Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(terraform): Create checks for aws managed admin policy #3741

Merged
merged 1 commit into from
Oct 26, 2022
Merged

feat(terraform): Create checks for aws managed admin policy #3741

merged 1 commit into from
Oct 26, 2022

Conversation

bkblanton
Copy link
Contributor

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

Previous PR was closed because it contained unrelated commits. See: #3636

Creates checks CKV_AWS_273 and CKV_AWS_274 that disallow IAM roles and policies from using the AWS managed AdministratorAccess policy.

  • The IAMManagedAdminPolicy resource check disallows users from attaching the AWS AdministratorAccess policy to a role, user, or group.
  • The IAMManagedAdminPolicy data check disallows users from creating a data source for the AWS AdministratorAccess policy. (See this stackoverflow.)

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my feature, policy, or fix is effective and works
  • New and existing tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

@bkblanton bkblanton mentioned this pull request Oct 25, 2022
Closed
7 tasks
nimrodkor
nimrodkor approved these changes Oct 26, 2022
View reviewed changes
Copy link
Contributor

@nimrodkor nimrodkor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice, TY!

@gruebel gruebel changed the title Create checks for aws managed admin policy feat(terraform): Create checks for aws managed admin policy Oct 26, 2022
gruebel
gruebel approved these changes Oct 26, 2022
View reviewed changes
Copy link
Contributor

@gruebel gruebel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great work, thanks 🏆

@gruebel gruebel merged commit bedb854 into bridgecrewio:master Oct 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gruebel gruebel gruebel approved these changes

@nimrodkor nimrodkor nimrodkor approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bkblanton @nimrodkor @gruebel