From 6e85d2c3a260b354bda4af8d295c5fb65b7ff7a1 Mon Sep 17 00:00:00 2001 From: --global Date: Thu, 14 Sep 2023 16:12:47 +0500 Subject: [PATCH 1/6] added tiggers --- plugins/aws/kms/kmsDefaultKeyUsage.js | 1 + plugins/aws/lambda/envVarsClientSideEncryption.js | 1 + plugins/aws/lambda/lambdaAdminPrivileges.js | 3 ++- plugins/aws/lambda/lambdaHasTags.js | 2 +- plugins/aws/lambda/lambdaLogGroups.js | 1 + plugins/aws/lambda/lambdaOldRuntimes.js | 1 + plugins/aws/lambda/lambdaPublicAccess.js | 1 + plugins/aws/lambda/lambdaTracingEnabled.js | 1 + plugins/aws/lambda/lambdaUniqueExecutionRole.js | 2 +- plugins/aws/lambda/lambdaVpcConfig.js | 1 + plugins/aws/lex/lexAudioLogsEncrypted.js | 1 + plugins/aws/location/geoCollectionDataEncrypted.js | 1 + plugins/aws/location/trackerDataEncrypted.js | 1 + plugins/aws/lookout/anomalyDetectorEncrypted.js | 1 + plugins/aws/lookout/equipmentdatasetEncrypted.js | 1 + plugins/aws/lookout/modelDataEncrypted.js | 1 + plugins/aws/managedblockchain/networkMemberDataEncrypted.js | 1 + plugins/aws/memorydb/memorydbClusterEncrypted.js | 1 + plugins/aws/mq/mqAutoMinorVersionUpgrade.js | 1 + 19 files changed, 20 insertions(+), 3 deletions(-) diff --git a/plugins/aws/kms/kmsDefaultKeyUsage.js b/plugins/aws/kms/kmsDefaultKeyUsage.js index 1ae39f5955..dc0ef308db 100644 --- a/plugins/aws/kms/kmsDefaultKeyUsage.js +++ b/plugins/aws/kms/kmsDefaultKeyUsage.js @@ -20,6 +20,7 @@ module.exports = { 'passwords, it is still strongly encouraged to use a ' + 'customer-provided CMK rather than the default KMS key.' }, + realtime_triggers: ['kms:CreateKey', 'kms:CreateAlias','cloudtrail:CreateTrail', 'ec2:CreateVolume','elastictranscoder:CreatePipline', 'rds:CreateDBInstance', 'redshift:CreateCluster', 's3:CreateBucket','s3:putBucketEncryption','ses:CreateEmailIdentity', 'workspace:CreateWorkSpaces', 'lambda:CreateFunction', 'cloudwatchlogs:CreateLogGroup', 'efs:CreateFileSystem'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/envVarsClientSideEncryption.js b/plugins/aws/lambda/envVarsClientSideEncryption.js index dfe36b0aa6..805d313ac1 100644 --- a/plugins/aws/lambda/envVarsClientSideEncryption.js +++ b/plugins/aws/lambda/envVarsClientSideEncryption.js @@ -20,6 +20,7 @@ module.exports = { default: '' } }, + realtime_triggers: ['lambda:CreateFunction', 'lambda:UpdateFunctionConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaAdminPrivileges.js b/plugins/aws/lambda/lambdaAdminPrivileges.js index 3ff5f9c251..ea7b795e83 100644 --- a/plugins/aws/lambda/lambdaAdminPrivileges.js +++ b/plugins/aws/lambda/lambdaAdminPrivileges.js @@ -11,7 +11,8 @@ module.exports = { recommended_action: 'Modify IAM role attached with Lambda function to provide the minimal amount of access required to perform its tasks', apis: ['Lambda:listFunctions', 'IAM:listRoles', 'IAM:listAttachedRolePolicies', 'IAM:listRolePolicies', 'IAM:listPolicies', 'IAM:getPolicy', 'IAM:getPolicyVersion', 'IAM:getRolePolicy'], - + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration' ], + run: function(cache, settings, callback) { var results = []; var source = {}; diff --git a/plugins/aws/lambda/lambdaHasTags.js b/plugins/aws/lambda/lambdaHasTags.js index 49e16a98d9..f73023ba66 100644 --- a/plugins/aws/lambda/lambdaHasTags.js +++ b/plugins/aws/lambda/lambdaHasTags.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/configuration-tags.html', recommended_action: 'Modify Lambda function configurations and add new tags', apis: ['Lambda:listFunctions', 'ResourceGroupsTaggingAPI:getResources'], - + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaLogGroups.js b/plugins/aws/lambda/lambdaLogGroups.js index ac2b2c0444..580ae37921 100644 --- a/plugins/aws/lambda/lambdaLogGroups.js +++ b/plugins/aws/lambda/lambdaLogGroups.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/monitoring-cloudwatchlogs.html', recommended_action: 'Update the Lambda function permissions to allow CloudWatch logging.', apis: ['Lambda:listFunctions', 'CloudWatchLogs:describeLogGroups'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaOldRuntimes.js b/plugins/aws/lambda/lambdaOldRuntimes.js index 9ba49b5e22..f8e985c9b7 100644 --- a/plugins/aws/lambda/lambdaOldRuntimes.js +++ b/plugins/aws/lambda/lambdaOldRuntimes.js @@ -18,6 +18,7 @@ module.exports = { default: 0 } }, + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaPublicAccess.js b/plugins/aws/lambda/lambdaPublicAccess.js index 4157d95d9b..e8544a0dac 100644 --- a/plugins/aws/lambda/lambdaPublicAccess.js +++ b/plugins/aws/lambda/lambdaPublicAccess.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html', recommended_action: 'Update the Lambda policy to prevent access from the public.', apis: ['Lambda:listFunctions', 'Lambda:getPolicy'], + realtime_triggers: ['lambda:CreateFunction','lambda:AddPermission', 'lambda:RemovePermission'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaTracingEnabled.js b/plugins/aws/lambda/lambdaTracingEnabled.js index 0c8b197d27..653359f466 100644 --- a/plugins/aws/lambda/lambdaTracingEnabled.js +++ b/plugins/aws/lambda/lambdaTracingEnabled.js @@ -18,6 +18,7 @@ module.exports = { default: 'Aqua-CSPM-Token-Rotator-Function,-CreateCSPMKeyFunction-,-TriggerDiscoveryFunction-,-GenerateVolumeScanningEx-,-GenerateCSPMExternalIdFu-' } }, + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaUniqueExecutionRole.js b/plugins/aws/lambda/lambdaUniqueExecutionRole.js index b5fcb90aad..1122894a1f 100644 --- a/plugins/aws/lambda/lambdaUniqueExecutionRole.js +++ b/plugins/aws/lambda/lambdaUniqueExecutionRole.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html', recommended_action: 'Modify Lambda function and add new execution role.', apis: ['Lambda:listFunctions'], - + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration', 'lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaVpcConfig.js b/plugins/aws/lambda/lambdaVpcConfig.js index d0528130f5..a3f1b175dd 100644 --- a/plugins/aws/lambda/lambdaVpcConfig.js +++ b/plugins/aws/lambda/lambdaVpcConfig.js @@ -18,6 +18,7 @@ module.exports = { default: 'Aqua-CSPM-Token-Rotator-Function,-CreateCSPMKeyFunction-,-TriggerDiscoveryFunction-,-GenerateVolumeScanningEx-,-GenerateCSPMExternalIdFu-' } }, + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lex/lexAudioLogsEncrypted.js b/plugins/aws/lex/lexAudioLogsEncrypted.js index bcce83a295..90b5d890a5 100644 --- a/plugins/aws/lex/lexAudioLogsEncrypted.js +++ b/plugins/aws/lex/lexAudioLogsEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['lexmodelsV2:CreateBot'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/location/geoCollectionDataEncrypted.js b/plugins/aws/location/geoCollectionDataEncrypted.js index 4ccc08d85c..1b1bbe5e34 100644 --- a/plugins/aws/location/geoCollectionDataEncrypted.js +++ b/plugins/aws/location/geoCollectionDataEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['location:CreateGeofenceCollection'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/location/trackerDataEncrypted.js b/plugins/aws/location/trackerDataEncrypted.js index daf490c9b7..e08309df68 100644 --- a/plugins/aws/location/trackerDataEncrypted.js +++ b/plugins/aws/location/trackerDataEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['location:CreateTracker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lookout/anomalyDetectorEncrypted.js b/plugins/aws/lookout/anomalyDetectorEncrypted.js index 41235b54c7..4ef6523358 100644 --- a/plugins/aws/lookout/anomalyDetectorEncrypted.js +++ b/plugins/aws/lookout/anomalyDetectorEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['lookoutmetrics:CreateAnomalyDetector', 'lookoutmetrics:UpdateAnomalyDetector'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lookout/equipmentdatasetEncrypted.js b/plugins/aws/lookout/equipmentdatasetEncrypted.js index aa82b5cf7f..b9cc94fe5e 100644 --- a/plugins/aws/lookout/equipmentdatasetEncrypted.js +++ b/plugins/aws/lookout/equipmentdatasetEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['lookoutequipment:CreateDataset'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lookout/modelDataEncrypted.js b/plugins/aws/lookout/modelDataEncrypted.js index 4f5b08f04f..364fd81aaa 100644 --- a/plugins/aws/lookout/modelDataEncrypted.js +++ b/plugins/aws/lookout/modelDataEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['lookoutvision:CreateModel'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/managedblockchain/networkMemberDataEncrypted.js b/plugins/aws/managedblockchain/networkMemberDataEncrypted.js index a6833a7178..4f341ae76b 100644 --- a/plugins/aws/managedblockchain/networkMemberDataEncrypted.js +++ b/plugins/aws/managedblockchain/networkMemberDataEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk', } }, + realtime_triggers: ['managedblockchain:CreateNetwork'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/memorydb/memorydbClusterEncrypted.js b/plugins/aws/memorydb/memorydbClusterEncrypted.js index c24201fc69..6c66c26614 100644 --- a/plugins/aws/memorydb/memorydbClusterEncrypted.js +++ b/plugins/aws/memorydb/memorydbClusterEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk', } }, + realtime_triggers: ['MemoryDB:CreateCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqAutoMinorVersionUpgrade.js b/plugins/aws/mq/mqAutoMinorVersionUpgrade.js index 5cee02e62f..0a9a6f2f8c 100644 --- a/plugins/aws/mq/mqAutoMinorVersionUpgrade.js +++ b/plugins/aws/mq/mqAutoMinorVersionUpgrade.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Enabled Auto Minor Version Upgrade feature for MQ brokers', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], + realtime_triggers: ['mq:CreateBrocker'], run: function(cache, settings, callback) { var results = []; From 10ed5be1f3abaefbaab3224d30c93c13091251c8 Mon Sep 17 00:00:00 2001 From: --global Date: Thu, 14 Sep 2023 16:37:32 +0500 Subject: [PATCH 2/6] added tiggers for l,m,n,o --- plugins/aws/mq/mqAutoMinorVersionUpgrade.js | 2 +- plugins/aws/mq/mqBrokerEncrypted.js | 1 + plugins/aws/mq/mqBrokerPublicAccess.js | 1 + plugins/aws/mq/mqDeploymentMode.js | 1 + plugins/aws/mq/mqDesiredInstanceType.js | 1 + plugins/aws/mq/mqLatestEngineVersion.js | 1 + plugins/aws/mq/mqLogExports.js | 1 + plugins/aws/msk/mskClusterCBEncryption.js | 1 + plugins/aws/msk/mskClusterEncryptionAtRest.js | 2 ++ plugins/aws/msk/mskClusterEncryptionInTransit.js | 1 + plugins/aws/msk/mskClusterPublicAccess.js | 1 + plugins/aws/msk/mskClusterUnauthAccess.js | 1 + plugins/aws/mwaa/environmentAdminPrivileges.js | 1 + plugins/aws/mwaa/environmentDataEncrypted.js | 1 + plugins/aws/mwaa/webServerPublicAccess.js | 1 + plugins/aws/neptune/neptuneDBInstanceEncrypted.js | 1 + .../openSearchServerless/opensearchCollectionCmkEncrypted.js | 2 ++ .../openSearchServerless/opensearchCollectionPublicAccess.js | 1 + plugins/aws/opensearch/opensearchAccessFromIps.js | 1 + plugins/aws/opensearch/opensearchClusterStatus.js | 1 + plugins/aws/opensearch/opensearchCrossAccountAccess.js | 2 ++ plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js | 1 + plugins/aws/opensearch/opensearchDesiredInstanceTypes.js | 1 + plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js | 1 + plugins/aws/opensearch/opensearchExposedDomain.js | 1 + plugins/aws/opensearch/opensearchLoggingEnabled.js | 1 + plugins/aws/opensearch/opensearchPublicEndpoint.js | 1 + plugins/aws/opensearch/opensearchRequireIAMAuth.js | 1 + plugins/aws/opensearch/opensearchTlsVersion.js | 1 + plugins/aws/opensearch/opensearchUpgradeAvailable.js | 1 + plugins/aws/opensearch/opensearchVersion.js | 1 + plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js | 2 +- plugins/aws/organizations/enableAllFeatures.js | 1 + plugins/aws/organizations/organizationInvite.js | 1 + 34 files changed, 37 insertions(+), 2 deletions(-) diff --git a/plugins/aws/mq/mqAutoMinorVersionUpgrade.js b/plugins/aws/mq/mqAutoMinorVersionUpgrade.js index 0a9a6f2f8c..daea040839 100644 --- a/plugins/aws/mq/mqAutoMinorVersionUpgrade.js +++ b/plugins/aws/mq/mqAutoMinorVersionUpgrade.js @@ -10,7 +10,7 @@ module.exports = { recommended_action: 'Enabled Auto Minor Version Upgrade feature for MQ brokers', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], - realtime_triggers: ['mq:CreateBrocker'], + realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqBrokerEncrypted.js b/plugins/aws/mq/mqBrokerEncrypted.js index 8d6e63c2ce..7a24a7c42f 100644 --- a/plugins/aws/mq/mqBrokerEncrypted.js +++ b/plugins/aws/mq/mqBrokerEncrypted.js @@ -18,6 +18,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['mq:CreateBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqBrokerPublicAccess.js b/plugins/aws/mq/mqBrokerPublicAccess.js index 85252797f4..2af4dd8429 100644 --- a/plugins/aws/mq/mqBrokerPublicAccess.js +++ b/plugins/aws/mq/mqBrokerPublicAccess.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Review and update the security group settings to restrict public access to Amazon MQ brokers.', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/using-amazon-mq-securely.html', apis: ['MQ:listBrokers', 'MQ:describeBroker', 'EC2:describeSecurityGroups'], + realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqDeploymentMode.js b/plugins/aws/mq/mqDeploymentMode.js index 03c4401ddf..075c609d51 100644 --- a/plugins/aws/mq/mqDeploymentMode.js +++ b/plugins/aws/mq/mqDeploymentMode.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Enabled Deployment Mode feature for MQ brokers', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/active-standby-broker-deployment.html', apis: ['MQ:listBrokers'], + realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqDesiredInstanceType.js b/plugins/aws/mq/mqDesiredInstanceType.js index 243270dd32..b1159480de 100644 --- a/plugins/aws/mq/mqDesiredInstanceType.js +++ b/plugins/aws/mq/mqDesiredInstanceType.js @@ -18,6 +18,7 @@ module.exports = { default:'' } }, + realtime_triggers: ['mq:CreateBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqLatestEngineVersion.js b/plugins/aws/mq/mqLatestEngineVersion.js index 17c171c69d..04cfb51244 100644 --- a/plugins/aws/mq/mqLatestEngineVersion.js +++ b/plugins/aws/mq/mqLatestEngineVersion.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Update Amazon MQ brokers to the latest version of Apache ActiveMQ broker engine.', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/activemq-version-management.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], + realtime_triggers: ['mq:CreateBrocker', 'mq:CreateConfiguration','mq:UpdateConfiguration', 'mq:UpdateBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqLogExports.js b/plugins/aws/mq/mqLogExports.js index d6872417a5..6bbb6a34a0 100644 --- a/plugins/aws/mq/mqLogExports.js +++ b/plugins/aws/mq/mqLogExports.js @@ -10,6 +10,7 @@ module.exports = { recommended_action: 'Enable Log Exports feature for MQ brokers', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/security-logging-monitoring.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], + realtime_triggers: ['mq:CreateBroker', 'mq:UpdateBroker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterCBEncryption.js b/plugins/aws/msk/mskClusterCBEncryption.js index ed43b8f3d9..6197ff23fe 100644 --- a/plugins/aws/msk/mskClusterCBEncryption.js +++ b/plugins/aws/msk/mskClusterCBEncryption.js @@ -11,6 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html', recommended_action: 'Enable only TLS encryption between the client and broker for all MSK clusters', apis: ['Kafka:listClusters'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterEncryptionAtRest.js b/plugins/aws/msk/mskClusterEncryptionAtRest.js index c5be837c95..c834c9f5e0 100644 --- a/plugins/aws/msk/mskClusterEncryptionAtRest.js +++ b/plugins/aws/msk/mskClusterEncryptionAtRest.js @@ -18,6 +18,8 @@ module.exports = { default: 'awscmk', } }, + realtime_triggers: ['kafka:CreateCluster'], + run: function(cache, settings, callback) { var results = []; var source = {}; diff --git a/plugins/aws/msk/mskClusterEncryptionInTransit.js b/plugins/aws/msk/mskClusterEncryptionInTransit.js index fd71dd15d3..f4e4c68c1e 100644 --- a/plugins/aws/msk/mskClusterEncryptionInTransit.js +++ b/plugins/aws/msk/mskClusterEncryptionInTransit.js @@ -11,6 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html', recommended_action: 'Enable TLS encryption within the cluster for all MSK clusters', apis: ['Kafka:listClusters'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterPublicAccess.js b/plugins/aws/msk/mskClusterPublicAccess.js index ac5301b4ac..7e59131891 100644 --- a/plugins/aws/msk/mskClusterPublicAccess.js +++ b/plugins/aws/msk/mskClusterPublicAccess.js @@ -11,6 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html', recommended_action: 'Check for public access feature within the cluster for all MSK clusters', apis: ['Kafka:listClusters'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateConnectivity'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterUnauthAccess.js b/plugins/aws/msk/mskClusterUnauthAccess.js index e8725e6799..df925bcaa9 100644 --- a/plugins/aws/msk/mskClusterUnauthAccess.js +++ b/plugins/aws/msk/mskClusterUnauthAccess.js @@ -11,6 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-authentication.html', recommended_action: 'Ensure that MSK clusters does not have unauthenticated access enabled.', apis: ['Kafka:listClusters'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mwaa/environmentAdminPrivileges.js b/plugins/aws/mwaa/environmentAdminPrivileges.js index 12c8c397e5..38aa54aa1d 100644 --- a/plugins/aws/mwaa/environmentAdminPrivileges.js +++ b/plugins/aws/mwaa/environmentAdminPrivileges.js @@ -11,6 +11,7 @@ module.exports = { recommended_action: 'Modify IAM role attached with MWAA environment to provide the minimal amount of access required to perform its tasks', apis: ['MWAA:listEnvironments', 'MWAA:getEnvironment', 'IAM:listRoles', 'IAM:listAttachedRolePolicies', 'IAM:listRolePolicies', 'IAM:listPolicies', 'IAM:getPolicy', 'IAM:getPolicyVersion', 'IAM:getRolePolicy', 'STS:getCallerIdentity'], + realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mwaa/environmentDataEncrypted.js b/plugins/aws/mwaa/environmentDataEncrypted.js index 582cf5b3d2..3b315eabca 100644 --- a/plugins/aws/mwaa/environmentDataEncrypted.js +++ b/plugins/aws/mwaa/environmentDataEncrypted.js @@ -19,6 +19,7 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['mwaa:CreateEnvironment'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mwaa/webServerPublicAccess.js b/plugins/aws/mwaa/webServerPublicAccess.js index 52d1ca99b5..44896bb915 100644 --- a/plugins/aws/mwaa/webServerPublicAccess.js +++ b/plugins/aws/mwaa/webServerPublicAccess.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-create.html', recommended_action: 'Modify Amazon MWAA environments to set web server access mode to be private only', apis: ['MWAA:listEnvironments', 'MWAA:getEnvironment', 'STS:getCallerIdentity'], + realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/neptune/neptuneDBInstanceEncrypted.js b/plugins/aws/neptune/neptuneDBInstanceEncrypted.js index 8c03a0d0d8..31f9dad7c1 100644 --- a/plugins/aws/neptune/neptuneDBInstanceEncrypted.js +++ b/plugins/aws/neptune/neptuneDBInstanceEncrypted.js @@ -20,6 +20,7 @@ module.exports = { default: 'awscmk', } }, + realtime_triggers: ['neptune:CreateDBCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js b/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js index 2ecf47f671..44ad6e1da1 100644 --- a/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js +++ b/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js @@ -19,6 +19,8 @@ module.exports = { default: 'awscmk' } }, + realtime_triggers: ['opensearchserverless:CreateCollection'], + run: function(cache, settings, callback) { var results = []; var source = {}; diff --git a/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js b/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js index a9abc1f1d5..c325275c26 100644 --- a/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js +++ b/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-network.html', recommended_action: 'Update the network policy and remove the public access to the collection.', apis: ['OpenSearchServerless:listNetworkSecurityPolicies', 'OpenSearchServerless:getNetworkSecurityPolicy', 'OpenSearchServerless:listCollections'], + realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearchserverless:CreateSecurityPolicy', 'opensearchserverless:UpdateSecurityPolicy','opensearchserverless:DeleteSecurityPolicy'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchAccessFromIps.js b/plugins/aws/opensearch/opensearchAccessFromIps.js index 3e8edb310d..2819498265 100644 --- a/plugins/aws/opensearch/opensearchAccessFromIps.js +++ b/plugins/aws/opensearch/opensearchAccessFromIps.js @@ -18,6 +18,7 @@ module.exports = { default: '' } }, + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchClusterStatus.js b/plugins/aws/opensearch/opensearchClusterStatus.js index 20e953044d..7ef4bf389c 100644 --- a/plugins/aws/opensearch/opensearchClusterStatus.js +++ b/plugins/aws/opensearch/opensearchClusterStatus.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cloudwatch-alarms.html', recommended_action: 'Configure alarms to send notification if cluster status remains red for more than a minute.', apis: ['OpenSearch:listDomainNames', 'CloudWatch:getEsMetricStatistics', 'STS:getCallerIdentity'], + realtime_triggers: ['openSearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchCrossAccountAccess.js b/plugins/aws/opensearch/opensearchCrossAccountAccess.js index 85b3af9ea3..940a80f6c3 100644 --- a/plugins/aws/opensearch/opensearchCrossAccountAccess.js +++ b/plugins/aws/opensearch/opensearchCrossAccountAccess.js @@ -37,6 +37,8 @@ module.exports = { default: 'aws:PrincipalArn,aws:PrincipalAccount,aws:PrincipalOrgID,aws:SourceAccount,aws:SourceArn,aws:SourceOwner' }, }, + realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig'], + run: function(cache, settings, callback) { var config= { os_whitelisted_aws_account_principals : settings.os_whitelisted_aws_account_principals || this.settings.os_whitelisted_aws_account_principals.default, diff --git a/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js b/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js index 350c2e61c6..44b9122604 100644 --- a/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js +++ b/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html', recommended_action: 'Update the domain to use dedicated master nodes.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], + realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js b/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js index 825151da71..1efad7e53f 100644 --- a/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js +++ b/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js @@ -24,6 +24,7 @@ module.exports = { default: '' } }, + realtime_triggers: ['opensearch:CreateDomain'], run: function(cache, settings, callback) { const results = []; diff --git a/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js b/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js index b1e1041368..2b1f5e25cc 100644 --- a/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js +++ b/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js @@ -18,6 +18,7 @@ module.exports = { default: 'awscmk', } }, + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var config = { diff --git a/plugins/aws/opensearch/opensearchExposedDomain.js b/plugins/aws/opensearch/opensearchExposedDomain.js index d6495cef4c..4fd6aa519c 100644 --- a/plugins/aws/opensearch/opensearchExposedDomain.js +++ b/plugins/aws/opensearch/opensearchExposedDomain.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html', recommended_action: 'Update OpenSearch domain to set access control.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchLoggingEnabled.js b/plugins/aws/opensearch/opensearchLoggingEnabled.js index 32b21bbb23..d3a7a214e0 100644 --- a/plugins/aws/opensearch/opensearchLoggingEnabled.js +++ b/plugins/aws/opensearch/opensearchLoggingEnabled.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html', recommended_action: 'Ensure logging is enabled and a CloudWatch log group is specified for each OpenSearch domain.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchPublicEndpoint.js b/plugins/aws/opensearch/opensearchPublicEndpoint.js index 645a3db149..b273453acd 100644 --- a/plugins/aws/opensearch/opensearchPublicEndpoint.js +++ b/plugins/aws/opensearch/opensearchPublicEndpoint.js @@ -18,6 +18,7 @@ module.exports = { default: 'false' }, }, + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchRequireIAMAuth.js b/plugins/aws/opensearch/opensearchRequireIAMAuth.js index 767219c01d..747972334d 100644 --- a/plugins/aws/opensearch/opensearchRequireIAMAuth.js +++ b/plugins/aws/opensearch/opensearchRequireIAMAuth.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html', recommended_action: 'Configure the OpenSearch domain to have an access policy without a global principal or no principal', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchTlsVersion.js b/plugins/aws/opensearch/opensearchTlsVersion.js index 10678f12d6..26339f9188 100644 --- a/plugins/aws/opensearch/opensearchTlsVersion.js +++ b/plugins/aws/opensearch/opensearchTlsVersion.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html', recommended_action: 'Update OpenSearch domain to set TLSSecurityPolicy to contain TLS version 1.2.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { const results = []; diff --git a/plugins/aws/opensearch/opensearchUpgradeAvailable.js b/plugins/aws/opensearch/opensearchUpgradeAvailable.js index b1a6d0d3da..98ecfbc3ca 100644 --- a/plugins/aws/opensearch/opensearchUpgradeAvailable.js +++ b/plugins/aws/opensearch/opensearchUpgradeAvailable.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/version-migration.html', recommended_action: 'Ensure each OpenSearch domain is running the latest service software and update out-of-date domains.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchVersion.js b/plugins/aws/opensearch/opensearchVersion.js index d67c0a53fe..c4b66531e8 100644 --- a/plugins/aws/opensearch/opensearchVersion.js +++ b/plugins/aws/opensearch/opensearchVersion.js @@ -10,6 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html', recommended_action: 'Update OpenSearch domain to set to latest engine version.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run:function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js b/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js index 7263710ea9..fba41f24cd 100644 --- a/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js +++ b/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://aws.amazon.com/blogs/security/how-to-control-access-to-your-amazon-elasticsearch-service-domain/', recommended_action: 'Modify OpenSearch domain configuration and enable domain zone awareness.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], - + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/organizations/enableAllFeatures.js b/plugins/aws/organizations/enableAllFeatures.js index 6d24df8faf..1d00b26e7b 100644 --- a/plugins/aws/organizations/enableAllFeatures.js +++ b/plugins/aws/organizations/enableAllFeatures.js @@ -9,6 +9,7 @@ module.exports = { recommended_action: 'Enable all AWS Organizations features.', link: 'https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html?icmpid=docs_orgs_console', apis: ['Organizations:describeOrganization'], + realtime_triggers: ['organizations:CreateOrganization', 'organizations:EnableAllFeatures'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/organizations/organizationInvite.js b/plugins/aws/organizations/organizationInvite.js index 842c80564f..273576d215 100644 --- a/plugins/aws/organizations/organizationInvite.js +++ b/plugins/aws/organizations/organizationInvite.js @@ -9,6 +9,7 @@ module.exports = { recommended_action: 'Enable all AWS Organizations features', link: 'https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html?icmpid=docs_orgs_console', apis: ['Organizations:listHandshakesForAccount'], + realtime_triggers: ['organizations:CreateOrganization', 'organizations:AcceptHandshake' ,'organizations:DeclineHandshake', 'organizations:CancleHandshake'], run: function(cache, settings, callback) { var results = []; From 8017773254fc4f2e1e98bf7d9d86f125488a9420 Mon Sep 17 00:00:00 2001 From: --global Date: Thu, 14 Sep 2023 17:47:43 +0500 Subject: [PATCH 3/6] added tiggers --- plugins/aws/lex/lexAudioLogsEncrypted.js | 2 +- plugins/aws/location/trackerDataEncrypted.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/aws/lex/lexAudioLogsEncrypted.js b/plugins/aws/lex/lexAudioLogsEncrypted.js index 90b5d890a5..146bdd600f 100644 --- a/plugins/aws/lex/lexAudioLogsEncrypted.js +++ b/plugins/aws/lex/lexAudioLogsEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['lexmodelsV2:CreateBot'], + realtime_triggers: ['lexmodelsV2:CreateBot', 'lexmodelsV2:UpdateBot'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/location/trackerDataEncrypted.js b/plugins/aws/location/trackerDataEncrypted.js index e08309df68..c5d1087c2e 100644 --- a/plugins/aws/location/trackerDataEncrypted.js +++ b/plugins/aws/location/trackerDataEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['location:CreateTracker'], + realtime_triggers: ['location:CreateTracker', 'location:UpdateTracker'], run: function(cache, settings, callback) { var results = []; From da33cc866641eafdbb07ce3c859fbfccfc0186bb Mon Sep 17 00:00:00 2001 From: --global Date: Thu, 14 Sep 2023 19:33:46 +0500 Subject: [PATCH 4/6] resolve issues --- plugins/aws/kms/kmsDefaultKeyUsage.js | 2 +- plugins/aws/lambda/lambdaPublicAccess.js | 2 +- plugins/aws/lex/lexAudioLogsEncrypted.js | 2 +- plugins/aws/mq/mqLatestEngineVersion.js | 2 +- plugins/aws/msk/mskClusterPublicAccess.js | 2 +- plugins/aws/msk/mskClusterUnauthAccess.js | 2 +- .../openSearchServerless/opensearchCollectionPublicAccess.js | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/plugins/aws/kms/kmsDefaultKeyUsage.js b/plugins/aws/kms/kmsDefaultKeyUsage.js index dc0ef308db..1798c51f81 100644 --- a/plugins/aws/kms/kmsDefaultKeyUsage.js +++ b/plugins/aws/kms/kmsDefaultKeyUsage.js @@ -20,7 +20,7 @@ module.exports = { 'passwords, it is still strongly encouraged to use a ' + 'customer-provided CMK rather than the default KMS key.' }, - realtime_triggers: ['kms:CreateKey', 'kms:CreateAlias','cloudtrail:CreateTrail', 'ec2:CreateVolume','elastictranscoder:CreatePipline', 'rds:CreateDBInstance', 'redshift:CreateCluster', 's3:CreateBucket','s3:putBucketEncryption','ses:CreateEmailIdentity', 'workspace:CreateWorkSpaces', 'lambda:CreateFunction', 'cloudwatchlogs:CreateLogGroup', 'efs:CreateFileSystem'], + realtime_triggers: ['cloudtrail:CreateTrail', 'ec2:CreateVolume','elastictranscoder:CreatePipline', 'rds:CreateDBInstance', 'redshift:CreateCluster','s3:putBucketEncryption','ses:CreateEmailIdentity', 'workspace:CreateWorkSpaces', 'lambda:CreateFunction', 'cloudwatchlogs:CreateLogGroup', 'efs:CreateFileSystem'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaPublicAccess.js b/plugins/aws/lambda/lambdaPublicAccess.js index e8544a0dac..7bcdff066a 100644 --- a/plugins/aws/lambda/lambdaPublicAccess.js +++ b/plugins/aws/lambda/lambdaPublicAccess.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html', recommended_action: 'Update the Lambda policy to prevent access from the public.', apis: ['Lambda:listFunctions', 'Lambda:getPolicy'], - realtime_triggers: ['lambda:CreateFunction','lambda:AddPermission', 'lambda:RemovePermission'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:AddPermission', 'lambda:RemovePermission'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lex/lexAudioLogsEncrypted.js b/plugins/aws/lex/lexAudioLogsEncrypted.js index 146bdd600f..d61d75ed7b 100644 --- a/plugins/aws/lex/lexAudioLogsEncrypted.js +++ b/plugins/aws/lex/lexAudioLogsEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['lexmodelsV2:CreateBot', 'lexmodelsV2:UpdateBot'], + realtime_triggers: ['lexmodelsV2:CreateBotAlias', 'lexmodelsV2:UpdateBotAlias'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqLatestEngineVersion.js b/plugins/aws/mq/mqLatestEngineVersion.js index 04cfb51244..b9598c4ad2 100644 --- a/plugins/aws/mq/mqLatestEngineVersion.js +++ b/plugins/aws/mq/mqLatestEngineVersion.js @@ -10,7 +10,7 @@ module.exports = { recommended_action: 'Update Amazon MQ brokers to the latest version of Apache ActiveMQ broker engine.', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/activemq-version-management.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], - realtime_triggers: ['mq:CreateBrocker', 'mq:CreateConfiguration','mq:UpdateConfiguration', 'mq:UpdateBrocker'], + realtime_triggers: ['mq:CreateBrocker','mq:UpdateBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterPublicAccess.js b/plugins/aws/msk/mskClusterPublicAccess.js index 7e59131891..b97f5ee88b 100644 --- a/plugins/aws/msk/mskClusterPublicAccess.js +++ b/plugins/aws/msk/mskClusterPublicAccess.js @@ -11,7 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html', recommended_action: 'Check for public access feature within the cluster for all MSK clusters', apis: ['Kafka:listClusters'], - realtime_triggers: ['kafka:CreateCluster','kafka:UpdateConnectivity'], + realtime_triggers: ['kafka:CreateCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterUnauthAccess.js b/plugins/aws/msk/mskClusterUnauthAccess.js index df925bcaa9..2e3406d5fd 100644 --- a/plugins/aws/msk/mskClusterUnauthAccess.js +++ b/plugins/aws/msk/mskClusterUnauthAccess.js @@ -11,7 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-authentication.html', recommended_action: 'Ensure that MSK clusters does not have unauthenticated access enabled.', apis: ['Kafka:listClusters'], - realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateSecurity'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js b/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js index c325275c26..9d3d45c2e4 100644 --- a/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js +++ b/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-network.html', recommended_action: 'Update the network policy and remove the public access to the collection.', apis: ['OpenSearchServerless:listNetworkSecurityPolicies', 'OpenSearchServerless:getNetworkSecurityPolicy', 'OpenSearchServerless:listCollections'], - realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearchserverless:CreateSecurityPolicy', 'opensearchserverless:UpdateSecurityPolicy','opensearchserverless:DeleteSecurityPolicy'], + realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearserverless:UpdateCollection'], run: function(cache, settings, callback) { var results = []; From ff68801a9c15cd8fa7a6096e848af48b1a9fc8ed Mon Sep 17 00:00:00 2001 From: --global Date: Thu, 14 Sep 2023 20:16:03 +0500 Subject: [PATCH 5/6] added tigger --- plugins/aws/kms/kmsDefaultKeyUsage.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/aws/kms/kmsDefaultKeyUsage.js b/plugins/aws/kms/kmsDefaultKeyUsage.js index 1798c51f81..dbf478b102 100644 --- a/plugins/aws/kms/kmsDefaultKeyUsage.js +++ b/plugins/aws/kms/kmsDefaultKeyUsage.js @@ -20,7 +20,7 @@ module.exports = { 'passwords, it is still strongly encouraged to use a ' + 'customer-provided CMK rather than the default KMS key.' }, - realtime_triggers: ['cloudtrail:CreateTrail', 'ec2:CreateVolume','elastictranscoder:CreatePipline', 'rds:CreateDBInstance', 'redshift:CreateCluster','s3:putBucketEncryption','ses:CreateEmailIdentity', 'workspace:CreateWorkSpaces', 'lambda:CreateFunction', 'cloudwatchlogs:CreateLogGroup', 'efs:CreateFileSystem'], + realtime_triggers: ['cloudtrail:CreateTrail', 'ec2:CreateVolume','elastictranscoder:CreatePipline', 'rds:CreateDBInstance', 'redshift:CreateCluster','redshift:ModifyCluster','s3:putBucketEncryption','ses:CreateEmailIdentity','ses:CreateEmailIdentity','ses:SetActiveReceiptRuleSet', 'workspace:CreateWorkSpaces', 'lambda:CreateFunction','lambda:UpdateFunctionConfiguration', 'cloudwatchlogs:CreateLogGroup', 'efs:CreateFileSystem'], run: function(cache, settings, callback) { var results = []; From e817a2ba08c2151d078fc9d6a759612569b93e4b Mon Sep 17 00:00:00 2001 From: --global Date: Wed, 20 Sep 2023 23:20:16 +0500 Subject: [PATCH 6/6] added delete tiggers --- plugins/aws/lambda/envVarsClientSideEncryption.js | 2 +- plugins/aws/lambda/lambdaAdminPrivileges.js | 2 +- plugins/aws/lambda/lambdaHasTags.js | 2 +- plugins/aws/lambda/lambdaLogGroups.js | 2 +- plugins/aws/lambda/lambdaOldRuntimes.js | 2 +- plugins/aws/lambda/lambdaPublicAccess.js | 2 +- plugins/aws/lambda/lambdaTracingEnabled.js | 2 +- plugins/aws/lambda/lambdaVpcConfig.js | 2 +- plugins/aws/lex/lexAudioLogsEncrypted.js | 2 +- plugins/aws/location/geoCollectionDataEncrypted.js | 2 +- plugins/aws/location/trackerDataEncrypted.js | 2 +- plugins/aws/lookout/anomalyDetectorEncrypted.js | 2 +- plugins/aws/lookout/equipmentdatasetEncrypted.js | 2 +- plugins/aws/lookout/modelDataEncrypted.js | 2 +- plugins/aws/managedblockchain/networkMemberDataEncrypted.js | 2 +- plugins/aws/memorydb/memorydbClusterEncrypted.js | 2 +- plugins/aws/mq/mqAutoMinorVersionUpgrade.js | 2 +- plugins/aws/mq/mqBrokerEncrypted.js | 2 +- plugins/aws/mq/mqBrokerPublicAccess.js | 2 +- plugins/aws/mq/mqDeploymentMode.js | 2 +- plugins/aws/mq/mqDesiredInstanceType.js | 2 +- plugins/aws/mq/mqLatestEngineVersion.js | 2 +- plugins/aws/mq/mqLogExports.js | 2 +- plugins/aws/msk/mskClusterCBEncryption.js | 2 +- plugins/aws/msk/mskClusterEncryptionAtRest.js | 2 +- plugins/aws/msk/mskClusterEncryptionInTransit.js | 2 +- plugins/aws/msk/mskClusterPublicAccess.js | 2 +- plugins/aws/msk/mskClusterUnauthAccess.js | 2 +- plugins/aws/mwaa/environmentAdminPrivileges.js | 2 +- plugins/aws/mwaa/environmentDataEncrypted.js | 2 +- plugins/aws/mwaa/webServerPublicAccess.js | 2 +- plugins/aws/neptune/neptuneDBInstanceEncrypted.js | 2 +- .../openSearchServerless/opensearchCollectionCmkEncrypted.js | 2 +- .../openSearchServerless/opensearchCollectionPublicAccess.js | 2 +- plugins/aws/opensearch/opensearchAccessFromIps.js | 2 +- plugins/aws/opensearch/opensearchClusterStatus.js | 2 +- plugins/aws/opensearch/opensearchCrossAccountAccess.js | 2 +- plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js | 2 +- plugins/aws/opensearch/opensearchDesiredInstanceTypes.js | 2 +- plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js | 2 +- plugins/aws/opensearch/opensearchEncryptedDomain.js | 2 +- plugins/aws/opensearch/opensearchExposedDomain.js | 2 +- plugins/aws/opensearch/opensearchHttpsOnly.js | 2 +- plugins/aws/opensearch/opensearchLoggingEnabled.js | 2 +- plugins/aws/opensearch/opensearchNodeToNodeEncryption.js | 2 +- plugins/aws/opensearch/opensearchPublicEndpoint.js | 2 +- plugins/aws/opensearch/opensearchRequireIAMAuth.js | 2 +- plugins/aws/opensearch/opensearchTlsVersion.js | 2 +- plugins/aws/opensearch/opensearchUpgradeAvailable.js | 2 +- plugins/aws/opensearch/opensearchVersion.js | 2 +- plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js | 2 +- plugins/aws/organizations/enableAllFeatures.js | 2 +- plugins/aws/organizations/organizationInvite.js | 2 +- 53 files changed, 53 insertions(+), 53 deletions(-) diff --git a/plugins/aws/lambda/envVarsClientSideEncryption.js b/plugins/aws/lambda/envVarsClientSideEncryption.js index 805d313ac1..1c5a91fd0f 100644 --- a/plugins/aws/lambda/envVarsClientSideEncryption.js +++ b/plugins/aws/lambda/envVarsClientSideEncryption.js @@ -20,7 +20,7 @@ module.exports = { default: '' } }, - realtime_triggers: ['lambda:CreateFunction', 'lambda:UpdateFunctionConfiguration'], + realtime_triggers: ['lambda:CreateFunction', 'lambda:UpdateFunctionConfiguration', 'lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaAdminPrivileges.js b/plugins/aws/lambda/lambdaAdminPrivileges.js index ea7b795e83..62e8d8ef99 100644 --- a/plugins/aws/lambda/lambdaAdminPrivileges.js +++ b/plugins/aws/lambda/lambdaAdminPrivileges.js @@ -11,7 +11,7 @@ module.exports = { recommended_action: 'Modify IAM role attached with Lambda function to provide the minimal amount of access required to perform its tasks', apis: ['Lambda:listFunctions', 'IAM:listRoles', 'IAM:listAttachedRolePolicies', 'IAM:listRolePolicies', 'IAM:listPolicies', 'IAM:getPolicy', 'IAM:getPolicyVersion', 'IAM:getRolePolicy'], - realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration' ], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration', 'lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaHasTags.js b/plugins/aws/lambda/lambdaHasTags.js index f73023ba66..3c58d2ef68 100644 --- a/plugins/aws/lambda/lambdaHasTags.js +++ b/plugins/aws/lambda/lambdaHasTags.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/configuration-tags.html', recommended_action: 'Modify Lambda function configurations and add new tags', apis: ['Lambda:listFunctions', 'ResourceGroupsTaggingAPI:getResources'], - realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaLogGroups.js b/plugins/aws/lambda/lambdaLogGroups.js index 580ae37921..208af60503 100644 --- a/plugins/aws/lambda/lambdaLogGroups.js +++ b/plugins/aws/lambda/lambdaLogGroups.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/monitoring-cloudwatchlogs.html', recommended_action: 'Update the Lambda function permissions to allow CloudWatch logging.', apis: ['Lambda:listFunctions', 'CloudWatchLogs:describeLogGroups'], - realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaOldRuntimes.js b/plugins/aws/lambda/lambdaOldRuntimes.js index f8e985c9b7..bb06472305 100644 --- a/plugins/aws/lambda/lambdaOldRuntimes.js +++ b/plugins/aws/lambda/lambdaOldRuntimes.js @@ -18,7 +18,7 @@ module.exports = { default: 0 } }, - realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaPublicAccess.js b/plugins/aws/lambda/lambdaPublicAccess.js index 7bcdff066a..351e2b1a90 100644 --- a/plugins/aws/lambda/lambdaPublicAccess.js +++ b/plugins/aws/lambda/lambdaPublicAccess.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html', recommended_action: 'Update the Lambda policy to prevent access from the public.', apis: ['Lambda:listFunctions', 'Lambda:getPolicy'], - realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:AddPermission', 'lambda:RemovePermission'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:AddPermission', 'lambda:RemovePermission','lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaTracingEnabled.js b/plugins/aws/lambda/lambdaTracingEnabled.js index 653359f466..5a6aa42e60 100644 --- a/plugins/aws/lambda/lambdaTracingEnabled.js +++ b/plugins/aws/lambda/lambdaTracingEnabled.js @@ -18,7 +18,7 @@ module.exports = { default: 'Aqua-CSPM-Token-Rotator-Function,-CreateCSPMKeyFunction-,-TriggerDiscoveryFunction-,-GenerateVolumeScanningEx-,-GenerateCSPMExternalIdFu-' } }, - realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lambda/lambdaVpcConfig.js b/plugins/aws/lambda/lambdaVpcConfig.js index a3f1b175dd..42253793ea 100644 --- a/plugins/aws/lambda/lambdaVpcConfig.js +++ b/plugins/aws/lambda/lambdaVpcConfig.js @@ -18,7 +18,7 @@ module.exports = { default: 'Aqua-CSPM-Token-Rotator-Function,-CreateCSPMKeyFunction-,-TriggerDiscoveryFunction-,-GenerateVolumeScanningEx-,-GenerateCSPMExternalIdFu-' } }, - realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration'], + realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lex/lexAudioLogsEncrypted.js b/plugins/aws/lex/lexAudioLogsEncrypted.js index d61d75ed7b..fe50cb0e6b 100644 --- a/plugins/aws/lex/lexAudioLogsEncrypted.js +++ b/plugins/aws/lex/lexAudioLogsEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['lexmodelsV2:CreateBotAlias', 'lexmodelsV2:UpdateBotAlias'], + realtime_triggers: ['lexmodelsV2:CreateBotAlias', 'lexmodelsV2:UpdateBotAlias', 'lexmodelsV2:DeleteBotAlias'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/location/geoCollectionDataEncrypted.js b/plugins/aws/location/geoCollectionDataEncrypted.js index 1b1bbe5e34..c469e86672 100644 --- a/plugins/aws/location/geoCollectionDataEncrypted.js +++ b/plugins/aws/location/geoCollectionDataEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['location:CreateGeofenceCollection'], + realtime_triggers: ['location:CreateGeofenceCollection', 'location:DeleteGeofenceCollection'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/location/trackerDataEncrypted.js b/plugins/aws/location/trackerDataEncrypted.js index c5d1087c2e..1380bc1779 100644 --- a/plugins/aws/location/trackerDataEncrypted.js +++ b/plugins/aws/location/trackerDataEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['location:CreateTracker', 'location:UpdateTracker'], + realtime_triggers: ['location:CreateTracker', 'location:UpdateTracker', 'location:DeleteTracker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lookout/anomalyDetectorEncrypted.js b/plugins/aws/lookout/anomalyDetectorEncrypted.js index 4ef6523358..4eb6527a77 100644 --- a/plugins/aws/lookout/anomalyDetectorEncrypted.js +++ b/plugins/aws/lookout/anomalyDetectorEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['lookoutmetrics:CreateAnomalyDetector', 'lookoutmetrics:UpdateAnomalyDetector'], + realtime_triggers: ['lookoutmetrics:CreateAnomalyDetector', 'lookoutmetrics:UpdateAnomalyDetector', 'lookoutmetrics:DeleteAnomalyDetector'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lookout/equipmentdatasetEncrypted.js b/plugins/aws/lookout/equipmentdatasetEncrypted.js index b9cc94fe5e..a3dd7329c3 100644 --- a/plugins/aws/lookout/equipmentdatasetEncrypted.js +++ b/plugins/aws/lookout/equipmentdatasetEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['lookoutequipment:CreateDataset'], + realtime_triggers: ['lookoutequipment:CreateDataset', 'lookoutequipment:DeleteDataset'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/lookout/modelDataEncrypted.js b/plugins/aws/lookout/modelDataEncrypted.js index 364fd81aaa..77615e634b 100644 --- a/plugins/aws/lookout/modelDataEncrypted.js +++ b/plugins/aws/lookout/modelDataEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['lookoutvision:CreateModel'], + realtime_triggers: ['lookoutvision:CreateModel', 'lookoutvision:DeleteModel'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/managedblockchain/networkMemberDataEncrypted.js b/plugins/aws/managedblockchain/networkMemberDataEncrypted.js index 4f341ae76b..147565fdf9 100644 --- a/plugins/aws/managedblockchain/networkMemberDataEncrypted.js +++ b/plugins/aws/managedblockchain/networkMemberDataEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk', } }, - realtime_triggers: ['managedblockchain:CreateNetwork'], + realtime_triggers: ['managedblockchain:CreateNetwork', 'managedblockchain:DeleteMember'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/memorydb/memorydbClusterEncrypted.js b/plugins/aws/memorydb/memorydbClusterEncrypted.js index 6c66c26614..be159fbfb4 100644 --- a/plugins/aws/memorydb/memorydbClusterEncrypted.js +++ b/plugins/aws/memorydb/memorydbClusterEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk', } }, - realtime_triggers: ['MemoryDB:CreateCluster'], + realtime_triggers: ['MemoryDB:CreateCluster', 'MemoryDB:DeleteCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqAutoMinorVersionUpgrade.js b/plugins/aws/mq/mqAutoMinorVersionUpgrade.js index daea040839..5c9e6169ef 100644 --- a/plugins/aws/mq/mqAutoMinorVersionUpgrade.js +++ b/plugins/aws/mq/mqAutoMinorVersionUpgrade.js @@ -10,7 +10,7 @@ module.exports = { recommended_action: 'Enabled Auto Minor Version Upgrade feature for MQ brokers', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], - realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBrocker'], + realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBrocker', 'mq:DeleteBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqBrokerEncrypted.js b/plugins/aws/mq/mqBrokerEncrypted.js index 7a24a7c42f..c48418a245 100644 --- a/plugins/aws/mq/mqBrokerEncrypted.js +++ b/plugins/aws/mq/mqBrokerEncrypted.js @@ -18,7 +18,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['mq:CreateBrocker'], + realtime_triggers: ['mq:CreateBrocker', 'mq:DeleteBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqBrokerPublicAccess.js b/plugins/aws/mq/mqBrokerPublicAccess.js index 2af4dd8429..41731262ee 100644 --- a/plugins/aws/mq/mqBrokerPublicAccess.js +++ b/plugins/aws/mq/mqBrokerPublicAccess.js @@ -10,7 +10,7 @@ module.exports = { recommended_action: 'Review and update the security group settings to restrict public access to Amazon MQ brokers.', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/using-amazon-mq-securely.html', apis: ['MQ:listBrokers', 'MQ:describeBroker', 'EC2:describeSecurityGroups'], - realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker'], + realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker', 'mq:DeleteBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqDeploymentMode.js b/plugins/aws/mq/mqDeploymentMode.js index 075c609d51..b7dc226187 100644 --- a/plugins/aws/mq/mqDeploymentMode.js +++ b/plugins/aws/mq/mqDeploymentMode.js @@ -10,7 +10,7 @@ module.exports = { recommended_action: 'Enabled Deployment Mode feature for MQ brokers', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/active-standby-broker-deployment.html', apis: ['MQ:listBrokers'], - realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker'], + realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker', 'mq:DeleteBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqDesiredInstanceType.js b/plugins/aws/mq/mqDesiredInstanceType.js index b1159480de..a89260b78a 100644 --- a/plugins/aws/mq/mqDesiredInstanceType.js +++ b/plugins/aws/mq/mqDesiredInstanceType.js @@ -18,7 +18,7 @@ module.exports = { default:'' } }, - realtime_triggers: ['mq:CreateBrocker'], + realtime_triggers: ['mq:CreateBrocker', 'mq:DeleteBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqLatestEngineVersion.js b/plugins/aws/mq/mqLatestEngineVersion.js index b9598c4ad2..169b342f7d 100644 --- a/plugins/aws/mq/mqLatestEngineVersion.js +++ b/plugins/aws/mq/mqLatestEngineVersion.js @@ -10,7 +10,7 @@ module.exports = { recommended_action: 'Update Amazon MQ brokers to the latest version of Apache ActiveMQ broker engine.', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/activemq-version-management.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], - realtime_triggers: ['mq:CreateBrocker','mq:UpdateBrocker'], + realtime_triggers: ['mq:CreateBrocker','mq:UpdateBrocker', 'mq:DeleteBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mq/mqLogExports.js b/plugins/aws/mq/mqLogExports.js index 6bbb6a34a0..fb5808f8e1 100644 --- a/plugins/aws/mq/mqLogExports.js +++ b/plugins/aws/mq/mqLogExports.js @@ -10,7 +10,7 @@ module.exports = { recommended_action: 'Enable Log Exports feature for MQ brokers', link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/security-logging-monitoring.html', apis: ['MQ:listBrokers', 'MQ:describeBroker'], - realtime_triggers: ['mq:CreateBroker', 'mq:UpdateBroker'], + realtime_triggers: ['mq:CreateBroker', 'mq:UpdateBroker','mq:DeleteBrocker'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterCBEncryption.js b/plugins/aws/msk/mskClusterCBEncryption.js index 6197ff23fe..c302e0c501 100644 --- a/plugins/aws/msk/mskClusterCBEncryption.js +++ b/plugins/aws/msk/mskClusterCBEncryption.js @@ -11,7 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html', recommended_action: 'Enable only TLS encryption between the client and broker for all MSK clusters', apis: ['Kafka:listClusters'], - realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration', 'kafka:DeleteCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterEncryptionAtRest.js b/plugins/aws/msk/mskClusterEncryptionAtRest.js index c834c9f5e0..c6d1dd238e 100644 --- a/plugins/aws/msk/mskClusterEncryptionAtRest.js +++ b/plugins/aws/msk/mskClusterEncryptionAtRest.js @@ -18,7 +18,7 @@ module.exports = { default: 'awscmk', } }, - realtime_triggers: ['kafka:CreateCluster'], + realtime_triggers: ['kafka:CreateCluster', 'kafka:DeleteCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterEncryptionInTransit.js b/plugins/aws/msk/mskClusterEncryptionInTransit.js index f4e4c68c1e..275952b1aa 100644 --- a/plugins/aws/msk/mskClusterEncryptionInTransit.js +++ b/plugins/aws/msk/mskClusterEncryptionInTransit.js @@ -11,7 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html', recommended_action: 'Enable TLS encryption within the cluster for all MSK clusters', apis: ['Kafka:listClusters'], - realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration','kafka:DeleteCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterPublicAccess.js b/plugins/aws/msk/mskClusterPublicAccess.js index b97f5ee88b..c9aa02ad65 100644 --- a/plugins/aws/msk/mskClusterPublicAccess.js +++ b/plugins/aws/msk/mskClusterPublicAccess.js @@ -11,7 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html', recommended_action: 'Check for public access feature within the cluster for all MSK clusters', apis: ['Kafka:listClusters'], - realtime_triggers: ['kafka:CreateCluster'], + realtime_triggers: ['kafka:CreateCluster', 'kafka:DeleteCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/msk/mskClusterUnauthAccess.js b/plugins/aws/msk/mskClusterUnauthAccess.js index 2e3406d5fd..39d89407b9 100644 --- a/plugins/aws/msk/mskClusterUnauthAccess.js +++ b/plugins/aws/msk/mskClusterUnauthAccess.js @@ -11,7 +11,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-authentication.html', recommended_action: 'Ensure that MSK clusters does not have unauthenticated access enabled.', apis: ['Kafka:listClusters'], - realtime_triggers: ['kafka:CreateCluster','kafka:UpdateSecurity'], + realtime_triggers: ['kafka:CreateCluster','kafka:UpdateSecurity', 'kafka:DeleteCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mwaa/environmentAdminPrivileges.js b/plugins/aws/mwaa/environmentAdminPrivileges.js index 38aa54aa1d..bfe179d612 100644 --- a/plugins/aws/mwaa/environmentAdminPrivileges.js +++ b/plugins/aws/mwaa/environmentAdminPrivileges.js @@ -11,7 +11,7 @@ module.exports = { recommended_action: 'Modify IAM role attached with MWAA environment to provide the minimal amount of access required to perform its tasks', apis: ['MWAA:listEnvironments', 'MWAA:getEnvironment', 'IAM:listRoles', 'IAM:listAttachedRolePolicies', 'IAM:listRolePolicies', 'IAM:listPolicies', 'IAM:getPolicy', 'IAM:getPolicyVersion', 'IAM:getRolePolicy', 'STS:getCallerIdentity'], - realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment'], + realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment', 'mwaa:DeleteEnvironment'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mwaa/environmentDataEncrypted.js b/plugins/aws/mwaa/environmentDataEncrypted.js index 3b315eabca..9fe621624a 100644 --- a/plugins/aws/mwaa/environmentDataEncrypted.js +++ b/plugins/aws/mwaa/environmentDataEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['mwaa:CreateEnvironment'], + realtime_triggers: ['mwaa:CreateEnvironment', 'mwaa:DeleteEnvironment'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/mwaa/webServerPublicAccess.js b/plugins/aws/mwaa/webServerPublicAccess.js index 44896bb915..c49e7e48bb 100644 --- a/plugins/aws/mwaa/webServerPublicAccess.js +++ b/plugins/aws/mwaa/webServerPublicAccess.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-create.html', recommended_action: 'Modify Amazon MWAA environments to set web server access mode to be private only', apis: ['MWAA:listEnvironments', 'MWAA:getEnvironment', 'STS:getCallerIdentity'], - realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment'], + realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment', 'mwaa:DeleteEnvironment'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/neptune/neptuneDBInstanceEncrypted.js b/plugins/aws/neptune/neptuneDBInstanceEncrypted.js index 31f9dad7c1..3d16098a54 100644 --- a/plugins/aws/neptune/neptuneDBInstanceEncrypted.js +++ b/plugins/aws/neptune/neptuneDBInstanceEncrypted.js @@ -20,7 +20,7 @@ module.exports = { default: 'awscmk', } }, - realtime_triggers: ['neptune:CreateDBCluster'], + realtime_triggers: ['neptune:CreateDBCluster', 'neptune:DeleteDBCluster'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js b/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js index 44ad6e1da1..4abe1dc6cb 100644 --- a/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js +++ b/plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js @@ -19,7 +19,7 @@ module.exports = { default: 'awscmk' } }, - realtime_triggers: ['opensearchserverless:CreateCollection'], + realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearchserverless:DeleteCollection'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js b/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js index 9d3d45c2e4..fd825b8515 100644 --- a/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js +++ b/plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-network.html', recommended_action: 'Update the network policy and remove the public access to the collection.', apis: ['OpenSearchServerless:listNetworkSecurityPolicies', 'OpenSearchServerless:getNetworkSecurityPolicy', 'OpenSearchServerless:listCollections'], - realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearserverless:UpdateCollection'], + realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearserverless:UpdateCollection', 'opensearchserverless:DeleteCollection'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchAccessFromIps.js b/plugins/aws/opensearch/opensearchAccessFromIps.js index 2819498265..fb832995b8 100644 --- a/plugins/aws/opensearch/opensearchAccessFromIps.js +++ b/plugins/aws/opensearch/opensearchAccessFromIps.js @@ -18,7 +18,7 @@ module.exports = { default: '' } }, - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchClusterStatus.js b/plugins/aws/opensearch/opensearchClusterStatus.js index 7ef4bf389c..c66b7b2951 100644 --- a/plugins/aws/opensearch/opensearchClusterStatus.js +++ b/plugins/aws/opensearch/opensearchClusterStatus.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cloudwatch-alarms.html', recommended_action: 'Configure alarms to send notification if cluster status remains red for more than a minute.', apis: ['OpenSearch:listDomainNames', 'CloudWatch:getEsMetricStatistics', 'STS:getCallerIdentity'], - realtime_triggers: ['openSearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['openSearch:CreateDomain', 'opensearch:UpdateDomainConfig','opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchCrossAccountAccess.js b/plugins/aws/opensearch/opensearchCrossAccountAccess.js index 940a80f6c3..00b181fa11 100644 --- a/plugins/aws/opensearch/opensearchCrossAccountAccess.js +++ b/plugins/aws/opensearch/opensearchCrossAccountAccess.js @@ -37,7 +37,7 @@ module.exports = { default: 'aws:PrincipalArn,aws:PrincipalAccount,aws:PrincipalOrgID,aws:SourceAccount,aws:SourceArn,aws:SourceOwner' }, }, - realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var config= { diff --git a/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js b/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js index 44b9122604..43de0e7762 100644 --- a/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js +++ b/plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html', recommended_action: 'Update the domain to use dedicated master nodes.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], - realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js b/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js index 1efad7e53f..d4a6406a32 100644 --- a/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js +++ b/plugins/aws/opensearch/opensearchDesiredInstanceTypes.js @@ -24,7 +24,7 @@ module.exports = { default: '' } }, - realtime_triggers: ['opensearch:CreateDomain'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { const results = []; diff --git a/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js b/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js index 2b1f5e25cc..3aa4f70fc0 100644 --- a/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js +++ b/plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js @@ -18,7 +18,7 @@ module.exports = { default: 'awscmk', } }, - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var config = { diff --git a/plugins/aws/opensearch/opensearchEncryptedDomain.js b/plugins/aws/opensearch/opensearchEncryptedDomain.js index da385d931f..c35b8a3eec 100644 --- a/plugins/aws/opensearch/opensearchEncryptedDomain.js +++ b/plugins/aws/opensearch/opensearchEncryptedDomain.js @@ -29,7 +29,7 @@ module.exports = { remediate: ['opensearch:UpdateDomainConfig'], rollback: ['opensearch:UpdateDomainConfig'] }, - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchExposedDomain.js b/plugins/aws/opensearch/opensearchExposedDomain.js index 4fd6aa519c..245e375757 100644 --- a/plugins/aws/opensearch/opensearchExposedDomain.js +++ b/plugins/aws/opensearch/opensearchExposedDomain.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html', recommended_action: 'Update OpenSearch domain to set access control.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchHttpsOnly.js b/plugins/aws/opensearch/opensearchHttpsOnly.js index 95f9bb914d..2b54ac0147 100644 --- a/plugins/aws/opensearch/opensearchHttpsOnly.js +++ b/plugins/aws/opensearch/opensearchHttpsOnly.js @@ -29,7 +29,7 @@ module.exports = { remediate: ['opensearch:UpdateDomainConfig'], rollback: ['opensearch:UpdateDomainConfig'] }, - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchLoggingEnabled.js b/plugins/aws/opensearch/opensearchLoggingEnabled.js index d3a7a214e0..2c7b971ea2 100644 --- a/plugins/aws/opensearch/opensearchLoggingEnabled.js +++ b/plugins/aws/opensearch/opensearchLoggingEnabled.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html', recommended_action: 'Ensure logging is enabled and a CloudWatch log group is specified for each OpenSearch domain.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchNodeToNodeEncryption.js b/plugins/aws/opensearch/opensearchNodeToNodeEncryption.js index 2b185c9759..a3d5a2aacb 100644 --- a/plugins/aws/opensearch/opensearchNodeToNodeEncryption.js +++ b/plugins/aws/opensearch/opensearchNodeToNodeEncryption.js @@ -21,7 +21,7 @@ module.exports = { remediate: ['opensearch:UpdateDomainConfig'], rollback: ['opensearch:UpdateDomainConfig'] }, - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchPublicEndpoint.js b/plugins/aws/opensearch/opensearchPublicEndpoint.js index b273453acd..81483aa106 100644 --- a/plugins/aws/opensearch/opensearchPublicEndpoint.js +++ b/plugins/aws/opensearch/opensearchPublicEndpoint.js @@ -18,7 +18,7 @@ module.exports = { default: 'false' }, }, - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchRequireIAMAuth.js b/plugins/aws/opensearch/opensearchRequireIAMAuth.js index 747972334d..8a3f4b8104 100644 --- a/plugins/aws/opensearch/opensearchRequireIAMAuth.js +++ b/plugins/aws/opensearch/opensearchRequireIAMAuth.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html', recommended_action: 'Configure the OpenSearch domain to have an access policy without a global principal or no principal', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchTlsVersion.js b/plugins/aws/opensearch/opensearchTlsVersion.js index 26339f9188..7c7fb6b13f 100644 --- a/plugins/aws/opensearch/opensearchTlsVersion.js +++ b/plugins/aws/opensearch/opensearchTlsVersion.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html', recommended_action: 'Update OpenSearch domain to set TLSSecurityPolicy to contain TLS version 1.2.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { const results = []; diff --git a/plugins/aws/opensearch/opensearchUpgradeAvailable.js b/plugins/aws/opensearch/opensearchUpgradeAvailable.js index 98ecfbc3ca..921344ef65 100644 --- a/plugins/aws/opensearch/opensearchUpgradeAvailable.js +++ b/plugins/aws/opensearch/opensearchUpgradeAvailable.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/version-migration.html', recommended_action: 'Ensure each OpenSearch domain is running the latest service software and update out-of-date domains.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchVersion.js b/plugins/aws/opensearch/opensearchVersion.js index c4b66531e8..8055d23077 100644 --- a/plugins/aws/opensearch/opensearchVersion.js +++ b/plugins/aws/opensearch/opensearchVersion.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html', recommended_action: 'Update OpenSearch domain to set to latest engine version.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'], - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run:function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js b/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js index fba41f24cd..c9a606c93c 100644 --- a/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js +++ b/plugins/aws/opensearch/opensearchZoneAwarenessEnabled.js @@ -10,7 +10,7 @@ module.exports = { link: 'https://aws.amazon.com/blogs/security/how-to-control-access-to-your-amazon-elasticsearch-service-domain/', recommended_action: 'Modify OpenSearch domain configuration and enable domain zone awareness.', apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'], - realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'], + realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/organizations/enableAllFeatures.js b/plugins/aws/organizations/enableAllFeatures.js index 1d00b26e7b..a20b6aaa8b 100644 --- a/plugins/aws/organizations/enableAllFeatures.js +++ b/plugins/aws/organizations/enableAllFeatures.js @@ -9,7 +9,7 @@ module.exports = { recommended_action: 'Enable all AWS Organizations features.', link: 'https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html?icmpid=docs_orgs_console', apis: ['Organizations:describeOrganization'], - realtime_triggers: ['organizations:CreateOrganization', 'organizations:EnableAllFeatures'], + realtime_triggers: ['organizations:CreateOrganization', 'organizations:EnableAllFeatures', 'organizations:DeleteOrganization'], run: function(cache, settings, callback) { var results = []; diff --git a/plugins/aws/organizations/organizationInvite.js b/plugins/aws/organizations/organizationInvite.js index 273576d215..35fe368ba0 100644 --- a/plugins/aws/organizations/organizationInvite.js +++ b/plugins/aws/organizations/organizationInvite.js @@ -9,7 +9,7 @@ module.exports = { recommended_action: 'Enable all AWS Organizations features', link: 'https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html?icmpid=docs_orgs_console', apis: ['Organizations:listHandshakesForAccount'], - realtime_triggers: ['organizations:CreateOrganization', 'organizations:AcceptHandshake' ,'organizations:DeclineHandshake', 'organizations:CancleHandshake'], + realtime_triggers: ['organizations:CreateOrganization', 'organizations:AcceptHandshake' ,'organizations:DeclineHandshake', 'organizations:CancleHandshake', 'organizations:DeleteOrganization'], run: function(cache, settings, callback) { var results = [];