Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(rds): add public command to generate report of publicly exposed RDS instances #20

Merged
merged 3 commits into from
Sep 30, 2020
Merged

feat(rds): add public command to generate report of publicly exposed RDS instances #20

merged 3 commits into from
Sep 30, 2020

Conversation

clok
Copy link
Contributor

@clok clok commented Sep 30, 2020

added the gw-aws-audit rds public command

Produces a report that displays a list RDS servers that are configured as Publicly Accessible.
The report contains:

DB INSTANCE:
    - Name of the instance
ENGINE:
    - RDS DB engine
SECURITY GROUPS:
    - Security Group ID
    - Security Group Name
    - Inbound Port
    - CIDR rules applied to the Port

Example output

┌─────────────────────────┬───────────────────┬──────────────────────────────────────────────────────────────────────────────────────────┐
│ DB INSTANCE             │ ENGINE            │ SECURITY GROUPS                                                                          │
├─────────────────────────┼───────────────────┼──────────────────────────────────────────────────────────────────────────────────────────┤
│ metadata-db-1234        │ postgres          │ sg-1234589313123    airflow-metadb-prod-v2-sg    5432                                    │
│                         │                   │                                                                                          │
│                         │                   │            10.176.50.0/24       10.176.51.0/24       10.176.52.0/24        10.176.0.0/16 │
│                         │                   │           10.176.1.233/32                                                                │
│                         │                   │                                                                                          │
│ ab-prod-db              │ aurora-postgresql │ sg-ac67ac8a    rds-launch-wizard-28    5432                                              │
│                         │                   │                                                                                          │
│                         │                   │             10.176.0.0/16                                                                │
│                         │                   │                                                                                          │
├─────────────────────────┼───────────────────┼──────────────────────────────────────────────────────────────────────────────────────────┤
│ DB INSTANCES            │ 2                 │                                                                                          │
└─────────────────────────┴───────────────────┴──────────────────────────────────────────────────────────────────────────────────────────┘

@clok clok added the feature New feature or request label Sep 30, 2020
@clok clok requested a review from paulojblack September 30, 2020 21:32
@clok clok self-assigned this Sep 30, 2020
@clok clok requested a review from nathanialg September 30, 2020 21:32
@clok clok requested review from jpiepkow and mrlannigan September 30, 2020 22:12
mrlannigan
mrlannigan approved these changes Sep 30, 2020
View reviewed changes
iam/get.go
case "Inactive":
summaryStats["inactiveKeys"] += 1
summaryStats["inactiveKeys"]++
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

eyes bleed

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know...... I know. It's something. The go community prefers this.

@clok clok merged commit 73fb4c3 into master Sep 30, 2020
@clok clok deleted the feat/rds-public branch September 30, 2020 22:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mrlannigan mrlannigan mrlannigan approved these changes

@paulojblack paulojblack Awaiting requested review from paulojblack

@nathanialg nathanialg Awaiting requested review from nathanialg

@jpiepkow jpiepkow Awaiting requested review from jpiepkow

Assignees

@clok clok

Labels
feature New feature or request
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@clok @mrlannigan