Class: CloudTrail

Inherits:
Mapper show all
Defined in:
lib/aws_recon/collectors/cloudtrail.rb

Overview

Collect CloudTrail resources

Constant Summary

Constants inherited from Mapper

Mapper::SINGLE_REGION_SERVICES

Instance Method Summary collapse

Methods inherited from Mapper

#initialize

Constructor Details

This class inherits a constructor from Mapper

Instance Method Details

#collectObject

Returns an array of resources.



10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'lib/aws_recon/collectors/cloudtrail.rb', line 10

def collect
  resources = []
  #
  # describe_trails
  #
  @client.describe_trails.each_with_index do |response, page|
    log(response.context.operation_name, page)

    response.trail_list.each do |trail|
      # list_tags needs to call into home_region
      client = if @region != trail.home_region
                 Aws::CloudTrail::Client.new({ region: trail.home_region })
               else
                 @client
               end

      struct = OpenStruct.new(trail.to_h)
      struct.tags = client.list_tags({ resource_id_list: [trail.trail_arn] }).resource_tag_list.first.tags_list.map(&:to_h)
      struct.type = 'cloud_trail'
      struct.event_selectors = client.get_event_selectors({ trail_name: trail.name }).to_h
      struct.status = client.get_trail_status({ name: trail.name }).to_h
      struct.arn = trail.trail_arn

      resources.push(struct.to_h)
    end
  end

  resources
end