lib/aws_recon/collectors/s3.rb in aws_recon-0.2.17 vs lib/aws_recon/collectors/s3.rb in aws_recon-0.2.18
- old
+ new
@@ -27,20 +27,24 @@
# if you use a region other than the us-east-1 endpoint
# to create a bucket, you must set the location_constraint
# bucket parameter to the same region. (https://docs.aws.amazon.com/general/latest/gr/s3.html)
client = if location.empty?
+ struct.location = 'us-east-1'
@client
else
+ struct.location = location
Aws::S3::Client.new({ region: location })
end
operations = [
{ func: 'get_bucket_acl', key: 'acl', field: nil },
{ func: 'get_bucket_encryption', key: 'encryption', field: 'server_side_encryption_configuration' },
+ { func: 'get_bucket_replication', key: 'replication', field: 'replication_configuration' },
{ func: 'get_bucket_policy', key: 'policy', field: 'policy' },
{ func: 'get_bucket_policy_status', key: 'public', field: 'policy_status' },
+ { func: 'get_public_access_block', key: 'public_access_block', field: 'public_access_block_configuration' },
{ func: 'get_bucket_tagging', key: 'tagging', field: nil },
{ func: 'get_bucket_logging', key: 'logging', field: 'logging_enabled' },
{ func: 'get_bucket_versioning', key: 'versioning', field: nil },
{ func: 'get_bucket_website', key: 'website', field: nil }
]
@@ -49,11 +53,11 @@
op = OpenStruct.new(operation)
resp = client.send(op.func, { bucket: bucket.name })
struct[op.key] = if op.key == 'policy'
- resp.policy.string
+ JSON.parse(CGI.unescape(resp.policy.string))
else
op.field ? resp.send(op.field).to_h : resp.to_h
end
rescue Aws::S3::Errors::ServiceError => e
@@ -75,8 +79,10 @@
AccessDenied
ServerSideEncryptionConfigurationNotFoundError
NoSuchBucketPolicy
NoSuchTagSet
NoSuchWebsiteConfiguration
+ ReplicationConfigurationNotFoundError
+ NoSuchPublicAccessBlockConfiguration
]
end
end