Comments (10)
jfagoagas
commented on June 25, 2024
1
@s4mur4i thanks for testing it, @sergargar will take a look at it later today.
Thanks for using Prowler ๐
from prowler.
s4mur4i
commented on June 25, 2024
Also with debug log level, not much help:
2024-05-22 13:36:47,198 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_cluster_admin_usage
2024-05-22 13:36:47,202 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_csr_approval_access
Something went wrong in rbac_minimize_csr_approval_access, please use --log-level ERROR
2024-05-22 13:36:47,203 [File: check.py:464] [Module: check] ERROR: rbac_minimize_csr_approval_access -- AttributeError[23]: 'list' object has no attribute 'values'
2024-05-22 13:36:47,205 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_node_proxy_subresource_access
Something went wrong in rbac_minimize_node_proxy_subresource_access, please use --log-level ERROR
2024-05-22 13:36:47,205 [File: check.py:464] [Module: check] ERROR: rbac_minimize_node_proxy_subresource_access -- AttributeError[23]: 'list' object has no attribute 'values'
Something went wrong in rbac_minimize_pod_creation_access, please use --log-level ERROR
2024-05-22 13:36:47,248 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_pod_creation_access
2024-05-22 13:36:47,248 [File: check.py:464] [Module: check] ERROR: rbac_minimize_pod_creation_access -- AttributeError[15]: 'list' object has no attribute 'values'
2024-05-22 13:36:47,252 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_pv_creation_access
Something went wrong in rbac_minimize_pv_creation_access, please use --log-level ERROR
2024-05-22 13:36:47,252 [File: check.py:464] [Module: check] ERROR: rbac_minimize_pv_creation_access -- AttributeError[24]: 'list' object has no attribute 'values'
Something went wrong in rbac_minimize_secret_access, please use --log-level ERROR
2024-05-22 13:36:47,255 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_secret_access
2024-05-22 13:36:47,256 [File: check.py:464] [Module: check] ERROR: rbac_minimize_secret_access -- AttributeError[15]: 'list' object has no attribute 'values'
2024-05-22 13:36:47,259 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_service_account_token_creation
Something went wrong in rbac_minimize_service_account_token_creation, please use --log-level ERROR
2024-05-22 13:36:47,259 [File: check.py:464] [Module: check] ERROR: rbac_minimize_service_account_token_creation -- AttributeError[23]: 'list' object has no attribute 'values'
2024-05-22 13:36:47,262 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_webhook_config_access
Something went wrong in rbac_minimize_webhook_config_access, please use --log-level ERROR
2024-05-22 13:36:47,263 [File: check.py:464] [Module: check] ERROR: rbac_minimize_webhook_config_access -- AttributeError[26]: 'list' object has no attribute 'values'
2024-05-22 13:36:47,265 [File: check.py:456] [Module: check] DEBUG: Executing check: rbac_minimize_wildcard_use_roles
Something went wrong in rbac_minimize_wildcard_use_roles, please use --log-level ERROR
2024-05-22 13:36:47,265 [File: check.py:464] [Module: check] ERROR: rbac_minimize_wildcard_use_roles -- AttributeError[9]: 'list' object has no attribute 'values'
2024-05-22 13:36:47,268 [File: check.py:456] [Module: check] DEBUG: Executing check: scheduler_bind_address
2024-05-22 13:36:47,270 [File: check.py:456] [Module: check] DEBUG: Executing check: scheduler_profiling
from prowler.
sergargar
commented on June 25, 2024
Hi @s4mur4i , thanks for reaching us out! We will fix these errors shortly and let you know when it is ready ๐
from prowler.
sergargar
commented on June 25, 2024
@s4mur4i the above PR has the fixes for those errors, could you try it out, please?
from prowler.
s4mur4i
commented on June 25, 2024
We are currently using the public ECR repo. can you generate a testing tag there to try it?
from prowler.
sergargar
commented on June 25, 2024
Sure @s4mur4i you can use the tag public.ecr.aws/prowler-cloud/prowler:latest, let me know if it works.
from prowler.
s4mur4i
commented on June 25, 2024
@sergargar it looks better, but stll see one error:
2024-05-23 07:23:07,783 [File: check.py:463] [Module: check] ERROR: core_minimize_net_raw_capability_admission -- TypeError[16]: argument of type 'NoneType' is not iterable
-> Scan completed! |โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ| 83/83 [100%] in 9.6s
Overview Results:
โญโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโฎ
โ 11.98% (460) Failed โ 86.41% (3319) Passed โ 0.0% (0) Muted โ
should i open separate ticket for that?
from prowler.
s4mur4i
commented on June 25, 2024
@sergargar I am not sure the Pr fixed the issue:
_
_ __ _ __ _____ _| | ___ _ __
| '_ \| '__/ _ \ \ /\ / / |/ _ \ '__|
| |_) | | | (_) \ V V /| | __/ |
| .__/|_| \___/ \_/\_/ |_|\___|_|v4.1.0
|_| the handy multi-cloud security tool
Date: 2024-05-23 15:03:45
-> Using the Kubernetes credentials below:
ยท Kubernetes Pod: prowler
ยท Namespace: cloud
-> Using the following configuration:
ยท Config File: /home/prowler/.local/lib/python3.12/site-packages/prowler/config/config.yaml
Executing 83 checks, please wait...
Something went wrong in core_minimize_net_raw_capability_admission, please use --log-level ERROR
2024-05-23 15:03:54,158 [File: check.py:463] [Module: check] ERROR: core_minimize_net_raw_capability_admission -- TypeError[21]: argument of type 'NoneType' is not iterable
-> Scan completed! |โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ| 83/83 [100%] in 10.1s
Overview Results:
โญโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโฎ
โ 11.95% (462) Failed โ 86.44% (3341) Passed โ 0.0% (0) Muted โ
โฐโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโโโโโโโดโโโโโโโโโโโโโโโโโฏ
Context In-Cluster Scan Results (severity columns are for fails only):
โญโโโโโโโโโโโโโฌโโโโโโโโโโโโฌโโโโโโโโโโโโโฌโโโโโโโโโโโโโฌโโโโโโโโโฌโโโโโโโโโโโฌโโโโโโโโฌโโโโโโโโโโฎ
โ Provider โ Service โ Status โ Critical โ High โ Medium โ Low โ Muted โ
โโโโโโโโโโโโโโผโโโโโโโโโโโโผโโโโโโโโโโโโโผโโโโโโโโโโโโโผโโโโโโโโโผโโโโโโโโโโโผโโโโโโโโผโโโโโโโโโโค
โ kubernetes โ core โ FAIL (399) โ 0 โ 399 โ 0 โ 0 โ 0 โ
โโโโโโโโโโโโโโผโโโโโโโโโโโโผโโโโโโโโโโโโโผโโโโโโโโโโโโโผโโโโโโโโโผโโโโโโโโโโโผโโโโโโโโผโโโโโโโโโโค
โ kubernetes โ kubelet โ PASS (0) โ 0 โ 0 โ 0 โ 0 โ 0 โ
โโโโโโโโโโโโโโผโโโโโโโโโโโโผโโโโโโโโโโโโโผโโโโโโโโโโโโโผโโโโโโโโโผโโโโโโโโโโโผโโโโโโโโผโโโโโโโโโโค
โ kubernetes โ RBAC โ FAIL (63) โ 0 โ 63 โ 0 โ 0 โ 0 โ
โฐโโโโโโโโโโโโโดโโโโโโโโโโโโดโโโโโโโโโโโโโดโโโโโโโโโโโโโดโโโโโโโโโดโโโโโโโโโโโดโโโโโโโโดโโโโโโโโโโฏ
* You only see here those services that contains resources.
using latest image tag with image pull policy always
from prowler.
sergargar
commented on June 25, 2024
Sorry @s4mur4i, you're right, I have created another PR solving the issue. I'll let you know when it is merged.
from prowler.
sergargar
commented on June 25, 2024
@s4mur4i let me know if it works now, thanks again!
from prowler.
Related Issues (20)
- [Bug]: Unix timestamp not working
- [Bug]: Pre-commit Execution Failure Due to Missing TruffleHog Dependency HOT 1
- Check28 Fails despite key rotation activated HOT 3
- Join the Prowler Slack Community!
- [Bug]: ec2_securitygroup_default_restrict_traffic Triggers on unused, default security groups HOT 3
- [Bug]: 'NoneType' object has no attribute 'client' with Prowler 4.2.1 HOT 10
- [Bug]: Inconsistent severity assigned to iam_no_custom_policy_permissive_role_assumption HOT 3
- [Bug]: Unable to generate pydantic-core schema for <class 'prowler.lib.check.compliance_models.CIS_Requirement_Attribute_Profile'>. HOT 15
- [Bug]: [File: azure_provider.py:333] [Module: azure_provider] CRITICAL: It was not possible to retrieve any subscriptions, please check your permission assignments HOT 3
- [Bug]: Missing docker image for ARM HOT 2
- [Bug]: Trusted Advisor checks does not complete when access is denied
- Stuck in Poetry install HOT 4
- [Bug]: Dashboard overview no longer has pages HOT 2
- [Bug]: Unable to filter muted findings in HTML output HOT 3
- [Bug]: HTML outputs no filters
- [Bug]: Prowler gets stuck / fails when running Lambda check against account with LZA HOT 1
- [Bug]: with the -B option o not create the report in S3 in HTML format, HOT 2
- [Bug]: Assume Role Region is not valid for GovCloud Regions HOT 2
- [Bug]: parameter --checks is not honored anymore since v4.2.4 HOT 5
- [Bug]: False Positive on check s3_bucket_public_access when Conditions in Policy HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prowler.