diff --git a/prowler/compliance/aws/aws_foundational_security_best_practices_aws.json b/prowler/compliance/aws/aws_foundational_security_best_practices_aws.json index 558a4a26..57cca1d0 100644 --- a/prowler/compliance/aws/aws_foundational_security_best_practices_aws.json +++ b/prowler/compliance/aws/aws_foundational_security_best_practices_aws.json @@ -369,7 +369,8 @@ "iam_password_policy_minimum_length_14", "iam_disable_90_days_credentials", "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { diff --git a/prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json b/prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json index 9ff5f5e6..f0c38258 100644 --- a/prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json +++ b/prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json @@ -346,6 +346,7 @@ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", "iam_customer_unattached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "opensearch_service_domains_internal_user_database_enabled" ] }, diff --git a/prowler/compliance/aws/cisa_aws.json b/prowler/compliance/aws/cisa_aws.json index b6ddd542..f322ad76 100644 --- a/prowler/compliance/aws/cisa_aws.json +++ b/prowler/compliance/aws/cisa_aws.json @@ -90,6 +90,7 @@ "iam_no_custom_policy_permissive_role_assumption", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -184,6 +185,7 @@ "iam_no_custom_policy_permissive_role_assumption", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, diff --git a/prowler/compliance/aws/ens_rd2022_aws.json b/prowler/compliance/aws/ens_rd2022_aws.json index a2b86a47..1140c8be 100644 --- a/prowler/compliance/aws/ens_rd2022_aws.json +++ b/prowler/compliance/aws/ens_rd2022_aws.json @@ -129,6 +129,7 @@ "iam_policy_allows_privilege_escalation", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "organizations_scp_check_deny_regions", "organizations_account_part_of_organizations" ] @@ -157,7 +158,8 @@ "iam_policy_allows_privilege_escalation", "iam_no_custom_policy_permissive_role_assumption", "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -231,7 +233,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -1222,6 +1225,7 @@ "iam_policy_allows_privilege_escalation", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_custom_policy_permissive_role_assumption", "iam_policy_attached_only_to_group_or_roles", "iam_role_cross_service_confused_deputy_prevention" diff --git a/prowler/compliance/aws/fedramp_low_revision_4_aws.json b/prowler/compliance/aws/fedramp_low_revision_4_aws.json index 8b43d3cf..c7ab997c 100644 --- a/prowler/compliance/aws/fedramp_low_revision_4_aws.json +++ b/prowler/compliance/aws/fedramp_low_revision_4_aws.json @@ -29,6 +29,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -61,6 +62,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", diff --git a/prowler/compliance/aws/fedramp_moderate_revision_4_aws.json b/prowler/compliance/aws/fedramp_moderate_revision_4_aws.json index 5b401be5..7b551c50 100644 --- a/prowler/compliance/aws/fedramp_moderate_revision_4_aws.json +++ b/prowler/compliance/aws/fedramp_moderate_revision_4_aws.json @@ -22,6 +22,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -95,6 +96,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -148,6 +150,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_mfa_enabled", "iam_no_root_access_key", "iam_rotate_access_key_90_days", @@ -192,6 +195,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", @@ -253,6 +257,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials" ] @@ -272,6 +277,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, @@ -293,6 +299,7 @@ "emr_cluster_master_nodes_no_public_ip", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", @@ -977,7 +984,8 @@ "Checks": [ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { diff --git a/prowler/compliance/aws/ffiec_aws.json b/prowler/compliance/aws/ffiec_aws.json index 00a4bcc7..455b0060 100644 --- a/prowler/compliance/aws/ffiec_aws.json +++ b/prowler/compliance/aws/ffiec_aws.json @@ -421,6 +421,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, @@ -520,7 +521,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -537,7 +539,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -555,6 +558,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key" @@ -581,6 +585,7 @@ "iam_password_policy_uppercase", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_rotate_access_key_90_days", @@ -757,7 +762,8 @@ "cloudtrail_cloudwatch_logging_enabled", "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { diff --git a/prowler/compliance/aws/gdpr_aws.json b/prowler/compliance/aws/gdpr_aws.json index 97f0468d..49fa51b6 100644 --- a/prowler/compliance/aws/gdpr_aws.json +++ b/prowler/compliance/aws/gdpr_aws.json @@ -37,6 +37,7 @@ "iam_password_policy_uppercase", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", diff --git a/prowler/compliance/aws/gxp_21_cfr_part_11_aws.json b/prowler/compliance/aws/gxp_21_cfr_part_11_aws.json index 20012fac..6d12ccb0 100644 --- a/prowler/compliance/aws/gxp_21_cfr_part_11_aws.json +++ b/prowler/compliance/aws/gxp_21_cfr_part_11_aws.json @@ -85,6 +85,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -169,6 +170,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", diff --git a/prowler/compliance/aws/hipaa_aws.json b/prowler/compliance/aws/hipaa_aws.json index c3ba88b6..46b763da 100644 --- a/prowler/compliance/aws/hipaa_aws.json +++ b/prowler/compliance/aws/hipaa_aws.json @@ -47,6 +47,7 @@ "opensearch_service_domains_encryption_at_rest_enabled", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "awslambda_function_not_publicly_accessible", "awslambda_function_url_public", @@ -117,6 +118,7 @@ "ec2_instance_public_ip", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "awslambda_function_not_publicly_accessible", "awslambda_function_url_public", @@ -173,6 +175,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials" ] @@ -205,7 +208,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -260,7 +264,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -278,6 +283,7 @@ "iam_password_policy_reuse_24", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_rotate_access_key_90_days", "iam_disable_90_days_credentials", @@ -520,6 +526,7 @@ "emr_cluster_master_nodes_no_public_ip", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_user_mfa_enabled_console_access", "awslambda_function_not_publicly_accessible", "awslambda_function_url_public", diff --git a/prowler/compliance/aws/mitre_attack_aws.json b/prowler/compliance/aws/mitre_attack_aws.json index 8d188d3b..5ee7dd0f 100644 --- a/prowler/compliance/aws/mitre_attack_aws.json +++ b/prowler/compliance/aws/mitre_attack_aws.json @@ -165,6 +165,7 @@ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", "iam_customer_unattached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_expired_server_certificates_stored", "iam_disable_30_days_credentials", "iam_no_root_access_key", @@ -306,6 +307,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_allows_privilege_escalation", "iam_policy_no_full_access_to_cloudtrail", "iam_policy_no_full_access_to_kms" @@ -369,7 +371,9 @@ "TechniqueURL": "https://attack.mitre.org/techniques/T1098/", "Checks": [ "config_recorder_all_regions_enabled", + "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_allows_privilege_escalation", "iam_policy_no_full_access_to_cloudtrail", "iam_policy_no_full_access_to_kms", @@ -614,6 +618,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_allows_privilege_escalation", "iam_policy_no_full_access_to_cloudtrail", "iam_policy_no_full_access_to_kms" @@ -662,7 +667,9 @@ "TechniqueURL": "https://attack.mitre.org/techniques/T1550/", "Checks": [ "iam_administrator_access_with_mfa", + "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_allows_privilege_escalation", "iam_policy_no_full_access_to_cloudtrail", "iam_policy_no_full_access_to_kms", @@ -851,7 +858,9 @@ "Checks": [ "iam_no_custom_policy_permissive_role_assumption", "iam_policy_allows_privilege_escalation", + "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_user_hardware_mfa_enabled", @@ -1734,6 +1743,7 @@ "guardduty_is_enabled", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_custom_policy_permissive_role_assumption", "iam_policy_allows_privilege_escalation", "iam_policy_no_full_access_to_cloudtrail", @@ -1785,7 +1795,8 @@ "organizations_account_part_of_organizations", "iam_user_mfa_enabled_console_access", "iam_customer_attached_policy_no_administrative_privileges", - "iam_aws_attached_policy_no_administrative_privileges" + "iam_aws_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ], "Attributes": [ { @@ -1845,6 +1856,7 @@ "Checks": [ "iam_customer_attached_policy_no_administrative_privileges", "iam_aws_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_allows_privilege_escalation" ], "Attributes": [ @@ -1955,6 +1967,7 @@ "Checks": [ "iam_customer_attached_policy_no_administrative_privileges", "iam_aws_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_allows_privilege_escalation" ], "Attributes": [ diff --git a/prowler/compliance/aws/nist_800_171_revision_2_aws.json b/prowler/compliance/aws/nist_800_171_revision_2_aws.json index 2219afae..4b3f2ffc 100644 --- a/prowler/compliance/aws/nist_800_171_revision_2_aws.json +++ b/prowler/compliance/aws/nist_800_171_revision_2_aws.json @@ -23,6 +23,7 @@ "emr_cluster_master_nodes_no_public_ip", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -63,6 +64,7 @@ "emr_cluster_master_nodes_no_public_ip", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -129,6 +131,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials" ] @@ -147,6 +150,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials" ] @@ -165,6 +169,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, @@ -182,6 +187,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, @@ -457,6 +463,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "awslambda_function_url_public", "rds_snapshots_public_access", @@ -829,7 +836,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { diff --git a/prowler/compliance/aws/nist_800_53_revision_4_aws.json b/prowler/compliance/aws/nist_800_53_revision_4_aws.json index 762a9550..e9da305c 100644 --- a/prowler/compliance/aws/nist_800_53_revision_4_aws.json +++ b/prowler/compliance/aws/nist_800_53_revision_4_aws.json @@ -103,6 +103,7 @@ "iam_password_policy_reuse_24", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_mfa_enabled", "iam_no_root_access_key", "iam_rotate_access_key_90_days", @@ -128,6 +129,7 @@ "ec2_ebs_public_snapshot", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_url_public", @@ -183,7 +185,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -220,6 +223,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_url_public", @@ -851,7 +855,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { diff --git a/prowler/compliance/aws/nist_800_53_revision_5_aws.json b/prowler/compliance/aws/nist_800_53_revision_5_aws.json index d3f8cb21..85521ef2 100644 --- a/prowler/compliance/aws/nist_800_53_revision_5_aws.json +++ b/prowler/compliance/aws/nist_800_53_revision_5_aws.json @@ -21,6 +21,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -163,6 +164,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", @@ -241,7 +243,8 @@ "Checks": [ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -279,6 +282,7 @@ "emr_cluster_master_nodes_no_public_ip", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_attached_only_to_group_or_roles", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", @@ -353,6 +357,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -382,6 +387,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -411,6 +417,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -440,6 +447,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -469,6 +477,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -498,6 +507,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -527,6 +537,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -556,6 +567,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -584,6 +596,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -613,6 +626,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -647,6 +661,7 @@ "iam_root_hardware_mfa_enabled", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_attached_only_to_group_or_roles", "iam_password_policy_minimum_length_14", "ec2_instance_imdsv2_enabled" @@ -671,6 +686,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -700,6 +716,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -729,6 +746,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -760,6 +778,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", @@ -791,6 +810,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -843,6 +863,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -888,6 +909,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -917,6 +939,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -946,6 +969,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -1071,6 +1095,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -1095,7 +1120,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -1117,6 +1143,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", @@ -1146,6 +1173,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, @@ -1164,7 +1192,8 @@ "Checks": [ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, { @@ -1205,6 +1234,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, @@ -1460,6 +1490,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -2635,6 +2666,7 @@ "iam_password_policy_minimum_length_14", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_attached_only_to_group_or_roles", "iam_root_hardware_mfa_enabled", "iam_no_root_access_key", @@ -2715,6 +2747,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -2971,6 +3004,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -3943,6 +3977,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials", "awslambda_function_not_publicly_accessible", @@ -5415,6 +5450,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_no_root_access_key", @@ -5459,6 +5495,7 @@ "emr_cluster_master_nodes_no_public_ip", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "awslambda_function_not_publicly_accessible", "awslambda_function_url_public", diff --git a/prowler/compliance/aws/nist_csf_1.1_aws.json b/prowler/compliance/aws/nist_csf_1.1_aws.json index 30eb8cd8..9ddee542 100644 --- a/prowler/compliance/aws/nist_csf_1.1_aws.json +++ b/prowler/compliance/aws/nist_csf_1.1_aws.json @@ -571,6 +571,7 @@ "iam_password_policy_reuse_24", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_rotate_access_key_90_days", "iam_disable_90_days_credentials", @@ -627,6 +628,7 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "iam_disable_90_days_credentials" ] @@ -1080,6 +1082,7 @@ "ec2_ebs_public_snapshot", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_no_root_access_key", "awslambda_function_url_public", "rds_snapshots_public_access", diff --git a/prowler/compliance/aws/pci_3.2.1_aws.json b/prowler/compliance/aws/pci_3.2.1_aws.json index f54cb33e..01e0d0ab 100644 --- a/prowler/compliance/aws/pci_3.2.1_aws.json +++ b/prowler/compliance/aws/pci_3.2.1_aws.json @@ -158,6 +158,7 @@ "iam_no_root_access_key", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_root_hardware_mfa_enabled", "iam_root_mfa_enabled", "iam_user_mfa_enabled_console_access", diff --git a/prowler/compliance/aws/rbi_cyber_security_framework_aws.json b/prowler/compliance/aws/rbi_cyber_security_framework_aws.json index 5120b2cc..5e40eccc 100644 --- a/prowler/compliance/aws/rbi_cyber_security_framework_aws.json +++ b/prowler/compliance/aws/rbi_cyber_security_framework_aws.json @@ -115,9 +115,8 @@ "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_policy_attached_only_to_group_or_roles", - "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges", "iam_no_root_access_key" ] }, diff --git a/prowler/compliance/aws/soc2_aws.json b/prowler/compliance/aws/soc2_aws.json index dd1023c5..0377786b 100644 --- a/prowler/compliance/aws/soc2_aws.json +++ b/prowler/compliance/aws/soc2_aws.json @@ -48,6 +48,7 @@ "iam_policy_attached_only_to_group_or_roles", "iam_aws_attached_policy_no_administrative_privileges", "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges", "iam_disable_90_days_credentials" ] }, @@ -313,7 +314,8 @@ ], "Checks": [ "iam_aws_attached_policy_no_administrative_privileges", - "iam_customer_attached_policy_no_administrative_privileges" + "iam_customer_attached_policy_no_administrative_privileges", + "iam_inline_policy_no_administrative_privileges" ] }, {