ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 15:25:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,076 Commits 1 Branch 0 Tags
2d64a1182e95975b008a94de79df066318067b6c
Commit Graph

1076 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toni de la Fuente
7866d42df9 changed output to PASS and FAIL 2018-03-26 15:40:40 -04:00
Toni de la Fuente
da0f266944 first semi functional v2 2018-03-23 19:26:10 -04:00
Toni de la Fuente
a2806ad86b populated checks 2018-03-23 10:05:20 -04:00
Toni de la Fuente
a98fdf7679 create check files 2018-03-20 23:08:35 -04:00
Toni de la Fuente
a21bff31a5 create check files 2018-03-20 22:59:34 -04:00
Toni de la Fuente
0a9e50ce53 Merge pull request #194 from mbode/check33_bugfix 
Fix check 3.3
 2018-03-20 11:54:34 -04:00
Maximilian Bode
2172f60a18 Reintroduce lost $-sign in check 3.3 2018-03-20 16:50:37 +01:00
Toni de la Fuente
2f761f62a6 new folder structure 2018-03-20 10:56:37 -04:00
Toni de la Fuente
6a4127dc40 tests v2 2018-03-19 14:55:25 -04:00
Toni de la Fuente
4901561fec tests v2 2018-03-19 14:54:05 -04:00
Toni de la Fuente
68d12ae72f fix issue #193 2018-03-19 12:24:59 -04:00
Toni de la Fuente
01a88e6c89 move prowler-policy to iam folder 2018-03-19 11:23:13 -04:00
Toni de la Fuente
0e43a05d16 fix issue #184 2018-03-19 11:11:45 -04:00
Toni de la Fuente
a670716625 preparing new structure 2018-03-19 11:10:10 -04:00
Toni de la Fuente
f411223fa8 added extra723 and clean up 2018-03-19 10:55:35 -04:00
Toni de la Fuente
c96e2be257 Merge pull request #192 from toniblyx/master 
update devel branch
 2018-03-19 10:45:40 -04:00
Toni de la Fuente
d806c86e90 Merge pull request #188 from ahhh/patch-1 
Update prowler output text for extra717
 2018-03-06 13:21:47 -05:00
Dan Borges
5156376df6 Update prowler 2018-03-06 09:58:12 -08:00
Toni de la Fuente
e714a20ae3 Merge pull request #187 from rtkjbillo/update_cloudwatch_logs_permissions 
Update IAM permissions needed for CloudWatch Logs
 2018-03-05 16:33:38 -05:00
Jake Billo
c20f8878da Update IAM permissions needed for CloudWatch Logs 
According to the AWS documentation for the CloudWatch Logs permissions reference [1], the IAM policy to permit or deny CloudWatch Logs actions uses the `logs:` prefix rather than `cloudwatchlogs:`. This commit updates the policy additions JSON file as well as the README to reflect this change.

I confirmed this having assumed an appropriate role in an AWS account, then executing the AWS CLI command `aws logs describe-log-groups`; with the `cloudwatchlogs:` prefix an AccessDeniedException was returned to the client.

[1] https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/permissions-reference-cwl.html
 2018-03-05 16:01:42 -05:00
Toni de la Fuente
6ccd1020e3 Merge pull request #180 from subramani95/patch-4 
Improving check41 and check42
 2018-02-26 23:23:29 -05:00
Toni de la Fuente
fa03991edd Merge pull request #181 from doshitan/improve-check28 
Improve check28
 2018-02-22 11:38:26 -08:00
Toni de la Fuente
5fdedd082b Merge pull request #182 from doshitan/better-shebang 
Use `#!/usr/bin/env bash` instead of hard coding `#!/bin/bash`
 2018-02-22 11:26:27 -08:00
Tanner Doshier
d7f4f99f15 Improve check28 
The CIS benchmarks state that only customer managed CMKs should be checked, so
exclude all AWS managed CMKs, not just the one for ACM.

Also fix up some formatting and dead code.
 2018-02-22 12:32:36 -06:00
Tanner Doshier
1295c5ecff Use #!/usr/bin/env bash instead of hard coding #!/bin/bash 
Better cross-platform support.
 2018-02-22 12:16:12 -06:00
Subramani Ramanathan
65c417a357 Improving check41 and check42 
Improved check41 and check42 to ensure no inbound rule exists that has:-
# port no 22 and source of 0.0.0.0/0
# port no in the range (i.e 0-1024) and source of 0.0.0.0/0
# port value of all and source of 0.0.0.0/0
 2018-02-21 02:48:20 +05:30
Toni de la Fuente
111615bff4 Merge pull request #177 from toniblyx/master 
New checks and improvements
 2018-02-16 14:13:00 -05:00
Toni de la Fuente
ec7930146b New checks and improvements 2018-02-16 12:33:05 -05:00
Toni de la Fuente
282f758fd7 Merge pull request #176 from subramani95/patch-3 
Fix printing texts when both Ok and Warn are present in 'check31'
 2018-02-13 21:35:08 -05:00
Subramani Ramanathan
6b759db0ae Fix printing texts when both Ok and Warn are present in 'check31' 
We may have groups in both Ok and Warn; so we have to go through both CHECK31OK and CHECK31WARN one by one.
 2018-02-13 21:27:04 +05:30
Toni de la Fuente
9ddf17484a Merge pull request #17 from Alfresco/master 
get latest PR  from master
 2018-02-12 16:19:08 -05:00
Toni de la Fuente
1580c38a06 Merge pull request #174 from subramani95/patch-2 
Improved 'check31'
 2018-02-12 11:32:50 -05:00
Subramani Ramanathan
771cbf6b08 Fix to get CloudWatch Log Group Region 
Fix to get CloudWatch Log Group Region, when more than one log group names are there
 2018-02-12 21:55:55 +05:30
Subramani Ramanathan
f64fac3e17 Improved 'check31' 
Get the Metric Name using Log Group and Filter names and check the alarms associated with that metric.
 2018-02-12 18:43:20 +05:30
Toni de la Fuente
01d13691b3 Merge pull request #173 from toniblyx/master 
Added new check extra719 route53 query logging
 2018-02-09 19:58:52 -05:00
Toni de la Fuente
d101e2b3bf Added new check extra719 route53 query logging 2018-02-09 19:57:54 -05:00
Toni de la Fuente
e248be83f1 Merge pull request #172 from toniblyx/master 
Added check extra718 bucket server access logging
 2018-02-09 18:19:08 -05:00
Toni de la Fuente
f5ba67da86 Added check extra718 bucket server access logging 2018-02-09 18:15:06 -05:00
Toni de la Fuente
da86408431 Merge pull request #171 from toniblyx/master 
Fixed extra79 and added extra717
 2018-02-09 17:22:43 -05:00
Toni de la Fuente
1281867bd4 Removed redundand info in README 2018-02-09 17:19:48 -05:00
Toni de la Fuente
1cc7c7d3aa Removed redundand info in README 2018-02-09 17:18:43 -05:00
Toni de la Fuente
cd276ab959 Added new check extra717 ELB logging 2018-02-09 17:17:09 -05:00
Toni de la Fuente
d38e5aa088 Merge pull request #170 from toniblyx/master 
Added new check extra716 ES service allow open access
 2018-02-08 01:22:25 -05:00
Toni de la Fuente
b2264997d6 Added new check extra716 ES service allow open access 2018-02-08 01:21:22 -05:00
Toni de la Fuente
dce78805a8 Merge pull request #169 from toniblyx/master 
Added new check extra715 ES service logging
Added new check extra716 ES service allow open access
 2018-02-08 01:02:20 -05:00
Toni de la Fuente
55d3d642f9 Added new check extra716 ES service allow open access 2018-02-08 01:01:28 -05:00
Toni de la Fuente
841e5436b9 Added new check extra715 ES service logging 2018-02-08 00:27:27 -05:00
Toni de la Fuente
0360db1b64 Merge pull request #168 from toniblyx/master 
Added check extra714 CloudFront logging
 2018-02-07 23:50:31 -05:00
Toni de la Fuente
3665d64f2b Added check extra714 CloudFront logging 2018-02-07 23:49:26 -05:00
Toni de la Fuente
0b7a17b2b2 Merge pull request #167 from toniblyx/master 
Improved OSTYPE handling
 2018-02-07 22:53:46 -05:00