mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 23:05:05 +00:00
32 lines
1.7 KiB
Bash
32 lines
1.7 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Prowler - the handy cloud security tool (copyright 2019) by Toni de la Fuente
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
|
# use this file except in compliance with the License. You may obtain a copy
|
|
# of the License at http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software distributed
|
|
# under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
|
|
# CONDITIONS OF ANY KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations under the License.
|
|
|
|
CHECK_ID_check13="1.3"
|
|
CHECK_TITLE_check13="[check13] Ensure credentials unused for 90 days or greater are disabled"
|
|
CHECK_SCORED_check13="SCORED"
|
|
CHECK_TYPE_check13="LEVEL1"
|
|
CHECK_SEVERITY_check13="Medium"
|
|
CHECK_ASFF_TYPE_check13="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
|
|
CHECK_ASFF_RESOURCE_TYPE_check13="AwsIamUser"
|
|
CHECK_ALTERNATE_check103="check13"
|
|
CHECK_ASFF_COMPLIANCE_TYPE_check13="ens-op.acc.1.aws.iam.3 ens-op.acc.5.aws.iam.4"
|
|
CHECK_SERVICENAME_check13="iam"
|
|
CHECK_RISK_check13='AWS IAM users can access AWS resources using different types of credentials (passwords or access keys). It is recommended that all credentials that have been unused in 90 or greater days be removed or deactivated.'
|
|
CHECK_REMEDIATION_check13='Use the credential report to ensure password_last_changed is less than 90 days ago.'
|
|
CHECK_DOC_check13='https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html'
|
|
CHECK_CAF_EPIC_check13='IAM'
|
|
|
|
check13(){
|
|
check_creds_used_in_last_days 90
|
|
}
|