From 00b613fb9526759c13d059f3791832ce283422be Mon Sep 17 00:00:00 2001 From: AkhtarAmir Date: Mon, 11 Aug 2025 18:39:11 +0000 Subject: [PATCH 1/2] open source changes for migration --- .github/workflows/scans_ci.yml | 2 +- clients.spec.js | 119 ++++++++++ collectors/aws/accessanalyzer/listFindings.js | 6 +- .../aws/accessanalyzer/listFindingsV2.js | 6 +- .../aws/apigateway/getClientCertificate.js | 6 +- collectors/aws/apigateway/getIntegration.js | 6 +- .../aws/appmesh/describeVirtualGateway.js | 6 +- .../describeLaunchConfigurations.js | 6 +- .../describeNotificationConfigurations.js | 6 +- collectors/aws/cloudfront/getDistribution.js | 6 +- collectors/aws/cloudtrail/listTags.js | 6 +- .../aws/cloudwatch/getEc2MetricStatistics.js | 10 +- .../aws/cloudwatch/getEcMetricStatistics.js | 10 +- .../aws/cloudwatch/getEsMetricStatistics.js | 10 +- .../aws/cloudwatch/getRdsMetricStatistics.js | 10 +- .../getRdsReadIOPSMetricStatistics.js | 10 +- .../getRdsWriteIOPSMetricStatistics.js | 10 +- .../cloudwatch/getredshiftMetricStatistics.js | 10 +- collectors/aws/codebuild/batchGetProjects.js | 6 +- collectors/aws/collector.js | 132 +++++------ collectors/aws/collector_multipart.js | 109 +++++---- .../instanceAttachmentStorageConfigs.js | 6 +- ...listInstanceCallRecordingStorageConfigs.js | 6 +- ...istInstanceChatTranscriptStorageConfigs.js | 6 +- ...istInstanceExportedReportStorageConfigs.js | 6 +- .../listInstanceMediaStreamStorageConfigs.js | 6 +- .../aws/dynamodb/describeContinuousBackups.js | 6 +- collectors/aws/dynamodb/describeTable.js | 6 +- collectors/aws/dynamodb/listBackups.js | 6 +- .../aws/ec2/describeSnapshotAttribute.js | 6 +- collectors/aws/ec2/describeSnapshots.js | 11 +- collectors/aws/ec2/describeSubnets.js | 7 +- collectors/aws/ecs/describeCluster.js | 6 +- .../aws/ecs/describeContainerInstances.js | 6 +- collectors/aws/ecs/describeServices.js | 6 +- collectors/aws/ecs/describeTasks.js | 6 +- collectors/aws/ecs/listContainerInstances.js | 6 +- collectors/aws/ecs/listServices.js | 6 +- collectors/aws/ecs/listTasks.js | 6 +- collectors/aws/eks/describeCluster.js | 6 +- collectors/aws/eks/describeNodegroups.js | 6 +- collectors/aws/eks/listNodegroups.js | 6 +- .../elasticache/describeCacheSubnetGroups.js | 6 +- .../describeConfigurationSettings.js | 6 +- collectors/aws/elb/describeInstanceHealth.js | 6 +- .../aws/elb/describeLoadBalancerAttributes.js | 6 +- .../aws/elb/describeLoadBalancerPolicies.js | 6 +- collectors/aws/elb/describeTags.js | 6 +- collectors/aws/elbv2/describeListeners.js | 6 +- .../elbv2/describeLoadBalancerAttributes.js | 6 +- collectors/aws/elbv2/describeTags.js | 6 +- collectors/aws/elbv2/describeTargetGroups.js | 6 +- .../aws/emr/describeSecurityConfiguration.js | 6 +- .../aws/firehose/describeDeliveryStream.js | 6 +- .../describePublishingDestination.js | 6 +- collectors/aws/guardduty/getDetector.js | 6 +- collectors/aws/guardduty/getFindings.js | 6 +- collectors/aws/guardduty/getMasterAccount.js | 6 +- collectors/aws/guardduty/listFindings.js | 6 +- .../guardduty/listPublishingDestinations.js | 6 +- .../aws/iam/generateCredentialReport.js | 43 ++-- collectors/aws/iam/getGroupPolicy.js | 6 +- collectors/aws/iam/getInstanceProfile.js | 6 +- collectors/aws/iam/getPolicyVersion.js | 6 +- collectors/aws/iam/getRolePolicy.js | 6 +- collectors/aws/iam/getUserPolicy.js | 6 +- collectors/aws/iam/listRoles.js | 6 +- collectors/aws/kinesis/describeStream.js | 6 +- collectors/aws/kms/getKeyPolicy.js | 6 +- collectors/aws/kms/listGrants.js | 6 +- .../aws/lexmodelsv2/describeBotAlias.js | 6 +- collectors/aws/lookoutvision/describeModel.js | 6 +- collectors/aws/managedblockchain/getMember.js | 6 +- collectors/aws/mwaa/getEnvironment.js | 6 +- .../getEncryptionSecurityPolicy.js | 6 +- .../getNetworkSecurityPolicy.js | 6 +- .../listEncryptionSecurityPolicies.js | 6 +- .../listNetworkSecurityPolicies.js | 6 +- collectors/aws/rds/describeDBParameters.js | 6 +- collectors/aws/s3/index.js | 8 +- .../aws/s3control/getPublicAccessBlock.js | 6 +- .../aws/ses/getIdentityDkimAttributes.js | 6 +- collectors/aws/sqs/getQueueAttributes.js | 6 +- collectors/aws/ssm/describeParameters.js | 6 +- .../describeTrustedAdvisorCheckResult.js | 6 +- .../aws/wafregional/listResourcesForWebACL.js | 6 +- collectors/aws/wafv2/getWebACL.js | 6 +- .../aws/wafv2/getWebACLForCognitoUserPool.js | 8 +- .../aws/wafv2/listResourcesForWebACL.js | 6 +- engine.js | 38 +++- engine.spec.js | 17 +- exports.js | 10 +- helpers/aws/clients.js | 211 ++++++++++++++++++ helpers/aws/functions.js | 87 +++++++- package.json | 108 +++++++++ plugins/aws/computeoptimizer/asgOptimized.js | 4 +- .../computeoptimizer/ebsVolumesOptimized.js | 4 +- .../computeoptimizer/ec2InstancesOptimized.js | 4 +- .../lambdaFunctionsOptimized.js | 4 +- .../optimizerRecommendationsEnabled.js | 4 +- .../optimizerRecommendationsEnabled.spec.js | 2 +- plugins/aws/securityhub/securityHubEnabled.js | 2 +- .../securityhub/securityHubEnabled.spec.js | 2 +- plugins/aws/shield/shieldAdvancedEnabled.js | 4 +- .../aws/shield/shieldAdvancedEnabled.spec.js | 2 +- plugins/aws/shield/shieldEmergencyContacts.js | 4 +- .../shield/shieldEmergencyContacts.spec.js | 2 +- plugins/aws/shield/shieldProtections.js | 4 +- plugins/aws/shield/shieldProtections.spec.js | 2 +- 109 files changed, 1086 insertions(+), 376 deletions(-) create mode 100644 clients.spec.js create mode 100644 helpers/aws/clients.js diff --git a/.github/workflows/scans_ci.yml b/.github/workflows/scans_ci.yml index 52815e2347..c98eb21ba0 100644 --- a/.github/workflows/scans_ci.yml +++ b/.github/workflows/scans_ci.yml @@ -10,7 +10,7 @@ jobs: - name: Use Node.js uses: actions/setup-node@v1 with: - node-version: '12.x' + node-version: '18.x' - uses: codespell-project/actions-codespell@master with: check_filenames: true diff --git a/clients.spec.js b/clients.spec.js new file mode 100644 index 0000000000..1810b91e2c --- /dev/null +++ b/clients.spec.js @@ -0,0 +1,119 @@ +const assert = require('assert'); +const awsClients = [ + '@aws-sdk/client-accessanalyzer', + '@aws-sdk/client-acm', + '@aws-sdk/client-api-gateway', + '@aws-sdk/client-apigatewayv2', + '@aws-sdk/client-apprunner', + '@aws-sdk/client-athena', + '@aws-sdk/client-auditmanager', + '@aws-sdk/client-auto-scaling', + '@aws-sdk/client-backup', + '@aws-sdk/client-appconfig', + '@aws-sdk/client-cloudformation', + '@aws-sdk/client-cognito-identity-provider', + '@aws-sdk/client-comprehend', + '@aws-sdk/client-compute-optimizer', + '@aws-sdk/client-config-service', + '@aws-sdk/client-sts', + '@aws-sdk/client-bedrock', + '@aws-sdk/client-s3', + '@aws-sdk/client-dynamodb', + '@aws-sdk/client-ec2', + '@aws-sdk/client-lambda', + '@aws-sdk/client-rds', + '@aws-sdk/client-sns', + '@aws-sdk/client-sqs', + '@aws-sdk/client-iam', + '@aws-sdk/client-cloudwatch', + '@aws-sdk/client-cloudfront', + '@aws-sdk/client-codebuild', + '@aws-sdk/client-customer-profiles', + '@aws-sdk/client-connect', + '@aws-sdk/client-database-migration-service', + '@aws-sdk/client-devops-guru', + '@aws-sdk/client-route-53', + '@aws-sdk/client-route-53-domains', + '@aws-sdk/client-waf-regional', + '@aws-sdk/client-waf', + '@aws-sdk/client-cloudtrail', + '@aws-sdk/client-timestream-write', + '@aws-sdk/client-redshift', + '@aws-sdk/client-docdb', + '@aws-sdk/client-neptune', + '@aws-sdk/client-elasticache', + '@aws-sdk/client-memorydb', + '@aws-sdk/client-kendra', + '@aws-sdk/client-qldb', + '@aws-sdk/client-efs', + '@aws-sdk/client-glacier', + '@aws-sdk/client-kms', + '@aws-sdk/client-secrets-manager', + '@aws-sdk/client-cloudwatch-logs', + '@aws-sdk/client-eventbridge', + '@aws-sdk/client-app-mesh', + '@aws-sdk/client-emr', + '@aws-sdk/client-codeartifact', + '@aws-sdk/client-codepipeline', + '@aws-sdk/client-ssm', + '@aws-sdk/client-sagemaker', + '@aws-sdk/client-proton', + '@aws-sdk/client-organizations', + '@aws-sdk/client-mwaa', + '@aws-sdk/client-managedblockchain', + '@aws-sdk/client-lookoutvision', + '@aws-sdk/client-lookoutequipment', + '@aws-sdk/client-lookoutmetrics', + '@aws-sdk/client-location', + '@aws-sdk/client-lex-models-v2', + '@aws-sdk/client-kinesis-video', + '@aws-sdk/client-dax', + '@aws-sdk/client-ecr', + '@aws-sdk/client-ecs', + '@aws-sdk/client-eks', + '@aws-sdk/client-elastic-beanstalk', + '@aws-sdk/client-elastic-transcoder', + '@aws-sdk/client-elastic-load-balancing', + '@aws-sdk/client-elastic-load-balancing-v2', + '@aws-sdk/client-finspace', + '@aws-sdk/client-firehose', + '@aws-sdk/client-forecast', + '@aws-sdk/client-frauddetector', + '@aws-sdk/client-fsx', + '@aws-sdk/client-glue', + '@aws-sdk/client-databrew', + '@aws-sdk/client-guardduty', + '@aws-sdk/client-healthlake', + '@aws-sdk/client-imagebuilder', + '@aws-sdk/client-iotsitewise', + '@aws-sdk/client-kinesis', + '@aws-sdk/client-mq', + '@aws-sdk/client-kafka', + '@aws-sdk/client-opensearch', + '@aws-sdk/client-opensearchserverless', + '@aws-sdk/client-securityhub', + '@aws-sdk/client-ses', + '@aws-sdk/client-shield', + '@aws-sdk/client-transfer', + '@aws-sdk/client-translate', + '@aws-sdk/client-wafv2', + '@aws-sdk/client-workspaces', + '@aws-sdk/client-xray', + '@aws-sdk/client-appflow', + '@aws-sdk/client-dlm', + '@aws-sdk/client-resource-groups-tagging-api', + '@aws-sdk/client-voice-id', + '@aws-sdk/client-wisdom' +]; + +describe('AWS SDK Clients', function () { + awsClients.forEach(client => { + it(`should have ${client} installed`, function () { + try { + require(client); + } catch (err) { + assert.fail(`${client} is not installed`); + } + }); + }); +}); diff --git a/collectors/aws/accessanalyzer/listFindings.js b/collectors/aws/accessanalyzer/listFindings.js index 10c9cb933b..decc88253a 100644 --- a/collectors/aws/accessanalyzer/listFindings.js +++ b/collectors/aws/accessanalyzer/listFindings.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + AccessAnalyzer +} = require('@aws-sdk/client-accessanalyzer'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var accessanalyzer = new AWS.AccessAnalyzer(AWSConfig); + var accessanalyzer = new AccessAnalyzer(AWSConfig); async.eachLimit(collection.accessanalyzer.listAnalyzers[AWSConfig.region].data, 15, function(analyzer, cb) { collection.accessanalyzer.listFindings[AWSConfig.region][analyzer.arn] = {}; var params = { diff --git a/collectors/aws/accessanalyzer/listFindingsV2.js b/collectors/aws/accessanalyzer/listFindingsV2.js index 3f9240b56e..79bcd1f92c 100644 --- a/collectors/aws/accessanalyzer/listFindingsV2.js +++ b/collectors/aws/accessanalyzer/listFindingsV2.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + AccessAnalyzer +} = require('@aws-sdk/client-accessanalyzer'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var accessanalyzer = new AWS.AccessAnalyzer(AWSConfig); + var accessanalyzer = new AccessAnalyzer(AWSConfig); async.eachLimit(collection.accessanalyzer.listAnalyzers[AWSConfig.region].data, 15, function(analyzer, cb) { collection.accessanalyzer.listFindingsV2[AWSConfig.region][analyzer.arn] = {}; var params = { diff --git a/collectors/aws/apigateway/getClientCertificate.js b/collectors/aws/apigateway/getClientCertificate.js index 7c68bcfb22..a734880ca8 100644 --- a/collectors/aws/apigateway/getClientCertificate.js +++ b/collectors/aws/apigateway/getClientCertificate.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + APIGateway +} = require('@aws-sdk/client-api-gateway'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var apigateway = new AWS.APIGateway(AWSConfig); + var apigateway = new APIGateway(AWSConfig); async.eachLimit(collection.apigateway.getRestApis[AWSConfig.region].data, 5, function(api, cb){ if (!collection.apigateway.getStages || diff --git a/collectors/aws/apigateway/getIntegration.js b/collectors/aws/apigateway/getIntegration.js index 9a4ce5ca39..775798fc9a 100644 --- a/collectors/aws/apigateway/getIntegration.js +++ b/collectors/aws/apigateway/getIntegration.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + APIGateway +} = require('@aws-sdk/client-api-gateway'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var apigateway = new AWS.APIGateway(AWSConfig); + var apigateway = new APIGateway(AWSConfig); async.eachLimit(collection.apigateway.getRestApis[AWSConfig.region].data, 5, function(api, cb){ if (!collection.apigateway.getResources || diff --git a/collectors/aws/appmesh/describeVirtualGateway.js b/collectors/aws/appmesh/describeVirtualGateway.js index e6a55fd82c..a6538cb8e5 100644 --- a/collectors/aws/appmesh/describeVirtualGateway.js +++ b/collectors/aws/appmesh/describeVirtualGateway.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + AppMesh +} = require('@aws-sdk/client-app-mesh'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var appmesh = new AWS.AppMesh(AWSConfig); + var appmesh = new AppMesh(AWSConfig); if (!collection.appmesh || !collection.appmesh.listMeshes || diff --git a/collectors/aws/autoscaling/describeLaunchConfigurations.js b/collectors/aws/autoscaling/describeLaunchConfigurations.js index eb47515c0b..e700e0b7b2 100644 --- a/collectors/aws/autoscaling/describeLaunchConfigurations.js +++ b/collectors/aws/autoscaling/describeLaunchConfigurations.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + AutoScaling +} = require('@aws-sdk/client-auto-scaling'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var autoscaling = new AWS.AutoScaling(AWSConfig); + var autoscaling = new AutoScaling(AWSConfig); async.eachLimit(collection.autoscaling.describeAutoScalingGroups[AWSConfig.region].data, 15, function(asg, cb){ collection.autoscaling.describeLaunchConfigurations[AWSConfig.region][asg.AutoScalingGroupARN] = {}; diff --git a/collectors/aws/autoscaling/describeNotificationConfigurations.js b/collectors/aws/autoscaling/describeNotificationConfigurations.js index 34e4adcb6d..94cf8dfd5f 100644 --- a/collectors/aws/autoscaling/describeNotificationConfigurations.js +++ b/collectors/aws/autoscaling/describeNotificationConfigurations.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + AutoScaling +} = require('@aws-sdk/client-auto-scaling'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var autoscaling = new AWS.AutoScaling(AWSConfig); + var autoscaling = new AutoScaling(AWSConfig); async.eachLimit(collection.autoscaling.describeAutoScalingGroups[AWSConfig.region].data, 15, function(asg, cb){ var params = { diff --git a/collectors/aws/cloudfront/getDistribution.js b/collectors/aws/cloudfront/getDistribution.js index f0f979c067..1821f0fc3a 100644 --- a/collectors/aws/cloudfront/getDistribution.js +++ b/collectors/aws/cloudfront/getDistribution.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudFront +} = require('@aws-sdk/client-cloudfront'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudfront = new AWS.CloudFront(AWSConfig); + var cloudfront = new CloudFront(AWSConfig); async.eachLimit(collection.cloudfront.listDistributions[AWSConfig.region].data, 15, function(distribution, cb){ collection.cloudfront.getDistribution[AWSConfig.region][distribution.Id] = {}; diff --git a/collectors/aws/cloudtrail/listTags.js b/collectors/aws/cloudtrail/listTags.js index dc3c2cbc9e..f6387f852e 100644 --- a/collectors/aws/cloudtrail/listTags.js +++ b/collectors/aws/cloudtrail/listTags.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudTrail +} = require('@aws-sdk/client-cloudtrail'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudtrail = new AWS.CloudTrail(AWSConfig); + var cloudtrail = new CloudTrail(AWSConfig); async.eachLimit(collection.cloudtrail.describeTrails[AWSConfig.region].data, 15, function(trail, cb) { var params = { diff --git a/collectors/aws/cloudwatch/getEc2MetricStatistics.js b/collectors/aws/cloudwatch/getEc2MetricStatistics.js index 3742ea8762..4df9ba688a 100644 --- a/collectors/aws/cloudwatch/getEc2MetricStatistics.js +++ b/collectors/aws/cloudwatch/getEc2MetricStatistics.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudWatch +} = require('@aws-sdk/client-cloudwatch'); var async = require('async'); var helpers = require('../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudwatch = new AWS.CloudWatch(AWSConfig); + var cloudwatch = new CloudWatch(AWSConfig); async.eachLimit(collection.ec2.describeInstances[AWSConfig.region].data, 10, function(reservation, cb) { reservation.Instances.forEach(instance => { @@ -14,8 +16,8 @@ module.exports = function(AWSConfig, collection, retries, callback) { var params = { 'MetricName': 'CPUUtilization', 'Namespace': 'AWS/EC2', - 'StartTime': startTime.toISOString(), - 'EndTime': endTime.toISOString(), + 'StartTime': startTime, + 'EndTime': endTime, 'Period': 3600, 'Statistics': ['Average'], 'Dimensions': [ diff --git a/collectors/aws/cloudwatch/getEcMetricStatistics.js b/collectors/aws/cloudwatch/getEcMetricStatistics.js index 5ecb621e26..93bb15f48f 100644 --- a/collectors/aws/cloudwatch/getEcMetricStatistics.js +++ b/collectors/aws/cloudwatch/getEcMetricStatistics.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudWatch +} = require('@aws-sdk/client-cloudwatch'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudwatch = new AWS.CloudWatch(AWSConfig); + var cloudwatch = new CloudWatch(AWSConfig); async.eachLimit(collection.elasticache.describeCacheClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.cloudwatch.getEcMetricStatistics[AWSConfig.region][cluster.CacheClusterId] = {}; @@ -13,8 +15,8 @@ module.exports = function(AWSConfig, collection, retries, callback) { var params = { 'MetricName': 'CPUUtilization', 'Namespace':'AWS/ElastiCache', - 'StartTime': startTime.toISOString(), - 'EndTime': endTime.toISOString(), + 'StartTime': startTime, + 'EndTime': endTime, 'Period': 3600, 'Statistics': ['Average'], 'Dimensions' : [ diff --git a/collectors/aws/cloudwatch/getEsMetricStatistics.js b/collectors/aws/cloudwatch/getEsMetricStatistics.js index 559a3ee40a..562cf1b96e 100644 --- a/collectors/aws/cloudwatch/getEsMetricStatistics.js +++ b/collectors/aws/cloudwatch/getEsMetricStatistics.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudWatch +} = require('@aws-sdk/client-cloudwatch'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudwatch = new AWS.CloudWatch(AWSConfig); + var cloudwatch = new CloudWatch(AWSConfig); async.eachLimit(collection.opensearch.listDomainNames[AWSConfig.region].data, 10, function(domain, cb){ collection.cloudwatch.getEsMetricStatistics[AWSConfig.region][domain.DomainName] = {}; @@ -13,8 +15,8 @@ module.exports = function(AWSConfig, collection, retries, callback) { var params = { 'MetricName': 'ClusterStatus.Red', 'Namespace':'AWS/ES', - 'StartTime': startTime.toISOString(), - 'EndTime': endTime.toISOString(), + 'StartTime': startTime, + 'EndTime': endTime, 'Period': 3600, 'Statistics': ['Maximum'], 'Dimensions' : [ diff --git a/collectors/aws/cloudwatch/getRdsMetricStatistics.js b/collectors/aws/cloudwatch/getRdsMetricStatistics.js index afc81333a7..a50e40f1c1 100644 --- a/collectors/aws/cloudwatch/getRdsMetricStatistics.js +++ b/collectors/aws/cloudwatch/getRdsMetricStatistics.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudWatch +} = require('@aws-sdk/client-cloudwatch'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudwatch = new AWS.CloudWatch(AWSConfig); + var cloudwatch = new CloudWatch(AWSConfig); async.eachLimit(collection.rds.describeDBInstances[AWSConfig.region].data, 10, function(instance, cb){ collection.cloudwatch.getRdsMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier] = {}; @@ -13,8 +15,8 @@ module.exports = function(AWSConfig, collection, retries, callback) { var params = { 'MetricName': 'CPUUtilization', 'Namespace':'AWS/RDS', - 'StartTime': startTime.toISOString(), - 'EndTime': endTime.toISOString(), + 'StartTime': startTime, + 'EndTime': endTime, 'Period': 86400, 'Statistics': ['Average'], 'Dimensions' : [ diff --git a/collectors/aws/cloudwatch/getRdsReadIOPSMetricStatistics.js b/collectors/aws/cloudwatch/getRdsReadIOPSMetricStatistics.js index a080770755..e6c75335ba 100644 --- a/collectors/aws/cloudwatch/getRdsReadIOPSMetricStatistics.js +++ b/collectors/aws/cloudwatch/getRdsReadIOPSMetricStatistics.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudWatch +} = require('@aws-sdk/client-cloudwatch'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudwatch = new AWS.CloudWatch(AWSConfig); + var cloudwatch = new CloudWatch(AWSConfig); async.eachLimit(collection.rds.describeDBInstances[AWSConfig.region].data, 10, function(instance, cb){ collection.cloudwatch.getRdsReadIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier] = {}; @@ -13,8 +15,8 @@ module.exports = function(AWSConfig, collection, retries, callback) { var params = { 'MetricName': 'ReadIOPS', 'Namespace':'AWS/RDS', - 'StartTime': startTime.toISOString(), - 'EndTime': endTime.toISOString(), + 'StartTime': startTime, + 'EndTime': endTime, 'Period': 86400, 'Statistics': ['Sum'], 'Dimensions' : [ diff --git a/collectors/aws/cloudwatch/getRdsWriteIOPSMetricStatistics.js b/collectors/aws/cloudwatch/getRdsWriteIOPSMetricStatistics.js index 5f68bfecd0..c01a731f3f 100644 --- a/collectors/aws/cloudwatch/getRdsWriteIOPSMetricStatistics.js +++ b/collectors/aws/cloudwatch/getRdsWriteIOPSMetricStatistics.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudWatch +} = require('@aws-sdk/client-cloudwatch'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudwatch = new AWS.CloudWatch(AWSConfig); + var cloudwatch = new CloudWatch(AWSConfig); async.eachLimit(collection.rds.describeDBInstances[AWSConfig.region].data, 10, function(instance, cb){ collection.cloudwatch.getRdsWriteIOPSMetricStatistics[AWSConfig.region][instance.DBInstanceIdentifier] = {}; @@ -13,8 +15,8 @@ module.exports = function(AWSConfig, collection, retries, callback) { var params = { 'MetricName': 'WriteIOPS', 'Namespace':'AWS/RDS', - 'StartTime': startTime.toISOString(), - 'EndTime': endTime.toISOString(), + 'StartTime': startTime, + 'EndTime': endTime, 'Period': 86400, 'Statistics': ['Sum'], 'Dimensions' : [ diff --git a/collectors/aws/cloudwatch/getredshiftMetricStatistics.js b/collectors/aws/cloudwatch/getredshiftMetricStatistics.js index 979f8543e6..8fca78860e 100644 --- a/collectors/aws/cloudwatch/getredshiftMetricStatistics.js +++ b/collectors/aws/cloudwatch/getredshiftMetricStatistics.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CloudWatch +} = require('@aws-sdk/client-cloudwatch'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var cloudwatch = new AWS.CloudWatch(AWSConfig); + var cloudwatch = new CloudWatch(AWSConfig); async.eachLimit(collection.redshift.describeClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.cloudwatch.getredshiftMetricStatistics[AWSConfig.region][cluster.ClusterIdentifier] = {}; @@ -13,8 +15,8 @@ module.exports = function(AWSConfig, collection, retries, callback) { var params = { 'MetricName': 'CPUUtilization', 'Namespace':'AWS/Redshift', - 'StartTime': startTime.toISOString(), - 'EndTime': endTime.toISOString(), + 'StartTime': startTime, + 'EndTime': endTime, 'Period': 3600, 'Statistics': ['Average'], 'Dimensions' : [ diff --git a/collectors/aws/codebuild/batchGetProjects.js b/collectors/aws/codebuild/batchGetProjects.js index e176ce5d76..76e56102bf 100644 --- a/collectors/aws/codebuild/batchGetProjects.js +++ b/collectors/aws/codebuild/batchGetProjects.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + CodeBuild +} = require('@aws-sdk/client-codebuild'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var codebuild = new AWS.CodeBuild(AWSConfig); + var codebuild = new CodeBuild(AWSConfig); async.eachLimit(collection.codebuild.listProjects[AWSConfig.region].data, 15, function(project, cb){ collection.codebuild.batchGetProjects[AWSConfig.region][project] = {}; diff --git a/collectors/aws/collector.js b/collectors/aws/collector.js index 6f7fa7b99a..8855d8e751 100644 --- a/collectors/aws/collector.js +++ b/collectors/aws/collector.js @@ -10,21 +10,26 @@ - api_calls: (Optional) If provided, will only query these APIs. - Example: { - "skip_regions": ["us-east-2", "eu-west-1"], - "api_calls": ["EC2:describeInstances", "S3:listBuckets"] + "skip_regions": ["us-east-2", "eu-west-1"], + "api_calls": ["EC2:describeInstances", "S3:listBuckets"] } - callback: Function to call when the collection is complete *********************/ -var AWS = require('aws-sdk'); +const { + EC2 +} = require('@aws-sdk/client-ec2'); var async = require('async'); -var https = require('https'); var helpers = require(__dirname + '/../../helpers/aws'); var collectors = require(__dirname + '/../../collectors/aws'); var collectData = require(__dirname + '/../../helpers/shared.js'); -// Override max sockets -var agent = new https.Agent({maxSockets: 100}); -AWS.config.update({httpOptions: {agent: agent}}); + +const { Agent } = require('https'); +const { Agent: HttpAgent } = require('http'); +const { NodeHttpHandler } = require('@aws-sdk/node-http-handler'); + +// Import centralized AWS SDK v3 clients +const awsClients = require('../../helpers/aws/clients'); var rateError = {message: 'rate', statusCode: 429}; @@ -51,6 +56,21 @@ var collect = function(AWSConfig, settings, callback) { var debugMode = settings.debug_mode; if (debugMode) AWSXRay = require('aws-xray-sdk'); + // Override max sockets + AWSConfig.customUserAgent = `CustomAgent/${process.version}`; + + const customHttpClient = new NodeHttpHandler({ + httpsAgent: new Agent({maxSockets: 100}), + httpAgent: new HttpAgent({maxSockets: 100}) + }); + + AWSConfig.httpClient = { + handle: async(request, options) => { + return customHttpClient.handle(request, options); + }, + }; + + AWSConfig.maxRetries = 8; AWSConfig.retryDelayOptions = {base: 100}; @@ -63,7 +83,7 @@ var collect = function(AWSConfig, settings, callback) { let runApiCalls = []; - var AWSEC2 = new AWS.EC2(AWSConfig); + var AWSEC2 = new EC2(AWSConfig); var params = {AllRegions: true}; var excludeRegions = []; @@ -83,6 +103,7 @@ var collect = function(AWSConfig, settings, callback) { var serviceName = service; var serviceLower = service.toLowerCase(); if (!collection[serviceLower]) collection[serviceLower] = {}; + //const correctedServiceName = helpers.getCorrectServiceName(serviceName); // Loop through each of the service's functions async.eachOfLimit(call, 15, function(callObj, callKey, callCb) { @@ -136,7 +157,10 @@ var collect = function(AWSConfig, settings, callback) { } }); } else { - var executor = debugMode ? (AWSXRay.captureAWSClient(new AWS[serviceName](LocalAWSConfig))) : new AWS[serviceName](LocalAWSConfig); + console.log(`Going to import: ${serviceName}`); + // Replace dynamic import with centralized client usage + const executor = debugMode ? (AWSXRay.captureAWSv3Client(new awsClients[serviceLower](LocalAWSConfig))) : new awsClients[serviceLower](LocalAWSConfig); + var paginating = false; var executorCb = function(err, data) { if (err) { @@ -146,7 +170,7 @@ var collect = function(AWSConfig, settings, callback) { if (!data) return regionCb(); if (callObj.property && !data[callObj.property]) return regionCb(); - if (callObj.secondProperty && !data[callObj.secondProperty]) return regionCb(); + if (callObj.secondProperty && !(data[callObj.secondProperty] || (data[callObj.property] && data[callObj.property][callObj.secondProperty]))) regionCb(); var dataToAdd = callObj.secondProperty ? data[callObj.property][callObj.secondProperty] : data[callObj.property] ? data[callObj.property] : data; @@ -172,55 +196,30 @@ var collect = function(AWSConfig, settings, callback) { // so that the injection of the NextToken doesn't break other calls var localParams = JSON.parse(JSON.stringify(callObj.params || {})); if (nextTokens) localParams[nextTokens[0]] = nextTokens[1]; - if (callObj.params || nextTokens) { - async.retry({ - times: apiRetryAttempts, - interval: function(retryCount){ - let retryExponential = 3; - let retryLeveler = 3; - let timestamp = parseInt(((new Date()).getTime()).toString().slice(-1)); - let retry_temp = Math.min(apiRetryCap, (apiRetryBackoff * (retryExponential + timestamp) ** retryCount)); - let retry_seconds = Math.round(retry_temp/retryLeveler + Math.random(0, retry_temp) * 5000); - - console.log(`Trying ${callKey} again in: ${retry_seconds/1000} seconds`); - retries.push({seconds: Math.round(retry_seconds/1000)}); - return retry_seconds; - }, - errorFilter: function(err) { - return helpers.collectRateError(err, rateError); - } - }, function(cb) { - executor[callKey](localParams, function(err, data) { - return cb(err, data); - }); - }, function(err, data){ - executorCb(err, data); - }); - } else { - async.retry({ - times: apiRetryAttempts, - interval: function(retryCount){ - let retryExponential = 3; - let retryLeveler = 3; - let timestamp = parseInt(((new Date()).getTime()).toString().slice(-1)); - let retry_temp = Math.min(apiRetryCap, (apiRetryBackoff * (retryExponential + timestamp) ** retryCount)); - let retry_seconds = Math.round(retry_temp/retryLeveler + Math.random(0, retry_temp) * 5000); - - console.log(`Trying ${callKey} again in: ${retry_seconds/1000} seconds`); - retries.push({seconds: Math.round(retry_seconds/1000)}); - return retry_seconds; - }, - errorFilter: function(err) { - return helpers.collectRateError(err, rateError); - } - }, function(cb) { - executor[callKey](function(err, data) { - return cb(err, data); - }); - }, function(err, data){ - executorCb(err, data); + async.retry({ + times: apiRetryAttempts, + interval: function(retryCount){ + let retryExponential = 3; + let retryLeveler = 3; + let timestamp = parseInt(((new Date()).getTime()).toString().slice(-1)); + let retry_temp = Math.min(apiRetryCap, (apiRetryBackoff * (retryExponential + timestamp) ** retryCount)); + let retry_seconds = Math.round(retry_temp/retryLeveler + Math.random(0, retry_temp) * 5000); + + console.log(`Trying ${callKey} again in: ${retry_seconds/1000} seconds`); + retries.push({seconds: Math.round(retry_seconds/1000)}); + return retry_seconds; + }, + errorFilter: function(err) { + return helpers.collectRateError(err, rateError); + } + }, function(cb) { + executor[callKey](localParams, function(err, data) { + return cb(err, data); }); - } + }, function(err, data){ + executorCb(err, data); + }); + } execute(); } @@ -236,6 +235,7 @@ var collect = function(AWSConfig, settings, callback) { async.eachSeries(helpers.postcalls, function(postcallObj, postcallCb) { async.eachOfLimit(postcallObj, 10, function(serviceObj, service, serviceCb) { var serviceName = service; + //var correctedServiceName= helpers.getCorrectServiceName(serviceName); var serviceLower = service.toLowerCase(); var serviceIntegration = { enabled : postcallObj && postcallObj[serviceName] && postcallObj[serviceName].sendIntegration && postcallObj[serviceName].sendIntegration.enabled ? true : false, @@ -278,10 +278,10 @@ var collect = function(AWSConfig, settings, callback) { if (callObj.reliesOnCall && (!collection[callObj.reliesOnService] || - !collection[callObj.reliesOnService][callObj.reliesOnCall] || - !collection[callObj.reliesOnService][callObj.reliesOnCall][region] || - !collection[callObj.reliesOnService][callObj.reliesOnCall][region].data || - !collection[callObj.reliesOnService][callObj.reliesOnCall][region].data.length)) + !collection[callObj.reliesOnService][callObj.reliesOnCall] || + !collection[callObj.reliesOnService][callObj.reliesOnCall][region] || + !collection[callObj.reliesOnService][callObj.reliesOnCall][region].data || + !collection[callObj.reliesOnService][callObj.reliesOnCall][region].data.length)) return regionCb(); var LocalAWSConfig = JSON.parse(JSON.stringify(AWSConfig)); @@ -305,7 +305,10 @@ var collect = function(AWSConfig, settings, callback) { } }); } else { - var executor = debugMode ? (AWSXRay.captureAWSClient(new AWS[serviceName](LocalAWSConfig))) : new AWS[serviceName](LocalAWSConfig); + console.log(`Going to import: ${serviceName}`); + + // Replace dynamic import with centralized client usage + const executor = debugMode ? (AWSXRay.captureAWSv3Client(new awsClients[serviceLower](LocalAWSConfig))) : new awsClients[serviceLower](LocalAWSConfig); if (!collection[callObj.reliesOnService][callObj.reliesOnCall][LocalAWSConfig.region] || !collection[callObj.reliesOnService][callObj.reliesOnCall][LocalAWSConfig.region].data) { @@ -361,6 +364,7 @@ var collect = function(AWSConfig, settings, callback) { regionCb(); }); } + }, function() { helpers.debugApiCalls(callKey, serviceName, debugMode); callCb(); @@ -424,4 +428,4 @@ var collect = function(AWSConfig, settings, callback) { }); }; -module.exports = collect; \ No newline at end of file +module.exports = collect; diff --git a/collectors/aws/collector_multipart.js b/collectors/aws/collector_multipart.js index e9960d4aee..97947b21dd 100644 --- a/collectors/aws/collector_multipart.js +++ b/collectors/aws/collector_multipart.js @@ -16,16 +16,17 @@ - callback: Function to call when the collection is complete *********************/ -var AWS = require('aws-sdk'); +const { + EC2 +} = require('@aws-sdk/client-ec2'); var async = require('async'); -var https = require('https'); var helpers = require(__dirname + '/../../helpers/aws'); var collectors = require(__dirname + '/../../collectors/aws'); var collectData = require(__dirname + '/../../helpers/shared.js'); -// Override max sockets -var agent = new https.Agent({maxSockets: 100}); -AWS.config.update({httpOptions: {agent: agent}}); +const { Agent } = require('https'); +const { Agent: HttpAgent } = require('http'); +const { NodeHttpHandler } = require('@aws-sdk/node-http-handler'); var CALLS_CONFIG = { TOTAL_PARTS: 14, @@ -62,6 +63,20 @@ var collect = function(AWSConfig, settings, callback) { var debugMode = settings.debug_mode; if (debugMode) AWSXRay = require('aws-xray-sdk'); + // Override max sockets + AWSConfig.customUserAgent = `CustomAgent/${process.version}`; + + const customHttpClient = new NodeHttpHandler({ + httpsAgent: new Agent({maxSockets: 100}), + httpAgent: new HttpAgent({maxSockets: 100}) + }); + + AWSConfig.httpClient = { + handle: async(request, options) => { + return customHttpClient.handle(request, options); + }, + }; + AWSConfig.maxRetries = 8; AWSConfig.retryDelayOptions = {base: 100}; @@ -80,7 +95,7 @@ var collect = function(AWSConfig, settings, callback) { let runApiCalls = []; - var AWSEC2 = new AWS.EC2(AWSConfig); + var AWSEC2 = new EC2(AWSConfig); var params = {AllRegions: true}; var excludeRegions = []; var timeoutCheck; @@ -112,6 +127,7 @@ var collect = function(AWSConfig, settings, callback) { var serviceName = service; var serviceLower = service.toLowerCase(); if (!collection[serviceLower]) collection[serviceLower] = {}; + const correctedServiceName = helpers.getCorrectServiceName(serviceName); // Loop through each of the service's functions async.eachOfLimit(call, 15, function(callObj, callKey, callCb) { @@ -165,7 +181,8 @@ var collect = function(AWSConfig, settings, callback) { } }); } else { - var executor = debugMode ? (AWSXRay.captureAWSClient(new AWS[serviceName](LocalAWSConfig))) : new AWS[serviceName](LocalAWSConfig); + const executorModule = helpers.requireServiceModule(serviceName); + const executor = debugMode ? (AWSXRay.captureAWSv3Client(new executorModule[correctedServiceName](LocalAWSConfig))) : new executorModule[correctedServiceName](LocalAWSConfig); var paginating = false; var executorCb = function(err, data) { if (err) { @@ -175,7 +192,7 @@ var collect = function(AWSConfig, settings, callback) { if (!data) return regionCb(); if (callObj.property && !data[callObj.property]) return regionCb(); - if (callObj.secondProperty && !data[callObj.secondProperty]) return regionCb(); + if (callObj.secondProperty && !(data[callObj.secondProperty] || (data[callObj.property] && data[callObj.property][callObj.secondProperty]))) regionCb(); var dataToAdd = callObj.secondProperty ? data[callObj.property][callObj.secondProperty] : data[callObj.property] ? data[callObj.property] : data; @@ -201,57 +218,33 @@ var collect = function(AWSConfig, settings, callback) { // so that the injection of the NextToken doesn't break other calls var localParams = JSON.parse(JSON.stringify(callObj.params || {})); if (nextTokens) localParams[nextTokens[0]] = nextTokens[1]; - if (callObj.params || nextTokens) { - async.retry({ - times: apiRetryAttempts, - interval: function(retryCount){ - let retryExponential = 3; - let retryLeveler = 3; - let timestamp = parseInt(((new Date()).getTime()).toString().slice(-1)); - let retry_temp = Math.min(apiRetryCap, (apiRetryBackoff * (retryExponential + timestamp) ** retryCount)); - let retry_seconds = Math.round(retry_temp/retryLeveler + Math.random(0, retry_temp) * 5000); - - console.log(`Trying ${callKey} again in: ${retry_seconds / 1000} seconds`); - retries.push({seconds: Math.round(retry_seconds/1000)}); - return retry_seconds; - }, - errorFilter: function(err) { - return helpers.collectRateError(err, rateError); - } - }, function(cb) { - executor[callKey](localParams, function(err, data) { - return cb(err, data); - }); - }, function(err, data){ - executorCb(err, data); + async.retry({ + times: apiRetryAttempts, + interval: function(retryCount){ + let retryExponential = 3; + let retryLeveler = 3; + let timestamp = parseInt(((new Date()).getTime()).toString().slice(-1)); + let retry_temp = Math.min(apiRetryCap, (apiRetryBackoff * (retryExponential + timestamp) ** retryCount)); + let retry_seconds = Math.round(retry_temp/retryLeveler + Math.random(0, retry_temp) * 5000); + + console.log(`Trying ${callKey} again in: ${retry_seconds / 1000} seconds`); + retries.push({seconds: Math.round(retry_seconds/1000)}); + return retry_seconds; + }, + errorFilter: function(err) { + return helpers.collectRateError(err, rateError); + } + }, function(cb) { + executor[callKey](localParams, function(err, data) { + return cb(err, data); }); - } else { - async.retry({ - times: apiRetryAttempts, - interval: function(retryCount){ - let retryExponential = 3; - let retryLeveler = 3; - let timestamp = parseInt(((new Date()).getTime()).toString().slice(-1)); - let retry_temp = Math.min(apiRetryCap, (apiRetryBackoff * (retryExponential + timestamp) ** retryCount)); - let retry_seconds = Math.round(retry_temp/retryLeveler + Math.random(0, retry_temp) * 5000); + }, function(err, data){ + executorCb(err, data); + }); - console.log(`Trying ${callKey} again in: ${retry_seconds / 1000} seconds`); - retries.push({seconds: Math.round(retry_seconds/1000)}); - return retry_seconds; - }, - errorFilter: function(err) { - return helpers.collectRateError(err, rateError); - } - }, function(cb) { - executor[callKey](function(err, data) { - return cb(err, data); - }); - }, function(err, data){ - executorCb(err, data); - }); - } } execute(); + } }, function() { helpers.debugApiCalls(callKey, serviceName, debugMode, true); @@ -276,6 +269,7 @@ var collect = function(AWSConfig, settings, callback) { async.eachOfLimit(helpers.postcallsMultipart[callsPart], 10, function(serviceObj, service, serviceCb) { var serviceName = service; var serviceLower = service.toLowerCase(); + var correctedServiceName= helpers.getCorrectServiceName(serviceName); var sendIntegration = helpers.postcallsMultipart[callsPart] && helpers.postcallsMultipart[callsPart][serviceName] && helpers.postcallsMultipart[callsPart][serviceName].sendIntegration ? helpers.postcallsMultipart[callsPart][serviceName].sendIntegration : false; var serviceIntegration = { enabled : sendIntegration && sendIntegration.enabled ? true : false, @@ -345,8 +339,8 @@ var collect = function(AWSConfig, settings, callback) { } }); } else { - var executor = debugMode ? (AWSXRay.captureAWSClient(new AWS[serviceName](LocalAWSConfig))) : new AWS[serviceName](LocalAWSConfig); - + const executorModule = helpers.requireServiceModule(serviceName); + const executor = debugMode ? (AWSXRay.captureAWSv3Client(new executorModule[correctedServiceName](LocalAWSConfig))) : new executorModule[correctedServiceName](LocalAWSConfig); if (!collection[callObj.reliesOnService][callObj.reliesOnCall][LocalAWSConfig.region] || !collection[callObj.reliesOnService][callObj.reliesOnCall][LocalAWSConfig.region].data) { return regionCb(); @@ -401,6 +395,7 @@ var collect = function(AWSConfig, settings, callback) { }, function() { regionCb(); }); + } }, function() { helpers.debugApiCalls(callKey, serviceName, debugMode, true); diff --git a/collectors/aws/connect/instanceAttachmentStorageConfigs.js b/collectors/aws/connect/instanceAttachmentStorageConfigs.js index 3d147ab582..b323549fdf 100644 --- a/collectors/aws/connect/instanceAttachmentStorageConfigs.js +++ b/collectors/aws/connect/instanceAttachmentStorageConfigs.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Connect +} = require('@aws-sdk/client-connect'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var connect = new AWS.Connect(AWSConfig); + var connect = new Connect(AWSConfig); async.eachLimit(collection.connect.listInstances[AWSConfig.region].data, 15, function(instance, cb){ collection.connect.instanceAttachmentStorageConfigs[AWSConfig.region][instance.Id] = {}; diff --git a/collectors/aws/connect/listInstanceCallRecordingStorageConfigs.js b/collectors/aws/connect/listInstanceCallRecordingStorageConfigs.js index 11bd731010..9238f1d2b5 100644 --- a/collectors/aws/connect/listInstanceCallRecordingStorageConfigs.js +++ b/collectors/aws/connect/listInstanceCallRecordingStorageConfigs.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Connect +} = require('@aws-sdk/client-connect'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var connect = new AWS.Connect(AWSConfig); + var connect = new Connect(AWSConfig); async.eachLimit(collection.connect.listInstances[AWSConfig.region].data, 15, function(instance, cb){ collection.connect.listInstanceCallRecordingStorageConfigs[AWSConfig.region][instance.Id] = {}; diff --git a/collectors/aws/connect/listInstanceChatTranscriptStorageConfigs.js b/collectors/aws/connect/listInstanceChatTranscriptStorageConfigs.js index b65aafe668..06ba47d32f 100644 --- a/collectors/aws/connect/listInstanceChatTranscriptStorageConfigs.js +++ b/collectors/aws/connect/listInstanceChatTranscriptStorageConfigs.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Connect +} = require('@aws-sdk/client-connect'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var connect = new AWS.Connect(AWSConfig); + var connect = new Connect(AWSConfig); async.eachLimit(collection.connect.listInstances[AWSConfig.region].data, 15, function(instance, cb){ collection.connect.listInstanceChatTranscriptStorageConfigs[AWSConfig.region][instance.Id] = {}; diff --git a/collectors/aws/connect/listInstanceExportedReportStorageConfigs.js b/collectors/aws/connect/listInstanceExportedReportStorageConfigs.js index 851b7ddf9a..e17c71456c 100644 --- a/collectors/aws/connect/listInstanceExportedReportStorageConfigs.js +++ b/collectors/aws/connect/listInstanceExportedReportStorageConfigs.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Connect +} = require('@aws-sdk/client-connect'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var connect = new AWS.Connect(AWSConfig); + var connect = new Connect(AWSConfig); async.eachLimit(collection.connect.listInstances[AWSConfig.region].data, 15, function(instance, cb){ collection.connect.listInstanceExportedReportStorageConfigs[AWSConfig.region][instance.Id] = {}; diff --git a/collectors/aws/connect/listInstanceMediaStreamStorageConfigs.js b/collectors/aws/connect/listInstanceMediaStreamStorageConfigs.js index 4873a4ebe2..c030fb11ca 100644 --- a/collectors/aws/connect/listInstanceMediaStreamStorageConfigs.js +++ b/collectors/aws/connect/listInstanceMediaStreamStorageConfigs.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Connect +} = require('@aws-sdk/client-connect'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var connect = new AWS.Connect(AWSConfig); + var connect = new Connect(AWSConfig); async.eachLimit(collection.connect.listInstances[AWSConfig.region].data, 15, function(instance, cb){ collection.connect.listInstanceMediaStreamStorageConfigs[AWSConfig.region][instance.Id] = {}; diff --git a/collectors/aws/dynamodb/describeContinuousBackups.js b/collectors/aws/dynamodb/describeContinuousBackups.js index d7884b6b22..858ca1a201 100644 --- a/collectors/aws/dynamodb/describeContinuousBackups.js +++ b/collectors/aws/dynamodb/describeContinuousBackups.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + DynamoDB +} = require('@aws-sdk/client-dynamodb'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var dynamodb = new AWS.DynamoDB(AWSConfig); + var dynamodb = new DynamoDB(AWSConfig); async.eachLimit(collection.dynamodb.listTables[AWSConfig.region].data, 15, function(table, cb){ collection.dynamodb.describeContinuousBackups[AWSConfig.region][table] = {}; diff --git a/collectors/aws/dynamodb/describeTable.js b/collectors/aws/dynamodb/describeTable.js index c6ab50676c..eb346e0fd5 100644 --- a/collectors/aws/dynamodb/describeTable.js +++ b/collectors/aws/dynamodb/describeTable.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + DynamoDB +} = require('@aws-sdk/client-dynamodb'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var dynamodb = new AWS.DynamoDB(AWSConfig); + var dynamodb = new DynamoDB(AWSConfig); async.eachLimit(collection.dynamodb.listTables[AWSConfig.region].data, 15, function(table, cb){ collection.dynamodb.describeTable[AWSConfig.region][table] = {}; diff --git a/collectors/aws/dynamodb/listBackups.js b/collectors/aws/dynamodb/listBackups.js index dd4138ed69..51f9682ead 100644 --- a/collectors/aws/dynamodb/listBackups.js +++ b/collectors/aws/dynamodb/listBackups.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + DynamoDB +} = require('@aws-sdk/client-dynamodb'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var dynamodb = new AWS.DynamoDB(AWSConfig); + var dynamodb = new DynamoDB(AWSConfig); async.eachLimit(collection.dynamodb.listTables[AWSConfig.region].data, 15, function(table, cb){ collection.dynamodb.listBackups[AWSConfig.region][table] = {}; diff --git a/collectors/aws/ec2/describeSnapshotAttribute.js b/collectors/aws/ec2/describeSnapshotAttribute.js index 8439c61db1..132031f963 100644 --- a/collectors/aws/ec2/describeSnapshotAttribute.js +++ b/collectors/aws/ec2/describeSnapshotAttribute.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + EC2 +} = require('@aws-sdk/client-ec2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ec2 = new AWS.EC2(AWSConfig); + var ec2 = new EC2(AWSConfig); async.eachLimit(collection.ec2.describeSnapshots[AWSConfig.region].data, 20, function(snapshot, cb){ collection.ec2.describeSnapshotAttribute[AWSConfig.region][snapshot.SnapshotId] = {}; diff --git a/collectors/aws/ec2/describeSnapshots.js b/collectors/aws/ec2/describeSnapshots.js index 11a65e4862..2334d6a0fb 100644 --- a/collectors/aws/ec2/describeSnapshots.js +++ b/collectors/aws/ec2/describeSnapshots.js @@ -1,4 +1,9 @@ -var AWS = require('aws-sdk'); +const { + EC2 +} = require('@aws-sdk/client-ec2'); +const { + STS +} = require('@aws-sdk/client-sts'); var helpers = require(__dirname + '/../../../helpers/aws'); // This call must be overridden because the @@ -6,8 +11,8 @@ var helpers = require(__dirname + '/../../../helpers/aws'); // available, including public ones module.exports = function(AWSConfig, collection, retries, callback) { - var ec2 = new AWS.EC2(AWSConfig); - var sts = new AWS.STS(AWSConfig); + var ec2 = new EC2(AWSConfig); + var sts = new STS(AWSConfig); var paginating = false; var maxSnapshots = 30000; // Limit the collection to 30,000 snapshots var createdTime = new Date(); diff --git a/collectors/aws/ec2/describeSubnets.js b/collectors/aws/ec2/describeSubnets.js index 0ecc6857c3..e8164a6f19 100644 --- a/collectors/aws/ec2/describeSubnets.js +++ b/collectors/aws/ec2/describeSubnets.js @@ -1,9 +1,12 @@ -var AWS = require('aws-sdk'); +const { + EC2 +} = require('@aws-sdk/client-ec2'); + var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ec2 = new AWS.EC2(AWSConfig); + var ec2 = new EC2(AWSConfig); async.eachLimit(collection.ec2.describeVpcs[AWSConfig.region].data, 15, function(vpc, cb){ collection.ec2.describeSubnets[AWSConfig.region][vpc.VpcId] = {}; diff --git a/collectors/aws/ecs/describeCluster.js b/collectors/aws/ecs/describeCluster.js index a539683097..d7b5af43ba 100644 --- a/collectors/aws/ecs/describeCluster.js +++ b/collectors/aws/ecs/describeCluster.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ECS +} = require('@aws-sdk/client-ecs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.ECS(AWSConfig); + var ecs = new ECS(AWSConfig); async.eachLimit(collection.ecs.listClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.ecs.describeCluster[AWSConfig.region][cluster] = {}; diff --git a/collectors/aws/ecs/describeContainerInstances.js b/collectors/aws/ecs/describeContainerInstances.js index a03285a20a..f235e467d5 100644 --- a/collectors/aws/ecs/describeContainerInstances.js +++ b/collectors/aws/ecs/describeContainerInstances.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ECS +} = require('@aws-sdk/client-ecs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.ECS(AWSConfig); + var ecs = new ECS(AWSConfig); async.eachOfLimit(collection.ecs.listContainerInstances[AWSConfig.region], 10, function(containerInstanceData,instance, cb){ async.eachLimit(containerInstanceData.data, 5, function(containerInstance, ccb){ diff --git a/collectors/aws/ecs/describeServices.js b/collectors/aws/ecs/describeServices.js index 87fa1d7034..bbae66fc99 100644 --- a/collectors/aws/ecs/describeServices.js +++ b/collectors/aws/ecs/describeServices.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ECS +} = require('@aws-sdk/client-ecs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.ECS(AWSConfig); + var ecs = new ECS(AWSConfig); async.eachOfLimit(collection.ecs.listServices[AWSConfig.region], 10, function(servicesData,instance, cb){ async.eachLimit(servicesData.data, 5, function(service, ccb){ diff --git a/collectors/aws/ecs/describeTasks.js b/collectors/aws/ecs/describeTasks.js index fad0738b3a..2ec22f8643 100644 --- a/collectors/aws/ecs/describeTasks.js +++ b/collectors/aws/ecs/describeTasks.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ECS +} = require('@aws-sdk/client-ecs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.ECS(AWSConfig); + var ecs = new ECS(AWSConfig); async.eachOfLimit(collection.ecs.listTasks[AWSConfig.region], 10, function(tasksData,instance, cb){ async.eachLimit(tasksData.data, 5, function(task, ccb){ diff --git a/collectors/aws/ecs/listContainerInstances.js b/collectors/aws/ecs/listContainerInstances.js index c7b9eb175e..153a994452 100644 --- a/collectors/aws/ecs/listContainerInstances.js +++ b/collectors/aws/ecs/listContainerInstances.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ECS +} = require('@aws-sdk/client-ecs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.ECS(AWSConfig); + var ecs = new ECS(AWSConfig); async.eachLimit(collection.ecs.listClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.ecs.listContainerInstances[AWSConfig.region][cluster] = {}; diff --git a/collectors/aws/ecs/listServices.js b/collectors/aws/ecs/listServices.js index 4898290ad1..bebd2d1726 100644 --- a/collectors/aws/ecs/listServices.js +++ b/collectors/aws/ecs/listServices.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ECS +} = require('@aws-sdk/client-ecs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.ECS(AWSConfig); + var ecs = new ECS(AWSConfig); async.eachLimit(collection.ecs.listClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.ecs.listServices[AWSConfig.region][cluster] = {}; diff --git a/collectors/aws/ecs/listTasks.js b/collectors/aws/ecs/listTasks.js index 082cad3ec9..531f6119ee 100644 --- a/collectors/aws/ecs/listTasks.js +++ b/collectors/aws/ecs/listTasks.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ECS +} = require('@aws-sdk/client-ecs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.ECS(AWSConfig); + var ecs = new ECS(AWSConfig); async.eachLimit(collection.ecs.listClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.ecs.listTasks[AWSConfig.region][cluster] = {}; diff --git a/collectors/aws/eks/describeCluster.js b/collectors/aws/eks/describeCluster.js index e5e485badc..c8c4be8e10 100644 --- a/collectors/aws/eks/describeCluster.js +++ b/collectors/aws/eks/describeCluster.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + EKS +} = require('@aws-sdk/client-eks'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var eks = new AWS.EKS(AWSConfig); + var eks = new EKS(AWSConfig); async.eachLimit(collection.eks.listClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.eks.describeCluster[AWSConfig.region][cluster] = {}; diff --git a/collectors/aws/eks/describeNodegroups.js b/collectors/aws/eks/describeNodegroups.js index bba92226ef..c98d2769f1 100644 --- a/collectors/aws/eks/describeNodegroups.js +++ b/collectors/aws/eks/describeNodegroups.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + EKS +} = require('@aws-sdk/client-eks'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var eks = new AWS.EKS(AWSConfig); + var eks = new EKS(AWSConfig); //var autoscaling = new AWS.AutoScaling(AWSConfig); async.eachLimit(collection.eks.listClusters[AWSConfig.region].data, 5, function(cluster, cb){ diff --git a/collectors/aws/eks/listNodegroups.js b/collectors/aws/eks/listNodegroups.js index 3679225bfb..e0582e7b5d 100644 --- a/collectors/aws/eks/listNodegroups.js +++ b/collectors/aws/eks/listNodegroups.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + EKS +} = require('@aws-sdk/client-eks'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var eks = new AWS.EKS(AWSConfig); + var eks = new EKS(AWSConfig); async.eachLimit(collection.eks.listClusters[AWSConfig.region].data, 10, function(cluster, cb){ collection.eks.listNodegroups[AWSConfig.region][cluster] = {}; diff --git a/collectors/aws/elasticache/describeCacheSubnetGroups.js b/collectors/aws/elasticache/describeCacheSubnetGroups.js index 41736b4956..c74ae74762 100644 --- a/collectors/aws/elasticache/describeCacheSubnetGroups.js +++ b/collectors/aws/elasticache/describeCacheSubnetGroups.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElastiCache +} = require('@aws-sdk/client-elasticache'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elasticache = new AWS.ElastiCache(AWSConfig); + var elasticache = new ElastiCache(AWSConfig); async.eachLimit(collection.elasticache.describeCacheClusters[AWSConfig.region].data, 15, function(cluster, cb){ collection.elasticache.describeCacheSubnetGroups[AWSConfig.region][cluster.CacheSubnetGroupName] = {}; diff --git a/collectors/aws/elasticbeanstalk/describeConfigurationSettings.js b/collectors/aws/elasticbeanstalk/describeConfigurationSettings.js index 287476cd50..7aa5b76717 100644 --- a/collectors/aws/elasticbeanstalk/describeConfigurationSettings.js +++ b/collectors/aws/elasticbeanstalk/describeConfigurationSettings.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticBeanstalk +} = require('@aws-sdk/client-elastic-beanstalk'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elasticbeanstalk = new AWS.ElasticBeanstalk(AWSConfig); + var elasticbeanstalk = new ElasticBeanstalk(AWSConfig); async.eachLimit(collection.elasticbeanstalk.describeEnvironments[AWSConfig.region].data, 15, function(environment, cb) { var params = { diff --git a/collectors/aws/elb/describeInstanceHealth.js b/collectors/aws/elb/describeInstanceHealth.js index d7bfa57ebd..6fa991eb59 100644 --- a/collectors/aws/elb/describeInstanceHealth.js +++ b/collectors/aws/elb/describeInstanceHealth.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancing +} = require('@aws-sdk/client-elastic-load-balancing'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELB(AWSConfig); + var elb = new ElasticLoadBalancing(AWSConfig); async.eachLimit(collection.elb.describeLoadBalancers[AWSConfig.region].data, 15, function(lb, cb){ collection.elb.describeInstanceHealth[AWSConfig.region][lb.DNSName] = {}; diff --git a/collectors/aws/elb/describeLoadBalancerAttributes.js b/collectors/aws/elb/describeLoadBalancerAttributes.js index 282ee9ef2b..2b8a1cd02a 100644 --- a/collectors/aws/elb/describeLoadBalancerAttributes.js +++ b/collectors/aws/elb/describeLoadBalancerAttributes.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancing +} = require('@aws-sdk/client-elastic-load-balancing'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELB(AWSConfig); + var elb = new ElasticLoadBalancing(AWSConfig); async.eachLimit(collection.elb.describeLoadBalancers[AWSConfig.region].data, 15, function(lb, cb){ collection.elb.describeLoadBalancerAttributes[AWSConfig.region][lb.DNSName] = {}; diff --git a/collectors/aws/elb/describeLoadBalancerPolicies.js b/collectors/aws/elb/describeLoadBalancerPolicies.js index e0c70dc934..5ec1726702 100644 --- a/collectors/aws/elb/describeLoadBalancerPolicies.js +++ b/collectors/aws/elb/describeLoadBalancerPolicies.js @@ -1,11 +1,13 @@ // TODO: re-visit this one -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancing +} = require('@aws-sdk/client-elastic-load-balancing'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELB(AWSConfig); + var elb = new ElasticLoadBalancing(AWSConfig); // Gather list of policies from load balancers var policies = []; diff --git a/collectors/aws/elb/describeTags.js b/collectors/aws/elb/describeTags.js index d673d44d4e..cc3ee46683 100644 --- a/collectors/aws/elb/describeTags.js +++ b/collectors/aws/elb/describeTags.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancing +} = require('@aws-sdk/client-elastic-load-balancing'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELB(AWSConfig); + var elb = new ElasticLoadBalancing(AWSConfig); async.eachLimit(collection.elb.describeLoadBalancers[AWSConfig.region].data, 15, function(lb, cb){ collection.elb.describeTags[AWSConfig.region][lb.LoadBalancerName] = {}; diff --git a/collectors/aws/elbv2/describeListeners.js b/collectors/aws/elbv2/describeListeners.js index 794a1fd53c..cebd6a817c 100644 --- a/collectors/aws/elbv2/describeListeners.js +++ b/collectors/aws/elbv2/describeListeners.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancingV2 +} = require('@aws-sdk/client-elastic-load-balancing-v2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELBv2(AWSConfig); + var elb = new ElasticLoadBalancingV2(AWSConfig); async.eachLimit(collection.elbv2.describeLoadBalancers[AWSConfig.region].data, 15, function(lb, cb){ collection.elbv2.describeListeners[AWSConfig.region][lb.DNSName] = {}; diff --git a/collectors/aws/elbv2/describeLoadBalancerAttributes.js b/collectors/aws/elbv2/describeLoadBalancerAttributes.js index 0e36f521a1..c936907b92 100644 --- a/collectors/aws/elbv2/describeLoadBalancerAttributes.js +++ b/collectors/aws/elbv2/describeLoadBalancerAttributes.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancingV2 +} = require('@aws-sdk/client-elastic-load-balancing-v2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELBv2(AWSConfig); + var elb = new ElasticLoadBalancingV2(AWSConfig); async.eachLimit(collection.elbv2.describeLoadBalancers[AWSConfig.region].data, 15, function(lb, cb){ collection.elbv2.describeLoadBalancerAttributes[AWSConfig.region][lb.DNSName] = {}; diff --git a/collectors/aws/elbv2/describeTags.js b/collectors/aws/elbv2/describeTags.js index cb41af06d0..8266f90618 100644 --- a/collectors/aws/elbv2/describeTags.js +++ b/collectors/aws/elbv2/describeTags.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancingV2 +} = require('@aws-sdk/client-elastic-load-balancing-v2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELBv2(AWSConfig); + var elb = new ElasticLoadBalancingV2(AWSConfig); async.eachLimit(collection.elbv2.describeLoadBalancers[AWSConfig.region].data, 15, function(lb, cb){ collection.elbv2.describeTags[AWSConfig.region][lb.DNSName] = {}; diff --git a/collectors/aws/elbv2/describeTargetGroups.js b/collectors/aws/elbv2/describeTargetGroups.js index 410b9a9ff7..78a3833009 100644 --- a/collectors/aws/elbv2/describeTargetGroups.js +++ b/collectors/aws/elbv2/describeTargetGroups.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ElasticLoadBalancingV2 +} = require('@aws-sdk/client-elastic-load-balancing-v2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var elb = new AWS.ELBv2(AWSConfig); + var elb = new ElasticLoadBalancingV2(AWSConfig); async.eachLimit(collection.elbv2.describeLoadBalancers[AWSConfig.region].data, 15, function(lb, cb){ collection.elbv2.describeTargetGroups[AWSConfig.region][lb.DNSName] = {}; diff --git a/collectors/aws/emr/describeSecurityConfiguration.js b/collectors/aws/emr/describeSecurityConfiguration.js index f919eb8da8..258327b139 100644 --- a/collectors/aws/emr/describeSecurityConfiguration.js +++ b/collectors/aws/emr/describeSecurityConfiguration.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + EMR +} = require('@aws-sdk/client-emr'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var emr = new AWS.EMR(AWSConfig); + var emr = new EMR(AWSConfig); async.eachLimit(collection.emr.listClusters[AWSConfig.region].data, 15, function(cluster, cb){ if (!collection.emr.describeCluster || diff --git a/collectors/aws/firehose/describeDeliveryStream.js b/collectors/aws/firehose/describeDeliveryStream.js index abebc7e57f..6300628911 100644 --- a/collectors/aws/firehose/describeDeliveryStream.js +++ b/collectors/aws/firehose/describeDeliveryStream.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Firehose +} = require('@aws-sdk/client-firehose'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var firehose = new AWS.Firehose(AWSConfig); + var firehose = new Firehose(AWSConfig); async.eachLimit(collection.firehose.listDeliveryStreams[AWSConfig.region].data, 15, function(deliverystream, cb){ collection.firehose.describeDeliveryStream[AWSConfig.region][deliverystream] = {}; diff --git a/collectors/aws/guardduty/describePublishingDestination.js b/collectors/aws/guardduty/describePublishingDestination.js index 897608ef16..f473c13730 100644 --- a/collectors/aws/guardduty/describePublishingDestination.js +++ b/collectors/aws/guardduty/describePublishingDestination.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + GuardDuty +} = require('@aws-sdk/client-guardduty'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var guardduty = new AWS.GuardDuty(AWSConfig); + var guardduty = new GuardDuty(AWSConfig); if (!collection.guardduty || !collection.guardduty.listDetectors || diff --git a/collectors/aws/guardduty/getDetector.js b/collectors/aws/guardduty/getDetector.js index b04b7c3d71..0af25b0890 100644 --- a/collectors/aws/guardduty/getDetector.js +++ b/collectors/aws/guardduty/getDetector.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + GuardDuty +} = require('@aws-sdk/client-guardduty'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var guardduty = new AWS.GuardDuty(AWSConfig); + var guardduty = new GuardDuty(AWSConfig); async.eachLimit(collection.guardduty.listDetectors[AWSConfig.region].data, 15, function(detectorId, cb) { collection.guardduty.getDetector[AWSConfig.region][detectorId] = {}; var params = { diff --git a/collectors/aws/guardduty/getFindings.js b/collectors/aws/guardduty/getFindings.js index 26132a0fa7..e1b8598474 100644 --- a/collectors/aws/guardduty/getFindings.js +++ b/collectors/aws/guardduty/getFindings.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + GuardDuty +} = require('@aws-sdk/client-guardduty'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var guardduty = new AWS.GuardDuty(AWSConfig); + var guardduty = new GuardDuty(AWSConfig); async.eachLimit(collection.guardduty.listDetectors[AWSConfig.region].data, 15, function(detectorId, dcb) { if (!collection.guardduty || !collection.guardduty.listFindings || diff --git a/collectors/aws/guardduty/getMasterAccount.js b/collectors/aws/guardduty/getMasterAccount.js index 2e399f38f0..0c71e9f815 100644 --- a/collectors/aws/guardduty/getMasterAccount.js +++ b/collectors/aws/guardduty/getMasterAccount.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + GuardDuty +} = require('@aws-sdk/client-guardduty'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var guardduty = new AWS.GuardDuty(AWSConfig); + var guardduty = new GuardDuty(AWSConfig); async.eachLimit(collection.guardduty.listDetectors[AWSConfig.region].data, 15, function(detectorId, cb) { collection.guardduty.getMasterAccount[AWSConfig.region][detectorId] = {}; var params = { diff --git a/collectors/aws/guardduty/listFindings.js b/collectors/aws/guardduty/listFindings.js index 7e2826f89f..37c3281046 100644 --- a/collectors/aws/guardduty/listFindings.js +++ b/collectors/aws/guardduty/listFindings.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + GuardDuty +} = require('@aws-sdk/client-guardduty'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var guardduty = new AWS.GuardDuty(AWSConfig); + var guardduty = new GuardDuty(AWSConfig); async.eachLimit(collection.guardduty.listDetectors[AWSConfig.region].data, 15, function(detectorId, cb) { collection.guardduty.listFindings[AWSConfig.region][detectorId] = {}; var params = { diff --git a/collectors/aws/guardduty/listPublishingDestinations.js b/collectors/aws/guardduty/listPublishingDestinations.js index e6d7f7a3b7..987461f30d 100644 --- a/collectors/aws/guardduty/listPublishingDestinations.js +++ b/collectors/aws/guardduty/listPublishingDestinations.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + GuardDuty +} = require('@aws-sdk/client-guardduty'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var guardduty = new AWS.GuardDuty(AWSConfig); + var guardduty = new GuardDuty(AWSConfig); async.eachLimit(collection.guardduty.listDetectors[AWSConfig.region].data, 15, function(detectorId, cb) { collection.guardduty.listPublishingDestinations[AWSConfig.region][detectorId] = {}; var params = { diff --git a/collectors/aws/iam/generateCredentialReport.js b/collectors/aws/iam/generateCredentialReport.js index 4ee1fdb2f3..75f319576d 100644 --- a/collectors/aws/iam/generateCredentialReport.js +++ b/collectors/aws/iam/generateCredentialReport.js @@ -1,22 +1,37 @@ -var AWS = require('aws-sdk'); +const { + IAM,GenerateCredentialReportCommand, GetCredentialReportCommand +} = require('@aws-sdk/client-iam'); var async = require('async'); module.exports = function(AWSConfig, collection, retries, callback) { - var iam = new AWS.IAM(AWSConfig); + var iam = new IAM(AWSConfig); - var generateCredentialReport = function(genCb) { - iam.generateCredentialReport(function(err, data) { - if ((err && err.code && err.code == 'ReportInProgress') || (data && data.State)) return genCb(); - if (err || !data || !data.State) return genCb(err || 'Unable to generate credential report'); - genCb(); - }); + const generateCredentialReport = function(genCb) { + iam.send(new GenerateCredentialReportCommand({})) + .then((data) => { + if (data && data.State) { + return genCb(); + } + return genCb(data.State || 'Unable to generate credential report'); + }) + .catch((err) => { + if (err.name === 'ReportInProgressException') { + return genCb(); + } + return genCb(err); + }); }; - var getCredentialReport = function(pingCb) { - iam.getCredentialReport(function(err, data) { - if (err || !data || !data.Content) return pingCb('Waiting for credential report'); - pingCb(null, data); - }); + const getCredentialReport = function(pingCb) { + const command = new GetCredentialReportCommand({}); + iam.send(command) + .then((data) => { + if (data && data.Content) { + return pingCb(null, data); + } + return pingCb('Waiting for credential report'); + }) + .catch((err) => pingCb(err)); }; async.retry({times: 10, interval: 5000}, generateCredentialReport, function(genErr){ @@ -32,7 +47,7 @@ module.exports = function(AWSConfig, collection, retries, callback) { } try { - var csvContent = reportData.Content.toString(); + var csvContent = String.fromCharCode(...reportData.Content.toString('utf-8').split(',').map(Number)); var csvRows = csvContent.split('\n'); } catch (e) { collection.iam.generateCredentialReport[AWSConfig.region].err = 'Error converting credential CSV to string: ' + e; diff --git a/collectors/aws/iam/getGroupPolicy.js b/collectors/aws/iam/getGroupPolicy.js index 95b2512819..71218b3de5 100644 --- a/collectors/aws/iam/getGroupPolicy.js +++ b/collectors/aws/iam/getGroupPolicy.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + IAM +} = require('@aws-sdk/client-iam'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var iam = new AWS.IAM(AWSConfig); + var iam = new IAM(AWSConfig); if (!collection.iam || !collection.iam.listGroups || diff --git a/collectors/aws/iam/getInstanceProfile.js b/collectors/aws/iam/getInstanceProfile.js index 453e2a78fa..e044e9de19 100644 --- a/collectors/aws/iam/getInstanceProfile.js +++ b/collectors/aws/iam/getInstanceProfile.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + IAM +} = require('@aws-sdk/client-iam'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var iam = new AWS.IAM(AWSConfig); + var iam = new IAM(AWSConfig); if (!collection.ec2 || !collection.ec2.describeInstances || diff --git a/collectors/aws/iam/getPolicyVersion.js b/collectors/aws/iam/getPolicyVersion.js index 70bb12a38f..feca709cbd 100644 --- a/collectors/aws/iam/getPolicyVersion.js +++ b/collectors/aws/iam/getPolicyVersion.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + IAM +} = require('@aws-sdk/client-iam'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var iam = new AWS.IAM(AWSConfig); + var iam = new IAM(AWSConfig); if (!collection.iam || !collection.iam.listPolicies || diff --git a/collectors/aws/iam/getRolePolicy.js b/collectors/aws/iam/getRolePolicy.js index 239d1e45a9..9ea4347a4f 100644 --- a/collectors/aws/iam/getRolePolicy.js +++ b/collectors/aws/iam/getRolePolicy.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + IAM +} = require('@aws-sdk/client-iam'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var iam = new AWS.IAM(AWSConfig); + var iam = new IAM(AWSConfig); if (!collection.iam || !collection.iam.listRoles || diff --git a/collectors/aws/iam/getUserPolicy.js b/collectors/aws/iam/getUserPolicy.js index d40a3a20d9..97ecf9cec4 100644 --- a/collectors/aws/iam/getUserPolicy.js +++ b/collectors/aws/iam/getUserPolicy.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + IAM +} = require('@aws-sdk/client-iam'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var iam = new AWS.IAM(AWSConfig); + var iam = new IAM(AWSConfig); if (!collection.iam || !collection.iam.listUsers || diff --git a/collectors/aws/iam/listRoles.js b/collectors/aws/iam/listRoles.js index c16f2a5c49..10fa2e6bbc 100644 --- a/collectors/aws/iam/listRoles.js +++ b/collectors/aws/iam/listRoles.js @@ -1,8 +1,10 @@ -var AWS = require('aws-sdk'); +const { + IAM +} = require('@aws-sdk/client-iam'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var iam = new AWS.IAM(AWSConfig); + var iam = new IAM(AWSConfig); collection.iam.listRoles[AWSConfig.region] = {}; var params = {}; diff --git a/collectors/aws/kinesis/describeStream.js b/collectors/aws/kinesis/describeStream.js index 31bcb0b1a1..4c4f96fcfd 100644 --- a/collectors/aws/kinesis/describeStream.js +++ b/collectors/aws/kinesis/describeStream.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Kinesis +} = require('@aws-sdk/client-kinesis'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var kinesis = new AWS.Kinesis(AWSConfig); + var kinesis = new Kinesis(AWSConfig); async.eachLimit(collection.kinesis.listStreams[AWSConfig.region].data, 15, function(stream, cb){ collection.kinesis.describeStream[AWSConfig.region][stream] = {}; diff --git a/collectors/aws/kms/getKeyPolicy.js b/collectors/aws/kms/getKeyPolicy.js index 4e562042f3..1d97d3f8cb 100644 --- a/collectors/aws/kms/getKeyPolicy.js +++ b/collectors/aws/kms/getKeyPolicy.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + KMS +} = require('@aws-sdk/client-kms'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var kms = new AWS.KMS(AWSConfig); + var kms = new KMS(AWSConfig); async.eachLimit(collection.kms.listKeys[AWSConfig.region].data, 15, function(key, cb){ collection.kms.getKeyPolicy[AWSConfig.region][key.KeyId] = {}; diff --git a/collectors/aws/kms/listGrants.js b/collectors/aws/kms/listGrants.js index 4272e478b5..c7b813d0ed 100644 --- a/collectors/aws/kms/listGrants.js +++ b/collectors/aws/kms/listGrants.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + KMS +} = require('@aws-sdk/client-kms'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var kms = new AWS.KMS(AWSConfig); + var kms = new KMS(AWSConfig); async.eachLimit(collection.kms.listKeys[AWSConfig.region].data, 15, function(key, cb) { collection.kms.listGrants[AWSConfig.region][key.KeyId] = {}; var params = { diff --git a/collectors/aws/lexmodelsv2/describeBotAlias.js b/collectors/aws/lexmodelsv2/describeBotAlias.js index fb6c951af8..855d4bf4e9 100644 --- a/collectors/aws/lexmodelsv2/describeBotAlias.js +++ b/collectors/aws/lexmodelsv2/describeBotAlias.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + LexModelsV2 +} = require('@aws-sdk/client-lex-models-v2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var lexmodelsv2 = new AWS.LexModelsV2(AWSConfig); + var lexmodelsv2 = new LexModelsV2(AWSConfig); if (!collection.lexmodelsv2 || !collection.lexmodelsv2.listBots || diff --git a/collectors/aws/lookoutvision/describeModel.js b/collectors/aws/lookoutvision/describeModel.js index a3216bf2c2..f6cf78cdc8 100644 --- a/collectors/aws/lookoutvision/describeModel.js +++ b/collectors/aws/lookoutvision/describeModel.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + LookoutVision +} = require('@aws-sdk/client-lookoutvision'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var lookoutvision = new AWS.LookoutVision(AWSConfig); + var lookoutvision = new LookoutVision(AWSConfig); if (!collection.lookoutvision || !collection.lookoutvision.listProjects || diff --git a/collectors/aws/managedblockchain/getMember.js b/collectors/aws/managedblockchain/getMember.js index 17b99ffe65..1a5bf5754a 100644 --- a/collectors/aws/managedblockchain/getMember.js +++ b/collectors/aws/managedblockchain/getMember.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + ManagedBlockchain +} = require('@aws-sdk/client-managedblockchain'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var managedblockchain = new AWS.ManagedBlockchain(AWSConfig); + var managedblockchain = new ManagedBlockchain(AWSConfig); if (!collection.managedblockchain || !collection.managedblockchain.listNetworks || diff --git a/collectors/aws/mwaa/getEnvironment.js b/collectors/aws/mwaa/getEnvironment.js index 9d992a124b..b617de9612 100644 --- a/collectors/aws/mwaa/getEnvironment.js +++ b/collectors/aws/mwaa/getEnvironment.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + MWAA +} = require('@aws-sdk/client-mwaa'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var mwaa = new AWS.MWAA(AWSConfig); + var mwaa = new MWAA(AWSConfig); async.eachLimit(collection.mwaa.listEnvironments[AWSConfig.region].data, 15, function(env, cb){ collection.mwaa.getEnvironment[AWSConfig.region][env] = {}; diff --git a/collectors/aws/opensearchserverless/getEncryptionSecurityPolicy.js b/collectors/aws/opensearchserverless/getEncryptionSecurityPolicy.js index 8944a652cd..af0392b9ac 100644 --- a/collectors/aws/opensearchserverless/getEncryptionSecurityPolicy.js +++ b/collectors/aws/opensearchserverless/getEncryptionSecurityPolicy.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + OpenSearchServerless +} = require('@aws-sdk/client-opensearchserverless'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.OpenSearchServerless(AWSConfig); + var ecs = new OpenSearchServerless(AWSConfig); async.eachLimit(collection.opensearchserverless.listEncryptionSecurityPolicies[AWSConfig.region].data, 10, function(policy, cb){ collection.opensearchserverless.getEncryptionSecurityPolicy[AWSConfig.region][policy.name] = {}; diff --git a/collectors/aws/opensearchserverless/getNetworkSecurityPolicy.js b/collectors/aws/opensearchserverless/getNetworkSecurityPolicy.js index cc87011fcf..6d10557266 100644 --- a/collectors/aws/opensearchserverless/getNetworkSecurityPolicy.js +++ b/collectors/aws/opensearchserverless/getNetworkSecurityPolicy.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + OpenSearchServerless +} = require('@aws-sdk/client-opensearchserverless'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ecs = new AWS.OpenSearchServerless(AWSConfig); + var ecs = new OpenSearchServerless(AWSConfig); async.eachLimit(collection.opensearchserverless.listNetworkSecurityPolicies[AWSConfig.region].data, 10, function(policy, cb){ collection.opensearchserverless.getNetworkSecurityPolicy[AWSConfig.region][policy.name] = {}; var params = { diff --git a/collectors/aws/opensearchserverless/listEncryptionSecurityPolicies.js b/collectors/aws/opensearchserverless/listEncryptionSecurityPolicies.js index 590dbc71dc..7fdf03d4c3 100644 --- a/collectors/aws/opensearchserverless/listEncryptionSecurityPolicies.js +++ b/collectors/aws/opensearchserverless/listEncryptionSecurityPolicies.js @@ -1,8 +1,10 @@ -var AWS = require('aws-sdk'); +const { + OpenSearchServerless +} = require('@aws-sdk/client-opensearchserverless'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var opensearch = new AWS.OpenSearchServerless(AWSConfig); + var opensearch = new OpenSearchServerless(AWSConfig); collection.opensearchserverless.listEncryptionSecurityPolicies[AWSConfig.region] = {}; let params = { type: 'encryption' diff --git a/collectors/aws/opensearchserverless/listNetworkSecurityPolicies.js b/collectors/aws/opensearchserverless/listNetworkSecurityPolicies.js index f1f55ca919..72ffb63d4d 100644 --- a/collectors/aws/opensearchserverless/listNetworkSecurityPolicies.js +++ b/collectors/aws/opensearchserverless/listNetworkSecurityPolicies.js @@ -1,8 +1,10 @@ -var AWS = require('aws-sdk'); +const { + OpenSearchServerless +} = require('@aws-sdk/client-opensearchserverless'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var opensearch = new AWS.OpenSearchServerless(AWSConfig); + var opensearch = new OpenSearchServerless(AWSConfig); collection.opensearchserverless.listNetworkSecurityPolicies[AWSConfig.region] = {}; let params = { type: 'network' diff --git a/collectors/aws/rds/describeDBParameters.js b/collectors/aws/rds/describeDBParameters.js index 5cf608fa16..c5cc22be7a 100644 --- a/collectors/aws/rds/describeDBParameters.js +++ b/collectors/aws/rds/describeDBParameters.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + RDS +} = require('@aws-sdk/client-rds'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var rds = new AWS.RDS(AWSConfig); + var rds = new RDS(AWSConfig); async.eachLimit(collection.rds.describeDBParameterGroups[AWSConfig.region].data, 15, function(group, cb) { collection.rds.describeDBParameters[AWSConfig.region][group.DBParameterGroupName] = {}; var params = { diff --git a/collectors/aws/s3/index.js b/collectors/aws/s3/index.js index bbcac26df5..bfee439a4d 100644 --- a/collectors/aws/s3/index.js +++ b/collectors/aws/s3/index.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + S3 +} = require('@aws-sdk/client-s3'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(callKey, forceCloudTrail, AWSConfig, collection, retries, callback) { - var s3 = new AWS.S3(AWSConfig); + var s3 = new S3(AWSConfig); var knownBuckets = []; @@ -51,7 +53,7 @@ module.exports = function(callKey, forceCloudTrail, AWSConfig, collection, retri var altAWSConfig = JSON.parse(JSON.stringify(AWSConfig)); altAWSConfig.region = locData.LocationConstraint; - var s3Alt = new AWS.S3(altAWSConfig); + var s3Alt = new S3(altAWSConfig); s3Alt[callKey]({Bucket:bucket}, function(altErr, altData){ if (altErr) { diff --git a/collectors/aws/s3control/getPublicAccessBlock.js b/collectors/aws/s3control/getPublicAccessBlock.js index 0ea179f5f1..ef4c666fbe 100644 --- a/collectors/aws/s3control/getPublicAccessBlock.js +++ b/collectors/aws/s3control/getPublicAccessBlock.js @@ -1,8 +1,10 @@ -var AWS = require('aws-sdk'); +const { + S3Control +} = require('@aws-sdk/client-s3-control'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var s3control = new AWS.S3Control(AWSConfig); + var s3control = new S3Control(AWSConfig); var accountId = collection.sts.getCallerIdentity[AWSConfig.region].data; collection.s3control.getPublicAccessBlock[AWSConfig.region][accountId] = {}; diff --git a/collectors/aws/ses/getIdentityDkimAttributes.js b/collectors/aws/ses/getIdentityDkimAttributes.js index 3e51064970..993eeb8dd0 100644 --- a/collectors/aws/ses/getIdentityDkimAttributes.js +++ b/collectors/aws/ses/getIdentityDkimAttributes.js @@ -1,8 +1,10 @@ -var AWS = require('aws-sdk'); +const { + SES +} = require('@aws-sdk/client-ses'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ses = new AWS.SES(AWSConfig); + var ses = new SES(AWSConfig); collection.ses.getIdentityDkimAttributes[AWSConfig.region] = {}; var identities = collection.ses.listIdentities[AWSConfig.region].data; diff --git a/collectors/aws/sqs/getQueueAttributes.js b/collectors/aws/sqs/getQueueAttributes.js index b85e355c25..b36f639b1b 100644 --- a/collectors/aws/sqs/getQueueAttributes.js +++ b/collectors/aws/sqs/getQueueAttributes.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + SQS +} = require('@aws-sdk/client-sqs'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var sqs = new AWS.SQS(AWSConfig); + var sqs = new SQS(AWSConfig); async.eachLimit(collection.sqs.listQueues[AWSConfig.region].data, 15, function(queue, cb){ collection.sqs.getQueueAttributes[AWSConfig.region][queue] = {}; diff --git a/collectors/aws/ssm/describeParameters.js b/collectors/aws/ssm/describeParameters.js index 4c7eb39321..7250f3c880 100644 --- a/collectors/aws/ssm/describeParameters.js +++ b/collectors/aws/ssm/describeParameters.js @@ -1,8 +1,10 @@ -var AWS = require('aws-sdk'); +const { + SSM +} = require('@aws-sdk/client-ssm'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var ssm = new AWS.SSM(AWSConfig); + var ssm = new SSM(AWSConfig); collection.ssm.describeParameters[AWSConfig.region] = {}; var params = {}; diff --git a/collectors/aws/support/describeTrustedAdvisorCheckResult.js b/collectors/aws/support/describeTrustedAdvisorCheckResult.js index 76ed78cd1e..a4ec4012a3 100644 --- a/collectors/aws/support/describeTrustedAdvisorCheckResult.js +++ b/collectors/aws/support/describeTrustedAdvisorCheckResult.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + Support +} = require('@aws-sdk/client-support'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var support = new AWS.Support(AWSConfig); + var support = new Support(AWSConfig); async.eachLimit(collection.support.describeTrustedAdvisorChecks[AWSConfig.region].data, 15, function(check, cb) { collection.support.describeTrustedAdvisorChecks[AWSConfig.region][check] = {}; diff --git a/collectors/aws/wafregional/listResourcesForWebACL.js b/collectors/aws/wafregional/listResourcesForWebACL.js index c1728c507d..7225a0098e 100644 --- a/collectors/aws/wafregional/listResourcesForWebACL.js +++ b/collectors/aws/wafregional/listResourcesForWebACL.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + WAFRegional +} = require('@aws-sdk/client-waf-regional'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var wafregional = new AWS.WAFRegional(AWSConfig); + var wafregional = new WAFRegional(AWSConfig); async.eachLimit(collection.wafregional.listWebACLs[AWSConfig.region].data, 15, function(dep, depCb){ async.eachLimit(['APPLICATION_LOAD_BALANCER', 'API_GATEWAY'], 1, function(thisCheck, tcCb){ if (!collection['wafregional']['listResourcesForWebACL'][AWSConfig.region][dep['WebACLId']]) collection['wafregional']['listResourcesForWebACL'][AWSConfig.region][dep['WebACLId']] = {}; diff --git a/collectors/aws/wafv2/getWebACL.js b/collectors/aws/wafv2/getWebACL.js index e2ed82a7c1..35a3bccac7 100644 --- a/collectors/aws/wafv2/getWebACL.js +++ b/collectors/aws/wafv2/getWebACL.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + WAFV2 +} = require('@aws-sdk/client-wafv2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var wafv2 = new AWS.WAFV2(AWSConfig); + var wafv2 = new WAFV2(AWSConfig); async.eachLimit(collection.wafv2.listWebACLs[AWSConfig.region].data, 15, function(acl, cb){ var params = { diff --git a/collectors/aws/wafv2/getWebACLForCognitoUserPool.js b/collectors/aws/wafv2/getWebACLForCognitoUserPool.js index 756032c4d8..be5447715d 100644 --- a/collectors/aws/wafv2/getWebACLForCognitoUserPool.js +++ b/collectors/aws/wafv2/getWebACLForCognitoUserPool.js @@ -1,13 +1,15 @@ -var AWS = require('aws-sdk'); +const { + WAFV2 +} = require('@aws-sdk/client-wafv2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var wafv2 = new AWS.WAFV2(AWSConfig); + var wafv2 = new WAFV2(AWSConfig); var region = 'us-east-1'; var partition = 'aws'; - if (wafv2.endpoint.hostname.includes('gov')){ + if (wafv2 && wafv2.endpoint && wafv2.endpoint.hostname.includes('gov')){ region = 'us-gov-west-1'; partition = 'aws-us-gov'; } diff --git a/collectors/aws/wafv2/listResourcesForWebACL.js b/collectors/aws/wafv2/listResourcesForWebACL.js index 711a45dbef..118a957583 100644 --- a/collectors/aws/wafv2/listResourcesForWebACL.js +++ b/collectors/aws/wafv2/listResourcesForWebACL.js @@ -1,9 +1,11 @@ -var AWS = require('aws-sdk'); +const { + WAFV2 +} = require('@aws-sdk/client-wafv2'); var async = require('async'); var helpers = require(__dirname + '/../../../helpers/aws'); module.exports = function(AWSConfig, collection, retries, callback) { - var wafv2 = new AWS.WAFV2(AWSConfig); + var wafv2 = new WAFV2(AWSConfig); async.eachLimit(collection.wafv2.listWebACLs[AWSConfig.region].data, 15, function(dep, depCb){ async.eachLimit(['APPLICATION_LOAD_BALANCER', 'API_GATEWAY'], 1, function(thisCheck, tcCb){ if (!collection['wafv2']['listResourcesForWebACL'][AWSConfig.region][dep['ARN']]) collection['wafv2']['listResourcesForWebACL'][AWSConfig.region][dep['ARN']] = {}; diff --git a/engine.js b/engine.js index e10dd5c229..40980b48ec 100644 --- a/engine.js +++ b/engine.js @@ -3,6 +3,7 @@ var exports = require('./exports.js'); var suppress = require('./postprocess/suppress.js'); var output = require('./postprocess/output.js'); var azureHelper = require('./helpers/azure/auth.js'); +const awsClients = require('./helpers/aws/clients.js'); function runAuth(settings, remediateConfig, callback) { if (settings.cloud && settings.cloud == 'azure') { @@ -85,14 +86,15 @@ var engine = function(cloudConfig, settings) { console.log('INFO: Determining API calls to make...'); var skippedPlugins = []; + var allApiCalls = []; Object.entries(plugins).forEach(function(p){ var pluginId = p[0]; var plugin = p[1]; - // Skip plugins that don't match the ID flag + // Skip plugins that don't match the specified list var skip = false; - if (settings.plugin && settings.plugin !== pluginId) { + if (settings.plugins && !settings.plugins.includes(pluginId)) { skip = true; } else { // Skip GitHub plugins that do not match the run type @@ -131,16 +133,32 @@ var engine = function(cloudConfig, settings) { } else { plugin.apis.forEach(function(api) { if (apiCalls.indexOf(api) === -1) apiCalls.push(api); + if (allApiCalls.indexOf(api) === -1) allApiCalls.push(api); }); // add the remediation api calls also for data to be collected if (settings.remediate && settings.remediate.includes(pluginId)){ plugin.apis_remediate.forEach(function(api) { if (apiCalls.indexOf(api) === -1) apiCalls.push(api); + if (allApiCalls.indexOf(api) === -1) allApiCalls.push(api); }); } } }); + if (settings.mocha && allApiCalls.length > 0) { + console.log('INFO: Checking if all clients are present for the API calls...'); + // Logic to check if all clients are present + allApiCalls.forEach(api => { + try { + var apiClient = api.split(':')[0]? api.split(':')[0].toLowerCase() : ''; + // eslint-disable-next-line no-unused-vars + const client = new awsClients[apiClient]; + } catch (err) { + console.error(`Client for API ${apiClient} is not installed.`); + } + }); + } + if (!apiCalls.length) return console.log('ERROR: Nothing to collect.'); console.log(`INFO: Found ${apiCalls.length} API calls to make for ${settings.cloud} plugins`); @@ -197,7 +215,7 @@ var engine = function(cloudConfig, settings) { if (suppressionFilter([key, results[r].region || 'any', results[r].resource || 'any'].join(':'))) { continue; } - + resultsObject[plugin.title].push(results[r]); var complianceMsg = []; @@ -210,10 +228,10 @@ var engine = function(cloudConfig, settings) { } complianceMsg = complianceMsg.join('; '); if (!complianceMsg.length) complianceMsg = null; - + // Write out the result (to console or elsewhere) outputHandler.writeResult(results[r], plugin, key, complianceMsg); - + // Add this to our tracking for the worst status to calculate // the exit code maximumStatus = Math.max(maximumStatus, results[r].status); @@ -234,11 +252,11 @@ var engine = function(cloudConfig, settings) { } } } - + } setTimeout(function() { pluginDone(err, maximumStatus); }, 0); }; - + if (plugin.asl && settings['run-asl']) { console.log(`INFO: Using custom ASL for plugin: ${plugin.title}`); // Inject APIs and resource maps @@ -248,11 +266,11 @@ var engine = function(cloudConfig, settings) { let aslRunner; try { aslRunner = require(`./helpers/asl/asl-${aslVersion}.js`); - + } catch (e) { postRun('Error: ASL: Wrong ASL Version: ', e); } - + aslRunner(collection, plugin.asl, resourceMap, postRun); } else { plugin.run(collection, settings, postRun); @@ -272,7 +290,7 @@ var engine = function(cloudConfig, settings) { console.log('INFO: Scan complete'); }); } - + if (settings.remediate && settings.remediate.length && cloudConfig.remediate) { runAuth(settings, cloudConfig.remediate, function(err) { if (err) return console.log(err); diff --git a/engine.spec.js b/engine.spec.js index 4faabcf89f..c97f759633 100644 --- a/engine.spec.js +++ b/engine.spec.js @@ -1,10 +1,15 @@ var engine = require('./engine'); - describe('engine', function () { - it('should run with no arguments', function () { - // Although we don't pass in anything, this is enough to test - // that our dependencies are actually installed. - engine({}, {cloud: 'aws'}); - }) + it('should run specific plugins and check clients', function (done) { + const cloudConfig = {}; + const settings = { + cloud: 'aws', + plugins: ['s3BucketHasTags', 'ec2HasTags','iamRolePolicies'], + mocha: true + }; + + engine(cloudConfig, settings); + done(); + }); }); diff --git a/exports.js b/exports.js index f83bb6a31b..824c5127a9 100644 --- a/exports.js +++ b/exports.js @@ -626,9 +626,6 @@ module.exports = { 'buildProjectEnvPriviligedMode' : require(__dirname + '/plugins/aws/codebuild/buildProjectEnvPriviligedMode.js'), 'codebuildProjectLoggingEnabled': require(__dirname + '/plugins/aws/codebuild/codebuildProjectLoggingEnabled.js'), - 'codestarValidRepoProviders' : require(__dirname + '/plugins/aws/codestar/codestarValidRepoProviders.js'), - 'codestarHasTags' : require(__dirname + '/plugins/aws/codestar/codestarHasTags.js'), - 'pipelineArtifactsEncrypted' : require(__dirname + '/plugins/aws/codepipeline/pipelineArtifactsEncrypted.js'), 'dataStoreEncrypted' : require(__dirname + '/plugins/aws/healthlake/dataStoreEncrypted.js'), @@ -895,7 +892,7 @@ module.exports = { 'azureServicesAccessDisabled' : require(__dirname + '/plugins/azure/postgresqlserver/azureServicesAccessDisabled.js'), 'postgresqlTlsVersion' : require(__dirname + '/plugins/azure/postgresqlserver/postgresqlTlsVersion.js'), 'postgresqlServerPublicAccess' : require(__dirname + '/plugins/azure/postgresqlserver/postgresqlServerPublicAccess.js'), - + 'postgresqlFlexibleServerPublicAccess': require(__dirname + '/plugins/azure/postgresqlserver/postgresqlFlexibleServerPublicAccess.js'), 'flexibleServerPrivateAccess' : require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerPrivateAccess'), 'diagnosticLoggingEnabled' : require(__dirname + '/plugins/azure/postgresqlserver/diagnosticLoggingEnabled.js'), 'flexibleServerLogDisconnections': require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerLogDisconnections.js'), @@ -907,7 +904,6 @@ module.exports = { 'flexibleServerLogDuration' : require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerLogDuration.js'), 'flexibleServerConnectionThrottle': require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerConnectionThrottle.js'), 'flexibleServerATP' : require(__dirname + '/plugins/azure/postgresqlserver/flexibleServerATP.js'), - 'postgresqlFlexibleServerPublicAccess': require(__dirname + '/plugins/azure/postgresqlserver/postgresqlFlexibleServerPublicAccess.js'), 'openOracleAutoDataWarehouse' : require(__dirname + '/plugins/azure/networksecuritygroups/openOracleAutoDataWarehouse.js'), 'nsgFlowLogsEnabled' : require(__dirname + '/plugins/azure/networksecuritygroups/nsgFlowLogsEnabled.js'), @@ -1087,7 +1083,7 @@ module.exports = { 'keyVaultsPrivateEndpoint' : require(__dirname + '/plugins/azure/keyvaults/keyVaultsPrivateEndpoint.js'), 'kvLogAnalyticsEnabled' : require(__dirname + '/plugins/azure/keyvaults/kvLogAnalyticsEnabled.js'), 'keyVaultPublicAccess' : require(__dirname + '/plugins/azure/keyvaults/keyVaultPublicAccess.js'), - + 'advancedThreatProtection' : require(__dirname + '/plugins/azure/cosmosdb/advancedThreatProtection.js'), 'cosmosdbDiagnosticLogs' : require(__dirname + '/plugins/azure/cosmosdb/cosmosdbDiagnosticLogs.js'), 'cosmosPublicAccessDisabled' : require(__dirname + '/plugins/azure/cosmosdb/cosmosPublicAccessDisabled.js'), @@ -1750,5 +1746,5 @@ module.exports = { 'securityAgentInstalled' : require(__dirname + '/plugins/alibaba/securitycenter/securityAgentInstalled.js'), 'securityNotificationsEnabled' : require(__dirname + '/plugins/alibaba/securitycenter/securityNotificationsEnabled.js'), 'vulnerabilityScanEnabled' : require(__dirname + '/plugins/alibaba/securitycenter/vulnerabilityScanEnabled.js') - } + } }; diff --git a/helpers/aws/clients.js b/helpers/aws/clients.js new file mode 100644 index 0000000000..8d3a809a2a --- /dev/null +++ b/helpers/aws/clients.js @@ -0,0 +1,211 @@ +const { AccessAnalyzer } = require ('@aws-sdk/client-accessanalyzer'); +const { ACM } = require('@aws-sdk/client-acm'); +const { APIGateway } = require('@aws-sdk/client-api-gateway'); +const { ApiGatewayV2 } = require('@aws-sdk/client-apigatewayv2'); +const { AppRunner } = require('@aws-sdk/client-apprunner'); +const { Athena } = require('@aws-sdk/client-athena'); +const { AuditManager } = require('@aws-sdk/client-auditmanager'); +const { AutoScaling } = require('@aws-sdk/client-auto-scaling'); +const { Backup } = require('@aws-sdk/client-backup'); +const { AppConfig } = require('@aws-sdk/client-appconfig'); +const { CloudFormation } = require('@aws-sdk/client-cloudformation'); +const { CognitoIdentityProvider } = require('@aws-sdk/client-cognito-identity-provider'); +const { Comprehend } = require('@aws-sdk/client-comprehend'); +const { ComputeOptimizer } = require('@aws-sdk/client-compute-optimizer'); +const { ConfigService } = require('@aws-sdk/client-config-service'); +const { STS } = require('@aws-sdk/client-sts'); +const { Bedrock } = require('@aws-sdk/client-bedrock'); +const { S3 } = require ('@aws-sdk/client-s3'); +const { DynamoDB } = require ('@aws-sdk/client-dynamodb'); +const { EC2 } = require('@aws-sdk/client-ec2'); +const { Lambda } = require('@aws-sdk/client-lambda'); +const { RDS } = require('@aws-sdk/client-rds'); +const { SNS } = require('@aws-sdk/client-sns'); +const { SQS } = require('@aws-sdk/client-sqs'); +const { IAM } = require('@aws-sdk/client-iam'); +const { CloudWatch } = require('@aws-sdk/client-cloudwatch'); +const { CloudFront } = require('@aws-sdk/client-cloudfront'); +const { CodeBuild } = require('@aws-sdk/client-codebuild'); +const { CustomerProfiles } = require('@aws-sdk/client-customer-profiles'); +const { Connect } = require('@aws-sdk/client-connect'); +const { DatabaseMigrationService } = require('@aws-sdk/client-database-migration-service'); +const { DevOpsGuru } = require('@aws-sdk/client-devops-guru'); +const { Route53 } = require('@aws-sdk/client-route-53'); +const { Route53Domains } = require('@aws-sdk/client-route-53-domains'); +const { WAFRegional } = require('@aws-sdk/client-waf-regional'); +const { WAF } = require('@aws-sdk/client-waf'); +const { CloudTrail } = require('@aws-sdk/client-cloudtrail'); +const { TimestreamWrite } = require('@aws-sdk/client-timestream-write'); +const { Redshift } = require('@aws-sdk/client-redshift'); +const { DocDB } = require('@aws-sdk/client-docdb'); +const { Neptune } = require('@aws-sdk/client-neptune'); +const { ElastiCache } = require('@aws-sdk/client-elasticache'); +const { MemoryDB } = require('@aws-sdk/client-memorydb'); +const { Kendra } = require('@aws-sdk/client-kendra'); +const { QLDB } = require('@aws-sdk/client-qldb'); +const { EFS } = require('@aws-sdk/client-efs'); +const { Glacier } = require('@aws-sdk/client-glacier'); +const { KMS } = require('@aws-sdk/client-kms'); +const { SecretsManager } = require('@aws-sdk/client-secrets-manager'); +const { CloudWatchLogs } = require('@aws-sdk/client-cloudwatch-logs'); +const { EventBridge } = require('@aws-sdk/client-eventbridge'); +const { AppMesh } = require('@aws-sdk/client-app-mesh'); +const { EMR } = require('@aws-sdk/client-emr'); +const { Codeartifact } = require('@aws-sdk/client-codeartifact'); +const { CodePipeline } = require('@aws-sdk/client-codepipeline'); +const { SSM } = require('@aws-sdk/client-ssm'); +const { SageMaker } = require('@aws-sdk/client-sagemaker'); +const { Proton } = require('@aws-sdk/client-proton'); +const { Organizations } = require('@aws-sdk/client-organizations'); +const { MWAA } = require('@aws-sdk/client-mwaa'); +const { ManagedBlockchain } = require('@aws-sdk/client-managedblockchain'); +const { LookoutVision } = require('@aws-sdk/client-lookoutvision'); +const { LookoutEquipment } = require('@aws-sdk/client-lookoutequipment'); +const { LookoutMetrics } = require('@aws-sdk/client-lookoutmetrics'); +const { Location } = require('@aws-sdk/client-location'); +const { LexModelsV2 } = require('@aws-sdk/client-lex-models-v2'); +const { KinesisVideo } = require('@aws-sdk/client-kinesis-video'); +const { DAX } = require('@aws-sdk/client-dax'); +const { ECR } = require('@aws-sdk/client-ecr'); +const { ECS } = require('@aws-sdk/client-ecs'); +const { EKS } = require('@aws-sdk/client-eks'); +const { ElasticBeanstalk } = require('@aws-sdk/client-elastic-beanstalk'); +const { ElasticTranscoder } = require('@aws-sdk/client-elastic-transcoder'); +const { ElasticLoadBalancing } = require('@aws-sdk/client-elastic-load-balancing'); +const { ElasticLoadBalancingV2 } = require('@aws-sdk/client-elastic-load-balancing-v2'); +const { Finspace } = require('@aws-sdk/client-finspace'); +const { Firehose } = require('@aws-sdk/client-firehose'); +const { Forecast } = require ('@aws-sdk/client-forecast'); +const { FraudDetector } = require('@aws-sdk/client-frauddetector'); +const { FSx } = require('@aws-sdk/client-fsx'); +const { Glue } = require('@aws-sdk/client-glue'); +const { DataBrew } = require('@aws-sdk/client-databrew'); +const { GuardDuty } = require('@aws-sdk/client-guardduty'); +const { HealthLake } = require('@aws-sdk/client-healthlake'); +const { Imagebuilder } = require('@aws-sdk/client-imagebuilder'); +const { IoTSiteWise } = require('@aws-sdk/client-iotsitewise'); +const { Kinesis } = require('@aws-sdk/client-kinesis'); +const { Mq } = require('@aws-sdk/client-mq'); +const { Kafka } = require ('@aws-sdk/client-kafka'); +const { OpenSearch } = require('@aws-sdk/client-opensearch'); +const { OpenSearchServerless } = require('@aws-sdk/client-opensearchserverless'); +const { SecurityHub } = require('@aws-sdk/client-securityhub'); +const { SES } = require ('@aws-sdk/client-ses'); +const { Shield } = require('@aws-sdk/client-shield'); +const { Transfer } = require('@aws-sdk/client-transfer'); +const { Translate } = require('@aws-sdk/client-translate'); +const { WAFV2 } = require('@aws-sdk/client-wafv2'); +const { WorkSpaces } = require('@aws-sdk/client-workspaces'); +const { XRay } = require('@aws-sdk/client-xray'); +const { Appflow } = require('@aws-sdk/client-appflow'); +const { DLM } = require('@aws-sdk/client-dlm'); +const { ResourceGroupsTaggingAPI } = require('@aws-sdk/client-resource-groups-tagging-api'); +const { VoiceID } = require('@aws-sdk/client-voice-id'); +const {Wisdom} = require('@aws-sdk/client-wisdom'); + +module.exports = { + s3: S3, + dynamodb: DynamoDB, + accessanalyzer: AccessAnalyzer, + ec2: EC2, + lambda: Lambda, + rds: RDS, + sns: SNS, + sqs: SQS, + iam: IAM, + cloudwatch: CloudWatch, + cloudfront: CloudFront, + route53: Route53, + route53domains: Route53Domains, + wafregional: WAFRegional, + waf: WAF, + cloudtrail: CloudTrail, + athena: Athena, + timestreamwrite: TimestreamWrite, + redshift: Redshift, + docdb: DocDB, + neptune: Neptune, + elasticache: ElastiCache, + memorydb: MemoryDB, + kendra: Kendra, + qldb: QLDB, + backup: Backup, + efs: EFS, + glacier: Glacier, + kms: KMS, + secretsmanager: SecretsManager, + cloudwatchlogs: CloudWatchLogs, + eventbridge: EventBridge, + appmesh: AppMesh, + apprunner: AppRunner, + autoscaling: AutoScaling, + emr: EMR, + codeartifact: Codeartifact, + codepipeline: CodePipeline, + connect: Connect, + dms: DatabaseMigrationService, + cloudformation: CloudFormation, + codebuild: CodeBuild, + ssm: SSM, + sagemaker: SageMaker, + proton: Proton, + organizations: Organizations, + mwaa: MWAA, + managedblockchain: ManagedBlockchain, + lookoutvision: LookoutVision, + lookoutequipment: LookoutEquipment, + lookoutmetrics: LookoutMetrics, + location: Location, + lexmodelsv2: LexModelsV2, + kinesisvideo: KinesisVideo, + acm: ACM, + apigateway: APIGateway, + apigatewayv2: ApiGatewayV2, + auditmanager: AuditManager, + bedrock: Bedrock, + cognitoidentityserviceprovider: CognitoIdentityProvider, + comprehend: Comprehend, + sts: STS, + computeoptimizer: ComputeOptimizer, + configservice: ConfigService, + customerprofiles: CustomerProfiles, + devopsguru: DevOpsGuru, + dax: DAX, + ecr: ECR, + ecs: ECS, + eks: EKS, + elasticbeanstalk: ElasticBeanstalk, + elastictranscoder: ElasticTranscoder, + elb: ElasticLoadBalancing, + elbv2: ElasticLoadBalancingV2, + finspace: Finspace, + firehose: Firehose, + frauddetector: FraudDetector, + fsx: FSx, + glue: Glue, + databrew: DataBrew, + guardduty: GuardDuty, + healthlake: HealthLake, + imagebuilder: Imagebuilder, + iotsitewise: IoTSiteWise, + kinesis: Kinesis, + mq: Mq, + kafka: Kafka, + opensearch: OpenSearch, + opensearchserverless: OpenSearchServerless, + securityhub: SecurityHub, + ses: SES, + shield: Shield, + transfer: Transfer, + translate: Translate, + wafv2: WAFV2, + workspaces: WorkSpaces, + xray: XRay, + appconfig: AppConfig, + appflow: Appflow, + dlm: DLM, + forecastservice: Forecast, + resourcegroupstaggingapi: ResourceGroupsTaggingAPI, + voiceid: VoiceID, + wisdom: Wisdom +}; diff --git a/helpers/aws/functions.js b/helpers/aws/functions.js index 4824e94f8e..211cffb98d 100644 --- a/helpers/aws/functions.js +++ b/helpers/aws/functions.js @@ -1,8 +1,18 @@ var async = require('async'); var regions = require(__dirname + '/regions'); -var AWS = require('aws-sdk'); var helpers = require('../shared.js'); +function requireServiceModule(serviceName) { + try { + // Use the mapping or default to the provided service name + const packageName = servicePackageMapping[serviceName] || serviceName.toLowerCase(); + return require(`@aws-sdk/client-${packageName}`); + } catch (error) { + console.log(`Module not found for service: ${serviceName}`); + return null; // Returning null to handle the case where the module is not found + } +} + function waitForCredentialReport(iam, callback, CREDENTIAL_DOWNLOAD_STARTED) { if (!CREDENTIAL_DOWNLOAD_STARTED) { iam.generateCredentialReport(function(err, data){ @@ -539,17 +549,22 @@ function getS3BucketLocation(cache, region, bucketName) { function remediatePlugin(config, call, params, callback) { var service = call.split(':')[0]; var callKey = call.split(':')[1]; - var executor = new AWS[service](config); + try { + const executorModule = requireServiceModule(service); + var executor = new executorModule[service](config); - var executorCb = function(err, data) { - if (err) { - return callback(err, null); - } else { - return callback(null, data); - } - }; + var executorCb = function(err, data) { + if (err) { + return callback(err, null); + } else { + return callback(null, data); + } + }; - executor[callKey](params, executorCb); + executor[callKey](params, executorCb); + } catch (error) { + console.error('Error during dynamic import:', error); + } } function nullArray(object) { @@ -1552,6 +1567,55 @@ var checkNetworkExposure = function(cache, source, subnets, securityGroups, elbs return internetExposed; }; + +const servicePackageMapping = { + // Add mappings for services with different package names + 'APIGateway': 'api-gateway', + 'AppMesh': 'app-mesh', + 'AutoScaling': 'auto-scaling', + 'ElasticBeanstalk': 'elastic-beanstalk', + 'ELB': 'elastic-load-balancing', + 'ELBv2': 'elastic-load-balancing-v2', + 'CognitoIdentityServiceProvider':'cognito-identity-provider', + 'ComputeOptimizer':'compute-optimizer', + 'ConfigService': 'config-service', + 'LexModelsV2': 'lex-models-v2', + 'S3Control': 's3-control', + 'WAFRegional': 'waf-regional', + 'CloudWatchLogs':'cloudwatch-logs', + 'DevOpsGuru':'devops-guru', + 'DMS': 'database-migration-service', + 'ElasticTranscoder': 'elastic-transcoder', + 'ForecastService': 'forecast', + 'KinesisVideo': 'kinesis-video', + 'Route53': 'route-53', + 'Route53Domains': 'route-53-domains', + 'SecretsManager':'secrets-manager', + 'TimestreamWrite':'timestream-write', + 'ResourceGroupsTaggingAPI': 'resource-groups-tagging-api', + 'ServiceQuotas': 'service-quotas', + 'CustomerProfiles' : 'customer-profiles', + 'VoiceID': 'voice-id' + // Add more mappings as needed +}; + +const customServiceMapping = { + // Add custom mappings for services with different case sensitivity + 'CodeArtifact': 'Codeartifact', + 'CognitoIdentityServiceProvider':'CognitoIdentityProvider', + 'DMS': 'DatabaseMigrationService', + 'ELB':'ElasticLoadBalancing', + 'ELBv2':'ElasticLoadBalancingV2', + 'ForecastService':'Forecast', + 'MQ': 'Mq' + // Add more custom mappings as needed +}; +function getCorrectServiceName(serviceName) { + return customServiceMapping[serviceName] || serviceName; +} + + + let getLambdaTargetELBs = function(cache, source, region) { let lambdaELBMap = {}; @@ -1652,7 +1716,10 @@ module.exports = { processFieldSelectors: processFieldSelectors, checkNetworkInterface: checkNetworkInterface, checkNetworkExposure: checkNetworkExposure, + getCorrectServiceName: getCorrectServiceName, + requireServiceModule: requireServiceModule, getAttachedELBs: getAttachedELBs, getLambdaTargetELBs + }; diff --git a/package.json b/package.json index 741c0ba80f..bf01344430 100644 --- a/package.json +++ b/package.json @@ -40,6 +40,114 @@ }, "dependencies": { "@alicloud/pop-core": "^1.7.10", + "@aws-sdk/client-accessanalyzer": "^3.441.0", + "@aws-sdk/client-acm": "^3.441.0", + "@aws-sdk/client-api-gateway": "^3.441.0", + "@aws-sdk/client-appflow": "^3.441.0", + "@aws-sdk/client-apprunner": "^3.441.0", + "@aws-sdk/client-athena": "^3.441.0", + "@aws-sdk/client-auditmanager": "^3.441.0", + "@aws-sdk/client-app-mesh": "^3.441.0", + "@aws-sdk/client-auto-scaling": "^3.441.0", + "@aws-sdk/client-appconfig": "^3.441.0", + "@aws-sdk/client-backup": "^3.441.0", + "@aws-sdk/client-bedrock": "^3.441.0", + "@aws-sdk/client-cloudformation": "^3.441.0", + "@aws-sdk/client-cloudfront": "^3.441.0", + "@aws-sdk/client-cloudtrail": "^3.441.0", + "@aws-sdk/client-cloudwatch": "^3.441.0", + "@aws-sdk/client-cloudwatch-logs": "^3.441.0", + "@aws-sdk/client-codebuild": "^3.444.0", + "@aws-sdk/client-codeartifact": "^3.444.0", + "@aws-sdk/client-codepipeline": "^3.444.0", + "@aws-sdk/client-codestar": "^3.444.0", + "@aws-sdk/client-cognito-identity-provider": "^3.444.0", + "@aws-sdk/client-comprehend": "^3.444.0", + "@aws-sdk/client-compute-optimizer": "^3.444.0", + "@aws-sdk/client-config-service": "^3.444.0", + "@aws-sdk/client-connect": "^3.444.0", + "@aws-sdk/client-customer-profiles": "^3.444.0", + "@aws-sdk/client-dax": "^3.441.0", + "@aws-sdk/client-databrew": "^3.441.0", + "@aws-sdk/client-database-migration-service": "^3.441.0", + "@aws-sdk/client-devops-guru": "^3.441.0", + "@aws-sdk/client-docdb": "^3.441.0", + "@aws-sdk/client-dynamodb": "^3.441.0", + "@aws-sdk/client-dlm": "^3.441.0", + "@aws-sdk/client-ec2": "^3.441.0", + "@aws-sdk/client-ecr": "^3.441.0", + "@aws-sdk/client-ecs": "^3.441.0", + "@aws-sdk/client-efs": "^3.441.0", + "@aws-sdk/client-eks": "^3.441.0", + "@aws-sdk/client-elastic-beanstalk": "^3.441.0", + "@aws-sdk/client-elastic-transcoder": "^3.441.0", + "@aws-sdk/client-elastic-load-balancing": "^3.441.0", + "@aws-sdk/client-elastic-load-balancing-v2": "^3.441.0", + "@aws-sdk/client-elasticache": "^3.441.0", + "@aws-sdk/client-emr": "^3.441.0", + "@aws-sdk/client-eventbridge": "^3.441.0", + "@aws-sdk/client-finspace": "^3.441.0", + "@aws-sdk/client-firehose": "^3.441.0", + "@aws-sdk/client-forecast": "^3.441.0", + "@aws-sdk/client-frauddetector": "^3.441.0", + "@aws-sdk/client-fsx": "^3.441.0", + "@aws-sdk/client-glue": "^3.441.0", + "@aws-sdk/client-guardduty": "^3.441.0", + "@aws-sdk/client-healthlake": "^3.441.0", + "@aws-sdk/client-iam": "^3.444.0", + "@aws-sdk/client-imagebuilder": "^3.441.0", + "@aws-sdk/client-iotsitewise": "^3.441.0", + "@aws-sdk/client-kendra": "^3.441.0", + "@aws-sdk/client-kinesis": "^3.441.0", + "@aws-sdk/client-kinesis-video": "^3.441.0", + "@aws-sdk/client-kms": "^3.441.0", + "@aws-sdk/client-lex-models-v2": "^3.441.0", + "@aws-sdk/client-lambda": "^3.441.0", + "@aws-sdk/client-location": "^3.441.0", + "@aws-sdk/client-lookoutequipment": "^3.441.0", + "@aws-sdk/client-lookoutmetrics": "^3.441.0", + "@aws-sdk/client-lookoutvision": "^3.441.0", + "@aws-sdk/client-managedblockchain": "^3.441.0", + "@aws-sdk/client-memorydb": "^3.441.0", + "@aws-sdk/client-mq": "^3.441.0", + "@aws-sdk/client-kafka": "^3.441.0", + "@aws-sdk/client-mwaa": "^3.444.0", + "@aws-sdk/client-neptune": "^3.441.0", + "@aws-sdk/client-opensearch": "^3.441.0", + "@aws-sdk/client-opensearchserverless": "^3.441.0", + "@aws-sdk/client-organizations": "^3.441.0", + "@aws-sdk/client-proton": "^3.441.0", + "@aws-sdk/client-qldb": "^3.441.0", + "@aws-sdk/client-rds": "^3.441.0", + "@aws-sdk/client-redshift": "^3.441.0", + "@aws-sdk/client-route-53": "^3.441.0", + "@aws-sdk/client-route-53-domains": "^3.441.0", + "@aws-sdk/client-s3": "^3.441.0", + "@aws-sdk/client-s3-control": "^3.441.0", + "@aws-sdk/client-glacier": "^3.441.0", + "@aws-sdk/client-sagemaker": "^3.441.0", + "@aws-sdk/client-secrets-manager": "^3.441.0", + "@aws-sdk/client-securityhub": "^3.441.0", + "@aws-sdk/client-ses": "^3.441.0", + "@aws-sdk/client-shield": "^3.441.0", + "@aws-sdk/client-sns": "^3.441.0", + "@aws-sdk/client-sqs": "^3.441.0", + "@aws-sdk/client-ssm": "^3.441.0", + "@aws-sdk/client-sts": "^3.441.0", + "@aws-sdk/client-service-quotas": "^3.441.0", + "@aws-sdk/client-support": "^3.441.0", + "@aws-sdk/client-timestream-write": "^3.441.0", + "@aws-sdk/client-transfer": "^3.441.0", + "@aws-sdk/client-translate": "^3.441.0", + "@aws-sdk/client-voice-id": "^3.441.0", + "@aws-sdk/client-waf": "^3.441.0", + "@aws-sdk/client-waf-regional": "^3.441.0", + "@aws-sdk/client-wafv2": "^3.441.0", + "@aws-sdk/client-workspaces": "^3.441.0", + "@aws-sdk/client-wisdom": "^3.441.0", + "@aws-sdk/client-xray": "^3.441.0", + "@aws-sdk/client-resource-groups-tagging-api": "^3.441.0", + "@aws-sdk/node-http-handler": "^3.374.0", "@azure/data-tables": "^13.2.2", "@azure/storage-file-share": "^12.14.0", "@azure/storage-queue": "^12.13.0", diff --git a/plugins/aws/computeoptimizer/asgOptimized.js b/plugins/aws/computeoptimizer/asgOptimized.js index 8656b3a2cd..0781bfb4ca 100644 --- a/plugins/aws/computeoptimizer/asgOptimized.js +++ b/plugins/aws/computeoptimizer/asgOptimized.js @@ -25,8 +25,8 @@ module.exports = { if (!getRecommendationSummaries) return rcb(); if (getRecommendationSummaries && getRecommendationSummaries.err && - getRecommendationSummaries.err.code && - getRecommendationSummaries.err.code.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ + getRecommendationSummaries.err.name && + getRecommendationSummaries.err.name.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ helpers.addResult(results, 0, 'Compute Optimizer is not enabled', region); return rcb(); diff --git a/plugins/aws/computeoptimizer/ebsVolumesOptimized.js b/plugins/aws/computeoptimizer/ebsVolumesOptimized.js index acb148e07b..6518f6dae6 100644 --- a/plugins/aws/computeoptimizer/ebsVolumesOptimized.js +++ b/plugins/aws/computeoptimizer/ebsVolumesOptimized.js @@ -25,8 +25,8 @@ module.exports = { if (!getRecommendationSummaries) return rcb(); if (getRecommendationSummaries && getRecommendationSummaries.err && - getRecommendationSummaries.err.code && - getRecommendationSummaries.err.code.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ + getRecommendationSummaries.err.name && + getRecommendationSummaries.err.name.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ helpers.addResult(results, 0, 'Compute Optimizer is not enabled', region); return rcb(); diff --git a/plugins/aws/computeoptimizer/ec2InstancesOptimized.js b/plugins/aws/computeoptimizer/ec2InstancesOptimized.js index 10d183ba8f..5c690c8a37 100644 --- a/plugins/aws/computeoptimizer/ec2InstancesOptimized.js +++ b/plugins/aws/computeoptimizer/ec2InstancesOptimized.js @@ -25,8 +25,8 @@ module.exports = { if (!getRecommendationSummaries) return rcb(); if (getRecommendationSummaries && getRecommendationSummaries.err && - getRecommendationSummaries.err.code && - getRecommendationSummaries.err.code.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ + getRecommendationSummaries.err.name && + getRecommendationSummaries.err.name.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ helpers.addResult(results, 0, 'Compute Optimizer is not enabled', region); return rcb(); diff --git a/plugins/aws/computeoptimizer/lambdaFunctionsOptimized.js b/plugins/aws/computeoptimizer/lambdaFunctionsOptimized.js index 85e80063a8..59a553168c 100644 --- a/plugins/aws/computeoptimizer/lambdaFunctionsOptimized.js +++ b/plugins/aws/computeoptimizer/lambdaFunctionsOptimized.js @@ -25,8 +25,8 @@ module.exports = { if (!getRecommendationSummaries) return rcb(); if (getRecommendationSummaries && getRecommendationSummaries.err && - getRecommendationSummaries.err.code && - getRecommendationSummaries.err.code.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ + getRecommendationSummaries.err.name && + getRecommendationSummaries.err.name.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ helpers.addResult(results, 0, 'Compute Optimizer is not enabled', region); return rcb(); diff --git a/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.js b/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.js index fe0799e4df..9f4b9577aa 100644 --- a/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.js +++ b/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.js @@ -24,8 +24,8 @@ module.exports = { if (!getRecommendationSummaries) return rcb(); - if (getRecommendationSummaries && getRecommendationSummaries.err && getRecommendationSummaries.err.code && - getRecommendationSummaries.err.code.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ + if (getRecommendationSummaries && getRecommendationSummaries.err && getRecommendationSummaries.err.name && + getRecommendationSummaries.err.name.toUpperCase() === 'OPTINREQUIREDEXCEPTION'){ helpers.addResult(results, 2, 'Compute Optimizer is not enabled', region); } else if (getRecommendationSummaries.err || !getRecommendationSummaries.data || diff --git a/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.spec.js b/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.spec.js index 59e1b679ef..da49545800 100644 --- a/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.spec.js +++ b/plugins/aws/computeoptimizer/optimizerRecommendationsEnabled.spec.js @@ -62,7 +62,7 @@ describe('optimizerRecommendationsEnabled', function () { }); it('should FAIL if Compute Optimizer is not enabled', function (done) { - const cache = createCache(null, { message: 'Aws account is not registered for recommendation.', code: 'OptInRequiredException' }); + const cache = createCache(null, { message: 'Aws account is not registered for recommendation.', name: 'OptInRequiredException' }); optimizerRecommendationsEnabled.run(cache, {}, (err, results) => { expect(results.length).to.equal(1); expect(results[0].status).to.equal(2); diff --git a/plugins/aws/securityhub/securityHubEnabled.js b/plugins/aws/securityhub/securityHubEnabled.js index ceeb221127..79a28bae73 100644 --- a/plugins/aws/securityhub/securityHubEnabled.js +++ b/plugins/aws/securityhub/securityHubEnabled.js @@ -23,7 +23,7 @@ module.exports = { if (!describeHub) return rcb(); - if (describeHub.err && describeHub.err.code === 'InvalidAccessException'){ + if (describeHub.err && describeHub.err.name === 'InvalidAccessException'){ helpers.addResult(results, 2, 'Security Hub is not enabled', region); } else if (describeHub.err || !describeHub.data) { helpers.addResult(results, 3, `Unable to query for Security Hub: ${helpers.addError(describeHub)}`, region); diff --git a/plugins/aws/securityhub/securityHubEnabled.spec.js b/plugins/aws/securityhub/securityHubEnabled.spec.js index 8e12111970..74d93c139f 100644 --- a/plugins/aws/securityhub/securityHubEnabled.spec.js +++ b/plugins/aws/securityhub/securityHubEnabled.spec.js @@ -40,7 +40,7 @@ describe('securityHubEnabled', function () { it('should FAIL if Security Hub is not enabled', function (done) { const errorMessage = 'InvalidAccessException'; - const cache = createCache(describeHub, { code: 'InvalidAccessException' }); + const cache = createCache(describeHub, { name: 'InvalidAccessException' }); securityHubEnabled.run(cache, {}, (err, results) => { expect(results.length).to.equal(1); expect(results[0].status).to.equal(2); diff --git a/plugins/aws/shield/shieldAdvancedEnabled.js b/plugins/aws/shield/shieldAdvancedEnabled.js index 340cb6a3af..ca774da217 100644 --- a/plugins/aws/shield/shieldAdvancedEnabled.js +++ b/plugins/aws/shield/shieldAdvancedEnabled.js @@ -23,8 +23,8 @@ module.exports = { if (!describeSubscription) return callback(null, results, source); if (describeSubscription.err && - describeSubscription.err.code && - describeSubscription.err.code == 'ResourceNotFoundException') { + describeSubscription.err.name && + describeSubscription.err.name == 'ResourceNotFoundException') { helpers.addResult(results, 2, 'Shield subscription is not enabled'); return callback(null, results, source); } diff --git a/plugins/aws/shield/shieldAdvancedEnabled.spec.js b/plugins/aws/shield/shieldAdvancedEnabled.spec.js index 4f71e151de..96b07c663e 100644 --- a/plugins/aws/shield/shieldAdvancedEnabled.spec.js +++ b/plugins/aws/shield/shieldAdvancedEnabled.spec.js @@ -28,7 +28,7 @@ describe('shieldAdvancedEnabled', function () { const cache = createCache( { "message": "The subscription does not exist.", - "code": "ResourceNotFoundException", + "name": "ResourceNotFoundException", "time": "2019-07-14T03:22:22.346Z", "requestId": "d88682d6-a71c-4529-9f8d-0370e2fe5be5", "statusCode": 400, diff --git a/plugins/aws/shield/shieldEmergencyContacts.js b/plugins/aws/shield/shieldEmergencyContacts.js index a7f1416c10..abdd4df252 100644 --- a/plugins/aws/shield/shieldEmergencyContacts.js +++ b/plugins/aws/shield/shieldEmergencyContacts.js @@ -23,8 +23,8 @@ module.exports = { if (!describeEmergencyContactSettings) return callback(null, results, source); if (describeEmergencyContactSettings.err && - describeEmergencyContactSettings.err.code && - describeEmergencyContactSettings.err.code == 'ResourceNotFoundException') { + describeEmergencyContactSettings.err.name && + describeEmergencyContactSettings.err.name == 'ResourceNotFoundException') { helpers.addResult(results, 2, 'Shield subscription is not enabled'); return callback(null, results, source); } diff --git a/plugins/aws/shield/shieldEmergencyContacts.spec.js b/plugins/aws/shield/shieldEmergencyContacts.spec.js index fba6fc10f9..08734098d8 100644 --- a/plugins/aws/shield/shieldEmergencyContacts.spec.js +++ b/plugins/aws/shield/shieldEmergencyContacts.spec.js @@ -28,7 +28,7 @@ describe('shieldEmergencyContacts', function () { const cache = createCache( { "message": "The subscription does not exist.", - "code": "ResourceNotFoundException", + "name": "ResourceNotFoundException", "time": "2019-07-14T03:22:22.346Z", "requestId": "d88682d6-a71c-4529-9f8d-0370e2fe5be5", "statusCode": 400, diff --git a/plugins/aws/shield/shieldProtections.js b/plugins/aws/shield/shieldProtections.js index a8be9b9200..90262c3a8b 100644 --- a/plugins/aws/shield/shieldProtections.js +++ b/plugins/aws/shield/shieldProtections.js @@ -23,8 +23,8 @@ module.exports = { if (!listProtections) return callback(null, results, source); if (listProtections.err && - listProtections.err.code && - listProtections.err.code == 'ResourceNotFoundException') { + listProtections.err.name && + listProtections.err.name == 'ResourceNotFoundException') { helpers.addResult(results, 2, 'Shield subscription is not enabled'); return callback(null, results, source); } diff --git a/plugins/aws/shield/shieldProtections.spec.js b/plugins/aws/shield/shieldProtections.spec.js index b987d56eb7..9fe0f892f6 100644 --- a/plugins/aws/shield/shieldProtections.spec.js +++ b/plugins/aws/shield/shieldProtections.spec.js @@ -28,7 +28,7 @@ describe('shieldProtections', function () { const cache = createCache( { "message": "The subscription does not exist.", - "code": "ResourceNotFoundException", + "name": "ResourceNotFoundException", "time": "2019-07-14T03:22:22.346Z", "requestId": "d88682d6-a71c-4529-9f8d-0370e2fe5be5", "statusCode": 400, From 27c31fb71aae7c6e848c6d9daeab3d95438b0ddc Mon Sep 17 00:00:00 2001 From: AkhtarAmir Date: Mon, 11 Aug 2025 18:46:40 +0000 Subject: [PATCH 2/2] open source changes for migration --- exports.js | 1 + 1 file changed, 1 insertion(+) diff --git a/exports.js b/exports.js index 824c5127a9..08715525e5 100644 --- a/exports.js +++ b/exports.js @@ -1748,3 +1748,4 @@ module.exports = { 'vulnerabilityScanEnabled' : require(__dirname + '/plugins/alibaba/securitycenter/vulnerabilityScanEnabled.js') } }; +