resolve isssues

aquasecurity · Sep 19, 2023 · a225a2d · a225a2d
1 parent d6bc888
commit a225a2d
Show file tree

Hide file tree

Showing 37 changed files with 37 additions and 37 deletions.
diff --git a/plugins/aws/ecs/ecsClusterWithActiveTask.js b/plugins/aws/ecs/ecsClusterWithActiveTask.js
@@ -10,7 +10,7 @@ module.exports = {
     recommended_action: 'Modify Cluster services and add tasks',
     link: 'https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html',
     apis: ['ECS:listClusters', 'ECS:describeCluster'],
-    realtime_triggers: ['ecs:CreateCluster', 'ecs:RunTask'],
+    realtime_triggers: ['ecs:CreateCluster', 'ecs:RunTask', 'ecs:StopTask'],
 
     run: function(cache, settings, callback){
         var results = [];

diff --git a/plugins/aws/elasticache/elasticaheDesiredNodeType.js b/plugins/aws/elasticache/elasticaheDesiredNodeType.js
@@ -18,7 +18,7 @@ module.exports = {
             default:'cache.t2.micro'
         }
     },
-    realtime_triggers: ['elasticache:CreateCluster'],
+    realtime_triggers: ['elasticache:CreateCluster','elasticache:ModifyReplicationGroup'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elasticache/redisClusterEncryptionInTransit.js b/plugins/aws/elasticache/redisClusterEncryptionInTransit.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/in-transit-encryption.html',
     recommended_action: 'Enable in-transit encryption for ElastiCache clusters',
     apis: ['ElastiCache:describeCacheClusters'],
-    realtime_triggers: ['elasticache:CreateCluster', 'elasticache:CreateReplicationGroup'],
+    realtime_triggers: ['elasticache:CreateCluster', 'elasticache:CreateReplicationGroup','elasticache:ModifyReplicationGroup'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elasticache/reservedNodePaymentFailed.js b/plugins/aws/elasticache/reservedNodePaymentFailed.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://aws.amazon.com/elasticache/reserved-cache-nodes/',
     recommended_action: 'Identify any failed payments for ElastiCache reserved cache nodes',
     apis: ['ElastiCache:describeReservedCacheNodes'],
-    realtime_triggers: ['elasticache:CreateCluster'],
+    realtime_triggers: ['elasticache:CreateCluster', 'elasticache: PurchaseReservedCacheNodesOffering'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elasticache/reservedNodePaymentPending.js b/plugins/aws/elasticache/reservedNodePaymentPending.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://aws.amazon.com/elasticache/reserved-cache-nodes/',
     recommended_action: 'Identify any pending payments for ElastiCache reserved cache nodes',
     apis: ['ElastiCache:describeReservedCacheNodes'],
-    realtime_triggers: ['elasticache:CreateCluster'],
+    realtime_triggers: ['elasticache:CreateCluster','elasticache: PurchaseReservedCacheNodesOffering'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elasticache/unusedElastiCacheReservedNode.js b/plugins/aws/elasticache/unusedElastiCacheReservedNode.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://aws.amazon.com/elasticache/reserved-cache-nodes/',
     recommended_action: 'Enable prevention of unused reserved nodes for ElastiCache clusters',
     apis: ['ElastiCache:describeCacheClusters', 'ElastiCache:describeReservedCacheNodes'],
-    realtime_triggers: ['elasticache:CreateCluster'],
+    realtime_triggers: ['elasticache:CreateCluster','elasticache: PurchaseReservedCacheNodesOffering'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/appTierElbSecurity.js b/plugins/aws/elb/appTierElbSecurity.js
@@ -24,7 +24,7 @@ module.exports = {
             default: 'ELBSecurityPolicy-2016-08,ELBSecurityPolicy-TLS-1-2-2017-01,ELBSecurityPolicy-TLS-1-1-2017-01'
         }
     },
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancerListeners','elasticloadbalancing:CreateLoadBalancer'],
+    realtime_triggers: ['elb:CreateLoadBalancerListeners','elb:CreateLoadBalancer'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/classicELBInUse.js b/plugins/aws/elb/classicELBInUse.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://aws.amazon.com/elasticloadbalancing/features/',
     recommended_action: 'Detach Classic Load balancer from HTTP/HTTPS applications and attach Application Load Balancer to those applications',
     apis: ['ELB:describeLoadBalancers', 'STS:getCallerIdentity'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer'],
+    realtime_triggers: ['elb:CreateLoadBalancer'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/connectionDrainingEnabled.js b/plugins/aws/elb/connectionDrainingEnabled.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html',
     recommended_action: 'Update ELBs to enable connection draining',
     apis: ['ELB:describeLoadBalancers', 'ELB:describeLoadBalancerAttributes', 'STS:getCallerIdentity'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elaticloadbalancing:ModifyLoadBalancerAttributes'],
+    realtime_triggers: ['elb:CreateLoadBalancer', 'elb:ModifyLoadBalancerAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/crosszoneLoadBalancing.js b/plugins/aws/elb/crosszoneLoadBalancing.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html',
     recommended_action: 'Update AWS ELB to enable cross zone load balancing',
     apis: ['ELB:describeLoadBalancers', 'ELB:describeLoadBalancerAttributes', 'STS:getCallerIdentity'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elaticloadbalancing:ModifyLoadBalancerAttributes', 'elasticloadbalancing:AttachLoadBalancerToSubnets'],
+    realtime_triggers: ['elb:CreateLoadBalancer', 'elb:ModifyLoadBalancerAttributes', 'elb:AttachLoadBalancerToSubnets'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/elbHasTags.js b/plugins/aws/elb/elbHasTags.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddTags.html',
     recommended_action: 'Modify ELB and add tags.',
     apis: ['ELB:describeLoadBalancers', 'ResourceGroupsTaggingAPI:getResources', 'STS:getCallerIdentity'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:AddTags', 'elasticloadbalancing:RemoveTags'],
+    realtime_triggers: ['elb:CreateLoadBalancer', 'elb:AddTags', 'elb:RemoveTags'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/elbHttpsOnly.js b/plugins/aws/elb/elbHttpsOnly.js
@@ -20,7 +20,7 @@ module.exports = {
     apis_remediate: ['ELB:describeLoadBalancers'],
     actions: {remediate: ['ELB:deleteLoadBalancerListeners'], rollback: ['ELB:createLoadBalancerListeners']},
     permissions: {remediate: ['elasticloadbalancing:DeleteLoadBalancerListeners'], rollback: ['elasticloadbalancing:CreateLoadBalancerListeners']},
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancerListeners','elasticloadbalancing:CreateLoadBalancer'],
+    realtime_triggers: ['elb:CreateLoadBalancerListeners','elb:CreateLoadBalancer'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/elbLoggingEnabled.js b/plugins/aws/elb/elbLoggingEnabled.js
@@ -22,7 +22,7 @@ module.exports = {
         pci: 'PCI requires logging of all network access to environments containing ' +
              'cardholder data. Enable ELB logs to log these network requests.'
     },
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elaticloadbalancing:ModifyLoadBalancerAttributes'],
+    realtime_triggers: ['elb:CreateLoadBalancer', 'elb:ModifyLoadBalancerAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/elbNoInstances.js b/plugins/aws/elb/elbNoInstances.js
@@ -24,7 +24,7 @@ module.exports = {
         remediate: ['elasticloadbalancing:DeleteLoadBalancer'],
         rollback: ['elasticloadbalancing:CreateLoadBalancer']
     },
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer'],
+    realtime_triggers: ['elb:CreateLoadBalancer', 'elb:DeleteLoadBalancer'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/elbUnhealthyInstances.js b/plugins/aws/elb/elbUnhealthyInstances.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html#check-instance-health',
     recommended_action: 'Investigate and resolve the health issues of the instances attached to the ELB.',
     apis: ['ELB:describeLoadBalancers', 'ELB:describeInstanceHealth', 'STS:getCallerIdentity'],
-    realtime_triggers: ['elaticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:RegisterInstancesWithLoadBalancer', 'elasticloadbalancing:DeregisterInstancesWithLoadBalancer'],
+    realtime_triggers: ['elb:CreateLoadBalancer', 'elb:RegisterInstancesWithLoadBalancer', 'elb:DeregisterInstancesWithLoadBalancer'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elb/insecureCiphers.js b/plugins/aws/elb/insecureCiphers.js
@@ -92,7 +92,7 @@ module.exports = {
         pci: 'PCI requires secure transfer of cardholder data. It does not permit SSL or TLS ' +
              'version 1.0. ELB listeners should be configured for TLS v1.2.'
     },
-    realtime_triggers: ['elaticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:ModifyLoadBalancerAttributes'],
+    realtime_triggers: ['elb:CreateLoadBalancer', 'elb:ModifyLoadBalancerAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2DeletionProtection.js b/plugins/aws/elbv2/elbv2DeletionProtection.js
@@ -11,7 +11,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#deletion-protection',
     recommended_action: 'Update ELBv2 load balancers to use deletion protection to prevent accidental deletion',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeLoadBalancerAttributes'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:ModifyLoadBalancerAttributes'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:ModifyLoadBalancerAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2DeprecatedSslPolicies.js b/plugins/aws/elbv2/elbv2DeprecatedSslPolicies.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html',
     recommended_action: 'Modify ELBv2 listeners with the latest predefined AWS security policies.',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeListeners'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:CreateListener', 'elasticloadbalancing:ModifyListener'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:CreateListener', 'elbv2:ModifyListener'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2DeregistrationDelay.js b/plugins/aws/elbv2/elbv2DeregistrationDelay.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#deregistration-delay',
     recommended_action: 'Update ELBv2 target group attributes and set the deregistration delay value',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeTargetGroups', 'ELBv2:describeTargetGroupAttributes'],
-    realtime_triggers: ['elasticloadbalancing:CreateTargetGroup', 'elasticloadbalancing:ModifyTargetGroupAttributes'],
+    realtime_triggers: ['elbv2:CreateTargetGroup', 'elbv2:ModifyTargetGroupAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2HasTags.js b/plugins/aws/elbv2/elbv2HasTags.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AddTags.html',
     recommended_action: 'Modify ELBv2 and add tags.',
     apis: ['ELBv2:describeLoadBalancers', 'ResourceGroupsTaggingAPI:getResources'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:AddTags', 'elasticloadbalancing:RemoveTags'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:AddTags', 'elbv2:RemoveTags'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2HttpsOnly.js b/plugins/aws/elbv2/elbv2HttpsOnly.js
@@ -20,7 +20,7 @@ module.exports = {
     apis_remediate: ['ELBv2:describeLoadBalancers','ELBv2:describeListeners'],
     actions: {remediate: ['ELBv2:deleteListener'], rollback: ['ELBv2:createListener']},
     permissions: {remediate: ['elasticloadbalancing:DeleteListener'], rollback: ['elasticloadbalancing:CreateListener']},
-    realtime_triggers: ['elasticloadbalancing:CreateListener','elasticloadbalancing:CreateLoadBalancer'],
+    realtime_triggers: ['elbv2:CreateListener','elbv2:CreateLoadBalancer'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2InsecureCiphers.js b/plugins/aws/elbv2/elbv2InsecureCiphers.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.htmll',
     recommended_action: 'Modify ELBv2 listeners with the predefined AWS security policies containing secure ciphers.',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeListeners'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:CreateListener', 'elasticloadbalancing:ModifyListener'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:CreateListener', 'elbv2:ModifyListener'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2LoggingEnabled.js b/plugins/aws/elbv2/elbv2LoggingEnabled.js
@@ -22,7 +22,7 @@ module.exports = {
         pci: 'PCI requires logging of all network access to environments containing ' +
             'cardholder data. Enable ELB logs to log these network requests.'
     },
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:ModifyLoadBalancerAttributes'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:ModifyLoadBalancerAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2MinimumTargetInstances.js b/plugins/aws/elbv2/elbv2MinimumTargetInstances.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html',
     recommended_action: 'Associate at least two healthy target instances to AWS ELBv2 load balancer',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeTargetGroups', 'ELBv2:describeTargetHealth'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:ModifyTargetGroup','elasticloadbalancing:RegisterTarget', 'elasticloadbalancing:DeregisterTargets'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:ModifyTargetGroup','elbv2:RegisterTarget', 'elbv2:DeregisterTargets'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2NlbListenerSecurity.js b/plugins/aws/elbv2/elbv2NlbListenerSecurity.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.amazonaws.cn/en_us/elasticloadbalancing/latest/network/create-tls-listener.html',
     recommended_action: 'Attach TLS listener to AWS Network Load Balancer',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeListeners'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:CreateListener', 'elasticloadbalancing:ModifyListener'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:CreateListener', 'elbv2:ModifyListener','elbv2:DeleteListener'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2NoInstances.js b/plugins/aws/elbv2/elbv2NoInstances.js
@@ -24,7 +24,7 @@ module.exports = {
         remediate: ['elasticloadbalancing:DeleteLoadBalancer'],
         rollback: ['elasticloadbalancing:CreateLoadBalancer']
     },
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer','elbv2:DeleteLoadBalancer'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2SslTermination.js b/plugins/aws/elbv2/elbv2SslTermination.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://aws.amazon.com/blogs/aws/elastic-load-balancer-support-for-ssl-termination/',
     recommended_action: 'Attach SSL certificate with the listener to AWS Elastic Load Balancer',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeListeners'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:CreateListeners'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:CreateListeners','elbv2:ModifyListener'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2TLSVersionCipherEnabled.js b/plugins/aws/elbv2/elbv2TLSVersionCipherEnabled.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html',
     recommended_action: 'Update ELBv2 load balancer traffic configuration to enable TLS version and cipher headers',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeLoadBalancerAttributes'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:ModifyLoadBalancerAttributes'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:ModifyLoadBalancerAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2UnhealthyInstance.js b/plugins/aws/elbv2/elbv2UnhealthyInstance.js
@@ -11,7 +11,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html',
     recommended_action: 'Investigate and resolve the health issues with the instances attached to the ELB.',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeTargetGroups', 'ELBv2:describeTargetHealth'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:ModifyTargetGroups', 'elasticloadbalancing:RegisterTarget', 'elasticloadbalancing:DeregisterTargets'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:ModifyTargetGroups', 'elbv2:RegisterTarget', 'elbv2:DeregisterTargets'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2WafEnabled.js b/plugins/aws/elbv2/elbv2WafEnabled.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://aws.amazon.com/blogs/aws/aws-web-application-firewall-waf-for-application-load-balancers/',
     recommended_action: '1. Enter the WAF service. 2. Enter Web ACLs and filter by the region the Application Load Balancer is in. 3. If no Web ACL is found, Create a new Web ACL in the region the ALB resides and in Resource type to associate with web ACL, select the Load Balancer. ',
     apis: ['ELBv2:describeLoadBalancers', 'WAFV2:listWebACLs', 'WAFRegional:listWebACLs', 'WAFV2:listResourcesForWebACL', 'WAFRegional:listResourcesForWebACL'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'wafv2:CreateWebAcl', 'wafv2:UpdateWebAacl', 'wafregional:CreateWebAcl', 'wafregional:UpdateWebAcl'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'wafv2:CreateWebAcl', 'wafv2:UpdateWebAacl', 'wafregional:CreateWebAcl', 'wafregional:UpdateWebAcl'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/elbv2/elbv2crosszoneLoadBalancing.js b/plugins/aws/elbv2/elbv2crosszoneLoadBalancing.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html',
     recommended_action: 'Update AWS ELBv2 load balancers to enable cross zone load balancing.',
     apis: ['ELBv2:describeLoadBalancers', 'ELBv2:describeLoadBalancerAttributes'],
-    realtime_triggers: ['elasticloadbalancing:CreateLoadBalancer', 'elasticloadbalancing:ModifyLoadBalancerAttributes'],
+    realtime_triggers: ['elbv2:CreateLoadBalancer', 'elbv2:ModifyLoadBalancerAttributes'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/emr/emrClusterInVPC.js b/plugins/aws/emr/emrClusterInVPC.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-vpc-launching-job-flows.htmll',
     recommended_action: 'EMR clusters Available in VPC',
     apis: ['EC2:describeAccountAttributes','EMR:listClusters', 'EMR:describeCluster'],
-    realtime_triggers: ['emr:CreateCluster'],
+    realtime_triggers: ['emr:CreateCluster','emr:TerminateJobFlows'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/emr/emrClusterLogging.js b/plugins/aws/emr/emrClusterLogging.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-debugging.html',
     recommended_action: 'Modify EMR clusters to enable cluster logging',
     apis: ['EMR:listClusters', 'EMR:describeCluster'],
-    realtime_triggers: ['emr:CreateCluster'],
+    realtime_triggers: ['emr:CreateCluster','emr:TerminateJobFlows'],
 
     run: function(cache, settings, callback) {
         var results = [];

diff --git a/plugins/aws/emr/emrEncryptionAtRest.js b/plugins/aws/emr/emrEncryptionAtRest.js
@@ -10,7 +10,7 @@ module.exports = {
     link: 'https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-data-encryption-options.html',
     recommended_action: 'Update security configuration associated with EMR cluster to enable encryption at rest for local disks.',
     apis: ['EMR:listClusters', 'EMR:describeCluster', 'EMR:describeSecurityConfiguration'],
-    realtime_triggers: ['emr:CreateCluster', 'emr:CreateSecurityConfiguration'],
+    realtime_triggers: ['emr:CreateCluster', 'emr:CreateSecurityConfiguration','emr:DeleteSecurityConfiguration'],
 
     run: function(cache, settings, callback) {
         var results = [];