ScoutSuite icon indicating copy to clipboard operation
ScoutSuite copied to clipboard

Published 20 hours ago verified publisher icon nccgroup

Container Support AWS

Open johnkoehn opened this issue 2 years ago • 10 comments

Is your feature request related to a problem? Please describe.

When running scoutsuite for aws, the report shows a containers tab. However no information ever populates it, even in accounts using ECS, EKS and ECR.

Describe the solution you'd like

To have security rules ran against those services.

Describe alternatives you've considered

N/A

Additional context

N/A

johnkoehn avatar Jan 03 '23 16:01 johnkoehn

How can I add ECS, EKS service in this project?

kedar1704 avatar Feb 21 '23 08:02 kedar1704

Just ran into this issue as well. We use AWS Fargate, and yet Scout's dashboard for Containers/ECS shows up empty.

Is there a setting we are missing here? cc @fernando-gallego

CaseyLabs avatar Mar 08 '23 19:03 CaseyLabs

Hi folks, I am the guy who added a Kubernetes provider to Scout Suite. Can you let us know which branch you are using? Bug fixes might have already been introduced into the develop branch.

liyun-li avatar Apr 10 '23 18:04 liyun-li

it's not working from Develop branch either....?

krupalb avatar Apr 12 '23 11:04 krupalb

it's not working from Develop branch either....?

Can you perhaps share screenshots?

liyun-li avatar May 11 '23 21:05 liyun-li

@liyun-li

I tried from the develop branch and below is the error.

1 2

ashu-pattanayak avatar May 16 '23 11:05 ashu-pattanayak

Ah that's probably because the open source version doesn't have any findings for EKS...Feel free to pull request!

liyun-li avatar May 16 '23 14:05 liyun-li

Has this been updated? I am also unable to pull any information on ECS when using both the 'master' or 'develop' branches. image

michaels0184 avatar Aug 07 '23 09:08 michaels0184

Hi folks,I am the guy who added a AWS Container services to Scout Suite. Please check this repo https://github.com/kedar1704/ScoutSuite.git. Your feedback on the introduced features, code changes, and the overall impact on ScoutSuite's capabilities in AWS environments is highly appreciated. Feel free to reach out with any questions or concerns.

kedar1704 avatar Nov 26 '23 09:11 kedar1704

I was confused about this initially as well, but support for a number of AWS services is considered proprietary in ScoutSuite, as shown in: https://github.com/nccgroup/ScoutSuite/blob/967ec5476151aa0256e3a37240e354be00a23176/ScoutSuite/providers/aws/services.py#L31-L59

As a result, support for things like ECS, EKS and ECR (and Cognito, DocDB, GuardDuty, and SSM) isn't included in the Open Source ScoutSuite version and thus no resource information for these services will be retrieved or rules run.

The pull request created by @kedar1704 adds the missing capabilities for the AWS ECS, EKS and ECR services. It would be awesome if someone could review this PR and merge, if possible.

crahan avatar Jan 12 '24 18:01 crahan