Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Improves 'Access Keys Not Rotated' check #1613

Merged
merged 1 commit into from
May 8, 2024
Merged

Improves 'Access Keys Not Rotated' check #1613

merged 1 commit into from
May 8, 2024

Conversation

rieck-srlabs
Copy link
Contributor

Description

  • Updates azure-mgmt-storage dependency to 17.0.0. Needed because the version currently used in ScoutSuite does not support checking if a storage account support access keys or not.
  • Only consider storage accounts that allow access key access in the 'Access Keys Not Rotated' Azure rule
  • Display the access key status in the UI

Fixes #1609

Type of change

Select the relevant option(s):

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works (optional)
  • New and existing unit tests pass locally with my changes

@rieck-srlabs
Improves 'Access Keys Not Rotated' check
22c5bf6 
- Updates azure-mgmt-storage to 17.0.0
- Only consider storage accounts that allow access key access for the check
- Display the access key status in the results
@fernando-gallego fernando-gallego self-assigned this May 8, 2024
@fernando-gallego fernando-gallego merged commit 902bf36 into nccgroup:develop May 8, 2024
@rieck-srlabs rieck-srlabs deleted the bugfix/1609-ignore-storage-accounts-without-access-keys branch May 13, 2024 08:21
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees

@fernando-gallego fernando-gallego

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rieck-srlabs @fernando-gallego