Skip to content

Commit

Permalink
Merge branch 'main' into bump-trivy-version
Browse files Browse the repository at this point in the history
  • Loading branch information
nikpivkin authored Aug 30, 2024
2 parents 07018e5 + 7761a83 commit 90025ea
Show file tree
Hide file tree
Showing 15 changed files with 30 additions and 0 deletions.
2 changes: 2 additions & 0 deletions checks/cloud/aws/cloudtrail/enable_all_regions.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: enable-all-regions
# recommended_action: Enable Cloudtrail in all regions
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "2.5"
# input:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
# short_code: ensure-cloudwatch-integration
# recommended_action: Enable logging to CloudWatch
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "2.4"
# cis-aws-1.4:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/cloudtrail/no_public_log_access.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: no-public-log-access
# recommended_action: Restrict public access to the S3 bucket
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "2.3"
# cis-aws-1.4:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@
# short_code: require-bucket-access-logging
# recommended_action: Enable access logging on the bucket
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "2.6"
# cis-aws-1.4:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/ec2/no_public_ingress_sgr.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: no-public-ingress-sgr
# recommended_action: Set a more restrictive cidr range
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "4.1"
# - "4.2"
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/limit_root_account_usage.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: limit-root-account-usage
# recommended_action: Use lower privileged accounts instead, so only required privileges are available.
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.1"
# cis-aws-1.4:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/no_password_reuse.rego
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@
# short_code: no-password-reuse
# recommended_action: Prevent password reuse in the policy
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.10"
# cis-aws-1.4:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/no_root_access_keys.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: no-root-access-keys
# recommended_action: Use lower privileged accounts instead, so only required privileges are available.
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.12"
# cis-aws-1.4:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/no_user_attached_policies.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: no-user-attached-policies
# recommended_action: Grant policies at the group level instead.
# frameworks:
# default:
# - null
# cis-aws-1.4:
# - "1.15"
# cis-aws-1.2:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/require_lowercase_in_passwords.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: require-lowercase-in-passwords
# recommended_action: Enforce longer, more complex passwords in the policy
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.6"
# input:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/require_numbers_in_passwords.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: require-numbers-in-passwords
# recommended_action: Enforce longer, more complex passwords in the policy
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.8"
# input:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/require_symbols_in_passwords.rego
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
# short_code: require-symbols-in-passwords
# recommended_action: Enforce longer, more complex passwords in the policy
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.7"
# input:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/require_uppercase_in_passwords.rego
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@
# short_code: require-uppercase-in-passwords
# recommended_action: Enforce longer, more complex passwords in the policy
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.5"
# input:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/set_max_password_age.rego
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@
# short_code: set-max-password-age
# recommended_action: Limit the password duration with an expiry in the policy
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.11"
# input:
Expand Down
2 changes: 2 additions & 0 deletions checks/cloud/aws/iam/set_minimum_password_length.rego
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@
# short_code: set-minimum-password-length
# recommended_action: Enforce longer, more complex passwords in the policy
# frameworks:
# default:
# - null
# cis-aws-1.2:
# - "1.9"
# cis-aws-1.4:
Expand Down

0 comments on commit 90025ea

Please sign in to comment.