ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

remove filter by roles so that groups are included as well

Browse Source
This commit is contained in:
Richard Nienaber
2019-08-15 12:22:07 +01:00
parent d8c29cc263
commit 30e2360acc
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
checks/check120
View File

@@ -19,10 +19,10 @@ check120(){
SUPPORTPOLICYARN=$($AWSCLI iam list-policies --query "Policies[?PolicyName == 'AWSSupportAccess'].Arn" $PROFILE_OPT --region $REGION --output text)
if [[ $SUPPORTPOLICYARN ]];then
for policyarn in $SUPPORTPOLICYARN;do
POLICYROLES=$($AWSCLI iam list-entities-for-policy --policy-arn $SUPPORTPOLICYARN $PROFILE_OPT --region $REGION --query PolicyRoles[*] --output text)
POLICYROLES=$($AWSCLI iam list-entities-for-policy --policy-arn $SUPPORTPOLICYARN $PROFILE_OPT --region $REGION --output text | awk -F$'\t' '{ print $3 }')
if [[ $POLICYROLES ]];then
for role in $POLICYROLES; do
textPass "Support Policy attached to $role role"
for name in $POLICYROLES; do
textPass "Support Policy attached to $name"
done
# for user in $(echo "$POLICYUSERS" | grep UserName | cut -d'"' -f4) ; do
# textInfo "User $user has support access via $policyarn"