ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

changed outputs to the new ones

Browse Source
This commit is contained in:
Toni de la Fuente
2018-03-28 11:07:46 -04:00
parent 1acc6e45d0
commit 07b166baa9
81 changed files with 267 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
checks/check_extra72
View File

@@ -7,15 +7,15 @@ CHECK_ALTERNATE_check702="extra72"
extra72(){
# "Ensure there are no EBS Snapshots set as Public (Not Scored) (Not part of CIS benchmark)"
textNotice "Looking for EBS Snapshots in all regions... "
textInfo "Looking for EBS Snapshots in all regions... "
for regx in $REGIONS; do
LIST_OF_EBS_SNAPSHOTS=$($AWSCLI ec2 describe-snapshots $PROFILE_OPT --region $regx --owner-ids $ACCOUNT_NUM --output text --query 'Snapshots[*].{ID:SnapshotId}' --max-items $MAXITEMS | grep -v None 2> /dev/null)
for snapshot in $LIST_OF_EBS_SNAPSHOTS; do
SNAPSHOT_IS_PUBLIC=$($AWSCLI ec2 describe-snapshot-attribute $PROFILE_OPT --region $regx --output text --snapshot-id $snapshot --attribute createVolumePermission --query "CreateVolumePermissions[?Group=='all']")
if [[ $SNAPSHOT_IS_PUBLIC ]];then
textWarn "$regx: $snapshot is currently Public!" "$regx"
textFail "$regx: $snapshot is currently Public!" "$regx"
else
textOK "$regx: $snapshot is not Public" "$regx"
textPass "$regx: $snapshot is not Public" "$regx"
fi
done
done