Checks/Aws/Test-EmrClusterPubliclyAccesible.ps1
|
function Test-EmrClusterPubliclyAccesible { <# .SYNOPSIS EMR cluster is not publicly accessible .DESCRIPTION **Amazon EMR clusters** are assessed for **public network exposure** by examining master and core/task node security groups for inbound rules that allow any source (`0.0.0.0/0` or `::/0`). Only active clusters are considered, and findings identify exposure via the specific security groups attached to the cluster nodes. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: emr_cluster_publicly_accesible [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check emr_cluster_publicly_accesible for reference.', 'N/A', 'emr Resources') } |