echo "=== 6.1.2 CIFS (Port 445) Access Audit ==="; echo -e "\nScanning ALL regions for security groups allowing unrestricted inbound CIFS (port 445) from 0.0.0.0/0 or ::/0..."; for region in $(aws ec2 describe-regions --query 'Regions[].RegionName' --output text --profile gop-ro); do echo -e "\n=== $region ==="; aws ec2 describe-security-groups --region $region --profile gop-ro --query "SecurityGroups[?length(IpPermissions[?((FromPort<= \`445\` && ToPort>= \`445\`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" --output table 2>&1 || echo "No issues or error checking region"; done; echo -e "\n=== End of 6.1.2 Audit ===\nIf any security groups appear above, they allow unrestricted CIFS access → FAIL" === 6.1.2 CIFS (Port 445) Access Audit === Scanning ALL regions for security groups allowing unrestricted inbound CIFS (port 445) from 0.0.0.0/0 or ::/0... === ap-south-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === eu-north-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === eu-west-3 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === eu-west-2 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === eu-west-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === ap-northeast-3 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === ap-northeast-2 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === ap-northeast-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === ca-central-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === sa-east-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === ap-southeast-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === ap-southeast-2 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === eu-central-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === us-east-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === us-east-2 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === us-west-1 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === us-west-2 === aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression: "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" ^ No issues or error checking region === End of 6.1.2 Audit === If any security groups appear above, they allow unrestricted CIFS access → FAIL