Comments (8)
ok, I got it now! Thanks for the detailed explanation @jamestford. I didn't think on that use case like yours and makes a lot of sense to add "--output" to all prowler commands to force the output I want and prevent taking default values that may incur in wrong results. Does it make sense?
from prowler.
Okay, looks like this is an issue when using table output rather than json output based on the way the query action returns results. If you use json the policy will be scored correctly.
from prowler.
Hi @jamestford, thanks for your feedback. I have just tested it again and it works fine. What do you mean with table vs json? If you look at the code from here https://github.com/Alfresco/prowler/blob/master/prowler#L534 prowler checks just the output of each particular value in lowercase (true or false) unless you change the default output format it should work.
from prowler.
When running aws from the command line you can tell it to output to json format or in table format. I had it set for table since it is more human readable (details here: http://docs.aws.amazon.com/cli/latest/userguide/controlling-output.html). But I noticed prowler would fail using the table format using the --query option, but when switching to json the --query option worked property (i.e., --query 'PasswordPolicy.RequireSymbols' ). When I get back to my test machine I can provide some screenshots. Thanks for the response!
from prowler.
I got your point, but you don't need to change anything on the command line to get prowler proper results. Prowler does queries and filter results in different formats depending on each test. Or am I missing something?
from prowler.
from prowler.
from prowler.
Fixed with PR #67
from prowler.
Related Issues (20)
- [Bug]: AWS privilege escalation false positives
- [Bug]: Check failing due to IAM Roles created by AWS Control Tower and AFT with AdministratorAccess policy HOT 1
- [AWS] Include record name in Route 53 dangling IP Status Extended output
- Semicolons used in descriptions break CSV import process - remediation required HOT 4
- [Bug]: AWS inline policies not considered for various checks HOT 2
- Unable to run kubernetes Scan HOT 3
- [Bug]: efs_not_publicly_accessible does not consider recommended AWS condition. HOT 3
- [Bug]: Encoding issue with Dashboard on Prowler 4.1.0 - Aces High HOT 6
- Look for externally shared DynamoDB Tables HOT 1
- Add support for AWS Lightsail resource HOT 1
- [Bug]: Unable to access the prowler dashboard from aws ec2 instance which has public IP HOT 4
- [Bug]: csv output is empty (only column names) HOT 4
- Add configuration for secret related checks HOT 6
- CIS 2.1.0 output has missing checks [Bug]: HOT 4
- [Bug]: empty json-ocsf output in 4.1.0 HOT 7
- [Bug]: efs_not_publicly_accessible check based on misunderstanding? HOT 5
- [Bug]: V4 sends muted fails to Security Hub HOT 2
- Support for custom metadata fields HOT 2
- [Bug]: Security group name missing from new json-oscf format HOT 5
- [Bug]: Separate Checks for Expired and Near-Expiration ACM Certificates HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prowler.