ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix issue #926 resource id and remediation typo

Browse Source
This commit is contained in:
Toni de la Fuente
2021-11-15 16:49:40 +01:00
parent b251f31da9
commit cee6437ae1
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
checks/check_extra776
View File

@@ -32,8 +32,9 @@ CHECK_CIS_LEVEL_extra776="EXTRA"
CHECK_SEVERITY_extra776="Medium" CHECK_SEVERITY_extra776="Medium"
CHECK_ALTERNATE_check776="extra776" CHECK_ALTERNATE_check776="extra776"
CHECK_SERVICENAME_extra776="ecr" CHECK_SERVICENAME_extra776="ecr"
CHECK_ASFF_RESOURCE_TYPE_extra776="AwsEcrRepository"
CHECK_RISK_extra776='Amazon ECR image scanning helps in identifying software vulnerabilities in your container images. Amazon ECR uses the Common Vulnerabilities and Exposures (CVEs) database from the open-source Clair project and provides a list of scan findings. ' CHECK_RISK_extra776='Amazon ECR image scanning helps in identifying software vulnerabilities in your container images. Amazon ECR uses the Common Vulnerabilities and Exposures (CVEs) database from the open-source Clair project and provides a list of scan findings. '
CHECK_REMEDIATION_extra776='Open the Amazon ECR console. look for vulnerabilities and fix them.' CHECK_REMEDIATION_extra776='Open the Amazon ECR console. Then look for vulnerabilities and fix them.'
CHECK_DOC_extra776='https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#describe-scan-findings' CHECK_DOC_extra776='https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#describe-scan-findings'
CHECK_CAF_EPIC_extra776='Logging and Monitoring' CHECK_CAF_EPIC_extra776='Logging and Monitoring'
@@ -75,18 +76,18 @@ extra776(){
fi fi
SEVERITY_LOW=$(echo "$FINDINGS_COUNT" | jq -r '.LOW' ) SEVERITY_LOW=$(echo "$FINDINGS_COUNT" | jq -r '.LOW' )
if [[ "$SEVERITY_LOW" != "null" ]]; then if [[ "$SEVERITY_LOW" != "null" ]]; then
textInfo "$region: ECR repository $repo has imageTag $IMAGE_TAG with LOW ($SEVERITY_LOW) findings" "$region" textInfo "$region: ECR repository $repo has imageTag $IMAGE_TAG with LOW ($SEVERITY_LOW) findings" "$region" "$repo"
fi fi
SEVERITY_INFORMATIONAL=$(echo "$FINDINGS_COUNT" | jq -r '.INFORMATIONAL' ) SEVERITY_INFORMATIONAL=$(echo "$FINDINGS_COUNT" | jq -r '.INFORMATIONAL' )
if [[ "$SEVERITY_INFORMATIONAL" != "null" ]]; then if [[ "$SEVERITY_INFORMATIONAL" != "null" ]]; then
textInfo "$region: ECR repository $repo has imageTag $IMAGE_TAG with INFORMATIONAL ($SEVERITY_INFORMATIONAL) findings" "$region" textInfo "$region: ECR repository $repo has imageTag $IMAGE_TAG with INFORMATIONAL ($SEVERITY_INFORMATIONAL) findings" "$region" "$repo"
fi fi
SEVERITY_UNDEFINED=$(echo "$FINDINGS_COUNT" | jq -r '.UNDEFINED' ) SEVERITY_UNDEFINED=$(echo "$FINDINGS_COUNT" | jq -r '.UNDEFINED' )
if [[ "$SEVERITY_UNDEFINED" != "null" ]]; then if [[ "$SEVERITY_UNDEFINED" != "null" ]]; then
textInfo "$region: ECR repository $repo has imageTag $IMAGE_TAG with UNDEFINED ($SEVERITY_UNDEFINED) findings" "$region" textInfo "$region: ECR repository $repo has imageTag $IMAGE_TAG with UNDEFINED ($SEVERITY_UNDEFINED) findings" "$region" "$repo"
fi fi
else else
textPass "$region: ECR repository $repo has imageTag $IMAGE_TAG without findings" "$region" textPass "$region: ECR repository $repo has imageTag $IMAGE_TAG without findings" "$region" "$repo"
fi fi
fi fi
fi fi
@@ -95,7 +96,7 @@ extra776(){
textInfo "$region: ECR repository $repo has no images" "$region" textInfo "$region: ECR repository $repo has no images" "$region"
fi fi
else else
textInfo "$region: ECR repository $repo has no scanOnPush not enabled" "$region" textInfo "$region: ECR repository $repo has scanOnPush not enabled" "$region" "$repo"
fi fi
done done
else else