v4.4.3

4.4.3

2023/03/10

New feature

• Display EC2 OS info and improve filter
• Pattern: add rule has_attribute_contain*
• Add --only-dangerous-actions for iam verb

Fixtures

• Fix --layer and add Usage in README

v4.4.1

AWS-TOWER

4.4.1

2023/01/10

New feature

• Add Lambda object, displayed in draw for API Gateway
• Add -o|--output to save JSON audit and discovery in the specified file

4.4.0

2023/01/06

New feature

• Add --limit and --all for draw

Changes

• Add Public ELB rule

v4.3.0

AWS-TOWER

4.3.0

2022/09/08

New feature

• Add draw verb : aws-tower draw <my-profile> to display a threat map

Changes

• Dissociate IAM services and actions, easier to read and understand findings
• whitelist more IAM actions as readers and not poweruser
• Add more retryier in lambda monitoring and split in another lambda child
• Update deprecated RDS/EKS engine in rules

Fixtures

• Fix iam_scan to use min-rights

v4.2.2

AWS-TOWER

4.2.2

2022/08/24

New feature

• Add 'Endpoint Service has untrusted account in principals' rule
• Add option -p|--list-profiles to list available profiles

Changes

• Detect SSH keys issues if creation time > 6 months
• Remove -n|--name option

Fixtures

• Handle boto3 errors with pretty output (sso and more)

v4.1.0

AWS-TOWER

4.1.0

2022/04/21

New feature

• Add VPC Peering
• Add VPC Endpoint services
• Add VPC VPN
• Add multiple dangerous actions

Changes

• Lower severity for S3 IgnorePublicACLs medium -> low

Fixtures

• Fix missing asset_id in lambda monitoring
• Factorize Pattern compilation for audit