Skip to content

Commit

Permalink
Merge pull request #1721 from fatima99s/tigger-s-t
Browse files Browse the repository at this point in the history 
Realtime triggers for services starting with S and T
  • Loading branch information
@mehakseedat63
mehakseedat63 authored Nov 20, 2023
2 parents c358e76 + ba267e4 commit e107f72
Show file tree
Hide file tree
Showing 60 changed files with 64 additions and 8 deletions.
2 changes: 1 addition & 1 deletion plugins/aws/s3/bucketAllUsersAcl.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ module.exports = {
remediate: ['s3:PutBucketAcl'],
rollback: ['s3:PutBucketAcl']
},
realtime_triggers: [],
realtime_triggers: ['s3:PutBucketAcl', 's3:CreateBucket', 's3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/s3/bucketAllUsersPolicy.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ module.exports = {
remediate: ['s3:DeleteBucketPolicy'],
rollback: ['s3:PutBucketPolicy']
},
realtime_triggers: [],
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketPolicy', 's3:DeleteBucketPolicy','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketDnsCompliantName.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module.exports = {
recommended_action: 'Recreate S3 bucket to use "-" instead of "." in S3 bucket names.',
link: 'https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html',
apis: ['S3:listBuckets', 'S3:getBucketLocation'],
realtime_triggers: ['s3:CreateBucket', 's3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/s3/bucketEncryption.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ module.exports = {
required: false
}
},
realtime_triggers: ['s3:DeleteBucketEncryption', 's3:CreateBucket'],
realtime_triggers: ['s3:DeleteBucketEncryption', 's3:CreateBucket', 's3:putBucketEncryption','s3:DeleteBucket'],
settings: {
s3_encryption_require_cmk: {
name: 'S3 Encryption Require CMK',
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/s3/bucketEncryptionInTransit.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ module.exports = {
remediate: ['s3:PutBucketPolicy'],
rollback: ['s3:PutBucketPolicy ']
},
realtime_triggers: ['s3:putBucketPolicy', 's3:CreateBucket'],
realtime_triggers: ['s3:putBucketPolicy', 's3:CreateBucket','s3:DeleteBucket'],
settings: {
s3_allow_unencrypted_static_websites: {
name: 'S3 Allow Unencrypted Static Websites',
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketEnforceEncryption.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ module.exports = {
default: ''
}
},
realtime_triggers: ['s3:CreateBucket' , 's3:PutBucketPolicy','s3:DeleteBucketPolicy','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketLifecycleConfiguration.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Update S3 bucket and create lifecycle rule configuration',
link: 'https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-set-lifecycle-configuration-intro.html',
apis: ['S3:listBuckets', 'S3:getBucketLifecycleConfiguration', 'S3:getBucketLocation'],
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketLifeCycleConfiguration', 's3:DeleteBucketLifeCycle','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 2 additions & 0 deletions plugins/aws/s3/bucketLogging.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@ module.exports = {
}
]
},
realtime_triggers: ['s3:CreateBucket','s3:PutBucketLogging','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketMFADeleteEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ module.exports = {
default: '',
}
},
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketVersionning','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketPolicyCloudFrontOac.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ module.exports = {
'If an S3 bucket backing a CloudFront distribution does not require the end ' +
'user to access the contents through CloudFront, this policy may be violated.'
},
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketPolicy', 's3:DeleteBucketPolicy','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketPolicyCloudFrontOai.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ module.exports = {
'If an S3 bucket backing a CloudFront distribution does not require the end ' +
'user to access the contents through CloudFront, this policy may be violated.'
},
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketPolicy', 's3:DeleteBucketPolicy','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketPublicAccessBlock.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ module.exports = {
default: 'false'
}
},
realtime_triggers: ['s3:CreateBucket', 's3:PutPublicAccessBlock','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketSecureTransportEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Update S3 bucket policy to enforse SSL to secure data in transit.',
link: 'https://aws.amazon.com/premiumsupport/knowledge-center/s3-bucket-policy-for-config-rule/',
apis: ['S3:listBuckets', 'S3:getBucketPolicy', 'S3:getBucketLocation'],
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketPolicy', 's3:DeleteBucketPolicy','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketTransferAcceleration.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module.exports = {
recommended_action: 'Modify S3 bucket to enable transfer acceleration.',
link: 'https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html',
apis: ['S3:listBuckets', 'S3:getBucketAccelerateConfiguration', 'S3:getBucketLocation'],
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketAccelerateConfiguration','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/s3/bucketVersioning.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ module.exports = {
remediate: ['s3:PutBucketVersioning'],
rollback: ['s3:PutBucketVersioning']
},
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketVersioning'],
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketVersioning','s3:DeleteBucket'],
asl: {
conditions: [
{
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/bucketWebsiteEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ module.exports = {
default: 'false'
}
},
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketWebsite', 's3:DeleteBucketWebsite','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/objectLevelReadEventLogging.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module.exports = {
recommended_action: 'Enable object level logging for read events for each S3 bucket.',
link: 'https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-cloudtrail-logging-for-s3.html#enable-cloudtrail-events',
apis: ['S3:listBuckets', 'CloudTrail:describeTrails', 'CloudTrail:getEventSelectors', 'S3:getBucketLocation'],
realtime_triggers: ['s3:CreateBucket', 'cloudtrail:CreateTrail', 'cloudtrail:PutEventSelectors', 'cloudtrail:PutInsightSelectors','s3:DeleteBucket', 'cloudtrail:DeleteTrail'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/objectLevelWriteEventLogging.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module.exports = {
recommended_action: 'Enable object level logging for Write events for each S3 bucket.',
link: 'https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-cloudtrail-logging-for-s3.html#enable-cloudtrail-events.',
apis: ['S3:listBuckets', 'CloudTrail:describeTrails', 'CloudTrail:getEventSelectors', 'S3:getBucketLocation'],
realtime_triggers: ['s3:CreateBucket', 'cloudtrail:CreateTrail', 'cloudtrail:PutEventSelectors', 'cloudtrail:PutInsightSelectors','s3:DeleteBucket', 'cloudtrail:DeleteTrail'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 2 additions & 0 deletions plugins/aws/s3/s3BucketHasTags.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ module.exports = {
recommended_action: 'Modify S3 buckets and add tags.',
link: 'https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html',
apis: ['S3:listBuckets', 'ResourceGroupsTaggingAPI:getResources', 'S3:getBucketLocation'],
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketTagging','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/s3Encryption.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ module.exports = {
default: 'false',
}
},
realtime_triggers: ['s3:CreateBucket', 's3:putBucketEncryption','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3/versionedBucketsLC.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Configure lifecycle rules for buckets which have versioning enabled',
link: 'https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-set-lifecycle-configuration-intro.html',
apis: ['S3:listBuckets', 'S3:getBucketVersioning', 'S3:getBucketLocation', 'S3:getBucketLifecycleConfiguration'],
realtime_triggers: ['s3:CreateBucket', 's3:PutBucketVersioninng', 's3:putBucketLifecycleConfiguration','s3:DeleteBucket'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/s3glacier/vaultPublicAccess.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ module.exports = {
default: 'aws:PrincipalArn,aws:PrincipalAccount,aws:PrincipalOrgID,aws:SourceOwner,aws:SourceArn,aws:SourceAccount'
}
},
realtime_triggers: ['glacier:CreateVault', 'glacier:SetVaultAccessPolicy', 'glacier:DeleteVault'],

run: function(cache, settings, callback) {
const results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sagemaker/notebookDataEncrypted.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ module.exports = {
'data at rest. SageMaker encryption ensures Notebook data is ' +
'encrypted at rest.'
},
realtime_triggers: ['sagemaker:CreateNotebookInstance', 'sagemaker:DeleteNotebookInstance'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sagemaker/notebookDirectInternetAccess.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Disable DirectInternetAccess for each SageMaker notebook.',
link: 'https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access',
apis: ['SageMaker:listNotebookInstances'],
realtime_triggers: ['sagemaker:CreateNotebookInstance', 'sagemaker:UpdateNootbookInstance','sagemaker:DeleteNotebookInstance'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sagemaker/notebookInstanceInVpc.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
'segmentation criteria for PCI. Ensure all instances are launched ' +
'within a VPC to comply with isolation requirements.'
},
realtime_triggers: ['sagemaker:CreateNotebookInstance','sagemaker:DeleteNotebookInstance'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/secretsmanager/secretHasTags.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Update Secrets and add tags.',
apis: ['SecretsManager:listSecrets'],
link: 'https://docs.aws.amazon.com/secretsmanager/latest/userguide/managing-secrets_tagging.html',
realtime_triggers: ['secretesmanager:CreateSecret', 'secretesmanager:TagResource', 'secretesmanager:UntagResource', 'secretesmanager:DeleteSecret'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/secretsmanager/secretRotationEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: '40',
}
},
realtime_triggers: ['secretesmanager:CreateSecret', 'secretesmanager:RotateSecret', 'secretsmanager:CancelRotateSecret','secretesmanager:DeleteSecret'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/secretsmanager/secretsManagerEncrypted.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ module.exports = {
default: 'awskms',
}
},
realtime_triggers: ['secretesmanager:CreateSecret', 'secretesmanager:UpdateSecret','secretesmanager:DeleteSecret'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/secretsmanager/secretsManagerInUse.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Use Secrets Manager service to store sensitive information in your AWS account.',
apis: ['SecretsManager:listSecrets'],
link: 'https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html',
realtime_triggers: ['secretesmanager:CreateSecret', 'secretesmanager:DeleteSecret'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/securityhub/securityHubEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://aws.amazon.com/security-hub/',
recommended_action: 'Enable AWS Security Hub for enhanced security monitoring and compliance.',
apis: ['SecurityHub:describeHub'],
realtime_triggers: ['securityhub:EnableSecurityHub', 'securityhub:DisableSecurityHub'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ses/dkimEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Enable DKIM for all domains and addresses in all regions used to send email through SES.',
link: 'http://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html',
apis: ['SES:listIdentities', 'SES:getIdentityDkimAttributes', 'STS:getCallerIdentity'],
realtime_triggers: ['ses:CreateEmailIdentity','ses:SetIdentityDkimEnabled', 'ses:PutEmailIdentityDkimAttributes', 'ses:DeleteEmailIdentity'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ses/emailMessagesEncrypted.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['ses:CreateEmailIdentity','ses:SetActiveReceiptRuleSet','ses:DeleteEmailIdentity'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/shield/shieldAdvancedEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module.exports = {
recommended_action: 'Enable AWS Shield Advanced for the account.',
link: 'https://docs.aws.amazon.com/waf/latest/developerguide/ddos-overview.html#ddos-advanced',
apis: ['Shield:describeSubscription'],
realtime_triggers: ['shield:CreateSubscription', 'sheild:UpdateSubscription', 'shield:DeleteSubscription'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/shield/shieldEmergencyContacts.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module.exports = {
recommended_action: 'Configure emergency contacts within AWS Shield for the account.',
link: 'https://docs.aws.amazon.com/waf/latest/developerguide/ddos-edit-drt.html',
apis: ['Shield:describeEmergencyContactSettings'],
realtime_triggers: ['shield:CreateSubscription','shield:UpdateEmergencyContactSettings','shield:DeleteSubscription'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/shield/shieldProtections.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ module.exports = {
recommended_action: 'Enable AWS Shield Advanced on resources within the account.',
link: 'https://docs.aws.amazon.com/waf/latest/developerguide/configure-new-protection.html',
apis: ['Shield:listProtections'],
realtime_triggers: ['shield:CreateProtection', 'sheild:DeleteProtection'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sns/snsCrossAccount.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ module.exports = {
default: 'aws:PrincipalArn,aws:PrincipalAccount,aws:PrincipalOrgID,aws:SourceAccount,aws:SourceArn,aws:SourceOwner,sns:Endpoint'
},
},
realtime_triggers: ['sns:CreateTopic', 'sns:SetTopicAttributes', 'sns:DeleteTopic'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sns/snsSubscriptionHTTPSonly.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Create a new SNS subscription using HTTPS protocol.',
link: 'https://docs.aws.amazon.com/sns/latest/dg/sns-http-https-endpoint-as-subscriber.html',
apis: ['SNS:listSubscriptions'],
realtime_triggers: ['sns:Subscribe', 'sns:Unsubscribe'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sns/snsTopicHasTags.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Modify SNS topic and add tags.',
link: 'https://docs.aws.amazon.com/sns/latest/dg/sns-tags.html',
apis: ['SNS:listTopics', 'ResourceGroupsTaggingAPI:getResources'],
realtime_triggers: ['sns:CreateTopic', 'sns:TagResource', 'sns:UntagResource','sns:DeleteTopic'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
3 changes: 2 additions & 1 deletion plugins/aws/sns/snsTopicNoHttpPolicy.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,8 @@ module.exports = {
recommended_action: 'Adjust the topic policy to only allow authorized AWS users in known accounts to send or subscribe via the HTTP protocol.',
link: 'http://docs.aws.amazon.com/sns/latest/dg/AccessPolicyLanguage.html',
apis: ['SNS:listTopics', 'SNS:getTopicAttributes'],

realtime_triggers: ['sns:CreateTopic', 'sns:SetTopicAttributes','sns:DeleteTopic'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sns/snsValidSubscribers.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: '',
}
},
realtime_triggers: ['sns:Subscribe', 'sns:Unsubscribe'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sns/topicCmkEncrypted.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
recommended_action: 'Update SNS topics to use Customer Master Keys (CMKs) for Server-Side Encryption.',
link: 'https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html',
apis: ['SNS:listTopics', 'SNS:getTopicAttributes'],
realtime_triggers: ['sns:CreateTopic', 'sns:SetTopicAttributes','sns:DeleteTopic'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/sns/topicEncrypted.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ module.exports = {
remediate: ['sns:SetTopicAttributes'],
rollback: ['sns:SetTopicAttributes']
},
realtime_triggers: ['sns:CreateTopic', 'sns:SetTopicAttributes'],
realtime_triggers: ['sns:CreateTopic', 'sns:SetTopicAttributes', 'sns:DeleteTopic'],
asl: {
conditions: [
{
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sns/topicPolicies.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ module.exports = {
default: 'aws:PrincipalArn,aws:PrincipalAccount,aws:PrincipalOrgID,aws:SourceOwner,aws:SourceArn,aws:SourceAccount,sns:Endpoint'
}
},
realtime_triggers: ['sns:CreateTopic', 'sns:SetTopicAttributes','sns:DeleteTopic'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sqs/queueUnprocessedMessages.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 1000
}
},
realtime_triggers: ['sqs:CreateQueue', 'sqs:SetQueueAttributes', 'sqs:DeleteQueue'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sqs/sqsCrossAccount.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ module.exports = {
default: 'aws:PrincipalArn,aws:PrincipalAccount,aws:PrincipalOrgID,aws:SourceAccount,aws:SourceArn,aws:SourceOwner'
},
},
realtime_triggers: ['sqs:CreateQueue', 'sqs:SetQueueAttributes','sqs:DeleteQueue'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sqs/sqsDeadLetterQueue.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Update Amazon SQS queue and configure dead letter queue.',
link: 'https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html',
apis: ['SQS:listQueues', 'SQS:getQueueAttributes', 'STS:getCallerIdentity'],
realtime_triggers: ['sqs:CreateQueue', 'sqs:SetQueueAttributes', 'sqs:DeleteQueue'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/sqs/sqsEncrypted.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ module.exports = {
remediate: ['sqs:SetQueueAttributes'],
rollback: ['sqs:SetQueueAttributes']
},
realtime_triggers: ['sqs:CreateQueue', 'sqs:SetQueueAttributes'],
realtime_triggers: ['sqs:CreateQueue', 'sqs:SetQueueAttributes', 'sqs:DeleteQueue'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/sqs/sqsEncryptionEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['sqs:CreateQueue', 'sqs:SetQueueAttributes', 'sqs:DeleteQueue'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
Loading

0 comments on commit e107f72

Please sign in to comment.