diff --git a/prowler/lib/outputs/json.py b/prowler/lib/outputs/json.py index 4733fd5b..adea78ba 100644 --- a/prowler/lib/outputs/json.py +++ b/prowler/lib/outputs/json.py @@ -8,11 +8,17 @@ from prowler.config.config import ( timestamp_utc, ) from prowler.lib.logger import logger -from prowler.lib.outputs.models import Compliance, ProductFields, Resource, Severity +from prowler.lib.outputs.models import ( + Compliance, + ProductFields, + Resource, + Severity, + get_check_compliance, +) from prowler.lib.utils.utils import hash_sha512, open_file -def fill_json_asff(finding_output, audit_info, finding): +def fill_json_asff(finding_output, audit_info, finding, output_options): # Check if there are no resources in the finding if finding.resource_arn == "": if finding.resource_id == "": @@ -40,14 +46,22 @@ def fill_json_asff(finding_output, audit_info, finding): Region=finding.region, ) ] - # Check if any Requirement has > 64 characters - check_types = [] - for type in finding.check_metadata.CheckType: - check_types.extend(type.split("/")) + # Iterate for each compliance framework + compliance_summary = [] + associated_standards = [] + check_compliance = get_check_compliance(finding, "aws", output_options) + for key, value in check_compliance.items(): + associated_standards.append({"StandardsId": key}) + item = f"{key} {' '.join(value)}" + if len(item) > 64: + item = item[0:63] + compliance_summary.append(item) + # Add ED to PASS or FAIL (PASSED/FAILED) finding_output.Compliance = Compliance( Status=finding.status + "ED", - RelatedRequirements=check_types, + AssociatedStandards=associated_standards, + RelatedRequirements=compliance_summary, ) finding_output.Remediation = { "Recommendation": finding.check_metadata.Remediation.Recommendation diff --git a/prowler/lib/outputs/models.py b/prowler/lib/outputs/models.py index 2e6b4e61..47940c5e 100644 --- a/prowler/lib/outputs/models.py +++ b/prowler/lib/outputs/models.py @@ -518,6 +518,7 @@ class Resource(BaseModel): class Compliance(BaseModel): Status: str RelatedRequirements: List[str] + AssociatedStandards: List[dict] class Check_Output_JSON_ASFF(BaseModel): diff --git a/prowler/lib/outputs/outputs.py b/prowler/lib/outputs/outputs.py index f4343268..8babeb2b 100644 --- a/prowler/lib/outputs/outputs.py +++ b/prowler/lib/outputs/outputs.py @@ -108,7 +108,9 @@ def report(check_findings, output_options, audit_info): if "json-asff" in file_descriptors: finding_output = Check_Output_JSON_ASFF() - fill_json_asff(finding_output, audit_info, finding) + fill_json_asff( + finding_output, audit_info, finding, output_options + ) json.dump( finding_output.dict(), diff --git a/tests/lib/outputs/outputs_test.py b/tests/lib/outputs/outputs_test.py index 1ceccb64..08be3027 100644 --- a/tests/lib/outputs/outputs_test.py +++ b/tests/lib/outputs/outputs_test.py @@ -451,13 +451,17 @@ class Test_Outputs: expected.Compliance = Compliance( Status="PASS" + "ED", - RelatedRequirements=finding.check_metadata.CheckType, + RelatedRequirements=[], + AssociatedStandards=[], ) expected.Remediation = { "Recommendation": finding.check_metadata.Remediation.Recommendation } + output_options = mock.MagicMock() - assert fill_json_asff(input, input_audit_info, finding) == expected + assert ( + fill_json_asff(input, input_audit_info, finding, output_options) == expected + ) @mock_s3 def test_send_to_s3_bucket(self): @@ -651,8 +655,8 @@ class Test_Outputs: finding.status_extended = "This is a test" finding_output = Check_Output_JSON_ASFF() - - fill_json_asff(finding_output, input_audit_info, finding) + output_options = mock.MagicMock() + fill_json_asff(finding_output, input_audit_info, finding, output_options) assert ( send_to_security_hub(