Container Support AWS - Githubissues

nccgroup / ScoutSuite

Multi-Cloud Security Auditing Tool

GNU General Public License v2.0

6.68k stars 1.06k forks source link

Container Support AWS #1491

Open johnkoehn opened 1 year ago

johnkoehn commented 1 year ago

Is your feature request related to a problem? Please describe.

When running scoutsuite for aws, the report shows a containers tab. However no information ever populates it, even in accounts using ECS, EKS and ECR.

Describe the solution you'd like

To have security rules ran against those services.

Describe alternatives you've considered

N/A

Additional context

N/A

kedar1704 commented 1 year ago

How can I add ECS, EKS service in this project?

CaseyLabs commented 1 year ago

Just ran into this issue as well. We use AWS Fargate, and yet Scout's dashboard for Containers/ECS shows up empty.

Is there a setting we are missing here? cc @fernando-gallego

liyun-li commented 1 year ago

Hi folks, I am the guy who added a Kubernetes provider to Scout Suite. Can you let us know which branch you are using? Bug fixes might have already been introduced into the develop branch.

krupalb commented 1 year ago

it's not working from Develop branch either....?

liyun-li commented 1 year ago

it's not working from Develop branch either....?

Can you perhaps share screenshots?

ashu-pattanayak commented 1 year ago

@liyun-li

I tried from the develop branch and below is the error.

liyun-li commented 1 year ago

Ah that's probably because the open source version doesn't have any findings for EKS...Feel free to pull request!

michaels0184 commented 1 year ago

Has this been updated? I am also unable to pull any information on ECS when using both the 'master' or 'develop' branches.

kedar1704 commented 11 months ago

Hi folks,I am the guy who added a AWS Container services to Scout Suite. Please check this repo https://github.com/kedar1704/ScoutSuite.git. Your feedback on the introduced features, code changes, and the overall impact on ScoutSuite's capabilities in AWS environments is highly appreciated. Feel free to reach out with any questions or concerns.

crahan commented 9 months ago

I was confused about this initially as well, but support for a number of AWS services is considered proprietary in ScoutSuite, as shown in: https://github.com/nccgroup/ScoutSuite/blob/967ec5476151aa0256e3a37240e354be00a23176/ScoutSuite/providers/aws/services.py#L31-L59

As a result, support for things like ECS, EKS and ECR (and Cognito, DocDB, GuardDuty, and SSM) isn't included in the Open Source ScoutSuite version and thus no resource information for these services will be retrieved or rules run.

The pull request created by @kedar1704 adds the missing capabilities for the AWS ECS, EKS and ECR services. It would be awesome if someone could review this PR and merge, if possible.