# -*- coding: utf-8 -*-
from .finder import FinderModule
[docs]class SecurityModule(object):
'''
This class facilitates methods for securing the AWS account
Methods are available to help improve AWS account security by detecting bad configurations.
'''
[docs] @classmethod
def get_instance_portlisting(cls, aws, instanceid):
'''
List SecurityGroups and rules for an instance
Args:
aws: AwsManager client
instanceid: Id of instance to analyze
Return:
Dictionary with instance and its SecurityGroups
'''
results = dict()
instance = FinderModule(aws).find_instance(aws, 'id', instanceid)
results.update(instance)
results['SecurityGroups'] = list()
for secgroup in instance["SecurityGroups"]:
sg = secgroup
sg['Rules'] = list()
for rule in aws.ec2.get_secgroup_by('id', secgroup["GroupId"])["IpPermissions"]:
sg['Rules'].append({
'FromPort' : rule.get("FromPort", ''),
'ToPort' : rule.get("ToPort", ''),
'Protocol' : rule.get("IpProtocol", '') if rule.get("IpProtocol", '') != '-1' else 'ALL',
'IpRange' : [iprange["CidrIp"] for iprange in rule.get("IpRanges", '')]
})
results['SecurityGroups'].append(sg)
return {'Instance': results}
[docs] @classmethod
def get_region_portlisting(cls, aws, region):
'''
List SecurityGroups and rules for all instances in region
Args:
aws: AwsManager client
region: Region to analyze
Return:
Dictionary with regions, instances and its SecurityGroups
'''
results = []
aws.ec2.change_region(region)
for instance in aws.ec2.get_instances():
ins_element = dict()
ins_element.update(instance)
ins_element['SecurityGroups'] = list()
for securitygroup in instance['SecurityGroups']:
sg_element = dict()
sg_element.update(securitygroup)
sg_element['Rules'] = list()
for rule in aws.ec2.get_secgroup_by('id', securitygroup["GroupId"])["IpPermissions"]:
sg_element['Rules'].append({'ToPort' : rule.get("ToPort", ''),
'FromPort' : rule.get("FromPort", ''),
'Protocol' : rule.get("IpProtocol", '') if rule.get("IpProtocol", '') != '-1' else 'ALL',
'IpRange' : [iprange["CidrIp"] for iprange in rule.get("IpRanges", '')]})
ins_element['SecurityGroups'].append(sg_element)
results.append(ins_element)
return {'RegionName': region, 'Instances': results}