mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 06:45:08 +00:00
feat(default_regions): Set profile region as default for global regions. (#1228)
Co-authored-by: sergargar <sergio@verica.io>
This commit is contained in:
Sergio Garcia
@@ -23,17 +23,17 @@ class iam_disable_30_days_credentials(Check):
|
||||
if time_since_insertion.days > maximum_expiration_days:
|
||||
report.status = "FAIL"
|
||||
report.result_extended = f"User {user['UserName']} has not logged into the console in the past 30 days"
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
else:
|
||||
report.status = "PASS"
|
||||
report.result_extended = f"User {user['UserName']} has logged into the console in the past 30 days"
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
except KeyError:
|
||||
pass
|
||||
else:
|
||||
report.status = "PASS"
|
||||
report.result_extended = f"User {user['UserName']} has not a console password or is unused."
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
|
||||
# Append report
|
||||
findings.append(report)
|
||||
@@ -41,7 +41,7 @@ class iam_disable_30_days_credentials(Check):
|
||||
report = Check_Report()
|
||||
report.status = "PASS"
|
||||
report.result_extended = "There is no IAM users"
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
findings.append(report)
|
||||
|
||||
return findings
|
||||
|
||||
@@ -23,17 +23,17 @@ class iam_disable_90_days_credentials(Check):
|
||||
if time_since_insertion.days > maximum_expiration_days:
|
||||
report.status = "FAIL"
|
||||
report.result_extended = f"User {user['UserName']} has not logged into the console in the past 90 days"
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
else:
|
||||
report.status = "PASS"
|
||||
report.result_extended = f"User {user['UserName']} has logged into the console in the past 90 days"
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
except KeyError:
|
||||
pass
|
||||
else:
|
||||
report.status = "PASS"
|
||||
report.result_extended = f"User {user['UserName']} has not a console password or is unused."
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
|
||||
# Append report
|
||||
findings.append(report)
|
||||
@@ -41,6 +41,6 @@ class iam_disable_90_days_credentials(Check):
|
||||
report = Check_Report()
|
||||
report.status = "PASS"
|
||||
report.result_extended = "There is no IAM users"
|
||||
report.region = "us-east-1"
|
||||
report.region = iam_client.region
|
||||
|
||||
return findings
|
||||
|
||||
@@ -10,6 +10,7 @@ class IAM:
|
||||
self.service = "iam"
|
||||
self.session = audit_info.audit_session
|
||||
self.client = self.session.client(self.service)
|
||||
self.region = audit_info.profile_region
|
||||
self.users = self.__get_users__()
|
||||
self.roles = self.__get_roles__()
|
||||
self.customer_managed_policies = self.__get_customer_managed_policies__()
|
||||
@@ -26,7 +27,7 @@ class IAM:
|
||||
try:
|
||||
get_roles_paginator = self.client.get_paginator("list_roles")
|
||||
except Exception as error:
|
||||
logger.error(f"{error.__class__.__name__} -- {error}")
|
||||
logger.error(f"{self.region} -- {error.__class__.__name__}: {error}")
|
||||
else:
|
||||
roles = []
|
||||
for page in get_roles_paginator.paginate():
|
||||
@@ -41,7 +42,7 @@ class IAM:
|
||||
try:
|
||||
report_status = self.client.generate_credential_report()
|
||||
except Exception as error:
|
||||
logger.error(f"{error.__class__.__name__} -- {error}")
|
||||
logger.error(f"{self.region} -- {error.__class__.__name__}: {error}")
|
||||
else:
|
||||
if report_status["State"] == "COMPLETE":
|
||||
report_is_completed = True
|
||||
@@ -52,7 +53,7 @@ class IAM:
|
||||
try:
|
||||
get_groups_paginator = self.client.get_paginator("list_groups")
|
||||
except Exception as error:
|
||||
logger.error(f"{error.__class__.__name__} -- {error}")
|
||||
logger.error(f"{self.region} -- {error.__class__.__name__}: {error}")
|
||||
else:
|
||||
groups = []
|
||||
for page in get_groups_paginator.paginate():
|
||||
@@ -67,7 +68,7 @@ class IAM:
|
||||
"list_policies"
|
||||
)
|
||||
except Exception as error:
|
||||
logger.error(f"{error.__class__.__name__} -- {error}")
|
||||
logger.error(f"{self.region} -- {error.__class__.__name__}: {error}")
|
||||
else:
|
||||
customer_managed_policies = []
|
||||
for page in get_customer_managed_policies_paginator.paginate(Scope="Local"):
|
||||
@@ -80,7 +81,7 @@ class IAM:
|
||||
try:
|
||||
get_users_paginator = self.client.get_paginator("list_users")
|
||||
except Exception as error:
|
||||
logger.error(f"{error.__class__.__name__} -- {error}")
|
||||
logger.error(f"{self.region} -- {error.__class__.__name__}: {error}")
|
||||
else:
|
||||
users = []
|
||||
for page in get_users_paginator.paginate():
|
||||
@@ -93,5 +94,5 @@ class IAM:
|
||||
try:
|
||||
iam_client = IAM(current_audit_info)
|
||||
except Exception as error:
|
||||
logger.critical(f"{error.__class__.__name__} -- {error}")
|
||||
logger.critical(f"{error.__class__.__name__} -- {error}")
|
||||
sys.exit()
|
||||
|
||||
Reference in New Issue
Block a user