ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated check29 to validate against FlowLogId which is valid for both CloudWatch and s3 destinations

Browse Source
This commit is contained in:
Jason Turner
2018-11-14 14:19:44 -08:00
parent 2437f8fb16
commit cafd203406
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
checks/check29
View File

@@ -17,7 +17,7 @@ CHECK_ALTERNATE_check209="check29"
check29(){
# "Ensure VPC Flow Logging is Enabled in all VPCs (Scored)"
for regx in $REGIONS; do
CHECK_FL=$($AWSCLI ec2 describe-flow-logs $PROFILE_OPT --region $regx --query 'FlowLogs[?FlowLogStatus==`ACTIVE`].LogGroupName' --output text)
CHECK_FL=$($AWSCLI ec2 describe-flow-logs $PROFILE_OPT --region $regx --query 'FlowLogs[?FlowLogStatus==`ACTIVE`].FlowLogId' --output text)
if [[ $CHECK_FL ]];then
for FL in $CHECK_FL;do
textPass "VPCFlowLog is enabled for LogGroupName: $FL in Region $regx" "$regx"