check in self.client.describe_trusted_advisor_checks(language="en").get(
|
||||
@@ -62,7 +62,7 @@ class TrustedAdvisor(AWSService):
|
||||
f"{self.client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_trusted_advisor_check_result__(self):
|
||||
def _describe_trusted_advisor_check_result(self):
|
||||
logger.info("TrustedAdvisor - Describing Check Result...")
|
||||
try:
|
||||
for check in self.checks:
|
||||
@@ -86,7 +86,7 @@ class TrustedAdvisor(AWSService):
|
||||
f"{self.client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_services__(self):
|
||||
def _describe_services(self):
|
||||
logger.info("Support - Describing Services...")
|
||||
try:
|
||||
self.client.describe_services()
|
||||
|
||||
@@ -21,18 +21,18 @@ class VPC(AWSService):
|
||||
self.vpc_peering_connections = []
|
||||
self.vpc_endpoints = []
|
||||
self.vpc_endpoint_services = []
|
||||
self.__threading_call__(self.__describe_vpcs__)
|
||||
self.__threading_call__(self.__describe_vpc_peering_connections__)
|
||||
self.__threading_call__(self.__describe_vpc_endpoints__)
|
||||
self.__threading_call__(self.__describe_vpc_endpoint_services__)
|
||||
self.__describe_flow_logs__()
|
||||
self.__describe_peering_route_tables__()
|
||||
self.__describe_vpc_endpoint_service_permissions__()
|
||||
self.__threading_call__(self._describe_vpcs)
|
||||
self.__threading_call__(self._describe_vpc_peering_connections)
|
||||
self.__threading_call__(self._describe_vpc_endpoints)
|
||||
self.__threading_call__(self._describe_vpc_endpoint_services)
|
||||
self._describe_flow_logs()
|
||||
self._describe_peering_route_tables()
|
||||
self._describe_vpc_endpoint_service_permissions()
|
||||
self.vpc_subnets = {}
|
||||
self.__threading_call__(self.__describe_vpc_subnets__)
|
||||
self.__describe_network_interfaces__()
|
||||
self.__threading_call__(self._describe_vpc_subnets)
|
||||
self._describe_network_interfaces()
|
||||
|
||||
def __describe_vpcs__(self, regional_client):
|
||||
def _describe_vpcs(self, regional_client):
|
||||
logger.info("VPC - Describing VPCs...")
|
||||
try:
|
||||
describe_vpcs_paginator = regional_client.get_paginator("describe_vpcs")
|
||||
@@ -65,7 +65,7 @@ class VPC(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_vpc_peering_connections__(self, regional_client):
|
||||
def _describe_vpc_peering_connections(self, regional_client):
|
||||
logger.info("VPC - Describing VPC Peering Connections...")
|
||||
try:
|
||||
describe_vpc_peering_connections_paginator = regional_client.get_paginator(
|
||||
@@ -104,7 +104,7 @@ class VPC(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_peering_route_tables__(self):
|
||||
def _describe_peering_route_tables(self):
|
||||
logger.info("VPC - Describing Peering Route Tables...")
|
||||
try:
|
||||
for conn in self.vpc_peering_connections:
|
||||
@@ -147,7 +147,7 @@ class VPC(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __describe_flow_logs__(self):
|
||||
def _describe_flow_logs(self):
|
||||
logger.info("VPC - Describing flow logs...")
|
||||
try:
|
||||
for vpc in self.vpcs.values():
|
||||
@@ -174,7 +174,7 @@ class VPC(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __describe_network_interfaces__(self):
|
||||
def _describe_network_interfaces(self):
|
||||
logger.info("VPC - Describing flow logs...")
|
||||
try:
|
||||
for vpc in self.vpcs.values():
|
||||
@@ -214,7 +214,7 @@ class VPC(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __describe_vpc_endpoints__(self, regional_client):
|
||||
def _describe_vpc_endpoints(self, regional_client):
|
||||
logger.info("VPC - Describing VPC Endpoints...")
|
||||
try:
|
||||
describe_vpc_endpoints_paginator = regional_client.get_paginator(
|
||||
@@ -252,7 +252,7 @@ class VPC(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_vpc_endpoint_services__(self, regional_client):
|
||||
def _describe_vpc_endpoint_services(self, regional_client):
|
||||
logger.info("VPC - Describing VPC Endpoint Services...")
|
||||
try:
|
||||
describe_vpc_endpoint_services_paginator = regional_client.get_paginator(
|
||||
@@ -285,7 +285,7 @@ class VPC(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_vpc_endpoint_service_permissions__(self):
|
||||
def _describe_vpc_endpoint_service_permissions(self):
|
||||
logger.info("VPC - Describing VPC Endpoint service permissions...")
|
||||
try:
|
||||
for service in self.vpc_endpoint_services:
|
||||
@@ -312,7 +312,7 @@ class VPC(AWSService):
|
||||
f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
|
||||
)
|
||||
|
||||
def __describe_vpc_subnets__(self, regional_client):
|
||||
def _describe_vpc_subnets(self, regional_client):
|
||||
logger.info("VPC - Describing VPC subnets...")
|
||||
try:
|
||||
describe_subnets_paginator = regional_client.get_paginator(
|
||||
|
||||
@@ -11,10 +11,10 @@ class WAF(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__("waf-regional", provider)
|
||||
self.web_acls = []
|
||||
self.__threading_call__(self.__list_web_acls__)
|
||||
self.__threading_call__(self.__list_resources_for_web_acl__)
|
||||
self.__threading_call__(self._list_web_acls)
|
||||
self.__threading_call__(self._list_resources_for_web_acl)
|
||||
|
||||
def __list_web_acls__(self, regional_client):
|
||||
def _list_web_acls(self, regional_client):
|
||||
logger.info("WAF - Listing Regional Web ACLs...")
|
||||
try:
|
||||
for waf in regional_client.list_web_acls()["WebACLs"]:
|
||||
@@ -34,7 +34,7 @@ class WAF(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_resources_for_web_acl__(self, regional_client):
|
||||
def _list_resources_for_web_acl(self, regional_client):
|
||||
logger.info("WAF - Describing resources...")
|
||||
try:
|
||||
for acl in self.web_acls:
|
||||
|
||||
@@ -12,11 +12,11 @@ class WAFv2(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.web_acls = []
|
||||
self.__threading_call__(self.__list_web_acls__)
|
||||
self.__threading_call__(self.__list_resources_for_web_acl__)
|
||||
self.__threading_call__(self.__get_logging_configuration__)
|
||||
self.__threading_call__(self._list_web_acls)
|
||||
self.__threading_call__(self._list_resources_for_web_acl)
|
||||
self.__threading_call__(self._get_logging_configuration)
|
||||
|
||||
def __list_web_acls__(self, regional_client):
|
||||
def _list_web_acls(self, regional_client):
|
||||
logger.info("WAFv2 - Listing Regional Web ACLs...")
|
||||
try:
|
||||
for wafv2 in regional_client.list_web_acls(Scope="REGIONAL")["WebACLs"]:
|
||||
@@ -38,7 +38,7 @@ class WAFv2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_logging_configuration__(self, regional_client):
|
||||
def _get_logging_configuration(self, regional_client):
|
||||
logger.info("WAFv2 - Get Logging Configuration...")
|
||||
for acl in self.web_acls:
|
||||
if acl.region == regional_client.region:
|
||||
@@ -64,7 +64,7 @@ class WAFv2(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_resources_for_web_acl__(self, regional_client):
|
||||
def _list_resources_for_web_acl(self, regional_client):
|
||||
logger.info("WAFv2 - Describing resources...")
|
||||
for acl in self.web_acls:
|
||||
if acl.region == regional_client.region:
|
||||
|
||||
@@ -14,10 +14,10 @@ class WellArchitected(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.workloads = []
|
||||
self.__threading_call__(self.__list_workloads__)
|
||||
self.__list_tags_for_resource__()
|
||||
self.__threading_call__(self._list_workloads)
|
||||
self._list_tags_for_resource()
|
||||
|
||||
def __list_workloads__(self, regional_client):
|
||||
def _list_workloads(self, regional_client):
|
||||
logger.info("WellArchitected - Listing Workloads...")
|
||||
try:
|
||||
for workload in regional_client.list_workloads()["WorkloadSummaries"]:
|
||||
@@ -41,7 +41,7 @@ class WellArchitected(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __list_tags_for_resource__(self):
|
||||
def _list_tags_for_resource(self):
|
||||
logger.info("WellArchitected - Listing Tags...")
|
||||
try:
|
||||
for workload in self.workloads:
|
||||
|
||||
@@ -13,10 +13,10 @@ class WorkSpaces(AWSService):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.workspaces = []
|
||||
self.__threading_call__(self.__describe_workspaces__)
|
||||
self.__describe_tags__()
|
||||
self.__threading_call__(self._describe_workspaces)
|
||||
self._describe_tags()
|
||||
|
||||
def __describe_workspaces__(self, regional_client):
|
||||
def _describe_workspaces(self, regional_client):
|
||||
logger.info("WorkSpaces - describing workspaces...")
|
||||
try:
|
||||
describe_workspaces_paginator = regional_client.get_paginator(
|
||||
@@ -51,7 +51,7 @@ class WorkSpaces(AWSService):
|
||||
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_tags__(self):
|
||||
def _describe_tags(self):
|
||||
logger.info("Workspaces - List Tags...")
|
||||
try:
|
||||
for workspace in self.workspaces:
|
||||
|
||||
@@ -12,9 +12,9 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class AKS(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(ContainerServiceClient, provider)
|
||||
self.clusters = self.__get_clusters__()
|
||||
self.clusters = self._get_clusters()
|
||||
|
||||
def __get_clusters__(self):
|
||||
def _get_clusters(self):
|
||||
logger.info("AKS - Getting clusters...")
|
||||
clusters = {}
|
||||
|
||||
|
||||
@@ -14,10 +14,10 @@ from prowler.providers.azure.services.monitor.monitor_service import DiagnosticS
|
||||
class App(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(WebSiteManagementClient, provider)
|
||||
self.apps = self.__get_apps__()
|
||||
self.functions = self.__get_functions__()
|
||||
self.apps = self._get_apps()
|
||||
self.functions = self._get_functions()
|
||||
|
||||
def __get_apps__(self):
|
||||
def _get_apps(self):
|
||||
logger.info("App - Getting apps...")
|
||||
apps = {}
|
||||
|
||||
@@ -50,11 +50,11 @@ class App(AzureService):
|
||||
resource_group_name=app.resource_group,
|
||||
name=app.name,
|
||||
),
|
||||
client_cert_mode=self.__get_client_cert_mode__(
|
||||
client_cert_mode=self._get_client_cert_mode(
|
||||
getattr(app, "client_cert_enabled", False),
|
||||
getattr(app, "client_cert_mode", "Ignore"),
|
||||
),
|
||||
monitor_diagnostic_settings=self.__get_app_monitor_settings__(
|
||||
monitor_diagnostic_settings=self._get_app_monitor_settings(
|
||||
app.name, app.resource_group, subscription_name
|
||||
),
|
||||
https_only=getattr(app, "https_only", False),
|
||||
@@ -71,7 +71,7 @@ class App(AzureService):
|
||||
|
||||
return apps
|
||||
|
||||
def __get_functions__(self):
|
||||
def _get_functions(self):
|
||||
logger.info("Function - Getting functions...")
|
||||
functions = {}
|
||||
|
||||
@@ -138,9 +138,7 @@ class App(AzureService):
|
||||
|
||||
return functions
|
||||
|
||||
def __get_client_cert_mode__(
|
||||
self, client_cert_enabled: bool, client_cert_mode: str
|
||||
):
|
||||
def _get_client_cert_mode(self, client_cert_enabled: bool, client_cert_mode: str):
|
||||
cert_mode = "Ignore"
|
||||
if not client_cert_enabled and client_cert_mode == "OptionalInteractiveUser":
|
||||
cert_mode = "Ignore"
|
||||
@@ -155,7 +153,7 @@ class App(AzureService):
|
||||
|
||||
return cert_mode
|
||||
|
||||
def __get_app_monitor_settings__(self, app_name, resource_group, subscription):
|
||||
def _get_app_monitor_settings(self, app_name, resource_group, subscription):
|
||||
logger.info(f"App - Getting monitor diagnostics settings for {app_name}...")
|
||||
monitor_diagnostics_settings = []
|
||||
try:
|
||||
|
||||
@@ -10,9 +10,9 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class AppInsights(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(ApplicationInsightsManagementClient, provider)
|
||||
self.components = self.__get_components__()
|
||||
self.components = self._get_components()
|
||||
|
||||
def __get_components__(self):
|
||||
def _get_components(self):
|
||||
logger.info("AppInsights - Getting components...")
|
||||
components = {}
|
||||
|
||||
|
||||
@@ -11,9 +11,9 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class CosmosDB(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(CosmosDBManagementClient, provider)
|
||||
self.accounts = self.__get_accounts__()
|
||||
self.accounts = self._get_accounts()
|
||||
|
||||
def __get_accounts__(self):
|
||||
def _get_accounts(self):
|
||||
logger.info("CosmosDB - Getting accounts...")
|
||||
accounts = {}
|
||||
for subscription, client in self.clients.items():
|
||||
|
||||
@@ -19,14 +19,14 @@ class Defender(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(SecurityCenter, provider)
|
||||
|
||||
self.pricings = self.__get_pricings__()
|
||||
self.auto_provisioning_settings = self.__get_auto_provisioning_settings__()
|
||||
self.assessments = self.__get_assessments__()
|
||||
self.settings = self.__get_settings__()
|
||||
self.security_contacts = self.__get_security_contacts__()
|
||||
self.iot_security_solutions = self.__get_iot_security_solutions__()
|
||||
self.pricings = self._get_pricings()
|
||||
self.auto_provisioning_settings = self._get_auto_provisioning_settings()
|
||||
self.assessments = self._get_assessments()
|
||||
self.settings = self._get_settings()
|
||||
self.security_contacts = self._get_security_contacts()
|
||||
self.iot_security_solutions = self._get_iot_security_solutions()
|
||||
|
||||
def __get_pricings__(self):
|
||||
def _get_pricings(self):
|
||||
logger.info("Defender - Getting pricings...")
|
||||
pricings = {}
|
||||
for subscription_name, client in self.clients.items():
|
||||
@@ -66,7 +66,7 @@ class Defender(AzureService):
|
||||
)
|
||||
return pricings
|
||||
|
||||
def __get_auto_provisioning_settings__(self):
|
||||
def _get_auto_provisioning_settings(self):
|
||||
logger.info("Defender - Getting auto provisioning settings...")
|
||||
auto_provisioning = {}
|
||||
for subscription_name, client in self.clients.items():
|
||||
@@ -95,7 +95,7 @@ class Defender(AzureService):
|
||||
)
|
||||
return auto_provisioning
|
||||
|
||||
def __get_assessments__(self):
|
||||
def _get_assessments(self):
|
||||
logger.info("Defender - Getting assessments...")
|
||||
assessments = {}
|
||||
for subscription_name, client in self.clients.items():
|
||||
@@ -120,7 +120,7 @@ class Defender(AzureService):
|
||||
)
|
||||
return assessments
|
||||
|
||||
def __get_settings__(self):
|
||||
def _get_settings(self):
|
||||
logger.info("Defender - Getting settings...")
|
||||
settings = {}
|
||||
for subscription_name, client in self.clients.items():
|
||||
@@ -149,7 +149,7 @@ class Defender(AzureService):
|
||||
)
|
||||
return settings
|
||||
|
||||
def __get_security_contacts__(self):
|
||||
def _get_security_contacts(self):
|
||||
logger.info("Defender - Getting security contacts...")
|
||||
security_contacts = {}
|
||||
for subscription_name, client in self.clients.items():
|
||||
@@ -195,7 +195,7 @@ class Defender(AzureService):
|
||||
)
|
||||
return security_contacts
|
||||
|
||||
def __get_iot_security_solutions__(self):
|
||||
def _get_iot_security_solutions(self):
|
||||
logger.info("Defender - Getting IoT Security Solutions...")
|
||||
iot_security_solutions = {}
|
||||
for subscription_name, client in self.clients.items():
|
||||
|
||||
@@ -23,16 +23,16 @@ class Entra(AzureService):
|
||||
loop = get_event_loop()
|
||||
|
||||
# Get users first alone because it is a dependency for other attributes
|
||||
self.users = loop.run_until_complete(self.__get_users__())
|
||||
self.users = loop.run_until_complete(self._get_users())
|
||||
|
||||
attributes = loop.run_until_complete(
|
||||
gather(
|
||||
self.__get_authorization_policy__(),
|
||||
self.__get_group_settings__(),
|
||||
self.__get_security_default__(),
|
||||
self.__get_named_locations__(),
|
||||
self.__get_directory_roles__(),
|
||||
self.__get_conditional_access_policy__(),
|
||||
self._get_authorization_policy(),
|
||||
self._get_group_settings(),
|
||||
self._get_security_default(),
|
||||
self._get_named_locations(),
|
||||
self._get_directory_roles(),
|
||||
self._get_conditional_access_policy(),
|
||||
)
|
||||
)
|
||||
|
||||
@@ -43,7 +43,7 @@ class Entra(AzureService):
|
||||
self.directory_roles = attributes[4]
|
||||
self.conditional_access_policy = attributes[5]
|
||||
|
||||
async def __get_users__(self):
|
||||
async def _get_users(self):
|
||||
logger.info("Entra - Getting users...")
|
||||
users = {}
|
||||
try:
|
||||
@@ -79,7 +79,7 @@ class Entra(AzureService):
|
||||
|
||||
return users
|
||||
|
||||
async def __get_authorization_policy__(self):
|
||||
async def _get_authorization_policy(self):
|
||||
logger.info("Entra - Getting authorization policy...")
|
||||
|
||||
authorization_policy = {}
|
||||
@@ -115,7 +115,7 @@ class Entra(AzureService):
|
||||
|
||||
return authorization_policy
|
||||
|
||||
async def __get_group_settings__(self):
|
||||
async def _get_group_settings(self):
|
||||
logger.info("Entra - Getting group settings...")
|
||||
group_settings = {}
|
||||
try:
|
||||
@@ -139,7 +139,7 @@ class Entra(AzureService):
|
||||
|
||||
return group_settings
|
||||
|
||||
async def __get_security_default__(self):
|
||||
async def _get_security_default(self):
|
||||
logger.info("Entra - Getting security default...")
|
||||
try:
|
||||
security_defaults = {}
|
||||
@@ -163,7 +163,7 @@ class Entra(AzureService):
|
||||
|
||||
return security_defaults
|
||||
|
||||
async def __get_named_locations__(self):
|
||||
async def _get_named_locations(self):
|
||||
logger.info("Entra - Getting named locations...")
|
||||
named_locations = {}
|
||||
try:
|
||||
@@ -194,7 +194,7 @@ class Entra(AzureService):
|
||||
|
||||
return named_locations
|
||||
|
||||
async def __get_directory_roles__(self):
|
||||
async def _get_directory_roles(self):
|
||||
logger.info("Entra - Getting directory roles...")
|
||||
directory_roles_with_members = {}
|
||||
try:
|
||||
@@ -228,7 +228,7 @@ class Entra(AzureService):
|
||||
)
|
||||
return directory_roles_with_members
|
||||
|
||||
async def __get_conditional_access_policy__(self):
|
||||
async def _get_conditional_access_policy(self):
|
||||
logger.info("Entra - Getting conditional access policy...")
|
||||
conditional_access_policy = {}
|
||||
try:
|
||||
|
||||
@@ -12,10 +12,10 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class IAM(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(AuthorizationManagementClient, provider)
|
||||
self.roles, self.custom_roles = self.__get_roles__()
|
||||
self.role_assignments = self.__get_role_assignments__()
|
||||
self.roles, self.custom_roles = self._get_roles()
|
||||
self.role_assignments = self._get_role_assignments()
|
||||
|
||||
def __get_roles__(self):
|
||||
def _get_roles(self):
|
||||
logger.info("IAM - Getting roles...")
|
||||
builtin_roles = {}
|
||||
custom_roles = {}
|
||||
@@ -54,7 +54,7 @@ class IAM(AzureService):
|
||||
)
|
||||
return builtin_roles, custom_roles
|
||||
|
||||
def __get_role_assignments__(self):
|
||||
def _get_role_assignments(self):
|
||||
logger.info("IAM - Getting role assignments...")
|
||||
role_assignments = {}
|
||||
for subscription, client in self.clients.items():
|
||||
|
||||
@@ -21,9 +21,9 @@ class KeyVault(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(KeyVaultManagementClient, provider)
|
||||
# TODO: review this credentials assignment
|
||||
self.key_vaults = self.__get_key_vaults__(provider)
|
||||
self.key_vaults = self._get_key_vaults(provider)
|
||||
|
||||
def __get_key_vaults__(self, provider):
|
||||
def _get_key_vaults(self, provider):
|
||||
logger.info("KeyVault - Getting key_vaults...")
|
||||
key_vaults = {}
|
||||
for subscription, client in self.clients.items():
|
||||
@@ -36,10 +36,10 @@ class KeyVault(AzureService):
|
||||
keyvault_properties = client.vaults.get(
|
||||
resource_group, keyvault_name
|
||||
).properties
|
||||
keys = self.__get_keys__(
|
||||
keys = self._get_keys(
|
||||
subscription, resource_group, keyvault_name, provider
|
||||
)
|
||||
secrets = self.__get_secrets__(
|
||||
secrets = self._get_secrets(
|
||||
subscription, resource_group, keyvault_name
|
||||
)
|
||||
key_vaults[subscription].append(
|
||||
@@ -51,7 +51,7 @@ class KeyVault(AzureService):
|
||||
properties=keyvault_properties,
|
||||
keys=keys,
|
||||
secrets=secrets,
|
||||
monitor_diagnostic_settings=self.__get_vault_monitor_settings__(
|
||||
monitor_diagnostic_settings=self._get_vault_monitor_settings(
|
||||
keyvault_name, resource_group, subscription
|
||||
),
|
||||
)
|
||||
@@ -62,7 +62,7 @@ class KeyVault(AzureService):
|
||||
)
|
||||
return key_vaults
|
||||
|
||||
def __get_keys__(self, subscription, resource_group, keyvault_name, provider):
|
||||
def _get_keys(self, subscription, resource_group, keyvault_name, provider):
|
||||
logger.info(f"KeyVault - Getting keys for {keyvault_name}...")
|
||||
keys = []
|
||||
try:
|
||||
@@ -103,7 +103,7 @@ class KeyVault(AzureService):
|
||||
)
|
||||
return keys
|
||||
|
||||
def __get_secrets__(self, subscription, resource_group, keyvault_name):
|
||||
def _get_secrets(self, subscription, resource_group, keyvault_name):
|
||||
logger.info(f"KeyVault - Getting secrets for {keyvault_name}...")
|
||||
secrets = []
|
||||
try:
|
||||
@@ -125,9 +125,7 @@ class KeyVault(AzureService):
|
||||
)
|
||||
return secrets
|
||||
|
||||
def __get_vault_monitor_settings__(
|
||||
self, keyvault_name, resource_group, subscription
|
||||
):
|
||||
def _get_vault_monitor_settings(self, keyvault_name, resource_group, subscription):
|
||||
logger.info(
|
||||
f"KeyVault - Getting monitor diagnostics settings for {keyvault_name}..."
|
||||
)
|
||||
|
||||
@@ -13,10 +13,10 @@ class Monitor(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(MonitorManagementClient, provider)
|
||||
|
||||
self.diagnostics_settings = self.__get_diagnostics_settings__()
|
||||
self.diagnostics_settings = self._get_diagnostics_settings()
|
||||
self.alert_rules = self.get_alert_rules()
|
||||
|
||||
def __get_diagnostics_settings__(self):
|
||||
def _get_diagnostics_settings(self):
|
||||
logger.info("Monitor - Getting diagnostics settings...")
|
||||
diagnostics_settings_list = []
|
||||
diagnostics_settings = {}
|
||||
|
||||
@@ -12,9 +12,9 @@ class MySQL(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(MySQLManagementClient, provider)
|
||||
|
||||
self.flexible_servers = self.__get_flexible_servers__()
|
||||
self.flexible_servers = self._get_flexible_servers()
|
||||
|
||||
def __get_flexible_servers__(self):
|
||||
def _get_flexible_servers(self):
|
||||
logger.info("MySQL - Getting servers...")
|
||||
servers = {}
|
||||
for subscription_name, client in self.clients.items():
|
||||
@@ -28,7 +28,7 @@ class MySQL(AzureService):
|
||||
resource_id=server.id,
|
||||
location=server.location,
|
||||
version=server.version,
|
||||
configurations=self.__get_configurations__(
|
||||
configurations=self._get_configurations(
|
||||
client, server.id.split("/")[4], server.name
|
||||
),
|
||||
)
|
||||
@@ -40,7 +40,7 @@ class MySQL(AzureService):
|
||||
)
|
||||
return servers
|
||||
|
||||
def __get_configurations__(self, client, resource_group, server_name):
|
||||
def _get_configurations(self, client, resource_group, server_name):
|
||||
logger.info(f"MySQL - Getting configurations from server {server_name} ...")
|
||||
configurations = {}
|
||||
try:
|
||||
|
||||
@@ -10,12 +10,12 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class Network(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(NetworkManagementClient, provider)
|
||||
self.security_groups = self.__get_security_groups__()
|
||||
self.bastion_hosts = self.__get_bastion_hosts__()
|
||||
self.network_watchers = self.__get_network_watchers__()
|
||||
self.public_ip_addresses = self.__get_public_ip_addresses__()
|
||||
self.security_groups = self._get_security_groups()
|
||||
self.bastion_hosts = self._get_bastion_hosts()
|
||||
self.network_watchers = self._get_network_watchers()
|
||||
self.public_ip_addresses = self._get_public_ip_addresses()
|
||||
|
||||
def __get_security_groups__(self):
|
||||
def _get_security_groups(self):
|
||||
logger.info("Network - Getting Network Security Groups...")
|
||||
security_groups = {}
|
||||
for subscription, client in self.clients.items():
|
||||
@@ -38,7 +38,7 @@ class Network(AzureService):
|
||||
)
|
||||
return security_groups
|
||||
|
||||
def __get_network_watchers__(self):
|
||||
def _get_network_watchers(self):
|
||||
logger.info("Network - Getting Network Watchers...")
|
||||
network_watchers = {}
|
||||
for subscription, client in self.clients.items():
|
||||
@@ -46,9 +46,7 @@ class Network(AzureService):
|
||||
network_watchers.update({subscription: []})
|
||||
network_watchers_list = client.network_watchers.list_all()
|
||||
for network_watcher in network_watchers_list:
|
||||
flow_logs = self.__get_flow_logs__(
|
||||
subscription, network_watcher.name
|
||||
)
|
||||
flow_logs = self._get_flow_logs(subscription, network_watcher.name)
|
||||
network_watchers[subscription].append(
|
||||
NetworkWatcher(
|
||||
id=network_watcher.id,
|
||||
@@ -64,14 +62,14 @@ class Network(AzureService):
|
||||
)
|
||||
return network_watchers
|
||||
|
||||
def __get_flow_logs__(self, subscription, network_watcher_name):
|
||||
def _get_flow_logs(self, subscription, network_watcher_name):
|
||||
logger.info("Network - Getting Flow Logs...")
|
||||
client = self.clients[subscription]
|
||||
resource_group = "NetworkWatcherRG"
|
||||
flow_logs = client.flow_logs.list(resource_group, network_watcher_name)
|
||||
return flow_logs
|
||||
|
||||
def __get_bastion_hosts__(self):
|
||||
def _get_bastion_hosts(self):
|
||||
logger.info("Network - Getting Bastion Hosts...")
|
||||
bastion_hosts = {}
|
||||
for subscription, client in self.clients.items():
|
||||
@@ -93,7 +91,7 @@ class Network(AzureService):
|
||||
)
|
||||
return bastion_hosts
|
||||
|
||||
def __get_public_ip_addresses__(self):
|
||||
def _get_public_ip_addresses(self):
|
||||
logger.info("Network - Getting Public IP Addresses...")
|
||||
public_ip_addresses = {}
|
||||
for subscription, client in self.clients.items():
|
||||
|
||||
@@ -11,9 +11,9 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class Policy(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(PolicyClient, provider)
|
||||
self.policy_assigments = self.__get_policy_assigments__()
|
||||
self.policy_assigments = self._get_policy_assigments()
|
||||
|
||||
def __get_policy_assigments__(self):
|
||||
def _get_policy_assigments(self):
|
||||
logger.info("Policy - Getting policy assigments...")
|
||||
policy_assigments = {}
|
||||
|
||||
|
||||
@@ -10,9 +10,9 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class PostgreSQL(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(PostgreSQLManagementClient, provider)
|
||||
self.flexible_servers = self.__get_flexible_servers__()
|
||||
self.flexible_servers = self._get_flexible_servers()
|
||||
|
||||
def __get_flexible_servers__(self):
|
||||
def _get_flexible_servers(self):
|
||||
logger.info("PostgreSQL - Getting PostgreSQL servers...")
|
||||
flexible_servers = {}
|
||||
for subscription, client in self.clients.items():
|
||||
@@ -20,29 +20,29 @@ class PostgreSQL(AzureService):
|
||||
flexible_servers.update({subscription: []})
|
||||
flexible_servers_list = client.servers.list()
|
||||
for postgresql_server in flexible_servers_list:
|
||||
resource_group = self.__get_resource_group__(postgresql_server.id)
|
||||
require_secure_transport = self.__get_require_secure_transport__(
|
||||
resource_group = self._get_resource_group(postgresql_server.id)
|
||||
require_secure_transport = self._get_require_secure_transport(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
log_checkpoints = self.__get_log_checkpoints__(
|
||||
log_checkpoints = self._get_log_checkpoints(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
log_disconnections = self.__get_log_disconnections__(
|
||||
log_disconnections = self._get_log_disconnections(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
log_connections = self.__get_log_connections__(
|
||||
log_connections = self._get_log_connections(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
connection_throttling = self.__get_connection_throttling__(
|
||||
connection_throttling = self._get_connection_throttling(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
log_retention_days = self.__get_log_retention_days__(
|
||||
log_retention_days = self._get_log_retention_days(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
firewall = self.__get_firewall__(
|
||||
firewall = self._get_firewall(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
location = self.__get_location__(
|
||||
location = self._get_location(
|
||||
subscription, resource_group, postgresql_server.name
|
||||
)
|
||||
flexible_servers[subscription].append(
|
||||
@@ -66,11 +66,11 @@ class PostgreSQL(AzureService):
|
||||
)
|
||||
return flexible_servers
|
||||
|
||||
def __get_resource_group__(self, id):
|
||||
def _get_resource_group(self, id):
|
||||
resource_group = id.split("/")[4]
|
||||
return resource_group
|
||||
|
||||
def __get_require_secure_transport__(
|
||||
def _get_require_secure_transport(
|
||||
self, subscription, resouce_group_name, server_name
|
||||
):
|
||||
client = self.clients[subscription]
|
||||
@@ -79,42 +79,40 @@ class PostgreSQL(AzureService):
|
||||
)
|
||||
return require_secure_transport.value.upper()
|
||||
|
||||
def __get_log_checkpoints__(self, subscription, resouce_group_name, server_name):
|
||||
def _get_log_checkpoints(self, subscription, resouce_group_name, server_name):
|
||||
client = self.clients[subscription]
|
||||
log_checkpoints = client.configurations.get(
|
||||
resouce_group_name, server_name, "log_checkpoints"
|
||||
)
|
||||
return log_checkpoints.value.upper()
|
||||
|
||||
def __get_log_connections__(self, subscription, resouce_group_name, server_name):
|
||||
def _get_log_connections(self, subscription, resouce_group_name, server_name):
|
||||
client = self.clients[subscription]
|
||||
log_connections = client.configurations.get(
|
||||
resouce_group_name, server_name, "log_connections"
|
||||
)
|
||||
return log_connections.value.upper()
|
||||
|
||||
def __get_log_disconnections__(self, subscription, resouce_group_name, server_name):
|
||||
def _get_log_disconnections(self, subscription, resouce_group_name, server_name):
|
||||
client = self.clients[subscription]
|
||||
log_disconnections = client.configurations.get(
|
||||
resouce_group_name, server_name, "log_disconnections"
|
||||
)
|
||||
return log_disconnections.value.upper()
|
||||
|
||||
def __get_location__(self, subscription, resouce_group_name, server_name):
|
||||
def _get_location(self, subscription, resouce_group_name, server_name):
|
||||
client = self.clients[subscription]
|
||||
location = client.servers.get(resouce_group_name, server_name).location
|
||||
return location
|
||||
|
||||
def __get_connection_throttling__(
|
||||
self, subscription, resouce_group_name, server_name
|
||||
):
|
||||
def _get_connection_throttling(self, subscription, resouce_group_name, server_name):
|
||||
client = self.clients[subscription]
|
||||
connection_throttling = client.configurations.get(
|
||||
resouce_group_name, server_name, "connection_throttle.enable"
|
||||
)
|
||||
return connection_throttling.value.upper()
|
||||
|
||||
def __get_log_retention_days__(self, subscription, resouce_group_name, server_name):
|
||||
def _get_log_retention_days(self, subscription, resouce_group_name, server_name):
|
||||
client = self.clients[subscription]
|
||||
try:
|
||||
log_retention_days = client.configurations.get(
|
||||
@@ -125,7 +123,7 @@ class PostgreSQL(AzureService):
|
||||
log_retention_days = None
|
||||
return log_retention_days
|
||||
|
||||
def __get_firewall__(self, subscription, resource_group, server_name):
|
||||
def _get_firewall(self, subscription, resource_group, server_name):
|
||||
client = self.clients[subscription]
|
||||
firewall = client.firewall_rules.list_by_server(resource_group, server_name)
|
||||
firewall_list = []
|
||||
|
||||
@@ -20,9 +20,9 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class SQLServer(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(SqlManagementClient, provider)
|
||||
self.sql_servers = self.__get_sql_servers__()
|
||||
self.sql_servers = self._get_sql_servers()
|
||||
|
||||
def __get_sql_servers__(self):
|
||||
def _get_sql_servers(self):
|
||||
logger.info("SQL Server - Getting SQL servers...")
|
||||
sql_servers = {}
|
||||
for subscription, client in self.clients.items():
|
||||
@@ -30,25 +30,23 @@ class SQLServer(AzureService):
|
||||
sql_servers.update({subscription: []})
|
||||
sql_servers_list = client.servers.list()
|
||||
for sql_server in sql_servers_list:
|
||||
resource_group = self.__get_resource_group__(sql_server.id)
|
||||
auditing_policies = self.__get_server_blob_auditing_policies__(
|
||||
resource_group = self._get_resource_group(sql_server.id)
|
||||
auditing_policies = self._get_server_blob_auditing_policies(
|
||||
subscription, resource_group, sql_server.name
|
||||
)
|
||||
firewall_rules = self.__get_firewall_rules__(
|
||||
firewall_rules = self._get_firewall_rules(
|
||||
subscription, resource_group, sql_server.name
|
||||
)
|
||||
encryption_protector = self.__get_enctyption_protectors__(
|
||||
encryption_protector = self._get_enctyption_protectors(
|
||||
subscription, resource_group, sql_server.name
|
||||
)
|
||||
vulnerability_assessment = self.__get_vulnerability_assesments__(
|
||||
vulnerability_assessment = self._get_vulnerability_assesments(
|
||||
subscription, resource_group, sql_server.name
|
||||
)
|
||||
security_alert_policies = (
|
||||
self.__get_server_security_alert_policies__(
|
||||
subscription, resource_group, sql_server.name
|
||||
)
|
||||
security_alert_policies = self._get_server_security_alert_policies(
|
||||
subscription, resource_group, sql_server.name
|
||||
)
|
||||
location = self.__get_location__(
|
||||
location = self._get_location(
|
||||
subscription, resource_group, sql_server.name
|
||||
)
|
||||
|
||||
@@ -62,7 +60,7 @@ class SQLServer(AzureService):
|
||||
auditing_policies=auditing_policies,
|
||||
firewall_rules=firewall_rules,
|
||||
encryption_protector=encryption_protector,
|
||||
databases=self.__get_databases__(
|
||||
databases=self._get_databases(
|
||||
subscription, resource_group, sql_server.name
|
||||
),
|
||||
vulnerability_assessment=vulnerability_assessment,
|
||||
@@ -76,11 +74,11 @@ class SQLServer(AzureService):
|
||||
)
|
||||
return sql_servers
|
||||
|
||||
def __get_resource_group__(self, id):
|
||||
def _get_resource_group(self, id):
|
||||
resource_group = id.split("/")[4]
|
||||
return resource_group
|
||||
|
||||
def __get_transparent_data_encryption__(
|
||||
def _get_transparent_data_encryption(
|
||||
self, subscription, resource_group, server_name, database_name
|
||||
):
|
||||
client = self.clients[subscription]
|
||||
@@ -92,7 +90,7 @@ class SQLServer(AzureService):
|
||||
)
|
||||
return tde_encrypted
|
||||
|
||||
def __get_enctyption_protectors__(self, subscription, resource_group, server_name):
|
||||
def _get_enctyption_protectors(self, subscription, resource_group, server_name):
|
||||
client = self.clients[subscription]
|
||||
encryption_protectors = client.encryption_protectors.get(
|
||||
resource_group_name=resource_group,
|
||||
@@ -101,7 +99,7 @@ class SQLServer(AzureService):
|
||||
)
|
||||
return encryption_protectors
|
||||
|
||||
def __get_databases__(self, subscription, resource_group, server_name):
|
||||
def _get_databases(self, subscription, resource_group, server_name):
|
||||
logger.info("SQL Server - Getting server databases...")
|
||||
databases = []
|
||||
try:
|
||||
@@ -111,7 +109,7 @@ class SQLServer(AzureService):
|
||||
server_name=server_name,
|
||||
)
|
||||
for database in databases_server:
|
||||
tde_encrypted = self.__get_transparent_data_encryption__(
|
||||
tde_encrypted = self._get_transparent_data_encryption(
|
||||
subscription, resource_group, server_name, database.name
|
||||
)
|
||||
databases.append(
|
||||
@@ -130,9 +128,7 @@ class SQLServer(AzureService):
|
||||
)
|
||||
return databases
|
||||
|
||||
def __get_vulnerability_assesments__(
|
||||
self, subscription, resource_group, server_name
|
||||
):
|
||||
def _get_vulnerability_assesments(self, subscription, resource_group, server_name):
|
||||
client = self.clients[subscription]
|
||||
vulnerability_assessment = client.server_vulnerability_assessments.get(
|
||||
resource_group_name=resource_group,
|
||||
@@ -141,7 +137,7 @@ class SQLServer(AzureService):
|
||||
)
|
||||
return vulnerability_assessment
|
||||
|
||||
def __get_server_blob_auditing_policies__(
|
||||
def _get_server_blob_auditing_policies(
|
||||
self, subscription, resource_group, server_name
|
||||
):
|
||||
client = self.clients[subscription]
|
||||
@@ -151,14 +147,14 @@ class SQLServer(AzureService):
|
||||
)
|
||||
return auditing_policies
|
||||
|
||||
def __get_firewall_rules__(self, subscription, resource_group, server_name):
|
||||
def _get_firewall_rules(self, subscription, resource_group, server_name):
|
||||
client = self.clients[subscription]
|
||||
firewall_rules = client.firewall_rules.list_by_server(
|
||||
resource_group_name=resource_group, server_name=server_name
|
||||
)
|
||||
return firewall_rules
|
||||
|
||||
def __get_server_security_alert_policies__(
|
||||
def _get_server_security_alert_policies(
|
||||
self, subscription, resource_group, server_name
|
||||
):
|
||||
client = self.clients[subscription]
|
||||
@@ -169,7 +165,7 @@ class SQLServer(AzureService):
|
||||
)
|
||||
return security_alert_policies
|
||||
|
||||
def __get_location__(self, subscription, resouce_group_name, server_name):
|
||||
def _get_location(self, subscription, resouce_group_name, server_name):
|
||||
client = self.clients[subscription]
|
||||
location = client.servers.get(resouce_group_name, server_name).location
|
||||
|
||||
|
||||
@@ -16,10 +16,10 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class Storage(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(StorageManagementClient, provider)
|
||||
self.storage_accounts = self.__get_storage_accounts__()
|
||||
self.__get_blob_properties__()
|
||||
self.storage_accounts = self._get_storage_accounts()
|
||||
self._get_blob_properties()
|
||||
|
||||
def __get_storage_accounts__(self):
|
||||
def _get_storage_accounts(self):
|
||||
logger.info("Storage - Getting storage accounts...")
|
||||
storage_accounts = {}
|
||||
for subscription, client in self.clients.items():
|
||||
@@ -60,7 +60,7 @@ class Storage(AzureService):
|
||||
)
|
||||
return storage_accounts
|
||||
|
||||
def __get_blob_properties__(self):
|
||||
def _get_blob_properties(self):
|
||||
logger.info("Storage - Getting blob properties...")
|
||||
try:
|
||||
for subscription, accounts in self.storage_accounts.items():
|
||||
|
||||
@@ -12,10 +12,10 @@ from prowler.providers.azure.lib.service.service import AzureService
|
||||
class VirtualMachines(AzureService):
|
||||
def __init__(self, provider: AzureProvider):
|
||||
super().__init__(ComputeManagementClient, provider)
|
||||
self.virtual_machines = self.__get_virtual_machines__()
|
||||
self.disks = self.__get_disks__()
|
||||
self.virtual_machines = self._get_virtual_machines()
|
||||
self.disks = self._get_disks()
|
||||
|
||||
def __get_virtual_machines__(self):
|
||||
def _get_virtual_machines(self):
|
||||
logger.info("VirtualMachines - Getting virtual machines...")
|
||||
virtual_machines = {}
|
||||
|
||||
@@ -43,7 +43,7 @@ class VirtualMachines(AzureService):
|
||||
|
||||
return virtual_machines
|
||||
|
||||
def __get_disks__(self):
|
||||
def _get_disks(self):
|
||||
logger.info("VirtualMachines - Getting disks...")
|
||||
disks = {}
|
||||
|
||||
|
||||
@@ -33,7 +33,7 @@ class GCPService:
|
||||
self.audit_config = provider.audit_config
|
||||
self.fixer_config = provider.fixer_config
|
||||
|
||||
def __get_client__(self):
|
||||
def _get_client(self):
|
||||
return self.client
|
||||
|
||||
def __threading_call__(self, call, iterator):
|
||||
|
||||
@@ -11,9 +11,9 @@ class APIKeys(GCPService):
|
||||
super().__init__(__class__.__name__, provider, api_version="v2")
|
||||
|
||||
self.keys = []
|
||||
self.__get_keys__()
|
||||
self._get_keys()
|
||||
|
||||
def __get_keys__(self):
|
||||
def _get_keys(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = (
|
||||
|
||||
@@ -12,10 +12,10 @@ class BigQuery(GCPService):
|
||||
|
||||
self.datasets = []
|
||||
self.tables = []
|
||||
self.__get_datasets__()
|
||||
self.__get_tables__()
|
||||
self._get_datasets()
|
||||
self._get_tables()
|
||||
|
||||
def __get_datasets__(self):
|
||||
def _get_datasets(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.datasets().list(projectId=project_id)
|
||||
@@ -59,7 +59,7 @@ class BigQuery(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_tables__(self):
|
||||
def _get_tables(self):
|
||||
for dataset in self.datasets:
|
||||
try:
|
||||
request = self.client.tables().list(
|
||||
|
||||
@@ -13,10 +13,10 @@ class CloudResourceManager(GCPService):
|
||||
self.bindings = []
|
||||
self.projects = []
|
||||
self.organizations = []
|
||||
self.__get_iam_policy__()
|
||||
self.__get_organizations__()
|
||||
self._get_iam_policy()
|
||||
self._get_organizations()
|
||||
|
||||
def __get_iam_policy__(self):
|
||||
def _get_iam_policy(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
policy = (
|
||||
@@ -41,7 +41,7 @@ class CloudResourceManager(GCPService):
|
||||
f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_organizations__(self):
|
||||
def _get_organizations(self):
|
||||
try:
|
||||
response = self.client.organizations().search().execute()
|
||||
for org in response.get("organizations", []):
|
||||
|
||||
@@ -10,9 +10,9 @@ class CloudSQL(GCPService):
|
||||
def __init__(self, provider: GcpProvider):
|
||||
super().__init__("sqladmin", provider)
|
||||
self.instances = []
|
||||
self.__get_instances__()
|
||||
self._get_instances()
|
||||
|
||||
def __get_instances__(self):
|
||||
def _get_instances(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.instances().list(project=project_id)
|
||||
|
||||
@@ -12,9 +12,9 @@ class CloudStorage(GCPService):
|
||||
def __init__(self, provider: GcpProvider):
|
||||
super().__init__("storage", provider)
|
||||
self.buckets = []
|
||||
self.__get_buckets__()
|
||||
self._get_buckets()
|
||||
|
||||
def __get_buckets__(self):
|
||||
def _get_buckets(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.buckets().list(project=project_id)
|
||||
|
||||
@@ -18,18 +18,18 @@ class Compute(GCPService):
|
||||
self.firewalls = []
|
||||
self.projects = []
|
||||
self.load_balancers = []
|
||||
self.__get_url_maps__()
|
||||
self.__describe_backend_service__()
|
||||
self.__get_regions__()
|
||||
self.__get_projects__()
|
||||
self.__get_zones__()
|
||||
self.__threading_call__(self.__get_instances__, self.zones)
|
||||
self.__get_networks__()
|
||||
self.__threading_call__(self.__get_subnetworks__, self.regions)
|
||||
self.__get_firewalls__()
|
||||
self.__threading_call__(self.__get_addresses__, self.regions)
|
||||
self._get_url_maps()
|
||||
self._describe_backend_service()
|
||||
self._get_regions()
|
||||
self._get_projects()
|
||||
self._get_zones()
|
||||
self.__threading_call__(self._get_instances, self.zones)
|
||||
self._get_networks()
|
||||
self.__threading_call__(self._get_subnetworks, self.regions)
|
||||
self._get_firewalls()
|
||||
self.__threading_call__(self._get_addresses, self.regions)
|
||||
|
||||
def __get_regions__(self):
|
||||
def _get_regions(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.regions().list(project=project_id)
|
||||
@@ -47,7 +47,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_zones__(self):
|
||||
def _get_zones(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.zones().list(project=project_id)
|
||||
@@ -65,7 +65,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_projects__(self):
|
||||
def _get_projects(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
enable_oslogin = False
|
||||
@@ -81,7 +81,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_instances__(self, zone):
|
||||
def _get_instances(self, zone):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.instances().list(project=project_id, zone=zone)
|
||||
@@ -139,7 +139,7 @@ class Compute(GCPService):
|
||||
f"{zone} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_networks__(self):
|
||||
def _get_networks(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.networks().list(project=project_id)
|
||||
@@ -170,7 +170,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_subnetworks__(self, region):
|
||||
def _get_subnetworks(self, region):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.subnetworks().list(
|
||||
@@ -200,7 +200,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_addresses__(self, region):
|
||||
def _get_addresses(self, region):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.addresses().list(
|
||||
@@ -230,7 +230,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_firewalls__(self):
|
||||
def _get_firewalls(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.firewalls().list(project=project_id)
|
||||
@@ -257,7 +257,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_url_maps__(self):
|
||||
def _get_url_maps(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.urlMaps().list(project=project_id)
|
||||
@@ -281,7 +281,7 @@ class Compute(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __describe_backend_service__(self):
|
||||
def _describe_backend_service(self):
|
||||
for balancer in self.load_balancers:
|
||||
try:
|
||||
response = (
|
||||
|
||||
@@ -12,9 +12,9 @@ class Dataproc(GCPService):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.regions = compute_client.regions
|
||||
self.clusters = []
|
||||
self.__threading_call__(self.__get_clusters__, self.regions)
|
||||
self.__threading_call__(self._get_clusters, self.regions)
|
||||
|
||||
def __get_clusters__(self, region):
|
||||
def _get_clusters(self, region):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = (
|
||||
|
||||
@@ -10,11 +10,11 @@ class DNS(GCPService):
|
||||
def __init__(self, provider: GcpProvider):
|
||||
super().__init__(__class__.__name__, provider)
|
||||
self.managed_zones = []
|
||||
self.__get_managed_zones__()
|
||||
self._get_managed_zones()
|
||||
self.policies = []
|
||||
self.__get_policies__()
|
||||
self._get_policies()
|
||||
|
||||
def __get_managed_zones__(self):
|
||||
def _get_managed_zones(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.managedZones().list(project=project_id)
|
||||
@@ -41,7 +41,7 @@ class DNS(GCPService):
|
||||
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
|
||||
)
|
||||
|
||||
def __get_policies__(self):
|
||||
def _get_policies(self):
|
||||
for project_id in self.project_ids:
|
||||
try:
|
||||
request = self.client.policies().list(project=project_id)
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user