From c14799915cae2ec065cb3837754ae0c4d834a1a3 Mon Sep 17 00:00:00 2001
From: Toni de la Fuente <toni@blyx.com>
Date: Thu, 24 Sep 2020 14:55:10 +0200
Subject: [PATCH] Fix issue #659

---
 include/assume_role | 5 +++--
 prowler             | 3 +++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/include/assume_role b/include/assume_role
index 7bdf0079..cba07ef5 100644
--- a/include/assume_role
+++ b/include/assume_role
@@ -12,7 +12,7 @@
 # specific language governing permissions and limitations under the License.
 
 # both variables are mandatory to be set together 
-if [[ $ACCOUNT_TO_ASSUME ]]; then
+assume_role(){
     if [[ -z $ROLE_TO_ASSUME ]]; then
         echo "$OPTRED ERROR!$OPTNORMAL - Both Account ID (-A) and IAM Role to assume (-R) must be set"
         exit 1
@@ -65,4 +65,5 @@ if [[ $ACCOUNT_TO_ASSUME ]]; then
     export AWS_SECRET_ACCESS_KEY=$(cat $TEMP_STS_ASSUMED_FILE | jq -r '.Credentials.SecretAccessKey')
     export AWS_SESSION_TOKEN=$(cat $TEMP_STS_ASSUMED_FILE | jq -r '.Credentials.SessionToken')
     rm -fr $TEMP_STS_ASSUMED_FILE
-fi
+}
+
diff --git a/prowler b/prowler
index 29681f31..0a2ff154 100755
--- a/prowler
+++ b/prowler
@@ -522,6 +522,9 @@ fi
 
 # Gather account data / test aws cli connectivity
 getWhoami
+if [[ $ACCOUNT_TO_ASSUME ]]; then
+  assume_role
+fi
 
 # Execute group of checks if called with -g
 if [[ $GROUP_ID_READ ]];then