ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(elbv2): Handle LoadBalancerNotFound (#2860)

Browse Source
This commit is contained in:
Pepe Fagoaga
2023-09-22 11:23:21 +02:00
committed by GitHub
parent 6b97a04643
commit c0d45d730f
1 changed files with 114 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
prowler/providers/aws/services/elbv2/elbv2_service.py
View File

@@ -55,30 +55,43 @@ class ELBv2(AWSService):
logger.info("ELBv2 - Describing listeners...") logger.info("ELBv2 - Describing listeners...")
try: try:
for lb in self.loadbalancersv2: for lb in self.loadbalancersv2:
if lb.region == regional_client.region: try:
describe_elbv2_paginator = regional_client.get_paginator( if lb.region == regional_client.region:
"describe_listeners" describe_elbv2_paginator = regional_client.get_paginator(
"describe_listeners"
)
for page in describe_elbv2_paginator.paginate(
LoadBalancerArn=lb.arn
):
for listener in page["Listeners"]:
port = 0
if "Port" in listener:
port = listener["Port"]
listener_obj = Listenerv2(
region=regional_client.region,
arn=listener["ListenerArn"],
port=port,
ssl_policy=listener.get("SslPolicy"),
rules=[],
)
if "Protocol" in listener:
listener_obj.protocol = listener["Protocol"]
lb.listeners.append(listener_obj)
except ClientError as error:
if error.response["Error"]["Code"] == "LoadBalancerNotFound":
logger.warning(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
) )
for page in describe_elbv2_paginator.paginate(
LoadBalancerArn=lb.arn
):
for listener in page["Listeners"]:
port = 0
if "Port" in listener:
port = listener["Port"]
listener_obj = Listenerv2(
region=regional_client.region,
arn=listener["ListenerArn"],
port=port,
ssl_policy=listener.get("SslPolicy"),
rules=[],
)
if "Protocol" in listener:
listener_obj.protocol = listener["Protocol"]
lb.listeners.append(listener_obj)
except Exception as error: except Exception as error:
logger.error( logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
@@ -88,21 +101,43 @@ class ELBv2(AWSService):
logger.info("ELBv2 - Describing attributes...") logger.info("ELBv2 - Describing attributes...")
try: try:
for lb in self.loadbalancersv2: for lb in self.loadbalancersv2:
if lb.region == regional_client.region: try:
for attribute in regional_client.describe_load_balancer_attributes( if lb.region == regional_client.region:
LoadBalancerArn=lb.arn for (
)["Attributes"]: attribute
if attribute["Key"] == "routing.http.desync_mitigation_mode": ) in regional_client.describe_load_balancer_attributes(
lb.desync_mitigation_mode = attribute["Value"] LoadBalancerArn=lb.arn
if attribute["Key"] == "deletion_protection.enabled": )[
lb.deletion_protection = attribute["Value"] "Attributes"
if attribute["Key"] == "access_logs.s3.enabled": ]:
lb.access_logs = attribute["Value"] if (
if ( attribute["Key"]
attribute["Key"] == "routing.http.desync_mitigation_mode"
== "routing.http.drop_invalid_header_fields.enabled" ):
): lb.desync_mitigation_mode = attribute["Value"]
lb.drop_invalid_header_fields = attribute["Value"] if attribute["Key"] == "deletion_protection.enabled":
lb.deletion_protection = attribute["Value"]
if attribute["Key"] == "access_logs.s3.enabled":
lb.access_logs = attribute["Value"]
if (
attribute["Key"]
== "routing.http.drop_invalid_header_fields.enabled"
):
lb.drop_invalid_header_fields = attribute["Value"]
except ClientError as error:
if error.response["Error"]["Code"] == "LoadBalancerNotFound":
logger.warning(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error: except Exception as error:
logger.error( logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
@@ -114,21 +149,30 @@ class ELBv2(AWSService):
for lb in self.loadbalancersv2: for lb in self.loadbalancersv2:
if lb.region == regional_client.region: if lb.region == regional_client.region:
for listener in lb.listeners: for listener in lb.listeners:
for rule in regional_client.describe_rules( try:
ListenerArn=listener.arn for rule in regional_client.describe_rules(
)["Rules"]: ListenerArn=listener.arn
listener.rules.append( )["Rules"]:
ListenerRule( listener.rules.append(
arn=rule["RuleArn"], ListenerRule(
actions=rule["Actions"], arn=rule["RuleArn"],
conditions=rule["Conditions"], actions=rule["Actions"],
conditions=rule["Conditions"],
)
) )
except ClientError as error:
if error.response["Error"]["Code"] == "ListenerNotFound":
logger.warning(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
) )
except ClientError as error:
if error.response["Error"]["Code"] == "ListenerNotFound":
logger.warning(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error: except Exception as error:
logger.error( logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
@@ -138,11 +182,25 @@ class ELBv2(AWSService):
logger.info("ELBv2 - List Tags...") logger.info("ELBv2 - List Tags...")
try: try:
for lb in self.loadbalancersv2: for lb in self.loadbalancersv2:
regional_client = self.regional_clients[lb.region] try:
response = regional_client.describe_tags(ResourceArns=[lb.arn])[ regional_client = self.regional_clients[lb.region]
"TagDescriptions" response = regional_client.describe_tags(ResourceArns=[lb.arn])[
][0] "TagDescriptions"
lb.tags = response.get("Tags") ][0]
lb.tags = response.get("Tags")
except ClientError as error:
if error.response["Error"]["Code"] == "LoadBalancerNotFound":
logger.warning(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error: except Exception as error:
logger.error( logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"