ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added new check extra7141 to detect secrets in SSM Documents

Browse Source
This commit is contained in:
Toni de la Fuente
2021-05-18 18:28:15 +02:00
parent 1655bdb902
commit 78e5dc5dba
3 changed files with 57 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
groups/group11_secrets
View File

@@ -15,13 +15,8 @@ GROUP_ID[11]='secrets'
GROUP_NUMBER[11]='11.0'
GROUP_TITLE[11]='Look for keys secrets or passwords around resources - [secrets]'
GROUP_RUN_BY_DEFAULT[11]='N' # but it runs when execute_all is called (default)
GROUP_CHECKS[11]='extra741,extra742,extra759,extra760,extra768,extra775'
GROUP_CHECKS[11]='extra741,extra742,extra759,extra760,extra768,extra775,extra7141'
# requires https://github.com/Yelp/detect-secrets
# `pip install detect-secrets`
# Initially:
# - EC2 UserData
# - CloudFormation Outputs
# - Lambda variables
# - Lambda code