ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make check28 only look at symmetric keys @mdop-wh

Browse Source 
Make check28 only look at symmetric keys @mdop-wh. Asymmetric keys don't support automatic rotation.
This commit is contained in:
Toni de la Fuente
2021-02-22 22:36:53 +01:00
committed by GitHub
parent b68cf876bc e0dbfaaa37
commit 1d0887ac89
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
checks/check28
View File

@@ -29,7 +29,7 @@ check28(){
if [[ $CHECK_KMS_KEYLIST ]]; then
cmk_count=0
for key in $CHECK_KMS_KEYLIST; do
KMSDETAILS=$($AWSCLI kms describe-key --key-id $key $PROFILE_OPT --region $regx --query 'KeyMetadata.{key:KeyId,man:KeyManager,origin:Origin,state:KeyState}' --output text 2>&1)
KMSDETAILS=$($AWSCLI kms describe-key --key-id $key $PROFILE_OPT --region $regx --query 'KeyMetadata.{key:KeyId,state:KeyState,man:KeyManager,spec:CustomerMasterKeySpec}' --output text 2>&1|grep Enabled$|grep -v AWS|grep SYMMETRIC| awk '{ print $1 }')
if [[ $(echo "$KMSDETAILS" | grep AccessDenied) ]]; then
textFail "$regx: Key $key Access Denied describing key"
continue