prowler

mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00

Author	SHA1	Message	Date
Toni de la Fuente	9732e5be70	Reduce needed actions in additions policy @	2020-06-29 13:59:19 +02:00
Julio Delgado Jr	05247a2ccb	Prowler IAM Policy Enhancements and ReadMe Updates	2020-04-13 12:39:20 -04:00
Nick Malcolm	0d1807bd33	Remove `ses:sendemails` Prowler doesn't need to send emails via SES. https://github.com/toniblyx/prowler/issues/124	2020-02-12 11:38:23 +13:00
Toni de la Fuente	b35350291f	Merge pull request #442 from dbellizzi/patch-1 add "lambda:GetAccountSettings", "lambda:GetFunctionConfiguration", "lambda:GetLayerVersionPolicy", "lambda:GetPolicy", "lambda:List*", to prowler-additions-policy	2020-01-27 18:07:05 -05:00
Toni de la Fuente	f038074e0c	Update prowler-additions-policy.json	2020-01-27 18:06:43 -05:00
Toni de la Fuente	20b127f516	Added DS IAM actions	2019-12-26 16:34:24 +01:00
Dominick Bellizzi	cc5da42797	add lambda:get* to prowler-additions-policy The check: 7.60 [extra760] Find secrets in Lambda functions code (Not Scored) (Not part of CIS benchmark) errors by default, with the following: An error occurred (AccessDeniedException) when calling the GetFunction operation: User: user/prowler is not authorized to perform: lambda:GetFunction on resource: arn:aws:lambda:eu-west-2:347708466071:function:ApiSimpleDelayDDMonitor Adding this policy to be successfully run that check.	2019-12-18 14:53:09 -08:00
Dominick Bellizzi	7cb869ad33	use more generic access-analyzer:List*	2019-12-12 09:36:19 -08:00
Dominick Bellizzi	53f097c2af	Add "access-analyzer:ListTagsForResource" to prowler-additions-policy.json check extra769 (Check if IAM Access Analyzer is enabled and its findings) requires this IAM permission	2019-12-06 14:49:36 -08:00
Toni de la Fuente	3f68accf6f	Added missing file iam/prowler-additions-policy.json	2019-11-26 09:57:29 +01:00

10 Commits