Merge pull request #78 from enzowritescode/feature/aws-neptune

Feature/aws neptune
BishopFox · Mar 20, 2024 · b73cd90 · b73cd90
2 parents 125c1ea + ce03106
commit b73cd90
Show file tree

Hide file tree

Showing 8 changed files with 14 additions and 226 deletions.
diff --git a/aws/databases.go b/aws/databases.go
@@ -21,8 +21,6 @@ type DatabasesModule struct {
 	RDSClient      sdk.RDSClientInterface
 	RedshiftClient sdk.AWSRedShiftClientInterface
 	DynamoDBClient sdk.DynamoDBClientInterface
-	DocDBClient    sdk.DocDBClientInterface
-	NeptuneClient  sdk.NeptuneClientInterface
 
 	Caller        sts.GetCallerIdentityOutput
 	AWSRegions    []string
@@ -239,8 +237,6 @@ func (m *DatabasesModule) executeChecks(r string, wg *sync.WaitGroup, semaphore
 	m.executeRdsCheck(r, wg, semaphore, dataReceiver, serviceMap) // Also returns Neptune and DocDB
 	m.executeRedshiftCheck(r, wg, semaphore, dataReceiver, serviceMap)
 	m.executeDynamoDbCheck(r, wg, semaphore, dataReceiver, serviceMap)
-	//m.executeDocDbCheck(r, wg, semaphore, dataReceiver, serviceMap)
-	//m.executeNeptuneCheck(r, wg, semaphore, dataReceiver, serviceMap)
 }
 
 type check struct {
@@ -301,30 +297,6 @@ func (m *DatabasesModule) executeDynamoDbCheck(r string, wg *sync.WaitGroup, sem
 	})
 }
 
-func (m *DatabasesModule) executeDocDbCheck(r string, wg *sync.WaitGroup, semaphore chan struct{}, dataReceiver chan Database, servicemap *awsservicemap.AwsServiceMap) {
-	m.executeCheck(check{
-		region:       r,
-		wg:           wg,
-		semaphore:    semaphore,
-		dataReceiver: dataReceiver,
-		serviceMap:   servicemap,
-		service:      "docdb",
-		executor:     m.getDocDBTablesPerRegion,
-	})
-}
-
-func (m *DatabasesModule) executeNeptuneCheck(r string, wg *sync.WaitGroup, semaphore chan struct{}, dataReceiver chan Database, servicemap *awsservicemap.AwsServiceMap) {
-	m.executeCheck(check{
-		region:       r,
-		wg:           wg,
-		semaphore:    semaphore,
-		dataReceiver: dataReceiver,
-		serviceMap:   servicemap,
-		service:      "neptune",
-		executor:     m.getNeptuneDatabasesPerRegion,
-	})
-}
-
 func (m *DatabasesModule) writeLoot(outputDirectory string, verbosity int) string {
 	path := filepath.Join(outputDirectory, "loot")
 	f := filepath.Join(path, "databases-UrlsOnly.txt")
@@ -519,94 +491,6 @@ func (m *DatabasesModule) getDynamoDBTablesPerRegion(r string, wg *sync.WaitGrou
 	}
 }
 
-func (m *DatabasesModule) getDocDBTablesPerRegion(r string, wg *sync.WaitGroup, semaphore chan struct{}, dataReceiver chan Database) {
-	defer func() {
-		m.CommandCounter.Executing--
-		m.CommandCounter.Complete++
-		wg.Done()
-
-	}()
-	semaphore <- struct{}{}
-	defer func() {
-		<-semaphore
-	}()
-	// m.CommandCounter.Total++
-	m.CommandCounter.Pending--
-	m.CommandCounter.Executing++
-	awsService := "DocDB"
-
-	Clusters, err := sdk.CachedDocDBDescribeDBClusters(m.DocDBClient, aws.ToString(m.Caller.Account), r)
-	if err != nil {
-		m.modLog.Error(err.Error())
-		m.CommandCounter.Error++
-		return
-	}
-
-	for _, cluster := range Clusters {
-		name := aws.ToString(cluster.DBClusterIdentifier)
-
-		endpoint := aws.ToString(cluster.Endpoint)
-		port := aws.ToInt32(cluster.Port)
-		//size := aws.ToInt64(TableOutput.Table.TableSizeBytes)
-		userName := aws.ToString(cluster.MasterUsername)
-
-		dataReceiver <- Database{
-			AWSService: awsService,
-			Region:     r,
-			Name:       name,
-			Endpoint:   endpoint,
-			Port:       port,
-			UserName:   userName,
-			//Size:       strconv.Itoa(int(size)),
-		}
-	}
-}
-
-func (m *DatabasesModule) getNeptuneDatabasesPerRegion(r string, wg *sync.WaitGroup, semaphore chan struct{}, dataReceiver chan Database) {
-	defer func() {
-		m.CommandCounter.Executing--
-		m.CommandCounter.Complete++
-		wg.Done()
-
-	}()
-	semaphore <- struct{}{}
-	defer func() {
-		<-semaphore
-	}()
-	m.CommandCounter.Pending--
-	m.CommandCounter.Executing++
-
-	clusters, err := sdk.CachedNeptuneDescribeDBClusters(m.NeptuneClient, aws.ToString(m.Caller.Account), r)
-	if err != nil {
-		m.modLog.Error(err.Error())
-		m.CommandCounter.Error++
-		return
-	}
-
-	for _, cluster := range clusters {
-		if !isNeptune(cluster.Engine) {
-			continue
-		}
-
-		name := aws.ToString(cluster.DBClusterIdentifier)
-
-		endpoint := aws.ToString(cluster.Endpoint)
-		port := aws.ToInt32(cluster.Port)
-		userName := aws.ToString(cluster.MasterUsername)
-		engine := aws.ToString(cluster.Engine)
-
-		dataReceiver <- Database{
-			AWSService: "Neptune",
-			Region:     r,
-			Name:       name,
-			Engine:     engine,
-			Endpoint:   endpoint,
-			Port:       port,
-			UserName:   userName,
-		}
-	}
-}
-
 func isNeptune(engine *string) bool {
 	return *engine == "neptune"
 }

diff --git a/aws/databases_test.go b/aws/databases_test.go
@@ -25,7 +25,6 @@ func TestDatabasesCommand(t *testing.T) {
 		Goroutines:     3,
 		WrapTable:      false,
 		RDSClient:      &sdk.MockedRDSClient{},
-		NeptuneClient:  &sdk.MockedNeptuneClient{},
 		DynamoDBClient: &sdk.MockedAWSDynamoDBClient{},
 		RedshiftClient: &sdk.MockedRedshiftClient{},
 	}

diff --git a/aws/sdk/neptune.go b/aws/sdk/neptune.go
diff --git a/aws/sdk/neptune_mocks.go b/aws/sdk/neptune_mocks.go
diff --git a/cli/aws.go b/cli/aws.go
@@ -23,7 +23,6 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/codecommit"
 	"github.com/aws/aws-sdk-go-v2/service/codedeploy"
 	"github.com/aws/aws-sdk-go-v2/service/datapipeline"
-	"github.com/aws/aws-sdk-go-v2/service/docdb"
 	"github.com/aws/aws-sdk-go-v2/service/dynamodb"
 	"github.com/aws/aws-sdk-go-v2/service/ec2"
 	"github.com/aws/aws-sdk-go-v2/service/ecr"
@@ -42,7 +41,6 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/kinesis"
 	"github.com/aws/aws-sdk-go-v2/service/lambda"
 	"github.com/aws/aws-sdk-go-v2/service/lightsail"
-	"github.com/aws/aws-sdk-go-v2/service/neptune"
 	"github.com/aws/aws-sdk-go-v2/service/mq"
 	"github.com/aws/aws-sdk-go-v2/service/opensearch"
 	"github.com/aws/aws-sdk-go-v2/service/organizations"
@@ -741,8 +739,6 @@ func runDatabasesCommand(cmd *cobra.Command, args []string) {
 			RDSClient:      rds.NewFromConfig(AWSConfig),
 			RedshiftClient: redshift.NewFromConfig(AWSConfig),
 			DynamoDBClient: dynamodb.NewFromConfig(AWSConfig),
-			DocDBClient:    docdb.NewFromConfig(AWSConfig),
-			NeptuneClient:  neptune.NewFromConfig(AWSConfig),
 			Caller:         *caller,
 			AWSRegions:     internal.GetEnabledRegions(profile, cmd.Root().Version, AWSMFAToken),
 			AWSProfile:     profile,
@@ -1398,7 +1394,6 @@ func runAllChecksCommand(cmd *cobra.Command, args []string) {
 		codeCommitClient := codecommit.NewFromConfig(AWSConfig)
 		codeDeployClient := codedeploy.NewFromConfig(AWSConfig)
 		dataPipelineClient := datapipeline.NewFromConfig(AWSConfig)
-		docdbClient := docdb.NewFromConfig(AWSConfig)
 		dynamodbClient := dynamodb.NewFromConfig(AWSConfig)
 		ec2Client := ec2.NewFromConfig(AWSConfig)
 		ecrClient := ecr.NewFromConfig(AWSConfig)
@@ -1607,7 +1602,6 @@ func runAllChecksCommand(cmd *cobra.Command, args []string) {
 			RDSClient:      rdsClient,
 			RedshiftClient: redshiftClient,
 			DynamoDBClient: dynamodbClient,
-			DocDBClient:    docdbClient,
 			Caller:         *caller,
 			AWSProfile:     profile,
 			AWSRegions:     internal.GetEnabledRegions(profile, cmd.Root().Version, AWSMFAToken),

diff --git a/go.mod b/go.mod
@@ -52,6 +52,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/sts v1.26.6
 	github.com/aws/smithy-go v1.19.0
 	github.com/bishopfox/awsservicemap v1.0.3
+	github.com/bishopfox/knownawsaccountslookup v0.0.0-20231228165844-c37ef8df33cb
 	github.com/dominikbraun/graph v0.23.0
 	github.com/fatih/color v1.16.0
 	github.com/jedib0t/go-pretty v4.3.0+incompatible
@@ -64,8 +65,6 @@ require (
 )
 
 require (
-	github.com/aws/aws-sdk-go-v2/service/neptune v1.28.2 // indirect
-	github.com/bishopfox/knownawsaccountslookup v0.0.0-20231228165844-c37ef8df33cb // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )