From 887805c5be63cf1f7b29e7702735dfc99a304b01 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Toma=CC=81s=CC=8C=20Milata?= <tomas@asidatascience.com>
Date: Tue, 12 Dec 2017 17:11:56 +0000
Subject: [PATCH] Use a query to get AccountMFAEnabled rather than awk/sed

Parsing with awk/sed relies on the json being pretty printed (no other values on the same line), which is not always true, causing false-positive warings sometimes. Querying for SummaryMap.AccountMFAEnabled directly should be more robust.
---
 prowler | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prowler b/prowler
index df30470c..ec859b9c 100755
--- a/prowler
+++ b/prowler
@@ -684,7 +684,7 @@ check112(){
 check113(){
   ID113="1.13"
   TITLE113="Ensure MFA is enabled for the root account (Scored)"
-  COMMAND113=$($AWSCLI iam get-account-summary $PROFILE_OPT --region $REGION --output json|grep AccountMFAEnabled | awk -F': ' '{ print $2 }'|sed 's/,//')
+  COMMAND113=$($AWSCLI iam get-account-summary $PROFILE_OPT --region $REGION --output json --query 'SummaryMap.AccountMFAEnabled')
   textTitle "$ID113" "$TITLE113" "SCORED" "LEVEL1"
   if [ "$COMMAND113" == "1" ]; then
     textOK "Virtual MFA is enabled for root"