diff --git a/plugins/aws/connect/customerProfilesDomainEncrypted.js b/plugins/aws/connect/customerProfilesDomainEncrypted.js index c7341479e1..2678a2ce1c 100644 --- a/plugins/aws/connect/customerProfilesDomainEncrypted.js +++ b/plugins/aws/connect/customerProfilesDomainEncrypted.js @@ -18,6 +18,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['customerprofiles:CreateDomain', 'customerprofiles:UpdateDomain', 'customerprofile:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/connect/instanceAttachmentsEncrypted.js b/plugins/aws/connect/instanceAttachmentsEncrypted.js index 044894f6b3..14be6532a3 100644 --- a/plugins/aws/connect/instanceAttachmentsEncrypted.js +++ b/plugins/aws/connect/instanceAttachmentsEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig', 'connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/connect/instanceCallRecordingEncrypted.js b/plugins/aws/connect/instanceCallRecordingEncrypted.js index e5f6c84901..e90bf9778e 100644 --- a/plugins/aws/connect/instanceCallRecordingEncrypted.js +++ b/plugins/aws/connect/instanceCallRecordingEncrypted.js @@ -19,6 +19,8 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'], + run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/connect/instanceMediaStreamsEncrypted.js b/plugins/aws/connect/instanceMediaStreamsEncrypted.js index 0b3ff40a84..8c7c4f4b1d 100644 --- a/plugins/aws/connect/instanceMediaStreamsEncrypted.js +++ b/plugins/aws/connect/instanceMediaStreamsEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/connect/instanceReportsEncrypted.js b/plugins/aws/connect/instanceReportsEncrypted.js index b40a127136..c25ca703e2 100644 --- a/plugins/aws/connect/instanceReportsEncrypted.js +++ b/plugins/aws/connect/instanceReportsEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/connect/instanceTranscriptsEncrypted.js b/plugins/aws/connect/instanceTranscriptsEncrypted.js index 791b8c886b..1e9cdf1cf4 100644 --- a/plugins/aws/connect/instanceTranscriptsEncrypted.js +++ b/plugins/aws/connect/instanceTranscriptsEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/connect/voiceIdDomainEncrypted.js b/plugins/aws/connect/voiceIdDomainEncrypted.js index f3c7324898..cf9c889357 100644 --- a/plugins/aws/connect/voiceIdDomainEncrypted.js +++ b/plugins/aws/connect/voiceIdDomainEncrypted.js @@ -22,6 +22,7 @@ module.exports = { default: 'awskms' } }, + realtime_triggers: ['voiceid:CreateDomain', 'voiceid:UpdateDomain', 'voiceid:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/connect/wisdomDomainEncrypted.js b/plugins/aws/connect/wisdomDomainEncrypted.js index d757207d95..bf153794bc 100644 --- a/plugins/aws/connect/wisdomDomainEncrypted.js +++ b/plugins/aws/connect/wisdomDomainEncrypted.js @@ -22,6 +22,7 @@ module.exports = { default: 'awskms' } }, + realtime_triggers: ['wisdom:CreateAssistant', 'wisdom:DeleteAssistant'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/finspace/finspaceEnvironmentEncrypted.js b/plugins/aws/finspace/finspaceEnvironmentEncrypted.js index 7a3e6dadeb..1d454cf9f4 100644 --- a/plugins/aws/finspace/finspaceEnvironmentEncrypted.js +++ b/plugins/aws/finspace/finspaceEnvironmentEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['finspace:CreateEnviromennt', 'finspace:DeleteEnviroment'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/firehose/deliveryStreamEncrypted.js b/plugins/aws/firehose/deliveryStreamEncrypted.js index 203250bca8..ca7df2db5f 100644 --- a/plugins/aws/firehose/deliveryStreamEncrypted.js +++ b/plugins/aws/firehose/deliveryStreamEncrypted.js @@ -20,6 +20,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['firehose:CreateDeliveryStreams','firehose:UpdateDestination', 'firehose:DeleteliveryStreams'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/firehose/firehoseEncrypted.js b/plugins/aws/firehose/firehoseEncrypted.js index 3340988ead..d7be7839df 100644 --- a/plugins/aws/firehose/firehoseEncrypted.js +++ b/plugins/aws/firehose/firehoseEncrypted.js @@ -17,6 +17,7 @@ module.exports = { 'AWS KMS encryption ensures that the Firehose payload meets the ' + 'encryption in transit and at rest requirements of HIPAA.' }, + realtime_triggers: ['firehose:CreateDeliveryStreams','firehose:StartDeliveryStreamEncryption', 'kinesis:StartStreamEncryption', 'firehose:DeleteliveryStreams'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/forecast/datasetExportEncrypted.js b/plugins/aws/forecast/datasetExportEncrypted.js index afa8e9c6d8..880e55f20c 100644 --- a/plugins/aws/forecast/datasetExportEncrypted.js +++ b/plugins/aws/forecast/datasetExportEncrypted.js @@ -18,6 +18,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['forecast:CreateForecastExportJob', 'forecast:DeleteForecastExportjob'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/forecast/forecastDatasetEncrypted.js b/plugins/aws/forecast/forecastDatasetEncrypted.js index 4bb1eaeb98..27191963a8 100644 --- a/plugins/aws/forecast/forecastDatasetEncrypted.js +++ b/plugins/aws/forecast/forecastDatasetEncrypted.js @@ -19,6 +19,8 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['forecastservice:CreateDataset', 'forecastservice:DeleteDataset'], + run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/frauddetector/fraudDetectorDataEncrypted.js b/plugins/aws/frauddetector/fraudDetectorDataEncrypted.js index 73933815e4..78096775d4 100644 --- a/plugins/aws/frauddetector/fraudDetectorDataEncrypted.js +++ b/plugins/aws/frauddetector/fraudDetectorDataEncrypted.js @@ -18,6 +18,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['frauddetector:PutKMSEncryptionKey', 'frauddetector:DeleteDetector'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/fsx/fsxFileSystemEncrypted.js b/plugins/aws/fsx/fsxFileSystemEncrypted.js index 0e1de5f3db..10817359a6 100644 --- a/plugins/aws/fsx/fsxFileSystemEncrypted.js +++ b/plugins/aws/fsx/fsxFileSystemEncrypted.js @@ -18,6 +18,8 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['fsx:CreateFileSystem', 'fsx:DeleteFileSystem'], + run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/glue/bookmarkEncryptionEnabled.js b/plugins/aws/glue/bookmarkEncryptionEnabled.js index e37c3bfd19..9ce185c8e8 100644 --- a/plugins/aws/glue/bookmarkEncryptionEnabled.js +++ b/plugins/aws/glue/bookmarkEncryptionEnabled.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Recreate Glue security configurations and enable job bookmark encryption', link: 'https://docs.aws.amazon.com/glue/latest/dg/console-security-configurations.html', apis: ['Glue:getSecurityConfigurations', 'STS:getCallerIdentity'], + realtime_triggers: ['glue:CreateSecurityConfiguration', 'glue:DeleteSecurityConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/glue/dataCatalogCmkEncrypted.js b/plugins/aws/glue/dataCatalogCmkEncrypted.js index 4834134bf9..4f162a0399 100644 --- a/plugins/aws/glue/dataCatalogCmkEncrypted.js +++ b/plugins/aws/glue/dataCatalogCmkEncrypted.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Modify Glue data catalog to use CMK instead of AWS-managed Key to encrypt Metadata', link: 'https://docs.aws.amazon.com/glue/latest/dg/encrypt-glue-data-catalog.html', apis: ['Glue:getDataCatalogEncryptionSettings', 'KMS:listKeys', 'KMS:describeKey'], + realtime_triggers: ['glue:PutDataCatalogEncryptionSettings'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/glue/glueCloudwatchLogsEncrypted.js b/plugins/aws/glue/glueCloudwatchLogsEncrypted.js index d6a9f26bcc..127101b2d4 100644 --- a/plugins/aws/glue/glueCloudwatchLogsEncrypted.js +++ b/plugins/aws/glue/glueCloudwatchLogsEncrypted.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Modify Glue Security Configurations to enable CloudWatch logs encryption at-rest', link: 'https://docs.aws.amazon.com/glue/latest/dg/console-security-configurations.html', apis: ['Glue:getSecurityConfigurations', 'STS:getCallerIdentity'], + realtime_triggers: ['glue:CreateSecurityConfiguration', 'glue:DeleteSecurityConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/glue/glueS3EncryptionEnabled.js b/plugins/aws/glue/glueS3EncryptionEnabled.js index ad4dd82f8c..7391f26fcc 100644 --- a/plugins/aws/glue/glueS3EncryptionEnabled.js +++ b/plugins/aws/glue/glueS3EncryptionEnabled.js @@ -18,6 +18,7 @@ module.exports = { default: 'awscmk', } }, + realtime_triggers: ['glue:CreateSecurityConfiguration','glue:DeleteSecurityConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/gluedatabrew/databrewJobOutputEncrypted.js b/plugins/aws/gluedatabrew/databrewJobOutputEncrypted.js index 3ce1c9fb58..eee2ed8665 100644 --- a/plugins/aws/gluedatabrew/databrewJobOutputEncrypted.js +++ b/plugins/aws/gluedatabrew/databrewJobOutputEncrypted.js @@ -18,6 +18,7 @@ module.exports = { default: 'awscmk', } }, + realtime_triggers: ['databrew:CreateRecipeJob', 'databrew:UpdateRecipeJob', 'databrew:DeleteJob'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/guardduty/exportedFindingsEncrypted.js b/plugins/aws/guardduty/exportedFindingsEncrypted.js index 11adb8fcb7..6a310a2cf6 100644 --- a/plugins/aws/guardduty/exportedFindingsEncrypted.js +++ b/plugins/aws/guardduty/exportedFindingsEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['guardduty:CreateDetector', 'guardduty:DeleteDetector'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/guardduty/guarddutyEnabled.js b/plugins/aws/guardduty/guarddutyEnabled.js index fb85846c5b..295249e0cf 100644 --- a/plugins/aws/guardduty/guarddutyEnabled.js +++ b/plugins/aws/guardduty/guarddutyEnabled.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Enable GuardDuty for all AWS accounts.', link: 'https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html', apis: ['GuardDuty:listDetectors', 'GuardDuty:getDetector', 'STS:getCallerIdentity'], + realtime_triggers: ['guardduty:CreateDetector', 'guardduty:DeleteDetector'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/guardduty/guarddutyMaster.js b/plugins/aws/guardduty/guarddutyMaster.js index 9ae9b96931..63b4cb3511 100644 --- a/plugins/aws/guardduty/guarddutyMaster.js +++ b/plugins/aws/guardduty/guarddutyMaster.js @@ -18,6 +18,7 @@ module.exports = { default: '', }, }, + realtime_triggers: ['guardduty:CreateDetector', 'guardduty:CreateMembers', 'guardduty:DeleteDetector', 'guardduty:DeleteMembers'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/guardduty/noActiveFindings.js b/plugins/aws/guardduty/noActiveFindings.js index b928b275ef..c158ecdedc 100644 --- a/plugins/aws/guardduty/noActiveFindings.js +++ b/plugins/aws/guardduty/noActiveFindings.js @@ -20,6 +20,7 @@ module.exports = { default: '48' } }, + realtime_triggers: ['guardduty:CreateDetector', 'guardduty:ArchiveFindings', 'guardduty:DeleteDetector'], run: function(cache, settings, callback) { const results = []; diff --git a/plugins/aws/guardduty/s3ProtectionEnabled.js b/plugins/aws/guardduty/s3ProtectionEnabled.js index b5e8008c40..5c55542a28 100644 --- a/plugins/aws/guardduty/s3ProtectionEnabled.js +++ b/plugins/aws/guardduty/s3ProtectionEnabled.js @@ -10,7 +10,8 @@ module.exports = { recommended_action: 'Enable GuardDuty S3 protection for all AWS accounts.', link: 'https://docs.aws.amazon.com/guardduty/latest/ug/s3-protection.html', apis: ['GuardDuty:listDetectors', 'GuardDuty:getDetector', 'STS:getCallerIdentity'], - + realtime_triggers: ['guardduty:CreateDetector', 'guardduty:UpdateDetector', 'guardduty:DeleteDetector'], + run: function(cache, settings, callback) { var results = []; var source = {}; diff --git a/plugins/aws/healthlake/dataStoreEncrypted.js b/plugins/aws/healthlake/dataStoreEncrypted.js index 1fad1ee32e..2a860f83b5 100644 --- a/plugins/aws/healthlake/dataStoreEncrypted.js +++ b/plugins/aws/healthlake/dataStoreEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['healthlake:CreateFHIRDatastore', 'healthlake:DeleteFHIRDatastore'], run: function(cache, settings, callback) { var results = [];