search

duo-labs / cloudmapper

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
BSD 3-Clause "New" or "Revised" License
5.94k stars 800 forks source link

Reporting on a large number of accounts causes browser crash #796

Open jtyers opened 3 years ago

jtyers commented 3 years ago

I'm auditing ~35 AWS accounts. Running report in one go for all of these does work, but opening the output in my browser then causes the browser to hang, gobble up lots of memory, then crash. Getting as far as the first graphic, showing the per-account resource counts, I see the animation is very slow and juddery, before I lose the browser. This on an i7 with 32GB RAM.

I love the layout and simplicity of the report and the way it's presented, but for larger audits, having all the data in one page like this will cause these crashes. I'm guessing, but the JS heap for the page must grow inordinately. Is it possible to split the report out into sections, and lazily load each section, to avoid this?

0xdabbad00 commented 3 years ago

The best option for now would be to mute the IAM_LINTER which tends to be the source of too many findings. https://github.com/duo-labs/cloudmapper/blob/6ad49b658a2fdd48112850916804a4a0e72398eb/audit_config.yaml#L210

Otherwise try running the audit command to see what is causing so many findings.

jtyers commented 3 years ago

Yes these accounts I noticed have a lot of RESOURCE_STAR IAM linting issues. Will try again and see if I get any further.

ankitloud commented 3 years ago

I am just getting 32MB file contains issue: "RESOURCE_STAR" but nothings is mentioned what is missing. How to check real failures ?

lydiardfan commented 2 years ago

Is it possible to mute only the RESOURCE_STAR hits from the IAM linter? I can't figure out how to incorporate a custom parliament config_override.yaml file into CloudMapper.

Techbrunch commented 1 year ago

@0xdabbad00 How do you mute an issue ? I set the severity to Ignore but now I'm running into the following issue:

IAM_LINTER:
  title: IAM linting issues
  description: Issues identified by the IAM linter Parliament
  severity: Ignore
  is_global: True
  group: IAM
root@dae8de877888:/opt/cloudmapper# python cloudmapper.py report --accounts parent
* Getting resource counts
  - parent
* Getting IAM data
  - parent
* Getting public resource data
  - parent
* Auditing accounts
Traceback (most recent call last):
  File "cloudmapper.py", line 72, in <module>
    main()
  File "cloudmapper.py", line 66, in main
    commands[command].run(arguments)
  File "/opt/cloudmapper/commands/report.py", line 476, in run
    report(accounts, config, args)
  File "/opt/cloudmapper/commands/report.py", line 314, in report
    if finding_is_filtered(finding, conf, minimum_severity=args.minimum_severity):
  File "/opt/cloudmapper/shared/audit.py", line 56, in finding_is_filtered
    if severity_choices.index(finding_severity) > severity_choices.index(
ValueError: 'IGNORE' is not in list
0xdabbad00 commented 1 year ago

Set the severity to Mute

Techbrunch commented 1 year ago

Thanks, the comment currently says: # severity: May be one of High, Medium, Low, Info, Verbose, or Ignore