Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding realtime triggers for plugins section a,b,c,d,i,k #1713

Merged
merged 12 commits into from
Jan 1, 2024
Merged

adding realtime triggers for plugins section a,b,c,d,i,k #1713

merged 12 commits into from
Jan 1, 2024

Conversation

muzzamilinovaqo
Copy link
Contributor

No description provided.

@CLAassistant
Copy link

CLAassistant commented Sep 7, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

@muzzamilinovaqo muzzamilinovaqo changed the title adding realtime triggers for plugins section a,b adding realtime triggers for plugins section a,b,c,d,i,k Sep 14, 2023
mehakseedat63
mehakseedat63 requested changes Dec 28, 2023
View reviewed changes
plugins/aws/autoscaling/appTierIamRole.js Outdated
@@ -18,6 +18,7 @@ module.exports = {
default: ''
}
},
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:createLaunchConfiguration','autoscaling:DeleteLaunchConfiguration'],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:createLaunchConfiguration','autoscaling:DeleteLaunchConfiguration'],
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:CreateLaunchConfiguration','autoscaling:DeleteLaunchConfiguration'],

plugins/aws/autoscaling/asgMissingELB.js Outdated
@@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-load-balancer-asg.html',
recommended_action: 'Ensure that the Auto Scaling group load balancer has not been deleted. If so, remove it from the ASG.',
apis: ['AutoScaling:describeAutoScalingGroups', 'ELB:describeLoadBalancers', 'ELBv2:describeLoadBalancers'],
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','autoscaling:AttachLoadBalancers','autoscaling:DetachLoadBalancers','elb:CreateLoadBalancer','elbv2:CreateLoadBalancer','elb:DeleteLoadBalancer','elbv2:DeleteLoadBalancer'],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','autoscaling:AttachLoadBalancers','autoscaling:DetachLoadBalancers','elb:CreateLoadBalancer','elbv2:CreateLoadBalancer','elb:DeleteLoadBalancer','elbv2:DeleteLoadBalancer'],
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','autoscaling:AttachLoadBalancers','autoscaling:DetachLoadBalancers','elasticloadbalancing:CreateLoadBalancer','elasticloadbalancing:CreateLoadBalancer','elasticloadbalancing:DeleteLoadBalancer','elasticloadbalancing:DeleteLoadBalancer'],

plugins/aws/autoscaling/sameAzElb.js Outdated
@@ -10,6 +10,9 @@ module.exports = {
link: 'https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-add-availability-zone.html',
recommended_action: 'Update the ELB to use the same availability zones as the autoscaling group.',
apis: ['AutoScaling:describeAutoScalingGroups', 'ELB:describeLoadBalancers', 'ELBv2:describeLoadBalancers'],
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','elb:CreateLoadBalancer','elbv2:CreateLoadBalancer','elb:DeleteLoadBalancer','elbv2:DeleteLoadBalancer'],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','elb:CreateLoadBalancer','elbv2:CreateLoadBalancer','elb:DeleteLoadBalancer','elbv2:DeleteLoadBalancer'],
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','elb:CreateLoadBalancer','elbv2:CreateLoadBalancer','elb:DeleteLoadBalancer','elbv2:DeleteLoadBalancer'],
Suggested change
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','elb:CreateLoadBalancer','elbv2:CreateLoadBalancer','elb:DeleteLoadBalancer','elbv2:DeleteLoadBalancer'],
realtime_triggers: ['autoscaling:CreateAutoScalingGroup','autoscaling:UpdateAutoScalingGroup','autoscaling:DeleteAutoScalingGroup','elasticloadbalancing:CreateLoadBalancer','elasticloadbalancing:CreateLoadBalancer','elasticloadbalancing:DeleteLoadBalancer','elasticloadbalancing:DeleteLoadBalancer'],

plugins/aws/computeoptimizer/ebsVolumesOptimized.js Outdated
@@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/compute-optimizer/latest/ug/view-ebs-recommendations.html',
recommended_action: 'Resolve Compute Optimizer recommendations for EBS volumes.',
apis: ['ComputeOptimizer:getRecommendationSummaries'],
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','ec2:CreateVolume','ec2:ModifyVolume','ec2:deleteVolume'],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','ec2:CreateVolume','ec2:ModifyVolume','ec2:deleteVolume'],
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','ec2:CreateVolume','ec2:ModifyVolume','ec2:DeleteVolume'],

plugins/aws/computeoptimizer/ec2InstancesOptimized.js Outdated
@@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/compute-optimizer/latest/ug/view-ec2-recommendations.html',
recommended_action: 'Resolve Compute Optimizer recommendations for EC2 instances.',
apis: ['ComputeOptimizer:getRecommendationSummaries'],
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','ec2:RunInstances','ec2:TerminateInstances','ec2:ModifyInstanceAttribute','ec2:StartInstances','ec2:stopInstances'],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','ec2:RunInstances','ec2:TerminateInstances','ec2:ModifyInstanceAttribute','ec2:StartInstances','ec2:stopInstances'],
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','ec2:RunInstances','ec2:TerminateInstances','ec2:ModifyInstanceAttribute','ec2:StartInstances','ec2:StopInstances'],

should also include StartInstance and StopInstance

plugins/aws/computeoptimizer/lambdaFunctionsOptimized.js Outdated
@@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/compute-optimizer/latest/ug/view-lambda-recommendations.html',
recommended_action: 'Resolve Compute Optimizer recommendations for Lambda functions.',
apis: ['ComputeOptimizer:getRecommendationSummaries'],
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:deleteFunction'],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:deleteFunction'],
realtime_triggers: ['ComputeOptimizer:UpdateEnrollmentStatus','lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'],

plugins/aws/iam/certificateExpiry.js Outdated
@@ -35,6 +35,7 @@ module.exports = {
}
]
},
realtime_triggers: ['iam:UploadServerCertificate','iam:DeleteServerCertificate','elb:SetLoadBalancerListenerSSLCertificate'],
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
realtime_triggers: ['iam:UploadServerCertificate','iam:DeleteServerCertificate','elb:SetLoadBalancerListenerSSLCertificate'],
realtime_triggers: ['iam:UploadServerCertificate','iam:DeleteServerCertificate','elasticloadbalancing:SetLoadBalancerListenerSSLCertificate'],

@mehakseedat63 mehakseedat63 added readytogo PRs ready to merge and removed question labels Jan 1, 2024
@mehakseedat63 mehakseedat63 merged commit ab41454 into aquasecurity:master Jan 1, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mehakseedat63 mehakseedat63 mehakseedat63 approved these changes

Assignees
No one assigned
Labels
currentrelease readytogo PRs ready to merge reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@muzzamilinovaqo @CLAassistant @mehakseedat63 @fatima99s