search

turbot / steampipe-mod-aws-compliance

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
https://hub.steampipe.io/mods/turbot/aws_compliance
Apache License 2.0
372 stars 63 forks source link

Not showing correct status of S3 is publically accessible or not #523

Closed lakshyatyagi24 closed 1 year ago

lakshyatyagi24 commented 1 year ago

Describe the bug I have checked on cloud.steampipe. It shows S3 bucket is not publically accessible but after checking over AWS Console that bucket was publically accessible.

Steampipe version (steampipe -v) Using cloud.steampipe

Plugin version (steampipe plugin list) v0.52.0

cbruno10 commented 1 year ago

Hey @lakshyatyagi24 , can you please share what control(s) you're running specifically where you're seeing unexpected results? Sharing the output would be very helpful to us as well so we can understand the issue better.

Also, can you please share how the S3 bucket you're testing is public today, e.g., bucket policy, ACLs, and share any relevant policy statements or ACL configurations (with sensitive info removed)?

Thanks!

lakshyatyagi24 commented 1 year ago

The output I received on the cloud.steampipe image

Showing Publically Accessible in S3 Bucket image

lakshyatyagi24 commented 1 year ago

Also can you please assign this to me? I want to work on it.

cbruno10 commented 1 year ago

@lakshyatyagi24 Sure! I've assigned you to the issue (FYI, for future issues, even if you're not assigned to issue, you're always free to work on it).

Also, in case this is helpful as you start working on the query, I believe this is the AWS Config rule we based the query off of - https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-public-read-prohibited.html. I'm not sure if it only mentioned ACLs at the time when we created the query or if we missed the other checks, but I believe the query should check lock Public Access settings (not sure if it's account level and/or bucket level settings), the bucket policy, and the ACLs.

Hope this helps and thanks for deciding to work on it!

github-actions[bot] commented 1 year ago

'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.'

misraved commented 1 year ago

Hello @lakshyatyagi24, any updates on this issue? Please let us know if you have any blockers or questions pertaining to this issue 👍.

khushboo9024 commented 1 year ago

Solved in https://github.com/turbot/steampipe-mod-aws-compliance/pull/548

misraved commented 1 year ago

Closed as part of https://github.com/turbot/steampipe-mod-aws-compliance/pull/548