diff --git a/checks/check117 b/checks/check117
index 72b62ba0..69f897c9 100644
--- a/checks/check117
+++ b/checks/check117
@@ -9,8 +9,8 @@
# work. If not, see .
CHECK_ID_check117="1.17"
-CHECK_TITLE_check117="[check117] Maintain current contact details (Scored)"
-CHECK_SCORED_check117="SCORED"
+CHECK_TITLE_check117="[check117] Maintain current contact details (Not Scored)"
+CHECK_SCORED_check117="NOT_SCORED"
CHECK_TYPE_check117="LEVEL1"
CHECK_ALTERNATE_check117="check117"
diff --git a/checks/check118 b/checks/check118
index f3c20f2a..4217fbf1 100644
--- a/checks/check118
+++ b/checks/check118
@@ -9,8 +9,8 @@
# work. If not, see .
CHECK_ID_check118="1.18"
-CHECK_TITLE_check118="[check118] Ensure security contact information is registered (Scored)"
-CHECK_SCORED_check118="SCORED"
+CHECK_TITLE_check118="[check118] Ensure security contact information is registered (Not Scored)"
+CHECK_SCORED_check118="NOT_SCORED"
CHECK_TYPE_check118="LEVEL1"
CHECK_ALTERNATE_check118="check118"
diff --git a/checks/check21 b/checks/check21
index 67bf20f2..64b82ebc 100644
--- a/checks/check21
+++ b/checks/check21
@@ -16,17 +16,18 @@ CHECK_ALTERNATE_check201="check21"
check21(){
# "Ensure CloudTrail is enabled in all regions (Scored)"
- LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].Name' --output text)
- if [[ $LIST_OF_TRAILS ]];then
- for trail in $LIST_OF_TRAILS;do
- MULTIREGION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].IsMultiRegionTrail' --output text --trail-name-list $trail)
- if [[ "$MULTIREGION_TRAIL_STATUS" == 'False' ]];then
- textFail "$trail trail in $REGION is not enabled in multi region mode"
- else
- textPass "$trail trail in $REGION is enabled for all regions"
- fi
- done
- else
- textFail "No CloudTrail trails found!"
- fi
+ for regx in $REGIONS; do
+ LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].Name' --output text --no-include-shadow-trails)
+ if [[ $LIST_OF_TRAILS ]];then
+ for trail in $LIST_OF_TRAILS;do
+ MULTIREGION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].IsMultiRegionTrail' --output text --trail-name-list $trail)
+ if [[ "$MULTIREGION_TRAIL_STATUS" == 'False' ]];then
+ textFail "$trail trail in $regx is not enabled in multi region mode"
+ else
+ textPass "$trail trail in $regx is enabled for all regions"
+ fi
+ done
+ fi
+ done
}
+
diff --git a/checks/check22 b/checks/check22
index ffc28b67..18b13742 100644
--- a/checks/check22
+++ b/checks/check22
@@ -16,17 +16,18 @@ CHECK_ALTERNATE_check202="check22"
check22(){
# "Ensure CloudTrail log file validation is enabled (Scored)"
- LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].Name' --output text)
- if [[ $LIST_OF_TRAILS ]];then
- for trail in $LIST_OF_TRAILS;do
- LOGFILEVALIDATION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $REGION --query 'trailList[*].LogFileValidationEnabled' --output text --trail-name-list $trail)
- if [[ "$LOGFILEVALIDATION_TRAIL_STATUS" == 'False' ]];then
- textFail "$trail trail in $REGION has not log file validation enabled"
- else
- textPass "$trail trail in $REGION has log file validation enabled"
- fi
- done
- else
- textFail "No CloudTrail trails found!"
- fi
+
+ for regx in $REGIONS; do
+ LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].Name' --output text --no-include-shadow-trails)
+ if [[ $LIST_OF_TRAILS ]];then
+ for trail in $LIST_OF_TRAILS;do
+ LOGFILEVALIDATION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails $PROFILE_OPT --region $regx --query 'trailList[*].LogFileValidationEnabled' --output text --trail-name-list $trail)
+ if [[ "$LOGFILEVALIDATION_TRAIL_STATUS" == 'False' ]];then
+ textFail "$trail trail in $regx has not log file validation enabled"
+ else
+ textPass "$trail trail in $regx has log file validation enabled"
+ fi
+ done
+ fi
+ done
}