Checks/Aws/Test-GlueDataCatalogsNotPubliclyAccessible.ps1
|
function Test-GlueDataCatalogsNotPubliclyAccessible { <# .SYNOPSIS Glue Data Catalog is not publicly accessible via its resource policy .DESCRIPTION **AWS Glue Data Catalog** resource policies are assessed for configurations that expose the catalog to anyone, such as `Principal: *`, broad resource scopes, or permissive conditions. The finding highlights catalogs made public through overly permissive resource-based access. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: glue_data_catalogs_not_publicly_accessible [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check glue_data_catalogs_not_publicly_accessible for reference.', 'N/A', 'glue Resources') } |