ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added risk, remediation, doc link and epics to first 3 checks @pablopagani

Browse Source 
Added risk, remediation, doc link and epics to first 3 checks
This commit is contained in:
Toni de la Fuente
2021-03-24 09:08:19 +01:00
committed by GitHub
parent 806eaa0b98 a9d0649122
commit 923dc3403b
3 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
checks/check11
View File

@@ -16,6 +16,10 @@ CHECK_SEVERITY_check11="High"
CHECK_ASFF_TYPE_check11="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark" CHECK_ASFF_TYPE_check11="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
CHECK_ALTERNATE_check101="check11" CHECK_ALTERNATE_check101="check11"
CHECK_SERVICENAME_check11="iam" CHECK_SERVICENAME_check11="iam"
CHECK_RISK_check11='The "root" account has unrestricted access to all resources in the AWS account. It is highly recommended that the use of this account be avoided.'
CHECK_REMEDIATION_check11='Follow the remediation instructions of the Ensure IAM policies are attached only to groups or roles recommendation.'
CHECK_DOC_check11='http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html'
CHECK_CAF_EPIC_check11='IAM'
check11(){ check11(){
# "Avoid the use of the root account (Scored)." # "Avoid the use of the root account (Scored)."

4
checks/check12
View File

@@ -18,6 +18,10 @@ CHECK_ASFF_RESOURCE_TYPE_check12="AwsIamUser"
CHECK_ALTERNATE_check102="check12" CHECK_ALTERNATE_check102="check12"
CHECK_ASFF_COMPLIANCE_TYPE_check12="ens-op.acc.5.aws.iam.1" CHECK_ASFF_COMPLIANCE_TYPE_check12="ens-op.acc.5.aws.iam.1"
CHECK_SERVICENAME_check12="iam" CHECK_SERVICENAME_check12="iam"
CHECK_RISK_check12='Unauthorized access to this critical account if password is not secure or it is disclosed in any way.'
CHECK_REMEDIATION_check12='Enable MFA for root account. is a simple best practice that adds an extra layer of protection on top of your user name and password. Recommended to use hardware keys over virtual MFA.'
CHECK_DOC_check12='https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable_virtual.html'
CHECK_CAF_EPIC_check12='IAM'
check12(){ check12(){
# "Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password (Scored)" # "Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password (Scored)"

4
checks/check13
View File

@@ -18,6 +18,10 @@ CHECK_ASFF_RESOURCE_TYPE_check13="AwsIamUser"
CHECK_ALTERNATE_check103="check13" CHECK_ALTERNATE_check103="check13"
CHECK_ASFF_COMPLIANCE_TYPE_check13="ens-op.acc.1.aws.iam.3 ens-op.acc.5.aws.iam.4" CHECK_ASFF_COMPLIANCE_TYPE_check13="ens-op.acc.1.aws.iam.3 ens-op.acc.5.aws.iam.4"
CHECK_SERVICENAME_check13="iam" CHECK_SERVICENAME_check13="iam"
CHECK_RISK_check13='AWS IAM users can access AWS resources using different types of credentials (passwords or access keys). It is recommended that all credentials that have been unused in 90 or greater days be removed or deactivated.'
CHECK_REMEDIATION_check13='Use the credential report to ensure password_last_changed is less than 90 days ago.'
CHECK_DOC_check13='https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html'
CHECK_CAF_EPIC_check13='IAM'
check13(){ check13(){
check_creds_used_in_last_days 90 check_creds_used_in_last_days 90