UNPKG

@infrascan/aws-cloudfront-scanner

Version:

Infrascan scanner definition for AWS Cloudfront

github.com/infrascan/infrascan

infrascan/infrascan

79 lines (77 loc) 2.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
"use strict"; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); // src/edges.ts var edges_exports = {}; __export(edges_exports, { getEdges: () => getEdges }); module.exports = __toCommonJS(edges_exports); var import_core = require("@infrascan/core"); var import_minimatch = require("minimatch"); async function generateEdgesForS3BackedDistributions(connector) { const cloudfrontS3Edges = []; const cloudfrontDistributionsState = await connector.getGlobalStateForServiceFunction( "CloudFront", "ListDistributions" ); const cloudfrontDistributions = cloudfrontDistributionsState.flatMap(({ _result }) => _result.DistributionList?.Items).filter((distribution) => distribution != null); const S3State = await connector.getGlobalStateForServiceFunction("S3", "ListBuckets"); for (const distribution of cloudfrontDistributions) { if (!distribution?.ARN) { continue; } const distributionItems = distribution?.Origins?.Items; distributionItems?.forEach((distributionOrigin) => { const hasS3Domain = distributionOrigin?.DomainName?.endsWith(".s3.amazonaws.com") || (0, import_minimatch.minimatch)(distributionOrigin?.DomainName ?? "", "*.s3.*.amazonaws.com"); if (!hasS3Domain) { console.log( distributionOrigin?.DomainName, (0, import_minimatch.minimatch)( distributionOrigin?.DomainName ?? "", "*.s3.*.amazonaws.com" ) ); return; } const bucketName = distributionOrigin?.DomainName?.split( "." ).shift(); const relevantS3Bucket = S3State.find( ({ _result }) => _result.Buckets?.find((bucket) => bucket.Name) ); if (relevantS3Bucket) { const distroTarget = { name: `${bucketName} Distribution`, target: (0, import_core.formatS3NodeId)(bucketName) }; cloudfrontS3Edges.push( (0, import_core.formatEdge)(distribution?.ARN, distroTarget) ); } }); } return cloudfrontS3Edges; } async function getEdges(connector) { return generateEdgesForS3BackedDistributions(connector); } // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { getEdges });