Open jtyers opened 3 years ago
The best option for now would be to mute
the IAM_LINTER
which tends to be the source of too many findings. https://github.com/duo-labs/cloudmapper/blob/6ad49b658a2fdd48112850916804a4a0e72398eb/audit_config.yaml#L210
Otherwise try running the audit
command to see what is causing so many findings.
Yes these accounts I noticed have a lot of RESOURCE_STAR
IAM linting issues. Will try again and see if I get any further.
I am just getting 32MB file contains issue: "RESOURCE_STAR" but nothings is mentioned what is missing. How to check real failures ?
Is it possible to mute only the RESOURCE_STAR
hits from the IAM linter? I can't figure out how to incorporate a custom parliament config_override.yaml
file into CloudMapper.
@0xdabbad00 How do you mute an issue ? I set the severity to Ignore
but now I'm running into the following issue:
IAM_LINTER:
title: IAM linting issues
description: Issues identified by the IAM linter Parliament
severity: Ignore
is_global: True
group: IAM
root@dae8de877888:/opt/cloudmapper# python cloudmapper.py report --accounts parent
* Getting resource counts
- parent
* Getting IAM data
- parent
* Getting public resource data
- parent
* Auditing accounts
Traceback (most recent call last):
File "cloudmapper.py", line 72, in <module>
main()
File "cloudmapper.py", line 66, in main
commands[command].run(arguments)
File "/opt/cloudmapper/commands/report.py", line 476, in run
report(accounts, config, args)
File "/opt/cloudmapper/commands/report.py", line 314, in report
if finding_is_filtered(finding, conf, minimum_severity=args.minimum_severity):
File "/opt/cloudmapper/shared/audit.py", line 56, in finding_is_filtered
if severity_choices.index(finding_severity) > severity_choices.index(
ValueError: 'IGNORE' is not in list
Set the severity to Mute
Thanks, the comment currently says: # severity: May be one of High, Medium, Low, Info, Verbose, or Ignore
I'm auditing ~35 AWS accounts. Running
report
in one go for all of these does work, but opening the output in my browser then causes the browser to hang, gobble up lots of memory, then crash. Getting as far as the first graphic, showing the per-account resource counts, I see the animation is very slow and juddery, before I lose the browser. This on an i7 with 32GB RAM.I love the layout and simplicity of the report and the way it's presented, but for larger audits, having all the data in one page like this will cause these crashes. I'm guessing, but the JS heap for the page must grow inordinately. Is it possible to split the report out into sections, and lazily load each section, to avoid this?