Commit Graph

1857 Commits

Author SHA1 Message Date
Andrea Di Fabio d94acfeb17 New Extra Check - Detect SGs created by the EC2 Launch Wizard (#1081)
* new check

* added check to group

* fixed name

* added testpass logic

* Fixed a few issues

* Fixed more issues

* Updated to add extended information

* Added new line at end of file

* Fixed Spelling

* fix(title): Update title name

* refactor(style): Minor changes

Co-authored-by: Andrea Di Fabio <adifabio@amazon.com>
2022-03-29 10:06:44 +02:00
soffensive fcc14012da Update check_extra736, is missing $PROFILE_OPT (#1084)
$PROFILE_OPT was missing in one aws command
2022-03-29 09:11:41 +02:00
Lucas Moura cc8cbc89fd Fix typo extra729 and extra740 (#1083)
* Fix typo on remediation

* Fix typo on remediation description
2022-03-29 08:58:06 +02:00
Sergio Garcia 8582e40edf fix(secrets_library): Verify if detect-secrets library is missing (#1080) 2022-03-25 13:19:05 +01:00
Toni de la Fuente 1e87ef12ee feat(new_version): Prowler 2.8.1 (#1082) 2.8.1 2022-03-25 12:58:06 +01:00
Pepe Fagoaga 565200529f fix(detect-secrets): Include missing colon to link values (#1078) 2022-03-22 13:53:36 +01:00
Sergio Garcia 198c7f48ca fix(bucket_region): check extra764 doesn't handle bucket region properly (#1077)
* fix(bucket_region): check extra764 doesn't handle bucket region properly
2022-03-18 11:51:42 +01:00
Toni de la Fuente 8105e63b79 fix(extras-group): Add extra7172 to group extras (#1074) 2.8.0 2022-03-16 18:39:16 +01:00
Sergio Garcia 3932296fcf feat(new_version): Prowler 2.8.0 (#1073) 2022-03-16 18:15:57 +01:00
David Childs cb0d9d3392 fix(filter-region): Support comma separated regions (#1071)
* regions separated by a comma deliminator

* Update README.md

Co-authored-by: Toni de la Fuente <toni@blyx.com>

* Update README.md

Co-authored-by: David Childs <d.childs@elsevier.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Toni de la Fuente <toni@blyx.com>
2022-03-16 17:49:04 +01:00
Pepe Fagoaga 4b90eca21e docs(readme): Fix typo (#1072) 2022-03-16 16:54:27 +01:00
Toni de la Fuente 365b396f9a feat(metadata): Include account metadata in Prowler assessments (#1049)
* Add support for organizations accounts metadata part 1

* Add support for organizations accounts metadata part 2

* Add gathering account metadata from org

* chore(prowler): get accounts metadata

Use assume_role backing up normal assumed credentials to assume management account and then restore it to old ones

* fix(orgs metadata): deleted assume_role_orgs

* refactor(organization_metadata)

Reformulate to extract AWS Organizations metadata

* doc(org_metadata): include required -R in usage

* docs(org-metadata): Update README

Co-authored-by: n4ch04 <nachor1992@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
2022-03-16 16:27:19 +01:00
plarso c526c61d5e Fix(check122): Error when policy name contains commas (#1067)
* check122 - Support policy names with commas

* Requested changes
2022-03-16 15:06:12 +01:00
Leonardo Azize Martins c4aff56f23 fix(extra760): Improve error handling (#1055)
* Fix AccessDenied issue

* fix(extra760): Error handling

* Fix merge conflict

* Improve code style

* Fix grep filter

* Fix bash variable expansion

* Fix grep logic to handle zip file
2022-03-16 14:57:37 +01:00
n4ch04 d9e0ed1cc9 fix(check_extra7161): fixed check title (#1068) 2022-03-15 12:30:57 +01:00
Leonardo Azize Martins e77cd6b2b2 fix: Change lower case from bash variable expansion to tr (#1064)
* fix(extra715): Change lower case from bash variable expansion to tr command

* fix: Change from bash variable expansion to tr command

* Change the way to handle lower case
2022-03-15 08:22:22 +01:00
n4ch04 f04b174e67 fix(whitelist): Whitelist logic reformulated (#1061)
* fix(whitelist): Whitelist logic reformulated again

* chore(whitelist): reformulate style
2022-03-11 10:15:58 +01:00
Pepe Fagoaga 0c1c641765 fix(extra776): Handle image tag commas and json output (#1063) 2022-03-08 19:08:40 +01:00
xxxMinoo d44f6bf20f fix: extra7167 Advanced Shield and CloudFront bug parsing None output without distributions (#1062)
* fix: not to flag as finding for account without cloudfront distributions

* fix: output empty for None from cloudfront list-distributions

* fix: extra7167 Advanced Shield and CloudFront bug parsing None output without distributions

Co-authored-by: moo.xin.foo <moo.xin.foo@accenture.com>
2022-03-08 14:09:20 +01:00
Leonardo Azize Martins 1fa62cf417 fix(extra758): Reduce API calls. Print correct instance state. (#1057)
* fix(extra758): Reduce API calls. Print correct instance state.

* feat(oldage-format): Include comment

Co-authored-by: Pepe Fagoaga <pepe@verica.io>
2022-03-08 10:45:02 +01:00
Toni de la Fuente d8d2ddd9e7 Revert "fix: extra7167 Advanced Shield and CloudFront bug parsing None output without distributions (#1053)" (#1054)
This reverts commit f3ff8369c3.
2022-03-04 13:12:03 +01:00
xxxMinoo f3ff8369c3 fix: extra7167 Advanced Shield and CloudFront bug parsing None output without distributions (#1053)
* fix: not to flag as finding for account without cloudfront distributions

* fix: output empty for None from cloudfront list-distributions

Co-authored-by: moo.xin.foo <moo.xin.foo@accenture.com>
2022-03-04 10:25:47 +01:00
Roman Mueller 99d1868827 Add right region to CSV if access is denied (#1045) 2022-03-02 16:32:35 +01:00
Andrea Di Fabio 31cefa5b3c Make python3 default in Dockerfile (#1043) 2022-03-02 16:21:28 +01:00
Andrea Di Fabio 2d5ac8238b Added Timestamp to secrets related 5 checks (#1041) 2022-03-02 15:56:02 +01:00
Leonardo Azize Martins 248cc9d68b Fix(extra771): jq fail when policy action is an array (#1031)
* Fix error handling and policy output

* Fix jq filter when Action is an array

Fix jq select condition to handle Action as string or as array.
Add error handling.
When fail, print policies as just one line.

* Double quote variables to prevent globbing and word splitting

* Replace comma character from json by word comma
2022-03-02 15:04:18 +01:00
Leonardo Azize Martins 5f0a5b57f9 Fix(ES): Improve AWS CLI query and add error handling for ElasticSearch/OpenSearch checks (#1032)
* Fix CLI query and add error handling

Check extra781, extra782, extra783, extra784 and extra785

* Fix CLI query, add error handling, combine AWS CLI calls when possible

Checks related to Opensearch/ElasticSearch.

* Fix CLI query, add error handling, combine AWS CLI calls when possible

Checks related to Opensearch/ElasticSearch.
2022-03-02 12:44:24 +01:00
Pepe Fagoaga 86367fca3f fix: remove PR automatic labels (#1044) 2022-02-15 08:19:40 +01:00
Pepe Fagoaga 07be3c21bf docs(templates): Include triage label (#1042) 2022-02-14 17:47:53 +01:00
n4ch04 3097ba6c66 fix(include/outputs):Rolling back whitelist checking to RE check (#1037)
* fix(include/outputs):Rolling back whitelist checking to RE check

* fix(include/ouputs): Clarified variable assignation coming from argument
2022-02-14 13:04:47 +01:00
n4ch04 b4669a2a72 fix(check41/42): Added tcp protocol filter to query (#1035)
* fix(check41/42): Added tcp protocol filter to query

* Include {} in vars

Co-authored-by: Pepe Fagoaga <pepe@verica.io>

* Include {} in vars

Co-authored-by: Pepe Fagoaga <pepe@verica.io>

Co-authored-by: Pepe Fagoaga <pepe@verica.io>
2022-02-11 10:54:32 +01:00
Leonardo Azize Martins e8848ca261 docs: Improve check_sample examples, add general comments (#1039) 2022-02-10 17:58:50 +01:00
Pepe Fagoaga 5c6902b459 fix(extra730): Handle invalid date formats checking ACM certificates (#1033) 2022-02-09 17:56:55 +01:00
Leonardo Azize Martins 9b772a70a1 Fix(extra7141): Error handling and include missing policy (#1024)
* Fix AccessDenied issue when get document

Add check to validate access denied when get document from SSM.
Add missing action permission to allow ssm:GetDocument.

* Double quote variables to prevent globbing and word splitting
2022-02-09 16:01:01 +01:00
Pepe Fagoaga 6c12a3e1e0 fix(extra736): Recover Customer Managed KMS keys (#1036) 2022-02-09 10:05:57 +01:00
jeffmaley c6f0351e9c feat(check): New check7172 for S3 Bucket ACLs (#1023)
* added check7172 for s3 bucket acls

* Added more errors to error handling and an access check for s3

* Removed extra api call

Co-authored-by: Jeff Maley <jeff.maley@symmetry-systems.com>
2022-02-07 16:58:18 -05:00
Martin Muller 7e90389dab fix: CFN codebuild example (#1030)
Since 2.7.0 this template failed:

```
An error occurred (AccessDeniedException) when calling the GetSubscriptionState operation: User: arn:aws:sts::863046042023:assumed-role/prowler-codebuild-role/AWSCodeBuild-2c3151c9-7c5d-4618-94e5-0234bddce775 is not authorized to perform: shield:GetSubscriptionState on resource: arn:aws:shield::863046042023:subscription/* because no identity-based policy allows the shield:GetSubscriptionState action
       INFO! No AWS Shield Advanced subscription found. Skipping check. 
7.167 [extra7167] Check if Cloudfront distributions are protected by AWS Shield Advanced - shield [Medium]
```

I aligned it with https://github.com/prowler-cloud/prowler/blob/master/iam/prowler-additions-policy.json#L19 .
2022-02-04 12:09:53 -05:00
n4ch04 30ce25300f fix(include/outputs): Whitelist logic reformulated to exactly match input (#1029)
* fix(inlcude/outputs) Whitelist logic reformulated to exactly match input

* fix(include/outputs): Changed name of iterative variable that browses whitelisted values

* fix(include/outputs): Deleted missing echo and include and put variables in brackets
2022-02-04 12:07:48 -05:00
Pepe Fagoaga 26caf51619 fix(CODEOWNERS): Rename team (#1027) 2022-02-04 12:05:43 -05:00
Leonardo Azize Martins 3ecb5dbce6 Fix AccessDenied issue (#1025) 2022-02-04 12:05:10 -05:00
Toni de la Fuente 1d409d04f2 Fix (extra7148 and add action #1017 (#1021) 2022-02-04 11:58:22 -05:00
Daniel Lorch 679414418e Fix: when prowler exits with a non-zero status, the remainder of the block is not executed (#1015)
* Fix: when prowler exits with a non-zero status, the remainder of the block is not executed

* Fix: do not trigger exit code 3 on failed checks, so that the remainder of the block is executed
2022-02-02 17:45:56 +01:00
Daniel Lorch b26370d508 Typo (breaking change) (#1010)
Co-authored-by: Daniel Lorch <lorchda@amazon.ch>
2022-02-02 11:13:31 -05:00
Daniel Lorch 72b30aa45f Skip packages with broken dependencies when upgrading system (#1009)
Co-authored-by: Daniel Lorch <lorchda@amazon.ch>
2022-02-02 11:12:58 -05:00
n4ch04 d9561d5d22 fix(check32): filterName base64encoded to avoid space problems in filter names (#1020)
* fix(check32): filterName base64encoded to avoid space problems in filter names

* fix(check32): base64 decoding atomic expression

* fix(check32): Variable enclosing

Co-authored-by: Nacho Rivera <nachor1992@gmail>
2022-02-02 11:09:38 -05:00
Mike Stewart 3d0ab4684f docs(docker): Docker hub references (#1018) 2022-02-02 16:45:07 +01:00
Daniel Lorch 29a071c98e docs(whitelist): Add examples for Control Tower resources (#1013) 2022-02-02 13:36:02 +01:00
Daniel Lorch 0ac7064d80 fix(ftr-group): Visual formatting (#1012) 2022-02-02 13:17:46 +01:00
Toni de la Fuente dcd55dbb8f Add badges 2022-01-28 12:12:59 +01:00
Jan Sepke 441dc11963 Fix issue #1002 (#1007)
regression in extra793

Co-authored-by: Jan Sepke <jan.sepke@jungheinrich.de>
2022-01-28 11:01:32 +01:00