admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-04 17:53:27 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
ba03e54063a94de8155adf476dc07e5b39bca341
nuclei-templates/cloud/aws/elasticache/cache-event-notification-disabled.yaml
Prince Chaddha ea7a5969c8 Revert "chore: update TemplateMan 🤖" 
This reverts commit c31d574176.
2025-05-27 10:39:47 +08:00

60 lines
2.2 KiB
YAML
Raw Blame History

id: cache-event-notification-disabled
info:
name: ElastiCache Event Notifications - Disabled
author: DhiyaneshDK
severity: medium
description: |
Ensure that your Amazon ElastiCache clusters are configured to send event notifications via Amazon Simple Notification Service (SNS) in order to monitor your cache clusters for important events and quickly mitigate any issues with your cache system.
impact: |
Disabling ElastiCache event notifications prevents timely alerts about cluster events, such as failovers, maintenance updates, or configuration changes, which can hinder proactive incident response and monitoring.
remediation: |
To remediate the disabled ElastiCache event notifications, enable event notifications in the AWS Management Console by configuring an Amazon SNS topic to receive alerts for important cluster events.
reference:
- https://www.trendmicro.com/cloudoneconformity-staging/knowledge-base/aws/ElastiCache/enable-cluster-event-notifications.html
- https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/ECEvents.SNS.html
tags: cloud,devops,aws,amazon,elasticache,aws-cloud-config
variables:
region: "us-west-2"
flow: |
code(1)
for(let CacheClusterId of iterate(template.cacheclusterids)){
set("cacheclusterid", CacheClusterId)
code(2)
}
self-contained: true
code:
- engine:
- sh
- bash
source: |
aws elasticache describe-cache-clusters --region $region --output json --query 'CacheClusters[*].CacheClusterId'
extractors:
- type: json
name: cacheclusterids
internal: true
json:
- '.[]'
- engine:
- sh
- bash
source: |
aws elasticache describe-cache-clusters --region $region --cache-cluster-id $cacheclusterid --query 'CacheClusters[*].NotificationConfiguration.TopicArn' --output json
matchers:
- type: word
words:
- '[]'
extractors:
- type: dsl
dsl:
- 'replicationgroup + " ElastiCache Event Notifications is Disabled"'
# digest: 490a0046304402202b9deda0c6b4321d8571bf7d8b1a54f9aa019ef0612a7b4298e38d2f461e09f402205458f6f3f1d4e80a2b8c5902efc7b558675ec394a8148ab12e6ad378d8ce47aa:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink