Skip to content

Commit

Permalink
Integrated iAM support
Browse files Browse the repository at this point in the history
  • Loading branch information
maxiwoj committed Jan 31, 2019
1 parent 482e3f3 commit 80001c6
Show file tree
Hide file tree
Showing 7 changed files with 85 additions and 38 deletions.
10 changes: 0 additions & 10 deletions csasession/clientfactory/mocks/ec2client_mock.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 0 additions & 4 deletions csasession/clientfactory/mocks/iamclient_mock.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 0 additions & 4 deletions csasession/clientfactory/mocks/kmsclient_mock.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 0 additions & 12 deletions csasession/clientfactory/mocks/s3client_mock.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

42 changes: 40 additions & 2 deletions report/iam_checklist_report.go → ...t/resourceReports/iam_checklist_report.go
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,15 @@
package report
package resourceReports

import (
"fmt"
"github.com/Appliscale/cloud-security-audit/configuration"
"github.com/Appliscale/cloud-security-audit/resource"
//"github.com/aws/aws-sdk-go/service/iam"
"encoding/json"
"github.com/Appliscale/cloud-security-audit/report"
"os"
"strconv"
"strings"
)

type IAMItem struct {
Expand All @@ -25,7 +30,7 @@ type IAMChecklistRequiredResources struct {
IAMInfo *resource.IAMInfo
}

func (i *IAMChecklist) GetHeaders() []string {
func (i *IAMChecklist) GetTableHeaders() []string {
return []string{"Guideline", "Status"}
}

Expand All @@ -43,6 +48,39 @@ func (i *IAMChecklist) FormatDataToTable() [][]string {
return data
}

func (i *IAMChecklist) GetJsonReport() []byte {
output, err := json.Marshal(i)
if err == nil {
return output
}
report.ReportLogger.Error("Error generating Json report")
os.Exit(1)
return []byte{}
}

func (i *IAMChecklist) PrintHtmlReport(*os.File) error {
// TODO:
return nil
}

func (i IAMChecklist) GetCsvReport() []byte {
const externalSep = ","

csv := []string{strings.Join([]string{
"\"Name\"",
"\"Value\""}, externalSep)}

for _, row := range i {
s := strings.Join([]string{
row.Name,
strconv.FormatBool(row.Value)}, externalSep)

csv = append(csv, s)
}

return []byte(strings.Join(csv, "\n"))
}

func (i *IAMChecklist) GenerateReport(r *IAMReportRequiredResources) {

*i = append(*i, NewIAMItem("Root account's access keys locked away", !r.IAMInfo.HasRootAccessKeys()))
Expand Down
43 changes: 41 additions & 2 deletions report/iamreport.go → report/resourceReports/iamreport.go
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,14 @@
package report
package resourceReports

import (
"encoding/json"
"fmt"
"github.com/Appliscale/cloud-security-audit/configuration"
"github.com/Appliscale/cloud-security-audit/report"
"github.com/Appliscale/cloud-security-audit/resource"
"github.com/aws/aws-sdk-go/service/iam"
"os"
"strconv"
"strings"
)

Expand All @@ -29,7 +33,7 @@ type IAMReportRequiredResources struct {
IAMInfo *resource.IAMInfo
}

func (i *IAMReports) GetHeaders() []string {
func (i *IAMReports) GetTableHeaders() []string {
return []string{"User name", "Groups", "# of Inline\npolicies"}
}

Expand All @@ -48,6 +52,41 @@ func (i *IAMReports) FormatDataToTable() [][]string {
return data
}

func (i *IAMReports) GetJsonReport() []byte {
output, err := json.Marshal(i)
if err == nil {
return output
}
report.ReportLogger.Error("Error generating Json report")
os.Exit(1)
return []byte{}
}

func (i *IAMReports) PrintHtmlReport(*os.File) error {
// TODO:
return nil
}

func (i IAMReports) GetCsvReport() []byte {
const externalSep = ","

csv := []string{strings.Join([]string{
"\"UserName\"",
"\"Groups\"",
"\"Inline Policies\""}, externalSep)}

for _, row := range i {
s := strings.Join([]string{
row.UserName,
row.Groups,
strconv.FormatInt(int64(row.InlinePolicies), 10)}, externalSep)

csv = append(csv, s)
}

return []byte(strings.Join(csv, "\n"))
}

func (i *IAMReports) GenerateReport(r *IAMReportRequiredResources) {
for _, user := range (*r.IAMInfo).GetUsers() {
iamReport := NewIAMReport(*user)
Expand Down
8 changes: 4 additions & 4 deletions scanner/scanner.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,17 +36,17 @@ func Run(config *configuration.Config) error {
config.PrintFormat(&s3BucketReports, config.OutputFile)
case "iam":
config.Logger.Info("Gathering information about IAM...")
iamReports := report.IAMReports{}
iamReports := resourceReports.IAMReports{}
resources, err := iamReports.GetResources(config)
if err != nil {
return err
}
iamReports.GenerateReport(resources)
report.PrintTable(&iamReports)
config.PrintFormat(&iamReports, config.OutputFile)

iamChecklist := report.IAMChecklist{}
iamChecklist := resourceReports.IAMChecklist{}
iamChecklist.GenerateReport(resources)
report.PrintTable(&iamChecklist)
config.PrintFormat(&iamChecklist, config.OutputFile)

default:
return fmt.Errorf("Wrong service name: %s", service)
Expand Down

0 comments on commit 80001c6

Please sign in to comment.