npmやpipでインストールしたパッケージの脆弱性を検出したいな
こんにちは、のんピ(@non____97)です。
皆さんはAmazon Inspectorがプログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになりましたでnpmやpipでインストールしたパッケージの脆弱性を検出したいなと思ったことはありますか? 私はあります。
従来Amazon Inspectorで検出できる脆弱性はyumやdnf、aptなどのOSのパッケージマネージャーでインストールされたパッケージのみでした。
本日、アップデートによって追加されたディープインスペクションなる新機能にて、プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになりました。
これにより、npmやpipなどでインストールしたパッケージについての脆弱性も検出できます。
これはアツい。
早速試してみたので紹介します。
いきなりまとめ
- プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出するためにはディープインスペクションが有効化している必要がある
- ディープインスペクションを有効にした場合、SSM State Managerにて以下関連付けが作成される
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
- ディープインスペクションによるアプリケーションインベントリの収集は6時間間隔で行われる
- SSM State Managerにて
InvokeInspectorLinuxSsmPlugin-do-not-deleteを手動で関連付けすることで任意のタイミングで収集することも可能
- SSM State Managerにて
- ディープインスペクションによりスキャンされるデフォルトパスは以下
/usr/lib/usr/lib64/usr/local/lib/usr/local/lib64
- デフォルトパス以外にスキャンしたいパッケージをインストールしている場合はカスタムパスを設定する
- カスタムパスは最大5つまで定義可能
- AWS Organizationsと連携している場合は組織全体に適用するカスタムパスをさらに5つ設定可能
- カスタムパスはローカルパスである必要があるため、NFSやSMBでマウントしているパスはスキャンしない
- カスタムパスは256文字以内で設定する必要がある
- 最大パッケージインベントリ収集時間の制限は15分
- 2023/4/20時点ではLinuxインスタンスのみ
- 2023/4/20時点でディープインスペクションにより検出可能なプログラミング言語のパッケージは以下
- Java
- JavaScript
- Python
/opt/aws/inspector/var/output/packages.txtにディープインスペクションによって検出されたパッケージのパスなどの情報が出力される/var/log/amazon/inspector/配下にSSMプラグインのログが出力される- ディープインスペクション有効化による追加料金はなし
プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出する仕組み
プログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出する仕組みとしては2023/4/17に追加されたディープインスペクションという機能を使用します。
ディープインスペクションはAmazon InspectorのSSMプラグインから収集されたデータを使用して詳細な検査スキャンを実行します。
2023/4/20時点ではLinuxインスタンスのみになります。ディープインスペクションを有効化するとSSM State Managerにて以下関連付けが作成されます。
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
前者がAmazon InspectorのSSMプラグインのインストール、後者がSSMプラグインを実行する関連付けです。
こちらの関連付けは6時間ごとに実行され、アプリケーションインベントリを収集します。
Amazon InspectorのSSMプラグインは/opt/aws/inspector/bin/inspectorssmpluginにインストールされます。
2023/4/20時点でディープインスペクションにより検出可能なプログラミング言語のパッケージは以下の通りです。
- Java
- JavaScript
- Python
最新のプログラミング言語のリストはSupported programming languages: Amazon EC2 Deep inspectionをご覧ください。
ディープインスペクションによりスキャンされるデフォルトパスは以下の通りです。こちらのパス配下にインストールされたパッケージがスキャンされます。
/usr/lib/usr/lib64/usr/local/lib/usr/local/lib64
デフォルトパス以外にスキャンしたいパッケージをインストールしている場合はカスタムパスを設定します。
カスタムパスは最大5つまで定義可能です。ただし、AWS Organizationsと連携している場合は組織全体に適用するカスタムパスをさらに5つ設定可能なので、実質最大では10個までカスタムパスを指定することが可能です。
なお、カスタムパスはローカルパスである必要があります。あまりないと思いますが、NFSやSMBでマウントしているパスはスキャンしません。
また、カスタムパスは256文字以内で設定する必要があるので注意しましょう。
その他にも最大パッケージインベントリ収集時間の制限は15分であったり、インスタンス毎のパッケージ数は5,000個までといった制限があります。
ディープインスペクションの詳細は以下AWS公式ドキュメントをご覧ください。
また、ディープインスペクション有効化による追加料金はありません。安心して使いましょう。
やってみた
ディープインスペクションの有効化
まず、ディープインスペクションを有効になっているかを確認します。
ディープインスペクションが有効になっているかはAmazon Inspectorのコンソールのアカウント管理から確認できます。
現在はAmazon EC2 スキャンがActivated (Deep inspection deactivated)となっていることからディープインスペクションが有効になっていないことが分かります。
それではディープインスペクションを有効化しましょう。
その前にディープインスペクションを有効化するとSSM State Managerにて以下関連付けが作成されるため、こちらの関連付けが事前にないことを確認しておきます。
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
ディープインスペクションを有効化する際はアカウント管理のActivate the deep inspectionをクリックします。
するとAmazon EC2 スキャンがActivated (Deep inspection deactivated)からActivatedに変わりました。
有効後のSSM State Managerを確認します。
以下関連付けが作成さていますね。
InspectorLinuxDistributor-do-not-deleteInvokeInspectorLinuxSsmPlugin-do-not-delete
それぞれの詳細は以下の通りです。どちらも6時間ごとに実行するようになっています。
InvokeInspectorLinuxSsmPlugin-do-not-delete
こちらの関連付けのドキュメントAmazonInspector2-InvokeInspectorSsmPluginLinuxは以下の通りです。Linux用のAmazon InspectorのSSMプラグインを呼び出していることが分かります。
{
"schemaVersion": "2.2",
"description": "Invokes inspector ssm plugin for linux",
"parameters": {
"Timeout": {
"type": "String",
"description": "Timeout in seconds for inspector ssm plugin",
"default": "900",
"allowedPattern": "^([0-9]|[1-9][0-9]+)$"
},
"CpuLimit": {
"type": "String",
"description": "Cpu usage limit in percentage for inspector ssm plugin",
"default": "65",
"allowedPattern": "^([1-9]|[1-9][0-9])$|^(100)$"
}
},
"mainSteps": [
{
"action": "aws:runShellScript",
"name": "invokeInspectorSsmPluginLinux",
"precondition": {
"StringEquals": [
"platformType",
"Linux"
]
},
"inputs": {
"runCommand": [
"#!/bin/bash",
"#",
"# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.",
"#",
"",
"set -x",
"",
"function fail {",
" echo $1",
" echo $1 >&2",
" exit 1",
"}",
"",
"function retry {",
" local attempt=0",
" local max_attempts=5",
" local delay=60",
" while",
" \"$1\" && break || {",
" ((attempt++))",
" echo \"Waiting for $delay second(s) before retrying...\"",
" sleep $delay;",
" }",
" [[ $attempt -lt $max_attempts ]]",
" do :; done",
" if [[ $attempt -eq $max_attempts ]]; then",
" echo \"Retries completed after $attempt attempts.\"",
" fail \"$2\"",
" fi",
"}",
"",
"INSPECTOR_ROOT_DIR=\"/opt/aws/inspector\"",
"INSPECTOR_SSM_PLUGIN=\"$INSPECTOR_ROOT_DIR/bin/inspectorssmplugin\"",
"INSPECTOR_OUTPUT_DIR=\"$INSPECTOR_ROOT_DIR/var/output\"",
"",
"TIMEOUT=\"{{Timeout}}\"",
"CPU_LIMIT=\"{{CpuLimit}}\"",
"",
"function is_installed {",
" if [[ ! -f $INSPECTOR_SSM_PLUGIN ]]; then",
" echo \"$INSPECTOR_SSM_PLUGIN does not exist\"",
" (exit 1)",
" else",
" echo \"$INSPECTOR_SSM_PLUGIN exist\"",
" fi",
"}",
"",
"echo \"Checking the installation of inspector ssm plugin...\"",
"retry is_installed \"Inspector ssm plugin is not installed. Exiting...\"",
"echo \"Inspector ssm plugin is installed.\"",
"",
"echo \"Starting evaluation using inspector ssm plugin\"",
"cmd=\"$INSPECTOR_SSM_PLUGIN -mode bpm -read-params-store -report-ssm-inventory -report-metrics-via-ssm-inventory -save-findings-as $INSPECTOR_OUTPUT_DIR/packages.txt -format text -timeout $(($TIMEOUT)) -cpulimit $(($CPU_LIMIT))\"",
"$cmd",
"status=$?",
"if [ $status -eq 0 ]",
"then",
" echo \"Inspector ssm plugin linux ran successfully\"",
" exit 0",
"else",
" fail \"Inspector ssm plugin did not run successfully\"",
"fi"
]
}
}
]
}InspectorLinuxDistributor-do-not-delete
こちらの関連付けのドキュメントAmazonInspector2-ConfigureInspectorSsmPluginLinuxは以下の通りです。Amazon InspectorのSSMプラグインを設定していることが分かります。
{
"schemaVersion": "2.2",
"description": "Install or uninstall a Distributor package.",
"parameters": {
"action": {
"description": "(Required) Specify whether or not to install or uninstall the package.",
"type": "String",
"allowedValues": [
"Install",
"Uninstall"
]
},
"installationType": {
"description": "(Optional) Specify the type of installation. Uninstall and reinstall: The application is taken offline until the reinstallation process completes. In-place update: The application is available while new or updated files are added to the installation.",
"type": "String",
"allowedValues": [
"Uninstall and reinstall",
"In-place update"
],
"default": "Uninstall and reinstall"
},
"name": {
"description": "(Required) The package to install/uninstall.",
"type": "String",
"allowedPattern": "^arn:[a-z0-9][-.a-z0-9]{0,62}:[a-z0-9][-.a-z0-9]{0,62}:([a-z0-9][-.a-z0-9]{0,62})?:([a-z0-9][-.a-z0-9]{0,62})?:(package|document)\\/[a-zA-Z0-9/:.\\-_]{1,128}$|^[a-zA-Z0-9/:.\\-_]{1,128}$"
},
"version": {
"description": "(Optional) The version of the package to install or uninstall. If you don't specify a version, the system installs the latest published version by default. The system will only attempt to uninstall the version that is currently installed. If no version of the package is installed, the system returns an error.",
"type": "String",
"default": ""
},
"additionalArguments": {
"description": "(Optional) The additional parameters to provide to your install, uninstall, or update scripts.",
"type": "StringMap",
"displayType": "textarea",
"default": {},
"maxChars": 4096
}
},
"mainSteps": [
{
"action": "aws:configurePackage",
"precondition": {
"StringEquals": [
"platformType",
"Linux"
]
},
"name": "configurePackage",
"inputs": {
"name": "{{ name }}",
"action": "{{ action }}",
"installationType": "{{installationType}}",
"version": "{{ version }}",
"additionalArguments": "{{ additionalArguments }}"
}
}
]
}なお、2023/4/17以降にAmazon InspectorでEC2スキャンを有効化した場合は、自動でディープインスペクションも有効化されるようです。
Deep inspection is automatically activated as part of Amazon EC2 scanning for accounts that activate Amazon Inspector after April 17, 2023.
Scanning Amazon EC2 instances with Amazon Inspector - Amazon Inspector
npmで脆弱性のあるパッケージをインストール
ディープインスペクションの有効化ができたため、実際に動作確認をしてみます。
Amazon Linux 2023のEC2インスタンスでNode.jsをインストールします。
$ sudo dnf install nodejs -y
Last metadata expiration check: 1 day, 16:34:05 ago on Tue Apr 18 07:20:05 2023.
Dependencies resolved.
======================================================================================================================================================================
Package Architecture Version Repository Size
======================================================================================================================================================================
Installing:
nodejs x86_64 1:18.12.1-1.amzn2023.0.3 amazonlinux 99 k
Installing dependencies:
libbrotli x86_64 1.0.9-4.amzn2023.0.2 amazonlinux 315 k
nodejs-libs x86_64 1:18.12.1-1.amzn2023.0.3 amazonlinux 14 M
Installing weak dependencies:
nodejs-docs noarch 1:18.12.1-1.amzn2023.0.3 amazonlinux 7.2 M
nodejs-full-i18n x86_64 1:18.12.1-1.amzn2023.0.3 amazonlinux 8.2 M
npm x86_64 1:8.19.2-1.18.12.1.1.amzn2023.0.3 amazonlinux 2.0 M
Transaction Summary
======================================================================================================================================================================
Install 6 Packages
Total download size: 31 M
Installed size: 168 M
Downloading Packages:
(1/6): libbrotli-1.0.9-4.amzn2023.0.2.x86_64.rpm 4.9 MB/s | 315 kB 00:00
(2/6): npm-8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64.rpm 15 MB/s | 2.0 MB 00:00
(3/6): nodejs-18.12.1-1.amzn2023.0.3.x86_64.rpm 1.4 MB/s | 99 kB 00:00
(4/6): nodejs-libs-18.12.1-1.amzn2023.0.3.x86_64.rpm 56 MB/s | 14 MB 00:00
(5/6): nodejs-full-i18n-18.12.1-1.amzn2023.0.3.x86_64.rpm 21 MB/s | 8.2 MB 00:00
(6/6): nodejs-docs-18.12.1-1.amzn2023.0.3.noarch.rpm 27 MB/s | 7.2 MB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 58 MB/s | 31 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : nodejs-docs-1:18.12.1-1.amzn2023.0.3.noarch 1/6
Installing : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 2/6
Installing : nodejs-libs-1:18.12.1-1.amzn2023.0.3.x86_64 3/6
Installing : npm-1:8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64 4/6
Installing : nodejs-1:18.12.1-1.amzn2023.0.3.x86_64 5/6
Installing : nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 6/6
Running scriptlet: nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 6/6
Verifying : nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 1/6
Verifying : libbrotli-1.0.9-4.amzn2023.0.2.x86_64 2/6
Verifying : npm-1:8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64 3/6
Verifying : nodejs-libs-1:18.12.1-1.amzn2023.0.3.x86_64 4/6
Verifying : nodejs-1:18.12.1-1.amzn2023.0.3.x86_64 5/6
Verifying : nodejs-docs-1:18.12.1-1.amzn2023.0.3.noarch 6/6
======================================================================================================================================================================
WARNING:
A newer release of "Amazon Linux" is available.
Available Versions:
Version 2023.0.20230419:
Run the following command to upgrade to 2023.0.20230419:
dnf upgrade --releasever=2023.0.20230419
Release notes:
https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes.html
======================================================================================================================================================================
Installed:
libbrotli-1.0.9-4.amzn2023.0.2.x86_64 nodejs-1:18.12.1-1.amzn2023.0.3.x86_64 nodejs-docs-1:18.12.1-1.amzn2023.0.3.noarch
nodejs-full-i18n-1:18.12.1-1.amzn2023.0.3.x86_64 nodejs-libs-1:18.12.1-1.amzn2023.0.3.x86_64 npm-1:8.19.2-1.18.12.1.1.amzn2023.0.3.x86_64
Complete!一緒にnpmもインストールされましたね。
npmで脆弱性のあるパッケージをインストールします。
今回はdecode-uri-componentの0.2.0をインストールします。
# decode-uri-component 0.2.0 をインストール
$ npm install decode-uri-component@0.2.0
added 1 package, and audited 2 packages in 586ms
1 high severity vulnerability
To address all issues, run:
npm audit fix
Run `npm audit` for details.
npm notice
npm notice New major version of npm available! 8.19.2 -> 9.6.5
npm notice Changelog: https://github.com/npm/cli/releases/tag/v9.6.5
npm notice Run npm install -g npm@9.6.5 to update!
npm notice
# 脆弱性があることを確認
$ npm audit
# npm audit report
decode-uri-component <0.2.1
Severity: high
decode-uri-component vulnerable to Denial of Service (DoS) - https://github.com/advisories/GHSA-w573-4hg7-7wgq
fix available via `npm audit fix`
node_modules/decode-uri-component
1 high severity vulnerability
To address all issues, run:
npm audit fix重要度(Severity)がhighであることが分かりますね。
手動によるスキャン
脆弱性のあるパッケージをインストールしたため、ディープインスペクションにより検出してみます。
流石に6時間も待てないので手動でアプリケーションインベントリを収集して、検出できるか確認します。
InvokeInspectorLinuxSsmPlugin-do-not-deleteの関連付けを選択して、適用します。
適用後、Amazon Inspectorのコンソールで対象EC2インスタンスの検出結果を確認します。
しかし、インストールした脆弱性のあるパッケージdecode-uri-componentは検出されませんでした。
それはそのはず、こちらのパッケージをインストールしたパスはディープインスペクションのデフォルトパスに含まれていないためです。
$ pwd
/home/ec2-user
$ ls -l
total 12
drwxr-xr-x. 3 ec2-user ec2-user 60 Apr 20 00:35 node_modules
-rw-r--r--. 1 ec2-user ec2-user 833 Apr 20 00:35 package-lock.json
-rw-r--r--. 1 ec2-user ec2-user 65 Apr 20 00:35 package.json
-rw-r--r--. 1 ec2-user ec2-user 5 Mar 21 07:07 test-file
-rw-r--r--. 1 ec2-user ec2-user 0 Mar 21 07:03 test_20230321_065126カスタムパスの追加
今回パッケージをインストールしたパスをスキャンするようにカスタムパスを追加します。
Amazon InspectorのコンソールのEC2スキャン設定からCustom paths for your own accountの編集をクリックします。
今回パッケージをインストールしたパス/home/ec2-userを指定して保存をクリックします。
/home/ec2-userがカスタムパスとして設定されたことを確認します。
手動によるスキャン (2回目)
下準備ができたため再度手動でスキャンします。
InvokeInspectorLinuxSsmPlugin-do-not-deleteの関連付け適用後、Amazon Inspectorのコンソールで対象EC2インスタンスの検出結果を確認します。
npmでインストールしたdecode-uri-componentが検出されていますね。
タイトルをクリックすると、以下のようにCVEやインストール済みのバージョン、修正済みのバージョンなど様々な情報を確認することができます。
SSMプラグインの実行結果や各種ログの確認
以降、SSMプラグインの実行結果や各種ログを確認します。
InvokeInspectorLinuxSsmPlugin-do-not-delete適用時のSSM Run CommandのOutputは以下のようになっていました。
Checking the installation of inspector ssm plugin...
/opt/aws/inspector/bin/inspectorssmplugin exist
Inspector ssm plugin is installed.
Starting evaluation using inspector ssm plugin
InspectorDataPath= /opt/aws/inspector/var
InspectorInputRoot= /opt/aws/inspector/var/input
InspectorOutputRoot= /opt/aws/inspector/var/output
InspectorLogsRoot= /var/log/amazon/inspector
Inspector ssm plugin linux ran successfullyLinux向けのSSM プラグインが正常に実行できていそうですね。
SSMプラグインが収集した情報を管理するパスである/opt/aws/inspector/var/inputや/opt/aws/inspector/var/outputを確認します。
$ ls -lR /opt/aws/inspector/var/
/opt/aws/inspector/var/:
total 0
drwxr-xr-x. 2 root root 6 Apr 16 04:54 input
drwxr-xr-x. 2 root root 26 Apr 20 00:19 output
/opt/aws/inspector/var/input:
total 0
/opt/aws/inspector/var/output:
total 28
-rwxr-xr-x. 1 root root 27850 Apr 20 07:08 packages.txt/opt/aws/inspector/var/output/packages.txtが出力されていますね。こちらにはディープインスペクションによって検出されたパッケージのパスなどの情報が出力されています。実際に確認してみましょう。
$ cat /opt/aws/inspector/var/output/packages.txt
#name version sha1 language pkgType purl location
@colors/colors 1.5.0 javascript npm pkg:npm/%40colors%2Fcolors@1.5.0 /usr/lib/node_modules/npm/node_modules/@colors/colors/package.json
@gar/promisify 1.1.3 javascript npm pkg:npm/%40gar%2Fpromisify@1.1.3 /usr/lib/node_modules/npm/node_modules/@gar/promisify/package.json
@isaacs/string-locale-compare 1.1.0 javascript npm pkg:npm/%40isaacs%2Fstring-locale-compare@1.1.0 /usr/lib/node_modules/npm/node_modules/@isaacs/string-locale-compare/package.json
@npmcli/arborist 5.6.2 javascript npm pkg:npm/%40npmcli%2Farborist@5.6.2 /usr/lib/node_modules/npm/node_modules/@npmcli/arborist/package.json
@npmcli/ci-detect 2.0.0 javascript npm pkg:npm/%40npmcli%2Fci-detect@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/ci-detect/package.json
@npmcli/config 4.2.2 javascript npm pkg:npm/%40npmcli%2Fconfig@4.2.2 /usr/lib/node_modules/npm/node_modules/@npmcli/config/package.json
@npmcli/disparity-colors 2.0.0 javascript npm pkg:npm/%40npmcli%2Fdisparity-colors@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/disparity-colors/package.json
@npmcli/fs 2.1.2 javascript npm pkg:npm/%40npmcli%2Ffs@2.1.2 /usr/lib/node_modules/npm/node_modules/@npmcli/fs/package.json
@npmcli/git 3.0.2 javascript npm pkg:npm/%40npmcli%2Fgit@3.0.2 /usr/lib/node_modules/npm/node_modules/@npmcli/git/package.json
@npmcli/installed-package-contents 1.0.7 javascript npm pkg:npm/%40npmcli%2Finstalled-package-contents@1.0.7 /usr/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/package.json
@npmcli/map-workspaces 2.0.4 javascript npm pkg:npm/%40npmcli%2Fmap-workspaces@2.0.4 /usr/lib/node_modules/npm/node_modules/@npmcli/map-workspaces/package.json
@npmcli/metavuln-calculator 3.1.1 javascript npm pkg:npm/%40npmcli%2Fmetavuln-calculator@3.1.1 /usr/lib/node_modules/npm/node_modules/@npmcli/metavuln-calculator/package.json
@npmcli/move-file 2.0.1 javascript npm pkg:npm/%40npmcli%2Fmove-file@2.0.1 /usr/lib/node_modules/npm/node_modules/@npmcli/move-file/package.json
@npmcli/name-from-folder 1.0.1 javascript npm pkg:npm/%40npmcli%2Fname-from-folder@1.0.1 /usr/lib/node_modules/npm/node_modules/@npmcli/name-from-folder/package.json
@npmcli/node-gyp 2.0.0 javascript npm pkg:npm/%40npmcli%2Fnode-gyp@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/node-gyp/package.json
@npmcli/package-json 2.0.0 javascript npm pkg:npm/%40npmcli%2Fpackage-json@2.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/package-json/package.json
@npmcli/promise-spawn 3.0.0 javascript npm pkg:npm/%40npmcli%2Fpromise-spawn@3.0.0 /usr/lib/node_modules/npm/node_modules/@npmcli/promise-spawn/package.json
@npmcli/query 1.2.0 javascript npm pkg:npm/%40npmcli%2Fquery@1.2.0 /usr/lib/node_modules/npm/node_modules/@npmcli/query/package.json
@npmcli/run-script 4.2.1 javascript npm pkg:npm/%40npmcli%2Frun-script@4.2.1 /usr/lib/node_modules/npm/node_modules/@npmcli/run-script/package.json
@tootallnate/once 2.0.0 javascript npm pkg:npm/%40tootallnate%2Fonce@2.0.0 /usr/lib/node_modules/npm/node_modules/@tootallnate/once/package.json
abbrev 1.1.1 javascript npm pkg:npm/abbrev@1.1.1 /usr/lib/node_modules/npm/node_modules/abbrev/package.json
agent-base 6.0.2 javascript npm pkg:npm/agent-base@6.0.2 /usr/lib/node_modules/npm/node_modules/agent-base/package.json
agentkeepalive 4.2.1 javascript npm pkg:npm/agentkeepalive@4.2.1 /usr/lib/node_modules/npm/node_modules/agentkeepalive/package.json
aggregate-error 3.1.0 javascript npm pkg:npm/aggregate-error@3.1.0 /usr/lib/node_modules/npm/node_modules/aggregate-error/package.json
ansi-regex 5.0.1 javascript npm pkg:npm/ansi-regex@5.0.1 /usr/lib/node_modules/npm/node_modules/ansi-regex/package.json
ansi-styles 4.3.0 javascript npm pkg:npm/ansi-styles@4.3.0 /usr/lib/node_modules/npm/node_modules/ansi-styles/package.json
aproba 2.0.0 javascript npm pkg:npm/aproba@2.0.0 /usr/lib/node_modules/npm/node_modules/aproba/package.json
archy 1.0.0 javascript npm pkg:npm/archy@1.0.0 /usr/lib/node_modules/npm/node_modules/archy/package.json
are-we-there-yet 3.0.1 javascript npm pkg:npm/are-we-there-yet@3.0.1 /usr/lib/node_modules/npm/node_modules/are-we-there-yet/package.json
asap 2.0.6 javascript npm pkg:npm/asap@2.0.6 /usr/lib/node_modules/npm/node_modules/asap/package.json
balanced-match 1.0.2 javascript npm pkg:npm/balanced-match@1.0.2 /usr/lib/node_modules/npm/node_modules/balanced-match/package.json
bin-links 3.0.3 javascript npm pkg:npm/bin-links@3.0.3 /usr/lib/node_modules/npm/node_modules/bin-links/package.json
binary-extensions 2.2.0 javascript npm pkg:npm/binary-extensions@2.2.0 /usr/lib/node_modules/npm/node_modules/binary-extensions/package.json
brace-expansion 1.1.11 javascript npm pkg:npm/brace-expansion@1.1.11 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/brace-expansion/package.json
brace-expansion 1.1.11 javascript npm pkg:npm/brace-expansion@1.1.11 /usr/lib/node_modules/npm/node_modules/rimraf/node_modules/brace-expansion/package.json
brace-expansion 2.0.1 javascript npm pkg:npm/brace-expansion@2.0.1 /usr/lib/node_modules/npm/node_modules/brace-expansion/package.json
builtins 5.0.1 javascript npm pkg:npm/builtins@5.0.1 /usr/lib/node_modules/npm/node_modules/builtins/package.json
cacache 16.1.3 javascript npm pkg:npm/cacache@16.1.3 /usr/lib/node_modules/npm/node_modules/cacache/package.json
chalk 4.1.2 javascript npm pkg:npm/chalk@4.1.2 /usr/lib/node_modules/npm/node_modules/chalk/package.json
chownr 2.0.0 javascript npm pkg:npm/chownr@2.0.0 /usr/lib/node_modules/npm/node_modules/chownr/package.json
cidr-regex 3.1.1 javascript npm pkg:npm/cidr-regex@3.1.1 /usr/lib/node_modules/npm/node_modules/cidr-regex/package.json
clean-stack 2.2.0 javascript npm pkg:npm/clean-stack@2.2.0 /usr/lib/node_modules/npm/node_modules/clean-stack/package.json
cli-columns 4.0.0 javascript npm pkg:npm/cli-columns@4.0.0 /usr/lib/node_modules/npm/node_modules/cli-columns/package.json
cli-table3 0.6.2 javascript npm pkg:npm/cli-table3@0.6.2 /usr/lib/node_modules/npm/node_modules/cli-table3/package.json
clone 1.0.4 javascript npm pkg:npm/clone@1.0.4 /usr/lib/node_modules/npm/node_modules/clone/package.json
cmd-shim 5.0.0 javascript npm pkg:npm/cmd-shim@5.0.0 /usr/lib/node_modules/npm/node_modules/cmd-shim/package.json
color-convert 2.0.1 javascript npm pkg:npm/color-convert@2.0.1 /usr/lib/node_modules/npm/node_modules/color-convert/package.json
color-name 1.1.4 javascript npm pkg:npm/color-name@1.1.4 /usr/lib/node_modules/npm/node_modules/color-name/package.json
color-support 1.1.3 javascript npm pkg:npm/color-support@1.1.3 /usr/lib/node_modules/npm/node_modules/color-support/package.json
columnify 1.6.0 javascript npm pkg:npm/columnify@1.6.0 /usr/lib/node_modules/npm/node_modules/columnify/package.json
common-ancestor-path 1.0.1 javascript npm pkg:npm/common-ancestor-path@1.0.1 /usr/lib/node_modules/npm/node_modules/common-ancestor-path/package.json
concat-map 0.0.1 javascript npm pkg:npm/concat-map@0.0.1 /usr/lib/node_modules/npm/node_modules/concat-map/package.json
console-control-strings 1.1.0 javascript npm pkg:npm/console-control-strings@1.1.0 /usr/lib/node_modules/npm/node_modules/console-control-strings/package.json
cssesc 3.0.0 javascript npm pkg:npm/cssesc@3.0.0 /usr/lib/node_modules/npm/node_modules/cssesc/package.json
debug 4.3.4 javascript npm pkg:npm/debug@4.3.4 /usr/lib/node_modules/npm/node_modules/debug/package.json
debuglog 1.0.1 javascript npm pkg:npm/debuglog@1.0.1 /usr/lib/node_modules/npm/node_modules/debuglog/package.json
decode-uri-component 0.2.0 javascript npm pkg:npm/decode-uri-component@0.2.0 /home/ec2-user/node_modules/decode-uri-component/package.json
defaults 1.0.3 javascript npm pkg:npm/defaults@1.0.3 /usr/lib/node_modules/npm/node_modules/defaults/package.json
delegates 1.0.0 javascript npm pkg:npm/delegates@1.0.0 /usr/lib/node_modules/npm/node_modules/delegates/package.json
depd 1.1.2 javascript npm pkg:npm/depd@1.1.2 /usr/lib/node_modules/npm/node_modules/depd/package.json
dezalgo 1.0.4 javascript npm pkg:npm/dezalgo@1.0.4 /usr/lib/node_modules/npm/node_modules/dezalgo/package.json
diff 5.1.0 javascript npm pkg:npm/diff@5.1.0 /usr/lib/node_modules/npm/node_modules/diff/package.json
emoji-regex 8.0.0 javascript npm pkg:npm/emoji-regex@8.0.0 /usr/lib/node_modules/npm/node_modules/emoji-regex/package.json
encoding 0.1.13 javascript npm pkg:npm/encoding@0.1.13 /usr/lib/node_modules/npm/node_modules/encoding/package.json
env-paths 2.2.1 javascript npm pkg:npm/env-paths@2.2.1 /usr/lib/node_modules/npm/node_modules/env-paths/package.json
err-code 2.0.3 javascript npm pkg:npm/err-code@2.0.3 /usr/lib/node_modules/npm/node_modules/err-code/package.json
fastest-levenshtein 1.0.12 javascript npm pkg:npm/fastest-levenshtein@1.0.12 /usr/lib/node_modules/npm/node_modules/fastest-levenshtein/package.json
fs-minipass 2.1.0 javascript npm pkg:npm/fs-minipass@2.1.0 /usr/lib/node_modules/npm/node_modules/fs-minipass/package.json
fs.realpath 1.0.0 javascript npm pkg:npm/fs.realpath@1.0.0 /usr/lib/node_modules/npm/node_modules/fs.realpath/package.json
function-bind 1.1.1 javascript npm pkg:npm/function-bind@1.1.1 /usr/lib/node_modules/npm/node_modules/function-bind/package.json
gauge 4.0.4 javascript npm pkg:npm/gauge@4.0.4 /usr/lib/node_modules/npm/node_modules/gauge/package.json
glob 7.2.3 javascript npm pkg:npm/glob@7.2.3 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/glob/package.json
glob 7.2.3 javascript npm pkg:npm/glob@7.2.3 /usr/lib/node_modules/npm/node_modules/rimraf/node_modules/glob/package.json
glob 8.0.3 javascript npm pkg:npm/glob@8.0.3 /usr/lib/node_modules/npm/node_modules/glob/package.json
graceful-fs 4.2.10 javascript npm pkg:npm/graceful-fs@4.2.10 /usr/lib/node_modules/npm/node_modules/graceful-fs/package.json
has 1.0.3 javascript npm pkg:npm/has@1.0.3 /usr/lib/node_modules/npm/node_modules/has/package.json
has-flag 4.0.0 javascript npm pkg:npm/has-flag@4.0.0 /usr/lib/node_modules/npm/node_modules/has-flag/package.json
has-unicode 2.0.1 javascript npm pkg:npm/has-unicode@2.0.1 /usr/lib/node_modules/npm/node_modules/has-unicode/package.json
hosted-git-info 5.1.0 javascript npm pkg:npm/hosted-git-info@5.1.0 /usr/lib/node_modules/npm/node_modules/hosted-git-info/package.json
http-cache-semantics 4.1.1 javascript npm pkg:npm/http-cache-semantics@4.1.1 /usr/lib/node_modules/npm/node_modules/http-cache-semantics/package.json
http-proxy-agent 5.0.0 javascript npm pkg:npm/http-proxy-agent@5.0.0 /usr/lib/node_modules/npm/node_modules/http-proxy-agent/package.json
https-proxy-agent 5.0.1 javascript npm pkg:npm/https-proxy-agent@5.0.1 /usr/lib/node_modules/npm/node_modules/https-proxy-agent/package.json
humanize-ms 1.2.1 javascript npm pkg:npm/humanize-ms@1.2.1 /usr/lib/node_modules/npm/node_modules/humanize-ms/package.json
iconv-lite 0.6.3 javascript npm pkg:npm/iconv-lite@0.6.3 /usr/lib/node_modules/npm/node_modules/iconv-lite/package.json
ignore-walk 5.0.1 javascript npm pkg:npm/ignore-walk@5.0.1 /usr/lib/node_modules/npm/node_modules/ignore-walk/package.json
imurmurhash 0.1.4 javascript npm pkg:npm/imurmurhash@0.1.4 /usr/lib/node_modules/npm/node_modules/imurmurhash/package.json
indent-string 4.0.0 javascript npm pkg:npm/indent-string@4.0.0 /usr/lib/node_modules/npm/node_modules/indent-string/package.json
infer-owner 1.0.4 javascript npm pkg:npm/infer-owner@1.0.4 /usr/lib/node_modules/npm/node_modules/infer-owner/package.json
inflight 1.0.6 javascript npm pkg:npm/inflight@1.0.6 /usr/lib/node_modules/npm/node_modules/inflight/package.json
inherits 2.0.4 javascript npm pkg:npm/inherits@2.0.4 /usr/lib/node_modules/npm/node_modules/inherits/package.json
ini 3.0.1 javascript npm pkg:npm/ini@3.0.1 /usr/lib/node_modules/npm/node_modules/ini/package.json
init-package-json 3.0.2 javascript npm pkg:npm/init-package-json@3.0.2 /usr/lib/node_modules/npm/node_modules/init-package-json/package.json
ip 2.0.0 javascript npm pkg:npm/ip@2.0.0 /usr/lib/node_modules/npm/node_modules/ip/package.json
ip-regex 4.3.0 javascript npm pkg:npm/ip-regex@4.3.0 /usr/lib/node_modules/npm/node_modules/ip-regex/package.json
is-cidr 4.0.2 javascript npm pkg:npm/is-cidr@4.0.2 /usr/lib/node_modules/npm/node_modules/is-cidr/package.json
is-core-module 2.10.0 javascript npm pkg:npm/is-core-module@2.10.0 /usr/lib/node_modules/npm/node_modules/is-core-module/package.json
is-fullwidth-code-point 3.0.0 javascript npm pkg:npm/is-fullwidth-code-point@3.0.0 /usr/lib/node_modules/npm/node_modules/is-fullwidth-code-point/package.json
is-lambda 1.0.1 javascript npm pkg:npm/is-lambda@1.0.1 /usr/lib/node_modules/npm/node_modules/is-lambda/package.json
isexe 2.0.0 javascript npm pkg:npm/isexe@2.0.0 /usr/lib/node_modules/npm/node_modules/isexe/package.json
json-parse-even-better-errors 2.3.1 javascript npm pkg:npm/json-parse-even-better-errors@2.3.1 /usr/lib/node_modules/npm/node_modules/json-parse-even-better-errors/package.json
json-stringify-nice 1.1.4 javascript npm pkg:npm/json-stringify-nice@1.1.4 /usr/lib/node_modules/npm/node_modules/json-stringify-nice/package.json
jsonparse 1.3.1 javascript npm pkg:npm/jsonparse@1.3.1 /usr/lib/node_modules/npm/node_modules/jsonparse/package.json
just-diff 5.1.1 javascript npm pkg:npm/just-diff@5.1.1 /usr/lib/node_modules/npm/node_modules/just-diff/package.json
just-diff-apply 5.4.1 javascript npm pkg:npm/just-diff-apply@5.4.1 /usr/lib/node_modules/npm/node_modules/just-diff-apply/package.json
libnpmaccess 6.0.4 javascript npm pkg:npm/libnpmaccess@6.0.4 /usr/lib/node_modules/npm/node_modules/libnpmaccess/package.json
libnpmdiff 4.0.5 javascript npm pkg:npm/libnpmdiff@4.0.5 /usr/lib/node_modules/npm/node_modules/libnpmdiff/package.json
libnpmexec 4.0.13 javascript npm pkg:npm/libnpmexec@4.0.13 /usr/lib/node_modules/npm/node_modules/libnpmexec/package.json
libnpmfund 3.0.4 javascript npm pkg:npm/libnpmfund@3.0.4 /usr/lib/node_modules/npm/node_modules/libnpmfund/package.json
libnpmhook 8.0.4 javascript npm pkg:npm/libnpmhook@8.0.4 /usr/lib/node_modules/npm/node_modules/libnpmhook/package.json
libnpmorg 4.0.4 javascript npm pkg:npm/libnpmorg@4.0.4 /usr/lib/node_modules/npm/node_modules/libnpmorg/package.json
libnpmpack 4.1.3 javascript npm pkg:npm/libnpmpack@4.1.3 /usr/lib/node_modules/npm/node_modules/libnpmpack/package.json
libnpmpublish 6.0.5 javascript npm pkg:npm/libnpmpublish@6.0.5 /usr/lib/node_modules/npm/node_modules/libnpmpublish/package.json
libnpmsearch 5.0.4 javascript npm pkg:npm/libnpmsearch@5.0.4 /usr/lib/node_modules/npm/node_modules/libnpmsearch/package.json
libnpmteam 4.0.4 javascript npm pkg:npm/libnpmteam@4.0.4 /usr/lib/node_modules/npm/node_modules/libnpmteam/package.json
libnpmversion 3.0.7 javascript npm pkg:npm/libnpmversion@3.0.7 /usr/lib/node_modules/npm/node_modules/libnpmversion/package.json
lru-cache 6.0.0 javascript npm pkg:npm/lru-cache@6.0.0 /usr/lib/node_modules/npm/node_modules/semver/node_modules/lru-cache/package.json
lru-cache 7.13.2 javascript npm pkg:npm/lru-cache@7.13.2 /usr/lib/node_modules/npm/node_modules/lru-cache/package.json
make-fetch-happen 10.2.1 javascript npm pkg:npm/make-fetch-happen@10.2.1 /usr/lib/node_modules/npm/node_modules/make-fetch-happen/package.json
minimatch 3.1.2 javascript npm pkg:npm/minimatch@3.1.2 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/minimatch/package.json
minimatch 3.1.2 javascript npm pkg:npm/minimatch@3.1.2 /usr/lib/node_modules/npm/node_modules/rimraf/node_modules/minimatch/package.json
minimatch 5.1.0 javascript npm pkg:npm/minimatch@5.1.0 /usr/lib/node_modules/npm/node_modules/minimatch/package.json
minipass 3.3.4 javascript npm pkg:npm/minipass@3.3.4 /usr/lib/node_modules/npm/node_modules/minipass/package.json
minipass-collect 1.0.2 javascript npm pkg:npm/minipass-collect@1.0.2 /usr/lib/node_modules/npm/node_modules/minipass-collect/package.json
minipass-fetch 2.1.1 javascript npm pkg:npm/minipass-fetch@2.1.1 /usr/lib/node_modules/npm/node_modules/minipass-fetch/package.json
minipass-flush 1.0.5 javascript npm pkg:npm/minipass-flush@1.0.5 /usr/lib/node_modules/npm/node_modules/minipass-flush/package.json
minipass-json-stream 1.0.1 javascript npm pkg:npm/minipass-json-stream@1.0.1 /usr/lib/node_modules/npm/node_modules/minipass-json-stream/package.json
minipass-pipeline 1.2.4 javascript npm pkg:npm/minipass-pipeline@1.2.4 /usr/lib/node_modules/npm/node_modules/minipass-pipeline/package.json
minipass-sized 1.0.3 javascript npm pkg:npm/minipass-sized@1.0.3 /usr/lib/node_modules/npm/node_modules/minipass-sized/package.json
minizlib 2.1.2 javascript npm pkg:npm/minizlib@2.1.2 /usr/lib/node_modules/npm/node_modules/minizlib/package.json
mkdirp 1.0.4 javascript npm pkg:npm/mkdirp@1.0.4 /usr/lib/node_modules/npm/node_modules/mkdirp/package.json
mkdirp-infer-owner 2.0.0 javascript npm pkg:npm/mkdirp-infer-owner@2.0.0 /usr/lib/node_modules/npm/node_modules/mkdirp-infer-owner/package.json
ms 2.1.2 javascript npm pkg:npm/ms@2.1.2 /usr/lib/node_modules/npm/node_modules/debug/node_modules/ms/package.json
ms 2.1.3 javascript npm pkg:npm/ms@2.1.3 /usr/lib/node_modules/npm/node_modules/ms/package.json
mute-stream 0.0.8 javascript npm pkg:npm/mute-stream@0.0.8 /usr/lib/node_modules/npm/node_modules/mute-stream/package.json
negotiator 0.6.3 javascript npm pkg:npm/negotiator@0.6.3 /usr/lib/node_modules/npm/node_modules/negotiator/package.json
node-gyp 9.1.0 javascript npm pkg:npm/node-gyp@9.1.0 /usr/lib/node_modules/npm/node_modules/node-gyp/package.json
nopt 5.0.0 javascript npm pkg:npm/nopt@5.0.0 /usr/lib/node_modules/npm/node_modules/node-gyp/node_modules/nopt/package.json
nopt 6.0.0 javascript npm pkg:npm/nopt@6.0.0 /usr/lib/node_modules/npm/node_modules/nopt/package.json
normalize-package-data 4.0.1 javascript npm pkg:npm/normalize-package-data@4.0.1 /usr/lib/node_modules/npm/node_modules/normalize-package-data/package.json
npm 8.19.2 javascript npm pkg:npm/npm@8.19.2 /usr/lib/node_modules/npm/package.json
npm-audit-report 3.0.0 javascript npm pkg:npm/npm-audit-report@3.0.0 /usr/lib/node_modules/npm/node_modules/npm-audit-report/package.json
npm-bundled 1.1.2 javascript npm pkg:npm/npm-bundled@1.1.2 /usr/lib/node_modules/npm/node_modules/@npmcli/installed-package-contents/node_modules/npm-bundled/package.json
npm-bundled 2.0.1 javascript npm pkg:npm/npm-bundled@2.0.1 /usr/lib/node_modules/npm/node_modules/npm-bundled/package.json
npm-init 0.0.0 javascript npm pkg:npm/npm-init@0.0.0 /usr/lib/node_modules/npm/node_modules/promzard/example/npm-init/package.json
npm-install-checks 5.0.0 javascript npm pkg:npm/npm-install-checks@5.0.0 /usr/lib/node_modules/npm/node_modules/npm-install-checks/package.json
npm-normalize-package-bin 1.0.1 javascript npm pkg:npm/npm-normalize-package-bin@1.0.1 /usr/lib/node_modules/npm/node_modules/npm-normalize-package-bin/package.json
npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/bin-links/node_modules/npm-normalize-package-bin/package.json
npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/npm-bundled/node_modules/npm-normalize-package-bin/package.json
npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/npm-packlist/node_modules/npm-normalize-package-bin/package.json
npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/npm-pick-manifest/node_modules/npm-normalize-package-bin/package.json
npm-normalize-package-bin 2.0.0 javascript npm pkg:npm/npm-normalize-package-bin@2.0.0 /usr/lib/node_modules/npm/node_modules/read-package-json/node_modules/npm-normalize-package-bin/package.json
npm-package-arg 9.1.0 javascript npm pkg:npm/npm-package-arg@9.1.0 /usr/lib/node_modules/npm/node_modules/npm-package-arg/package.json
npm-packlist 5.1.3 javascript npm pkg:npm/npm-packlist@5.1.3 /usr/lib/node_modules/npm/node_modules/npm-packlist/package.json
npm-pick-manifest 7.0.2 javascript npm pkg:npm/npm-pick-manifest@7.0.2 /usr/lib/node_modules/npm/node_modules/npm-pick-manifest/package.json
npm-profile 6.2.1 javascript npm pkg:npm/npm-profile@6.2.1 /usr/lib/node_modules/npm/node_modules/npm-profile/package.json
npm-registry-fetch 13.3.1 javascript npm pkg:npm/npm-registry-fetch@13.3.1 /usr/lib/node_modules/npm/node_modules/npm-registry-fetch/package.json
npm-user-validate 1.0.1 javascript npm pkg:npm/npm-user-validate@1.0.1 /usr/lib/node_modules/npm/node_modules/npm-user-validate/package.json
npmlog 6.0.2 javascript npm pkg:npm/npmlog@6.0.2 /usr/lib/node_modules/npm/node_modules/npmlog/package.json
once 1.4.0 javascript npm pkg:npm/once@1.4.0 /usr/lib/node_modules/npm/node_modules/once/package.json
opener 1.5.2 javascript npm pkg:npm/opener@1.5.2 /usr/lib/node_modules/npm/node_modules/opener/package.json
p-map 4.0.0 javascript npm pkg:npm/p-map@4.0.0 /usr/lib/node_modules/npm/node_modules/p-map/package.json
pacote 13.6.2 javascript npm pkg:npm/pacote@13.6.2 /usr/lib/node_modules/npm/node_modules/pacote/package.json
parse-conflict-json 2.0.2 javascript npm pkg:npm/parse-conflict-json@2.0.2 /usr/lib/node_modules/npm/node_modules/parse-conflict-json/package.json
path-is-absolute 1.0.1 javascript npm pkg:npm/path-is-absolute@1.0.1 /usr/lib/node_modules/npm/node_modules/path-is-absolute/package.json
postcss-selector-parser 6.0.10 javascript npm pkg:npm/postcss-selector-parser@6.0.10 /usr/lib/node_modules/npm/node_modules/postcss-selector-parser/package.json
proc-log 2.0.1 javascript npm pkg:npm/proc-log@2.0.1 /usr/lib/node_modules/npm/node_modules/proc-log/package.json
promise-all-reject-late 1.0.1 javascript npm pkg:npm/promise-all-reject-late@1.0.1 /usr/lib/node_modules/npm/node_modules/promise-all-reject-late/package.json
promise-call-limit 1.0.1 javascript npm pkg:npm/promise-call-limit@1.0.1 /usr/lib/node_modules/npm/node_modules/promise-call-limit/package.json
promise-inflight 1.0.1 javascript npm pkg:npm/promise-inflight@1.0.1 /usr/lib/node_modules/npm/node_modules/promise-inflight/package.json
promise-retry 2.0.1 javascript npm pkg:npm/promise-retry@2.0.1 /usr/lib/node_modules/npm/node_modules/promise-retry/package.json
promzard 0.3.0 javascript npm pkg:npm/promzard@0.3.0 /usr/lib/node_modules/npm/node_modules/promzard/package.json
qrcode-terminal 0.12.0 javascript npm pkg:npm/qrcode-terminal@0.12.0 /usr/lib/node_modules/npm/node_modules/qrcode-terminal/package.json
read 1.0.7 javascript npm pkg:npm/read@1.0.7 /usr/lib/node_modules/npm/node_modules/read/package.json
read-cmd-shim 3.0.0 javascript npm pkg:npm/read-cmd-shim@3.0.0 /usr/lib/node_modules/npm/node_modules/read-cmd-shim/package.json
read-package-json 5.0.2 javascript npm pkg:npm/read-package-json@5.0.2 /usr/lib/node_modules/npm/node_modules/read-package-json/package.json
read-package-json-fast 2.0.3 javascript npm pkg:npm/read-package-json-fast@2.0.3 /usr/lib/node_modules/npm/node_modules/read-package-json-fast/package.json
readable-stream 3.6.0 javascript npm pkg:npm/readable-stream@3.6.0 /usr/lib/node_modules/npm/node_modules/readable-stream/package.json
readdir-scoped-modules 1.1.0 javascript npm pkg:npm/readdir-scoped-modules@1.1.0 /usr/lib/node_modules/npm/node_modules/readdir-scoped-modules/package.json
retry 0.12.0 javascript npm pkg:npm/retry@0.12.0 /usr/lib/node_modules/npm/node_modules/retry/package.json
rimraf 3.0.2 javascript npm pkg:npm/rimraf@3.0.2 /usr/lib/node_modules/npm/node_modules/rimraf/package.json
safe-buffer 5.2.1 javascript npm pkg:npm/safe-buffer@5.2.1 /usr/lib/node_modules/npm/node_modules/safe-buffer/package.json
safer-buffer 2.1.2 javascript npm pkg:npm/safer-buffer@2.1.2 /usr/lib/node_modules/npm/node_modules/safer-buffer/package.json
semver 7.3.7 javascript npm pkg:npm/semver@7.3.7 /usr/lib/node_modules/npm/node_modules/semver/package.json
set-blocking 2.0.0 javascript npm pkg:npm/set-blocking@2.0.0 /usr/lib/node_modules/npm/node_modules/set-blocking/package.json
signal-exit 3.0.7 javascript npm pkg:npm/signal-exit@3.0.7 /usr/lib/node_modules/npm/node_modules/signal-exit/package.json
smart-buffer 4.2.0 javascript npm pkg:npm/smart-buffer@4.2.0 /usr/lib/node_modules/npm/node_modules/smart-buffer/package.json
socks 2.7.0 javascript npm pkg:npm/socks@2.7.0 /usr/lib/node_modules/npm/node_modules/socks/package.json
socks-proxy-agent 7.0.0 javascript npm pkg:npm/socks-proxy-agent@7.0.0 /usr/lib/node_modules/npm/node_modules/socks-proxy-agent/package.json
spdx-correct 3.1.1 javascript npm pkg:npm/spdx-correct@3.1.1 /usr/lib/node_modules/npm/node_modules/spdx-correct/package.json
spdx-exceptions 2.3.0 javascript npm pkg:npm/spdx-exceptions@2.3.0 /usr/lib/node_modules/npm/node_modules/spdx-exceptions/package.json
spdx-expression-parse 3.0.1 javascript npm pkg:npm/spdx-expression-parse@3.0.1 /usr/lib/node_modules/npm/node_modules/spdx-expression-parse/package.json
spdx-license-ids 3.0.11 javascript npm pkg:npm/spdx-license-ids@3.0.11 /usr/lib/node_modules/npm/node_modules/spdx-license-ids/package.json
ssri 9.0.1 javascript npm pkg:npm/ssri@9.0.1 /usr/lib/node_modules/npm/node_modules/ssri/package.json
string-width 4.2.3 javascript npm pkg:npm/string-width@4.2.3 /usr/lib/node_modules/npm/node_modules/string-width/package.json
string_decoder 1.3.0 javascript npm pkg:npm/string_decoder@1.3.0 /usr/lib/node_modules/npm/node_modules/string_decoder/package.json
strip-ansi 6.0.1 javascript npm pkg:npm/strip-ansi@6.0.1 /usr/lib/node_modules/npm/node_modules/strip-ansi/package.json
supports-color 7.2.0 javascript npm pkg:npm/supports-color@7.2.0 /usr/lib/node_modules/npm/node_modules/supports-color/package.json
tar 6.1.11 javascript npm pkg:npm/tar@6.1.11 /usr/lib/node_modules/npm/node_modules/tar/package.json
text-table 0.2.0 javascript npm pkg:npm/text-table@0.2.0 /usr/lib/node_modules/npm/node_modules/text-table/package.json
tiny-relative-date 1.3.0 javascript npm pkg:npm/tiny-relative-date@1.3.0 /usr/lib/node_modules/npm/node_modules/tiny-relative-date/package.json
treeverse 2.0.0 javascript npm pkg:npm/treeverse@2.0.0 /usr/lib/node_modules/npm/node_modules/treeverse/package.json
unique-filename 2.0.1 javascript npm pkg:npm/unique-filename@2.0.1 /usr/lib/node_modules/npm/node_modules/unique-filename/package.json
unique-slug 3.0.0 javascript npm pkg:npm/unique-slug@3.0.0 /usr/lib/node_modules/npm/node_modules/unique-slug/package.json
util-deprecate 1.0.2 javascript npm pkg:npm/util-deprecate@1.0.2 /usr/lib/node_modules/npm/node_modules/util-deprecate/package.json
validate-npm-package-license 3.0.4 javascript npm pkg:npm/validate-npm-package-license@3.0.4 /usr/lib/node_modules/npm/node_modules/validate-npm-package-license/package.json
validate-npm-package-name 4.0.0 javascript npm pkg:npm/validate-npm-package-name@4.0.0 /usr/lib/node_modules/npm/node_modules/validate-npm-package-name/package.json
walk-up-path 1.0.0 javascript npm pkg:npm/walk-up-path@1.0.0 /usr/lib/node_modules/npm/node_modules/walk-up-path/package.json
wcwidth 1.0.1 javascript npm pkg:npm/wcwidth@1.0.1 /usr/lib/node_modules/npm/node_modules/wcwidth/package.json
which 2.0.2 javascript npm pkg:npm/which@2.0.2 /usr/lib/node_modules/npm/node_modules/which/package.json
wide-align 1.1.5 javascript npm pkg:npm/wide-align@1.1.5 /usr/lib/node_modules/npm/node_modules/wide-align/package.json
wrappy 1.0.2 javascript npm pkg:npm/wrappy@1.0.2 /usr/lib/node_modules/npm/node_modules/wrappy/package.json
write-file-atomic 4.0.2 javascript npm pkg:npm/write-file-atomic@4.0.2 /usr/lib/node_modules/npm/node_modules/write-file-atomic/package.json
yallist 4.0.0 javascript npm pkg:npm/yallist@4.0.0 /usr/lib/node_modules/npm/node_modules/yallist/package.jsondecode-uri-componentのバージョンやパスなどの情報が表示されていますね。また、デフォルトパスの/usr/lib/配下にインストールされているパッケージの情報も収集されていることが分かります。
最後に/var/log/amazon/inspector/配下に出力されるSSMプラグインのログを確認します。
$ cat /var/log/amazon/inspector/scitor.log.2023-04-20-00
Thu Apr 20 00:19:35 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:44 main.execCmd(): Version: 1.0.558.0
Thu Apr 20 00:19:35 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:45 main.execCmd(): UTC Build Time: 2023-04-16T00:33:30+0000
Thu Apr 20 00:19:35 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:59 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): bpm scan started
.
.
(中略)
.
.
Thu Apr 20 00:19:37 2023 UTC scitor 26417-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:169 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup completed
Thu Apr 20 00:44:07 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:44 main.execCmd(): Version: 1.0.558.0
Thu Apr 20 00:44:07 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:45 main.execCmd(): UTC Build Time: 2023-04-16T00:33:30+0000
Thu Apr 20 00:44:07 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:59 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): bpm scan started
.
.
(中略)
.
.
Thu Apr 20 00:44:09 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:144 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup started
Thu Apr 20 00:44:09 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:166 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): number of log files 1 is less than or equal the limit 7
Thu Apr 20 00:44:09 2023 UTC scitor 27912-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:169 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup completed
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:44 main.execCmd(): Version: 1.0.558.0
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/main.go:45 main.execCmd(): UTC Build Time: 2023-04-16T00:33:30+0000
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:59 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): bpm scan started
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:44 golang.a2z.com/inspectorssmplugin/identity.NewIdentity(): ec2 metadata region=us-east-1 instance-id=i-05fe2d212f05e9ed7 instance-type=t3.micro
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:82 golang.a2z.com/inspectorssmplugin/identity.(*Identity).Credentials(): use ec2 role provider for credentials
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:107 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): files system traversal depth=-1 max directories under specified root=-1
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/pacman/pacman_linux.go:79 golang.a2z.com/inspectorssmplugin/inventory/pacman.(*PackageManager).GetPythonPackageMetadataLocation(): using '' to gather python package locations
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/pacman/pacman_linux.go:91 golang.a2z.com/inspectorssmplugin/inventory/pacman.(*PackageManager).GetPythonPackageMetadataLocation(): located '92' metadata files for python packages installed via platform package manager
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/[-.\w]+\.dist[-]info/METADATA$": "METADATA"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/[-.\w]+\.egg[-]info/PKG[-]INFO$": "INFO"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/EGG[-]INFO/PKG[-]INFO$": "INFO"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/[-.\w]+\.egg[-]info$": "info"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.war$": ".war"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.ear$": ".ear"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.par$": ".par"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/pom\.xml$": "pom.xml"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/Pipfile\.lock$": "Pipfile.lock"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/.*\.jar$": ".jar"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^/.*/package\.json$": "package.json"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/[-\w]*requirements[-\w]*\.txt$": ".txt"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:165 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).initialize(): extracted suffix from pattern "^(?:/.*)?/poetry[-\w]*?\.lock$": ".lock"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:37 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.CgroupsCpuControllerV2.SetLimit(): cgroups-v2: setting cpu limit '65 pct'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:74 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.isCpuControllerAvailable(): cgroups-v2 available controllers: cpuset cpu io memory hugetlb pids misc
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:102 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.isCpuControllerEnabledForChildGroup(): cgroups-v2 enabled controllers for child group: cpu memory pids
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/internal/cgroups/cgroupsv2_linux.go:51 golang.a2z.com/inspectorssmplugin/cpulimit/internal/cgroups.CgroupsCpuControllerV2.SetLimit(): cgroups-v2 succeeded setting cpu limit
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cpulimit/cpulimit_linux.go:25 golang.a2z.com/inspectorssmplugin/cpulimit.LimitCpuUsage(): cpu limit for the process is set to 65 pct
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:66 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): begin enumerating files with maxDepth=-1 maxDirectories=-1
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/home/ec2-user"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/lib"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/lib64"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/local/lib"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:68 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): root path: "/usr/local/lib64"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/home/ec2-user"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 27 directories under "/home/ec2-user"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/lib"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'configobj:5.0.6' at location '/usr/lib/python3.9/site-packages/configobj-5.0.6-py3.9.egg-info'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'sepolicy:3.4' at location '/usr/lib/python3.9/site-packages/sepolicy-3.4-py3.9.egg-info'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'aws-cfn-bootstrap:2.0' at location '/usr/lib/python3.9/site-packages/aws_cfn_bootstrap-2.0-py3.9.egg-info'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ec2-hibinit-agent:1.0.2' at location '/usr/lib/python3.9/site-packages/ec2_hibinit_agent-1.0.2-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'support-info:1.0' at location '/usr/lib/python3.9/site-packages/support_info-1.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'release-notification:1.2' at location '/usr/lib/python3.9/site-packages/release_notification-1.2-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'awscli:2.9.19' at location '/usr/lib/python3.9/site-packages/awscli-2.9.19.dist-info/METADATA'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'cloud-init:22.2.2' at location '/usr/lib/python3.9/site-packages/cloud_init-22.2.2-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jsonschema:3.2.0' at location '/usr/lib/python3.9/site-packages/jsonschema-3.2.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'attrs:20.3.0' at location '/usr/lib/python3.9/site-packages/attrs-20.3.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'requests:2.25.1' at location '/usr/lib/python3.9/site-packages/requests-2.25.1.dist-info/METADATA'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'urllib3:1.25.10' at location '/usr/lib/python3.9/site-packages/urllib3-1.25.10-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'PySocks:1.7.1' at location '/usr/lib/python3.9/site-packages/PySocks-1.7.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'oauthlib:3.0.2' at location '/usr/lib/python3.9/site-packages/oauthlib-3.0.2-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jmespath:0.10.0' at location '/usr/lib/python3.9/site-packages/jmespath-0.10.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pyserial:3.4' at location '/usr/lib/python3.9/site-packages/pyserial-3.4-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'prettytable:0.7.2' at location '/usr/lib/python3.9/site-packages/prettytable-0.7.2-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jsonpatch:1.21' at location '/usr/lib/python3.9/site-packages/jsonpatch-1.21-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'jsonpointer:2.0' at location '/usr/lib/python3.9/site-packages/jsonpointer-2.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'chardet:4.0.0' at location '/usr/lib/python3.9/site-packages/chardet-4.0.0.dist-info/METADATA'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'colorama:0.4.4' at location '/usr/lib/python3.9/site-packages/colorama-0.4.4-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pycparser:2.20' at location '/usr/lib/python3.9/site-packages/pycparser-2.20-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ply:3.11' at location '/usr/lib/python3.9/site-packages/ply-3.11-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'python-daemon:2.3.0' at location '/usr/lib/python3.9/site-packages/python_daemon-2.3.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'lockfile:0.12.2' at location '/usr/lib/python3.9/site-packages/lockfile-0.12.2-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'Jinja2:2.11.3' at location '/usr/lib/python3.9/site-packages/Jinja2-2.11.3-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'Babel:2.9.1' at location '/usr/lib/python3.9/site-packages/Babel-2.9.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pytz:2022.7.1' at location '/usr/lib/python3.9/site-packages/pytz-2022.7.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'prompt-toolkit:3.0.24' at location '/usr/lib/python3.9/site-packages/prompt_toolkit-3.0.24-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'wcwidth:0.2.5' at location '/usr/lib/python3.9/site-packages/wcwidth-0.2.5-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'chevron:0.13.1' at location '/usr/lib/python3.9/site-packages/chevron-0.13.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'docutils:0.16' at location '/usr/lib/python3.9/site-packages/docutils-0.16-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'idna:2.10' at location '/usr/lib/python3.9/site-packages/idna-2.10-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ruamel.yaml:0.16.6' at location '/usr/lib/python3.9/site-packages/ruamel.yaml-0.16.6-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'python-dateutil:2.8.1' at location '/usr/lib/python3.9/site-packages/python_dateutil-2.8.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'distro:1.5.0' at location '/usr/lib/python3.9/site-packages/distro-1.5.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'six:1.15.0' at location '/usr/lib/python3.9/site-packages/six-1.15.0.dist-info/METADATA'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'setuptools:59.6.0' at location '/usr/lib/python3.9/site-packages/setuptools-59.6.0.dist-info/METADATA'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 2751 directories under "/usr/lib"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/lib64"
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'selinux:3.4' at location '/usr/lib64/python3.9/site-packages/selinux-3.4-py3.9.egg-info'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'rpm:4.16.1.3' at location '/usr/lib64/python3.9/site-packages/rpm-4.16.1.3-py3.9.egg-info'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'gpg:1.15.1' at location '/usr/lib64/python3.9/site-packages/gpg-1.15.1-py3.9.egg-info'
Thu Apr 20 00:52:32 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'cryptography:36.0.1' at location '/usr/lib64/python3.9/site-packages/cryptography-36.0.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'cffi:1.14.5' at location '/usr/lib64/python3.9/site-packages/cffi-1.14.5-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'pyrsistent:0.17.3' at location '/usr/lib64/python3.9/site-packages/pyrsistent-0.17.3-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'netifaces:0.10.6' at location '/usr/lib64/python3.9/site-packages/netifaces-0.10.6-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'PyYAML:5.4.1' at location '/usr/lib64/python3.9/site-packages/PyYAML-5.4.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'setools:4.4.0' at location '/usr/lib64/python3.9/site-packages/setools-4.4.0-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'awscrt:0.16.7' at location '/usr/lib64/python3.9/site-packages/awscrt-0.16.7.dist-info/METADATA'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'libcomps:0.1.18' at location '/usr/lib64/python3.9/site-packages/libcomps-0.1.18-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'MarkupSafe:1.1.1' at location '/usr/lib64/python3.9/site-packages/MarkupSafe-1.1.1-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'ruamel.yaml.clib:0.1.2' at location '/usr/lib64/python3.9/site-packages/ruamel.yaml.clib-0.1.2-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/scanner/scanner.go:202 golang.a2z.com/inspectorssmplugin/bpm/scanner.(*Scanner).processFiles(): reject package 'dbus-python:1.2.18' at location '/usr/lib64/python3.9/site-packages/dbus_python-1.2.18-py3.9.egg-info/PKG-INFO'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 290 directories under "/usr/lib64"
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/local/lib"
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 1 directories under "/usr/local/lib"
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:76 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanning directory "/usr/local/lib64"
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/bpm/filefinder/filefinder.go:84 golang.a2z.com/inspectorssmplugin/bpm/filefinder.(*FileFinder).EnumerateFiles(): scanned 2 directories under "/usr/local/lib64"
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:183 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): submitting packages findings as inventory report
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:44 golang.a2z.com/inspectorssmplugin/identity.NewIdentity(): ec2 metadata region=us-east-1 instance-id=i-05fe2d212f05e9ed7 instance-type=t3.micro
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:82 golang.a2z.com/inspectorssmplugin/identity.(*Identity).Credentials(): use ec2 role provider for credentials
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/bpm.go:89 golang.a2z.com/inspectorssmplugin/inventory.PackagesInventory.PublishPackages(): post inventory request for 206 packages with hash 'e76f9d788ffb60d5d4c75167339a281e'
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [ERROR] MandoSecurityContentEvaluator/inventory/inventory.go:129 golang.a2z.com/inspectorssmplugin/inventory.sendReport(): failed to report inventory via ssm PutInventory: operation error SSM: PutInventory, https response error StatusCode: 400, RequestID: 3f4cfa07-2097-4ed8-b8ba-185e0f696d9f, ItemContentMismatchException: Content hash did not match, please try again with updated Content and ContentHash.
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/bpm.go:98 golang.a2z.com/inspectorssmplugin/inventory.PackagesInventory.PublishPackages(): resend inventory request with content per service response: operation error SSM: PutInventory, https response error StatusCode: 400, RequestID: 3f4cfa07-2097-4ed8-b8ba-185e0f696d9f, ItemContentMismatchException: Content hash did not match, please try again with updated Content and ContentHash.
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/inventory/bpm.go:104 golang.a2z.com/inspectorssmplugin/inventory.PackagesInventory.PublishPackages(): succeeded posting package collection inventory item
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:44 golang.a2z.com/inspectorssmplugin/identity.NewIdentity(): ec2 metadata region=us-east-1 instance-id=i-05fe2d212f05e9ed7 instance-type=t3.micro
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/identity/identity.go:82 golang.a2z.com/inspectorssmplugin/identity.(*Identity).Credentials(): use ec2 role provider for credentials
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:359 golang.a2z.com/inspectorssmplugin/cmd.logStats(): scan elapsed(ms)=199 directories=3071 files=21427 packages=206
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:363 golang.a2z.com/inspectorssmplugin/cmd.logStats(): scan cpu pct samples=2 histogram=[0 0 0 0 0 0 50 0 0 50]
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:367 golang.a2z.com/inspectorssmplugin/cmd.logStats(): scan mem pct samples=4 histogram=[100 0 0 0 0 0 0 0 0 0]
Thu Apr 20 00:52:33 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/cmd/bpm.go:218 golang.a2z.com/inspectorssmplugin/cmd.ExecBpmScan(): packages scan completed
Thu Apr 20 00:52:34 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:144 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup started
Thu Apr 20 00:52:34 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:166 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): number of log files 1 is less than or equal the limit 7
Thu Apr 20 00:52:34 2023 UTC scitor 28388-0@ip-172-31-10-89.ec2.internal:0 [INFO] MandoSecurityContentEvaluator/appconfig/appconfig.go:169 golang.a2z.com/inspectorssmplugin/appconfig.CleanupLogs(): logs cleanup completedディープインスペクションが実行されたタイミングで1回、手動でのスキャンで2回実行しているため3回分のログが1つのログファイルに出力されていました。
ログからどのパスをスキャンしたのか、各パス配下でスキャンしたディレクトリの数、スキャン対象のパス配下にインストールされているパッケージだが情報を収集しなかったものなどの情報を確認できますね。
プログラミング言語のパッケージマネージャーを使用している場合は今すぐ有効化しよう
Amazon Inspectorがプログラミング言語のパッケージマネージャーからインストールしたパッケージの脆弱性を検出できるようになったアップデートを紹介しました。
追加料金もかからないですし、プログラミング言語のパッケージマネージャーを使用している場合は今すぐディープインスペクションを有効化して損はなさそうですね。
今後はPHPやRubyなど対応言語が増えると良いですね。
ただ、SSMプラグインを実行すると指定したパス配下を走査するため、当然ながらCPUやメモリ使用率に影響があるかと想像します。そのため、カスタムパスを/など非常に広い範囲にしてしまうと大量のディレクトリをスキャンすることになるため控えた方が良いと考えます。
この記事が誰かの助けになれば幸いです。
以上、AWS事業本部 コンサルティング部の のんピ(@non____97)でした!
1
