ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated check_extra778 to use PROFILE_OPT and AWSCLI

Browse Source
This commit is contained in:
Philipp Zeuner
2020-03-08 09:56:52 +01:00
parent 1b2b52e6a7
commit cb5858d08a
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
checks/check_extra778
View File

@@ -37,7 +37,8 @@ extra778(){
;;
esac
CIDR_IP_LIST=$(aws ec2 describe-security-groups \
CIDR_IP_LIST=$(${AWSCLI} ec2 describe-security-groups \
${PROFILE_OPT} \
--filter "Name=group-id,Values=${SECURITY_GROUP}" \
--query "SecurityGroups[*].${DIRECTION_FILTER}[*].IpRanges[*].CidrIp" \
--region ${REGION} \
@@ -57,7 +58,12 @@ extra778(){
}
for regx in ${REGIONS}; do
SECURITY_GROUP_IDS=$(${AWSCLI} ec2 describe-security-groups --region ${regx} --query 'SecurityGroups[*].GroupId' --output text | xargs)
SECURITY_GROUP_IDS=$(${AWSCLI} ec2 describe-security-groups \
${PROFILE_OPT} \
--region ${regx} \
--query 'SecurityGroups[*].GroupId' \
--output text | xargs
)
for SECURITY_GROUP in ${SECURITY_GROUP_IDS}; do
check_cidr "${SECURITY_GROUP}" "inbound" "${regx}"
check_cidr "${SECURITY_GROUP}" "outbound" "${regx}"