ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

support arn:aws:s3::: on extra725

Browse Source
This commit is contained in:
nalansitan
2020-04-14 10:38:01 +08:00
parent df52057287
commit 036ae640e5
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
checks/check_extra725
View File

@@ -30,7 +30,7 @@ extra725(){
if [[ $LIST_OF_TRAILS ]]; then
BUCKET_ENABLED_TRAILS=()
for trail in $LIST_OF_TRAILS; do
BUCKET_ENABLED_IN_TRAIL=$($AWSCLI cloudtrail get-event-selectors $PROFILE_OPT --trail-name $trail --query "EventSelectors[*].DataResources[?Type == \`AWS::S3::Object\`].Values" --output text |xargs -n1| grep -E "^arn:aws:s3:::$bucketName/\S*$|^arn:aws:s3$")
BUCKET_ENABLED_IN_TRAIL=$($AWSCLI cloudtrail get-event-selectors $PROFILE_OPT --trail-name $trail --query "EventSelectors[*].DataResources[?Type == \`AWS::S3::Object\`].Values" --output text |xargs -n1| grep -E "^arn:aws:s3:::$bucketName/\S*$|^arn:aws:s3$|^arn:aws:s3:::$")
if [[ $BUCKET_ENABLED_IN_TRAIL ]]; then
BUCKET_ENABLED_TRAILS+=($trail)
# textPass "$regx: S3 bucket $bucketName has Object-level logging enabled in trail $trail" "$regx"