sg

package

v1.21.2 Latest Latest Go to latest Published: Jun 17, 2021 License: MIT Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/GoodwayGroup/gw-aws-audit

Links

Open Source Insights

Documentation ¶

Index ¶

func GenerateCIDRReport(c *cli.Context) error
func GenerateExternalAWSIPReport() error
func GenerateMappedEC2Report() error
func GeneratePortReport(c *cli.Context) error
func GetSecurityGroups(sgIDs []*string) (map[string]*SecurityGroup, error)
func ListAttachedSecurityGroups() error
func ListDetachedSecurityGroups() error
type AWSIPRanges
type AWSIPs
type IPv6Prefix
- func (p *IPv6Prefix) GetCIDR() (*net.IPNet, error)
type Prefix
- func (p *Prefix) GetCIDR() (*net.IPNet, error)
- func (p *Prefix) GetService() string
type SecurityGroup

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateCIDRReport ¶ added in v1.8.0

func GenerateCIDRReport(c *cli.Context) error

GenerateCIDRReport will generate a report of CIDR block exposure from Security Groups.

func GenerateExternalAWSIPReport ¶ added in v1.10.0

func GenerateExternalAWSIPReport() error

GenerateExternalAWSIPReport

func GenerateMappedEC2Report ¶ added in v1.11.0

func GenerateMappedEC2Report() error

func GeneratePortReport ¶ added in v1.9.0

func GeneratePortReport(c *cli.Context) error

GeneratePortReport will generate a report of PORT exposure from Security Groups.

func GetSecurityGroups ¶ added in v1.14.0

func GetSecurityGroups(sgIDs []*string) (map[string]*SecurityGroup, error)

GetSecurityGroups will retrieve a list of Security Group IDs with mapped ports

func ListAttachedSecurityGroups ¶

func ListAttachedSecurityGroups() error

ListAttachedSecurityGroups generates a report listing out all Security Groups that are attached to a Network Interface

func ListDetachedSecurityGroups ¶

func ListDetachedSecurityGroups() error

ListDetachedSecurityGroups generates a report listing out all Security Groups that are NOT attached to a Network Interface

Types ¶

type AWSIPRanges ¶ added in v1.10.0

type AWSIPRanges struct {
	SyncToken    string        `json:"syncToken"`
	CreateDate   string        `json:"createDate"`
	Prefixes     []*Prefix     `json:"prefixes"`
	IPv6Prefixes []*IPv6Prefix `json:"ipv6_prefixes"`
}

AWSIPRanges is the JSON struct used to parse the AWS IP Range file.

type AWSIPs ¶ added in v1.10.0

type AWSIPs struct {
	// contains filtered or unexported fields
}

AWSIPs is a

type IPv6Prefix ¶ added in v1.10.0

type IPv6Prefix struct {
	IPv6Prefix         string `json:"ipv6_prefix"`
	Region             string `json:"region"`
	NetworkBorderGroup string `json:"network_border_group"`
	Service            string `json:"service"`
}

IPv6Prefix is used with AWSIPRanges.

func (*IPv6Prefix) GetCIDR ¶ added in v1.10.0

func (p *IPv6Prefix) GetCIDR() (*net.IPNet, error)

GetCIDR will extract the IPPrefix as a CIDR definition.

type Prefix ¶ added in v1.10.0

type Prefix struct {
	IPPrefix           string `json:"ip_prefix"`
	Region             string `json:"region"`
	NetworkBorderGroup string `json:"network_border_group"`
	Service            string `json:"service"`
}

Prefix is used with AWSIPRanges.

func (*Prefix) GetCIDR ¶ added in v1.10.0

func (p *Prefix) GetCIDR() (*net.IPNet, error)

GetCIDR will extract the IPPrefix as a CIDR definition.

func (*Prefix) GetService ¶ added in v1.10.0

func (p *Prefix) GetService() string

GetService will extract the AWS service name that the IP is associated with.

type SecurityGroup ¶ added in v1.14.0

type SecurityGroup struct {
	// contains filtered or unexported fields
}

SecurityGroup defines the struct for common SG properties used by this tool.

func (*SecurityGroup) Attachments ¶ added in v1.14.0

func (s *SecurityGroup) Attachments() map[string]int

Attachments will return the map of Attachments

func (*SecurityGroup) GetAttachmentsAsString ¶ added in v1.14.0

func (s *SecurityGroup) GetAttachmentsAsString() string

GetAttachmentsAsString will return a formatted list of AWS attachments

func (*SecurityGroup) ID ¶ added in v1.14.0

func (s *SecurityGroup) ID() string

ID will return the SecurityGroup ID

func (*SecurityGroup) Name ¶ added in v1.14.0

func (s *SecurityGroup) Name() string

Name will return the SecurityGroup Name

func (SecurityGroup) ParseRuleToken ¶ added in v1.14.0

func (s SecurityGroup) ParseRuleToken(token string) (port string, protocol string, sgIDs string)

ParseRuleToken break the Rules token key from the Rules map and return the component parts of [port, protocol, security group IDs]

func (*SecurityGroup) Rules ¶ added in v1.14.0

func (s *SecurityGroup) Rules() map[string][]*ec2.IpRange

Rules will return the SecurityGroup Rules map

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL