Scribd
Upload
8 views

Scanning Aws Code - 0wr09y

The report details 6 violations across infrastructure security, identity and access management, and logging/monitoring found in a Terraform configuration. Resources like S3 buckets, security groups, and EC2 instances were misconfigured in ways that could leak data or allow unauthorized access. Details on the policy, resource, and location of each violation are given.

Uploaded by

Desya kristian
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Scanning Aws Code - 0wr09y

The report details 6 violations across infrastructure security, identity and access management, and logging/monitoring found in a Terraform configuration. Resources like S3 buckets, security groups, and EC2 instances were misconfigured in ways that could leak data or allow unauthorized access. Details on the policy, resource, and location of each violation are given.

Uploaded by

Desya kristian
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

ly

On
se
lU
Terrascan Scan Report
Report generated by Nessus™ Wed, 31 Jul 2024 11:59:27 SE Asia Standard Time
ria
rT
Fo
TABLE OF CONTENTS

Violations
• Identity and Access Management - allUsersReadAccess (1)................................................................................4

• Resilience - s3Versioning (1).................................................................................................................................... 5

• Logging and Monitoring - detailedMonitoringEnabledInstance (1).................................................................... 6

ly
Infrastructure Security - unrestrictedIngressAccess (1)........................................................................................7

• Infrastructure Security - ec2UsingIMDSv1 (1)........................................................................................................8

On
se
lU
ria
rT
Fo
Fo
rT
ria

Violations
lU
se
On
ly
Identity and Access Management - allUsersReadAccess (1)

Description

Misconfigured S3 buckets can leak private information to the entire internet or allow unauthorized data
tampering / deletion

Resource Type

ly
aws_s3_bucket

Policy Type

On
aws

Version

Policy File

s3AclGrants.rego
se
lU
Template Args

{"prefix":"","name":"allUsersReadAccess","access":"public-read"}
ria

Reference Id

AWS.S3Bucket.IAM.High.0377

Violation Details
rT

file.tf

Line : 40
Resource Name : insecure_bucket
Plan Root : .\
Fo

Module Name : root

Identity and Access Management - allUsersReadAccess (1) 4


Resilience - s3Versioning (1)

Description

Enabling S3 versioning will enable easy recovery from both unintended user actions, like deletes and
overwrites

Resource Type

ly
aws_s3_bucket

Policy Type

On
aws

Version

Policy File

s3Versioning.rego
se
lU
Template Args

{"prefix":""}
ria

Reference Id

AWS.S3Bucket.IAM.High.0370

Violation Details
rT

file.tf

Line : 40
Resource Name : insecure_bucket
Plan Root : .\
Fo

Module Name : root

Resilience - s3Versioning (1) 5


Logging and Monitoring - detailedMonitoringEnabledInstance (1)

Description

Ensure that detailed monitoring is enabled for EC2 instances.

Resource Type

aws_instance

ly
Policy Type

On
aws

Version

Policy File se
detailedMonitoringEnabledInstance.rego
lU
Template Args

{"prefix":""}

Reference Id
ria

AWS.AI.LM.HIGH.0070

Violation Details

file.tf
rT

Line : 5
Resource Name : insecure_instance
Plan Root : .\
Module Name : root
Fo

Logging and Monitoring - detailedMonitoringEnabledInstance (1) 6


Infrastructure Security - unrestrictedIngressAccess (1)

Description

Ensure no security groups allow ingress from 0.0.0.0/0 to ALL ports and protocols

Resource Type

aws_security_group

ly
Policy Type

On
aws

Version

Policy File

unrestrictedIngressAccess.rego
se
lU
Template Args

{"suffix":"","prefix":"","name":"unrestrictedIngressAccess","defaultValue":"<cidr>"}

Reference Id
ria

AC_AWS_0231

Violation Details

file.tf
rT

Line : 17
Resource Name : insecure_sg
Plan Root : .\
Module Name : root
Fo

Infrastructure Security - unrestrictedIngressAccess (1) 7


Infrastructure Security - ec2UsingIMDSv1 (1)

Description

EC2 instances should disable IMDS or require IMDSv2 as this can be related to the weaponization phase of
kill chain

Resource Type

ly
aws_instance

Policy Type

On
aws

Version

Policy File

ec2UsingIMDSv1.rego
se
lU
Template Args

null
ria

Reference Id

AC-AWS-NS-IN-M-1172

Violation Details
rT

file.tf

Line : 5
Resource Name : insecure_instance
Plan Root : .\
Fo

Module Name : root

Infrastructure Security - ec2UsingIMDSv1 (1) 8

You might also like