From 5efd2669fa69b40976167d680cb69709bbc291f2 Mon Sep 17 00:00:00 2001
From: Toni de la Fuente <toni.delafuente@alfresco.com>
Date: Fri, 20 Apr 2018 12:57:07 -0400
Subject: [PATCH] new check Trusted Avisor errors/warnings

---
 checks/check_extra726             | 28 ++++++++++++++++++++--------
 iam/prowler-policy-additions.json |  4 +++-
 include/colors                    |  3 ++-
 prowler                           |  2 +-
 4 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/checks/check_extra726 b/checks/check_extra726
index 50954b82..025ad41c 100644
--- a/checks/check_extra726
+++ b/checks/check_extra726
@@ -10,14 +10,26 @@
 # under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
-# CHECK_ID_extra726="7.26"
-# CHECK_TITLE_extra726="[extra726] Check Trusted Advisor for errors and warnings (Not Scored) (Not part of CIS benchmark)"
-# CHECK_SCORED_extra726="NOT_SCORED"
-# CHECK_ALTERNATE_check726="extra726"
-#
-# tachecks=$(aws support describe-trusted-advisor-checks --language en --profile security --region us-east-1 --query checks[*].id --output text)
-#
-# for i in $tachecks; do aws support describe-trusted-advisor-check-result --check-id $i --language en --profile security --region us-east-1 --query result.status --output text; done
+
+CHECK_ID_extra726="7.26"
+CHECK_TITLE_extra726="[extra726] Check Trusted Advisor for errors and warnings (Not Scored) (Not part of CIS benchmark)"
+CHECK_SCORED_extra726="NOT_SCORED"
+CHECK_ALTERNATE_check726="extra726"
+
+extra726(){
+  trap "exit" INT
+  # forcing us-east-1 region only since support only works in that region
+  TA_CHECKS_ID=$($AWSCLI support describe-trusted-advisor-checks --language en $PROFILE_OPT --region us-east-1 --query checks[*].id  --output text)
+  for checkid in $TA_CHECKS_ID; do
+    QUERY_RESULT_NO_OK=$($AWSCLI support describe-trusted-advisor-check-result --check-id $checkid --language en $PROFILE_OPT --region us-east-1 --query 'result.status' --output text | grep -v "ok" )
+    if [[ $QUERY_RESULT_NO_OK ]]; then
+      TA_CHECKS_NAME=$($AWSCLI support describe-trusted-advisor-checks --language en $PROFILE_OPT --region us-east-1 --query "checks[?id==\`$checkid\`].{name:name}[*]"  --output text)
+      textFail "Trusted Advisor check $TA_CHECKS_NAME is in state $QUERY_RESULT_NO_OK"
+    fi 
+  done
+}
+
+
 #
 # extra726(){
 #   # "Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark)"
diff --git a/iam/prowler-policy-additions.json b/iam/prowler-policy-additions.json
index 0732fd84..a357daa1 100644
--- a/iam/prowler-policy-additions.json
+++ b/iam/prowler-policy-additions.json
@@ -10,7 +10,9 @@
         "logs:DescribeMetricFilters",
         "ses:getidentityverificationattributes",
         "sns:listsubscriptionsbytopic",
-        "guardduty:ListDetectors"
+        "guardduty:ListDetectors",
+        "trustedadvisor:Describe*",
+        "support:*"
       ],
       "Effect": "Allow",
       "Resource": "*"
diff --git a/include/colors b/include/colors
index b7b72076..2383df54 100644
--- a/include/colors
+++ b/include/colors
@@ -66,6 +66,7 @@ fi
 
 printColorsCode(){
   if [[ $MONOCHROME -eq 0 ]]; then
-    echo -e "\n$NORMAL Colors code for results: $NOTICE INFO (Information)$NORMAL,$OK PASS (Recommended value)$NORMAL, $BAD FAIL (Fix required)$NORMAL"
+    echo -e "\n$NORMAL Colors code for results: "
+    echo -e "$NOTICE INFO (Information)$NORMAL,$OK PASS (Recommended value)$NORMAL, $BAD FAIL (Fix required)$NORMAL, $PURPLE Not Scored $NORMAL"
   fi
 }
diff --git a/prowler b/prowler
index 24d67abf..0ae25594 100755
--- a/prowler
+++ b/prowler
@@ -279,9 +279,9 @@ if [[ $MODE != "csv" ]]; then
   prowlerBanner
 fi
 
+getWhoami
 genCredReport
 saveReport
-getWhoami
 execute_all
 
 cleanTemp