False positive on 1.24 Config Rule

Question

False positive on 1.24 Config Rule

asagage opened this issue 8 years ago · 4 comments

The Rule 1.24 Lambda function is returning a false positive for policies containing "*" anywhere in the action.

The policy should be looking for an exact match, but it is matching if the field contains * even if it is something like "ec2:*".

Answer 1 · 2017-03-30T17:22:57.000Z

Looking into this.

Answer 2 · 2017-03-30T17:57:06.000Z

Can you verify that you have the latest version of the script since I believe this was fixed a while ago.
If you have the latest, can you post the policy in question without potential sensitive information so I can verify since it is not failing in my tests.

Answer 3 · 2017-04-07T17:28:51.000Z

Just checking if you had a chance to look at my question above?

Answer 4 · 2017-04-25T05:18:23.000Z

Closing due to no response