ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Filter for only available rds instances

Browse Source 
(cherry picked from commit 5a7356be3cd137e08161b3dc0d7b8f1b2267c304)
This commit is contained in:
Nimrod Kor
2020-02-18 10:07:39 +02:00
parent 9bd54ca30e
commit 4fe575030b
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
checks/check_extra78
View File

@@ -22,7 +22,8 @@ extra78(){
# "Ensure there are no Public Accessible RDS instances (Not Scored) (Not part of CIS benchmark)"
textInfo "Looking for RDS instances in all regions... "
for regx in $REGIONS; do
LIST_OF_RDS_PUBLIC_INSTANCES=$($AWSCLI rds describe-db-instances $PROFILE_OPT --region $regx --query 'DBInstances[?PubliclyAccessible==`true`].[DBInstanceIdentifier,Endpoint.Address]' --output text)
LIST_OF_RDS_PUBLIC_INSTANCES=$($AWSCLI rds describe-db-instances $PROFILE_OPT --region $regx --query 'DBInstances[?PubliclyAccessible==`true` && DBInstanceStatus=="available"].[DBInstanceIdentifier,Endpoint.Address]' --output text)
echo $LIST_OF_RDS_PUBLIC_INSTANCES
if [[ $LIST_OF_RDS_PUBLIC_INSTANCES ]];then
while read -r rds_instance;do
RDS_NAME=$(echo $rds_instance | awk '{ print $1; }')