From 7d47d4bb650d6be9269edfd85374a0920efcd846 Mon Sep 17 00:00:00 2001
From: erincrawford <167789571+erincrawford@users.noreply.github.com>
Date: Tue, 9 Jul 2024 15:14:30 -0500
Subject: [PATCH] Descriptions enhanced and version updated

---
 package.json                             |  2 +-
 rule-packs/aws-privilege-escalation.json | 16 ++++++++--------
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/package.json b/package.json
index 9ca3db9..c03b42e 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jupiterone/jupiterone-alert-rules",
-  "version": "0.31.0",
+  "version": "0.32.0",
   "description": "Alert rule packages for the JupiterOne platform",
   "scripts": {
     "validate": "tsx ./scripts/validate.ts"
diff --git a/rule-packs/aws-privilege-escalation.json b/rule-packs/aws-privilege-escalation.json
index 862c653..204f17f 100644
--- a/rule-packs/aws-privilege-escalation.json
+++ b/rule-packs/aws-privilege-escalation.json
@@ -181,7 +181,7 @@
   },
   {
     "name": "aws-ability-to-create-a-codestar-project-and-associate-as-project-owner",
-    "description": "Users with the codestar:CreateProject and codestar:AssociateTeamMember permissions can create a new CodeStar project and associate themselves as an Owner of the project.",
+    "description": "Users with the codestar:CreateProject and codestar:AssociateTeamMember permissions can create a new CodeStar project and associate themselves as an Owner of the project. This will attach a new policy to the user that provides access to numerous permissions for AWS services.",
     "queries": [
       {
         "name": "query0",
@@ -193,7 +193,7 @@
   },
   {
     "name": "aws-ability-to-remove-permissions-boundary-from-a-role",
-    "description": "Users with the iam:DeleteRolePermissionsBoundary permission can remove a permissions boundary from a role they have access to.",
+    "description": "Users with the iam:DeleteRolePermissionsBoundary permission can remove a permissions boundary from a role they have access to, which may increase the role's effective permissions if the permissions boundary is more restrictive than any of the role's identity-based policies.",
     "queries": [
       {
         "name": "query0",
@@ -205,7 +205,7 @@
   },
   {
     "name": "aws-ability-to-delete-an-inline-policy-from-a-role",
-    "description": "Users with the iam:DeleteRolePolicy permission can delete an inline policy from a role they have access to.",
+    "description": "Users with the iam:DeleteRolePolicy permission can delete an inline policy from a role they have access to, which may increase the role's effective permissions if the policy contains explicit deny statements allowed by any of the role's other policies.",
     "queries": [
       {
         "name": "query0",
@@ -217,7 +217,7 @@
   },
   {
     "name": "aws-ability-to-delete-an-inline-policy-from-a-user",
-    "description": "Users with the iam:DeleteUserPolicy permission can delete an inline policy from a user they have access to. ",
+    "description": "Users with the iam:DeleteUserPolicy permission can delete an inline policy from a user they have access to, which may increase the user's effective permissions if the policy contains explicit deny statements allowed by any of the user's other policies. ",
     "queries": [
       {
         "name": "query0",
@@ -229,7 +229,7 @@
   },
   {
     "name": "aws-ability-to-remove-a-managed-policy-from-a-user",
-    "description": "Users with the iam:DetachUserPolicy permission can remove a managed policy from a user they have access to.",
+    "description": "Users with the iam:DetachUserPolicy permission can remove a managed policy from a user they have access to, which may increase the role's effective permissions if the policy contains explicit deny statements allowed by any of the role's other policies.",
     "queries": [
       {
         "name": "query0",
@@ -241,7 +241,7 @@
   },
   {
     "name": "aws-ability-to-update-a-permissions-boundary-attached-to-a-user",
-    "description": "A user with the iam:PutUserPermissionsBoundary can update a permissions boundary attached to a user they have access to.",
+    "description": "Users with the iam:PutUserPermissionsBoundary can update a permissions boundary attached to a user they have access to, which may increase the user's effective permissions if the permissions boundary is more restrictive than any of the role's identity-based policies.",
     "queries": [
       {
         "name": "query0",
@@ -265,7 +265,7 @@
   },
   {
     "name": "aws-ability-to-remove-a-managed-policy-from-a-role",
-    "description": "Users with the iam:DetachRolePolicy permission can remove a managed policy from a role they have access to.",
+    "description": "Users with the iam:DetachRolePolicy permission can remove a managed policy from a role they have access to, which may increase the role's effective permissions if the policy contains explicit deny statements allowed by any of the role's other policies.",
     "queries": [
       {
         "name": "query0",
@@ -277,7 +277,7 @@
   },
   {
     "name": "aws-ability-to-update-a-permissions-boundary-attached-to-a-role",
-    "description": "A user with the iam:PutRolePermissionsBoundary can update a permissions boundary attached to a role they have access to.",
+    "description": "A user with the iam:PutRolePermissionsBoundary can update a permissions boundary attached to a role they have access to, which may increase the role's effective permissions if the permissions boundary is more restrictive than any of the role's identity-based policies.",
     "queries": [
       {
         "name": "query0",