Possible Broken Dashboard

I setup this tool to run locally using docker. I setup ReadOnlyAccess Policy for AWS:

I now have the final report and I noticed the following sections don't open:

Scout2
IP Audit
AWS Trust Advisor

Any idea why?

I also noticed this during the scan might have something to do with it:

For the other reports to work I have to right click and open in new tab.

[shivankar-madaan]

Hi @x1337x-sec
Thanks for reaching out. As per the current screenshot it looks like the security token is invalid. Maybe it was a temporary token which got invalidated during the scan.

For the IP Audit to run, you have to provide the ec2 instance IP, along with ssh key so it can login and run the scan.
AWS Trust Advisor output can be seen when you also add the Support Read Only role to the keys.

Hope it helps. Let me know if I can be of further help.

Where do you place the ec2 instance IP and how would you scan all instances?

Is the Security Token separate to the secret key and secret ID

[shivankar-madaan]

Currently you can scan only one IP
You can watch this here
https://www.youtube.com/watch?v=2eW-0bS0Hq8

I guess security token is when you have temporary access like session token?? Not exactly. Are you still facing the same error of token invalid

Yes it is a session toke I defined it in the creds file as

[default]
aws_access_key_id = XXXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXX
aws_session_token= XXXXXXXXXXXXXXXXXXXXX

I now get the following two errors / warnings

/usr/local/lib/python2.7/site-packages/requests/init.py:80: RequestsDependencyWarning: urllib3 (1.25.10) or chardet (3.0.4) doesn't match a supported version!
RequestsDependencyWarning)
Warning: Unable to determine STS token expiration; later API calls may fail.

Note we use AWS SSO with Okta

I am still seeing errors for example:

(UnrecognizedClientException) when calling the DescribeTrails operation: The security token included in the request is invalid

Also do you have the ARN for read-only support role.

[shivankar-madaan]

Ok I think it's just a warning, which should be fine

for the other exception arn:aws:iam::aws:policy/ReadOnlyAccess this should suffice
and add Support Role if you need Trusted Advisor checks

Do you have the support role ARN?

[shivankar-madaan]

No but I know it is AWS managed policy
SupportReadOnly I guess