ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys

Browse Source 
Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys
This commit is contained in:
Toni de la Fuente
2020-12-17 15:24:06 +01:00
committed by GitHub
parent de3e2c3a2b 8c19583ac7
commit 347872a6de
4 changed files with 38 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
include/assume_role
View File

@@ -64,6 +64,7 @@ assume_role(){
export AWS_ACCESS_KEY_ID=$(cat $TEMP_STS_ASSUMED_FILE | jq -r '.Credentials.AccessKeyId')
export AWS_SECRET_ACCESS_KEY=$(cat $TEMP_STS_ASSUMED_FILE | jq -r '.Credentials.SecretAccessKey')
export AWS_SESSION_TOKEN=$(cat $TEMP_STS_ASSUMED_FILE | jq -r '.Credentials.SessionToken')
export AWS_SESSION_EXPIRATION=$(convert_date_to_timestamp "$(cat $TEMP_STS_ASSUMED_FILE | jq -r '.Credentials.Expiration')")
rm -fr $TEMP_STS_ASSUMED_FILE
}

22
include/os_detector
View File

@@ -108,6 +108,16 @@ bsd_get_iso8601_timestamp() {
"$DATE_CMD" -u +"%Y-%m-%dT%H:%M:%SZ"
}
gnu_convert_date_to_timestamp() {
date -d "$1" +%s
}
bsd_convert_date_to_timestamp() {
echo $(( $(date -j -f %Y-%m-%dT%H:%M:%S "$1" +%s) + 3600 ))
# Change above is because epoch time generator in BSD is 1h less than in Linux ¯\_(ツ)_/¯
#date -j -f "%Y-%m-%dT%H:%M:%S" "$1" "+%s"
}
gnu_test_tcp_connectivity() {
HOST=$1
PORT=$2
@@ -154,6 +164,9 @@ if [ "$OSTYPE" == "linux-gnu" ] || [ "$OSTYPE" == "linux-musl" ]; then
test_tcp_connectivity() {
gnu_test_tcp_connectivity "$1" "$2" "$3"
}
convert_date_to_timestamp() {
gnu_convert_date_to_timestamp "$1"
}
elif [[ "$OSTYPE" == "darwin"* ]]; then
# BSD/OSX commands compatibility
TEMP_REPORT_FILE=$(mktemp -t prowler.cred_report-XXXXXX)
@@ -189,6 +202,9 @@ elif [[ "$OSTYPE" == "darwin"* ]]; then
get_iso8601_timestamp() {
gnu_get_iso8601_timestamp
}
convert_date_to_timestamp() {
gnu_convert_date_to_timestamp "$1"
}
else
how_older_from_today() {
bsd_how_older_from_today "$1"
@@ -208,6 +224,9 @@ elif [[ "$OSTYPE" == "darwin"* ]]; then
get_iso8601_timestamp() {
bsd_get_iso8601_timestamp
}
convert_date_to_timestamp() {
bsd_convert_date_to_timestamp "$1"
}
fi
if "$BASE64_CMD" --version >/dev/null 2>&1 ; then
decode_report() {
@@ -248,6 +267,9 @@ elif [[ "$OSTYPE" == "cygwin" ]]; then
test_tcp_connectivity() {
gnu_test_tcp_connectivity "$1" "$2" "$3"
}
convert_date_to_timestamp() {
gnu_convert_date_to_timestamp "$1"
}
else
echo "Unknown Operating System! Valid \$OSTYPE: linux-gnu, linux-musl, darwin* or cygwin"
echo "Found: $OSTYPE"