Gary Armstrong Gary-Armstrong

## AWS Inspector Cut Columns 3,19
Finding,Recommendation
"
    Instance i-01aae074f79eaa71f is not compliant with rule 1.7.1.3 Ensure remote login warning banner is configured properly, 2.2.0 CIS CentOS Linux 7 Benchmark.

    Applicable profiles: Level 1 - Server, Level 2 - Workstation, Level 2 - Server, Level 1 - Workstation.
            ","


                        Edit the /etc/issue.net file with the appropriate contents according to your site policy, remove any instances of \m , \r , \s , or \v :
                        # echo ""Authorized uses only. All activity may be monitored and reported."" > /etc/issue.net

## AWS Inspector Cut Columns 3,12,19
Finding,Hostname,Recommendation
"
    Instance i-01aae074f79eaa71f is not compliant with rule 1.7.1.3 Ensure remote login warning banner is configured properly, 2.2.0 CIS CentOS Linux 7 Benchmark.

    Applicable profiles: Level 1 - Server, Level 2 - Workstation, Level 2 - Server, Level 1 - Workstation.
            ",qahobserver4b100,"


                        Edit the /etc/issue.net file with the appropriate contents according to your site policy, remove any instances of \m , \r , \s , or \v :
                        # echo ""Authorized uses only. All activity may be monitored and reported."" > /etc/issue.net

## AWS Inspector 28 column CSV
"Severity","Date","Finding","Target","Template","Rules Package","ARN","Rule","AWS agent ID","AMI ID","Auto Scaling Group","Hostname","IPv4 Addresses","Asset Type","Confidence","Description","Indicator of Compromise","Numeric Severity","Recommendation","Service","Assessment Run ARN","Rules Package ARN","CVSS2 Score","CVSS2 Vector","CVSS3 Score","CVSS3 Vector","CIS Weight","Last Update"
"Informational","1623439052221","
    Instance i-01aae074f79eaa71f is not compliant with rule 1.7.1.3 Ensure remote login warning banner is configured properly, 2.2.0 CIS CentOS Linux 7 Benchmark.

    Applicable profiles: Level 1 - Server, Level 2 - Workstation, Level 2 - Server, Level 1 - Workstation.
            ","FOD QA Single Server","FOD QA Single Server Quick","CIS Operating System Security Configuration Benchmarks-1.0","arn:aws:inspector:us-east-1:133124267079:target/0-2ySrzz0j/template/0-bmzg5uDv/run/0-LTXQE8O5/finding/0-TykK9h92","1.7.1.3 Ensure remote login warning banner is configured properly","i-01aae0

## gist:3c52ada53bf6f165542a3bc3c8b57455
] /usr/local/bin/terraform-0.8.1/terraform plan
2016/12/19 13:32:24 [INFO] Terraform version: 0.8.1  a54c3478b456502c19be675c17eb58309808ebc1
2016/12/19 13:32:24 [INFO] CLI args: []string{"/usr/local/bin/terraform-0.8.1/terraform", "plan"}
2016/12/19 13:32:24 [DEBUG] Detected home directory from env var: /Users/gmstrong
2016/12/19 13:32:24 [DEBUG] Detected home directory from env var: /Users/gmstrong
2016/12/19 13:32:24 [DEBUG] Attempting to open CLI config file: /Users/gmstrong/.terraformrc
2016/12/19 13:32:24 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2016/12/19 13:32:24 [DEBUG] Detected home directory from env var: /Users/gmstrong
2016/12/19 13:32:24 [TRACE] Preserving existing state lineage "df485bcd-d62a-4523-ab1c-8555445003be"
2016/12/19 13:32:24 [TRACE] Preserving existing state lineage "df485bcd-d62a-4523-ab1c-8555445003be"

## Further Termination Episodes
# Waited a bit for the Terminated & Untagged instances to disappear.
garmstrong-ml:config-qa-aws-us-east-1 gary.armstrong$ terraform plan
Refreshing Terraform state prior to plan...

aws_iam_role.wxmix_role: Refreshing state... (ID: wxmix-qa-us-east-1-wxmix_role)
aws_vpc.main: Refreshing state... (ID: vpc-b89e07dc)
aws_iam_policy.wxmix_policy: Refreshing state... (ID: arn:aws:iam::133124267079:policy/wxmix-qa-us-east-1-wxmix_policy)
aws_iam_instance_profile.wxmix_profile: Refreshing state... (ID: wxmix-qa-us-east-1-wxmix_profile)
aws_iam_policy_attachment.wxmix_policy-attach: Refreshing state... (ID: wxmix-qa-us-east-1-wxmix_policy-attach)
aws_security_group.nat: Refreshing state... (ID: sg-4b342e2d)

## Cannot Destroy
garmstrong-ml:config-qa-aws-us-east-1 gary.armstrong$ grep aws_instance terraform.tfstate
                "aws_instance.bastion": {
                    "type": "aws_instance",
garmstrong-ml:config-qa-aws-us-east-1 gary.armstrong$ terraform destroy -target=aws_instance.bastion
Do you really want to destroy?
  Terraform will delete all your managed infrastructure.
  There is no undo. Only 'yes' will be accepted to confirm.

  Enter a value: yes
	Finding,Recommendation
	"
	Instance i-01aae074f79eaa71f is not compliant with rule 1.7.1.3 Ensure remote login warning banner is configured properly, 2.2.0 CIS CentOS Linux 7 Benchmark.

	Applicable profiles: Level 1 - Server, Level 2 - Workstation, Level 2 - Server, Level 1 - Workstation.
	","


	Edit the /etc/issue.net file with the appropriate contents according to your site policy, remove any instances of \m , \r , \s , or \v :
	# echo ""Authorized uses only. All activity may be monitored and reported."" > /etc/issue.net
	Finding,Hostname,Recommendation
	"
	Instance i-01aae074f79eaa71f is not compliant with rule 1.7.1.3 Ensure remote login warning banner is configured properly, 2.2.0 CIS CentOS Linux 7 Benchmark.

	Applicable profiles: Level 1 - Server, Level 2 - Workstation, Level 2 - Server, Level 1 - Workstation.
	",qahobserver4b100,"


	Edit the /etc/issue.net file with the appropriate contents according to your site policy, remove any instances of \m , \r , \s , or \v :
	# echo ""Authorized uses only. All activity may be monitored and reported."" > /etc/issue.net
	"Severity","Date","Finding","Target","Template","Rules Package","ARN","Rule","AWS agent ID","AMI ID","Auto Scaling Group","Hostname","IPv4 Addresses","Asset Type","Confidence","Description","Indicator of Compromise","Numeric Severity","Recommendation","Service","Assessment Run ARN","Rules Package ARN","CVSS2 Score","CVSS2 Vector","CVSS3 Score","CVSS3 Vector","CIS Weight","Last Update"
	"Informational","1623439052221","
	Instance i-01aae074f79eaa71f is not compliant with rule 1.7.1.3 Ensure remote login warning banner is configured properly, 2.2.0 CIS CentOS Linux 7 Benchmark.

	Applicable profiles: Level 1 - Server, Level 2 - Workstation, Level 2 - Server, Level 1 - Workstation.
	","FOD QA Single Server","FOD QA Single Server Quick","CIS Operating System Security Configuration Benchmarks-1.0","arn:aws:inspector:us-east-1:133124267079:target/0-2ySrzz0j/template/0-bmzg5uDv/run/0-LTXQE8O5/finding/0-TykK9h92","1.7.1.3 Ensure remote login warning banner is configured properly","i-01aae0
	] /usr/local/bin/terraform-0.8.1/terraform plan
	2016/12/19 13:32:24 [INFO] Terraform version: 0.8.1 a54c3478b456502c19be675c17eb58309808ebc1
	2016/12/19 13:32:24 [INFO] CLI args: []string{"/usr/local/bin/terraform-0.8.1/terraform", "plan"}
	2016/12/19 13:32:24 [DEBUG] Detected home directory from env var: /Users/gmstrong
	2016/12/19 13:32:24 [DEBUG] Detected home directory from env var: /Users/gmstrong
	2016/12/19 13:32:24 [DEBUG] Attempting to open CLI config file: /Users/gmstrong/.terraformrc
	2016/12/19 13:32:24 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
	2016/12/19 13:32:24 [DEBUG] Detected home directory from env var: /Users/gmstrong
	2016/12/19 13:32:24 [TRACE] Preserving existing state lineage "df485bcd-d62a-4523-ab1c-8555445003be"
	2016/12/19 13:32:24 [TRACE] Preserving existing state lineage "df485bcd-d62a-4523-ab1c-8555445003be"
	# Waited a bit for the Terminated & Untagged instances to disappear.
	garmstrong-ml:config-qa-aws-us-east-1 gary.armstrong$ terraform plan
	Refreshing Terraform state prior to plan...

	aws_iam_role.wxmix_role: Refreshing state... (ID: wxmix-qa-us-east-1-wxmix_role)
	aws_vpc.main: Refreshing state... (ID: vpc-b89e07dc)
	aws_iam_policy.wxmix_policy: Refreshing state... (ID: arn:aws:iam::133124267079:policy/wxmix-qa-us-east-1-wxmix_policy)
	aws_iam_instance_profile.wxmix_profile: Refreshing state... (ID: wxmix-qa-us-east-1-wxmix_profile)
	aws_iam_policy_attachment.wxmix_policy-attach: Refreshing state... (ID: wxmix-qa-us-east-1-wxmix_policy-attach)
	aws_security_group.nat: Refreshing state... (ID: sg-4b342e2d)
	garmstrong-ml:config-qa-aws-us-east-1 gary.armstrong$ grep aws_instance terraform.tfstate
	"aws_instance.bastion": {
	"type": "aws_instance",
	garmstrong-ml:config-qa-aws-us-east-1 gary.armstrong$ terraform destroy -target=aws_instance.bastion
	Do you really want to destroy?
	Terraform will delete all your managed infrastructure.
	There is no undo. Only 'yes' will be accepted to confirm.

	Enter a value: yes