prowler icon indicating copy to clipboard operation
prowler copied to clipboard

Published 20 hours ago verified publisher icon prowler-cloud

feat(EC2): New EC2 AWS check (#852)

Open rieck-srlabs opened this issue 9 months ago • 6 comments

Adds check to find exposed secrets in EC2 Launch Templates. Currently, Prowler does not scan EC2 Launch Templates.

Context

The existing check autoscaling_find_secrets_ec2_launch_configuration only considers EC2 AutoScaling launch configurations, which are deprecated and can no longer be created. The replacement feature - Launch Templates - is currently not checked by Prowler. However, just like launch configurations, launch templates can also contain UserData that might include secrets.

Issue #852 raised this issue in 2021 but failed to result in relevant changes to Prowler. The issue was closed due to inactivity.

Description

  • Updates the EC2 service to include launch templates, including all versions.
  • Adds check to search for secrets in EC2 launch templates
  • Adds relevant tests for EC2 service and added check
  • Adds new check to relevant compliance benchmarks, where autoscaling_find_secrets_ec2_launch_configuration was included already.
  • Updates the pentesting.md tutorial document.

Fixes #852

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

rieck-srlabs avatar May 23 '24 14:05 rieck-srlabs