ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(Security Hub): associate resource_arn as resourceId (#1672)

Browse Source 
Co-authored-by: sergargar <sergio@verica.io>
This commit is contained in:
Sergio Garcia
2023-01-09 14:16:57 +01:00
committed by GitHub
parent d5edbaa3a9
commit 4dfa20e40b
2 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
prowler/lib/outputs/json.py
View File

@@ -14,12 +14,14 @@ from prowler.lib.utils.utils import hash_sha512, open_file
def fill_json_asff(finding_output, audit_info, finding): def fill_json_asff(finding_output, audit_info, finding):
# Check if there are no resources in the finding # Check if there are no resources in the finding
if finding.resource_id == "": if finding.resource_arn == "":
finding.resource_id = "NONE_PROVIDED" if finding.resource_id == "":
finding.resource_id = "NONE_PROVIDED"
finding.resource_arn = finding.resource_id
finding_output.Id = f"prowler-{finding.check_metadata.CheckID}-{audit_info.audited_account}-{finding.region}-{hash_sha512(finding.resource_id)}" finding_output.Id = f"prowler-{finding.check_metadata.CheckID}-{audit_info.audited_account}-{finding.region}-{hash_sha512(finding.resource_id)}"
finding_output.ProductArn = f"arn:{audit_info.audited_partition}:securityhub:{finding.region}::product/prowler/prowler" finding_output.ProductArn = f"arn:{audit_info.audited_partition}:securityhub:{finding.region}::product/prowler/prowler"
finding_output.ProductFields = ProductFields( finding_output.ProductFields = ProductFields(
ProviderVersion=prowler_version, ProwlerResourceName=finding.resource_id ProviderVersion=prowler_version, ProwlerResourceName=finding.resource_arn
) )
finding_output.GeneratorId = "prowler-" + finding.check_metadata.CheckID finding_output.GeneratorId = "prowler-" + finding.check_metadata.CheckID
finding_output.AwsAccountId = audit_info.audited_account finding_output.AwsAccountId = audit_info.audited_account
@@ -32,7 +34,7 @@ def fill_json_asff(finding_output, audit_info, finding):
finding_output.Description = finding.check_metadata.Description finding_output.Description = finding.check_metadata.Description
finding_output.Resources = [ finding_output.Resources = [
Resource( Resource(
Id=finding.resource_id, Id=finding.resource_arn,
Type=finding.check_metadata.ResourceType, Type=finding.check_metadata.ResourceType,
Partition=audit_info.audited_partition, Partition=audit_info.audited_partition,
Region=finding.region, Region=finding.region,

4
tests/lib/outputs/outputs_test.py
View File

@@ -276,7 +276,7 @@ class Test_Outputs:
expected.Id = f"prowler-{finding.check_metadata.CheckID}-123456789012-eu-west-1-{hash_sha512('test-resource')}" expected.Id = f"prowler-{finding.check_metadata.CheckID}-123456789012-eu-west-1-{hash_sha512('test-resource')}"
expected.ProductArn = "arn:aws:securityhub:eu-west-1::product/prowler/prowler" expected.ProductArn = "arn:aws:securityhub:eu-west-1::product/prowler/prowler"
expected.ProductFields = ProductFields( expected.ProductFields = ProductFields(
ProviderVersion=prowler_version, ProwlerResourceName="test-resource" ProviderVersion=prowler_version, ProwlerResourceName="test-arn"
) )
expected.GeneratorId = "prowler-" + finding.check_metadata.CheckID expected.GeneratorId = "prowler-" + finding.check_metadata.CheckID
expected.AwsAccountId = AWS_ACCOUNT_ID expected.AwsAccountId = AWS_ACCOUNT_ID
@@ -289,7 +289,7 @@ class Test_Outputs:
expected.Description = finding.check_metadata.Description expected.Description = finding.check_metadata.Description
expected.Resources = [ expected.Resources = [
Resource( Resource(
Id="test-resource", Id="test-arn",
Type=finding.check_metadata.ResourceType, Type=finding.check_metadata.ResourceType,
Partition="aws", Partition="aws",
Region="eu-west-1", Region="eu-west-1",