cloudmapper icon indicating copy to clipboard operation
cloudmapper copied to clipboard

Published 20 hours ago verified publisher icon duo-labs

Request updated policyuniverse version

Open jantman opened this issue 5 years ago • 3 comments

Hello,

We have a few S3 buckets which use Bucket Policies to allow read access (List and Get) to our AWS Organization. Cloudmapper is currently flagging these buckets as public. This was a bug in policyuniverse - https://github.com/Netflix-Skunkworks/policyuniverse/issues/14 that was fixed in https://github.com/Netflix-Skunkworks/policyuniverse/commit/5f17ba0efa9999c51b45202f59903ae10c97986e on March 4, 2019, and released in policyuniverse 1.3.0.1 on March 22, 2019.

However, cloudmapper is using policyuniverse 1.1.0.1, which was released on November 4, 2017 and is 8 versions old.

Would it be possible to have the policyuniverse version bumped to something more current?

Thanks!

jantman avatar Mar 16 '20 12:03 jantman

Nice find. Thank you. I'll make the update.

0xdabbad00 avatar Mar 17 '20 06:03 0xdabbad00

Thanks so much!

jantman avatar Mar 17 '20 11:03 jantman

Hello @0xdabbad00 and @jantman , I believe we can close this issue/bug, since cloudmapper is using a newer version higher than 1.3.0.1 https://github.com/duo-labs/cloudmapper/blob/bebf0d1a8f785b5d99995a9f120426b6ab3df4ee/requirements.txt#L23

w0rmr1d3r avatar Mar 09 '21 16:03 w0rmr1d3r