From d8879d90853fe929971c923852f4422244f4ea3f Mon Sep 17 00:00:00 2001
From: Pascal Bugnion <pascal@bugnion.org>
Date: Wed, 6 Dec 2017 14:30:25 +0000
Subject: [PATCH] Fix bug getting policy versions

When serveral policies have the same full word substring, getting the policy
versions can return multiple entries. Now fixed.
---
 prowler | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prowler b/prowler
index 163e302e..3614a095 100755
--- a/prowler
+++ b/prowler
@@ -856,7 +856,7 @@ check124(){
   if [[ $LIST_CUSTOM_POLICIES ]]; then
     textNotice "Looking for custom policies: (skipping default policies - it may take few seconds...)"
     for policy in $LIST_CUSTOM_POLICIES; do
-      POLICY_VERSION=$($AWSCLI iam list-policies $PROFILE_OPT --region $REGION --query 'Policies[*].[Arn,DefaultVersionId]' --output text|grep -w $policy |awk '{ print $2}')
+      POLICY_VERSION=$($AWSCLI iam list-policies $PROFILE_OPT --region $REGION --query 'Policies[*].[Arn,DefaultVersionId]' --output text |awk "\$1 == \"$policy\" { print \$2 }")
       POLICY_WITH_FULL=$($AWSCLI iam get-policy-version --output text --policy-arn $policy --version-id $POLICY_VERSION --query "PolicyVersion.Document.Statement[?Effect == 'Allow' && contains(Resource, '*') && contains (Action, '*')]" $PROFILE_OPT --region $REGION)
       if [[ $POLICY_WITH_FULL ]]; then
         POLICIES_ALLOW_LIST="$POLICIES_ALLOW_LIST $policy"