Skip to content

fix: Detecting conditions for CIS AWS v1.5.0 Section 1 #12670

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kodiakhq merged 8 commits into from
Aug 1, 2023
Merged

fix: Detecting conditions for CIS AWS v1.5.0 Section 1 #12670

kodiakhq merged 8 commits into from
Aug 1, 2023

Conversation

@aruneko
Copy link
Contributor

@aruneko aruneko commented Aug 1, 2023

Summary

I have fixed some detecting conditions for CIS AWS v1.5.0 Section 1.

  • Section 1.9
    • Fixed case condition.
    • The valid value of password_reuse_prevention is 1 to 24 (ref official doc).
    • The CIS Benchmarks says Ensure "Number of passwords to remember" is set to 24.
  • Section 1.15
    • Consider the case of inline policy against to an IAM user.

@cq-bot cq-bot added the aws label Aug 1, 2023
@aruneko aruneko changed the title fix(aws): Fix detecting conditions for CIS AWS v1.5.0 Section 1 fix: Fix detecting conditions for CIS AWS v1.5.0 Section 1 Aug 1, 2023
@aruneko aruneko changed the title fix: Fix detecting conditions for CIS AWS v1.5.0 Section 1 fix: Detecting conditions for CIS AWS v1.5.0 Section 1 Aug 1, 2023
@erezrokah
Copy link
Member

erezrokah commented Aug 1, 2023

/gen sha=4400f77794dd00098207b65dcb7898d3e2ddc260 plugin=aws

@cq-bot cq-bot added the website label Aug 1, 2023
erezrokah
erezrokah approved these changes Aug 1, 2023
View reviewed changes
Copy link
Member

@erezrokah erezrokah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @aruneko 🚀

@erezrokah erezrokah added the automerge Automatically merge once required checks pass label Aug 1, 2023
@kodiakhq kodiakhq bot merged commit f7bd160 into cloudquery:main Aug 1, 2023
@cq-bot cq-bot mentioned this pull request Aug 1, 2023
Merged
kodiakhq bot pushed a commit that referenced this pull request Aug 1, 2023
@cq-bot
chore(main): Release plugins-source-aws v22.3.0 (#12574)
af3850d 
🤖 I have created a release *beep* *boop*
---


## [22.3.0](plugins-source-aws-v22.2.0...plugins-source-aws-v22.3.0) (2023-08-01)


### This Release has the Following Changes to Tables
- Table `aws_appflow_flows` was added
- Table `aws_auditmanager_assessments` was added
- Table `aws_backup_report_plans` was added
- Table `aws_cloudformation_stacks`: column added with name `retain_except_on_create` and type `bool`
- Table `aws_ec2_ebs_snapshots`: column added with name `sse_type` and type `utf8`
- Table `aws_ec2_ebs_volumes`: column added with name `sse_type` and type `utf8`
- Table `aws_emr_notebook_executions` was added
- Table `aws_emr_release_labels` was added
- Table `aws_emr_steps` was added
- Table `aws_emr_supported_instance_types` was added
- Table `aws_rds_instances`: column added with name `percent_progress` and type `utf8`

### Features

* **resources:** Add support for Amazon Appflow Flows ([#12575](#12575)) ([43ed08e](43ed08e))
* **resources:** Add Support for AWS Audit Manager Assessments ([#12573](#12573)) ([ab5a939](ab5a939))
* **resources:** Add support for AWS Backup Report Plan ([#12578](#12578)) ([5fa1af1](5fa1af1))
* **resources:** Adding additional EMR cluster resources ([#12562](#12562)) ([4a25c5c](4a25c5c))
* **services:** Support newly added regions ([#12671](#12671)) ([5af2d31](5af2d31))


### Bug Fixes

* **deps:** Update AWS modules ([#12591](#12591)) ([20eb1bf](20eb1bf))
* **deps:** Update AWS modules ([#12592](#12592)) ([80ad5c5](80ad5c5))
* **deps:** Update github.com/apache/arrow/go/v13 digest to 112f949 ([#12659](#12659)) ([48d73a9](48d73a9))
* **deps:** Update github.com/cloudquery/arrow/go/v13 digest to 3452eb0 ([#12595](#12595)) ([c1c0949](c1c0949))
* **deps:** Update github.com/cockroachdb/cockroachdb-parser digest to 302c9ad ([#12664](#12664)) ([924509c](924509c))
* **deps:** Update github.com/gocarina/gocsv digest to 99d496c ([#12667](#12667)) ([428f719](428f719))
* **deps:** Update github.com/petermattis/goid digest to 80aa455 ([#12669](#12669)) ([a140396](a140396))
* Detecting conditions for CIS AWS v1.5.0 Section 1 ([#12670](#12670)) ([f7bd160](f7bd160))
* **resources:** Handle Pagination for AWS Code Commit Repositories ([#12653](#12653)) ([6f37e56](6f37e56))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
@aruneko aruneko deleted the fix/cis_aws_150_sec1 branch August 23, 2023 02:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@erezrokah erezrokah erezrokah approved these changes

@hermanschaaf hermanschaaf Awaiting requested review from hermanschaaf

@yevgenypats yevgenypats Awaiting requested review from yevgenypats

Assignees

No one assigned

Labels

automerge Automatically merge once required checks pass

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aruneko @erezrokah @cq-bot