mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 14:55:00 +00:00
29 lines
1.4 KiB
Bash
29 lines
1.4 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Prowler - the handy cloud security tool (c) by Toni de la Fuente
|
|
#
|
|
# This Prowler check is licensed under a
|
|
# Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
|
|
#
|
|
# You should have received a copy of the license along with this
|
|
# work. If not, see <http://creativecommons.org/licenses/by-nc-sa/4.0/>.
|
|
|
|
CHECK_ID_check13="1.3"
|
|
CHECK_TITLE_check13="[check13] Ensure credentials unused for 90 days or greater are disabled (Scored)"
|
|
CHECK_SCORED_check13="SCORED"
|
|
CHECK_TYPE_check13="LEVEL1"
|
|
CHECK_SEVERITY_check13="Medium"
|
|
CHECK_ASFF_TYPE_check13="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
|
|
CHECK_ASFF_RESOURCE_TYPE_check13="AwsIamUser"
|
|
CHECK_ALTERNATE_check103="check13"
|
|
CHECK_ASFF_COMPLIANCE_TYPE_check13="ens-op.acc.1.aws.iam.3 ens-op.acc.5.aws.iam.4"
|
|
CHECK_SERVICENAME_check13="iam"
|
|
CHECK_RISK_check13='AWS IAM users can access AWS resources using different types of credentials (passwords or access keys). It is recommended that all credentials that have been unused in 90 or greater days be removed or deactivated.'
|
|
CHECK_REMEDIATION_check13='Use the credential report to ensure password_last_changed is less than 90 days ago.'
|
|
CHECK_DOC_check13='https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html'
|
|
CHECK_CAF_EPIC_check13='IAM'
|
|
|
|
check13(){
|
|
check_creds_used_in_last_days 90
|
|
}
|