From 7a44b8bcca2462a55f84454f844431e7479731a6 Mon Sep 17 00:00:00 2001 From: soffensive <9149004+soffensive@users.noreply.github.com> Date: Wed, 17 Apr 2019 13:36:00 +0200 Subject: [PATCH 1/2] Iterate over all regions Iterate over all regions --- checks/check21 | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/checks/check21 b/checks/check21 index 67bf20f2..64b82ebc 100644 --- a/checks/check21 +++ b/checks/check21 @@ -16,17 +16,18 @@ CHECK_ALTERNATE_check201="check21" check21(){ # "Ensure CloudTrail is enabled in all regions (Scored)" - LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].Name' --output text) - if [[ $LIST_OF_TRAILS ]];then - for trail in $LIST_OF_TRAILS;do - MULTIREGION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].IsMultiRegionTrail' --output text --trail-name-list $trail) - if [[ "$MULTIREGION_TRAIL_STATUS" == 'False' ]];then - textFail "$trail trail in $REGION is not enabled in multi region mode" - else - textPass "$trail trail in $REGION is enabled for all regions" - fi - done - else - textFail "No CloudTrail trails found!" - fi + for regx in $REGIONS; do + LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].Name' --output text --no-include-shadow-trails) + if [[ $LIST_OF_TRAILS ]];then + for trail in $LIST_OF_TRAILS;do + MULTIREGION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].IsMultiRegionTrail' --output text --trail-name-list $trail) + if [[ "$MULTIREGION_TRAIL_STATUS" == 'False' ]];then + textFail "$trail trail in $regx is not enabled in multi region mode" + else + textPass "$trail trail in $regx is enabled for all regions" + fi + done + fi + done } + From e0d86c134aabe0c6b49ba966c3891cc7ec6e9117 Mon Sep 17 00:00:00 2001 From: soffensive <9149004+soffensive@users.noreply.github.com> Date: Wed, 17 Apr 2019 13:38:12 +0200 Subject: [PATCH 2/2] Iterate over all regions Iterate over all regions --- checks/check22 | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/checks/check22 b/checks/check22 index ffc28b67..18b13742 100644 --- a/checks/check22 +++ b/checks/check22 @@ -16,17 +16,18 @@ CHECK_ALTERNATE_check202="check22" check22(){ # "Ensure CloudTrail log file validation is enabled (Scored)" - LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].Name' --output text) - if [[ $LIST_OF_TRAILS ]];then - for trail in $LIST_OF_TRAILS;do - LOGFILEVALIDATION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].LogFileValidationEnabled' --output text --trail-name-list $trail) - if [[ "$LOGFILEVALIDATION_TRAIL_STATUS" == 'False' ]];then - textFail "$trail trail in $REGION has not log file validation enabled" - else - textPass "$trail trail in $REGION has log file validation enabled" - fi - done - else - textFail "No CloudTrail trails found!" - fi + + for regx in $REGIONS; do + LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].Name' --output text --no-include-shadow-trails) + if [[ $LIST_OF_TRAILS ]];then + for trail in $LIST_OF_TRAILS;do + LOGFILEVALIDATION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].LogFileValidationEnabled' --output text --trail-name-list $trail) + if [[ "$LOGFILEVALIDATION_TRAIL_STATUS" == 'False' ]];then + textFail "$trail trail in $regx has not log file validation enabled" + else + textPass "$trail trail in $regx has log file validation enabled" + fi + done + fi + done }