Comments (3)
toniblyx
commented on May 14, 2024
Hi @GaboP87, thanks for your feedback. I think this is an expected behavior because all IAM credential checks are based on the IAM Credentials Report, if you see AWS documentation here (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html?icmpid=docs_iam_console and message here https://console.aws.amazon.com/iam/home?region=us-east-2#/credential_report) you well see that after a report is created, it is stored for up to four hours. Despite prowler deletes the downloaded IAM creds report once it finishes, actually if you run prowler many times within 4 hours it will get the same report, hence, same results.
If you check prowler more than 4 hours later you should see your actual results. Please, let me know if it doesn't to figure out what is going on.
from prowler.
GaboP87
commented on May 14, 2024
Hi @toniblyx ,
Completely understood. I know what you are talking about so no worries. I just did not know how prowler was working underneath.
Cheers,
Gabriel
from prowler.
toniblyx
commented on May 14, 2024
Thanks, good to see that is clear now, here you can see that part in the code:
https://github.com/Alfresco/prowler/blob/master/prowler#L401-L427
from prowler.
Related Issues (20)
- Suggestions: Check for enabled regions HOT 2
- Allow secrets to be output when explicitly asked for using a flag HOT 3
- [Bug]: prowler azure is not scanning virtual machines in azure HOT 2
- [Bug]: iam_user_console_access_unused.py checks for last password usage HOT 3
- [Bug]: Prowler killed by OOM killer when run in AWS CloudShell HOT 6
- [Feature Request] - Round Robin the base urls in the event of unavailability for indexers HOT 1
- [Bug]: Cross account sqs flagged as public/critical HOT 3
- [Bug]: Exception merging from "*" and specific account HOT 3
- [Bug]: False positive on check - "Check if SQS queues have policy set as Public" HOT 2
- Improve publicly accessible checks to include targets of ELBs HOT 7
- [Bug]: Website Down? HOT 1
- [Bug]: False positve on ec2_securitygroup_not_used with Batch Compute HOT 6
- Support py3.12 HOT 1
- [Bug]: cloudwatch_log_group_retention_policy_specific_days_enabled alert on AWS managed log group HOT 4
- Possibility to custom output file using quick inventory HOT 1
- [Bug]: Output issue HOT 9
- [Bug]: False positive on s3_bucket_policy_public_write_access HOT 1
- [Bug]: allow list reporting wrong findings HOT 3
- [Question]: AWS account security questions have been deprecated HOT 3
- [Question]: Remove S3 KMS check, since its enabed by default, and cant be disabled HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prowler.