From 5d7d9efa69d86cadd46255b6d0e5ca80f294e58d Mon Sep 17 00:00:00 2001
From: Toni de la Fuente <toni@blyx.com>
Date: Mon, 22 Feb 2021 23:05:05 +0100
Subject: [PATCH] Revert "check28 only look at symmetric keys"

---
 checks/check28 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checks/check28 b/checks/check28
index aeeeca70..677f732b 100644
--- a/checks/check28
+++ b/checks/check28
@@ -29,7 +29,7 @@ check28(){
     if [[ $CHECK_KMS_KEYLIST ]]; then
       cmk_count=0
       for key in $CHECK_KMS_KEYLIST; do
-        KMSDETAILS=$($AWSCLI kms describe-key --key-id $key $PROFILE_OPT --region $regx --query 'KeyMetadata.{key:KeyId,state:KeyState,man:KeyManager,spec:CustomerMasterKeySpec}' --output text 2>&1|grep Enabled$|grep -v AWS|grep SYMMETRIC| awk '{ print $1 }')
+        KMSDETAILS=$($AWSCLI kms describe-key --key-id $key $PROFILE_OPT --region $regx --query 'KeyMetadata.{key:KeyId,man:KeyManager,origin:Origin,state:KeyState}' --output text 2>&1)
         if [[ $(echo "$KMSDETAILS" | grep AccessDenied) ]]; then
            textFail "$regx: Key $key Access Denied describing key"
            continue