ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(resource filters): add missing resource filters (#2951)

Browse Source
This commit is contained in:
Sergio Garcia
2023-10-19 18:18:58 +02:00
committed by GitHub
parent 5113b83bc4
commit 976d0da26e
3 changed files with 37 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
prowler/providers/aws/services/documentdb/documentdb_service.py
View File

@@ -3,6 +3,7 @@ from typing import Optional
from pydantic import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
from prowler.providers.aws.lib.service.service import AWSService
@@ -34,18 +35,21 @@ class DocumentDB(AWSService):
):
for instance in page["DBInstances"]:
instance_arn = instance["DBInstanceArn"]
self.db_instances[instance_arn] = Instance(
id=instance["DBInstanceIdentifier"],
arn=instance["DBInstanceArn"],
engine=instance["Engine"],
engine_version=instance["EngineVersion"],
status=instance["DBInstanceStatus"],
public=instance["PubliclyAccessible"],
encrypted=instance["StorageEncrypted"],
cluster_id=instance.get("DBClusterIdentifier"),
region=regional_client.region,
tags=instance.get("TagList", []),
)
if not self.audit_resources or (
is_resource_filtered(instance_arn, self.audit_resources)
):
self.db_instances[instance_arn] = Instance(
id=instance["DBInstanceIdentifier"],
arn=instance["DBInstanceArn"],
engine=instance["Engine"],
engine_version=instance["EngineVersion"],
status=instance["DBInstanceStatus"],
public=instance["PubliclyAccessible"],
encrypted=instance["StorageEncrypted"],
cluster_id=instance.get("DBClusterIdentifier"),
region=regional_client.region,
tags=instance.get("TagList", []),
)
except Exception as error:
logger.error(

16
prowler/providers/aws/services/elasticache/elasticache_service.py
View File

@@ -3,6 +3,7 @@ from typing import Optional
from pydantic import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
from prowler.providers.aws.lib.service.service import AWSService
@@ -23,12 +24,15 @@ class ElastiCache(AWSService):
"CacheClusters"
]:
cluster_arn = cache_cluster["ARN"]
self.clusters[cluster_arn] = Cluster(
id=cache_cluster["CacheClusterId"],
arn=cluster_arn,
region=regional_client.region,
cache_subnet_group_id=cache_cluster["CacheSubnetGroupName"],
)
if not self.audit_resources or (
is_resource_filtered(cluster_arn, self.audit_resources)
):
self.clusters[cluster_arn] = Cluster(
id=cache_cluster["CacheClusterId"],
arn=cluster_arn,
region=regional_client.region,
cache_subnet_group_id=cache_cluster["CacheSubnetGroupName"],
)
except Exception as error:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"

18
prowler/providers/aws/services/neptune/neptune_service.py
View File

@@ -3,6 +3,7 @@ from typing import Optional
from pydantic import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
from prowler.providers.aws.lib.service.service import AWSService
@@ -31,13 +32,16 @@ class Neptune(AWSService):
],
)["DBClusters"]:
cluster_arn = cluster["DBClusterArn"]
self.clusters[cluster_arn] = Cluster(
arn=cluster_arn,
name=cluster["DBClusterIdentifier"],
id=cluster["DbClusterResourceId"],
db_subnet_group_id=cluster["DBSubnetGroup"],
region=regional_client.region,
)
if not self.audit_resources or (
is_resource_filtered(cluster_arn, self.audit_resources)
):
self.clusters[cluster_arn] = Cluster(
arn=cluster_arn,
name=cluster["DBClusterIdentifier"],
id=cluster["DbClusterResourceId"],
db_subnet_group_id=cluster["DBSubnetGroup"],
region=regional_client.region,
)
except Exception as error:
logger.error(