2d64a1182e
Added account id to the output filename
2020-04-22 12:31:27 +02:00
43fb877109
Added account id to the output filename
2020-04-22 12:28:31 +02:00
ef952ce9cc
Simplified caller id info on outputs
2020-04-22 12:07:20 +02:00
0cca77a141
Check if gbase64 (GNU) is available on Mac and use it in preference to BSD base64 @marcjay
...
Check if gbase64 (GNU) is available on Mac and use it in preference to BSD base64
2020-04-22 12:01:40 +02:00
5b9cf7fa99
Fix -E flag no longer excluding checks @marcjay
...
Fix -E flag no longer excluding checks
2020-04-22 11:55:01 +02:00
5805576dce
Check if gbase64 (GNU) is available on Mac and use it in preference to BSD base64
...
Previously it was switching to GNU versions of base64 even if base64 was the BSD version
Fixes #568
2020-04-22 10:35:33 +01:00
9cbdefc2de
Adds CSV header to the output file too #565
2020-04-22 11:27:08 +02:00
c2669622cf
Fix -E flag no longer excluding checks
...
Remove re-declaration of TOTAL_CHECKS variable
Bug introduced by #561
Fixes #566
2020-04-22 09:58:33 +01:00
b9051e6fc9
Merge pull request #563 from marcjay/correct-check13-496
...
Extend check13 to meet all CIS rules and consolidate with extra774
2020-04-22 10:46:37 +02:00
92091d9ecd
Rollback #562 fix issue #564
2020-04-22 10:31:30 +02:00
ad66254b45
Extend check13 to meet all CIS rules and consolidate with extra774
...
Create `include/check_creds_last_used` and move all logic for checking last usages of passwords and access keys there
Modify check13 and extra774 to call new function, specifying time-range of last 90 days and last 30 days respectively
Modify messages in check14 and check121 so that all mentions of 'access key's are consistent
Fixes #496
2020-04-21 01:21:55 +01:00
d6374f8bc8
Updated textInfo message on extra712
2020-04-20 19:27:39 +02:00
0c7805356e
Enhancement: extra712 improved with Macie API call instead of IAM @eko0126
...
using api commands to check if macie is enabled instead of looking ia…
2020-04-20 19:20:13 +02:00
86ea46d77c
Update check_extra712
2020-04-20 19:19:05 +02:00
3feac6f75b
Improve listing of Checks and Groups @marcjay
...
Improve listing of Checks and Groups
2020-04-20 19:14:50 +02:00
71bf414faf
Merge branch 'master' into improve-listing-of-checks-and-groups-545
2020-04-20 18:11:06 +01:00
38a970f4fc
Enhancement: extra768 only check latest version of ECS task definition
...
Only check latest version of task definition
2020-04-20 19:00:26 +02:00
3dae201a80
Merge branch 'marcjay-add-junit-xml-output-mode-log-duration-537'
2020-04-20 18:57:27 +02:00
d45b739b1e
Merge branch 'add-junit-xml-output-mode-log-duration-537' of https://github.com/marcjay/prowler into marcjay-add-junit-xml-output-mode-log-duration-537
2020-04-20 18:51:26 +02:00
ce56f0cb24
git push origin masterMerge branch 'nalansitan-extra725'
2020-04-20 18:49:37 +02:00
d02d9e1c95
Merge branch 'extra725' of https://github.com/nalansitan/prowler into nalansitan-extra725
2020-04-20 18:46:39 +02:00
5b8370179a
Get the list of families and then get latest task definition
2020-04-20 09:15:15 -04:00
b42cc33a6c
using api commands to check if macie is enabled instead of looking iam role
2020-04-20 15:01:38 +08:00
8f179338d8
Fix invalid references to $i when it should reference a local $group_index variable
2020-04-20 01:30:37 +01:00
47a05c203a
Improve listing of Checks and Groups
...
Change `-l` flag to print a unique list of every single check (assuming none are orphaned outside of all groups)
Allow `-g <group_id>` to be specified in combination with `-l`, to only print checks that are referenced by the specified group
When listing all checks with `-l` only, print out all groups that reference each check
Fixes : #545
2020-04-20 01:12:53 +01:00
6747b208ce
Improved extra716 and extra788
2020-04-17 15:16:55 +02:00
78f649bd65
Replace -J flag with junit-xml output format
...
Rearrange output functions so they support outputting text alongside other formats, if specified
Add a convenience function for checking if JUnit output is enabled
Move monochrome setting into loop so it better supports multiple formats
Update README
2020-04-15 23:36:40 +01:00
172f4b2681
Only check latest version of task definition
2020-04-15 15:19:44 -04:00
dc31adcc18
Rename JUnit XML files to match the Java convention - with a 'TEST-' prefix
2020-04-15 13:42:33 +01:00
fa17829832
Fix arithmetic expression for calculating test duration
2020-04-15 12:52:48 +01:00
994390351e
Add the ability to generate JUnit XML reports with a -J flag
...
If the -J flag is passed, generate JUnit XML reports for each check, in-line with how Java tools generate JUnit reports.
Check section numbers equate to 'root packages', checks are second-level packages, each check equates to a testsuite (mirroring Java where each test class is a testsuite) and each pass/fail of a check equates to a testcase
Time the execution of each check and include this in the report
Include properties (Prowler version, check level etc.) in-line with standard JUnit files
XML escape all strings for safety
Detect if a user has GNU coreutils installed on Mac OS X, but not as their default, switching to using gdate for date commands if so, as it has more features, including getting dates in milliseconds
Add prowler-output, junit-reports and VSCode files to .gitignore
Update README to include JUnit info, address markdownlint warnings
Remove unused arguments to jq in generateJsonAsffOutput
Fixes #537
2020-04-15 02:36:16 +01:00
462527015c
Merge branch 'marcjay-simplify-check-id-variables'
2020-04-15 00:24:17 +02:00
3311acf82c
Merge branch 'simplify-check-id-variables' of https://github.com/marcjay/prowler into marcjay-simplify-check-id-variables
2020-04-15 00:23:54 +02:00
f065beb93b
Fixed title in group16_trustboundaries
2020-04-14 23:57:55 +02:00
2de49c3940
Added more sample commands and updates
2020-04-14 23:55:02 +02:00
f3664b56ec
Open
2020-04-14 22:46:44 +02:00
4ea1864365
Allow multiple report types at once #345
2020-04-14 22:28:58 +02:00
e6fe5addbc
Added section for Security Hub integration
2020-04-14 18:52:48 +02:00
58d793ec2a
Added section for Security Hub integration
2020-04-14 18:51:13 +02:00
973f6b39a0
Merge branch 'master' of https://github.com/toniblyx/prowler
2020-04-14 16:45:54 +02:00
11c182c5fe
Fixed issue with regions on check21
2020-04-14 16:45:37 +02:00
036ae640e5
support arn:aws:s3::: on extra725
2020-04-14 10:38:01 +08:00
7e5a4a1de4
Adjust execute_check() now that check71's ID has changed
...
Fix minor typo in a comment
2020-04-14 02:17:28 +01:00
0f49468601
Limit CHECK_ID to a single value, handing the left-pad formatting in one place
...
Remove the second entry in any comma-separated check IDs from each check, formatting
the check ID with leading zeros in `include/outputs` if the `-n` flag is active
2020-04-14 02:02:48 +01:00
df52057287
Fix: extra741 - Check if User Data is a valid GZIP file before attempting to gunzip @marcjay
...
Extra741 - Check if User Data is a valid GZIP file before attempting to gunzip
2020-04-13 23:53:39 +02:00
460f65618b
Add clarifying text to pass/fail messages
2020-04-13 22:43:22 +01:00
c4374a2818
Extra741 - Check if User Data is a valid GZIP file before attempting to gunzip
...
Test if the user data is a valid GZIP file using `gunzip -t` and only then attempt to gunzip it
Remove some code duplication
Fixes #535
2020-04-13 22:27:22 +01:00
9be0b3f749
Prowler IAM Policy Enhancements and README Updates @tekdj7
...
Prowler IAM Policy Enhancements and README Updates @tekdj7
2020-04-13 18:52:28 +02:00
05247a2ccb
Prowler IAM Policy Enhancements and ReadMe Updates
2020-04-13 12:39:20 -04:00
a4264628cb
Extra725 - Improved support cross account and region cloudtrail @patdowney
...
Extra725 - Support cross account and region cloudtrail
2020-04-13 18:34:31 +02:00
Toni de la Fuente