UNPKG

@infrascan/aws-s3-scanner

Version:

Infrascan scanner definition for AWS S3

github.com/infrascan/infrascan

infrascan/infrascan

95 lines (94 loc) 3.27 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
// src/generated/graph.ts import { evaluateSelectorGlobally, filterState, formatEdge } from "@infrascan/core"; import debug from "debug"; var edgesDebug = debug("s3:edges"); async function getEdges(stateConnector) { edgesDebug("Fetching edges"); const edges = []; edgesDebug("Evaluating S3|GetBucketNotificationConfiguration|[]"); const GetBucketNotificationConfigurationState1 = await evaluateSelectorGlobally( "S3|GetBucketNotificationConfiguration|[]", stateConnector ); const GetBucketNotificationConfigurationEdges1 = GetBucketNotificationConfigurationState1.flatMap((state) => { const source = filterState( state, "_parameters.Bucket | [`arn:aws:s3:::`,@] | join('',@)" ); const target = filterState( state, "_result.TopicConfigurations | [].{target:TopicArn,name:Id}" ); if (!target || !source) { return []; } if (Array.isArray(target)) { return target.map((edgeTarget) => formatEdge(source, edgeTarget)); } return formatEdge(source, target); }); edgesDebug( `Evaluated S3|GetBucketNotificationConfiguration|[]: ${GetBucketNotificationConfigurationEdges1.length} Edges found` ); edges.push(...GetBucketNotificationConfigurationEdges1); edgesDebug("Evaluating S3|GetBucketNotificationConfiguration|[]"); const GetBucketNotificationConfigurationState2 = await evaluateSelectorGlobally( "S3|GetBucketNotificationConfiguration|[]", stateConnector ); const GetBucketNotificationConfigurationEdges2 = GetBucketNotificationConfigurationState2.flatMap((state) => { const source = filterState( state, "_parameters.Bucket | [`arn:aws:s3:::`,@] | join('',@)" ); const target = filterState( state, "_result.QueueConfigurations | [].{target:QueueArn,name:Id}" ); if (!target || !source) { return []; } if (Array.isArray(target)) { return target.map((edgeTarget) => formatEdge(source, edgeTarget)); } return formatEdge(source, target); }); edgesDebug( `Evaluated S3|GetBucketNotificationConfiguration|[]: ${GetBucketNotificationConfigurationEdges2.length} Edges found` ); edges.push(...GetBucketNotificationConfigurationEdges2); edgesDebug("Evaluating S3|GetBucketNotificationConfiguration|[]"); const GetBucketNotificationConfigurationState3 = await evaluateSelectorGlobally( "S3|GetBucketNotificationConfiguration|[]", stateConnector ); const GetBucketNotificationConfigurationEdges3 = GetBucketNotificationConfigurationState3.flatMap((state) => { const source = filterState( state, "_parameters.Bucket | [`arn:aws:s3:::`,@] | join('',@)" ); const target = filterState( state, "_result.LambdaFunctionConfigurations | [].{target:LambdaFunctionArn,name:Id}" ); if (!target || !source) { return []; } if (Array.isArray(target)) { return target.map((edgeTarget) => formatEdge(source, edgeTarget)); } return formatEdge(source, target); }); edgesDebug( `Evaluated S3|GetBucketNotificationConfiguration|[]: ${GetBucketNotificationConfigurationEdges3.length} Edges found` ); edges.push(...GetBucketNotificationConfigurationEdges3); return edges; } export { getEdges };