cloudmapper icon indicating copy to clipboard operation
cloudmapper copied to clipboard

Published 20 hours ago verified publisher icon duo-labs

Reporting on a large number of accounts causes browser crash

Open jtyers opened this issue 5 years ago • 7 comments

I'm auditing ~35 AWS accounts. Running report in one go for all of these does work, but opening the output in my browser then causes the browser to hang, gobble up lots of memory, then crash. Getting as far as the first graphic, showing the per-account resource counts, I see the animation is very slow and juddery, before I lose the browser. This on an i7 with 32GB RAM.

I love the layout and simplicity of the report and the way it's presented, but for larger audits, having all the data in one page like this will cause these crashes. I'm guessing, but the JS heap for the page must grow inordinately. Is it possible to split the report out into sections, and lazily load each section, to avoid this?

jtyers avatar Nov 05 '20 16:11 jtyers

The best option for now would be to mute the IAM_LINTER which tends to be the source of too many findings. https://github.com/duo-labs/cloudmapper/blob/6ad49b658a2fdd48112850916804a4a0e72398eb/audit_config.yaml#L210

Otherwise try running the audit command to see what is causing so many findings.

0xdabbad00 avatar Nov 12 '20 21:11 0xdabbad00

Yes these accounts I noticed have a lot of RESOURCE_STAR IAM linting issues. Will try again and see if I get any further.

jtyers avatar Nov 26 '20 09:11 jtyers

I am just getting 32MB file contains issue: "RESOURCE_STAR" but nothings is mentioned what is missing. How to check real failures ?

ankitloud avatar Jul 29 '21 16:07 ankitloud

Is it possible to mute only the RESOURCE_STAR hits from the IAM linter? I can't figure out how to incorporate a custom parliament config_override.yaml file into CloudMapper.

lydiardfan avatar Jul 19 '22 22:07 lydiardfan

@0xdabbad00 How do you mute an issue ? I set the severity to Ignore but now I'm running into the following issue:

IAM_LINTER:
  title: IAM linting issues
  description: Issues identified by the IAM linter Parliament
  severity: Ignore
  is_global: True
  group: IAM

root@dae8de877888:/opt/cloudmapper# python cloudmapper.py report --accounts parent
* Getting resource counts
  - parent
* Getting IAM data
  - parent
* Getting public resource data
  - parent
* Auditing accounts
Traceback (most recent call last):
  File "cloudmapper.py", line 72, in <module>
    main()
  File "cloudmapper.py", line 66, in main
    commands[command].run(arguments)
  File "/opt/cloudmapper/commands/report.py", line 476, in run
    report(accounts, config, args)
  File "/opt/cloudmapper/commands/report.py", line 314, in report
    if finding_is_filtered(finding, conf, minimum_severity=args.minimum_severity):
  File "/opt/cloudmapper/shared/audit.py", line 56, in finding_is_filtered
    if severity_choices.index(finding_severity) > severity_choices.index(
ValueError: 'IGNORE' is not in list

Techbrunch avatar May 09 '23 15:05 Techbrunch

Set the severity to Mute

0xdabbad00 avatar May 09 '23 15:05 0xdabbad00

Thanks, the comment currently says: # severity: May be one of High, Medium, Low, Info, Verbose, or Ignore

Techbrunch avatar May 09 '23 15:05 Techbrunch