ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(s3_bucket_policy_public_write_access): Handle S3 Policy without Principal (#2871)

Browse Source
This commit is contained in:
Pepe Fagoaga
2023-09-27 09:35:26 +02:00
committed by GitHub
parent 1697e6ad62
commit 7ecb4d7b00
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
prowler/providers/aws/services/s3/s3_bucket_policy_public_write_access/s3_bucket_policy_public_write_access.py
View File

@@ -41,7 +41,10 @@ class s3_bucket_policy_public_write_access(Check):
if ( if (
statement["Effect"] == "Allow" statement["Effect"] == "Allow"
and "Condition" not in statement and "Condition" not in statement
and (
"Principal" in statement
and "*" in str(statement["Principal"]) and "*" in str(statement["Principal"])
)
and ( and (
"s3:PutObject" in statement["Action"] "s3:PutObject" in statement["Action"]
or "*" in statement["Action"] or "*" in statement["Action"]