From 68f8e08506164c9482ce21427e2f705826a13e65 Mon Sep 17 00:00:00 2001
From: Ben Allen <ballen@sans.org>
Date: Tue, 11 Jul 2017 16:24:42 -0500
Subject: [PATCH] add option (-k) to keep the credential report after
 execution.

---
 README.md |  1 +
 prowler   | 17 ++++++++++++++---
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 0fbda960..0e78d34e 100644
--- a/README.md
+++ b/README.md
@@ -98,6 +98,7 @@ USAGE:
       -f <filterregion>   specify an AWS region to run checks against (i.e.: us-west-1)
       -m <maxitems>       specify the maximum number of items to return for long-running requests (default: 100)
       -M <mode>           output mode: text (defalut), mono, csv (separator is "|"; data is on stdout; progress on stderr)
+      -k                  keep the credential report
       -h                  this help
 
 ```
diff --git a/prowler b/prowler
index a2ace106..28f44e23 100755
--- a/prowler
+++ b/prowler
@@ -37,6 +37,7 @@ MAXITEMS=100
 MONOCHROME=0
 MODE="text"
 SEP=','
+KEEPCREDREPORT=0
 
 
 # Command usage menu
@@ -51,17 +52,21 @@ USAGE:
       -f <filterregion>   specify an AWS region to run checks against (i.e.: us-west-1)
       -m <maxitems>       specify the maximum number of items to return for long-running requests (default: 100)
       -M <mode>           output mode: text (defalut), mono, csv (separator is \"${SEP}\"; data is on stdout; progress on stderr)
+      -k                  keep the credential report
       -h                  this help
   "
   exit
 }
 
-while getopts ":hp:r:c:f:m:M:" OPTION; do
+while getopts ":hkp:r:c:f:m:M:" OPTION; do
    case $OPTION in
      h )
         usage
         exit 1
         ;;
+     k )
+        KEEPCREDREPORT=1
+        ;;
      p )
         PROFILE=$OPTARG
         ;;
@@ -384,13 +389,19 @@ genCredReport() {
 
 # Save report to a file, decode it, deletion at finish and after every single check, acb stands for AWS CIS Benchmark
 saveReport(){
-  TEMP_REPORT_FILE=$(mktemp -t prowler-XXXXX.cred_report )
+  TEMP_REPORT_FILE=$(mktemp -t prowler-${ACCOUNT_NUM}-XXXXX.cred_report )
   $AWSCLI iam get-credential-report --query 'Content' --output text --profile $PROFILE --region $REGION | decode_report > $TEMP_REPORT_FILE
+  if [[ $KEEPCREDREPORT -eq 1 ]]; then
+    textTitle "0.2" "Saving IAM Credential Report ..."
+    textNotice "IAM Credential Report saved in $TEMP_REPORT_FILE"
+  fi
 }
 
 # Delete temporary report file
 cleanTemp(){
-  rm -fr $TEMP_REPORT_FILE
+  if [[ $KEEPCREDREPORT -ne 1 ]]; then
+    rm -fr $TEMP_REPORT_FILE
+  fi
 }
 
 # Delete the temporary report file if we get interrupted/terminated