Fix bug in role-trusts command around new vendor lookup feature, enab…

…led caching on apigateway commands
BishopFox · Feb 8, 2024 · 1ca5dbf · 1ca5dbf
1 parent f000446
commit 1ca5dbf
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 8 deletions.
diff --git a/aws/role-trusts.go b/aws/role-trusts.go
@@ -242,10 +242,12 @@ func (m *RoleTrustsModule) printPrincipalTrusts(outputDirectory string) ([]strin
 		for _, statement := range role.trustsDoc.Statement {
 			for _, principal := range statement.Principal.AWS {
 				//check to see if the accountID is known
-				accountID := strings.Split(principal, ":")[4]
-				vendorName := m.vendors.GetVendorNameFromAccountID(accountID)
-				if vendorName != "" {
-					principal = fmt.Sprintf("%s (%s)", principal, vendorName)
+				if strings.Contains(principal, "arn:aws:iam::") || strings.Contains(principal, "root") {
+					accountID := strings.Split(principal, ":")[4]
+					vendorName := m.vendors.GetVendorNameFromAccountID(accountID)
+					if vendorName != "" {
+						principal = fmt.Sprintf("%s (%s)", principal, vendorName)
+					}
 				}
 
 				RoleTrustRow := RoleTrustRow{

diff --git a/aws/sdk/apigateway.go b/aws/sdk/apigateway.go
@@ -9,6 +9,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/service/apigateway"
 	apiGatewayTypes "github.com/aws/aws-sdk-go-v2/service/apigateway/types"
+	"github.com/patrickmn/go-cache"
 )
 
 type APIGatewayClientInterface interface {
@@ -66,7 +67,7 @@ func CachedApiGatewayGetRestAPIs(client APIGatewayClientInterface, accountID str
 		}
 		PaginationControl = GetRestApis.Position
 	}
-
+	internal.Cache.Set(cacheKey, restAPIs, cache.DefaultExpiration)
 	return restAPIs, nil
 }
 
@@ -92,6 +93,7 @@ func CachedApiGatewayGetStages(client APIGatewayClientInterface, accountID strin
 		return apigateway.GetStagesOutput{}, err
 	}
 
+	internal.Cache.Set(cacheKey, GetStages, cache.DefaultExpiration)
 	return *GetStages, err
 }
 
@@ -129,7 +131,7 @@ func CachedApiGatewayGetResources(client APIGatewayClientInterface, accountID st
 		}
 		PaginationControl = GetResources.Position
 	}
-
+	internal.Cache.Set(cacheKey, resources, cache.DefaultExpiration)
 	return resources, nil
 }
 
@@ -166,7 +168,7 @@ func CachedApiGatewayGetDomainNames(client APIGatewayClientInterface, accountID
 		}
 		PaginationControl = GetDomainNames.Position
 	}
-
+	internal.Cache.Set(cacheKey, domainNames, cache.DefaultExpiration)
 	return domainNames, nil
 }
 
@@ -204,7 +206,7 @@ func CachedApiGatewayGetBasePathMappings(client APIGatewayClientInterface, accou
 		}
 		PaginationControl = GetBasePathMappings.Position
 	}
-
+	internal.Cache.Set(cacheKey, basePathMappings, cache.DefaultExpiration)
 	return basePathMappings, nil
 }
 
@@ -233,6 +235,7 @@ func CachedApiGatewayGetMethod(client APIGatewayClientInterface, accountID strin
 		return apigateway.GetMethodOutput{}, err
 	}
 
+	internal.Cache.Set(cacheKey, GetMethod, cache.DefaultExpiration)
 	return *GetMethod, nil
 
 }
@@ -271,6 +274,7 @@ func CachedApiGatewayGetUsagePlans(client APIGatewayClientInterface, accountID s
 		PaginationControl = GetUsagePlans.Position
 	}
 
+	internal.Cache.Set(cacheKey, usagePlans, cache.DefaultExpiration)
 	return usagePlans, nil
 }
 
@@ -309,5 +313,6 @@ func CachedApiGatewayGetUsagePlanKeys(client APIGatewayClientInterface, accountI
 		PaginationControl = GetUsagePlanKeys.Position
 	}
 
+	internal.Cache.Set(cacheKey, usagePlanKeys, cache.DefaultExpiration)
 	return usagePlanKeys, nil
 }