ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support graceful failing of buckets with corrupt/unintended permissions

Browse Source
This commit is contained in:
Ben Hecht
2018-05-29 17:19:23 -04:00
parent 8acc18b32b
commit ac7d51b6f3
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
checks/check_extra73
View File

@@ -22,7 +22,12 @@ extra73(){
textInfo "Looking for open S3 Buckets (ACLs and Policies) in all regions... "
ALL_BUCKETS_LIST=$($AWSCLI s3api list-buckets --query 'Buckets[*].{Name:Name}' --profile $PROFILE --region $REGION --output text)
for bucket in $ALL_BUCKETS_LIST; do
BUCKET_LOCATION=$($AWSCLI s3api get-bucket-location --bucket $bucket --profile $PROFILE --region $REGION --output text)
BUCKET_LOCATION=$($AWSCLI s3api get-bucket-location --bucket $bucket --profile $PROFILE --region $REGION --output text 2>/dev/null)
exit_status=$?
if [[ $exit_status != 0 ]]; then
textFail "$bucket bucket is unreadable due to permissions" "$regx"
continue $exit_status;
fi
if [[ "None" == $BUCKET_LOCATION ]]; then
BUCKET_LOCATION="us-east-1"
fi