Affan Malik
bacdf6ed22
Check for flowlogs only in active VPCs, avoid false flag if a region has no VPCs
2018-12-12 15:09:31 -05:00
Toni de la Fuente
79e02ce074
Merge pull request #271 from toniblyx/devel
...
Fixed bug in check extra730: certs expiration
2018-12-05 11:52:19 +00:00
Toni de la Fuente
b4cb323de4
Merge pull request #270 from SDugo/master
...
Fixed AccessDeniedException on extra730
2018-12-05 11:49:41 +00:00
Samuel Dugo
573fa46aac
Fixed AccessDeniedException on extra730
...
When executing Prowler using a specific profile (in my case to assume a role) , check_extra730 returns:
"An error occurred (AccessDeniedException) when calling the DescribeCertificate operation: User: [ASSUMED_ROLE_ARN] is not authorized to perform: acm:DescribeCertificate on resource: [RESOURCE_ARN]"
This is because line 28 did not contain the following parameters: "$PROFILE_OPT --region $regx" .
2018-12-05 11:35:44 +01:00
Toni de la Fuente
31a0de167c
Adding extra340 to GDPR group
2018-11-27 00:07:19 -05:00
Toni de la Fuente
6c2d4d6b01
Adding newer checks to GDPR and extras group
2018-11-27 00:03:40 -05:00
Toni de la Fuente
0ca1a8f28c
version and extras last addition
2018-11-26 23:23:16 -05:00
Toni de la Fuente
c567781bcd
Merge pull request #269 from toniblyx/devel
...
New checks, documentation and fixes:
Added extra739 ELB logging and typos
Added extra740 EBS snapshots are encrypted and HIPAA
Added info about GDPR and HIPAA
Improved Prowler description
fixed issue #268
2018-11-26 22:50:27 -05:00
Toni de la Fuente
84c9b97c48
Merge branch 'master' into devel
2018-11-26 22:48:30 -05:00
Toni de la Fuente
2015a50733
fixed issue #268
2018-11-26 12:26:35 -05:00
Toni de la Fuente
d839b2fba1
Improved Prowler description
2018-11-19 23:54:42 -05:00
Toni de la Fuente
3f70c86736
Added info about GDPR and HIPAA
2018-11-19 23:39:17 -05:00
Toni de la Fuente
aeaf533585
Added extra740 EBS snapshots are encrypted and HIPAA
2018-11-19 23:22:18 -05:00
Toni de la Fuente
5757a88227
Added extra739 ELB logging and typos
2018-11-19 22:55:29 -05:00
Toni de la Fuente
83de86ca2c
fixed HIPAA typo
2018-11-15 14:38:05 -05:00
Toni de la Fuente
e2861614c2
Generate creds report only if group1 related
2018-11-14 22:30:22 -05:00
Toni de la Fuente
d14bdcc6c3
added option -L to list check groups
2018-11-14 20:38:02 -05:00
Toni de la Fuente
013a435784
added extra738 to group extras
2018-11-14 20:09:20 -05:00
Toni de la Fuente
cd9bedb526
Merge pull request #266 from onkymykiss1/update-check29
...
Updated check29 to validate against FlowLogId which is valid for both…
2018-11-14 19:57:47 -05:00
Jason Turner
cafd203406
Updated check29 to validate against FlowLogId which is valid for both CloudWatch and s3 destinations
2018-11-14 14:19:44 -08:00
Toni de la Fuente
2437f8fb16
Added extra738 CloudFront HTTPS
2018-11-08 20:21:46 -05:00
Toni de la Fuente
fa5b81b28e
Added extra737 KMS keys rotation
2018-11-07 23:37:06 -05:00
Toni de la Fuente
9bdbf6f51c
Added extra736 check exposed KMS keys
2018-11-07 23:27:58 -05:00
Toni de la Fuente
b6a30df808
Added extra735 check encrypted RDS
2018-11-07 22:00:28 -05:00
Toni de la Fuente
0dc2b9a081
Improved extra734 checking enforce policy
2018-11-06 00:17:00 -05:00
Toni de la Fuente
29e142361b
Improved extra734 checking enforce policy
2018-11-06 00:15:20 -05:00
Toni de la Fuente
883afa4959
Added extra734 check S3 bucket encryption
2018-11-05 23:30:00 -05:00
Toni de la Fuente
b4ea16b6f7
Changed label to beta3
2018-10-31 23:16:23 -04:00
Toni de la Fuente
9985e98cd3
Added more info for GDPR
2018-10-31 23:16:00 -04:00
Toni de la Fuente
87d1cc13bc
Added new checks to GDPR group
2018-10-31 23:13:07 -04:00
Toni de la Fuente
c7bfd72d2d
Add check extra733 SAML Provider STS
2018-10-31 23:09:24 -04:00
Toni de la Fuente
9a88249965
Added check extra732 Cloudfront CDN Geo restrictions
2018-10-31 22:45:59 -04:00
Toni de la Fuente
6cb75fa26a
Added check extra732 Cloudfront CDN Geo restrictions
2018-10-31 22:44:45 -04:00
Toni de la Fuente
2fd6f9801a
Added check extra731 SNS topics Public
2018-10-31 22:23:41 -04:00
Toni de la Fuente
4902d11614
Updated CIS version in Description
2018-10-31 21:32:50 -04:00
Toni de la Fuente
f1c46c28a0
Improved features section
2018-10-31 21:31:00 -04:00
Toni de la Fuente
5e35915ca3
Merge pull request #256 from UranusBytes/prowler-255
...
List not only listing
2018-10-31 11:33:05 -04:00
Toni de la Fuente
fe6eae7d30
Added check extra730 to group extras
2018-10-31 00:07:36 -04:00
Toni de la Fuente
fe8a123ead
Added check extra730 - ACM cert expiration
2018-10-31 00:01:47 -04:00
Toni de la Fuente
110b59d25d
Merge pull request #262 from SkxNMDI5/accelerate-122
...
Accelerate check 122 (scope local, 1 less API call by policy)
2018-10-24 13:40:34 -04:00
Toni de la Fuente
f8130fa2df
Merge pull request #261 from SkxNMDI5/fix-260
...
Issue 260 : Fix incremental policy
2018-10-24 13:37:40 -04:00
jlamande@gmail.com
bd06720416
Accelerate check 122 (scope local, 1 less API call by policy)
2018-10-19 13:43:37 +02:00
jlamande@gmail.com
e49cf1fde7
Fix incremental policy
2018-10-19 09:04:32 +02:00
Toni de la Fuente
db2483b7a5
Merge pull request #259 from SkxNMDI5/master
...
fix(check13): should not pass if user never logged in
2018-10-17 16:04:11 -04:00
Toni de la Fuente
e3b6a09482
Merge pull request #257 from mixmatch/patch-1
...
Add missing permission to example prowler policy (support:describetrustedadvisorchecks)
2018-10-17 15:59:55 -04:00
jlamande@gmail.com
8798861c99
fix(check13): should not pass if user never logged in
2018-10-17 10:16:49 +02:00
Daniel Petty
3e39bfd077
Add missing permission to example prowler policy
...
"support:describetrustedadvisorchecks"
2018-10-09 08:09:47 -06:00
Jeremy Phillips
ad012f8db6
List not listing checks, but executing them. Then only displays the first check per group.
2018-10-09 08:52:24 -04:00
Toni de la Fuente
e20b32da0c
Merge pull request #253 from slmingol/master
...
Fixed typos
2018-10-08 17:16:02 -04:00
Toni de la Fuente
2483eb0d67
Merge pull request #254 from mixmatch/patch-1
...
Add missing permissions for prowler policy
2018-10-08 17:15:09 -04:00
