search

SecurityFTW / cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
GNU General Public License v3.0
1.13k stars 217 forks source link

Azure audit fails when Checking if expiry is enabled for vault secret #38

Closed josehelps closed 4 years ago

josehelps commented 5 years ago

When running a audit for Azure I get the following error:

8.2: Checking if expiry is enabled for vault secret

Traceback (most recent call last):
  File "cs.py", line 55, in <module>
    main()
  File "cs.py", line 51, in main
    azureaudit.azure_audit()
  File "/Users/xxx/workspace/cs-suite/modules/azureaudit.py", line 1580, in azure_audit
    vault_secret()
  File "/Users/xxxx/workspace/cs-suite/modules/azureaudit.py", line 1126, in vault_secret
    if key_name == 'Access':
UnboundLocalError: local variable 'key_name' referenced before assignment

Looking through the code it seems like https://github.com/SecurityFTW/cs-suite/blob/master/modules/azureaudit.py#L1126 should be checking if the key Access exists in the first hand before evaluating it eg if "Access" in key_name:

I am current running of the following commit ID from master:


Author: shivankarmadaan <shivankar.madaan@sprinklr.com>
Date:   Thu Dec 6 16:06:28 2018 +0530

    new update```
Current on OSX running current version of master for the app
josehelps commented 5 years ago

removing this condition solved the issue if key_name == 'Access':

shivankar-madaan commented 4 years ago

Closing this issue as this has been merged