New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … #93
Conversation
…3306, 5439, 5601, 8080, 9200 and 9300
Everything looks good but I see that you have not added the unit test for these remediations job. Please add unit test and update the tox and main Readme file as well. You should run tox as a final test to see if all the requirements are specified. In Readme update the list of supported remediation jobs. |
… pkg from ec2_close_port_20.py
I have included the unit test for each of the scripts, updated tox.ini, and ran the tox to ensure the unit tests passed. |
Add changes to the README.md to the PR. |
README.md
Outdated
@@ -134,6 +134,17 @@ The table below lists all the supported jobs with their links. | |||
| 21. | 688d093c-3b8d-11eb-adc1-0242ac120002 | S3 bucket should allow only HTTPS requests | [aws-s3-bucket-policy-allow-https](remediation_worker/jobs/aws_s3_bucket_policy_allow_https) | | |||
| 22. | 09639b9d-98e8-493b-b8a4-916775a7dea9 | SQS queue policy should restricted access to required users | [aws-sqs-queue-publicly-accessible](remediation_worker/jobs/aws_sqs_queue_publicly_accessible) | | |||
| 23. | 1ec4a1f2-3e08-11eb-b378-0242ac130002 | Network ACL should restrict administration ports (3389 and 22) from public access | [aws-ec2-administration-ports-ingress-allowed](remediation_worker/jobs/aws_ec2_administration_ports_ingress_allowed) | | |||
| 24. | 5c8c263d7a550e1fb6560c39 | EC2 instance should restrict public access to SSH port (20) | [ec2-close-port-20](remediation_worker/jobs/ec2_close_port_20) | | |||
| 25. | 4823ede0-7bed-4af0-a182-81c2ada80203 | EC2 instance should restrict public access to SSH port (5601) | [ec2-close-port-5601](remediation_worker/jobs/ec2_close_port_5601) | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rule Name for port 5601 is this - EC2 instance should restrict public access to Kibana port (5601)
Correct the rule names for all the other entries as well. Also, check if you are using the correct rule name and rule id in all the readme files.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry my bad... i copied and pasted from port 22. I updated the README accordingly to individual port's README.
Thanks for catching this.
* Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com>
* Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com>
* Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com>
* Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws rds snapshots remove public access * Updated the filename and testing steps in the readme * Corrected the ruleid, added unit test and modified the remediation logic to change the errorcode to the snapshot relevant errorcode and check if all is present in the attribute value list instead of direct equality check as attribute values is a list * Updated tox.ini * Corrected the ruleid in the remediation readme Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com>
* Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws ec2 close port 11211 * Updated readme file to reflect the correct python file name * Updates to readme to use the relevant python file * Update the ruleid to use the right one and create unit test case for closing port 11211 for ec2 * Updated the main readme and the tox file * Fixed the readme file by adding back the aws_iam_server_certificate_expired block and then including the aws_ec2_close_port_11211 Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com>
* Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) * Initial commit for aws s3 remove full access to authenticated users (#118) * Initial commit for aws s3 remove full access to authenticated users * Correct the ruleid, minimum permissions, removed the botocore.exceptions.ClientError as put_bucket_acl doesnot throw exception and created test case * Updated the main readme and tox.ini file * Included a try catch exception block in the remediation job and added test case for exception case * Aws rds snapshot remove publicaccess (#117) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws rds snapshots remove public access * Updated the filename and testing steps in the readme * Corrected the ruleid, added unit test and modified the remediation logic to change the errorcode to the snapshot relevant errorcode and check if all is present in the attribute value list instead of direct equality check as attribute values is a list * Updated tox.ini * Corrected the ruleid in the remediation readme Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Aws ec2 close port 11211 (#116) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws ec2 close port 11211 * Updated readme file to reflect the correct python file name * Updates to readme to use the relevant python file * Update the ruleid to use the right one and create unit test case for closing port 11211 for ec2 * Updated the main readme and the tox file * Fixed the readme file by adding back the aws_iam_server_certificate_expired block and then including the aws_ec2_close_port_11211 Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Modified the remediation logic to check for protocol udp instead of tcp as the remediation is for closing the open udp port for memcache (#119) * Fixed RDS Snapshot remove public access remediation job (#120) * PLA-35232 - Fixed remediation jobs that does not report failures (#124) * PLA-38601 - Fixed azure remediation jobs to wait for the poller result (#125) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> Co-authored-by: sreedevikr <90842270+sreedevikr@users.noreply.github.com> Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com>
* Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) * Initial commit for aws s3 remove full access to authenticated users (#118) * Initial commit for aws s3 remove full access to authenticated users * Correct the ruleid, minimum permissions, removed the botocore.exceptions.ClientError as put_bucket_acl doesnot throw exception and created test case * Updated the main readme and tox.ini file * Included a try catch exception block in the remediation job and added test case for exception case * Aws rds snapshot remove publicaccess (#117) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws rds snapshots remove public access * Updated the filename and testing steps in the readme * Corrected the ruleid, added unit test and modified the remediation logic to change the errorcode to the snapshot relevant errorcode and check if all is present in the attribute value list instead of direct equality check as attribute values is a list * Updated tox.ini * Corrected the ruleid in the remediation readme Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Aws ec2 close port 11211 (#116) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws ec2 close port 11211 * Updated readme file to reflect the correct python file name * Updates to readme to use the relevant python file * Update the ruleid to use the right one and create unit test case for closing port 11211 for ec2 * Updated the main readme and the tox file * Fixed the readme file by adding back the aws_iam_server_certificate_expired block and then including the aws_ec2_close_port_11211 Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Modified the remediation logic to check for protocol udp instead of tcp as the remediation is for closing the open udp port for memcache (#119) * Fixed RDS Snapshot remove public access remediation job (#120) * PLA-35232 - Fixed remediation jobs that does not report failures (#124) * PLA-38601 - Fixed azure remediation jobs to wait for the poller result (#125) * PLA-38601 - Fixed azure security port jobs (#128) * PLA-38601 - Fixed azure remediation jobs to wait for the poller result * PLA-38601 - Add all the required source checks for azure security group port rules Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> Co-authored-by: sreedevikr <90842270+sreedevikr@users.noreply.github.com> Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com>
* Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) * Initial commit for aws s3 remove full access to authenticated users (#118) * Initial commit for aws s3 remove full access to authenticated users * Correct the ruleid, minimum permissions, removed the botocore.exceptions.ClientError as put_bucket_acl doesnot throw exception and created test case * Updated the main readme and tox.ini file * Included a try catch exception block in the remediation job and added test case for exception case * Aws rds snapshot remove publicaccess (#117) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws rds snapshots remove public access * Updated the filename and testing steps in the readme * Corrected the ruleid, added unit test and modified the remediation logic to change the errorcode to the snapshot relevant errorcode and check if all is present in the attribute value list instead of direct equality check as attribute values is a list * Updated tox.ini * Corrected the ruleid in the remediation readme Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Aws ec2 close port 11211 (#116) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws ec2 close port 11211 * Updated readme file to reflect the correct python file name * Updates to readme to use the relevant python file * Update the ruleid to use the right one and create unit test case for closing port 11211 for ec2 * Updated the main readme and the tox file * Fixed the readme file by adding back the aws_iam_server_certificate_expired block and then including the aws_ec2_close_port_11211 Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Modified the remediation logic to check for protocol udp instead of tcp as the remediation is for closing the open udp port for memcache (#119) * Fixed RDS Snapshot remove public access remediation job (#120) * PLA-35232 - Fixed remediation jobs that does not report failures (#124) * PLA-38601 - Fixed azure remediation jobs to wait for the poller result (#125) * PLA-38601 - Fixed azure security port jobs (#128) * PLA-38601 - Fixed azure remediation jobs to wait for the poller result * PLA-38601 - Add all the required source checks for azure security group port rules * PLA-45823 - Updated remediation job to restrict unsecured HTTP requests for S3 Bucket (#131) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> Co-authored-by: sreedevikr <90842270+sreedevikr@users.noreply.github.com> Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com>
* Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) * Initial commit for aws s3 remove full access to authenticated users (#118) * Initial commit for aws s3 remove full access to authenticated users * Correct the ruleid, minimum permissions, removed the botocore.exceptions.ClientError as put_bucket_acl doesnot throw exception and created test case * Updated the main readme and tox.ini file * Included a try catch exception block in the remediation job and added test case for exception case * Aws rds snapshot remove publicaccess (#117) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws rds snapshots remove public access * Updated the filename and testing steps in the readme * Corrected the ruleid, added unit test and modified the remediation logic to change the errorcode to the snapshot relevant errorcode and check if all is present in the attribute value list instead of direct equality check as attribute values is a list * Updated tox.ini * Corrected the ruleid in the remediation readme Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Aws ec2 close port 11211 (#116) * Release/v1.8.0 (#106) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Release/v1.9.0 (#113) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, … (#93) * Initial commit for ec2 close port for 1433, 1521, 20, 21, 23, 27017, 3306, 5439, 5601, 8080, 9200 and 9300 * Checking in unit test and tox.ini, made modification to remove common pkg from ec2_close_port_20.py * Checking in README with addition aws close port rules * Update README with correct port names for the new scripts * PLA-26195 - Handled PrincipalNotFound Exception in sql auditing job (#98) * PLA-24844 - Remediation job to restrict default security group access (#85) * PLA-24844 - Remediation job to restrict default security group access * PLA-24844 - Remediation job to restrict default security group access * Updated the remediation job code * PLA-25429 - Remediation job to set password reuse prevention policy (#89) * PLA-25429 - Remediation job to set password reuse prevention policy * PLA-25429 - Updated unit test * Updated the remediation job code * PLA-25428 - Remediation Job to set minimum password length (#90) * PLA-25430 - Remediation Job to delete expired server certificate (#96) * Initial commit for kinesis_encrypt_stream (#97) * Initial commit for kinesis_encrypt_stream * modified to add a return and exception to kinesis_encrypt_stream.py and unit testcases for remediate * remove print * update README.md * update README.md * remove format in kinesis_encrypt_stream.py * update README with a correct instruction to run the script and add a missing error loggin Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> * PLA-26855 - Updated azure remediation jobs to wait for the poller result (#99) * PLA-26855 - Updated azure remediation jobs to wait for the poller result * PLA-26855 - Update azure jobs to poll continuously and log the status * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_versi… (#101) * Initial commit for aws 3 jobs: ebs_private_snapshot, rds_enable_version_update, rds_remove_public_endpoint * Update ebs_private_snapshot.py * Incorporated comments and inputs from PR review * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * PLA-29176 - Fix remediation jobs for port rules (#102) * PLA-29176 - Fix remediation jobs for port rules * PLA-29176 - updated requirements * PLA-29176 - Updated the public instance port remediation jobs * PLA-29176 - Fixed readme file * PLA-29176 - Fixed comments * PLA-29176 - Updated all the AWS port rule remediation jobs * PLA-29176 - Fixed requirements-dev file * PLA-29176 - Added comments * PLA-29459 - Update Readme and tox file (#104) * PLA-29459 - Update Readme and tox file * PLA-29459 - Updated readme * Fixed requirements file (#105) * PLA-28074 - Update py version from 1.9.0 to 1.10.0 (#108) * Fix import issues in azure jobs (#107) Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Initial commit for aws ec2 close port 11211 * Updated readme file to reflect the correct python file name * Updates to readme to use the relevant python file * Update the ruleid to use the right one and create unit test case for closing port 11211 for ec2 * Updated the main readme and the tox file * Fixed the readme file by adding back the aws_iam_server_certificate_expired block and then including the aws_ec2_close_port_11211 Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <73834811+kshrutik@users.noreply.github.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> * Modified the remediation logic to check for protocol udp instead of tcp as the remediation is for closing the open udp port for memcache (#119) * Fixed RDS Snapshot remove public access remediation job (#120) * PLA-35232 - Fixed remediation jobs that does not report failures (#124) * PLA-38601 - Fixed azure remediation jobs to wait for the poller result (#125) * PLA-38601 - Fixed azure security port jobs (#128) * PLA-38601 - Fixed azure remediation jobs to wait for the poller result * PLA-38601 - Add all the required source checks for azure security group port rules * PLA-45823 - Updated remediation job to restrict unsecured HTTP requests for S3 Bucket (#131) * PLA-88313 - Updated pytest version (#133) Co-authored-by: Shrutika Kulkarni <kshrutika@kshrutikaHMD6R.vmware.com> Co-authored-by: lytran2000 <44222483+lytran2000@users.noreply.github.com> Co-authored-by: sreedevikr <90842270+sreedevikr@users.noreply.github.com> Co-authored-by: Vikramjeet Singh <58273802+vikramsinghvirdi@users.noreply.github.com> Co-authored-by: Shrutika Kulkarni <kshrutika@kshrutikaHMD6R.vmware.com>
…3306, 5439, 5601, 8080, 9200 and 9300.
The code were replicated from ec2 close port 22. Please review and approve for checkins.