firehose, sqs updates, recon module, etc

2018-04-07 22:16:23 -04:00
parent 5c531effca
commit 50a6902219
10 changed files with 300 additions and 25 deletions
--- a/libs/firehose.py
+++ b/libs/firehose.py
@@ -0,0 +1,73 @@
+'''
+Firehose functions
+'''
+
+import boto3
+import botocore
+import os
+import pprint
+import sys
+
+pp = pprint.PrettyPrinter(indent=5, width=80)
+
+# from http://docs.aws.amazon.com/general/latest/gr/rande.html
+regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'eu-central-1', 'eu-west-1', 'ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', ]
+
+def firehose_list_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
+    print("### Printing Firehose Delivery Streams ###")
+    try:
+        for region in regions:
+            client = boto3.client('firehose', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
+
+            response = client.list_delivery_streams()
+
+            # print(response)
+            if response['DeliveryStreamNames'] is None:
+                print("{} likely does not have Firehose permissions\n" .format(AWS_ACCESS_KEY_ID))
+            elif len(response['DeliveryStreamNames']) <= 0:
+                print("[-] ListDeliveryStreams allowed for {} but no results [-]" .format(region))
+            else:
+                print("### {} Firehose Delivery Streams ###" .format(region))
+                for stream in response['DeliveryStreamNames']:
+                    pp.pprint(stream)
+        print("\n")
+    except botocore.exceptions.ClientError as e:
+        if e.response['Error']['Code'] == 'InvalidClientTokenId':
+            sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
+        elif e.response['Error']['Code'] == 'AccessDenied':
+            print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
+        else:
+            print("Unexpected error: {}" .format(e))
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")
+
+
+def firehose_describe_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
+    print("### Printing Firehose Delivery Streams & details ###")
+    try:
+        for region in regions:
+            client = boto3.client('firehose', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
+
+            response = client.list_delivery_streams()
+
+            # print(response)
+            if response['DeliveryStreamNames'] is None:
+                print("{} likely does not have Firehose permissions\n" .format(AWS_ACCESS_KEY_ID))
+            elif len(response['DeliveryStreamNames']) <= 0:
+                print("[-] ListDeliveryStreams allowed for {} but no results [-]" .format(region))
+            else:
+                print("### {} Firehose Delivery Streams ###" .format(region))
+                for stream in response['DeliveryStreamNames']:
+                	details = client.describe_delivery_stream(DeliveryStreamName=stream)
+                	# This just prints the blob, needs to be cleaned up
+                	print(details)
+        print("\n")
+    except botocore.exceptions.ClientError as e:
+        if e.response['Error']['Code'] == 'InvalidClientTokenId':
+            sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
+        elif e.response['Error']['Code'] == 'AccessDenied':
+            print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
+        else:
+            print("Unexpected error: {}" .format(e))
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")