ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(cloudwatch secrets): fix nonetype error handling (#2543)

Browse Source
This commit is contained in:
Nacho Rivera
2023-07-03 12:52:46 +02:00
committed by GitHub
parent 47736910ca
commit 6403feaff9
2 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
prowler/providers/aws/services/cloudwatch/cloudwatch_log_group_no_secrets_in_logs/cloudwatch_log_group_no_secrets_in_logs.py
View File

@@ -57,10 +57,13 @@ class cloudwatch_log_group_no_secrets_in_logs(Check):
event_detect_secrets_output = detect_secrets_scan(
log_event_data
)
for secret in event_detect_secrets_output:
log_stream_secrets[cloudwatch_timestamp].add_secret(
secret["line_number"], secret["type"]
)
if event_detect_secrets_output:
for secret in event_detect_secrets_output:
log_stream_secrets[
cloudwatch_timestamp
].add_secret(
secret["line_number"], secret["type"]
)
else:
log_stream_secrets[cloudwatch_timestamp].add_secret(
1, secret["type"]

7
tests/providers/aws/services/cloudwatch/cloudwatch_log_group_no_secrets_in_logs/cloudwatch_log_group_no_secrets_in_logs_test.py
View File

@@ -79,7 +79,12 @@ class Test_cloudwatch_log_group_no_secrets_in_logs:
logs_client.put_log_events(
logGroupName="test",
logStreamName="test stream",
logEvents=[{"timestamp": 0, "message": "line"}],
logEvents=[
{
"timestamp": int(unix_time_millis()),
"message": "non sensitive message",
}
],
)
from prowler.providers.aws.services.cloudwatch.cloudwatch_service import Logs