ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #20 from toniblyx/master

Browse Source 
fixed issues 2.1 and 2.2 when more than one trail
This commit is contained in:
Toni de la Fuente
2016-10-06 13:22:54 -04:00
committed by GitHub
parent 7ab0ab46be 68f8f5b4b8
commit ba1b9de199
1 changed files with 22 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
prowler
View File

@@ -446,30 +446,36 @@ check115(){
check21(){
TITLE21="$BLUE 2.1$NORMAL Ensure CloudTrail is enabled in all regions (Scored)"
echo -e "\n$TITLE21"
COMMAND21=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*].IsMultiRegionTrail' --output text)
if [[ $COMMAND21 ]];then
if [ $COMMAND21 == "True" ];then
echo -e " $OK OK $NORMAL"
else
echo -e " $RED FALSE $NORMAL"
fi
LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*].Name' --output text)
if [[ $LIST_OF_TRAILS ]];then
for trail in $LIST_OF_TRAILS;do
MULTIREGION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*].IsMultiRegionTrail' --output text --trail-name-list $trail)
if [[ $MULTIREGION_TRAIL_STATUS == 'False' ]];then
echo -e " $RED WARNING! $trail trail in $REGION is not enabled in multi region mode$NORMAL"
else
echo -e " $OK OK! $trail trail in $REGION is enabled for all regions$NORMAL"
fi
done
else
echo -e " $RED FALSE $NORMAL"
echo -e " $RED WARNING! No CloudTrail trails found!$NORMAL"
fi
}
check22(){
TITLE22="$BLUE 2.2$NORMAL Ensure CloudTrail log file validation is enabled (Scored)"
echo -e "\n$TITLE22"
COMMAND22=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*].LogFileValidationEnabled' --output text)
if [[ $COMMAND22 ]];then
if [ $COMMAND22 == "True" ];then
echo -e " $OK OK $NORMAL"
else
echo -e " $RED FALSE $NORMAL"
fi
LIST_OF_TRAILS=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*].Name' --output text)
if [[ $LIST_OF_TRAILS ]];then
for trail in $LIST_OF_TRAILS;do
LOGFILEVALIDATION_TRAIL_STATUS=$($AWSCLI cloudtrail describe-trails --profile $PROFILE --region $REGION --query 'trailList[*].LogFileValidationEnabled' --output text --trail-name-list $trail)
if [[ $LOGFILEVALIDATION_TRAIL_STATUS == 'False' ]];then
echo -e " $RED WARNING! $trail trail in $REGION has not log file validation enabled$NORMAL"
else
echo -e " $OK OK! $trail trail in $REGION has log file validation enabled$NORMAL"
fi
done
else
echo -e " $RED FALSE $NORMAL"
echo -e " $RED WARNING! No CloudTrail trails found!$NORMAL"
fi
}