altimeter.aws.scan.muxer package

Submodules

altimeter.aws.scan.muxer.lambda_muxer module

AWSScanMuxer that runs account scans one-per-lambda

class AccountScanLambdaEvent(**data)

Bases: altimeter.core.base_model.BaseImmutableModel

account_scan_plan: altimeter.aws.scan.scan_plan.AccountScanPlan
artifact_path: str
max_svc_scan_threads: int
preferred_account_scan_regions: Tuple[str, ]
scan_id: str
scan_sub_accounts: bool
class LambdaAWSScanMuxer(scan_id, account_scan_lambda_name, account_scan_lambda_timeout, config)

Bases: altimeter.aws.scan.muxer.AWSScanMuxer

AWSScanMuxer that runs account scans in AccountScan lambdas

Parameters

  • scan_id (str) – unique scan identifier

  • account_scan_lambda_name (str) – name of the AccountScan lambda

  • account_scan_lambda_timeout (int) – timeout for the AccountScan lambda

  • config (Config) – Config object

invoke_lambda(lambda_name, lambda_timeout, account_scan_lambda_event)

Invoke the AccountScan AWS Lambda function

Parameters

  • lambda_name (str) – name of lambda

  • lambda_timeout (int) – timeout of the lambda. Used to tell the boto3 lambda client to wait at least this long for a response before timing out.

  • account_scan_lambda_event (AccountScanLambdaEvent) – AccountScanLambdaEvent object to serialize to json and send to the lambda

Return type

AccountScanResult

Returns

AccountScanResult

Raises

Exception if there was an error invoking the lambda.

altimeter.aws.scan.muxer.local_muxer module

AWSScanMuxer that runs account scans one-per-thread

class LocalAWSScanMuxer(scan_id, config)

Bases: altimeter.aws.scan.muxer.AWSScanMuxer

AWSScanMuxer that runs account scans batches of accounts using local os threads

local_account_scan(scan_id, account_scan_plan, config)

Scan a set of accounts.

Parameters

  • account_scan_plan_dict – AccountScanPlan defining the scan

  • config (Config) – Config object

Return type

AccountScanResult

Module contents

Abstract base class for AWSScanMuxers.

class AWSScanMuxer(scan_id, config)

Bases: abc.ABC

Abstract base class for AWSScanMuxers. AWSScanMuxers coordinate multi-account scans across a pool of threads which either call account scan code locally in the case of a local run or invoke a Lambda-per-account in the case of Altimeter running on AWS Lambda.

Parameters

  • scan_id (str) – unique scan identifier

  • config (Config) – Config object

scan(scan_plan)

Scan accounts. Return a list of AccountScanManifest objects.

Parameters

account_scan_plan – AccountScanPlan defining this scan op

Yields

AccountScanManifest objects

Return type

Generator[AccountScanManifest, None, None]