Devolutions.CIEM

0.3.28

Checks/Aws/Test-CognitoIdentityPoolGuestAccessDisabled.ps1

                                function Test-CognitoIdentityPoolGuestAccessDisabled {

    <#

    .SYNOPSIS

        Cognito identity pool has guest access disabled

    .DESCRIPTION

        **Amazon Cognito identity pools** are evaluated for **guest access** to unauthenticated identities. The assessment considers the `allow_unauthenticated_identities` setting and whether an unauthenticated role can be assumed by guests.

    .PARAMETER Check

        CIEMCheck object containing check metadata.

    #>

    [CmdletBinding()]

    [OutputType([PSCustomObject[]])]

    param(

        [Parameter(Mandatory)]

        [CIEMCheck]$Check

    )

    $ErrorActionPreference = 'Stop'

    # TODO: Implement check logic based on Prowler check: cognito_identity_pool_guest_access_disabled

    [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check cognito_identity_pool_guest_access_disabled for reference.', 'N/A', 'cognito Resources')

}