prowler-sdk-poc/lib/index.js

# Python

"use strict";
var _a;
Object.defineProperty(exports, "__esModule", { value: true });
exports.Check73 = void 0;
const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
const AWS = require("aws-sdk");
const client = new AWS.S3({ region: 'eu-central-1' });
/**
 * @stability stable
 */
class Check73 {
    /**
     * @stability stable
     */
    constructor(props) {
        this.props = props;
    }
    /**
     * @stability stable
     */
    async doCheck() {
        var _b, _c, _d, _e, _f, _g, _h, _j, _k;
        const bucketList = await client.listBuckets().promise();
        for (let bucket of (_b = bucketList.Buckets) !== null && _b !== void 0 ? _b : []) {
            try {
                const params = {
                    Bucket: bucket.Name || '',
                };
                const bucketAcl = await client.getBucketAcl(params).promise();
                console.log(`bucketName=${bucket.Name}`);
                console.log(`bucketAcl=${JSON.stringify(bucketAcl)}`);
                for (let grant of (_c = bucketAcl.Grants) !== null && _c !== void 0 ? _c : []) {
                    if (((_e = (_d = grant.Grantee) === null || _d === void 0 ? void 0 : _d.URI) === null || _e === void 0 ? void 0 : _e.endsWith('/AllUsers')) || ((_g = (_f = grant.Grantee) === null || _f === void 0 ? void 0 : _f.URI) === null || _g === void 0 ? void 0 : _g.endsWith('/AuthenticatedUsers'))) {
                        if (((_k = (_j = (_h = this.props) === null || _h === void 0 ? void 0 : _h.whiteListedBucketNames) === null || _j === void 0 ? void 0 : _j.findIndex(whiteListedBucketName => bucket.Name === whiteListedBucketName)) !== null && _k !== void 0 ? _k : -1) !== -1) {
                            continue;
                        }
                        return `failed ${bucket.Name} is public`;
                    }
                }
            }
            catch (error) {
                // ignore errors like not existing bucket policy for now
            }
        }
        return 'ok';
    }
}
exports.Check73 = Check73;
_a = JSII_RTTI_SYMBOL_1;
Check73[_a] = { fqn: "prowler-sdk-poc.Check73", version: "0.0.1" };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSwrQkFBK0I7QUFFL0IsTUFBTSxNQUFNLEdBQUcsSUFBSSxHQUFHLENBQUMsRUFBRSxDQUFDLEVBQUUsTUFBTSxFQUFFLGNBQWMsRUFBRSxDQUFDLENBQUM7Ozs7QUFNdEQsTUFBYSxPQUFPOzs7O0lBRWxCLFlBQVksS0FBbUI7UUFDN0IsSUFBSSxDQUFDLEtBQUssR0FBRyxLQUFLLENBQUM7SUFDckIsQ0FBQzs7OztJQUVNLEtBQUssQ0FBQyxPQUFPOztRQUNsQixNQUFNLFVBQVUsR0FBRyxNQUFNLE1BQU0sQ0FBQyxXQUFXLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUV4RCxLQUFLLElBQUksTUFBTSxVQUFJLFVBQVUsQ0FBQyxPQUFPLG1DQUFJLEVBQUUsRUFBRTtZQUMzQyxJQUFJO2dCQUNGLE1BQU0sTUFBTSxHQUFxQztvQkFDL0MsTUFBTSxFQUFFLE1BQU0sQ0FBQyxJQUFJLElBQUksRUFBRTtpQkFDMUIsQ0FBQztnQkFDRixNQUFNLFNBQVMsR0FBRyxNQUFNLE1BQU0sQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQzlELE9BQU8sQ0FBQyxHQUFHLENBQUMsY0FBYyxNQUFNLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztnQkFDekMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxhQUFhLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUFDO2dCQUV0RCxLQUFLLElBQUksS0FBSyxVQUFJLFNBQVMsQ0FBQyxNQUFNLG1DQUFJLEVBQUUsRUFBRTtvQkFDeEMsSUFBSSxhQUFBLEtBQUssQ0FBQyxPQUFPLDBDQUFFLEdBQUcsMENBQUUsUUFBUSxDQUFDLFdBQVcsbUJBQUssS0FBSyxDQUFDLE9BQU8sMENBQUUsR0FBRywwQ0FBRSxRQUFRLENBQUMscUJBQXFCLEVBQUMsRUFBRTt3QkFDcEcsSUFBSSxtQkFBQyxJQUFJLENBQUMsS0FBSywwQ0FBRSxzQkFBc0IsMENBQUUsU0FBUyxDQUFDLHFCQUFxQixDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxLQUFLLHFCQUFxQixvQ0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFOzRCQUNoSSxTQUFTO3lCQUNWO3dCQUNELE9BQU8sVUFBVSxNQUFNLENBQUMsSUFBSSxZQUFZLENBQUM7cUJBQzFDO2lCQUNGO2FBQ0Y7WUFBQyxPQUFPLEtBQUssRUFBRTtnQkFDZCx3REFBd0Q7YUFDekQ7U0FDRjtRQUVELE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQzs7QUFoQ0gsMEJBaUNDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgQVdTIGZyb20gJ2F3cy1zZGsnO1xuXG5jb25zdCBjbGllbnQgPSBuZXcgQVdTLlMzKHsgcmVnaW9uOiAnZXUtY2VudHJhbC0xJyB9KTtcblxuZXhwb3J0IGludGVyZmFjZSBDaGVrNzNQcm9wcyB7XG4gIHJlYWRvbmx5IHdoaXRlTGlzdGVkQnVja2V0TmFtZXM/OiBzdHJpbmdbXTtcbn1cblxuZXhwb3J0IGNsYXNzIENoZWNrNzMge1xuICBwcm9wcz86IENoZWs3M1Byb3BzO1xuICBjb25zdHJ1Y3Rvcihwcm9wcz86IENoZWs3M1Byb3BzKSB7XG4gICAgdGhpcy5wcm9wcyA9IHByb3BzO1xuICB9XG5cbiAgcHVibGljIGFzeW5jIGRvQ2hlY2soKSB7XG4gICAgY29uc3QgYnVja2V0TGlzdCA9IGF3YWl0IGNsaWVudC5saXN0QnVja2V0cygpLnByb21pc2UoKTtcblxuICAgIGZvciAobGV0IGJ1Y2tldCBvZiBidWNrZXRMaXN0LkJ1Y2tldHMgPz8gW10pIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIGNvbnN0IHBhcmFtczogQVdTLlMzLlR5cGVzLkdldEJ1Y2tldEFjbFJlcXVlc3QgPSB7XG4gICAgICAgICAgQnVja2V0OiBidWNrZXQuTmFtZSB8fCAnJyxcbiAgICAgICAgfTtcbiAgICAgICAgY29uc3QgYnVja2V0QWNsID0gYXdhaXQgY2xpZW50LmdldEJ1Y2tldEFjbChwYXJhbXMpLnByb21pc2UoKTtcbiAgICAgICAgY29uc29sZS5sb2coYGJ1Y2tldE5hbWU9JHtidWNrZXQuTmFtZX1gKTtcbiAgICAgICAgY29uc29sZS5sb2coYGJ1Y2tldEFjbD0ke0pTT04uc3RyaW5naWZ5KGJ1Y2tldEFjbCl9YCk7XG5cbiAgICAgICAgZm9yIChsZXQgZ3JhbnQgb2YgYnVja2V0QWNsLkdyYW50cyA/PyBbXSkge1xuICAgICAgICAgIGlmIChncmFudC5HcmFudGVlPy5VUkk/LmVuZHNXaXRoKCcvQWxsVXNlcnMnKSB8fCBncmFudC5HcmFudGVlPy5VUkk/LmVuZHNXaXRoKCcvQXV0aGVudGljYXRlZFVzZXJzJykpIHtcbiAgICAgICAgICAgIGlmICgodGhpcy5wcm9wcz8ud2hpdGVMaXN0ZWRCdWNrZXROYW1lcz8uZmluZEluZGV4KHdoaXRlTGlzdGVkQnVja2V0TmFtZSA9PiBidWNrZXQuTmFtZSA9PT0gd2hpdGVMaXN0ZWRCdWNrZXROYW1lKSA/PyAtMSkgIT09IC0xKSB7XG4gICAgICAgICAgICAgIGNvbnRpbnVlO1xuICAgICAgICAgICAgfVxuICAgICAgICAgICAgcmV0dXJuIGBmYWlsZWQgJHtidWNrZXQuTmFtZX0gaXMgcHVibGljYDtcbiAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICAgIH0gY2F0Y2ggKGVycm9yKSB7XG4gICAgICAgIC8vIGlnbm9yZSBlcnJvcnMgbGlrZSBub3QgZXhpc3RpbmcgYnVja2V0IHBvbGljeSBmb3Igbm93XG4gICAgICB9XG4gICAgfVxuXG4gICAgcmV0dXJuICdvayc7XG4gIH1cbn1cblxuXG4vLyBhc3luYyAocHJvcHM/OiBDaGVrNzNQcm9wcykgPT4ge1xuLy8gICBjb25zdCBidWNrZXRMaXN0ID0gYXdhaXQgY2xpZW50Lmxpc3RCdWNrZXRzKCkucHJvbWlzZSgpO1xuXG4vLyAgIGZvciAobGV0IGJ1Y2tldCBvZiBidWNrZXRMaXN0LkJ1Y2tldHMgPz8gW10pIHtcbi8vICAgICB0cnkge1xuLy8gICAgICAgY29uc3QgcGFyYW1zOiBBV1MuUzMuVHlwZXMuR2V0QnVja2V0QWNsUmVxdWVzdCA9IHtcbi8vICAgICAgICAgQnVja2V0OiBidWNrZXQuTmFtZSB8fCAnJyxcbi8vICAgICAgIH07XG4vLyAgICAgICBjb25zdCBidWNrZXRBY2wgPSBhd2FpdCBjbGllbnQuZ2V0QnVja2V0QWNsKHBhcmFtcykucHJvbWlzZSgpO1xuLy8gICAgICAgY29uc29sZS5sb2coYGJ1Y2tldE5hbWU9JHtidWNrZXQuTmFtZX1gKTtcbi8vICAgICAgIGNvbnNvbGUubG9nKGBidWNrZXRBY2w9JHtKU09OLnN0cmluZ2lmeShidWNrZXRBY2wpfWApO1xuXG4vLyAgICAgICBmb3IgKGxldCBncmFudCBvZiBidWNrZXRBY2wuR3JhbnRzID8/IFtdKSB7XG4vLyAgICAgICAgIGlmIChncmFudC5HcmFudGVlPy5VUkk/LmVuZHNXaXRoKCcvQWxsVXNlcnMnKSB8fCBncmFudC5HcmFudGVlPy5VUkk/LmVuZHNXaXRoKCcvQXV0aGVudGljYXRlZFVzZXJzJykpIHtcbi8vICAgICAgICAgICBpZiAoKHByb3BzPy53aGl0ZUxpc3RlZEJ1Y2tldE5hbWVzPy5maW5kSW5kZXgod2hpdGVMaXN0ZWRCdWNrZXROYW1lID0+IGJ1Y2tldC5OYW1lID09PSB3aGl0ZUxpc3RlZEJ1Y2tldE5hbWUpID8/IC0xKSAhPT0gLTEpIHtcbi8vICAgICAgICAgICAgIGNvbnRpbnVlO1xuLy8gICAgICAgICAgIH1cbi8vICAgICAgICAgICByZXR1cm4gYGZhaWxlZCAke2J1Y2tldC5OYW1lfSBpcyBwdWJsaWNgO1xuLy8gICAgICAgICB9XG4vLyAgICAgICB9XG4vLyAgICAgfSBjYXRjaCAoZXJyb3IpIHtcbi8vICAgICAgIC8vIGlnbm9yZSBlcnJvcnMgbGlrZSBub3QgZXhpc3RpbmcgYnVja2V0IHBvbGljeSBmb3Igbm93XG4vLyAgICAgfVxuLy8gICB9XG5cbi8vICAgcmV0dXJuICdvayc7XG4vLyB9OyJdfQ==