From 240a7d4972e0be593ae40f358e6aadd63644e441 Mon Sep 17 00:00:00 2001 From: vjeffrey Date: Tue, 7 Nov 2023 06:54:46 -0700 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20aws:=20do=20not=20fail=20on=20mi?= =?UTF-8?q?ssing=20discover,=20use=20correct=20id=20detectors=20(#2508)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 🐛 aws: do not fail on missing discover, use correct id detectors * 🐛 osprovider: run detect if platform name is empty --- providers/aws/connection/connection.go | 6 +- .../aws/resources/discovery_conversion.go | 81 +++---------------- providers/os/provider/provider.go | 2 +- 3 files changed, 18 insertions(+), 71 deletions(-) diff --git a/providers/aws/connection/connection.go b/providers/aws/connection/connection.go index b201d4f02b..c2b6762bdd 100644 --- a/providers/aws/connection/connection.go +++ b/providers/aws/connection/connection.go @@ -106,8 +106,10 @@ func NewAwsConnection(id uint32, asset *inventory.Asset, conf *inventory.Config) c.accountId = *identity.Account c.profile = asset.Options["profile"] c.connectionOptions = asset.Options - c.Filters = parseOptsToFilters(conf.Discover.Filter) - c.RegionLimits = c.Filters.GeneralDiscoveryFilters.Regions + if conf.Discover != nil { + c.Filters = parseOptsToFilters(conf.Discover.Filter) + c.RegionLimits = c.Filters.GeneralDiscoveryFilters.Regions + } return c, nil } diff --git a/providers/aws/resources/discovery_conversion.go b/providers/aws/resources/discovery_conversion.go index 1dbf8cd195..dc469b66a9 100644 --- a/providers/aws/resources/discovery_conversion.go +++ b/providers/aws/resources/discovery_conversion.go @@ -225,13 +225,24 @@ func AssembleIntegrationName(alias string, id string) string { return fmt.Sprintf("AWS Account %s (%s)", alias, accountId) } +func getPlatformFamily(pf string) []string { + if strings.Contains(strings.ToLower(pf), "linux") { + return []string{"unix"} + } + if strings.Contains(strings.ToLower(pf), "windows") { + return []string{"windows"} + } + return []string{} +} + func addConnectionInfoToEc2Asset(instance *mqlAwsEc2Instance, accountId string, conn *connection.AwsConnection) *inventory.Asset { asset := &inventory.Asset{} asset.PlatformIds = []string{awsec2.MondooInstanceID(accountId, instance.Region.Data, instance.InstanceId.Data)} - asset.IdDetector = []string{"aws-ec2"} + asset.IdDetector = []string{ids.IdDetector_Hostname, ids.IdDetector_CloudDetect, ids.IdDetector_SshHostkey} asset.Platform = &inventory.Platform{ Kind: "virtual_machine", Runtime: "aws-ec2-instance", + Family: getPlatformFamily(instance.PlatformDetails.Data), } asset.State = mapEc2InstanceStateCode(instance.State.Data) asset.Labels = mapStringInterfaceToStringString(instance.Tags.Data) @@ -289,73 +300,6 @@ func addConnectionInfoToEc2Asset(instance *mqlAwsEc2Instance, accountId string, return asset } -func addSSMConnectionInfoToEc2Asset(instance *mqlAwsEc2Instance, accountId string, conn *connection.AwsConnection) *inventory.Asset { - asset := &inventory.Asset{} - asset.PlatformIds = []string{awsec2.MondooInstanceID(accountId, instance.Region.Data, instance.InstanceId.Data)} - asset.IdDetector = []string{"aws-ec2"} - asset.Platform = &inventory.Platform{ - Kind: "virtual_machine", - Runtime: "aws-ec2-instance", - } - ssm := "" - if s := instance.GetSsm().Data.(map[string]interface{})["InstanceInformationList"]; s != nil { - if len(s.([]interface{})) > 0 { - ssm = s.([]interface{})[0].(map[string]interface{})["PingStatus"].(string) - } - } - asset.State = mapSmmManagedPingStateCode(ssm) - asset.Options = conn.ConnectionOptions() - asset.Labels = mapStringInterfaceToStringString(instance.Tags.Data) - name := instance.InstanceId.Data - if lname := asset.Labels["Name"]; name != "" { - name = lname - } - asset.Name = name - imageId := "" - imageName := "" - if instance.GetImage().Data != nil { - imageId = instance.GetImage().Data.Id.Data - imageName = instance.GetImage().Data.Name.Data - } - asset.Labels["mondoo.com/region"] = instance.Region.Data - asset.Labels["mondoo.com/platform"] = instance.PlatformDetails.Data - asset.Labels["mondoo.com/image"] = imageId - - creds := []*vault.Credential{ - { - User: getProbableUsernameFromImageName(imageName), - Type: vault.CredentialType_aws_ec2_ssm_session, - }, - } - host := instance.InstanceId.Data - if instance.PublicIp.Data != "" { - host = instance.PublicIp.Data - } - if ssm == string(ssmtypes.PingStatusOnline) { - asset.Connections = []*inventory.Config{{ - Host: host, - Insecure: true, - Runtime: "aws_ec2", - Credentials: creds, - Options: map[string]string{ - "region": instance.Region.Data, - "profile": conn.Profile(), - "instance": instance.InstanceId.Data, - }, - }} - } else { - asset = MqlObjectToAsset(accountId, - mqlObject{ - name: name, labels: mapStringInterfaceToStringString(instance.Tags.Data), - awsObject: awsObject{ - account: accountId, region: instance.Region.Data, arn: instance.Arn.Data, - id: instance.InstanceId.Data, service: "ec2", objectType: "instance", - }, - }, conn) - } - return asset -} - func mapEc2InstanceStateCode(state string) inventory.State { switch state { case string(types.InstanceStateNameRunning): @@ -416,6 +360,7 @@ func addConnectionInfoToSSMAsset(instance *mqlAwsSsmInstance, accountId string, asset.Platform = &inventory.Platform{ Kind: "virtual_machine", Runtime: "aws-ssm-instance", + Family: getPlatformFamily(instance.PlatformName.Data), } asset.State = mapSmmManagedPingStateCode(instance.PingStatus.Data) if strings.HasPrefix(instance.InstanceId.Data, "i-") && instance.PingStatus.Data == string(ssmtypes.PingStatusOnline) { diff --git a/providers/os/provider/provider.go b/providers/os/provider/provider.go index a797288b44..eb698d16a7 100644 --- a/providers/os/provider/provider.go +++ b/providers/os/provider/provider.go @@ -228,7 +228,7 @@ func (s *Service) Connect(req *plugin.ConnectReq, callback plugin.ProviderCallba } // We only need to run the detection step when we don't have any asset information yet. - if req.Asset.Platform == nil { + if req.Asset.Platform == nil || req.Asset.Platform.Name == "" { if err := s.detect(req.Asset, conn); err != nil { return nil, err }