Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added tiggers for E #1717

Merged
merged 17 commits into from
Jan 1, 2024
Merged

added tiggers for E #1717

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
5f31552
added tiggers for E
fatima99s Sep 14, 2023
d849ab6
added tiggers
fatima99s Sep 14, 2023
2d889fe
empty commit
fatima99s Sep 14, 2023
e8353c4
added tiggers for security-group plugins
fatima99s Sep 15, 2023
1e859c4
resolve issues
fatima99s Sep 15, 2023
d6bc888
resolve issues
fatima99s Sep 15, 2023
a225a2d
resolve isssues
fatima99s Sep 19, 2023
80d1449
fixed
fatima99s Sep 19, 2023
f81cd8d
added delete tiggers
fatima99s Sep 21, 2023
07a019c
added delete tiggers
fatima99s Sep 22, 2023
29574c9
Merge branch 'master' into Map-Events-to-AWS-Plugins-service-startes-…
fatima99s Dec 27, 2023
96cb120
Update plugins/aws/ec2/defaultSecurityGroupInUse.js
fatima99s Dec 27, 2023
58e3c34
Update plugins/aws/ec2/defaultVpcInUse.js
fatima99s Dec 27, 2023
7c94a88
Update plugins/aws/elbv2/elbv2WafEnabled.js
fatima99s Dec 27, 2023
8d4f276
Update plugins/aws/eventbridge/eventsInUse.js
fatima99s Dec 27, 2023
5304c7f
Update plugins/aws/ec2/ebsBackupEnabled.js
fatima99s Dec 27, 2023
2c30aad
updated elb triggers
fatima99s Dec 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions plugins/aws/ec2/allowedCustomPorts.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: ''
}
},
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress', 'ec2:ModifySecurityGroupRules', 'ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var results = [];
Expand Down Expand Up @@ -144,3 +145,4 @@ module.exports = {
});
}
};

1 change: 1 addition & 0 deletions plugins/aws/ec2/amiHasTags.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://aws.amazon.com/about-aws/whats-new/2020/12/amazon-machine-images-support-tag-on-create-tag-based-access-control/',
recommended_action: 'Modify AMI and add tags.',
apis: ['EC2:describeImages'],
realtime_triggers: ['ec2:CreateImage', 'ec2:CreateTags', 'ec2:DeleteTags', 'ec2:DeregisterImage'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/appTierInstanceIamRole.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: ''
},
},
realtime_triggers: ['ec2:RunInstances', 'ec2:AssociateIamInstanceProfile', 'ec2:DisassociateIamInstanceProfile', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/classicInstances.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
'segmentation criteria for PCI. Ensure all instances are launched ' +
'within a VPC to comply with isolation requirements.'
},
realtime_triggers: ['ec2:RunInstances','ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/crossVpcPublicPrivate.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ module.exports = {
'communicate across these segmented boundaries. Ensure that public ' +
'services in one VPC cannot communicate with the private tier of another.'
},
realtime_triggers: ['ec2:CreateVpcPeeringConnection', 'ec2:ModifyVpcPeeringConnectionOptions', 'ec2:DeleteVpcPeeringConnection'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/defaultSecurityGroup.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ module.exports = {
'unintended traffic to cross these isolation boundaries.',
cis2: '4.3 Ensure the default security group of every VPC restricts all traffic'
},
realtime_triggers: ['ec2:AuthorizeSecurityGroupIngress', 'ec2:ModifySecurityGroupRules', 'ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/defaultSecurityGroupInUse.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html#default-security-group',
recommended_action: 'Modify EC2 instances and change security group.',
apis: ['EC2:describeInstances'],
realtime_triggers: ['ec2:RunInstances', 'ec2:ModifyInstanceAttribute', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/defaultVpcExists.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html',
recommended_action: 'Move resources from the default VPC to a new VPC created for that application or resource group.',
apis: ['EC2:describeVpcs', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateVpc', 'ec2:ModifyVpcAttribute', 'ec2:DeleteVpc'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/defaultVpcInUse.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html',
recommended_action: 'Move resources from the default VPC to a new VPC created for that application or resource group.',
apis: ['EC2:describeVpcs', 'EC2:describeInstances', 'ELB:describeLoadBalancers', 'Lambda:listFunctions', 'RDS:describeDBInstances', 'Redshift:describeClusters'],
realtime_triggers: ['ec2:CreateVpc', 'ec2:DeleteVpc', 'ec2:ModifyVpcAttribute', 'ec2:RunInstances', 'ec2:TerminateInstances','elb:CreateLoadBalancer','elb:ModifyLoadBalancerAttributes','elb:DeleteLoadBalancer', 'lambda:CreateFunction','lambda:UpdateFunctionConfiguration', 'lamda:DeleteFunction','rds:CreateDBInstance','rds:ModifyDBInstance','rds:DeleteDBInstance','redshift:CreateCluster','redshift:ModifyCluster', 'redshift:DeleteCluster'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsBackupEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 'true'
}
},
realtime_triggers: ['ec2:CreateSnapshot', 'ec2:CreateVolume', 'ec2: DeleteVolume', 'ec2:DeleteSnapshot'],

run: function(cache, settings, callback) {
let results = [];
Expand Down
3 changes: 2 additions & 1 deletion plugins/aws/ec2/ebsDefaultEncryptionEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,8 @@ module.exports = {
default: 'awskms',
},
},

realtime_triggers: ['ec2:CreateVolume', 'ec2:EnableEbsEncryptionByDefault', 'ec2:DisableEbsEncryptionByDefault', 'ec2:ModifyEbsDefaultKmsKeyId', 'ec2:DeleteVolume'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsEncryptedSnapshots.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ module.exports = {
'of EC2 instance data at rest, but volumes must be configured to use ' +
'encryption so their snapshots are also encrypted.'
},
realtime_triggers: ['ec2:CreateSnapshot', 'ec2:CopySnapshot', 'ec2:DeleteSnapshot'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsEncryptionEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ module.exports = {
},

},
realtime_triggers: ['ec2:CreateVolume', 'ec2;DeleteVolume'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsOldSnapshots.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ module.exports = {
default: '20',
},
},
realtime_triggers: ['ec2:CreateSnapshot', 'ec2:DeleteSnapshot'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsRecentSnapshots.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html',
recommended_action: 'Create a new snapshot for EBS volume weekly.',
apis: ['EC2:describeSnapshots','STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateSnapshot', 'ec2:DeleteSnapshot'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsSnapshotHasTags.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://aws.amazon.com/blogs/compute/tag-amazon-ebs-snapshots-on-creation-and-implement-stronger-security-policies/',
recommended_action: 'Modify EBS snapshots and add tags.',
apis: ['EC2:describeSnapshots'],
realtime_triggers: ['ec2:CreateSnapshot', 'ec2:AddTags', 'ec2:DeleteTags','ec2:DeleteSnapshot'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsSnapshotLifecycle.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html',
apis: ['EC2:describeInstances', 'EC2:describeVolumes', 'DLM:getLifecyclePolicies',
'DLM:getLifecyclePolicy', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateVolume','dlm:CreateLifecyclePolicy', 'dlm:DeleteLifecyclePolicy', 'dlm:UpdateLifecyclePolicy','ec2:DeleteVolume'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsSnapshotPublic.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html',
recommended_action: 'Modify the permissions of public snapshots to remove public access.',
apis: ['EC2:describeSnapshots', 'EC2:describeSnapshotAttribute'],
realtime_triggers: ['ec2:CreateSnapshot' , 'ec2:ModifySnapshotAttribute', 'ec2:DeleteSnapshot'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsUnusedVolumes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Delete the unassociated EBS volume.',
link: 'https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html',
apis: ['EC2:describeInstances', 'EC2:describeVolumes', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateVolume','ec2:DeleteVolume'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ebsVolumeHasTags.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Modify EBS volumes and add tags',
link: 'https://aws.amazon.com/blogs/aws/new-tag-ec2-instances-ebs-volumes-on-creation/',
apis: ['EC2:describeVolumes', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateVolume', 'ec2:AddTags', 'ec2:DeleteTags','ec2:DeleteVolume'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ec2HasTags.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html',
recommended_action: 'Modify EC2 instances and add tags.',
apis: ['EC2:describeInstances'],
realtime_triggers: ['ec2:RunInstances', 'ec2:AddTags', 'ec2:DeleteTags', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/ec2MetadataOptions.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#configuring-instance-metadata-service',
recommended_action: 'Update instance metadata options to use IMDSv2',
apis: ['EC2:describeInstances'],
realtime_triggers: ['ec2:RunInstances', 'ec2:ModifyInstanceMetadataOptions', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/enableDetailedMonitoring.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html',
recommended_action: 'Modify EC2 instance to enable detailed monitoring.',
apis: ['EC2:describeInstances'],
realtime_triggers: ['ec2:RunInstances', 'ec2:MonitorInstances', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
const results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/encryptedAmi.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ module.exports = {
'allow it to remain compliant with the encryption at-rest ' +
'regulatory requirement.'
},
realtime_triggers: ['ec2:CreateImage', 'ec2:CopyImage', 'ec2:DeregisterImage'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/excessiveSecurityGroups.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ module.exports = {
default: 30
}
},
realtime_triggers: ['ec2:CreateSecurityGroup', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/flowLogsEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
'cardholder data. Enable VPC flow logs to log these network requests.',
cis2: '2.9 Ensure VPC flow logging is enabled in all VPCs'
},
realtime_triggers: ['ec2:CreateVpc', 'ec2:CreateFlowLogs', 'ec2:DeleteFlowLogs', 'ec2:DeleteVpc'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/instanceIamRole.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 10
}
},
realtime_triggers: ['ec2:RunInstances','ec2:AssociateIamInstanceProfile', 'ec2:DisassociateIamInstanceProfile', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/instanceKeyBasedLogin.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: '10'
}
},
realtime_triggers: ['ec2:RunInstances', 'ec2:ModifyInstanceAttribute', 'ec2;TerminateInstances'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/instanceLimit.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ module.exports = {
default: 75
}
},
realtime_triggers: ['ec2:RunInstances', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/instanceMaxCount.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,7 @@ module.exports = {
},

},
realtime_triggers: ['ec2:RunInstances', 'ec2:TerminateInstances'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/instanceVcpusLimit.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ module.exports = {
default: 75
}
},
realtime_triggers: ['ec2:RunInstances', 'ec2:TerminateInstances', 'servicequotas:RequestServiceQuotaIncrease'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/internetGatewayInVpc.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html',
recommended_action: 'Ensure Internet Gateways have VPC attached to them.',
apis: ['EC2:describeInternetGateways', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateInternetGateway', 'ec2:DetachInternetGateway', 'ec2:AttachInternetGateway', 'ec2:DeleteInternatGateway'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/launchWizardSecurityGroups.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/launchwizard/latest/userguide/launch-wizard-sap-security-groups.html',
recommended_action: 'Delete the launch wizard security group and replace it with a custom security group.',
apis: ['EC2:describeSecurityGroups'],
realtime_triggers: ['ec2:CreateSecurityGroup', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/managedNatGateway.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://aws.amazon.com/blogs/aws/new-managed-nat-network-address-translation-gateway-for-aws/',
recommended_action: 'Update VPCs to use Managed NAT Gateways instead of NAT instances',
apis: ['EC2:describeVpcs', 'EC2:describeNatGateways', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateNatGateway', 'ec2:ReplaceRoute','ec2:CreateVpc', 'ec2:DeleteNatGateway', 'ec2:DeleteVpc'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/multipleSubnets.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html#SubnetSecurity',
recommended_action: 'Create at least two subnets in each VPC, utilizing one for public traffic and the other for private traffic.',
apis: ['EC2:describeVpcs', 'EC2:describeSubnets', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateVpc', 'ec2:CreateSubnet', 'ec2:DeleteSubnet'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/natMultiAz.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html',
recommended_action: 'Launch managed NAT instances in multiple AZs.',
apis: ['EC2:describeVpcs', 'EC2:describeNatGateways', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateNatGateway', 'ec2:DeleteNatGateway'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/networkAclHasTags.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Modify Network ACL and add tags.',
link: 'https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html',
apis: ['EC2:describeNetworkAcls', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateNetworkAcl', 'ec2:AddTags', 'ec2:DeleteTags', 'ec2:DeleteNetworkAcl'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
3 changes: 2 additions & 1 deletion plugins/aws/ec2/networkAclInboundTraffic.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@ module.exports = {
compliance: {
cis1: '5.1 Ensure no Network ACLs allow ingress from 0.0.0.0/0 to remote server administration ports',
},

realtime_triggers: ['ec2:CreateNetworkAcl', 'ec2:ReplaceNetworkAclEntry', 'ec2:DeleteNetworkAcl'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/networkAclOutboundTraffic.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Update Network ACL to allow outbound/egress traffic to specific port ranges only',
link: 'https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html',
apis: ['EC2:describeNetworkAcls', 'STS:getCallerIdentity'],
realtime_triggers: ['ec2:CreateNetworkAcl', 'ec2:ReplaceNetworkAclEntry', 'ec2:DeleteNetworkAcl'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/openAllPortsProtocols.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ module.exports = {
'Security groups should be properly secured to prevent access to ' +
'backend services.'
},
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules', 'ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
2 changes: 2 additions & 0 deletions plugins/aws/ec2/openAllPortsProtocolsEgress.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ module.exports = {
default: 'false',
}
},
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules', 'ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
ec2_skip_unused_groups: settings.ec2_skip_unused_groups || this.settings.ec2_skip_unused_groups.default,
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/ec2/openCIFS.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module.exports = {
remediate: ['ec2:AuthorizeSecurityGroupIngress','ec2:RevokeSecurityGroupIngress'],
rollback:['ec2:AuthorizeSecurityGroupIngress']
},
realtime_triggers: ['ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules'],
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules','ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/ec2/openCassandraClient.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module.exports = {
remediate: ['ec2:AuthorizeSecurityGroupIngress','ec2:RevokeSecurityGroupIngress'],
rollback:['ec2:AuthorizeSecurityGroupIngress']
},
realtime_triggers: ['ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules'],
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules', 'ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/ec2/openCassandraInternode.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module.exports = {
remediate: ['ec2:AuthorizeSecurityGroupIngress','ec2:RevokeSecurityGroupIngress'],
rollback:['ec2:AuthorizeSecurityGroupIngress']
},
realtime_triggers: ['ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules'],
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules','ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/ec2/openCassandraMonitoring.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module.exports = {
remediate: ['ec2:AuthorizeSecurityGroupIngress','ec2:RevokeSecurityGroupIngress'],
rollback:['ec2:AuthorizeSecurityGroupIngress']
},
realtime_triggers: ['ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules'],
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules','ec2:RevokeSecurityGroupIngress','ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/ec2/openCassandraThrift.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module.exports = {
remediate: ['ec2:AuthorizeSecurityGroupIngress','ec2:RevokeSecurityGroupIngress'],
rollback:['ec2:AuthorizeSecurityGroupIngress']
},
realtime_triggers: ['ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules'],
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules','ec2:RevokeSecurityGroupIngress','ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/ec2/openCustomPorts.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ module.exports = {
default: 'false',
}
},
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress','ec2:ModifySecurityGroupRules','ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/ec2/openDNS.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module.exports = {
remediate: ['ec2:AuthorizeSecurityGroupIngress','ec2:RevokeSecurityGroupIngress'],
rollback:['ec2:AuthorizeSecurityGroupIngress']
},
realtime_triggers: ['ec2:AuthorizeSecurityGroupIngress', 'ec2:ModifySecurityGroupRules'],
realtime_triggers: ['ec2:CreateSecurityGroup','ec2:AuthorizeSecurityGroupIngress', 'ec2:ModifySecurityGroupRules','ec2:RevokeSecurityGroupIngress', 'ec2:DeleteSecurityGroup'],

run: function(cache, settings, callback) {
var config = {
Expand Down
Loading
Loading