Comments (4)
Other great catch @virtualjj! We also use STS but I wrote an internal tool that writes that credentials including the token to ~/.aws/credentials like:
[customprofile]
aws_access_key_id=YYYY
aws_secret_access_key=XXXX
aws_session_token=ZZZZ
Then you can run prowler using ./prowler -p customprofile -r us-east-1. I might add the capability to read environment variables as well in case ~/.aws/credentials is not properly configured. WDYT?
from prowler.
I have tested using env variables with token and it works without using --profile option so it won't work in prowler as it is now. So any custom profile has to be declared in ~/.aws/credentials
from prowler.
Got it thanks! As a workaround I just simply created a temporary user in the target account to perform the audit.
from prowler.
Cool!
from prowler.
Related Issues (20)
- Check28 Fails despite key rotation activated HOT 3
- Join the Prowler Slack Community!
- [Bug]: ec2_securitygroup_default_restrict_traffic Triggers on unused, default security groups HOT 3
- [Bug]: 'NoneType' object has no attribute 'client' with Prowler 4.2.1 HOT 10
- [Bug]: Inconsistent severity assigned to iam_no_custom_policy_permissive_role_assumption HOT 3
- [Bug]: Unable to generate pydantic-core schema for <class 'prowler.lib.check.compliance_models.CIS_Requirement_Attribute_Profile'>. HOT 15
- [Bug]: [File: azure_provider.py:333] [Module: azure_provider] CRITICAL: It was not possible to retrieve any subscriptions, please check your permission assignments HOT 3
- [Bug]: Missing docker image for ARM HOT 2
- [Bug]: Trusted Advisor checks does not complete when access is denied
- Stuck in Poetry install HOT 4
- Dashboard overview no longer has pages HOT 2
- [Bug]: Unable to filter muted findings in HTML output HOT 3
- HTML outputs no filters
- Prowler gets stuck / fails when running Lambda check against account with LZA HOT 1
- [Bug]: with the -B option o not create the report in S3 in HTML format, HOT 2
- [Bug]: Assume Role Region is not valid for GovCloud Regions HOT 2
- [Bug]: parameter --checks is not honored anymore since v4.2.4 HOT 5
- [Bug]: False Positive on check s3_bucket_public_access when Conditions in Policy HOT 4
- [Bug]: Prowler Dashboard in Kubernetes CronJob HOT 3
- [Bug]: Subnets with No Resource misses evaluation by Prowler for VPC HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prowler.