search

turbot / steampipe-mod-alicloud-compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS across all of your Alibaba Cloud accounts using Powerpipe and Steampipe.
https://hub.powerpipe.io/mods/turbot/alicloud_compliance
Apache License 2.0
8 stars 3 forks source link

Add control 1.15 #47

Closed jurajsucik closed 1 year ago

jurajsucik commented 2 years ago

Is your feature request related to a problem? Please describe. missing control 1.15

Describe the solution you'd like this is the SQL query that can be reused:

select
  policy_name,
  policy_type,
  action,
  s ->> 'Effect' as effect
from
  alicloud_ram_policy,
  jsonb_array_elements(policy_document_std -> 'Statement') as s,
  jsonb_array_elements_text(s -> 'Action') as action
where 
  policy_type = 'Custom' and
  action in ('*', '*:*')
  and s ->> 'Effect' = 'Allow';

if the number of results if higher than 0 those are findings.

github-actions[bot] commented 1 year ago

'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.'

github-actions[bot] commented 1 year ago

'This issue was closed because it has been stalled for 90 days with no activity.'