From 8173c20941e983335f778b11aeba965b0c50d727 Mon Sep 17 00:00:00 2001
From: jonjozwiak <jonathan.jozwiak@googlemail.com>
Date: Wed, 4 Mar 2020 16:46:28 +0200
Subject: [PATCH] Improve performance of check_extra742 by limiting to one AWS
 CLI call

---
 checks/check_extra742 | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/checks/check_extra742 b/checks/check_extra742
index 277eb435..8d78ab22 100644
--- a/checks/check_extra742
+++ b/checks/check_extra742
@@ -25,11 +25,13 @@ extra742(){
 
   textInfo "Looking for secrets in CloudFormation output across all regions... "
   for regx in $REGIONS; do
-    LIST_OF_CFN_STACKS=$($AWSCLI cloudformation describe-stacks $PROFILE_OPT --region $regx --query Stacks[*].[StackName] --output text)
+    CFN_STACKS=$($AWSCLI cloudformation describe-stacks $PROFILE_OPT --region $regx)
+    LIST_OF_CFN_STACKS=$(echo $CFN_STACKS | jq -r '.Stacks[].StackName')
     if [[ $LIST_OF_CFN_STACKS ]];then
       for stack in $LIST_OF_CFN_STACKS; do
         CFN_OUTPUTS_FILE="$SECRETS_TEMP_FOLDER/extra742-$stack-$regx-outputs.txt"
-        CFN_OUTPUTS=$($AWSCLI $PROFILE_OPT --region $regx cloudformation describe-stacks --query "Stacks[?StackName==\`$stack\`].Outputs[*].[OutputKey,OutputValue]" --output text > $CFN_OUTPUTS_FILE)
+        echo $CFN_STACKS | jq --arg s "$stack" -r '.Stacks[] | select( .StackName == $s ) | .Outputs[]? | "\(.OutputKey) \(.OutputValue)"' > $CFN_OUTPUTS_FILE
+
         if [ -s $CFN_OUTPUTS_FILE ];then
           # This finds ftp or http URLs with credentials and common keywords
           # FINDINGS=$(egrep -i '[[:alpha:]]*://[[:alnum:]]*:[[:alnum:]]*@.*/|key|secret|token|pass' $CFN_OUTPUTS_FILE |wc -l|tr -d '\ ')