mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 14:55:00 +00:00
feat(refresh_aws_regions): Auto refresh of AWS regions for services. (#1221)
* feat(refresh_aws_regions): Auto refresh of AWS regions for services. * Update refresh_aws_services_regions.yml * Delete aws_regions_by_service.json * Update refresh_aws_services_regions.yml Co-authored-by: sergargar <sergio@verica.io>
This commit is contained in:
Sergio Garcia
@@ -1,8 +1,6 @@
|
||||
import json
|
||||
import threading
|
||||
import urllib.request
|
||||
|
||||
from config.config import aws_services_json_file, aws_services_json_url
|
||||
from config.config import aws_services_json_file
|
||||
from lib.logger import logger
|
||||
from lib.utils.utils import open_file, parse_json_file
|
||||
from providers.aws.aws_provider import current_audit_info
|
||||
@@ -24,63 +22,24 @@ class EC2:
|
||||
|
||||
def __generate_regional_clients__(self, service, audit_info):
|
||||
regional_clients = []
|
||||
try: # Try to get the list online
|
||||
with urllib.request.urlopen(aws_services_json_url) as url:
|
||||
data = json.loads(url.read().decode())
|
||||
except:
|
||||
# Get the list locally
|
||||
f = open_file(aws_services_json_file)
|
||||
data = parse_json_file(f)
|
||||
|
||||
for att in data["prices"]:
|
||||
if (
|
||||
audit_info.audited_regions
|
||||
): # Check for input aws audit_info.audited_regions
|
||||
if (
|
||||
service in att["id"].split(":")[0]
|
||||
and att["attributes"]["aws:region"] in audit_info.audited_regions
|
||||
): # Check if service has this region
|
||||
region = att["attributes"]["aws:region"]
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=region
|
||||
)
|
||||
regional_client.region = region
|
||||
regional_clients.append(regional_client)
|
||||
else:
|
||||
if audit_info.audited_partition in "aws":
|
||||
if (
|
||||
service in att["id"].split(":")[0]
|
||||
and "gov" not in att["attributes"]["aws:region"]
|
||||
and "cn" not in att["attributes"]["aws:region"]
|
||||
):
|
||||
region = att["attributes"]["aws:region"]
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=region
|
||||
)
|
||||
regional_client.region = region
|
||||
regional_clients.append(regional_client)
|
||||
elif audit_info.audited_partition in "cn":
|
||||
if (
|
||||
service in att["id"].split(":")[0]
|
||||
and "cn" in att["attributes"]["aws:region"]
|
||||
):
|
||||
region = att["attributes"]["aws:region"]
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=region
|
||||
)
|
||||
regional_client.region = region
|
||||
regional_clients.append(regional_client)
|
||||
elif audit_info.audited_partition in "gov":
|
||||
if (
|
||||
service in att["id"].split(":")[0]
|
||||
and "gov" in att["attributes"]["aws:region"]
|
||||
):
|
||||
region = att["attributes"]["aws:region"]
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=region
|
||||
)
|
||||
regional_client.region = region
|
||||
regional_clients.append(regional_client)
|
||||
# Get json locally
|
||||
f = open_file(aws_services_json_file)
|
||||
data = parse_json_file(f)
|
||||
json_regions = data["services"][service]["regions"][
|
||||
audit_info.audited_partition
|
||||
]
|
||||
if audit_info.audited_regions: # Check for input aws audit_info.audited_regions
|
||||
regions = list(
|
||||
set(json_regions).intersection(audit_info.audited_regions)
|
||||
) # Get common regions between input and json
|
||||
else: # Get all regions from json of the service and partition
|
||||
regions = json_regions
|
||||
for region in regions:
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=region
|
||||
)
|
||||
regional_client.region = region
|
||||
regional_clients.append(regional_client)
|
||||
|
||||
return regional_clients
|
||||
|
||||
|
||||
Reference in New Issue
Block a user