Skip to content

Commit

Permalink
support arn:aws:s3::: on extra725
Browse files Browse the repository at this point in the history
  • Loading branch information
@nalansitan
nalansitan committed Apr 14, 2020
1 parent df52057 commit 036ae64
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion checks/check_extra725
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ extra725(){
if [[ $LIST_OF_TRAILS ]]; then
BUCKET_ENABLED_TRAILS=()
for trail in $LIST_OF_TRAILS; do
BUCKET_ENABLED_IN_TRAIL=$($AWSCLI cloudtrail get-event-selectors $PROFILE_OPT --trail-name $trail --query "EventSelectors[*].DataResources[?Type == \`AWS::S3::Object\`].Values" --output text |xargs -n1| grep -E "^arn:aws:s3:::$bucketName/\S*$|^arn:aws:s3$")
BUCKET_ENABLED_IN_TRAIL=$($AWSCLI cloudtrail get-event-selectors $PROFILE_OPT --trail-name $trail --query "EventSelectors[*].DataResources[?Type == \`AWS::S3::Object\`].Values" --output text |xargs -n1| grep -E "^arn:aws:s3:::$bucketName/\S*$|^arn:aws:s3$|^arn:aws:s3:::$")
if [[ $BUCKET_ENABLED_IN_TRAIL ]]; then
BUCKET_ENABLED_TRAILS+=($trail)
# textPass "$regx: S3 bucket $bucketName has Object-level logging enabled in trail $trail" "$regx"
Expand Down

0 comments on commit 036ae64

Please sign in to comment.