[−][src]Module rusty_hogs::aws_scanning
Collection of tools for scanning AWS for secrets. Currently only supports S3.
S3Scanner
acts as a wrapper around a SecretScanner
object to provide helper functions for
performing scanning against AWS S3 objects. Relies on the
rust-s3 library which provides helper functions for
accessing S3 objects. Eventually this library should be replaced with the offical Rusoto
libraries.
Examples
Basic usage requires you to create a S3Scanner
object...
use rusty_hogs::SecretScannerBuilder; use rusty_hogs::aws_scanning::S3Scanner; let s3s = S3Scanner::new();
Alternatively you can build a custom SecretScanner
object and supply it to the S3Scanner
contructor...
use rusty_hogs::SecretScannerBuilder; use rusty_hogs::aws_scanning::S3Scanner; let ss = SecretScannerBuilder::new().set_pretty_print(true).build(); let s3s = S3Scanner::new_from_scanner(ss);
After that, you must first run initialize a
Bucket
, and supply it to
scan_s3_file()
along with a file path. which returns a
Vec
of findings. In this example the string values are contrived.
use rusty_hogs::SecretScannerBuilder; use rusty_hogs::aws_scanning::{S3Scanner, S3Finding}; use s3::region::Region; use s3::credentials::Credentials; use s3::bucket::Bucket; let s3s = S3Scanner::new(); let bucket_string = "testbucket1"; let credentials = Credentials::new(None, None, None, None); let region: Region = Region::UsWest2; let bucket: Bucket = match Bucket::new(bucket_string, region, credentials.clone()) { Ok(r) => r, Err(e) => panic!(e) }; let results = s3s.scan_s3_file(bucket, "s3://testbucket1/727463.json").unwrap(); assert_eq!(results.len(), 0);
Structs
S3Finding |
|
S3Scanner | Contains helper functions for performing scans of S3 objects |