From f3ff8369c3352f95130afe0e4c497b7f18e19fa1 Mon Sep 17 00:00:00 2001
From: xxxMinoo <62087466+NMuee@users.noreply.github.com>
Date: Fri, 4 Mar 2022 17:25:47 +0800
Subject: [PATCH] fix: extra7167 Advanced Shield and CloudFront bug parsing
 None output without distributions (#1053)

* fix: not to flag as finding for account without cloudfront distributions

* fix: output empty for None from cloudfront list-distributions

Co-authored-by: moo.xin.foo <moo.xin.foo@accenture.com>
---
 checks/check_extra7167 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/checks/check_extra7167 b/checks/check_extra7167
index 18ce6209..9cb09615 100644
--- a/checks/check_extra7167
+++ b/checks/check_extra7167
@@ -26,8 +26,8 @@ CHECK_CAF_EPIC_extra7167='Infrastructure security'
 
 extra7167() {
   if [[ "$($AWSCLI $PROFILE_OPT shield get-subscription-state --output text)" == "ACTIVE" ]]; then
-    LIST_OF_CLOUDFRONT_DISTRIBUTIONS=$($AWSCLI cloudfront list-distributions $PROFILE_OPT --query 'DistributionList.Items[*].[Id,ARN]' --output text)
-    if [[ $LIST_OF_CLOUDFRONT_DISTRIBUTIONS ]]; then
+    LIST_OF_CLOUDFRONT_DISTRIBUTIONS=$($AWSCLI cloudfront list-distributions $PROFILE_OPT --query 'DistributionList.Items[*].[Id,ARN]' --output text  | grep -v None)
+    if [[ $LIST_OF_CLOUDFRONT_DISTRIBUTIONS]]; then
       while read -r distribution; do
         DISTRIBUTION_ID=$(echo $distribution | awk '{ print $1; }')
         DISTRIBUTION_ARN=$(echo $distribution | awk '{ print $2; }')