From 223f8b38ae2a8ef5380ca2e40182f9db86098664 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 8 Mar 2024 15:39:18 -0500 Subject: [PATCH 1/3] Adds eks__enum error handling to fix issue #410 --- main.py | 102 +++++++++++++++++++++++++++++++++ pacu/modules/eks__enum/main.py | 93 ++++++++++++++++-------------- 2 files changed, 153 insertions(+), 42 deletions(-) create mode 100644 main.py diff --git a/main.py b/main.py new file mode 100644 index 00000000..6910cbda --- /dev/null +++ b/main.py @@ -0,0 +1,102 @@ +#!/usr/bin/env python3 +import argparse +from botocore.exceptions import ClientError + +module_info = { + 'name': 'eks_enum', + 'author': 'David Fentz', + 'category': 'ENUM', + 'one_liner': 'This module enumerates over EKS resources.', + 'description': 'This module enumerates over EKS resources.', + 'services': ['EKS'], + 'prerequisite_modules': [], + 'external_dependencies': [], + 'arguments_to_autocomplete': [ + '--regions', + '--no_addons', + '--no_identity_provider_configs', + '--no_fargate_profiles', + ], +} + + +parser = argparse.ArgumentParser(add_help=False, description=module_info['description']) +parser.add_argument('--regions', required=False, default=None, help='One or more (comma separated) AWS regions in the format "us-east-1". Defaults to all session regions.') +parser.add_argument('--no_addons', required=False, action='store_true', default=False, help='Exclude EKS addons') +parser.add_argument('--no_identity_provider_configs', required=False, action='store_true', default=False, help='Exclude EKS identity provider configs') +parser.add_argument('--no_fargate_profiles', required=False, action='store_true', default=False, help='Exclude EKS fargate profiles') + +def main(args, pacu_main): + args = parser.parse_args(args) + print = pacu_main.print + session = pacu_main.get_active_session() + get_regions = pacu_main.get_regions + data = {} + cluster_count = 0 + + if args.regions is None: + regions = get_regions('eks') + if regions is None or regions == [] or regions == '' or regions == {}: + print('This module is not supported in any regions specified in the current sessions region set. Exiting...') + return + else: + regions = args.regions.split(',') + + for region in regions: + try: + eks_client = pacu_main.get_boto3_client('eks', region) + cluster_paginator = eks_client.get_paginator("list_clusters") + cluster_page_iterator = cluster_paginator.paginate(PaginationConfig={'PageSize': 50}) + data[region] = { # use this to count clusters + "clusters": {} + } + except Exception as e: + print(f"Error: Could not enumerate region {region}") + print(f"Error: {e}") + continue + for page in cluster_page_iterator: + clusters = page["clusters"] + for cluster in clusters: + nodegroups = [] + addons = [] + fargate_profiles = [] + ip_configs = [] + + nodegroup_paginator = eks_client.get_paginator("list_nodegroups") + nodegroup_page_iterator = nodegroup_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) + addon_paginator = eks_client.get_paginator("list_addons") + addon_page_iterator = addon_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) + fargate_paginator = eks_client.get_paginator("list_fargate_profiles") + fargate_page_iterator = fargate_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) + ip_config_paginator = eks_client.get_paginator("list_identity_provider_configs") + ip_config_page_iterator = ip_config_paginator.paginate(clusterName=cluster, maxResults=1, PaginationConfig={'PageSize': 1}) + + for page in nodegroup_page_iterator: + nodegroups.append(page["nodegroups"]) + for page in addon_page_iterator: + addons.append(page["addons"]) + for page in fargate_page_iterator: + fargate_profiles.append(page["fargateProfileNames"]) + for page in ip_config_page_iterator: + ip_configs.append(page["identityProviderConfigs"]) + + data[region]['clusters'][cluster] = { + "cluster_description": eks_client.describe_cluster(name=cluster)["cluster"], + "nodegroups": nodegroups + } + if not args.no_addons: + data[region]['clusters'][cluster]["addons"] = addons + if not args.no_fargate_profiles: + data[region]['clusters'][cluster]["fargate_profiles"] = fargate_profiles + # if not args.no_identity_provider_configs: + # data[region]['clusters'][cluster]["identity_provider_configs"] = ip_configs + + region_clusters = [cluster for cluster in data[region]["clusters"]] + print(f"clusters in {region}: {region_clusters}") + cluster_count += len(data[region]["clusters"]) + session.update(pacu_main.database, EKS=data) + return cluster_count + + +def summary(cluster_count, pacu_main): + return f"Found {cluster_count} clusters in total.\nTo see EKS data, run \"data EKS\"," diff --git a/pacu/modules/eks__enum/main.py b/pacu/modules/eks__enum/main.py index 26ed66cd..63be505d 100644 --- a/pacu/modules/eks__enum/main.py +++ b/pacu/modules/eks__enum/main.py @@ -1,5 +1,6 @@ #!/usr/bin/env python3 import argparse +from botocore.exceptions import ClientError module_info = { 'name': 'eks_enum', @@ -42,52 +43,60 @@ def main(args, pacu_main): regions = args.regions.split(',') for region in regions: - eks_client = pacu_main.get_boto3_client('eks', region) - cluster_paginator = eks_client.get_paginator("list_clusters") - cluster_page_iterator = cluster_paginator.paginate(PaginationConfig={'PageSize': 50}) - data[region] = { # use this to count clusters - "clusters": {} - } - for page in cluster_page_iterator: - clusters = page["clusters"] - for cluster in clusters: - nodegroups = [] - addons = [] - fargate_profiles = [] - ip_configs = [] + try: + eks_client = pacu_main.get_boto3_client('eks', region) + cluster_paginator = eks_client.get_paginator("list_clusters") + cluster_page_iterator = cluster_paginator.paginate(PaginationConfig={'PageSize': 50}) + data[region] = { # use this to count clusters + "clusters": {} + } + for page in cluster_page_iterator: + clusters = page["clusters"] + for cluster in clusters: + nodegroups = [] + addons = [] + fargate_profiles = [] + ip_configs = [] - nodegroup_paginator = eks_client.get_paginator("list_nodegroups") - nodegroup_page_iterator = nodegroup_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) - addon_paginator = eks_client.get_paginator("list_addons") - addon_page_iterator = addon_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) - fargate_paginator = eks_client.get_paginator("list_fargate_profiles") - fargate_page_iterator = fargate_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) - ip_config_paginator = eks_client.get_paginator("list_identity_provider_configs") - ip_config_page_iterator = ip_config_paginator.paginate(clusterName=cluster, maxResults=1, PaginationConfig={'PageSize': 1}) + nodegroup_paginator = eks_client.get_paginator("list_nodegroups") + nodegroup_page_iterator = nodegroup_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) + addon_paginator = eks_client.get_paginator("list_addons") + addon_page_iterator = addon_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) + fargate_paginator = eks_client.get_paginator("list_fargate_profiles") + fargate_page_iterator = fargate_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) + ip_config_paginator = eks_client.get_paginator("list_identity_provider_configs") + ip_config_page_iterator = ip_config_paginator.paginate(clusterName=cluster, maxResults=1, PaginationConfig={'PageSize': 1}) - for page in nodegroup_page_iterator: - nodegroups.append(page["nodegroups"]) - for page in addon_page_iterator: - addons.append(page["addons"]) - for page in fargate_page_iterator: - fargate_profiles.append(page["fargateProfileNames"]) - for page in ip_config_page_iterator: - ip_configs.append(page["identityProviderConfigs"]) + for page in nodegroup_page_iterator: + nodegroups.append(page["nodegroups"]) + for page in addon_page_iterator: + addons.append(page["addons"]) + for page in fargate_page_iterator: + fargate_profiles.append(page["fargateProfileNames"]) + for page in ip_config_page_iterator: + ip_configs.append(page["identityProviderConfigs"]) - data[region]['clusters'][cluster] = { - "cluster_description": eks_client.describe_cluster(name=cluster)["cluster"], - "nodegroups": nodegroups - } - if not args.no_addons: - data[region]['clusters'][cluster]["addons"] = addons - if not args.no_fargate_profiles: - data[region]['clusters'][cluster]["fargate_profiles"] = fargate_profiles - # if not args.no_identity_provider_configs: - # data[region]['clusters'][cluster]["identity_provider_configs"] = ip_configs + data[region]['clusters'][cluster] = { + "cluster_description": eks_client.describe_cluster(name=cluster)["cluster"], + "nodegroups": nodegroups + } + if not args.no_addons: + data[region]['clusters'][cluster]["addons"] = addons + if not args.no_fargate_profiles: + data[region]['clusters'][cluster]["fargate_profiles"] = fargate_profiles + # if not args.no_identity_provider_configs: + # data[region]['clusters'][cluster]["identity_provider_configs"] = ip_configs - region_clusters = [cluster for cluster in data[region]["clusters"]] - print(f"clusters in {region}: {region_clusters}") - cluster_count += len(data[region]["clusters"]) + region_clusters = [cluster for cluster in data[region]["clusters"]] + print(f"clusters in {region}: {region_clusters}") + cluster_count += len(data[region]["clusters"]) + except ClientError as error: + code = error.response["Error"]["Code"] + if code == "AccessDeniedException": + print(f"Access denied to EKS in {region}.") + else: + print(f"Error: {error}") + continue session.update(pacu_main.database, EKS=data) return cluster_count From 17c652f88335ff1cdd836120e791a7ecbc7150d8 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 8 Mar 2024 15:43:42 -0500 Subject: [PATCH 2/3] Adding eks__enum error handling to fix issue #410 --- main.py | 102 -------------------------------------------------------- 1 file changed, 102 deletions(-) delete mode 100644 main.py diff --git a/main.py b/main.py deleted file mode 100644 index 6910cbda..00000000 --- a/main.py +++ /dev/null @@ -1,102 +0,0 @@ -#!/usr/bin/env python3 -import argparse -from botocore.exceptions import ClientError - -module_info = { - 'name': 'eks_enum', - 'author': 'David Fentz', - 'category': 'ENUM', - 'one_liner': 'This module enumerates over EKS resources.', - 'description': 'This module enumerates over EKS resources.', - 'services': ['EKS'], - 'prerequisite_modules': [], - 'external_dependencies': [], - 'arguments_to_autocomplete': [ - '--regions', - '--no_addons', - '--no_identity_provider_configs', - '--no_fargate_profiles', - ], -} - - -parser = argparse.ArgumentParser(add_help=False, description=module_info['description']) -parser.add_argument('--regions', required=False, default=None, help='One or more (comma separated) AWS regions in the format "us-east-1". Defaults to all session regions.') -parser.add_argument('--no_addons', required=False, action='store_true', default=False, help='Exclude EKS addons') -parser.add_argument('--no_identity_provider_configs', required=False, action='store_true', default=False, help='Exclude EKS identity provider configs') -parser.add_argument('--no_fargate_profiles', required=False, action='store_true', default=False, help='Exclude EKS fargate profiles') - -def main(args, pacu_main): - args = parser.parse_args(args) - print = pacu_main.print - session = pacu_main.get_active_session() - get_regions = pacu_main.get_regions - data = {} - cluster_count = 0 - - if args.regions is None: - regions = get_regions('eks') - if regions is None or regions == [] or regions == '' or regions == {}: - print('This module is not supported in any regions specified in the current sessions region set. Exiting...') - return - else: - regions = args.regions.split(',') - - for region in regions: - try: - eks_client = pacu_main.get_boto3_client('eks', region) - cluster_paginator = eks_client.get_paginator("list_clusters") - cluster_page_iterator = cluster_paginator.paginate(PaginationConfig={'PageSize': 50}) - data[region] = { # use this to count clusters - "clusters": {} - } - except Exception as e: - print(f"Error: Could not enumerate region {region}") - print(f"Error: {e}") - continue - for page in cluster_page_iterator: - clusters = page["clusters"] - for cluster in clusters: - nodegroups = [] - addons = [] - fargate_profiles = [] - ip_configs = [] - - nodegroup_paginator = eks_client.get_paginator("list_nodegroups") - nodegroup_page_iterator = nodegroup_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) - addon_paginator = eks_client.get_paginator("list_addons") - addon_page_iterator = addon_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) - fargate_paginator = eks_client.get_paginator("list_fargate_profiles") - fargate_page_iterator = fargate_paginator.paginate(clusterName=cluster, PaginationConfig={'PageSize': 50}) - ip_config_paginator = eks_client.get_paginator("list_identity_provider_configs") - ip_config_page_iterator = ip_config_paginator.paginate(clusterName=cluster, maxResults=1, PaginationConfig={'PageSize': 1}) - - for page in nodegroup_page_iterator: - nodegroups.append(page["nodegroups"]) - for page in addon_page_iterator: - addons.append(page["addons"]) - for page in fargate_page_iterator: - fargate_profiles.append(page["fargateProfileNames"]) - for page in ip_config_page_iterator: - ip_configs.append(page["identityProviderConfigs"]) - - data[region]['clusters'][cluster] = { - "cluster_description": eks_client.describe_cluster(name=cluster)["cluster"], - "nodegroups": nodegroups - } - if not args.no_addons: - data[region]['clusters'][cluster]["addons"] = addons - if not args.no_fargate_profiles: - data[region]['clusters'][cluster]["fargate_profiles"] = fargate_profiles - # if not args.no_identity_provider_configs: - # data[region]['clusters'][cluster]["identity_provider_configs"] = ip_configs - - region_clusters = [cluster for cluster in data[region]["clusters"]] - print(f"clusters in {region}: {region_clusters}") - cluster_count += len(data[region]["clusters"]) - session.update(pacu_main.database, EKS=data) - return cluster_count - - -def summary(cluster_count, pacu_main): - return f"Found {cluster_count} clusters in total.\nTo see EKS data, run \"data EKS\"," From 04df484c9335287ba5f15f1da671a24159b8883f Mon Sep 17 00:00:00 2001 From: root Date: Fri, 8 Mar 2024 17:22:01 -0500 Subject: [PATCH 3/3] Minor fix to cloudformation__download_data --- pacu/modules/cloudformation__download_data/main.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pacu/modules/cloudformation__download_data/main.py b/pacu/modules/cloudformation__download_data/main.py index 67606db9..c8500322 100755 --- a/pacu/modules/cloudformation__download_data/main.py +++ b/pacu/modules/cloudformation__download_data/main.py @@ -63,11 +63,11 @@ def default(self, obj): print(f"Error: Could not enumerate region {region}") print(f"Error: {e}") continue - exports = client.list_exports() - if exports: - with outfile('exports', region) as (f): - json.dump(exports, f, indent=1) - find_secrets(json.dumps(exports)) + exports = client.list_exports() + if exports: + with outfile('exports', region) as (f): + json.dump(exports, f, indent=1) + find_secrets(json.dumps(exports)) while 'NextToken' in stacks_data: stacks_data = client.describe_stacks(NextToken=(stacks_data['NextToken'])) stacks += stacks_data['Stacks']