-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(check): New check7172 for S3 Bucket ACLs #1023
Conversation
Why execute two CLI commands if one is enough? Variable
|
My thought was to keep the two bits separate. If we need to change the access check or bucket controls check, we don't have to refactor the other piece. If you'd rather they be combined, I will make the change. |
There is a throttling that impacts Prowler when it is running inside AWS, so I believe fewer request is better. But let's wait maintainer people to comment. |
I agree with @lazize the less the better regardless of cli and boto3 underneath. |
and thank you @jeffmaley for the check! |
I've condensed the access check into the s3 check itself and removed the extra api call. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Context
#1022
Description
This pr adds a check (7172) to look for bucket ACLs
License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.