From 561459d93b927f863eeb80336c590794f9820ef0 Mon Sep 17 00:00:00 2001 From: Nacho Rivera Date: Tue, 13 Jun 2023 11:48:55 +0200 Subject: [PATCH] fix(dataevents checks): add trails home region (#2484) --- .../cloudtrail_s3_dataevents_read_enabled.py | 4 ++-- .../cloudtrail_s3_dataevents_write_enabled.py | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_read_enabled/cloudtrail_s3_dataevents_read_enabled.py b/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_read_enabled/cloudtrail_s3_dataevents_read_enabled.py index 9f161017..5496e9f6 100644 --- a/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_read_enabled/cloudtrail_s3_dataevents_read_enabled.py +++ b/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_read_enabled/cloudtrail_s3_dataevents_read_enabled.py @@ -34,7 +34,7 @@ class cloudtrail_s3_dataevents_read_enabled(Check): report.resource_arn = trail.arn report.resource_tags = trail.tags report.status = "PASS" - report.status_extended = f"Trail {trail.name} has a classic data event selector to record all S3 object-level API operations." + report.status_extended = f"Trail {trail.name} from home region {trail.home_region} has a classic data event selector to record all S3 object-level API operations." # advanced event selectors elif data_event.is_advanced: for field_selector in data_event.event_selector["FieldSelectors"]: @@ -47,7 +47,7 @@ class cloudtrail_s3_dataevents_read_enabled(Check): report.resource_arn = trail.arn report.resource_tags = trail.tags report.status = "PASS" - report.status_extended = f"Trail {trail.name} has an advanced data event selector to record all S3 object-level API operations." + report.status_extended = f"Trail {trail.name} from home region {trail.home_region} has an advanced data event selector to record all S3 object-level API operations." findings.append(report) return findings diff --git a/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_write_enabled/cloudtrail_s3_dataevents_write_enabled.py b/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_write_enabled/cloudtrail_s3_dataevents_write_enabled.py index 63f39cd1..942be579 100644 --- a/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_write_enabled/cloudtrail_s3_dataevents_write_enabled.py +++ b/prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_write_enabled/cloudtrail_s3_dataevents_write_enabled.py @@ -34,7 +34,7 @@ class cloudtrail_s3_dataevents_write_enabled(Check): report.resource_arn = trail.arn report.resource_tags = trail.tags report.status = "PASS" - report.status_extended = f"Trail {trail.name} has a classic data event selector to record all S3 object-level API operations." + report.status_extended = f"Trail {trail.name} from home region {trail.home_region} has a classic data event selector to record all S3 object-level API operations." # advanced event selectors elif data_event.is_advanced: for field_selector in data_event.event_selector["FieldSelectors"]: @@ -47,6 +47,6 @@ class cloudtrail_s3_dataevents_write_enabled(Check): report.resource_arn = trail.arn report.resource_tags = trail.tags report.status = "PASS" - report.status_extended = f"Trail {trail.name} has an advanced data event selector to record all S3 object-level API operations." + report.status_extended = f"Trail {trail.name} from home region {trail.home_region} has an advanced data event selector to record all S3 object-level API operations." findings.append(report) return findings