![[アップデート] Amazon Inspectorがプログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになりました](https://devio2023-media.developers.io/wp-content/uploads/2022/08/amazon-inspector.png)
[アップデート] Amazon Inspectorがプログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになりました
プログラミング言語のパッケージマネージャーを使用している場合は今すぐ有効化しよう
npmやpipでインストールしたパッケージの脆弱性を検出したいな
こんにちは、のんピ(@non____97)です。
皆さんはAmazon Inspectorがプログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになりましたでnpmやpipでインストールしたパッケージの脆弱性を検出したいなと思ったことはありますか? 私はあります。
従来Amazon Inspectorで検出できる脆弱性はyumやdnf、aptなどのOSのパッケージマネージャーでインストールされたパッケージのみでした。
本日、アップデートによって追加されたディープインスペクションなる新機能にて、プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになりました。
これにより、npmやpipなどでインストールしたパッケージについての脆弱性も検出できます。
これはアツい。
早速試してみたので紹介します。
いきなりまとめ
- プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出するためにはディープインスペクションが有効化している必要がある
- ディープインスペクションを有効にした場合、SSM State Managerにて以下関連付けが作成される
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
- ディープインスペクションによるアプリケーションインベントリの収集は6時間間隔で行われる
- SSM State Managerにて
InvokeInspectorLinuxSsmPlugin-do-not-deleteを手動で関連付けすることで任意のタイミングで収集することも可能
- SSM State Managerにて
- ディープインスペクションによりスキャンされるデフォルトパスは以下
/usr/lib/usr/lib64/usr/local/lib/usr/local/lib64
- デフォルトパス以外にスキャンしたいパッケージをインストールしている場合はカスタムパスを設定する
- カスタムパスは最大5つまで定義可能
- AWS Organizationsと連携している場合は組織全体に適用するカスタムパスをさらに5つ設定可能
- カスタムパスはローカルパスである必要があるため、NFSやSMBでマウントしているパスはスキャンしない
- カスタムパスは256文字以内で設定する必要がある
- 最大パッケージインベントリ収集時間の制限は15分
- 2023/4/20時点ではLinuxインスタンスのみ
- 2023/4/20時点でディープインスペクションにより検出可能なプログラミング言語のパッケージは以下
- Java
- JavaScript
- Python
/opt/aws/inspector/var/output/packages.txtにディープインスペクションによって検出されたパッケージのパスなどの情報が出力される/var/log/amazon/inspector/配下にSSMプラグインのログが出力される- ディープインスペクション有効化による追加料金はなし
プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出する仕組み
プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出する仕組みとしては2023/4/17に追加されたディープインスペクションという機能を使用します。
ディープインスペクションはAmazon InspectorのSSMプラグインから収集されたデータを使用して詳細な検査スキャンを実行します。
2023/4/20時点ではLinuxインスタンスのみになります。ディープインスペクションを有効化するとSSM State Managerにて以下関連付けが作成されます。
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
前者がAmazon InspectorのSSMプラグインのインストール、後者がSSMプラグインを実行する関連付けです。
こちらの関連付けは6時間ごとに実行され、アプリケーションインベントリを収集します。
Amazon InspectorのSSMプラグインは/opt/aws/inspector/bin/inspectorssmpluginにインストールされます。
2023/4/20時点でディープインスペクションにより検出可能なプログラミング言語のパッケージは以下の通りです。
- Java
- JavaScript
- Python
最新のプログラミング言語のリストはSupported programming languages: Amazon EC2 Deep inspectionをご覧ください。
ディープインスペクションによりスキャンされるデフォルトパスは以下の通りです。こちらのパス配下にインストールされたパッケージがスキャンされます。
/usr/lib/usr/lib64/usr/local/lib/usr/local/lib64
デフォルトパス以外にスキャンしたいパッケージをインストールしている場合はカスタムパスを設定します。
カスタムパスは最大5つまで定義可能です。ただし、AWS Organizationsと連携している場合は組織全体に適用するカスタムパスをさらに5つ設定可能なので、実質最大では10個までカスタムパスを指定することが可能です。
なお、カスタムパスはローカルパスである必要があります。あまりないと思いますが、NFSやSMBでマウントしているパスはスキャンしません。
また、カスタムパスは256文字以内で設定する必要があるので注意しましょう。
その他にも最大パッケージインベントリ収集時間の制限は15分であったり、インスタンス毎のパッケージ数は5,000個までといった制限があります。
ディープインスペクションの詳細は以下AWS公式ドキュメントをご覧ください。
また、ディープインスペクション有効化による追加料金はありません。安心して使いましょう。
やってみた
ディープインスペクションの有効化
まず、ディープインスペクションを有効になっているかを確認します。
ディープインスペクションが有効になっているかはAmazon Inspectorのコンソールのアカウント管理から確認できます。
現在はAmazon EC2 スキャンがActivated (Deep inspection deactivated)となっていることからディープインスペクションが有効になっていないことが分かります。
それではディープインスペクションを有効化しましょう。
その前にディープインスペクションを有効化するとSSM State Managerにて以下関連付けが作成されるため、こちらの関連付けが事前にないことを確認しておきます。
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
ディープインスペクションを有効化する際はアカウント管理のActivate the deep inspectionをクリックします。
するとAmazon EC2 スキャンがActivated (Deep inspection deactivated)からActivatedに変わりました。
有効後のSSM State Managerを確認します。
以下関連付けが作成さていますね。
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
それぞれの詳細は以下の通りです。どちらも6時間ごとに実行するようになっています。
InvokeInspectorLinuxSsmPlugin-do-not-delete
こちらの関連付けのドキュメントAmazonInspector2-InvokeInspectorSsmPluginLinuxは以下の通りです。Linux用のAmazon InspectorのSSMプラグインを呼び出していることが分かります。
{
"schemaVersion": "2.2",
"description": "Invokes inspector ssm plugin for linux",
"parameters": {
"Timeout": {
"type": "String",
"description": "Timeout in seconds for inspector ssm plugin",
"default": "900",
"allowedPattern": "^([0-9]|[1-9][0-9]+)$"
},
"CpuLimit": {
"type": "String",
"description": "Cpu usage limit in percentage for inspector ssm plugin",
"default": "65",
"allowedPattern": "^([1-9]|[1-9][0-9])$|^(100)$"
}
},
"mainSteps": [
{
"action": "aws:runShellScript",
"name": "invokeInspectorSsmPluginLinux",
"precondition": {
"StringEquals": [
"platformType",
"Linux"
]
},
"inputs": {
"runCommand": [
"#!/bin/bash",
"#",
"# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.",
"#",
"",
"set -x",
"",
"function fail {",
" echo $1",
" echo $1 >&2",
" exit 1",
"}",
"",
"function retry {",
" local attempt=0",
" local max_attempts=5",
" local delay=60",
" while",
" \"$1\" && break || {",
" ((attempt++))",
" echo \"Waiting for $delay second(s) before retrying...\"",
" sleep $delay;",
" }",
" [[ $attempt -lt $max_attempts ]]",
" do :; done",
" if [[ $attempt -eq $max_attempts ]]; then",
" echo \"Retries completed after $attempt attempts.\"",
" fail \"$2\"",
" fi",
"}",
"",
"INSPECTOR_ROOT_DIR=\"/opt/aws/inspector\"",
"INSPECTOR_SSM_PLUGIN=\"$INSPECTOR_ROOT_DIR/bin/inspectorssmplugin\"",
"INSPECTOR_OUTPUT_DIR=\"$INSPECTOR_ROOT_DIR/var/output\"",
"",
"TIMEOUT=\"{{Timeout}}\"",
"CPU_LIMIT=\"{{CpuLimit}}\"",
"",
"function is_installed {",
" if [[ ! -f $INSPECTOR_SSM_PLUGIN ]]; then",
" echo \"$INSPECTOR_SSM_PLUGIN does not exist\"",
" (exit 1)",
" else",
" echo \"$INSPECTOR_SSM_PLUGIN exist\"",
" fi",
"}",
"",
"echo \"Checking the installation of inspector ssm plugin...\"",
"retry is_installed \"Inspector ssm plugin is not installed. Exiting...\"",
"echo \"Inspector ssm plugin is installed.\"",
"",
"echo \"Starting evaluation using inspector ssm plugin\"",
"cmd=\"$INSPECTOR_SSM_PLUGIN -mode bpm -read-params-store -report-ssm-inventory -report-metrics-via-ssm-inventory -save-findings-as $INSPECTOR_OUTPUT_DIR/packages.txt -format text -timeout $(($TIMEOUT)) -cpulimit $(($CPU_LIMIT))\"",
"$cmd",
"status=$?",
"if [ $status -eq 0 ]",
"then",
" echo \"Inspector ssm plugin linux ran successfully\"",
" exit 0",
"else",
" fail \"Inspector ssm plugin did not run successfully\"",
"fi"
]
}
}
]
}
InspectorLinuxDistributor-do-not-delete
こちらの関連付けのドキュメントAmazonInspector2-ConfigureInspectorSsmPluginLinuxは以下の通りです。Amazon InspectorのSSMプラグインを設定していることが分かります。
{
"schemaVersion": "2.2",
"description": "Install or uninstall a Distributor package.",
"parameters": {
"action": {
"description": "(Required) Specify whether or not to install or uninstall the package.",
"type": "String",
"allowedValues": [
"Install",
"Uninstall"
]
},
"installationType": {
"description": "(Optional) Specify the type of installation. Uninstall and reinstall: The application is taken offline until the reinstallation process completes. In-place update: The application is available while new or updated files are added to the installation.",
"type": "String",
"allowedValues": [
"Uninstall and reinstall",
"In-place update"
],
"default": "Uninstall and reinstall"
},
"name": {
"description": "(Required) The package to install/uninstall.",
"type": "String",
"allowedPattern": "^arn:[a-z0-9][-.a-z0-9]{0,62}:[a-z0-9][-.a-z0-9]{0,62}:([a-z0-9][-.a-z0-9]{0,62})?:([a-z0-9][-.a-z0-9]{0,62})?:(package|document)\\/[a-zA-Z0-9/:.\\-_]{1,128}$|^[a-zA-Z0-9/:.\\-_]{1,128}$"
},
"version": {
"description": "(Optional) The version of the package to install or uninstall. If you don't specify a version, the system installs the latest published version by default. The system will only attempt to uninstall the version that is currently installed. If no version of the package is installed, the system returns an error.",
"type": "String",
"default": ""
},
"additionalArguments": {
"description": "(Optional) The additional parameters to provide to your install, uninstall, or update scripts.",
"type": "StringMap",
"displayType": "textarea",
"default": {},
"maxChars": 4096
}
},
"mainSteps": [
{
"action": "aws:configurePackage",
"precondition": {
"StringEquals": [
"platformType",
"Linux"
]
},
"name": "configurePackage",
"inputs": {
"name": "{{ name }}",
"action": "{{ action }}",
"installationType": "{{installationType}}",
"version": "{{ version }}",
"additionalArguments": "{{ additionalArguments }}"
}
}
]
}
なお、2023/4/17以降にAmazon InspectorでEC2スキャンを有効化した場合は、自動でディープインスペクションも有効化されるようです。
Deep inspection is automatically activated as part of Amazon EC2 scanning for accounts that activate Amazon Inspector after April 17, 2023.
Scanning Amazon EC2 instances with Amazon Inspector - Amazon Inspector
npmで脆弱性のあるパッケージをインストール
ディープインスペクションの有効化ができたため、実際に動作確認をしてみます。
Amazon Linux 2023のEC2インスタンスでNode.jsをインストールします。
$ sudo dnf install nodejs -y
Last metadata expiration check: 1 day, 16:34:05 ago on Tue Apr 18 07:20:05 2023.
Dependencies resolved.
======================================================================================================================================================================
Package Architecture Version Repository Size
======================================================================================================================================================================
Installing:
nodejs x86_64 1:18.12.1-1.amzn2023.0.3 amazonlinux 99 k
Installing dependencies:
libbrotli x86_64 1.0.9-4.amzn2023.0.2 amazonlinux 315 k
nodejs-libs x86_64 1:18.12.1-1.amzn2023.0.3 amazonlinux 14 M
Installing weak dependencies:
nodejs-docs noarch 1:18.12.1-1.amzn2023.0.3 amazonlinux 7.2 M
nodejs-full-i18n x86_64 1:18.12.1-1.amzn2023.0.3 amazonlinux 8.2 M
npm x86_64 1:8.19.2-1.18.12.1.1.amzn2023.0.3 amazonlinux 2.0 M
Transaction Summary
======================================================================================================================================================================
Install 6 Packages
Total download size: 31 M
Installed size: 168 M
Downloading Packages:
(1/6): libbrotli-1.0.9-4.amzn2023.0.2.x86_64.rpm 4.9 MB/s | 315 kB 00:00
(2/6): npm-8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64.rpm 15 MB/s | 2.0 MB 00:00
(3/6): nodejs-18.12.1-1.amzn2023.0.3.x86_64.rpm 1.4 MB/s | 99 kB 00:00
(4/6): nodejs-libs-18.12.1-1.amzn2023.0.3.x86_64.rpm 56 MB/s | 14 MB 00:00
(5/6): nodejs-full-i18n-18.12.1-1.amzn2023.0.3.x86_64.rpm 21 MB/s | 8.2 MB 00:00
(6/6): nodejs-docs-18.12.1-1.amzn2023.0.3.noarch.rpm 27 MB/s | 7.2 MB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 58 MB/s | 31 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : nodejs-docs-1:18.12.1-1.amzn2023.0.3.noarch 1/6
Installing : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 2/6
Installing : nodejs-libs-1:18.12.1-1.amzn2023.0.3.x86_64 3/6
Installing : npm-1:8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64 4/6
Installing : nodejs-1:18.12.1-1.amzn2023.0.3.x86_64 5/6
Installing : nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 6/6
Running scriptlet: nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 6/6
Verifying : nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 1/6
Verifying : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 2/6
Verifying : npm-1:8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64 3/6
Verifying : nodejs-libs-1:18.12.1-1.amzn2023.0.3.x86_64 4/6
Verifying : nodejs-1:18.12.1-1.amzn2023.0.3.x86_64 5/6
Verifying : nodejs-docs-1:18.12.1-1.amzn2023.0.3.noarch 6/6
======================================================================================================================================================================
WARNING:
A newer release of "Amazon Linux" is available.
Available Versions:
Version 2023.0.20230419:
Run the following command to upgrade to 2023.0.20230419:
dnf upgrade --releasever=2023.0.20230419
Release notes:
https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes.html
======================================================================================================================================================================
Installed:
libbrotli-1.0.9-4.amzn2023.0.2.x86_64 nodejs-1:18.12.1-1.amzn2023.0.3.x86_64 nodejs-docs-1:18.12.1-1.amzn2023.0.3.noarch
nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 nodejs-libs-1:18.12.1-1.amzn2023.0.3.x86_64 npm-1:8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64
Complete!
一緒にnpmもインストールされましたね。
npmで脆弱性のあるパッケージをインストールします。
今回はdecode-uri-componentの0.2.0をインストールします。
# decode-uri-component 0.2.0 をインストール $ npm install decode-uri-component@0.2.0 added 1 package, and audited 2 packages in 586ms 1 high severity vulnerability To address all issues, run: npm audit fix Run `npm audit` for details. npm notice npm notice New major version of npm available! 8.19.2 -> 9.6.5 npm notice Changelog: https://github.com/npm/cli/releases/tag/v9.6.5 npm notice Run npm install -g npm@9.6.5 to update! npm notice # 脆弱性があることを確認 $ npm audit # npm audit report decode-uri-component <0.2.1 Severity: high decode-uri-component vulnerable to Denial of Service (DoS) - https://github.com/advisories/GHSA-w573-4hg7-7wgq fix available via `npm audit fix` node_modules/decode-uri-component 1 high severity vulnerability To address all issues, run: npm audit fix
重要度(Severity)がhighであることが分かりますね。
手動によるスキャン
脆弱性のあるパッケージをインストールしたため、ディープインスペクションにより検出してみます。
流石に6時間も待てないので手動でアプリケーションインベントリを収集して、検出できるか確認します。
InvokeInspectorLinuxSsmPlugin-do-not-deleteの関連付けを選択して、適用します。
適用後、Amazon Inspectorのコンソールで対象EC2インスタンスの検出結果を確認します。
しかし、インストールした脆弱性のあるパッケージdecode-uri-componentは検出されませんでした。
それはそのはず、こちらのパッケージをインストールしたパスはディープインスペクションのデフォルトパスに含まれていないためです。
$ pwd /home/ec2-user $ ls -l total 12 drwxr-xr-x. 3 ec2-user ec2-user 60 Apr 20 00:35 node_modules -rw-r--r--. 1 ec2-user ec2-user 833 Apr 20 00:35 package-lock.json -rw-r--r--. 1 ec2-user ec2-user 65 Apr 20 00:35 package.json -rw-r--r--. 1 ec2-user ec2-user 5 Mar 21 07:07 test-file -rw-r--r--. 1 ec2-user ec2-user 0 Mar 21 07:03 test_20230321_065126
カスタムパスの追加
今回パッケージをインストールしたパスをスキャンするようにカスタムパスを追加します。
Amazon InspectorのコンソールのEC2スキャン設定からCustom paths for your own accountの編集をクリックします。
今回パッケージをインストールしたパス/home/ec2-userを指定して保存をクリックします。
/home/ec2-userがカスタムパスとして設定されたことを確認します。
手動によるスキャン (2回目)
下準備ができたため再度手動でスキャンします。
InvokeInspectorLinuxSsmPlugin-do-not-deleteの関連付け適用後、Amazon Inspectorのコンソールで対象EC2インスタンスの検出結果を確認します。
npmでインストールしたdecode-uri-componentが検出されていますね。
タイトルをクリックすると、以下のようにCVEやインストール済みのバージョン、修正済みのバージョンなど様々な情報を確認することができます。
SSMプラグインの実行結果や各種ログの確認
以降、SSMプラグインの実行結果や各種ログを確認します。
InvokeInspectorLinuxSsmPlugin-do-not-delete適用時のSSM Run CommandのOutputは以下のようになっていました。
Checking the installation of inspector ssm plugin... /opt/aws/inspector/bin/inspectorssmplugin exist Inspector ssm plugin is installed. Starting evaluation using inspector ssm plugin InspectorDataPath= /opt/aws/inspector/var InspectorInputRoot= /opt/aws/inspector/var/input InspectorOutputRoot= /opt/aws/inspector/var/output InspectorLogsRoot= /var/log/amazon/inspector Inspector ssm plugin linux ran successfully
Linux向けのSSM プラグインが正常に実行できていそうですね。
SSMプラグインが収集した情報を管理するパスである/opt/aws/inspector/var/inputや/opt/aws/inspector/var/outputを確認します。
$ ls -lR /opt/aws/inspector/var/ /opt/aws/inspector/var/: total 0 drwxr-xr-x. 2 root root 6 Apr 16 04:54 input drwxr-xr-x. 2 root root 26 Apr 20 00:19 output /opt/aws/inspector/var/input: total 0 /opt/aws/inspector/var/output: total 28 -rwxr-xr-x. 1 root root 27850 Apr 20 07:08 packages.txt
/opt/aws/inspector/var/output/packages.txtが出力されていますね。こちらにはディープインスペクションによって検出されたパッケージのパスなどの情報が出力されています。実際に確認してみましょう。
$ cat /opt/aws/inspector/var/output/packages.txt #name version sha1 language pkgType purl location @colors/colors 1.5.0 javascript npm pkg:npm/%40colors%2Fcolors@1.5.0 /usr/lib/node_modules/npm/node_modules/@colors/colors/package.json @gar/promisify 1.1.3 javascript npm pkg:npm/%40gar%2Fpromisify@1.1.3 /usr/lib/node_modules/npm/node_modules/@gar/promisify/package.json @isaacs/string-locale-compare 1.1.0 javascript npm pkg:npm/%40isaacs%2Fstring-locale-compare@1.1.0 /usr/lib/node_modules/npm/node_modules/@isaacs/string-locale-compare/package.json @npmcli/arborist 5.6.2 javascript npm pkg:npm/%40npmcli%2Farborist@5.6.2 /usr/lib/node_modules/npm/node_modules/@npmcli/arborist/package.json @npmcli/ci-detect 2.0.0 javascript npm pkg:npm/%40npmcli%2Fci-detect@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/ci-detect/package.json @npmcli/config 4.2.2 javascript npm pkg:npm/%40npmcli%2Fconfig@4.2.2 /usr/lib/node_modules/npm/node_modules/@npmcli/config/package.json @npmcli/disparity-colors 2.0.0 javascript npm pkg:npm/%40npmcli%2Fdisparity-colors@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/disparity-colors/package.json @npmcli/fs 2.1.2 javascript npm pkg:npm/%40npmcli%2Ffs@2.1.2 /usr/lib/node_modules/npm/node_modules/@npmcli/fs/package.json @npmcli/git 3.0.2 javascript npm pkg:npm/%40npmcli%2Fgit@3.0.2 /usr/lib/node_modules/npm/node_modules/@npmcli/git/package.json @npmcli/installed-package-contents 1.0.7 javascript npm pkg:npm/%40npmcli%2Finstalled-package-contents@1.0.7 /usr/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/package.json @npmcli/map-workspaces 2.0.4 javascript npm pkg:npm/%40npmcli%2Fmap-workspaces@2.0.4 /usr/lib/node_modules/npm/node_modules/@npmcli/map-workspaces/package.json @npmcli/metavuln-calculator 3.1.1 javascript npm pkg:npm/%40npmcli%2Fmetavuln-calculator@3.1.1 /usr/lib/node_modules/npm/node_modules/@npmcli/metavuln-calculator/package.json @npmcli/move-file 2.0.1 javascript npm pkg:npm/%40npmcli%2Fmove-file@2.0.1 /usr/lib/node_modules/npm/node_modules/@npmcli/move-file/package.json @npmcli/name-from-folder 1.0.1 javascript npm pkg:npm/%40npmcli%2Fname-from-folder@1.0.1 /usr/lib/node_modules/npm/node_modules/@npmcli/name-from-folder/package.json @npmcli/node-gyp 2.0.0 javascript npm pkg:npm/%40npmcli%2Fnode-gyp@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/node-gyp/package.json @npmcli/package-json 2.0.0 javascript npm pkg:npm/%40npmcli%2Fpackage-json@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/package-json/package.json @npmcli/promise-spawn 3.0.0 javascript npm pkg:npm/%40npmcli%2Fpromise-spawn@3.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/promise-spawn/package.json @npmcli/query 1.2.0 javascript npm pkg:npm/%40npmcli%2Fquery@1.2.0 /usr/lib/node_modules/npm/node_modules/@npmcli/query/package.json @npmcli/run-script 4.2.1 javascript npm pkg:npm/%40npmcli%2Frun-script@4.2.1 /usr/lib/node_modules/npm/node_modules/@npmcli/run-script/package.json @tootallnate/once 2.0.0 javascript npm pkg:npm/%40tootallnate%2Fonce@2.0.0 /usr/lib/node_modules/npm/node_modules/@tootallnate/once/package.json abbrev 1.1.1 javascript npm pkg:npm/abbrev@1.1.1 /usr/lib/node_modules/npm/node_modules/abbrev/package.json agent-base 6.0.2 javascript npm pkg:npm/agent-base@6.0.2 /usr/lib/node_modules/npm/node_modules/agent-base/package.json agentkeepalive 4.2.1 javascript npm pkg:npm/agentkeepalive@4.2.1 /usr/lib/node_modules/npm/node_modules/agentkeepalive/package.json aggregate-error 3.1.0 javascript npm pkg:npm/aggregate-error@3.1.0 /usr/lib/node_modules/npm/node_modules/aggregate-error/package.json ansi-regex 5.0.1 javascript npm pkg:npm/ansi-regex@5.0.1 /usr/lib/node_modules/npm/node_modules/ansi-regex/package.json ansi-styles 4.3.0 javascript npm pkg:npm/ansi-styles@4.3.0 /usr/lib/node_modules/npm/node_modules/ansi-styles/package.json aproba 2.0.0 javascript npm pkg:npm/aproba@2.0.0 /usr/lib/node_modules/npm/node_modules/aproba/package.json archy 1.0.0 javascript npm pkg:npm/archy@1.0.0 /usr/lib/node_modules/npm/node_modules/archy/package.json are-we-there-yet 3.0.1 javascript npm pkg:npm/are-we-there-yet@3.0.1 /usr/lib/node_modules/npm/node_modules/are-we-there-yet/package.json asap 2.0.6 javascript npm pkg:npm/asap@2.0.6 /usr/lib/node_modules/npm/node_modules/asap/package.json balanced-match 1.0.2 javascript npm pkg:npm/balanced-match@1.0.2 /usr/lib/node_modules/npm/node_modules/balanced-match/package.json bin-links 3.0.3 javascript npm pkg:npm/bin-links@3.0.3 /usr/lib/node_modules/npm/node_modules/bin-links/package.json binary-extensions 2.2.0 javascript npm pkg:npm/binary-extensions@2.2.0 /usr/lib/node_modules/npm/node_modules/binary-extensions/package.json brace-expansion 1.1.11 javascript npm pkg:npm/brace-expansion@1.1.11 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/brace-expansion/package.json brace-expansion 1.1.11 javascript npm pkg:npm/brace-expansion@1.1.11 /usr/lib/node_modules/npm/node_modules/rimraf/node_modules/brace-expansion/package.json brace-expansion 2.0.1 javascript npm pkg:npm/brace-expansion@2.0.1 /usr/lib/node_modules/npm/node_modules/brace-expansion/package.json builtins 5.0.1 javascript npm pkg:npm/builtins@5.0.1 /usr/lib/node_modules/npm/node_modules/builtins/package.json cacache 16.1.3 javascript npm pkg:npm/cacache@16.1.3 /usr/lib/node_modules/npm/node_modules/cacache/package.json chalk 4.1.2 javascript npm pkg:npm/chalk@4.1.2 /usr/lib/node_modules/npm/node_modules/chalk/package.json chownr 2.0.0 javascript npm pkg:npm/chownr@2.0.0 /usr/lib/node_modules/npm/node_modules/chownr/package.json cidr-regex 3.1.1 javascript npm pkg:npm/cidr-regex@3.1.1 /usr/lib/node_modules/npm/node_modules/cidr-regex/package.json clean-stack 2.2.0 javascript npm pkg:npm/clean-stack@2.2.0 /usr/lib/node_modules/npm/node_modules/clean-stack/package.json cli-columns 4.0.0 javascript npm pkg:npm/cli-columns@4.0.0 /usr/lib/node_modules/npm/node_modules/cli-columns/package.json cli-table3 0.6.2 javascript npm pkg:npm/cli-table3@0.6.2 /usr/lib/node_modules/npm/node_modules/cli-table3/package.json clone 1.0.4 javascript npm pkg:npm/clone@1.0.4 /usr/lib/node_modules/npm/node_modules/clone/package.json cmd-shim 5.0.0 javascript npm pkg:npm/cmd-shim@5.0.0 /usr/lib/node_modules/npm/node_modules/cmd-shim/package.json color-convert 2.0.1 javascript npm pkg:npm/color-convert@2.0.1 /usr/lib/node_modules/npm/node_modules/color-convert/package.json color-name 1.1.4 javascript npm pkg:npm/color-name@1.1.4 /usr/lib/node_modules/npm/node_modules/color-name/package.json color-support 1.1.3 javascript npm pkg:npm/color-support@1.1.3 /usr/lib/node_modules/npm/node_modules/color-support/package.json columnify 1.6.0 javascript npm pkg:npm/columnify@1.6.0 /usr/lib/node_modules/npm/node_modules/columnify/package.json common-ancestor-path 1.0.1 javascript npm pkg:npm/common-ancestor-path@1.0.1 /usr/lib/node_modules/npm/node_modules/common-ancestor-path/package.json concat-map 0.0.1 javascript npm pkg:npm/concat-map@0.0.1 /usr/lib/node_modules/npm/node_modules/concat-map/package.json console-control-strings 1.1.0 javascript npm pkg:npm/console-control-strings@1.1.0 /usr/lib/node_modules/npm/node_modules/console-control-strings/package.json cssesc 3.0.0 javascript npm pkg:npm/cssesc@3.0.0 /usr/lib/node_modules/npm/node_modules/cssesc/package.json debug 4.3.4 javascript npm pkg:npm/debug@4.3.4 /usr/lib/node_modules/npm/node_modules/debug/package.json debuglog 1.0.1 javascript npm pkg:npm/debuglog@1.0.1 /usr/lib/node_modules/npm/node_modules/debuglog/package.json decode-uri-component 0.2.0 javascript npm pkg:npm/decode-uri-component@0.2.0 /home/ec2-user/node_modules/decode-uri-component/package.json defaults 1.0.3 javascript npm pkg:npm/defaults@1.0.3 /usr/lib/node_modules/npm/node_modules/defaults/package.json delegates 1.0.0 javascript npm pkg:npm/delegates@1.0.0 /usr/lib/node_modules/npm/node_modules/delegates/package.json depd 1.1.2 javascript npm pkg:npm/depd@1.1.2 /usr/lib/node_modules/npm/node_modules/depd/package.json dezalgo 1.0.4 javascript npm pkg:npm/dezalgo@1.0.4 /usr/lib/node_modules/npm/node_modules/dezalgo/package.json diff 5.1.0 javascript npm pkg:npm/diff@5.1.0 /usr/lib/node_modules/npm/node_modules/diff/package.json emoji-regex 8.0.0 javascript npm pkg:npm/emoji-regex@8.0.0 /usr/lib/node_modules/npm/node_modules/emoji-regex/package.json encoding 0.1.13 javascript npm pkg:npm/encoding@0.1.13 /usr/lib/node_modules/npm/node_modules/encoding/package.json env-paths 2.2.1 javascript npm pkg:npm/env-paths@2.2.1 /usr/lib/node_modules/npm/node_modules/env-paths/package.json err-code 2.0.3 javascript npm pkg:npm/err-code@2.0.3 /usr/lib/node_modules/npm/node_modules/err-code/package.json fastest-levenshtein 1.0.12 javascript npm pkg:npm/fastest-levenshtein@1.0.12 /usr/lib/node_modules/npm/node_modules/fastest-levenshtein/package.json fs-minipass 2.1.0 javascript npm pkg:npm/fs-minipass@2.1.0 /usr/lib/node_modules/npm/node_modules/fs-minipass/package.json fs.realpath 1.0.0 javascript npm pkg:npm/fs.realpath@1.0.0 /usr/lib/node_modules/npm/node_modules/fs.realpath/package.json function-bind 1.1.1 javascript npm pkg:npm/function-bind@1.1.1 /usr/lib/node_modules/npm/node_modules/function-bind/package.json gauge 4.0.4 javascript npm pkg:npm/gauge@4.0.4 /usr/lib/node_modules/npm/node_modules/gauge/package.json glob 7.2.3 javascript npm pkg:npm/glob@7.2.3 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/glob/package.json glob 7.2.3 javascript npm pkg:npm/glob@7.2.3 /usr/lib/node_modules/npm/node_modules/rimraf/node_modules/glob/package.json glob 8.0.3 javascript npm pkg:npm/glob@8.0.3 /usr/lib/node_modules/npm/node_modules/glob/package.json graceful-fs 4.2.10 javascript npm pkg:npm/graceful-fs@4.2.10 /usr/lib/node_modules/npm/node_modules/graceful-fs/package.json has 1.0.3 javascript npm pkg:npm/has@1.0.3 /usr/lib/node_modules/npm/node_modules/has/package.json has-flag 4.0.0 javascript npm pkg:npm/has-flag@4.0.0 /usr/lib/node_modules/npm/node_modules/has-flag/package.json has-unicode 2.0.1 javascript npm pkg:npm/has-unicode@2.0.1 /usr/lib/node_modules/npm/node_modules/has-unicode/package.json hosted-git-info 5.1.0 javascript npm pkg:npm/hosted-git-info@5.1.0 /usr/lib/node_modules/npm/node_modules/hosted-git-info/package.json http-cache-semantics 4.1.1 javascript npm pkg:npm/http-cache-semantics@4.1.1 /usr/lib/node_modules/npm/node_modules/http-cache-semantics/package.json http-proxy-agent 5.0.0 javascript npm pkg:npm/http-proxy-agent@5.0.0 /usr/lib/node_modules/npm/node_modules/http-proxy-agent/package.json https-proxy-agent 5.0.1 javascript npm pkg:npm/https-proxy-agent@5.0.1 /usr/lib/node_modules/npm/node_modules/https-proxy-agent/package.json humanize-ms 1.2.1 javascript npm pkg:npm/humanize-ms@1.2.1 /usr/lib/node_modules/npm/node_modules/humanize-ms/package.json iconv-lite 0.6.3 javascript npm pkg:npm/iconv-lite@0.6.3 /usr/lib/node_modules/npm/node_modules/iconv-lite/package.json ignore-walk 5.0.1 javascript npm pkg:npm/ignore-walk@5.0.1 /usr/lib/node_modules/npm/node_modules/ignore-walk/package.json imurmurhash 0.1.4 javascript npm pkg:npm/imurmurhash@0.1.4 /usr/lib/node_modules/npm/node_modules/imurmurhash/package.json indent-string 4.0.0 javascript npm pkg:npm/indent-string@4.0.0 /usr/lib/node_modules/npm/node_modules/indent-string/package.json infer-owner 1.0.4 javascript npm pkg:npm/infer-owner@1.0.4 /usr/lib/node_modules/npm/node_modules/infer-owner/package.json inflight 1.0.6 javascript npm pkg:npm/inflight@1.0.6 /usr/lib/node_modules/npm/node_modules/inflight/package.json inherits 2.0.4 javascript npm pkg:npm/inherits@2.0.4 /usr/lib/node_modules/npm/node_modules/inherits/package.json ini 3.0.1 javascript npm pkg:npm/ini@3.0.1 /usr/lib/node_modules/npm/node_modules/ini/package.json init-package-json 3.0.2 javascript npm pkg:npm/init-package-json@3.0.2 /usr/lib/node_modules/npm/node_modules/init-package-json/package.json ip 2.0.0 javascript npm pkg:npm/ip@2.0.0 /usr/lib/node_modules/npm/node_modules/ip/package.json ip-regex 4.3.0 javascript npm pkg:npm/ip-regex@4.3.0 /usr/lib/node_modules/npm/node_modules/ip-regex/package.json is-cidr 4.0.2 javascript npm pkg:npm/is-cidr@4.0.2 /usr/lib/node_modules/npm/node_modules/is-cidr/package.json is-core-module 2.10.0 javascript npm pkg:npm/is-core-module@2.10.0 /usr/lib/node_modules/npm/node_modules/is-core-module/package.json is-fullwidth-code-point 3.0.0 javascript npm pkg:npm/is-fullwidth-code-point@3.0.0 /usr/lib/node_modules/npm/node_modules/is-fullwidth-code-point/package.json is-lambda 1.0.1 javascript npm pkg:npm/is-lambda@1.0.1 /usr/lib/node_modules/npm/node_modules/is-lambda/package.json isexe 2.0.0 javascript npm pkg:npm/isexe@2.0.0 /usr/lib/node_modules/npm/node_modules/isexe/package.json json-parse-even-better-errors 2.3.1 javascript npm pkg:npm/json-parse-even-better-errors@2.3.1 /usr/lib/node_modules/npm/node_modules/json-parse-even-better-errors/package.json json-stringify-nice 1.1.4 javascript npm pkg:npm/json-stringify-nice@1.1.4 /usr/lib/node_modules/npm/node_modules/json-stringify-nice/package.json jsonparse 1.3.1 javascript npm pkg:npm/jsonparse@1.3.1 /usr/lib/node_modules/npm/node_modules/jsonparse/package.json just-diff 5.1.1 javascript npm pkg:npm/just-diff@5.1.1 /usr/lib/node_modules/npm/node_modules/just-diff/package.json just-diff-apply 5.4.1 javascript npm pkg:npm/just-diff-apply@5.4.1 /usr/lib/node_modules/npm/node_modules/just-diff-apply/package.json libnpmaccess 6.0.4 javascript npm pkg:npm/libnpmaccess@6.0.4 /usr/lib/node_modules/npm/node_modules/libnpmaccess/package.json libnpmdiff 4.0.5 javascript npm pkg:npm/libnpmdiff@4.0.5 /usr/lib/node_modules/npm/node_modules/libnpmdiff/package.json libnpmexec 4.0.13 javascript npm pkg:npm/libnpmexec@4.0.13 /usr/lib/node_modules/npm/node_modules/libnpmexec/package.json libnpmfund 3.0.4 javascript npm pkg:npm/libnpmfund@3.0.4 /usr/lib/node_modules/npm/node_modules/libnpmfund/package.json libnpmhook 8.0.4 javascript npm pkg:npm/libnpmhook@8.0.4 /usr/lib/node_modules/npm/node_modules/libnpmhook/package.json libnpmorg 4.0.4 javascript npm pkg:npm/libnpmorg@4.0.4 /usr/lib/node_modules/npm/node_modules/libnpmorg/package.json libnpmpack 4.1.3 javascript npm pkg:npm/libnpmpack@4.1.3 /usr/lib/node_modules/npm/node_modules/libnpmpack/package.json libnpmpublish 6.0.5 javascript npm pkg:npm/libnpmpublish@6.0.5 /usr/lib/node_modules/npm/node_modules/libnpmpublish/package.json libnpmsearch 5.0.4 javascript npm pkg:npm/libnpmsearch@5.0.4 /usr/lib/node_modules/npm/node_modules/libnpmsearch/package.json libnpmteam 4.0.4 javascript npm pkg:npm/libnpmteam@4.0.4 /usr/lib/node_modules/npm/node_modules/libnpmteam/package.json libnpmversion 3.0.7 javascript npm pkg:npm/libnpmversion@3.0.7 /usr/lib/node_modules/npm/node_modules/libnpmversion/package.json lru-cache 6.0.0 javascript npm pkg:npm/lru-cache@6.0.0 /usr/lib/node_modules/npm/node_modules/semver/node_modules/lru-cache/package.json lru-cache 7.13.2 javascript npm pkg:npm/lru-cache@7.13.2 /usr/lib/node_modules/npm/node_modules/lru-cache/package.json make-fetch-happen 10.2.1 javascript npm pkg:npm/make-fetch-happen@10.2.1 /usr/lib/node_modules/npm/node_modules/make-fetch-happen/package.json minimatch 3.1.2 javascript npm pkg:npm/minimatch@3.1.2 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/minimatch/package.json minimatch 3.1.2 javascript npm pkg:npm/minimatch@3.1.2 /usr/lib/node_modules/npm/node_modules/rimraf/node_modules/minimatch/package.json minimatch 5.1.0 javascript npm pkg:npm/minimatch@5.1.0 /usr/lib/node_modules/npm/node_modules/minimatch/package.json minipass 3.3.4 javascript npm pkg:npm/minipass@3.3.4 /usr/lib/node_modules/npm/node_modules/minipass/package.json minipass-collect 1.0.2 javascript npm pkg:npm/minipass-collect@1.0.2 /usr/lib/node_modules/npm/node_modules/minipass-collect/package.json minipass-fetch 2.1.1 javascript npm pkg:npm/minipass-fetch@2.1.1 /usr/lib/node_modules/npm/node_modules/minipass-fetch/package.json minipass-flush 1.0.5 javascript npm pkg:npm/minipass-flush@1.0.5 /usr/lib/node_modules/npm/node_modules/minipass-flush/package.json minipass-json-stream 1.0.1 javascript npm pkg:npm/minipass-json-stream@1.0.1 /usr/lib/node_modules/npm/node_modules/minipass-json-stream/package.json minipass-pipeline 1.2.4 javascript npm pkg:npm/minipass-pipeline@1.2.4 /usr/lib/node_modules/npm/node_modules/minipass-pipeline/package.json minipass-sized 1.0.3 javascript npm pkg:npm/minipass-sized@1.0.3 /usr/lib/node_modules/npm/node_modules/minipass-sized/package.json minizlib 2.1.2 javascript npm pkg:npm/minizlib@2.1.2 /usr/lib/node_modules/npm/node_modules/minizlib/package.json mkdirp 1.0.4 javascript npm pkg:npm/mkdirp@1.0.4 /usr/lib/node_modules/npm/node_modules/mkdirp/package.json mkdirp-infer-owner 2.0.0 javascript npm pkg:npm/mkdirp-infer-owner@2.0.0 /usr/lib/node_modules/npm/node_modules/mkdirp-infer-owner/package.json ms 2.1.2 javascript npm pkg:npm/ms@2.1.2 /usr/lib/node_modules/npm/node_modules/debug/node_modules/ms/package.json ms 2.1.3 javascript npm pkg:npm/ms@2.1.3 /usr/lib/node_modules/npm/node_modules/ms/package.json mute-stream 0.0.8 javascript npm pkg:npm/mute-stream@0.0.8 /usr/lib/node_modules/npm/node_modules/mute-stream/package.json negotiator 0.6.3 javascript npm pkg:npm/negotiator@0.6.3 /usr/lib/node_modules/npm/node_modules/negotiator/package.json node-gyp 9.1.0 javascript npm pkg:npm/node-gyp@9.1.0 /usr/lib/node_modules/npm/node_modules/node-gyp/package.json nopt 5.0.0 javascript npm pkg:npm/nopt@5.0.0 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/nopt/package.json nopt 6.0.0 javascript npm pkg:npm/nopt@6.0.0 /usr/lib/node_modules/npm/node_modules/nopt/package.json normalize-package-data 4.0.1 javascript npm pkg:npm/normalize-package-data@4.0.1 /usr/lib/node_modules/npm/node_modules/normalize-package-data/package.json npm 8.19.2 javascript npm pkg:npm/npm@8.19.2 /usr/lib/node_modules/npm/package.json npm-audit-report 3.0.0 javascript npm pkg:npm/npm-audit-report@3.0.0 /usr/lib/node_modules/npm/node_modules/npm-audit-report/package.json npm-bundled 1.1.2 javascript npm pkg:npm/npm-bundled@1.1.2 /usr/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/node_modules/npm-bundled/package.json npm-bundled 2.0.1 javascript npm pkg:npm/npm-bundled@2.0.1 /usr/lib/node_modules/npm/node_modules/npm-bundled/package.json npm-init 0.0.0 javascript npm pkg:npm/npm-init@0.0.0 /usr/lib/node_modules/npm/node_modules/promzard/example/npm-init/package.json npm-install-checks 5.0.0 javascript npm pkg:npm/npm-install-checks@5.0.0 /usr/lib/node_modules/npm/node_modules/npm-install-checks/package.json npm-normalize-package-bin 1.0.1 javascript npm pkg:npm/npm-normalize-package-bin@1.0.1 /usr/lib/node_modules/npm/node_modules/npm-normalize-package-bin/package.json npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/bin-links/node_modules/npm-normalize-package-bin/package.json npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/npm-bundled/node_modules/npm-normalize-package-bin/package.json npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/npm-packlist/node_modules/npm-normalize-package-bin/package.json npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/package.json npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/read-package-json/node_modules/npm-normalize-package-bin/package.json npm-package-arg 9.1.0 javascript npm pkg:npm/npm-package-arg@9.1.0 /usr/lib/node_modules/npm/node_modules/npm-package-arg/package.json npm-packlist 5.1.3 javascript npm pkg:npm/npm-packlist@5.1.3 /usr/lib/node_modules/npm/node_modules/npm-packlist/package.json npm-pick-manifest 7.0.2 javascript npm pkg:npm/npm-pick-manifest@7.0.2 /usr/lib/node_modules/npm/node_modules/npm-pick-manifest/package.json npm-profile 6.2.1 javascript npm pkg:npm/npm-profile@6.2.1 /usr/lib/node_modules/npm/node_modules/npm-profile/package.json npm-registry-fetch 13.3.1 javascript npm pkg:npm/npm-registry-fetch@13.3.1 /usr/lib/node_modules/npm/node_modules/npm-registry-fetch/package.json npm-user-validate 1.0.1 javascript npm pkg:npm/npm-user-validate@1.0.1 /usr/lib/node_modules/npm/node_modules/npm-user-validate/package.json npmlog 6.0.2 javascript npm pkg:npm/npmlog@6.0.2 /usr/lib/node_modules/npm/node_modules/npmlog/package.json once 1.4.0 javascript npm pkg:npm/once@1.4.0 /usr/lib/node_modules/npm/node_modules/once/package.json opener 1.5.2 javascript npm pkg:npm/opener@1.5.2 /usr/lib/node_modules/npm/node_modules/opener/package.json p-map 4.0.0 javascript npm pkg:npm/p-map@4.0.0 /usr/lib/node_modules/npm/node_modules/p-map/package.json pacote 13.6.2 javascript npm pkg:npm/pacote@13.6.2 /usr/lib/node_modules/npm/node_modules/pacote/package.json parse-conflict-json 2.0.2 javascript npm pkg:npm/parse-conflict-json@2.0.2 /usr/lib/node_modules/npm/node_modules/parse-conflict-json/package.json path-is-absolute 1.0.1 javascript npm pkg:npm/path-is-absolute@1.0.1 /usr/lib/node_modules/npm/node_modules/path-is-absolute/package.json postcss-selector-parser 6.0.10 javascript npm pkg:npm/postcss-selector-parser@6.0.10 /usr/lib/node_modules/npm/node_modules/postcss-selector-parser/package.json proc-log 2.0.1 javascript npm pkg:npm/proc-log@2.0.1 /usr/lib/node_modules/npm/node_modules/proc-log/package.json promise-all-reject-late 1.0.1 javascript npm pkg:npm/promise-all-reject-late@1.0.1 /usr/lib/node_modules/npm/node_modules/promise-all-reject-late/package.json promise-call-limit 1.0.1 javascript npm pkg:npm/promise-call-limit@1.0.1 /usr/lib/node_modules/npm/node_modules/promise-call-limit/package.json promise-inflight 1.0.1 javascript npm pkg:npm/promise-inflight@1.0.1 /usr/lib/node_modules/npm/node_modules/promise-inflight/package.json promise-retry 2.0.1 javascript npm pkg:npm/promise-retry@2.0.1 /usr/lib/node_modules/npm/node_modules/promise-retry/package.json promzard 0.3.0 javascript npm pkg:npm/promzard@0.3.0 /usr/lib/node_modules/npm/node_modules/promzard/package.json qrcode-terminal 0.12.0 javascript npm pkg:npm/qrcode-terminal@0.12.0 /usr/lib/node_modules/npm/node_modules/qrcode-terminal/package.json read 1.0.7 javascript npm pkg:npm/read@1.0.7 /usr/lib/node_modules/npm/node_modules/read/package.json read-cmd-shim 3.0.0 javascript npm pkg:npm/read-cmd-shim@3.0.0 /usr/lib/node_modules/npm/node_modules/read-cmd-shim/package.json read-package-json 5.0.2 javascript npm pkg:npm/read-package-json@5.0.2 /usr/lib/node_modules/npm/node_modules/read-package-json/package.json read-package-json-fast 2.0.3 javascript npm pkg:npm/read-package-json-fast@2.0.3 /usr/lib/node_modules/npm/node_modules/read-package-json-fast/package.json readable-stream 3.6.0 javascript npm pkg:npm/readable-stream@3.6.0 /usr/lib/node_modules/npm/node_modules/readable-stream/package.json readdir-scoped-modules 1.1.0 javascript npm pkg:npm/readdir-scoped-modules@1.1.0 /usr/lib/node_modules/npm/node_modules/readdir-scoped-modules/package.json retry 0.12.0 javascript npm pkg:npm/retry@0.12.0 /usr/lib/node_modules/npm/node_modules/retry/package.json rimraf 3.0.2 javascript npm pkg:npm/rimraf@3.0.2 /usr/lib/node_modules/npm/node_modules/rimraf/package.json safe-buffer 5.2.1 javascript npm pkg:npm/safe-buffer@5.2.1 /usr/lib/node_modules/npm/node_modules/safe-buffer/package.json safer-buffer 2.1.2 javascript npm pkg:npm/safer-buffer@2.1.2 /usr/lib/node_modules/npm/node_modules/safer-buffer/package.json semver 7.3.7 javascript npm pkg:npm/semver@7.3.7 /usr/lib/node_modules/npm/node_modules/semver/package.json set-blocking 2.0.0 javascript npm pkg:npm/set-blocking@2.0.0 /usr/lib/node_modules/npm/node_modules/set-blocking/package.json signal-exit 3.0.7 javascript npm pkg:npm/signal-exit@3.0.7 /usr/lib/node_modules/npm/node_modules/signal-exit/package.json smart-buffer 4.2.0 javascript npm pkg:npm/smart-buffer@4.2.0 /usr/lib/node_modules/npm/node_modules/smart-buffer/package.json socks 2.7.0 javascript npm pkg:npm/socks@2.7.0 /usr/lib/node_modules/npm/node_modules/socks/package.json socks-proxy-agent 7.0.0 javascript npm pkg:npm/socks-proxy-agent@7.0.0 /usr/lib/node_modules/npm/node_modules/socks-proxy-agent/package.json spdx-correct 3.1.1 javascript npm pkg:npm/spdx-correct@3.1.1 /usr/lib/node_modules/npm/node_modules/spdx-correct/package.json spdx-exceptions 2.3.0 javascript npm pkg:npm/spdx-exceptions@2.3.0 /usr/lib/node_modules/npm/node_modules/spdx-exceptions/package.json spdx-expression-parse 3.0.1 javascript npm pkg:npm/spdx-expression-parse@3.0.1 /usr/lib/node_modules/npm/node_modules/spdx-expression-parse/package.json spdx-license-ids 3.0.11 javascript npm pkg:npm/spdx-license-ids@3.0.11 /usr/lib/node_modules/npm/node_modules/spdx-license-ids/package.json ssri 9.0.1 javascript npm pkg:npm/ssri@9.0.1 /usr/lib/node_modules/npm/node_modules/ssri/package.json string-width 4.2.3 javascript npm pkg:npm/string-width@4.2.3 /usr/lib/node_modules/npm/node_modules/string-width/package.json string_decoder 1.3.0 javascript npm pkg:npm/string_decoder@1.3.0 /usr/lib/node_modules/npm/node_modules/string_decoder/package.json strip-ansi 6.0.1 javascript npm pkg:npm/strip-ansi@6.0.1 /usr/lib/node_modules/npm/node_modules/strip-ansi/package.json supports-color 7.2.0 javascript npm pkg:npm/supports-color@7.2.0 /usr/lib/node_modules/npm/node_modules/supports-color/package.json tar 6.1.11 javascript npm pkg:npm/tar@6.1.11 /usr/lib/node_modules/npm/node_modules/tar/package.json text-table 0.2.0 javascript npm pkg:npm/text-table@0.2.0 /usr/lib/node_modules/npm/node_modules/text-table/package.json tiny-relative-date 1.3.0 javascript npm pkg:npm/tiny-relative-date@1.3.0 /usr/lib/node_modules/npm/node_modules/tiny-relative-date/package.json treeverse 2.0.0 javascript npm pkg:npm/treeverse@2.0.0 /usr/lib/node_modules/npm/node_modules/treeverse/package.json unique-filename 2.0.1 javascript npm pkg:npm/unique-filename@2.0.1 /usr/lib/node_modules/npm/node_modules/unique-filename/package.json unique-slug 3.0.0 javascript npm pkg:npm/unique-slug@3.0.0 /usr/lib/node_modules/npm/node_modules/unique-slug/package.json util-deprecate 1.0.2 javascript npm pkg:npm/util-deprecate@1.0.2 /usr/lib/node_modules/npm/node_modules/util-deprecate/package.json validate-npm-package-license 3.0.4 javascript npm pkg:npm/validate-npm-package-license@3.0.4 /usr/lib/node_modules/npm/node_modules/validate-npm-package-license/package.json validate-npm-package-name 4.0.0 javascript npm pkg:npm/validate-npm-package-name@4.0.0 /usr/lib/node_modules/npm/node_modules/validate-npm-package-name/package.json walk-up-path 1.0.0 javascript npm pkg:npm/walk-up-path@1.0.0 /usr/lib/node_modules/npm/node_modules/walk-up-path/package.json wcwidth 1.0.1 javascript npm pkg:npm/wcwidth@1.0.1 /usr/lib/node_modules/npm/node_modules/wcwidth/package.json which 2.0.2 javascript npm pkg:npm/which@2.0.2 /usr/lib/node_modules/npm/node_modules/which/package.json wide-align 1.1.5 javascript npm pkg:npm/wide-align@1.1.5 /usr/lib/node_modules/npm/node_modules/wide-align/package.json wrappy 1.0.2 javascript npm pkg:npm/wrappy@1.0.2 /usr/lib/node_modules/npm/node_modules/wrappy/package.json write-file-atomic 4.0.2 javascript npm pkg:npm/write-file-atomic@4.0.2 /usr/lib/node_modules/npm/node_modules/write-file-atomic/package.json yallist 4.0.0 javascript npm pkg:npm/yallist@4.0.0 /usr/lib/node_modules/npm/node_modules/yallist/package.json
decode-uri-componentのバージョンやパスなどの情報が表示されていますね。また、デフォルトパスの/usr/lib/配下にインストールされているパッケージの情報も収集されていることが分かります。
最後に/var/log/amazon/inspector/配下に出力されるSSMプラグインのログを確認します。
$ cat /var/log/amazon/inspector/scitor.log.2023-04-20-00 Thu Apr 20 00:19:35 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:44 main.execCmd(): Version: 1.0.558.0 Thu Apr 20 00:19:35 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:45 main.execCmd(): UTC Build Time: 2023-04-16T00:33:30+0000 Thu Apr 20 00:19:35 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:59 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): bpm scan started . . (中略) . . Thu Apr 20 00:19:37 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:169 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup completed Thu Apr 20 00:44:07 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:44 main.execCmd(): Version: 1.0.558.0 Thu Apr 20 00:44:07 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:45 main.execCmd(): UTC Build Time: 2023-04-16T00:33:30+0000 Thu Apr 20 00:44:07 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:59 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): bpm scan started . . (中略) . . Thu Apr 20 00:44:09 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:144 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup started Thu Apr 20 00:44:09 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:166 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): number of log files 1 is less than or equal the limit 7 Thu Apr 20 00:44:09 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:169 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup completed Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:44 main.execCmd(): Version: 1.0.558.0 Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:45 main.execCmd(): UTC Build Time: 2023-04-16T00:33:30+0000 Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:59 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): bpm scan started Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:44 golang.a2z.com/inspectorssmplugin/identity.NewIdentity(): ec2 metadata region=us-east-1 instance-id=i-05fe2d212f05e9ed7 instance-type=t3.micro Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:82 golang.a2z.com/inspectorssmplugin/identity.(*Identity).Credentials(): use ec2 role provider for credentials Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:107 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): files system traversal depth=-1 max directories under specified root=-1 Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/pacman/pacman_linux.go:79 golang.a2z.com/inspectorssmplugin/inventory/pacman.(*PackageManager).GetPythonPackageMetadataLocation(): using '' to gather python package locations Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/pacman/pacman_linux.go:91 golang.a2z.com/inspectorssmplugin/inventory/pacman.(*PackageManager).GetPythonPackageMetadataLocation(): located '92' metadata files for python packages installed via platform package manager Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/[-.\w]+\.dist[-]info/METADATA$": "METADATA" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/[-.\w]+\.egg[-]info/PKG[-]INFO$": "INFO" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/EGG[-]INFO/PKG[-]INFO$": "INFO" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/[-.\w]+\.egg[-]info$": "info" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.war$": ".war" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.ear$": ".ear" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.par$": ".par" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/pom\.xml$": "pom.xml" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/Pipfile\.lock$": "Pipfile.lock" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.jar$": ".jar" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/package\.json$": "package.json" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/[-\w]*requirements[-\w]*\.txt$": ".txt" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/poetry[-\w]*?\.lock$": ".lock" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:37 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.CgroupsCpuControllerV2.SetLimit(): cgroups-v2: setting cpu limit '65 pct' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:74 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.isCpuControllerAvailable(): cgroups-v2 available controllers: cpuset cpu io memory hugetlb pids misc Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:102 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.isCpuControllerEnabledForChildGroup(): cgroups-v2 enabled controllers for child group: cpu memory pids Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:51 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.CgroupsCpuControllerV2.SetLimit(): cgroups-v2 succeeded setting cpu limit Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/cpulimit_linux.go:25 golang.a2z.com/inspectorssmplugin/cpulimit.LimitCpuUsage(): cpu limit for the process is set to 65 pct Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:66 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): begin enumerating files with maxDepth=-1 maxDirectories=-1 Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/home/ec2-user" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/lib" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/lib64" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/local/lib" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/local/lib64" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/home/ec2-user" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 27 directories under "/home/ec2-user" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/lib" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'configobj:5.0.6' at location '/usr/lib/python3.9/site-packages/configobj-5.0.6-py3.9.egg-info' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'sepolicy:3.4' at location '/usr/lib/python3.9/site-packages/sepolicy-3.4-py3.9.egg-info' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'aws-cfn-bootstrap:2.0' at location '/usr/lib/python3.9/site-packages/aws_cfn_bootstrap-2.0-py3.9.egg-info' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ec2-hibinit-agent:1.0.2' at location '/usr/lib/python3.9/site-packages/ec2_hibinit_agent-1.0.2-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'support-info:1.0' at location '/usr/lib/python3.9/site-packages/support_info-1.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'release-notification:1.2' at location '/usr/lib/python3.9/site-packages/release_notification-1.2-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'awscli:2.9.19' at location '/usr/lib/python3.9/site-packages/awscli-2.9.19.dist-info/METADATA' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'cloud-init:22.2.2' at location '/usr/lib/python3.9/site-packages/cloud_init-22.2.2-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jsonschema:3.2.0' at location '/usr/lib/python3.9/site-packages/jsonschema-3.2.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'attrs:20.3.0' at location '/usr/lib/python3.9/site-packages/attrs-20.3.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'requests:2.25.1' at location '/usr/lib/python3.9/site-packages/requests-2.25.1.dist-info/METADATA' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'urllib3:1.25.10' at location '/usr/lib/python3.9/site-packages/urllib3-1.25.10-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'PySocks:1.7.1' at location '/usr/lib/python3.9/site-packages/PySocks-1.7.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'oauthlib:3.0.2' at location '/usr/lib/python3.9/site-packages/oauthlib-3.0.2-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jmespath:0.10.0' at location '/usr/lib/python3.9/site-packages/jmespath-0.10.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pyserial:3.4' at location '/usr/lib/python3.9/site-packages/pyserial-3.4-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'prettytable:0.7.2' at location '/usr/lib/python3.9/site-packages/prettytable-0.7.2-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jsonpatch:1.21' at location '/usr/lib/python3.9/site-packages/jsonpatch-1.21-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jsonpointer:2.0' at location '/usr/lib/python3.9/site-packages/jsonpointer-2.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'chardet:4.0.0' at location '/usr/lib/python3.9/site-packages/chardet-4.0.0.dist-info/METADATA' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'colorama:0.4.4' at location '/usr/lib/python3.9/site-packages/colorama-0.4.4-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pycparser:2.20' at location '/usr/lib/python3.9/site-packages/pycparser-2.20-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ply:3.11' at location '/usr/lib/python3.9/site-packages/ply-3.11-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'python-daemon:2.3.0' at location '/usr/lib/python3.9/site-packages/python_daemon-2.3.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'lockfile:0.12.2' at location '/usr/lib/python3.9/site-packages/lockfile-0.12.2-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'Jinja2:2.11.3' at location '/usr/lib/python3.9/site-packages/Jinja2-2.11.3-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'Babel:2.9.1' at location '/usr/lib/python3.9/site-packages/Babel-2.9.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pytz:2022.7.1' at location '/usr/lib/python3.9/site-packages/pytz-2022.7.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'prompt-toolkit:3.0.24' at location '/usr/lib/python3.9/site-packages/prompt_toolkit-3.0.24-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'wcwidth:0.2.5' at location '/usr/lib/python3.9/site-packages/wcwidth-0.2.5-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'chevron:0.13.1' at location '/usr/lib/python3.9/site-packages/chevron-0.13.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'docutils:0.16' at location '/usr/lib/python3.9/site-packages/docutils-0.16-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'idna:2.10' at location '/usr/lib/python3.9/site-packages/idna-2.10-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ruamel.yaml:0.16.6' at location '/usr/lib/python3.9/site-packages/ruamel.yaml-0.16.6-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'python-dateutil:2.8.1' at location '/usr/lib/python3.9/site-packages/python_dateutil-2.8.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'distro:1.5.0' at location '/usr/lib/python3.9/site-packages/distro-1.5.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'six:1.15.0' at location '/usr/lib/python3.9/site-packages/six-1.15.0.dist-info/METADATA' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'setuptools:59.6.0' at location '/usr/lib/python3.9/site-packages/setuptools-59.6.0.dist-info/METADATA' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 2751 directories under "/usr/lib" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/lib64" Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'selinux:3.4' at location '/usr/lib64/python3.9/site-packages/selinux-3.4-py3.9.egg-info' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'rpm:4.16.1.3' at location '/usr/lib64/python3.9/site-packages/rpm-4.16.1.3-py3.9.egg-info' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'gpg:1.15.1' at location '/usr/lib64/python3.9/site-packages/gpg-1.15.1-py3.9.egg-info' Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'cryptography:36.0.1' at location '/usr/lib64/python3.9/site-packages/cryptography-36.0.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'cffi:1.14.5' at location '/usr/lib64/python3.9/site-packages/cffi-1.14.5-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pyrsistent:0.17.3' at location '/usr/lib64/python3.9/site-packages/pyrsistent-0.17.3-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'netifaces:0.10.6' at location '/usr/lib64/python3.9/site-packages/netifaces-0.10.6-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'PyYAML:5.4.1' at location '/usr/lib64/python3.9/site-packages/PyYAML-5.4.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'setools:4.4.0' at location '/usr/lib64/python3.9/site-packages/setools-4.4.0-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'awscrt:0.16.7' at location '/usr/lib64/python3.9/site-packages/awscrt-0.16.7.dist-info/METADATA' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'libcomps:0.1.18' at location '/usr/lib64/python3.9/site-packages/libcomps-0.1.18-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'MarkupSafe:1.1.1' at location '/usr/lib64/python3.9/site-packages/MarkupSafe-1.1.1-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ruamel.yaml.clib:0.1.2' at location '/usr/lib64/python3.9/site-packages/ruamel.yaml.clib-0.1.2-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'dbus-python:1.2.18' at location '/usr/lib64/python3.9/site-packages/dbus_python-1.2.18-py3.9.egg-info/PKG-INFO' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 290 directories under "/usr/lib64" Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/local/lib" Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 1 directories under "/usr/local/lib" Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/local/lib64" Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 2 directories under "/usr/local/lib64" Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:183 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): submitting packages findings as inventory report Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:44 golang.a2z.com/inspectorssmplugin/identity.NewIdentity(): ec2 metadata region=us-east-1 instance-id=i-05fe2d212f05e9ed7 instance-type=t3.micro Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:82 golang.a2z.com/inspectorssmplugin/identity.(*Identity).Credentials(): use ec2 role provider for credentials Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/bpm.go:89 golang.a2z.com/inspectorssmplugin/inventory.PackagesInventory.PublishPackages(): post inventory request for 206 packages with hash 'e76f9d788ffb60d5d4c75167339a281e' Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [ERROR] MandoSecurityContentEvaluator/inventory/inventory.go:129 golang.a2z.com/inspectorssmplugin/inventory.sendReport(): failed to report inventory via ssm PutInventory: operation error SSM: PutInventory, https response error StatusCode: 400, RequestID: 3f4cfa07-2097-4ed8-b8ba-185e0f696d9f, ItemContentMismatchException: Content hash did not match, please try again with updated Content and ContentHash. Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/bpm.go:98 golang.a2z.com/inspectorssmplugin/inventory.PackagesInventory.PublishPackages(): resend inventory request with content per service response: operation error SSM: PutInventory, https response error StatusCode: 400, RequestID: 3f4cfa07-2097-4ed8-b8ba-185e0f696d9f, ItemContentMismatchException: Content hash did not match, please try again with updated Content and ContentHash. Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/bpm.go:104 golang.a2z.com/inspectorssmplugin/inventory.PackagesInventory.PublishPackages(): succeeded posting package collection inventory item Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:44 golang.a2z.com/inspectorssmplugin/identity.NewIdentity(): ec2 metadata region=us-east-1 instance-id=i-05fe2d212f05e9ed7 instance-type=t3.micro Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:82 golang.a2z.com/inspectorssmplugin/identity.(*Identity).Credentials(): use ec2 role provider for credentials Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:359 golang.a2z.com/inspectorssmplugin/cmd.logStats(): scan elapsed(ms)=199 directories=3071 files=21427 packages=206 Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:363 golang.a2z.com/inspectorssmplugin/cmd.logStats(): scan cpu pct samples=2 histogram=[0 0 0 0 0 0 50 0 0 50] Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:367 golang.a2z.com/inspectorssmplugin/cmd.logStats(): scan mem pct samples=4 histogram=[100 0 0 0 0 0 0 0 0 0] Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:218 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): packages scan completed Thu Apr 20 00:52:34 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:144 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup started Thu Apr 20 00:52:34 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:166 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): number of log files 1 is less than or equal the limit 7 Thu Apr 20 00:52:34 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:169 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup completed
ディープインスペクションが実行されたタイミングで1回、手動でのスキャンで2回実行しているため3回分のログが1つのログファイルに出力されていました。
ログからどのパスをスキャンしたのか、各パス配下でスキャンしたディレクトリの数、スキャン対象のパス配下にインストールされているパッケージだが情報を収集しなかったものなどの情報を確認できますね。
プログラミング言語のパッケージマネージャーを使用している場合は今すぐ有効化しよう
Amazon Inspectorがプログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになったアップデートを紹介しました。
追加料金もかからないですし、プログラミング言語のパッケージマネージャーを使用している場合は今すぐディープインスペクションを有効化して損はなさそうですね。
今後はPHPやRubyなど対応言語が増えると良いですね。
ただ、SSMプラグインを実行すると指定したパス配下を走査するため、当然ながらCPUやメモリ使用率に影響があるかと想像します。そのため、カスタムパスを/など非常に広い範囲にしてしまうと大量のディレクトリをスキャンすることになるため控えた方が良いと考えます。
この記事が誰かの助けになれば幸いです。
以上、AWS事業本部 コンサルティング部の のんピ(@non____97)でした!
