ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix (extra7148 and add action #1017 (#1021)

Browse Source
This commit is contained in:
Toni de la Fuente
2022-02-04 11:58:22 -05:00
committed by GitHub
parent 679414418e
commit 1d409d04f2
7 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
util/codebuild/codebuild-prowler-audit-account-cfn.yaml
View File

@@ -196,6 +196,7 @@ Resources:
- s3:GetAccountPublicAccessBlock
- shield:GetSubscriptionState
- shield:DescribeProtection
- elasticfilesystem:DescribeBackupPolicy
Effect: Allow
Resource: !Sub 'arn:aws:glue:${AWS::Region}:${AWS::AccountId}:catalog'
- PolicyName: CodeBuild

1
util/org-multi-account/ProwlerRole.yaml
View File

@@ -98,6 +98,7 @@ Resources:
- tag:GetTagKeys
- shield:GetSubscriptionState
- shield:DescribeProtection
- elasticfilesystem:DescribeBackupPolicy
- PolicyName: Prowler-S3-Reports
PolicyDocument:
Version: 2012-10-17

1
util/org-multi-account/serverless_codebuild/templates/ProwlerRole.yaml
View File

@@ -99,6 +99,7 @@ Resources:
- tag:GetTagKeys
- shield:GetSubscriptionState
- shield:DescribeProtection
- elasticfilesystem:DescribeBackupPolicy
- PolicyName: Prowler-S3-Reports
PolicyDocument:
Version: 2012-10-17

3
util/terraform-kickstarter/main.tf
View File

@@ -322,7 +322,8 @@ resource "aws_iam_policy" "prowler_kickstarter_iam_policy" {
"glue:SearchTables",
"s3:GetAccountPublicAccessBlock",
"shield:GetSubscriptionState",
"shield:DescribeProtection"
"shield:DescribeProtection",
"elasticfilesystem:DescribeBackupPolicy"
]
Effect = "Allow"
Resource = "arn:aws:glue:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:catalog"