UNPKG

@infrascan/aws-s3-scanner

Version:

Infrascan scanner definition for AWS S3

github.com/infrascan/infrascan

infrascan/infrascan

126 lines (124 loc) 5.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
"use strict"; var __create = Object.create; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __getProtoOf = Object.getPrototypeOf; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps( // If the importer is in node compatibility mode or this is not an ESM // file that has been converted to a CommonJS file using a Babel- // compatible transform (i.e. "__esModule" has not been set), then set // "default" to the CommonJS "module.exports" for node compatibility. isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target, mod )); var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); // src/generated/graph.ts var graph_exports = {}; __export(graph_exports, { getEdges: () => getEdges }); module.exports = __toCommonJS(graph_exports); var import_core = require("@infrascan/core"); var import_debug = __toESM(require("debug")); var edgesDebug = (0, import_debug.default)("s3:edges"); async function getEdges(stateConnector) { edgesDebug("Fetching edges"); const edges = []; edgesDebug("Evaluating S3|GetBucketNotificationConfiguration|[]"); const GetBucketNotificationConfigurationState1 = await (0, import_core.evaluateSelectorGlobally)( "S3|GetBucketNotificationConfiguration|[]", stateConnector ); const GetBucketNotificationConfigurationEdges1 = GetBucketNotificationConfigurationState1.flatMap((state) => { const source = (0, import_core.filterState)( state, "_parameters.Bucket | [`arn:aws:s3:::`,@] | join('',@)" ); const target = (0, import_core.filterState)( state, "_result.TopicConfigurations | [].{target:TopicArn,name:Id}" ); if (!target || !source) { return []; } if (Array.isArray(target)) { return target.map((edgeTarget) => (0, import_core.formatEdge)(source, edgeTarget)); } return (0, import_core.formatEdge)(source, target); }); edgesDebug( `Evaluated S3|GetBucketNotificationConfiguration|[]: ${GetBucketNotificationConfigurationEdges1.length} Edges found` ); edges.push(...GetBucketNotificationConfigurationEdges1); edgesDebug("Evaluating S3|GetBucketNotificationConfiguration|[]"); const GetBucketNotificationConfigurationState2 = await (0, import_core.evaluateSelectorGlobally)( "S3|GetBucketNotificationConfiguration|[]", stateConnector ); const GetBucketNotificationConfigurationEdges2 = GetBucketNotificationConfigurationState2.flatMap((state) => { const source = (0, import_core.filterState)( state, "_parameters.Bucket | [`arn:aws:s3:::`,@] | join('',@)" ); const target = (0, import_core.filterState)( state, "_result.QueueConfigurations | [].{target:QueueArn,name:Id}" ); if (!target || !source) { return []; } if (Array.isArray(target)) { return target.map((edgeTarget) => (0, import_core.formatEdge)(source, edgeTarget)); } return (0, import_core.formatEdge)(source, target); }); edgesDebug( `Evaluated S3|GetBucketNotificationConfiguration|[]: ${GetBucketNotificationConfigurationEdges2.length} Edges found` ); edges.push(...GetBucketNotificationConfigurationEdges2); edgesDebug("Evaluating S3|GetBucketNotificationConfiguration|[]"); const GetBucketNotificationConfigurationState3 = await (0, import_core.evaluateSelectorGlobally)( "S3|GetBucketNotificationConfiguration|[]", stateConnector ); const GetBucketNotificationConfigurationEdges3 = GetBucketNotificationConfigurationState3.flatMap((state) => { const source = (0, import_core.filterState)( state, "_parameters.Bucket | [`arn:aws:s3:::`,@] | join('',@)" ); const target = (0, import_core.filterState)( state, "_result.LambdaFunctionConfigurations | [].{target:LambdaFunctionArn,name:Id}" ); if (!target || !source) { return []; } if (Array.isArray(target)) { return target.map((edgeTarget) => (0, import_core.formatEdge)(source, edgeTarget)); } return (0, import_core.formatEdge)(source, target); }); edgesDebug( `Evaluated S3|GetBucketNotificationConfiguration|[]: ${GetBucketNotificationConfigurationEdges3.length} Edges found` ); edges.push(...GetBucketNotificationConfigurationEdges3); return edges; } // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { getEdges });