Comments (7)
shivankar-madaan
commented on June 18, 2024
Hi @x1337x-sec
Thanks for reaching out. As per the current screenshot it looks like the security token is invalid. Maybe it was a temporary token which got invalidated during the scan.
For the IP Audit to run, you have to provide the ec2 instance IP, along with ssh key so it can login and run the scan.
AWS Trust Advisor output can be seen when you also add the Support Read Only role to the keys.
Hope it helps. Let me know if I can be of further help.
from cs-suite.
commented on June 18, 2024
Where do you place the ec2 instance IP and how would you scan all instances?
Is the Security Token separate to the secret key and secret ID
from cs-suite.
shivankar-madaan
commented on June 18, 2024
Currently you can scan only one IP
You can watch this here
https://www.youtube.com/watch?v=2eW-0bS0Hq8
I guess security token is when you have temporary access like session token?? Not exactly. Are you still facing the same error of token invalid
from cs-suite.
commented on June 18, 2024
Yes it is a session toke I defined it in the creds file as
[default]
aws_access_key_id = XXXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXX
aws_session_token= XXXXXXXXXXXXXXXXXXXXX
I now get the following two errors / warnings
/usr/local/lib/python2.7/site-packages/requests/init.py:80: RequestsDependencyWarning: urllib3 (1.25.10) or chardet (3.0.4) doesn't match a supported version!
RequestsDependencyWarning)
Warning: Unable to determine STS token expiration; later API calls may fail.
Note we use AWS SSO with Okta
I am still seeing errors for example:
(UnrecognizedClientException) when calling the DescribeTrails operation: The security token included in the request is invalid
Also do you have the ARN for read-only support role.
from cs-suite.
shivankar-madaan
commented on June 18, 2024
Ok I think it's just a warning, which should be fine
for the other exception arn:aws:iam::aws:policy/ReadOnlyAccess this should suffice
and add Support Role if you need Trusted Advisor checks
from cs-suite.
commented on June 18, 2024
Do you have the support role ARN?
from cs-suite.
shivankar-madaan
commented on June 18, 2024
No but I know it is AWS managed policy
SupportReadOnly I guess
from cs-suite.
Related Issues (20)
- Azure audit fails when Checking if expiry is enabled for vault secret HOT 2
- Check numbers null in AWS assessment result
- 2.x checking issue HOT 2
- UnboundLocalError: local variable 'j_res' referenced before assignment
- [Azure] Err in module "6.1: Checking if any network group allows public access to RDP"
- I want to contribute HOT 1
- Add support to AWS profiles
- Output results as XML
- modules not outputting to json HOT 2
- Python 2 -> 3 upgrade HOT 2
- How to run this in AWS Lambda?
- How can I run this without subscriptions? HOT 1
- Invalid format timestamp HOT 9
- AWS S3 bucket: region eu-west-3 outside of scope
- Azure's vm_agent() function has poorly written if-else blocks resulting in KeyError
- Curl: option -: is unknown HOT 2
- Update Scout2 HOT 1
- Can't find expired certificates listed in the report
- Unable to install CS-Suite with Pyton3 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cs-suite.