feat(outputS): Output generation format CSV (#1230)

* chore(csv): first version csv output * chore(pytest): added pytest dependency * chore(outputs): organizations demo * chore(compliance): Added new dataclass for each compliance framework * fix(test org values): deleted test values in orgs instantiation * fix(csv): formatted to match output format * fix(csv output): Reformulation of check report and minor changes * fix(minor issues): Fix various issues coming from PR comments * fix(csv): Renamed csv output data model * fix(output dir): create default if not present * fix(typo): remove s * fix(oldcode) * fix(typo) * fix(output): Only send to csv when -M is passed Co-authored-by: sergargar <sergio@verica.io> Co-authored-by: Pepe Fagoaga <pepe@verica.io>
2026-02-10 06:45:08 +00:00 · 2022-07-04 10:30:47 +02:00
parent a1dcc1310a
commit 11652838e2
16 changed files with 532 additions and 90 deletions
--- a/providers/aws/services/iam/iam_disable_30_days_credentials/iam_disable_30_days_credentials.py
+++ b/providers/aws/services/iam/iam_disable_30_days_credentials/iam_disable_30_days_credentials.py
@@ -13,7 +13,10 @@ class iam_disable_30_days_credentials(Check):

        if response:
            for user in response:
-                report = Check_Report()
+                report = Check_Report(self.metadata)
+                report.resource_id = user["UserName"]
+                report.resource_arn = user["Arn"]
+                report.region = "us-east-1"
                if "PasswordLastUsed" in user and user["PasswordLastUsed"] != "":
                    try:
                        time_since_insertion = (
@@ -22,23 +25,21 @@ class iam_disable_30_days_credentials(Check):
                        )
                        if time_since_insertion.days > maximum_expiration_days:
                            report.status = "FAIL"
-                            report.result_extended = f"User {user['UserName']} has not logged into the console in the past 30 days"
-                            report.region = iam_client.region
+                            report.status_extended = f"User {user['UserName']} has not logged into the console in the past 30 days"
                        else:
                            report.status = "PASS"
-                            report.result_extended = f"User {user['UserName']} has logged into the console in the past 30 days"
-                            report.region = iam_client.region
+                            report.status_extended = f"User {user['UserName']} has logged into the console in the past 30 days"
+
                    except KeyError:
                        pass
                else:
                    report.status = "PASS"
-                    report.result_extended = f"User {user['UserName']} has not a console password or is unused."
-                    report.region = iam_client.region
+                    report.status_extended = f"User {user['UserName']} has not a console password or is unused."

                # Append report
                findings.append(report)
        else:
-            report = Check_Report()
+            report = Check_Report(self.metadata)
            report.status = "PASS"
            report.result_extended = "There is no IAM users"
            report.region = iam_client.region
--- a/providers/aws/services/iam/iam_disable_90_days_credentials/iam_disable_90_days_credentials.py
+++ b/providers/aws/services/iam/iam_disable_90_days_credentials/iam_disable_90_days_credentials.py
@@ -13,7 +13,10 @@ class iam_disable_90_days_credentials(Check):

        if response:
            for user in response:
-                report = Check_Report()
+                report = Check_Report(self.metadata)
+                report.region = "us-east-1"
+                report.resource_id = user["UserName"]
+                report.resource_arn = user["Arn"]
                if "PasswordLastUsed" in user and user["PasswordLastUsed"] != "":
                    try:
                        time_since_insertion = (
@@ -22,25 +25,23 @@ class iam_disable_90_days_credentials(Check):
                        )
                        if time_since_insertion.days > maximum_expiration_days:
                            report.status = "FAIL"
-                            report.result_extended = f"User {user['UserName']} has not logged into the console in the past 90 days"
-                            report.region = iam_client.region
+                            report.status_extended = f"User {user['UserName']} has not logged into the console in the past 90 days"
                        else:
                            report.status = "PASS"
-                            report.result_extended = f"User {user['UserName']} has logged into the console in the past 90 days"
-                            report.region = iam_client.region
+                            report.status_extended = f"User {user['UserName']} has logged into the console in the past 90 days"
+
                    except KeyError:
                        pass
                else:
                    report.status = "PASS"
-                    report.result_extended = f"User {user['UserName']} has not a console password or is unused."
-                    report.region = iam_client.region

+                    report.status_extended = f"User {user['UserName']} has not a console password or is unused."
                # Append report
                findings.append(report)
        else:
-            report = Check_Report()
+            report = Check_Report(self.metadata)
            report.status = "PASS"
-            report.result_extended = "There is no IAM users"
-            report.region = iam_client.region
+            report.status_extended = "There is no IAM users"
+            report.region = "us-east-1"

        return findings