ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update check_extra7154

Browse Source
This commit is contained in:
Shubham Shah
2021-10-01 11:14:26 -04:00
committed by GitHub
parent 44d40e4f0d
commit f74414532d
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
checks/check_extra7154
View File

@@ -27,7 +27,7 @@ CHECK_SEVERITY_extra7154="MEDIUM"
CHECK_ASFF_RESOURCE_TYPE_extra7154="AwsCloudFormationStack"
CHECK_ALTERNATE_check7154="extra7154"
CHECK_SERVICENAME_extra7154="cloudformation"
CHECK_RISK_extra7154='Without termination protection enabled, a critical cloudformation stack can be accidently deleted.'
CHECK_RISK_extra7154='Without termination protection enabled; a critical cloudformation stack can be accidently deleted.'
CHECK_REMEDIATION_extra7154='Ensure termination protection is enabled for the cloudformation stacks'
CHECK_DOC_extra7154='https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html'
CHECK_CAF_EPIC_extra7154='Infrastructure Protection'
@@ -42,7 +42,7 @@ extra7154() {
TERMINATION_ENABLED=$(echo $CFN_STACK_DETAILS | jq -r '.Stacks[].EnableTerminationProtection')
ROOT_ID=$(echo $CFN_STACK_DETAILS | jq -r '.Stacks[].RootId')
if [[ $ROOT_ID != null && $TERMINATION_ENABLED == "false" ]]; then
textInfo "$regx: $stack is a nested stack, enable termination protection on the root stack $ROOT_ID" "$regx" "$stack" "$ROOT_ID"
textInfo "$regx: $stack is a nested stack. Enable termination protection on the root stack $ROOT_ID" "$regx" "$stack" "$ROOT_ID"
elif [[ $TERMINATION_ENABLED == "true" ]]; then
textPass "$regx: Cloudformation stack $stack has termination protection enabled" "$regx" "$stack"
else