{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":115544350,"defaultBranch":"master","name":"aws-foundations-cis-baseline","ownerLogin":"mitre","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2017-12-27T17:44:57.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/44968?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1703180214.0","currentOid":""},"activityList":{"items":[{"before":"00682042e35bf3f64f34c8a4fd62679db91e94cd","after":"9e72507d25172dbe4e0994477895651c8166571d","ref":"refs/heads/master","pushedAt":"2024-06-06T13:41:52.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"adding NOTICE\n\nSigned-off-by: Will ","shortMessageHtmlLink":"adding NOTICE"}},{"before":"6aee004e57abab16826c5e81e699147f40986431","after":"0ab48d5199eaae4f557139ad282097c5b0ea1d42","ref":"refs/heads/macie_update","pushedAt":"2023-12-21T18:07:53.000Z","pushType":"push","commitsCount":280,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"Merge branch 'master' into macie_update","shortMessageHtmlLink":"Merge branch 'master' into macie_update"}},{"before":"0eec2cc2604db6c6170ac3b87a25d60f6a0e4641","after":"6aee004e57abab16826c5e81e699147f40986431","ref":"refs/heads/macie_update","pushedAt":"2023-12-21T18:06:21.000Z","pushType":"push","commitsCount":11,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"change update major tag workflow to a yml file, update checkouts to v4, add SAF GITHUB user\n\nSigned-off-by: Emily Rodriguez ","shortMessageHtmlLink":"change update major tag workflow to a yml file, update checkouts to v…"}},{"before":null,"after":"0eec2cc2604db6c6170ac3b87a25d60f6a0e4641","ref":"refs/heads/macie_update","pushedAt":"2023-12-21T17:36:54.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"automated test for Macie\n\nSigned-off-by: Will Dower ","shortMessageHtmlLink":"automated test for Macie"}},{"before":"b59f7c3eb306b152a4b25f723dfafddb8c68c959","after":null,"ref":"refs/heads/v2_update","pushedAt":"2023-12-21T14:53:03.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"}},{"before":"a7b81389756f40494ee6af1e70e4471c1fe47485","after":"00682042e35bf3f64f34c8a4fd62679db91e94cd","ref":"refs/heads/master","pushedAt":"2023-12-20T19:27:15.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"em-c-rod","name":"Emily Rodriguez","path":"/em-c-rod","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/32680215?s=80&v=4"},"commit":{"message":"change update major tag workflow to a yml file, update checkouts to v4, add SAF GITHUB user\n\nSigned-off-by: Emily Rodriguez ","shortMessageHtmlLink":"change update major tag workflow to a yml file, update checkouts to v…"}},{"before":"f91a50802931283ae31c2a562e4224cdea030ea6","after":null,"ref":"refs/heads/em-c-rod-patch-1","pushedAt":"2023-12-20T19:11:53.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"em-c-rod","name":"Emily Rodriguez","path":"/em-c-rod","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/32680215?s=80&v=4"}},{"before":"6275a12b54344723635468cbc25c4611a9a796e1","after":"a7b81389756f40494ee6af1e70e4471c1fe47485","ref":"refs/heads/master","pushedAt":"2023-12-20T19:11:51.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"em-c-rod","name":"Emily Rodriguez","path":"/em-c-rod","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/32680215?s=80&v=4"},"commit":{"message":"Merge pull request #137 from mitre/em-c-rod-patch-1\n\nUpdate update-major-tag.txt","shortMessageHtmlLink":"Merge pull request #137 from mitre/em-c-rod-patch-1"}},{"before":null,"after":"f91a50802931283ae31c2a562e4224cdea030ea6","ref":"refs/heads/em-c-rod-patch-1","pushedAt":"2023-12-20T19:11:37.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"em-c-rod","name":"Emily Rodriguez","path":"/em-c-rod","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/32680215?s=80&v=4"},"commit":{"message":"Update update-major-tag.txt","shortMessageHtmlLink":"Update update-major-tag.txt"}},{"before":"495fff2cc0c7d1171490d8cab8fc8ce31295ae4d","after":"6275a12b54344723635468cbc25c4611a9a796e1","ref":"refs/heads/master","pushedAt":"2023-12-20T17:58:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"updated to not point at archieve, given we want this to point to our release 'v2' in a bit\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"updated to not point at archieve, given we want this to point to our …"}},{"before":"c855ccf5d85f3993c4c383e421be2facdc9808f8","after":"495fff2cc0c7d1171490d8cab8fc8ce31295ae4d","ref":"refs/heads/master","pushedAt":"2023-12-20T04:33:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"updated actions to run on master, added example action for update major v, added VERSION\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"updated actions to run on master, added example action for update maj…"}},{"before":"9ff8844cc48613a80a59f91bd9c4b5987252dc5d","after":null,"ref":"refs/heads/aws_iam_policy_fixes","pushedAt":"2023-12-20T04:31:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"}},{"before":"3afbc5d85a8551a5b8a74e161508b93c2acd1b50","after":"c855ccf5d85f3993c4c383e421be2facdc9808f8","ref":"refs/heads/master","pushedAt":"2023-12-20T04:31:55.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"Fixes to work with the current resource versions (#110)\n\n* Update aws-foundations-cis-1.1.rb\r\n\r\n* Update aws-foundations-cis-1.2.rb\r\n\r\n* Update aws-foundations-cis-1.3.rb\r\n\r\n* Update aws-foundations-cis-1.4.rb\r\n\r\n* Update aws-foundations-cis-1.1.rb\r\n\r\n* Update aws-foundations-cis-1.2.rb\r\n\r\n* Update aws-foundations-cis-1.3.rb\r\n\r\n* Update aws-foundations-cis-1.5.rb\r\n\r\n* Update aws-foundations-cis-1.8.rb\r\n\r\n* Update aws-foundations-cis-1.9.rb\r\n\r\n* Update aws-foundations-cis-1.10.rb\r\n\r\n* Update aws-foundations-cis-1.11.rb\r\n\r\n* Update aws-foundations-cis-1.12.rb\r\n\r\n* Update aws-foundations-cis-1.14.rb\r\n\r\n* Update aws-foundations-cis-1.15.rb\r\n\r\n* Update aws-foundations-cis-1.16.rb\r\n\r\n* Update aws-foundations-cis-1.17.rb\r\n\r\n* Update aws-foundations-cis-1.18.rb\r\n\r\n* Update aws-foundations-cis-3.1.rb\r\n\r\n* Update aws-foundations-cis-3.2.rb\r\n\r\n* Update aws-foundations-cis-3.3.rb\r\n\r\n* Update aws-foundations-cis-3.4.rb\r\n\r\n* Update aws-foundations-cis-3.5.rb\r\n\r\n* Update aws-foundations-cis-3.6.rb\r\n\r\n* Update aws-foundations-cis-3.7.rb\r\n\r\n* Update aws-foundations-cis-3.8.rb\r\n\r\n* Update aws-foundations-cis-3.9.rb\r\n\r\n* Update aws-foundations-cis-4.1.rb\r\n\r\n* Update aws-foundations-cis-4.1.rb\r\n\r\n* Update aws-foundations-cis-4.2.rb\r\n\r\n* Update aws-foundations-cis-4.3.rb\r\n\r\n* Update aws-foundations-cis-4.4.rb\r\n\r\n* Update aws-foundations-cis-4.5.rb\r\n\r\n* Update aws-foundations-cis-4.6.rb\r\n\r\n* Update aws-foundations-cis-4.7.rb\r\n\r\n* Update aws-foundations-cis-4.8.rb\r\n\r\n* Update aws-foundations-cis-4.9.rb\r\n\r\n* Update aws-foundations-cis-4.10.rb\r\n\r\n* Update aws-foundations-cis-4.11.rb\r\n\r\n* Update aws-foundations-cis-4.12.rb\r\n\r\n* Update aws-foundations-cis-4.13.rb\r\n\r\n* Update aws-foundations-cis-4.14.rb\r\n\r\n* Update aws-foundations-cis-4.15.rb\r\n\r\n* Update aws-foundations-cis-4.16.rb\r\n\r\n* Update aws-foundations-cis-5.4.rb\r\n\r\n* Update aws-foundations-cis-5.5.rb\r\n\r\n* Update aws-foundations-cis-1.6.rb\r\n\r\n* Update aws-foundations-cis-1.7.rb\r\n\r\n* Update aws-foundations-cis-1.13.rb\r\n\r\n* Update aws-foundations-cis-1.19.rb\r\n\r\n* Update aws-foundations-cis-1.20.rb\r\n\r\n* Update aws-foundations-cis-1.21.rb\r\n\r\n* Update aws-foundations-cis-1.22.rb\r\n\r\n* Update aws-foundations-cis-2.1.1.rb\r\n\r\n* Update aws-foundations-cis-2.1.2.rb\r\n\r\n* Update aws-foundations-cis-2.1.3.rb\r\n\r\n* Update aws-foundations-cis-2.1.4.rb\r\n\r\n* Update aws-foundations-cis-2.2.1.rb\r\n\r\n* Update aws-foundations-cis-2.3.1.rb\r\n\r\n* Update aws-foundations-cis-2.3.2.rb\r\n\r\n* Update aws-foundations-cis-2.3.3.rb\r\n\r\n* Update aws-foundations-cis-2.4.1.rb\r\n\r\n* Update aws-foundations-cis-3.10.rb\r\n\r\n* Update aws-foundations-cis-3.11.rb\r\n\r\n* Update aws-foundations-cis-5.1.rb\r\n\r\n* Update aws-foundations-cis-5.1.rb\r\n\r\n* Update aws-foundations-cis-5.2.rb\r\n\r\n* Update aws-foundations-cis-5.3.rb\r\n\r\n* Update aws-foundations-cis-5.6.rb\r\n\r\n* initial 2.0 commit\r\n\r\n* delete old 1.2 controls\r\n\r\n* Update inspec.yml\r\n\r\n* Update inspec.yml\r\n\r\n* added a simple worklfow for testing the profile\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* moved the Gemfile to the correct location\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed bug in Gemfile and .gemrc\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* removed yq for now\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added an inspec vendor prior to the check\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added a bit more debuging on our inspec env\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed inspec exec exit code, added quotes to display file names\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added a blank inputs and added it to the workflow\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed inputs\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Update inspec.yml\r\n\r\nset default value to null for user-defined inputs.\r\n\r\n* fixed tyop in the input variable\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Update README.md\r\n\r\n* ran cookstyle -a and added skip messages for controls without code yet\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added enhanced-outcomes for easier review\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Fixes and Updates to Resources from the Resource Pack\r\n\r\n* broke out the AWS Account Resources into seperate\r\n- aws_primary_contact\r\n- aws_billing_contact\r\n- aws_operations_contact\r\n- aws_security_contact\r\n\r\n* updates 1.1 and 1.2 per the resource changes\r\n\r\n* linted profile with 'cookstyle -A ...'\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed depends, linted with rufo\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Fixed profile error and typo\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated the threshold while I am fixing a bug with a resource or two\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Removed Pipeline Steps while in development\r\n\r\n* removed creating profile.json\r\n* removed inspec-plugin-list\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed slow controls\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed branch name on worklfow\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added chef lisense key for testing\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated controls for account given resource changes\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added senstive to the first two controls\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* marked MFA data sensitive\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added tests for 5.6 and added aws docs reference\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Simplified controls, added tests, fixed inputs\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* clarifying manual check in 1.3\r\n\r\nSigned-off-by: wdower \r\n\r\n* creating .gitignore\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* finishing 1.13\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* 1.7 -- expect syntax still has ugly fail messages\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* fixed inspec.yml, split out 1.7 into multiple 'it' blocks for clarity\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* updating 1.18\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* fixing 1.7 when no input is set\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding 1.19\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding test to define what the aws_iam_access_analyzer should be able to do\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* commenting out control that doesnt have a resource yet to keep pipeline working\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding 1.21 as manual review because it requires knowing if each IAM role represents an individual person or not, which isn't something AWS knows\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* added 1.22\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding disable_slow_controls caveat to 1.7\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding 1.6 -- basically a repeat of 1.5 but with an added check on what type of mfa device is in use\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding new input to catch the case of a third party data management tool\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* psuedocode for 2.1.3\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* updates for 1.20 and a few others\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* psuedocode for 2.1.1\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* fixing missing block end\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* using existing aws_s3_bucket resource to do 2.1.1\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* Mostly Done on 1.20 with some polish still needed\r\n\r\n- updated aws_region(s) plural and signle resource to include opt_in\r\n data\r\n- updated docs for aws_regions(s)\r\n- added the ability for the aws_iam_access_analyzer resource to accept\r\n its `region` param\r\n- TODO: fix aws_iam_access_analyzer param error checking with the\r\n addition of the new second `region`\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Linting with rubocop\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Updates to Gemfile and Linting\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* CIS 2.1.1\r\n\r\n- worked out most of the logical states\r\n- sitll need to work out if we only have a list of passing buckets and\r\n want to list buckets that were skipped but don't want to 'fail' the\r\ncontrol overall.\r\n- needs to be peer reviewed by 'other than author'\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added review question\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added exempt KMS key list and added to 3.8\r\n\r\nFixes #109\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added exempt KMS key list and added to 3.8\r\n\r\nFixes #109\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* clarifying the Not Applicable statement a bit\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding control for 2.1.2, borrowing pattern from 2.1.2\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* rewriting 5.5 to use only_if instead of if/else\r\n\r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\n\r\n* adding psuedocode for 2.1.4\r\n\r\nSigned-off-by: wdower \r\n\r\n* first pass for 2.3.1\r\n\r\nSigned-off-by: wdower \r\n\r\n* removing redundant test step from 2.3.1, adding 2.3.2\r\n\r\nSigned-off-by: wdower \r\n\r\n* commenting out 2.1.4 until it gets resource support so the pipeline works\r\n\r\nSigned-off-by: wdower \r\n\r\n* updating Gemfile to unpin InSpec and add aws-sdk-analyzer and train-kubernetes\r\n\r\nSigned-off-by: wdower \r\n\r\n* adding 2.3.3\r\n\r\nSigned-off-by: wdower \r\n\r\n* adding 2.4.1, modeled after the s3 bucket control code\r\n\r\nSigned-off-by: wdower \r\n\r\n* adding exempt and single rds inputs, fixing some bad references in 2.4.1\r\n\r\nSigned-off-by: wdower \r\n\r\n* updated RDS controls to use the same robust pattern as EFS and S3 checks\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing typos in RDS controls\r\n\r\nSigned-off-by: wdower \r\n\r\n* putting a floor on InSpec version, fixing typo on 2.3.x\r\n\r\nSigned-off-by: wdower \r\n\r\n* ensuring exempt rds instances not included in list of fails\r\n\r\nSigned-off-by: wdower \r\n\r\n* debugging\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* - Worked around the broken plural resource until we fix\r\n- Fixed the shared inputs so that we were actually passing empty arrays and not arrays with two quotes\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added workaround for 2.3.2 and 2.3.2 for now\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* moved to only_if with impact to get past strackstrace error\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Refactored 1.20\r\n\r\n- Only make one call to the api\r\n- calulated in scope and exempt regions\r\n- used those for processing and evaluation\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* yamllint inspec.yml\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding 4.16\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added 3.10\r\n\r\nSigned-off-by: wdower \r\n\r\n* adding 3.11, updating 3.10 to indicate that one is supposed to be testing writes vs. reads\r\n\r\nSigned-off-by: wdower \r\n\r\n* working on output to end-user\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated feedback to end user to be a bit more clear\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated syntax of 4.16 to use the expect syntax\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated syntax of 4.16 to use the expect syntax\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated syntax of 4.16 to use the expect syntax\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed broken reference links\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed broken reference links\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* should have a working 2.1.4 but could be improved by expect perhaps\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* trying to see if a bundle install will help for a bit while we are using external gem resources\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding missing bundle exec to the inspec exec\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* start of table to track progress\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* filled out status table\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* moved status table\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed typo in authors\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Update README.md\r\n\r\nnoting that 3.10 and 3.11 have a test but are being updated to match a much better resource\r\n\r\n* refactoring 3.10 and 3.11 to use updated cloudtrail resource\r\n\r\nSigned-off-by: wdower \r\n\r\n* Updated status table in readme\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Update README.md\r\n\r\nnoting that 2.1.3 needs a resource update\r\n\r\n* notes on possible organization of small macie resources vs a big complicated one\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* testing run fixes\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* hard coding the inspec-results to see if that fixes the save issue\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* one more time\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* tyring to see the path of the results file\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* 3.8 is throwing a deep stack trace and 3.1 has an uncaught aws service eception\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* refactoring 5.6 to hopefully avoid stack overflow errors\r\n\r\nSigned-off-by: wdower \r\n\r\n* adding missing 'do'\r\n\r\nSigned-off-by: wdower \r\n\r\n* refactoring 3.8 to not use describe blocks in a loop\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing function call in 3.8\r\n\r\nSigned-off-by: wdower \r\n\r\n* printing display_name instead of full ARN for 3.8\r\n\r\nSigned-off-by: wdower \r\n\r\n* filtering nils from 3.8 correctly, pretty printing output on fail\r\n\r\nSigned-off-by: wdower \r\n\r\n* testing even prettier printing\r\n\r\nSigned-off-by: wdower \r\n\r\n* removing comments\r\n\r\nSigned-off-by: wdower \r\n\r\n* updated controls for govcloud\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* removing unecessary if statement from 1.7\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing where method to use a block in 1.6\r\n\r\nSigned-off-by: wdower \r\n\r\n* typo in 1.2\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* adding correct only_if clause to 2.1.3\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* added workflow\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated inspec.yml\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixing creds\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* rubocop:lint and updated aws other workflow name\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* trying again\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding AWSRB_DEBUG for review\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding -l debug\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding sts audiance to the aws config to see if that helps our run\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding to the repo\r\n\r\nSigned-off-by: GitHub \r\n\r\n* updating 2.2.1 to use new aws_region matcher for ebs encryption\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing 1.18\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing rspec matcher in 1.18\r\n\r\nSigned-off-by: wdower \r\n\r\n* flipping logic for only_if on 1.18\r\n\r\nSigned-off-by: wdower \r\n\r\n* making 1.18 fail output prettier\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing 3.1 to support any region for its cloud trails\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding if clause for no element found case\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* 3.9 moving conditional describe to a only_if statement\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing 3.9 to use the aws_flow_log resource\r\n\r\nSigned-off-by: wdower \r\n\r\n* typo in 3.9\r\n\r\nSigned-off-by: wdower \r\n\r\n* fixing error on 2.2.1\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* cleanup\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added tests for 5.3, fixed a few small things, linted'\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* added ignore_other_regions\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed input depth error in 5.4\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* mostly finished off the 5.x requirements, 5.1 needs to be worked, the rest of the 5.x series may or may not be helped by expect\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updating testing to not disable slow controls\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* renamed util script so it was clear what it does\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated util script\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding the GITHUB_SHA that trigger the action to the workflow results files\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding upload to heimdall-demo\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* made curl a bit more quite\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* wip 5.1\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* updating 5.1 to use new filtertable logic in resource\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* fixing 5.1 to work with resource refactor\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* using local resource pack\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed rubocop issue\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixed depends\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* removed pry from testing\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* shorting sha, standarding naming and testing inputs.\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* adding short sha, and naming artifacts\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* moved the short sha calc to after repo checkout\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* removing duplicate input for remote management ports\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* adding in exemptions to 5.1\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* adding disable_slow_controls to 5.1\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* typo\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* typo, again\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* udating 5.2\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* adding only_if to control to bail if a non-AWS tool should be doing monitoring\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* adding test for 4.1.5, adding input for declaring a third-party monitoring tool\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* update script to get the list of regions from the cli\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* fixing incorrect method in 1.17\r\n\r\nSigned-off-by: Will Dower \r\n\r\n* fixed typo in 5.5 with inputs vs input...\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updated thresholds to not allow profile errors and maintain a min 10% compliance\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* updating macie control\r\n\r\nSigned-off-by: wdower \r\n\r\n* mistaken sign on govcloud check for macie\r\n\r\nSigned-off-by: wdower \r\n\r\n* updating README, removing obselete inputs\r\n\r\nSigned-off-by: wdower \r\n\r\n* cleanup -removing comments\r\n\r\nSigned-off-by: wdower \r\n\r\n* updated benchmark status table\r\n\r\nSigned-off-by: wdower \r\n\r\n* Minor Updates and Linting\r\n\r\n- added the more refined inspec inputs language from our deparment work\r\n- simplifed run example paths and made the 'files' we talk about consistant throughout the README\r\n- ran `bundle exec rake lint:auto_correct`\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* Moving Heimdall Upload in the workflow\r\n\r\n- moved the Heimdall Upload section directly after the 'Save Artifacts' given its also a save action\r\n and we want to ensure - reguarless of if we pass threshold - that we have the results of both runs\r\n in Heimdall for review.\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n* finished final readthroughs, reviewed latest test runs, removed unneeded comments, updated profile version, should be ready for merge\r\n\r\nSigned-off-by: Aaron Lippold \r\n\r\n---------\r\n\r\nSigned-off-by: Aaron Lippold \r\nSigned-off-by: wdower \r\nSigned-off-by: wdower <57142072+wdower@users.noreply.github.com>\r\nSigned-off-by: Will Dower \r\nSigned-off-by: GitHub \r\nCo-authored-by: Eugene Aronne <34140975+ejaronne@users.noreply.github.com>\r\nCo-authored-by: Aaron Lippold \r\nCo-authored-by: wdower \r\nCo-authored-by: wdower <57142072+wdower@users.noreply.github.com>","shortMessageHtmlLink":"Fixes to work with the current resource versions (#110)"}},{"before":"f83b7f934ad30322593fa4d195c12142db5ef5d4","after":"9ff8844cc48613a80a59f91bd9c4b5987252dc5d","ref":"refs/heads/aws_iam_policy_fixes","pushedAt":"2023-12-20T04:12:17.000Z","pushType":"push","commitsCount":274,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"Merge branch 'master' into aws_iam_policy_fixes","shortMessageHtmlLink":"Merge branch 'master' into aws_iam_policy_fixes"}},{"before":"138d0fd751365723dfb86edd0d9eddc5ec88cb66","after":"3afbc5d85a8551a5b8a74e161508b93c2acd1b50","ref":"refs/heads/master","pushedAt":"2023-12-20T04:07:34.000Z","pushType":"pr_merge","commitsCount":273,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"finished final readthroughs, reviewed latest test runs, removed unneeded comments, updated profile version, should be ready for merge\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"finished final readthroughs, reviewed latest test runs, removed unnee…"}},{"before":"a87d26a3acef657964245f3acbc13169d1c0e0dd","after":"f83b7f934ad30322593fa4d195c12142db5ef5d4","ref":"refs/heads/aws_iam_policy_fixes","pushedAt":"2023-12-20T03:59:26.000Z","pushType":"pr_merge","commitsCount":254,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"finished final readthroughs, reviewed latest test runs, removed unneeded comments, updated profile version, should be ready for merge\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"finished final readthroughs, reviewed latest test runs, removed unnee…"}},{"before":"d21a6b25299f703e881cd888094bfa7d510b70df","after":"b59f7c3eb306b152a4b25f723dfafddb8c68c959","ref":"refs/heads/v2_update","pushedAt":"2023-12-20T03:51:31.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"finished final readthroughs, reviewed latest test runs, removed unneeded comments, updated profile version, should be ready for merge\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"finished final readthroughs, reviewed latest test runs, removed unnee…"}},{"before":"babe92d26ca312d17bed5b4c2a7af745c8e0db06","after":"d21a6b25299f703e881cd888094bfa7d510b70df","ref":"refs/heads/v2_update","pushedAt":"2023-12-20T01:28:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"Moving Heimdall Upload in the workflow\n\n- moved the Heimdall Upload section directly after the 'Save Artifacts' given its also a save action\n and we want to ensure - reguarless of if we pass threshold - that we have the results of both runs\n in Heimdall for review.\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"Moving Heimdall Upload in the workflow"}},{"before":"15e58680e15cbe465031fb6af053807c64d46697","after":"babe92d26ca312d17bed5b4c2a7af745c8e0db06","ref":"refs/heads/v2_update","pushedAt":"2023-12-20T01:23:46.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"Minor Updates and Linting\n\n- added the more refined inspec inputs language from our deparment work\n- simplifed run example paths and made the 'files' we talk about consistant throughout the README\n- ran `bundle exec rake lint:auto_correct`\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"Minor Updates and Linting"}},{"before":"0e350a77a8d5b41f013b74a621afa813212bbfe4","after":"15e58680e15cbe465031fb6af053807c64d46697","ref":"refs/heads/v2_update","pushedAt":"2023-12-19T23:50:07.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"updated benchmark status table\n\nSigned-off-by: wdower ","shortMessageHtmlLink":"updated benchmark status table"}},{"before":"34299eee9ab3f3a5367d9369985ecfbd9b359e65","after":"0e350a77a8d5b41f013b74a621afa813212bbfe4","ref":"refs/heads/v2_update","pushedAt":"2023-12-19T23:22:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"updating README, removing obselete inputs\n\nSigned-off-by: wdower ","shortMessageHtmlLink":"updating README, removing obselete inputs"}},{"before":"7984d41b86bc7b0d8bf291454ee1192dc3139527","after":"34299eee9ab3f3a5367d9369985ecfbd9b359e65","ref":"refs/heads/v2_update","pushedAt":"2023-12-19T20:11:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"mistaken sign on govcloud check for macie\n\nSigned-off-by: wdower ","shortMessageHtmlLink":"mistaken sign on govcloud check for macie"}},{"before":"14c398288a24f5c13c164a8b50c83a0273301b34","after":"7984d41b86bc7b0d8bf291454ee1192dc3139527","ref":"refs/heads/v2_update","pushedAt":"2023-12-19T20:00:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"updating macie control\n\nSigned-off-by: wdower ","shortMessageHtmlLink":"updating macie control"}},{"before":"fc7a4a679a3fef3de83e3a4a8cfb1e4a99633e4a","after":null,"ref":"refs/heads/sk_1.3","pushedAt":"2023-12-15T03:05:04.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"}},{"before":"966eaac2159db49d7b7a177072064baec6265377","after":null,"ref":"refs/heads/inspec-aws-git","pushedAt":"2023-12-15T03:05:02.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"}},{"before":"16b50a6985ba2ea40c5c0161f4b8787f06bd5672","after":"14c398288a24f5c13c164a8b50c83a0273301b34","ref":"refs/heads/v2_update","pushedAt":"2023-12-15T02:41:44.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"updated thresholds to not allow profile errors and maintain a min 10% compliance\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"updated thresholds to not allow profile errors and maintain a min 10%…"}},{"before":"ff11c78b9266d98a822980b5adcf9ca6f0bc49d1","after":"16b50a6985ba2ea40c5c0161f4b8787f06bd5672","ref":"refs/heads/v2_update","pushedAt":"2023-12-15T02:34:51.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"fixed typo in 5.5 with inputs vs input...\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"fixed typo in 5.5 with inputs vs input..."}},{"before":"9019882a6bd5239a1721296d3c5374aca2ae0a3a","after":"ff11c78b9266d98a822980b5adcf9ca6f0bc49d1","ref":"refs/heads/v2_update","pushedAt":"2023-12-13T21:02:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"fixing incorrect method in 1.17\n\nSigned-off-by: Will Dower ","shortMessageHtmlLink":"fixing incorrect method in 1.17"}},{"before":"fff5482a674e74f805598285051f675e9113fdb8","after":"9019882a6bd5239a1721296d3c5374aca2ae0a3a","ref":"refs/heads/v2_update","pushedAt":"2023-12-13T21:01:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"aaronlippold","name":"Aaron Lippold","path":"/aaronlippold","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1486440?s=80&v=4"},"commit":{"message":"update script to get the list of regions from the cli\n\nSigned-off-by: Aaron Lippold ","shortMessageHtmlLink":"update script to get the list of regions from the cli"}},{"before":"0974429702d383c8609979db3b6488a4d3269809","after":"fff5482a674e74f805598285051f675e9113fdb8","ref":"refs/heads/v2_update","pushedAt":"2023-12-13T20:58:26.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"wdower","name":null,"path":"/wdower","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/57142072?s=80&v=4"},"commit":{"message":"adding test for 4.1.5, adding input for declaring a third-party monitoring tool\n\nSigned-off-by: Will Dower ","shortMessageHtmlLink":"adding test for 4.1.5, adding input for declaring a third-party monit…"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNi0wNlQxMzo0MTo1Mi4wMDAwMDBazwAAAARePc1f","startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNi0wNlQxMzo0MTo1Mi4wMDAwMDBazwAAAARePc1f","endCursor":"Y3Vyc29yOnYyOpK7MjAyMy0xMi0xM1QyMDo1ODoyNi4wMDAwMDBazwAAAAPJx1j1"}},"title":"Activity · mitre/aws-foundations-cis-baseline"}