diff --git a/config/__init__.py b/config/__init__.py deleted file mode 100644 index 8b13789..0000000 --- a/config/__init__.py +++ /dev/null @@ -1 +0,0 @@ - diff --git a/config/config.py b/config/config.py deleted file mode 100644 index dcf873f..0000000 --- a/config/config.py +++ /dev/null @@ -1,37 +0,0 @@ -''' -Config Library -''' - -import boto3 -import botocore -import pprint -import sys - -pp = pprint.PrettyPrinter(indent=5, width=80) - -#from http://docs.aws.amazon.com/general/latest/gr/rande.html -regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ] - - -def describe_configuration_recorders(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, region): - response = {} - try: - client = boto3.client("config", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY,region_name=region) - - response = client.describe_configuration_recorders() - #print response - except botocore.exceptions.ClientError as e: - if e.response['Error']['Code'] == 'InvalidClientTokenId': - sys.exit("The AWS KEY IS INVALID. Exiting") - elif e.response['Error']['Code'] == 'UnrecognizedClientException': - sys.exit("The AWS KEY IS INVALID. Exiting") - elif e.response['Error']['Code'] == 'AccessDenied': - print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID)) - pass - elif e.response['Error']['Code'] == 'AccessDeniedException': - print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID)) - pass - else: - print "Unexpected error: %s" % e - - return response \ No newline at end of file diff --git a/ec2/__init__.py b/ec2/__init__.py deleted file mode 100644 index 8b13789..0000000 --- a/ec2/__init__.py +++ /dev/null @@ -1 +0,0 @@ - diff --git a/ec2/ec2.py b/ec2/ec2.py deleted file mode 100644 index 3a9be5f..0000000 --- a/ec2/ec2.py +++ /dev/null @@ -1,115 +0,0 @@ -#ec2 functions go here - -import boto3 -import botocore -import pprint - -pp = pprint.PrettyPrinter(indent=5, width=80) - -#from http://docs.aws.amazon.com/general/latest/gr/rande.html -regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ] - -# we are past the enumeration stage at this point assume you have key that works -def review_encrypted_volumes(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): - print("Reviewing EC2 Volumes... This may take a few....") - not_encrypted = [] - encrypted = [] - try: - with open("{}-volumes_list.txt" .format(AWS_ACCESS_KEY_ID), "w") as fout: - for region in regions: - client = boto3.client( - 'ec2', - aws_access_key_id = AWS_ACCESS_KEY_ID, - aws_secret_access_key = AWS_SECRET_ACCESS_KEY, - region_name=region - ) - - response = client.describe_volumes(Filters=[{ - 'Name' : 'status', - 'Values' : ['in-use'] - }])['Volumes'] - - for volume in response: - if volume['Encrypted']: - encrypted.append(volume['VolumeId']) - else: - not_encrypted.append(volume['VolumeId']) - fout.write("\nEncrypted: " + str(volume['Encrypted'])) - for attachments in volume['Attachments']: - fout.write("\nInstance ID: " + attachments['InstanceId']) - fout.write("\nVolume ID: " + volume['VolumeId']) - fout.write("\nRegion: " + region) - fout.write("\n" + "-" * 40) - print("Writing out results") - fout.write("\nNot encrypted: " + str(len(not_encrypted)) + "\n") - fout.write(pprint.pformat(not_encrypted)) - fout.write("\nEncrypted: " + str(len(encrypted)) + "\n") - fout.write(pprint.pformat(encrypted)) - except botocore.exceptions.ClientError as e: - if e.response['Error']['Code'] == 'UnauthorizedOperation': - print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID)) - else: - print e - - -def get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): - try: - for region in regions: - client = boto3.client( - 'ec2', - aws_access_key_id = AWS_ACCESS_KEY_ID, - aws_secret_access_key = AWS_SECRET_ACCESS_KEY, - region_name=region - ) - - instances = client.describe_instances() - for r in instances['Reservations']: - for i in r['Instances']: - pp.pprint(i) - - except botocore.exceptions.ClientError as e: - print e - -#show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2 -def get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): - try: - for region in regions: - client = boto3.client( - 'ec2', - aws_access_key_id = AWS_ACCESS_KEY_ID, - aws_secret_access_key = AWS_SECRET_ACCESS_KEY, - region_name=region - ) - - instances = client.describe_instances() - for r in instances['Reservations']: - for i in r['Instances']: - volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping') - print ("Instance ID: {} \n" .format(i['InstanceId'])) - pp.pprint(volumes) - - except botocore.exceptions.ClientError as e: - print e - -#show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details. -def get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): - try: - for region in regions: - client = boto3.client( - 'ec2', - aws_access_key_id = AWS_ACCESS_KEY_ID, - aws_secret_access_key = AWS_SECRET_ACCESS_KEY, - region_name=region - ) - response = client.describe_volumes(Filters=[{ - 'Name' : 'status', - 'Values' : ['in-use'] - }])['Volumes'] - for volume in response: - print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId'])) - pp.pprint(volume) - print("\n") - - except botocore.exceptions.ClientError as e: - print e - diff --git a/lambda/__init__.py b/lambda/__init__.py deleted file mode 100644 index 8b13789..0000000 --- a/lambda/__init__.py +++ /dev/null @@ -1 +0,0 @@ - diff --git a/lambda/lambda.py b/lambda/lambda.py deleted file mode 100644 index 07d8d8c..0000000 --- a/lambda/lambda.py +++ /dev/null @@ -1,67 +0,0 @@ -''' -lamda functions -''' - -import boto3 -import botocore -import pprint -import sys,os -import pprint - -pp = pprint.PrettyPrinter(indent=5, width=80) - -#from http://docs.aws.amazon.com/general/latest/gr/rande.html -regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ] - -def list_functions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): - print("### Listing Lambda Functions ###") - try: - for region in regions: - client = boto3.client( - 'lambda', - aws_access_key_id = AWS_ACCESS_KEY_ID, - aws_secret_access_key = AWS_SECRET_ACCESS_KEY, - region_name=region - ) - - response = client.list_functions() - - if response.get('Functions') is None: - print "{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID) - elif len(response['Functions']) <= 0: - print "[-] ListFunctions allowed for {} but no results [-]" .format(region) - else: #THIS PART IS UNTESTED - for r in response['Functions']: - #for i in r['Instances']: - pp.pprint(r) - - except botocore.exceptions.ClientError as e: - print e - -def list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): - print("### Listing Lambda Event Source Mappings ###") - try: - for region in regions: - client = boto3.client( - 'lambda', - aws_access_key_id = AWS_ACCESS_KEY_ID, - aws_secret_access_key = AWS_SECRET_ACCESS_KEY, - region_name=region - ) - - response = client.list_event_source_mappings() - - if response.get('EventSourceMappings') is None: - print "{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID) - elif len(response['EventSourceMappings']) <= 0: - print "[-] ListEventSourceMappings allowed for {} but no results [-]" .format(region) - else: - for r in response['EventSourceMappings']: - #for i in r['Instances']: - pp.pprint(r) - - except botocore.exceptions.ClientError as e: - print e - -list_functions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) -list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) \ No newline at end of file