ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

added check extra724 Certificate Transparency

Browse Source
This commit is contained in:
Toni de la Fuente
2018-03-28 10:50:56 -04:00
parent 919c530155
commit db8b5a4d0b
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
LIST_OF_CHECKS_AND_GROUPS.md
View File

@@ -395,5 +395,5 @@ Colors code for results: INFO (Information), PASS (Recommended value), FAIL (F
7.23 Check if RDS Snapshots are public (Not Scored) (Not part of CIS benchmark) 7.23 Check if RDS Snapshots are public (Not Scored) (Not part of CIS benchmark)
7.24 Check if ACM certificates have Certificate Transparence enabled (Not Scored) (Not part of CIS benchmark) 7.24 Check if ACM certificates have Certificate Transparency logging enabled (Not Scored) (Not part of CIS benchmark)
``` ```

4
checks/check_extra724
View File

@@ -1,10 +1,10 @@
CHECK_ID_extra724="7.24" CHECK_ID_extra724="7.24"
CHECK_TITLE_extra724="Check if ACM certificates have Certificate Transparence enabled (Not Scored) (Not part of CIS benchmark)" CHECK_TITLE_extra724="Check if ACM certificates have Certificate Transparency logging enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra724="NOT_SCORED" CHECK_SCORED_extra724="NOT_SCORED"
CHECK_ALTERNATE_check724="extra724" CHECK_ALTERNATE_check724="extra724"
extra724(){ extra724(){
# "Check if ACM certificates have Certificate Transparence enabled (Not Scored) (Not part of CIS benchmark)" # "Check if ACM certificates have Certificate Transparency logging enabled (Not Scored) (Not part of CIS benchmark)"
for regx in $REGIONS; do for regx in $REGIONS; do
LIST_OF_CERTS=$($AWSCLI acm list-certificates $PROFILE_OPT --region $regx --query CertificateSummaryList[].CertificateArn --output text) LIST_OF_CERTS=$($AWSCLI acm list-certificates $PROFILE_OPT --region $regx --query CertificateSummaryList[].CertificateArn --output text)
if [[ $LIST_OF_CERTS ]];then if [[ $LIST_OF_CERTS ]];then