diff --git a/contrib/k8s/helm/prowler-api/values.yaml b/contrib/k8s/helm/prowler-api/values.yaml index 16cd48058c..40a7fda298 100644 --- a/contrib/k8s/helm/prowler-api/values.yaml +++ b/contrib/k8s/helm/prowler-api/values.yaml @@ -399,7 +399,6 @@ mainConfig: [ "RSA-1024", "P-192", - "SHA-1", ] # AWS EKS Configuration diff --git a/prowler/config/config.yaml b/prowler/config/config.yaml index c8a2ee7e50..26b196e178 100644 --- a/prowler/config/config.yaml +++ b/prowler/config/config.yaml @@ -327,7 +327,6 @@ aws: [ "RSA-1024", "P-192", - "SHA-1", ] # AWS EKS Configuration diff --git a/prowler/providers/aws/services/acm/acm_certificates_with_secure_key_algorithms/acm_certificates_with_secure_key_algorithms.py b/prowler/providers/aws/services/acm/acm_certificates_with_secure_key_algorithms/acm_certificates_with_secure_key_algorithms.py index f2135cf77a..2ac5dd9199 100644 --- a/prowler/providers/aws/services/acm/acm_certificates_with_secure_key_algorithms/acm_certificates_with_secure_key_algorithms.py +++ b/prowler/providers/aws/services/acm/acm_certificates_with_secure_key_algorithms/acm_certificates_with_secure_key_algorithms.py @@ -14,7 +14,7 @@ class acm_certificates_with_secure_key_algorithms(Check): report.status = "PASS" report.status_extended = f"ACM Certificate {certificate.id} for {certificate.name} uses a secure key algorithm ({certificate.key_algorithm})." if certificate.key_algorithm in acm_client.audit_config.get( - "insecure_key_algorithms", ["RSA-1024", "P-192", "SHA-1"] + "insecure_key_algorithms", ["RSA-1024", "P-192"] ): report.status = "FAIL" report.status_extended = f"ACM Certificate {certificate.id} for {certificate.name} does not use a secure key algorithm ({certificate.key_algorithm})." diff --git a/tests/config/config_test.py b/tests/config/config_test.py index d796bfde1a..465d16a05a 100644 --- a/tests/config/config_test.py +++ b/tests/config/config_test.py @@ -297,7 +297,6 @@ config_aws = { "insecure_key_algorithms": [ "RSA-1024", "P-192", - "SHA-1", ], "eks_required_log_types": [ "api", diff --git a/tests/config/fixtures/config.yaml b/tests/config/fixtures/config.yaml index e9a4e6fad2..4d528e97da 100644 --- a/tests/config/fixtures/config.yaml +++ b/tests/config/fixtures/config.yaml @@ -317,7 +317,6 @@ aws: [ "RSA-1024", "P-192", - "SHA-1", ] # AWS EKS Configuration