ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added Support for CIS AWS 1.1

Browse Source
This commit is contained in:
Toni de la Fuente
2016-11-30 00:48:35 -05:00
parent e7b5b8ce58
commit 581c7c7ebf
2 changed files with 12 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@@ -2,14 +2,14 @@
## Description
Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the [CIS Amazon Web Services Foundations Benchmark](https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf)
Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the [CIS Amazon Web Services Foundations Benchmark 1.1 ](https://benchmarks.cisecurity.org/tools2/amazon/CIS_Amazon_Web_Services_Foundations_Benchmark_v1.1.0.pdf)
It covers hardening and security best practices for all regions related to:
- Identity and Access Management (15 checks)
- Identity and Access Management (24 checks)
- Logging (8 checks)
- Monitoring (16 checks)
- Networking (4 checks)
- Monitoring (15 checks)
- Networking (5 checks)
For a comprehesive list and resolution look at the guide on the link above.
@@ -95,7 +95,7 @@ USAGE:
```
## How to fix all WARNINGS:
Check your report and fix the issues following all specific guidelines per check in https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf
Check your report and fix the issues following all specific guidelines per check in https://benchmarks.cisecurity.org/tools2/amazon/CIS_Amazon_Web_Services_Foundations_Benchmark_v1.1.0.pdf
## Screenshots

10
prowler
View File

@@ -236,7 +236,11 @@ REGIONS=$($AWSCLI ec2 describe-regions --query 'Regions[].RegionName' \
infoReferenceLong(){
# Report review note:
echo -e " $NOTICE https://benchmarks.cisecurity.org/tools2/amazon/CIS_Amazon_Web_Services_Foundations_Benchmark_v1.1.0.pdf$NORMAL"
echo -e " $BLUE \n*********************************$NORMAL"
echo -e " $NOTICE For more information: $NORMAL"
echo -e " $NOTICE https://benchmarks.cisecurity.org/tools2/amazon/CIS_Amazon_Web_Services_Foundations_Benchmark_v1.1.0.pdf$NORMAL"
echo -e " $NOTICE For bugs or feedback: $NORMAL"
echo -e " $NOTICE https://github.com/Alfresco/aws-cis-security-benchmark/issues$NORMAL"
}
infoReferenceShort(){
@@ -983,8 +987,8 @@ check314(){
}
check315(){
TITLE315="$BLUE 3.16$NORMAL Ensure appropriate subscribers to each SNS topic (Not Scored)"
echo -e "\n$TITLE316 "
TITLE315="$BLUE 3.15$NORMAL Ensure appropriate subscribers to each SNS topic (Not Scored)"
echo -e "\n$TITLE315 "
for regx in $REGIONS; do
TOPICS_LIST=$($AWSCLI sns list-topics --profile $PROFILE --region $regx --output text --query 'Topics[*].TopicArn')
if [[ $TOPICS_LIST ]];then