feat(ec2_checks): add several checks for ec2 (#1268)

* feat(checks): add extra718

* feat(checks): add extra763

* feat(checks): add extra748, extra749, extra72

* feat(checks): add extra750

* feat(checks): add check45

* feat(checks): add check46, check45, check42, check41

* feat(metadata_sample): add sample of check metadata

* feat(pci-group): add pci group.

* feat(cloud9): environment setup.

* fix(protocol): add protocol conditions

Co-authored-by: sergargar <sergio@verica.io>

providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted.metadata.json

@@ -1,67 +1,35 @@
 {
-  "Categories": [
-    "cat1",
-    "cat2"
-  ],
+  "Categories": [],
   "CheckAlias": "extra740",
   "CheckID": "ec2_ebs_snapshots_encrypted",
   "CheckName": "ec2_ebs_snapshots_encrypted",
-  "CheckTitle": "Check if EBS snapshots are encrypted",
+  "CheckTitle": "Check if EBS snapshots are encrypted.",
   "CheckType": "Data Protection",
-  "Compliance": [
-    {
-      "Control": [
-        "4.4"
-      ],
-      "Framework": "CIS-AWS",
-      "Group": [
-        "level1",
-        "level2"
-      ],
-      "Version": "1.4"
-    },
-    {
-      "Control": [
-        "4.4"
-      ],
-      "Framework": "PCI-DSS",
-      "Group": [
-        "level1",
-        "level2"
-      ],
-      "Version": "1.4"
-    }
-  ],
-  "DependsOn": [
-    "othercheck1",
-    "othercheck2"
-  ],
-  "Description": "If Security groups are not properly configured the attack surface is increased.",
-  "Notes": "additional information",
+  "Compliance": [],
+  "DependsOn": [],
+  "Description": "Check if EBS snapshots are encrypted.",
+  "Notes": "",
   "Provider": "aws",
-  "RelatedTo": [
-    "othercheck3",
-    "othercheck4"
-  ],
-  "RelatedUrl": "https://serviceofficialsiteorpageforthissubject",
+  "RelatedTo": [],
+  "RelatedUrl": "",
   "Remediation": {
     "Code": {
-      "CLI": "cli command or URL to the cli command location.",
-      "NativeIaC": "code or URL to the code location.",
-      "Other": "cli command or URL to the cli command location.",
-      "Terraform": "code or URL to the code location."
+      "CLI": "",
+      "NativeIaC": "",
+      "Other": "",
+      "Terraform": ""
     },
     "Recommendation": {
-      "Text": "Run sudo yum update and cross your fingers and toes.",
-      "Url": "https://myfp.com/recommendations/dangerous_things_and_how_to_fix_them.html"
+      "Text": "Encrypt all EBS Snapshot and Enable Encryption by default. You can configure your AWS account to enforce the encryption of the new EBS volumes and snapshot copies that you create. For example; Amazon EBS encrypts the EBS volumes created when you launch an instance and the snapshots that you copy from an unencrypted snapshot.",
+      "Url": "https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default"
     }
   },
   "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
-  "ResourceType": "AwsIamAccessAnalyzer",
-  "Risk": "Risk associated.",
+  "ResourceType": "AwsEc2Snapshot",
+  "Risk": "Data encryption at rest prevents data visibility in the event of its unauthorized access or theft.",
   "ServiceName": "ec2",
-  "Severity": "low",
-  "SubServiceName": "accessanalyzer",
+  "Severity": "medium",
+  "SubServiceName": "",
   "Tags": {
     "Tag1Key": "value",
     "Tag2Key": "value"

providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted.py

@@ -7,28 +7,28 @@ class ec2_ebs_snapshots_encrypted(Check):
         findings = []
         for regional_client in ec2_client.regional_clients:
             region = regional_client.region
-            if hasattr(regional_client, "snapshots"):
-                if regional_client.snapshots:
-                    for snapshot in regional_client.snapshots:
-                        report = Check_Report(self.metadata)
-                        report.region = region
-                        if snapshot["Encrypted"]:
-                            report.status = "PASS"
-                            report.status_extended = (
-                                f"EBS Snapshot {snapshot['SnapshotId']} is encrypted"
-                            )
-                            report.resource_id = snapshot["SnapshotId"]
-                        else:
-                            report.status = "FAIL"
-                            report.status_extended = (
-                                f"EBS Snapshot {snapshot['SnapshotId']} is unencrypted"
-                            )
-                            report.resource_id = snapshot["SnapshotId"]
-                else:
+            if regional_client.snapshots:
+                for snapshot in regional_client.snapshots:
                     report = Check_Report(self.metadata)
-                    report.status = "PASS"
-                    report.status_extended = "There are no EC2 EBS snapshots"
                     report.region = region
+                    if snapshot.encrypted:
+                        report.status = "PASS"
+                        report.status_extended = (
+                            f"EBS Snapshot {snapshot.id} is encrypted"
+                        )
+                        report.resource_id = snapshot.id
+                    else:
+                        report.status = "FAIL"
+                        report.status_extended = (
+                            f"EBS Snapshot {snapshot.id} is unencrypted"
+                        )
+                        report.resource_id = snapshot.id
+                    findings.append(report)
+            else:
+                report = Check_Report(self.metadata)
+                report.status = "PASS"
+                report.status_extended = "There are no EC2 EBS snapshots"
+                report.region = region
 
                 findings.append(report)