ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(errors): Handle S3 errors that are not Access Denied (#1585)

Browse Source 
Co-authored-by: sergargar <sergio@verica.io>
This commit is contained in:
Sergio Garcia
2022-12-22 13:26:22 +01:00
committed by GitHub
parent 3af2a44c70
commit ff6b433661
1 changed files with 32 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
prowler/providers/aws/services/s3/s3_service.py
View File

@@ -96,9 +96,12 @@ class S3:
"SSEAlgorithm" "SSEAlgorithm"
] ]
except Exception as error: except Exception as error:
logger.error( if "ServerSideEncryptionConfigurationNotFoundError" in str(error):
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" bucket.encryption = None
) else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
def __get_bucket_logging__(self, bucket): def __get_bucket_logging__(self, bucket):
logger.info("S3 - Get buckets logging...") logger.info("S3 - Get buckets logging...")
@@ -125,9 +128,20 @@ class S3:
] ]
) )
except Exception as error: except Exception as error:
logger.error( if "NoSuchPublicAccessBlockConfiguration" in str(error):
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" # Set all block as False
) bucket.public_access_block = PublicAccessBlock(
{
"BlockPublicAcls": False,
"IgnorePublicAcls": False,
"BlockPublicPolicy": False,
"RestrictPublicBuckets": False,
}
)
else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
def __get_bucket_acl__(self, bucket): def __get_bucket_acl__(self, bucket):
logger.info("S3 - Get buckets acl...") logger.info("S3 - Get buckets acl...")
@@ -160,9 +174,12 @@ class S3:
regional_client.get_bucket_policy(Bucket=bucket.name)["Policy"] regional_client.get_bucket_policy(Bucket=bucket.name)["Policy"]
) )
except Exception as error: except Exception as error:
logger.error( if "NoSuchBucketPolicy" in str(error):
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" bucket.policy = {}
) else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
def __get_bucket_ownership_controls__(self, bucket): def __get_bucket_ownership_controls__(self, bucket):
logger.info("S3 - Get buckets ownership controls...") logger.info("S3 - Get buckets ownership controls...")
@@ -172,9 +189,12 @@ class S3:
Bucket=bucket.name Bucket=bucket.name
)["OwnershipControls"]["Rules"][0]["ObjectOwnership"] )["OwnershipControls"]["Rules"][0]["ObjectOwnership"]
except Exception as error: except Exception as error:
logger.error( if "OwnershipControlsNotFoundError" in str(error):
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" bucket.ownership = None
) else:
logger.error(
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
################## S3Control ################## S3Control