ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

better check denied

Browse Source
This commit is contained in:
gabrielsoltz
2019-06-13 14:32:19 +02:00
parent de8336092b
commit c8622bc347
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
checks/check_extra73
View File

@@ -54,9 +54,8 @@ extra73(){
BUCKET_LOCATION="eu-west-1"
fi
# Check Explicit Deny and Avoid Error
CHEK_FOR_EXPLICIT_DENY=$($AWSCLI s3api get-bucket-acl $PROFILE_OPT --region $BUCKET_LOCATION --bucket $bucket 2> /dev/null)
CHEK_FOR_EXPLICIT_DENY="$?"
if [[ $CHEK_FOR_EXPLICIT_DENY -eq 255 ]]; then
CHEK_FOR_EXPLICIT_DENY=$($AWSCLI s3api get-bucket-acl $PROFILE_OPT --region $BUCKET_LOCATION --bucket $bucket --output text 2>&1)
if [[ $(echo "$CHEK_FOR_EXPLICIT_DENY" | grep AccessDenied) ]] ; then
textPass "$BUCKET_LOCATION: bucket have an explicit Deny. Not possible to get ACL." "$BUCKET_LOCATION"
else
# check if AllUsers is in the ACL as Grantee