Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(services): solve errors in EMR, RDS, S3 and VPC services #1913

Merged
merged 6 commits into from
Feb 21, 2023
Merged

fix(services): solve errors in EMR, RDS, S3 and VPC services #1913

merged 6 commits into from
Feb 21, 2023

Conversation

MrCloudSec
Copy link
Member

@MrCloudSec MrCloudSec commented Feb 15, 2023
edited
Loading

Description

Solve errors in S3 and VPC services:

VPC:
eu-west-1 -- KeyError[81]: 'CidrBlock'

S3:
local variable 'regional_client' referenced before assignment

RDS:
us-east-1 -- KeyError[57]: 'Endpoint'

EMR:
us-east-1 -- KeyError[109]: 'MasterPublicDnsName'

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@MrCloudSec MrCloudSec requested review from a team, toniblyx, jfagoagas and n4ch04 February 15, 2023 15:05
@MrCloudSec MrCloudSec changed the title fix(services): solve errors in S3 and VPC services fix(services): solve errors in RDS, S3 and VPC services Feb 16, 2023
@MrCloudSec MrCloudSec linked an issue Feb 16, 2023 that may be closed by this pull request
[Bug]: RDS checks fail when scanning an RDS instance in "creating" state #1906
Closed
jfagoagas
jfagoagas requested changes Feb 20, 2023
View reviewed changes
prowler/providers/aws/services/rds/rds_service.py
@@ -54,7 +54,7 @@ def __describe_db_instances__(self, regional_client):
self.db_instances.append(
DBInstance(
id=instance["DBInstanceIdentifier"],
endpoint=instance["Endpoint"]["Address"],
endpoint=instance.get("Endpoint"),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are you retrieving the Endpoint dict if you need the Address in the check?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because endpoint is a dictionary that contains the address and the port.

prowler/providers/aws/services/s3/s3_service.py Outdated
Comment on lines 80 to 86
try:
regional_client = self.regional_clients[bucket.region]
except Exception as error:
logger.error(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
try:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do you need two try blocks?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because the first try does not have the regional_client defined and the second one has it.

prowler/providers/aws/services/s3/s3_service.py Outdated
Comment on lines 105 to 109
except Exception as error:
logger.error(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
try:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do you need two try blocks?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because the first try does not have the regional_client defined and the second one has it.

@MrCloudSec MrCloudSec changed the title fix(services): solve errors in RDS, S3 and VPC services fix(services): solve errors in EMR, RDS, S3 and VPC services Feb 20, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 20, 2023
View reviewed changes
prowler/providers/aws/services/emr/emr_service.py
if ".amazonaws.com" in master_public_dns_name:
if (
master_public_dns_name
and ".amazonaws.com" in master_public_dns_name

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization

The string [.amazonaws.com](1) may be at an arbitrary position in the sanitized URL.
@MrCloudSec MrCloudSec requested a review from jfagoagas February 20, 2023 08:57
@MrCloudSec MrCloudSec merged commit f913536 into master Feb 21, 2023
@MrCloudSec MrCloudSec deleted the fix-service-key-errors-6 branch February 21, 2023 10:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jfagoagas jfagoagas jfagoagas approved these changes

@toniblyx toniblyx Awaiting requested review from toniblyx

@n4ch04 n4ch04 Awaiting requested review from n4ch04

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: RDS checks fail when scanning an RDS instance in "creating" state
2 participants
@MrCloudSec @jfagoagas