search

turbot / steampipe-mod-aws-perimeter

Is your AWS perimeter secure? Use Powerpipe and Steampipe to check your AWS accounts for public resources, resources shared with untrusted accounts, insecure network configurations and more.
https://hub.powerpipe.io/mods/turbot/aws_perimeter
Apache License 2.0
106 stars 6 forks source link

Update resource policy public access controls to evaluate common conditions #9

Closed cbruno10 closed 2 years ago

cbruno10 commented 2 years ago

Is your feature request related to a problem? Please describe. When running controls, conditions are not currently evaluated, so if I have a statement like:

{
    "Principal": "*", 
    "Resource": "*", 
    "Action": "s3:PutObject", 
    "Effect": "Allow", 
    "Condition": { "StringLike": {"aws:SourceAccount": "123456789012"}}
}

The control should not alarm, but instead return ok.

Describe the solution you'd like The controls should check for common conditions like SourceArn, SourceAccount, and SourceOwner.

Describe alternatives you've considered Checking any false positives

Additional context Add any other context or screenshots about the feature request here.