ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(check13): should not pass if user never logged in

Browse Source
This commit is contained in:
jlamande@gmail.com
2018-10-17 10:16:49 +02:00
parent e20b32da0c
commit 8798861c99
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
checks/check13
View File

@@ -21,11 +21,16 @@ check13(){
if [[ $COMMAND12_LIST_USERS_WITH_PASSWORD_ENABLED ]]; then
for i in $COMMAND12_LIST_USERS_WITH_PASSWORD_ENABLED; do
DATEUSED=$($AWSCLI iam list-users --query "Users[?UserName=='$i'].PasswordLastUsed" --output text $PROFILE_OPT --region $REGION | cut -d'T' -f1)
HOWOLDER=$(how_older_from_today $DATEUSED)
if [ $HOWOLDER -gt "90" ];then
if [ "$DATEUSED" == "" ]
then
textFail "User \"$i\" has not logged in during the last 90 days "
else
textPass "User \"$i\" found with credentials used in the last 90 days"
HOWOLDER=$(how_older_from_today $DATEUSED)
if [ $HOWOLDER -gt "90" ];then
textFail "User \"$i\" has not logged in during the last 90 days "
else
textPass "User \"$i\" found with credentials used in the last 90 days"
fi
fi
done
else