ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

clean up extras

Browse Source
This commit is contained in:
Toni de la Fuente
2018-03-26 23:01:52 -04:00
parent 2648067ac6
commit ef9b7cef1a
15 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
checks/check_extra710
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra710="7.10"
CHECK_TITLE_extra710="Check for internet facing EC2 Instances (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra710="NOT_SCORED"
CHECK_ALTERNATE_extra710="extra710"
CHECK_ALTERNATE_check710="extra710"
extra710(){

1
checks/check_extra711
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra711="7.11"
CHECK_TITLE_extra711="Check for Publicly Accessible Redshift Clusters (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra711="NOT_SCORED"
CHECK_ALTERNATE_extra711="extra711"
CHECK_ALTERNATE_check711="extra711"
extra711(){

1
checks/check_extra712
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra712="7.12"
CHECK_TITLE_extra712="Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra712="NOT_SCORED"
CHECK_ALTERNATE_extra712="extra712"
CHECK_ALTERNATE_check712="extra712"
extra712(){

1
checks/check_extra713
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra713="7.13"
CHECK_TITLE_extra713="Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra713="NOT_SCORED"
CHECK_ALTERNATE_extra713="extra713"
CHECK_ALTERNATE_check713="extra713"
extra713(){

1
checks/check_extra714
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra714="7.14"
CHECK_TITLE_extra714="Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra714="NOT_SCORED"
CHECK_ALTERNATE_extra714="extra714"
CHECK_ALTERNATE_check714="extra714"
extra714(){

1
checks/check_extra715
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra715="7.15"
CHECK_TITLE_extra715="Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra715="NOT_SCORED"
CHECK_ALTERNATE_extra715="extra715"
CHECK_ALTERNATE_check715="extra715"
extra715(){

1
checks/check_extra716
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra716="7.16"
CHECK_TITLE_extra716="Check if Elasticsearch Service domains allow open access (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra716="NOT_SCORED"
CHECK_ALTERNATE_extra716="extra716"
CHECK_ALTERNATE_check716="extra716"
extra716(){

1
checks/check_extra717
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra717="7.17"
CHECK_TITLE_extra717="Check if Elastic Load Balancers have logging enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra717="NOT_SCORED"
CHECK_ALTERNATE_extra717="extra717"
CHECK_ALTERNATE_check717="extra717"
extra717(){

1
checks/check_extra718
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra718="7.18"
CHECK_TITLE_extra718="Check if S3 buckets have server access logging enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra718="NOT_SCORED"
CHECK_ALTERNATE_extra718="extra718"
CHECK_ALTERNATE_check718="extra718"
extra718(){

1
checks/check_extra719
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra719="7.19"
CHECK_TITLE_extra719="Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra719="NOT_SCORED"
CHECK_ALTERNATE_extra719="extra719"
CHECK_ALTERNATE_check719="extra719"
extra719(){

1
checks/check_extra720
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra720="7.20"
CHECK_TITLE_extra720="Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra720="NOT_SCORED"
CHECK_ALTERNATE_extra720="extra720"
CHECK_ALTERNATE_check720="extra720"
extra720(){

1
checks/check_extra721
View File

@@ -1,7 +1,6 @@
CHECK_ID_extra721="7.21"
CHECK_TITLE_extra721="Check if Redshift cluster has audit logging enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra721="NOT_SCORED"
CHECK_ALTERNATE_extra721="extra721"
CHECK_ALTERNATE_check721="extra721"
extra721(){

1
checks/check_extra722
View File

@@ -2,7 +2,6 @@ CHECK_ID_extra722="7.22"
CHECK_TITLE_extra722="Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra722="NOT_SCORED"
CHECK_ALTERNATE_check722="extra722"
CHECK_ALTERNATE_extra722="extra722"
extra722(){
# "Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)"

1
checks/check_extra723
View File

@@ -2,7 +2,6 @@ CHECK_ID_extra723="7.23"
CHECK_TITLE_extra723="Check if RDS Snapshots are public (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra723="NOT_SCORED"
CHECK_ALTERNATE_check723="extra723"
CHECK_ALTERNATE_extra723="extra723"
extra723(){
# "Check if RDS Snapshots are public (Not Scored) (Not part of CIS benchmark)"

21
checks/check_sample
View File

@@ -0,0 +1,21 @@
# CHECK_ID_checkN="N.N"
# CHECK_TITLE_checkN="Description (Not Scored) (Not part of CIS benchmark)"
# CHECK_SCORED_checkN="NOT_SCORED"
# CHECK_ALTERNATE_checkN="extraN"
#
# extraN(){
# # "Description (Not Scored) (Not part of CIS benchmark)"
# textNotice "Looking for instances in all regions... "
# for regx in $REGIONS; do
# LIST_OF_PUBLIC_INSTANCES=$($AWSCLI ec2 describe-instances $PROFILE_OPT --region $regx --query 'Reservations[*].Instances[?PublicIpAddress].[InstanceId,PublicIpAddress]' --output text)
# if [[ $LIST_OF_PUBLIC_INSTANCES ]];then
# while read -r instance;do
# INSTANCE_ID=$(echo $instance | awk '{ print $1; }')
# PUBLIC_IP=$(echo $instance | awk '{ print $2; }')
# textWarn "$regx: Instance: $INSTANCE_ID at IP: $PUBLIC_IP is internet-facing!" "$regx"
# done <<< "$LIST_OF_PUBLIC_INSTANCES"
# else
# textOK "$regx: no Internet Facing EC2 Instances found" "$regx"
# fi
# done
# }