mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-13 00:05:04 +00:00
feat(regions): add regions to resources (#1285)
This commit is contained in:
Sergio Garcia
@@ -11,51 +11,50 @@ class iam_avoid_root_usage(Check):
|
||||
findings = []
|
||||
response = iam_client.credential_report
|
||||
|
||||
if response:
|
||||
for user in response:
|
||||
if user["user"] == "<root_account>":
|
||||
report = Check_Report(self.metadata)
|
||||
report.region = iam_client.region
|
||||
report.resource_id = user["user"]
|
||||
report.resource_arn = user["arn"]
|
||||
if (
|
||||
user["password_last_used"] != "no_information"
|
||||
or user["access_key_1_last_used_date"] != "N/A"
|
||||
or user["access_key_2_last_used_date"] != "N/A"
|
||||
):
|
||||
if user["password_last_used"] != "no_information":
|
||||
days_since_accessed = (
|
||||
datetime.datetime.now()
|
||||
- datetime.datetime.strptime(
|
||||
user["password_last_used"],
|
||||
"%Y-%m-%dT%H:%M:%S+00:00",
|
||||
)
|
||||
).days
|
||||
elif user["access_key_1_last_used_date"] != "N/A":
|
||||
days_since_accessed = (
|
||||
datetime.datetime.now()
|
||||
- datetime.datetime.strptime(
|
||||
user["access_key_1_last_used_date"],
|
||||
"%Y-%m-%dT%H:%M:%S+00:00",
|
||||
)
|
||||
).days
|
||||
elif user["access_key_2_last_used_date"] != "N/A":
|
||||
days_since_accessed = (
|
||||
datetime.datetime.now()
|
||||
- datetime.datetime.strptime(
|
||||
user["access_key_2_last_used_date"],
|
||||
"%Y-%m-%dT%H:%M:%S+00:00",
|
||||
)
|
||||
).days
|
||||
if days_since_accessed > maximum_access_days:
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Root user in the account was last accessed {days_since_accessed} days ago."
|
||||
else:
|
||||
report.status = "PASS"
|
||||
report.status_extended = f"Root user in the account wasn't accessed in the last {maximum_access_days} days."
|
||||
for user in response:
|
||||
if user["user"] == "<root_account>":
|
||||
report = Check_Report(self.metadata)
|
||||
report.region = iam_client.region
|
||||
report.resource_id = user["user"]
|
||||
report.resource_arn = user["arn"]
|
||||
if (
|
||||
user["password_last_used"] != "no_information"
|
||||
or user["access_key_1_last_used_date"] != "N/A"
|
||||
or user["access_key_2_last_used_date"] != "N/A"
|
||||
):
|
||||
if user["password_last_used"] != "no_information":
|
||||
days_since_accessed = (
|
||||
datetime.datetime.now()
|
||||
- datetime.datetime.strptime(
|
||||
user["password_last_used"],
|
||||
"%Y-%m-%dT%H:%M:%S+00:00",
|
||||
)
|
||||
).days
|
||||
elif user["access_key_1_last_used_date"] != "N/A":
|
||||
days_since_accessed = (
|
||||
datetime.datetime.now()
|
||||
- datetime.datetime.strptime(
|
||||
user["access_key_1_last_used_date"],
|
||||
"%Y-%m-%dT%H:%M:%S+00:00",
|
||||
)
|
||||
).days
|
||||
elif user["access_key_2_last_used_date"] != "N/A":
|
||||
days_since_accessed = (
|
||||
datetime.datetime.now()
|
||||
- datetime.datetime.strptime(
|
||||
user["access_key_2_last_used_date"],
|
||||
"%Y-%m-%dT%H:%M:%S+00:00",
|
||||
)
|
||||
).days
|
||||
if days_since_accessed > maximum_access_days:
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Root user in the account was last accessed {days_since_accessed} days ago."
|
||||
else:
|
||||
report.status = "PASS"
|
||||
report.status_extended = f"Root user in the account wasn't accessed in the last {maximum_access_days} days."
|
||||
findings.append(report)
|
||||
else:
|
||||
report.status = "PASS"
|
||||
report.status_extended = f"Root user in the account wasn't accessed in the last {maximum_access_days} days."
|
||||
findings.append(report)
|
||||
|
||||
return findings
|
||||
|
||||
Reference in New Issue
Block a user