From 9b2dd15d47998805dcf03b89ba937f7bf92847e8 Mon Sep 17 00:00:00 2001 From: KuetTai Date: Mon, 8 Apr 2024 07:25:40 +0000 Subject: [PATCH 1/2] Fix issue #69, KMS lookup is not available in reporter --- .gitignore | 10 +++++----- services/kms/kms.reporter.json | 20 ++++++++++++++++++++ utils/CfnTrail.py | 4 ++-- utils/Tools.py | 4 ++-- 4 files changed, 29 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 1a45370..79669d2 100644 --- a/.gitignore +++ b/.gitignore @@ -3,11 +3,11 @@ test.py crossAccounts.json output.zip __fork/*.json -adminlte/**XX/ -adminlte/**/*.html -adminlte/**/*.xlsx -adminlte/**/error.txt - +adminlte/aws/**/ +adminlte/aws/**/*.html +adminlte/aws/**/*.xlsx +adminlte/aws/**/error.txt +.~c9_invoke* # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] diff --git a/services/kms/kms.reporter.json b/services/kms/kms.reporter.json index a04155c..e54d796 100644 --- a/services/kms/kms.reporter.json +++ b/services/kms/kms.reporter.json @@ -24,5 +24,25 @@ "ref": [ "[Best practices for AWS KMS grants]" ] + }, + "KeyInPendingDeletion":{ + "category": "O", + "^description": "[Informational], no action needed. {$COUNT} KMS key is under Pending Deletion Stage.", + "downtime": 0, + "slowness": 0, + "additionalCost": 0, + "needFullTest": 0, + "criticality": "I", + "shortDesc": "[Info] No Action Needed" + }, + "DisabledKey":{ + "category": "O", + "^description": "[Informational], no action needed. {$COUNT} KMS key is under Disabled Stage.", + "downtime": 0, + "slowness": 0, + "additionalCost": 0, + "needFullTest": 0, + "criticality": "I", + "shortDesc": "[Info] No Action Needed" } } \ No newline at end of file diff --git a/utils/CfnTrail.py b/utils/CfnTrail.py index 526edb6..929c6c1 100644 --- a/utils/CfnTrail.py +++ b/utils/CfnTrail.py @@ -52,7 +52,7 @@ def createStack(self): TemplateBody=self.ymlBody ) msg = "Empty CF stacked created successfully, name:" + self.getStackName() - _info(msg) + _info(msg, alwaysPrint=True) except botocore.exceptions.ClientError as e: ecode = e.response['Error']['Code'] @@ -68,7 +68,7 @@ def deleteStack(self): ) msg = "Empty CF stacked deleted successfully, name:" + self.getStackName() - _info(msg) + _info(msg, alwaysPrint=True) except botocore.exceptions.ClientError as e: ecode = e.response['Error']['Code'] emsg = e.response['Error']['Message'] diff --git a/utils/Tools.py b/utils/Tools.py index 7ca6852..a498d9b 100644 --- a/utils/Tools.py +++ b/utils/Tools.py @@ -12,8 +12,8 @@ def _pr(s, forcePrint = False): if forcePrint or DEBUG == True: print(s) -def _info(s): - _printStatus("info", s) +def _info(s, alwaysPrint = False): + _printStatus("info", s, alwaysPrint) def _warn(s): _printStatus("\033[1;41m__!! WARNING !!__\033[0m", s, forcePrint=True) From a7ee50bcd233694df88a382201b10c02ba347416 Mon Sep 17 00:00:00 2001 From: KuetTai Date: Mon, 8 Apr 2024 07:28:40 +0000 Subject: [PATCH 2/2] Fix issue #70, update README to reflect the right parameters for TAGS filter --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b09d65d..cea2e3e 100755 --- a/README.md +++ b/README.md @@ -79,7 +79,7 @@ screener --regions ap-southeast-1,us-east-1 --services rds,iam **Example 5: Run in the Singapore region, filter resources based on tags (e.g: Name=env Values=prod and Name=department Values=hr,coe)** ``` -screener --regions ap-southeast-1 --filters env=prod%department=hr,coe +screener --regions ap-southeast-1 --tags env=prod%department=hr,coe ``` **Example 6: Run in all regions and all services**