Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

L m n o tiggers #1719

Merged
merged 6 commits into from
Dec 27, 2023
Merged

L m n o tiggers #1719

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
6e85d2c
added tiggers
fatima99s Sep 14, 2023
10ed5be
added tiggers for l,m,n,o
fatima99s Sep 14, 2023
8017773
added tiggers
fatima99s Sep 14, 2023
da33cc8
resolve issues
fatima99s Sep 14, 2023
ff68801
added tigger
fatima99s Sep 14, 2023
e817a2b
added delete tiggers
fatima99s Sep 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions plugins/aws/kms/kmsDefaultKeyUsage.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ module.exports = {
'passwords, it is still strongly encouraged to use a ' +
'customer-provided CMK rather than the default KMS key.'
},
realtime_triggers: ['cloudtrail:CreateTrail', 'ec2:CreateVolume','elastictranscoder:CreatePipline', 'rds:CreateDBInstance', 'redshift:CreateCluster','redshift:ModifyCluster','s3:putBucketEncryption','ses:CreateEmailIdentity','ses:CreateEmailIdentity','ses:SetActiveReceiptRuleSet', 'workspace:CreateWorkSpaces', 'lambda:CreateFunction','lambda:UpdateFunctionConfiguration', 'cloudwatchlogs:CreateLogGroup', 'efs:CreateFileSystem'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lambda/envVarsClientSideEncryption.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ module.exports = {
default: ''
}
},
realtime_triggers: ['lambda:CreateFunction', 'lambda:UpdateFunctionConfiguration', 'lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
3 changes: 2 additions & 1 deletion plugins/aws/lambda/lambdaAdminPrivileges.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@ module.exports = {
recommended_action: 'Modify IAM role attached with Lambda function to provide the minimal amount of access required to perform its tasks',
apis: ['Lambda:listFunctions', 'IAM:listRoles', 'IAM:listAttachedRolePolicies', 'IAM:listRolePolicies',
'IAM:listPolicies', 'IAM:getPolicy', 'IAM:getPolicyVersion', 'IAM:getRolePolicy'],

realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration', 'lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/lambda/lambdaHasTags.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/lambda/latest/dg/configuration-tags.html',
recommended_action: 'Modify Lambda function configurations and add new tags',
apis: ['Lambda:listFunctions', 'ResourceGroupsTaggingAPI:getResources'],

realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lambda/lambdaLogGroups.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/lambda/latest/dg/monitoring-cloudwatchlogs.html',
recommended_action: 'Update the Lambda function permissions to allow CloudWatch logging.',
apis: ['Lambda:listFunctions', 'CloudWatchLogs:describeLogGroups'],
realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lambda/lambdaOldRuntimes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 0
}
},
realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lambda/lambdaPublicAccess.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html',
recommended_action: 'Update the Lambda policy to prevent access from the public.',
apis: ['Lambda:listFunctions', 'Lambda:getPolicy'],
realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:AddPermission', 'lambda:RemovePermission','lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lambda/lambdaTracingEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 'Aqua-CSPM-Token-Rotator-Function,-CreateCSPMKeyFunction-,-TriggerDiscoveryFunction-,-GenerateVolumeScanningEx-,-GenerateCSPMExternalIdFu-'
}
},
realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/lambda/lambdaUniqueExecutionRole.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html',
recommended_action: 'Modify Lambda function and add new execution role.',
apis: ['Lambda:listFunctions'],

realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration', 'lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lambda/lambdaVpcConfig.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 'Aqua-CSPM-Token-Rotator-Function,-CreateCSPMKeyFunction-,-TriggerDiscoveryFunction-,-GenerateVolumeScanningEx-,-GenerateCSPMExternalIdFu-'
}
},
realtime_triggers: ['lambda:CreateFunction','lambda:UpdateFunctionConfiguration','lambda:DeleteFunction'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lex/lexAudioLogsEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['lexmodelsV2:CreateBotAlias', 'lexmodelsV2:UpdateBotAlias', 'lexmodelsV2:DeleteBotAlias'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/location/geoCollectionDataEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['location:CreateGeofenceCollection', 'location:DeleteGeofenceCollection'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/location/trackerDataEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['location:CreateTracker', 'location:UpdateTracker', 'location:DeleteTracker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lookout/anomalyDetectorEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['lookoutmetrics:CreateAnomalyDetector', 'lookoutmetrics:UpdateAnomalyDetector', 'lookoutmetrics:DeleteAnomalyDetector'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lookout/equipmentdatasetEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['lookoutequipment:CreateDataset', 'lookoutequipment:DeleteDataset'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/lookout/modelDataEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['lookoutvision:CreateModel', 'lookoutvision:DeleteModel'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/managedblockchain/networkMemberDataEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk',
}
},
realtime_triggers: ['managedblockchain:CreateNetwork', 'managedblockchain:DeleteMember'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/memorydb/memorydbClusterEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk',
}
},
realtime_triggers: ['MemoryDB:CreateCluster', 'MemoryDB:DeleteCluster'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mq/mqAutoMinorVersionUpgrade.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Enabled Auto Minor Version Upgrade feature for MQ brokers',
link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker.html',
apis: ['MQ:listBrokers', 'MQ:describeBroker'],
realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBrocker', 'mq:DeleteBrocker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mq/mqBrokerEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['mq:CreateBrocker', 'mq:DeleteBrocker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mq/mqBrokerPublicAccess.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Review and update the security group settings to restrict public access to Amazon MQ brokers.',
link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/using-amazon-mq-securely.html',
apis: ['MQ:listBrokers', 'MQ:describeBroker', 'EC2:describeSecurityGroups'],
realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker', 'mq:DeleteBrocker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mq/mqDeploymentMode.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Enabled Deployment Mode feature for MQ brokers',
link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/active-standby-broker-deployment.html',
apis: ['MQ:listBrokers'],
realtime_triggers: ['mq:CreateBrocker', 'mq:UpdateBroker', 'mq:DeleteBrocker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mq/mqDesiredInstanceType.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default:''
}
},
realtime_triggers: ['mq:CreateBrocker', 'mq:DeleteBrocker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mq/mqLatestEngineVersion.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Update Amazon MQ brokers to the latest version of Apache ActiveMQ broker engine.',
link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/activemq-version-management.html',
apis: ['MQ:listBrokers', 'MQ:describeBroker'],
realtime_triggers: ['mq:CreateBrocker','mq:UpdateBrocker', 'mq:DeleteBrocker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mq/mqLogExports.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
recommended_action: 'Enable Log Exports feature for MQ brokers',
link: 'https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/security-logging-monitoring.html',
apis: ['MQ:listBrokers', 'MQ:describeBroker'],
realtime_triggers: ['mq:CreateBroker', 'mq:UpdateBroker','mq:DeleteBrocker'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/msk/mskClusterCBEncryption.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html',
recommended_action: 'Enable only TLS encryption between the client and broker for all MSK clusters',
apis: ['Kafka:listClusters'],
realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration', 'kafka:DeleteCluster'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 2 additions & 0 deletions plugins/aws/msk/mskClusterEncryptionAtRest.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ module.exports = {
default: 'awscmk',
}
},
realtime_triggers: ['kafka:CreateCluster', 'kafka:DeleteCluster'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/msk/mskClusterEncryptionInTransit.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-encryption.html',
recommended_action: 'Enable TLS encryption within the cluster for all MSK clusters',
apis: ['Kafka:listClusters'],
realtime_triggers: ['kafka:CreateCluster','kafka:UpdateClusterConfiguration','kafka:DeleteCluster'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/msk/mskClusterPublicAccess.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html',
recommended_action: 'Check for public access feature within the cluster for all MSK clusters',
apis: ['Kafka:listClusters'],
realtime_triggers: ['kafka:CreateCluster', 'kafka:DeleteCluster'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/msk/mskClusterUnauthAccess.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/msk/latest/developerguide/msk-authentication.html',
recommended_action: 'Ensure that MSK clusters does not have unauthenticated access enabled.',
apis: ['Kafka:listClusters'],
realtime_triggers: ['kafka:CreateCluster','kafka:UpdateSecurity', 'kafka:DeleteCluster'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mwaa/environmentAdminPrivileges.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ module.exports = {
recommended_action: 'Modify IAM role attached with MWAA environment to provide the minimal amount of access required to perform its tasks',
apis: ['MWAA:listEnvironments', 'MWAA:getEnvironment', 'IAM:listRoles', 'IAM:listAttachedRolePolicies', 'IAM:listRolePolicies',
'IAM:listPolicies', 'IAM:getPolicy', 'IAM:getPolicyVersion', 'IAM:getRolePolicy', 'STS:getCallerIdentity'],
realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment', 'mwaa:DeleteEnvironment'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mwaa/environmentDataEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['mwaa:CreateEnvironment', 'mwaa:DeleteEnvironment'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/mwaa/webServerPublicAccess.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-create.html',
recommended_action: 'Modify Amazon MWAA environments to set web server access mode to be private only',
apis: ['MWAA:listEnvironments', 'MWAA:getEnvironment', 'STS:getCallerIdentity'],
realtime_triggers: ['mwaa:CreateEnvironment','mwaa:UpdateEnviroment', 'mwaa:DeleteEnvironment'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/neptune/neptuneDBInstanceEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ module.exports = {
default: 'awscmk',
}
},
realtime_triggers: ['neptune:CreateDBCluster', 'neptune:DeleteDBCluster'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 2 additions & 0 deletions plugins/aws/openSearchServerless/opensearchCollectionCmkEncrypted.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ module.exports = {
default: 'awscmk'
}
},
realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearchserverless:DeleteCollection'],

run: function(cache, settings, callback) {
var results = [];
var source = {};
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/openSearchServerless/opensearchCollectionPublicAccess.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-network.html',
recommended_action: 'Update the network policy and remove the public access to the collection.',
apis: ['OpenSearchServerless:listNetworkSecurityPolicies', 'OpenSearchServerless:getNetworkSecurityPolicy', 'OpenSearchServerless:listCollections'],
realtime_triggers: ['opensearchserverless:CreateCollection', 'opensearserverless:UpdateCollection', 'opensearchserverless:DeleteCollection'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchAccessFromIps.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: ''
}
},
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchClusterStatus.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cloudwatch-alarms.html',
recommended_action: 'Configure alarms to send notification if cluster status remains red for more than a minute.',
apis: ['OpenSearch:listDomainNames', 'CloudWatch:getEsMetricStatistics', 'STS:getCallerIdentity'],
realtime_triggers: ['openSearch:CreateDomain', 'opensearch:UpdateDomainConfig','opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 2 additions & 0 deletions plugins/aws/opensearch/opensearchCrossAccountAccess.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ module.exports = {
default: 'aws:PrincipalArn,aws:PrincipalAccount,aws:PrincipalOrgID,aws:SourceAccount,aws:SourceArn,aws:SourceOwner'
},
},
realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var config= {
os_whitelisted_aws_account_principals : settings.os_whitelisted_aws_account_principals || this.settings.os_whitelisted_aws_account_principals.default,
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchDedicatedMasterEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html',
recommended_action: 'Update the domain to use dedicated master nodes.',
apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'],
realtime_triggers: ['opensearch:CreateDomain','opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchDesiredInstanceTypes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ module.exports = {
default: ''
}
},
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
const results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchDomainEncryptionEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 'awscmk',
}
},
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var config = {
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/opensearch/opensearchEncryptedDomain.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ module.exports = {
remediate: ['opensearch:UpdateDomainConfig'],
rollback: ['opensearch:UpdateDomainConfig']
},
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'],
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchExposedDomain.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html',
recommended_action: 'Update OpenSearch domain to set access control.',
apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain', 'STS:getCallerIdentity'],
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/opensearch/opensearchHttpsOnly.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ module.exports = {
remediate: ['opensearch:UpdateDomainConfig'],
rollback: ['opensearch:UpdateDomainConfig']
},
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'],
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchLoggingEnabled.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ module.exports = {
link: 'https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html',
recommended_action: 'Ensure logging is enabled and a CloudWatch log group is specified for each OpenSearch domain.',
apis: ['OpenSearch:listDomainNames', 'OpenSearch:describeDomain'],
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
2 changes: 1 addition & 1 deletion plugins/aws/opensearch/opensearchNodeToNodeEncryption.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ module.exports = {
remediate: ['opensearch:UpdateDomainConfig'],
rollback: ['opensearch:UpdateDomainConfig']
},
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig'],
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
1 change: 1 addition & 0 deletions plugins/aws/opensearch/opensearchPublicEndpoint.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ module.exports = {
default: 'false'
},
},
realtime_triggers: ['opensearch:CreateDomain', 'opensearch:UpdateDomainConfig', 'opensearch:DeleteDomain'],

run: function(cache, settings, callback) {
var results = [];
Expand Down
Loading