diff --git a/monkey/infection_monkey/telemetry/scoutsuite_telem.py b/monkey/infection_monkey/telemetry/scoutsuite_telem.py index 7c3f94653..816042d7c 100644 --- a/monkey/infection_monkey/telemetry/scoutsuite_telem.py +++ b/monkey/infection_monkey/telemetry/scoutsuite_telem.py @@ -8,7 +8,7 @@ class ScoutSuiteTelem(BaseTelem): def __init__(self, data): """ Default ScoutSuite telemetry constructor - :param data: Data gathered via ScoutSuite ( + :param data: Data gathered via ScoutSuite """ super().__init__() self.data = data diff --git a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/__init__.py b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/__init__.py new file mode 100644 index 000000000..e8a36338b --- /dev/null +++ b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/__init__.py @@ -0,0 +1,13 @@ +import pkgutil +import sys +from pathlib import PurePath + +_scoutsuite_api_package = pkgutil.get_loader('common.cloud.scoutsuite.ScoutSuite.__main__') + + +def _add_scoutsuite_to_python_path(): + scoutsuite_path = PurePath(_scoutsuite_api_package.path).parent.parent.__str__() + sys.path.append(scoutsuite_path) + + +_add_scoutsuite_to_python_path() diff --git a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_auth_service.py b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_auth_service.py index e9a965a69..eb0d5dfbd 100644 --- a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_auth_service.py +++ b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_auth_service.py @@ -1,24 +1,13 @@ -import pkgutil -import sys -from pathlib import PurePath from typing import Tuple +from ScoutSuite.providers.base.authentication_strategy import AuthenticationException + from common.cloud.scoutsuite_consts import CloudProviders from common.utils.exceptions import InvalidAWSKeys from monkey_island.cc.server_utils.encryptor import encryptor from monkey_island.cc.services.config import ConfigService from monkey_island.cc.services.config_schema.config_value_paths import AWS_KEYS_PATH -_scoutsuite_api_package = pkgutil.get_loader('common.cloud.scoutsuite.ScoutSuite.__main__') - - -def _add_scoutsuite_to_python_path(): - scoutsuite_path = PurePath(_scoutsuite_api_package.path).parent.parent.__str__() - sys.path.append(scoutsuite_path) - - -_add_scoutsuite_to_python_path() - def is_cloud_authentication_setup(provider: CloudProviders) -> Tuple[bool, str]: if provider == CloudProviders.AWS.value: @@ -30,7 +19,7 @@ def is_cloud_authentication_setup(provider: CloudProviders) -> Tuple[bool, str]: profile = auth_strategy.AWSAuthenticationStrategy().authenticate() return True, f" Profile \"{profile.session.profile_name}\" is already setup. " \ f"Run Monkey on Island to start the scan." - except Exception: + except AuthenticationException: return False, "" diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/AWSConfiguration/AWSKeySetup.js b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/AWSConfiguration/AWSKeySetup.js index 05ae86f89..04a1f490b 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/AWSConfiguration/AWSKeySetup.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/AWSConfiguration/AWSKeySetup.js @@ -56,6 +56,8 @@ const getContents = (props) => { .then(res => { if (res['error_msg'] === '') { setSuccessMessage('AWS keys saved!'); + } else if (res['message'] === 'Internal Server Error') { + setErrorMessage('Something went wrong, double check keys and contact support if problem persists.'); } else { setErrorMessage(res['error_msg']); } @@ -79,11 +81,12 @@ const getContents = (props) => {
Consider creating a new user account just for this activity. Assign only ReadOnlyAccess and - SecurityAudit policies.
+ SecurityAudit policies.1. Open the IAM console at https://console.aws.amazon.com/iam/.
+ target={'_blank'} + rel="noopener noreferrer">https://console.aws.amazon.com/iam/.2. In the navigation pane, choose Users.
3. Choose the name of the user whose access keys you want to create, and then choose the Security credentials tab.
@@ -157,7 +160,7 @@ const getContents = (props) => { { successMessage ?