Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(aws): add fixers for threat detection checks #7085

Merged
merged 1 commit into from
Mar 3, 2025
Merged

feat(aws): add fixers for threat detection checks #7085

merged 1 commit into from
Mar 3, 2025

Conversation

MrCloudSec
Copy link
Member

Description

Add fixers for threat detection checks that will restrict access to the compromised IAM entity by attaching a deny all policy.

Checklist

API

  • Verify if API specs need to be regenerated.
  • Check if version updates are required (e.g., specs, Poetry, etc.).
  • Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@MrCloudSec MrCloudSec requested review from a team as code owners March 3, 2025 12:17
@github-actions github-actions bot added the provider/aws Issues/PRs related with the AWS provider label Mar 3, 2025
jfagoagas
jfagoagas previously requested changes Mar 3, 2025
View reviewed changes
Copy link
Member

@jfagoagas jfagoagas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that tests for fixers are missing, please @MrCloudSec review it when you get a chance.

@codecov Codecov
Copy link

codecov bot commented Mar 3, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 33.33333% with 6 lines in your changes missing coverage. Please review.

Project coverage is 88.76%. Comparing base (8db442d) to head (e029627).
Report is 4 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7085      +/-   ##
==========================================
- Coverage   88.76%   88.76%   -0.01%     
==========================================
  Files        1207     1207              
  Lines       35035    35041       +6     
==========================================
+ Hits        31098    31103       +5     
- Misses       3937     3938       +1
Flag Coverage Δ
prowler 88.76% <33.33%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
prowler 88.76% <33.33%> (-0.01%) ⬇️
api ∅ <ø> (∅)

@MrCloudSec MrCloudSec requested a review from jfagoagas March 3, 2025 13:17
puchy22
puchy22 approved these changes Mar 3, 2025
View reviewed changes
Copy link
Member

@puchy22 puchy22 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! ✅

@MrCloudSec MrCloudSec dismissed jfagoagas’s stale review March 3, 2025 13:20

Ticket was created to add the tests soon.

@MrCloudSec MrCloudSec merged commit 48c2c85 into master Mar 3, 2025
11 of 12 checks passed
@MrCloudSec MrCloudSec deleted the add-threat-detection-fixers branch March 3, 2025 13:20
cesararroba pushed a commit that referenced this pull request Mar 3, 2025
@MrCloudSec @cesararroba
feat(aws): add fixers for threat detection checks (#7085)
96cae5e
andoniaf pushed a commit that referenced this pull request Mar 4, 2025
@MrCloudSec @andoniaf
feat(aws): add fixers for threat detection checks (#7085)
b76cb57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@puchy22 puchy22 puchy22 approved these changes

@jfagoagas jfagoagas Awaiting requested review from jfagoagas

Assignees
No one assigned
Labels
provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MrCloudSec @jfagoagas @puchy22