From cb0d9d33926bc3a469349418110e14ccade338a8 Mon Sep 17 00:00:00 2001 From: David Childs Date: Wed, 16 Mar 2022 12:49:04 -0400 Subject: [PATCH] fix(filter-region): Support comma separated regions (#1071) * regions separated by a comma deliminator * Update README.md Co-authored-by: Toni de la Fuente * Update README.md Co-authored-by: David Childs Co-authored-by: Pepe Fagoaga Co-authored-by: Toni de la Fuente --- README.md | 2 +- prowler | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e81aa38d..64eea3c9 100644 --- a/README.md +++ b/README.md @@ -230,7 +230,7 @@ Prowler has been written in bash using AWS-CLI underneath and it works in Linux, By default, Prowler scans all opt-in regions available, that might take a long execution time depending on the number of resources and regions used. Same applies for GovCloud or China regions. See below Advance usage for examples. -Prowler has two parameters related to regions: `-r` that is used query AWS services API endpoints (it uses `us-east-1` by default and required for GovCloud or China) and the option `-f` that is to filter those regions you only want to scan. For example if you want to scan Dublin only use `-f eu-west-1` and if you want to scan Dublin and Ohio `-f 'eu-west-1 us-east-s'`, note the single quotes and space between regions. +Prowler has two parameters related to regions: `-r` that is used query AWS services API endpoints (it uses `us-east-1` by default and required for GovCloud or China) and the option `-f` that is to filter those regions you only want to scan. For example if you want to scan Dublin only use `-f eu-west-1` and if you want to scan Dublin and Ohio `-f eu-west-1,us-east-1`, note the regions are separated by a comma deliminator (it can be used as before with `-f 'eu-west-1,us-east-1'`). ## Screenshots diff --git a/prowler b/prowler index d0460d5b..02a05189 100755 --- a/prowler +++ b/prowler @@ -348,7 +348,7 @@ TOTAL_CHECKS=($(echo "${TOTAL_CHECKS[*]}" | tr ' ' '\n' | awk '!seen[$0]++' | so # Function to get all regions get_regions() { # Get list of regions based on include/whoami - REGIONS=$($AWSCLI ec2 describe-regions --query 'Regions[].RegionName' --output text $PROFILE_OPT --region $REGION_FOR_STS --region-names $FILTERREGION 2>&1) + REGIONS=$($AWSCLI ec2 describe-regions --query 'Regions[].RegionName' --output text $PROFILE_OPT --region $REGION_FOR_STS --region-names ${FILTERREGION//[,]/ } 2>&1) ret=$? if [[ $ret -ne 0 ]]; then echo "$OPTRED Access Denied trying to describe regions! Review permissions as described here: https://github.com/prowler-cloud/prowler/#requirements-and-installation $OPTNORMAL"