* regions separated by a comma deliminator
* Update README.md
Co-authored-by: Toni de la Fuente <toni@blyx.com>
* Update README.md
Co-authored-by: David Childs <d.childs@elsevier.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Toni de la Fuente <toni@blyx.com>
* Add support for organizations accounts metadata part 1
* Add support for organizations accounts metadata part 2
* Add gathering account metadata from org
* chore(prowler): get accounts metadata
Use assume_role backing up normal assumed credentials to assume management account and then restore it to old ones
* fix(orgs metadata): deleted assume_role_orgs
* refactor(organization_metadata)
Reformulate to extract AWS Organizations metadata
* doc(org_metadata): include required -R in usage
* docs(org-metadata): Update README
Co-authored-by: n4ch04 <nachor1992@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
* fix(extra715): Change lower case from bash variable expansion to tr command
* fix: Change from bash variable expansion to tr command
* Change the way to handle lower case
* fix: not to flag as finding for account without cloudfront distributions
* fix: output empty for None from cloudfront list-distributions
* fix: extra7167 Advanced Shield and CloudFront bug parsing None output without distributions
Co-authored-by: moo.xin.foo <moo.xin.foo@accenture.com>
* fix: not to flag as finding for account without cloudfront distributions
* fix: output empty for None from cloudfront list-distributions
Co-authored-by: moo.xin.foo <moo.xin.foo@accenture.com>
* Fix error handling and policy output
* Fix jq filter when Action is an array
Fix jq select condition to handle Action as string or as array.
Add error handling.
When fail, print policies as just one line.
* Double quote variables to prevent globbing and word splitting
* Replace comma character from json by word comma
* Fix CLI query and add error handling
Check extra781, extra782, extra783, extra784 and extra785
* Fix CLI query, add error handling, combine AWS CLI calls when possible
Checks related to Opensearch/ElasticSearch.
* Fix CLI query, add error handling, combine AWS CLI calls when possible
Checks related to Opensearch/ElasticSearch.
* fix(check41/42): Added tcp protocol filter to query
* Include {} in vars
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
* Include {} in vars
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
* Fix AccessDenied issue when get document
Add check to validate access denied when get document from SSM.
Add missing action permission to allow ssm:GetDocument.
* Double quote variables to prevent globbing and word splitting
* added check7172 for s3 bucket acls
* Added more errors to error handling and an access check for s3
* Removed extra api call
Co-authored-by: Jeff Maley <jeff.maley@symmetry-systems.com>
Since 2.7.0 this template failed:
```
An error occurred (AccessDeniedException) when calling the GetSubscriptionState operation: User: arn:aws:sts::863046042023:assumed-role/prowler-codebuild-role/AWSCodeBuild-2c3151c9-7c5d-4618-94e5-0234bddce775 is not authorized to perform: shield:GetSubscriptionState on resource: arn:aws:shield::863046042023:subscription/* because no identity-based policy allows the shield:GetSubscriptionState action
INFO! No AWS Shield Advanced subscription found. Skipping check.
7.167 [extra7167] Check if Cloudfront distributions are protected by AWS Shield Advanced - shield [Medium]
```
I aligned it with https://github.com/prowler-cloud/prowler/blob/master/iam/prowler-additions-policy.json#L19 .
* fix(inlcude/outputs) Whitelist logic reformulated to exactly match input
* fix(include/outputs): Changed name of iterative variable that browses whitelisted values
* fix(include/outputs): Deleted missing echo and include and put variables in brackets
* Fix: when prowler exits with a non-zero status, the remainder of the block is not executed
* Fix: do not trigger exit code 3 on failed checks, so that the remainder of the block is executed
