ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enable Security Hub official integration

Browse Source
This commit is contained in:
Toni de la Fuente
2020-10-29 22:40:38 +01:00
parent d6760f15b7
commit ae1d7be7f2
4 changed files with 40 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/outputs
View File

@@ -275,7 +275,7 @@ generateJsonAsffOutput(){
-n '{
"SchemaVersion": "2018-10-08",
"Id": "prowler-\($TITLE_ID)-\($ACCOUNT_NUM)-\($REPREGION)-\($UNIQUE_ID)",
"ProductArn": "arn:\($AWS_PARTITION):securityhub:\($REPREGION):\($ACCOUNT_NUM):product/\($ACCOUNT_NUM)/default",
"ProductArn": "arn:\($AWS_PARTITION):securityhub:\($REPREGION)::product/prowler/prowler",
"RecordState": "ACTIVE",
"ProductFields": {
"ProviderName": "Prowler",

17
include/securityhub_integration
View File

@@ -23,11 +23,20 @@ checkSecurityHubCompatibility(){
exit $EXITCODE
fi
for regx in $REGIONS; do
SECURITY_HUB_ENABLED=$($AWSCLI securityhub --region "$regx" $PROFILE_OPT describe-hub)
SECURITY_HUB_ENABLED=$($AWSCLI securityhub --region "$regx" $PROFILE_OPT describe-hub 2>/dev/null)
if [[ -z "${SECURITY_HUB_ENABLED}" ]]; then
echo -e "\n$RED ERROR!$NORMAL Security Hub is not enabled in $regx. Enable it by calling '$AWSCLI securityhub --region $regx $PROFILE_OPT enable-security-hub'\n"
EXITCODE=1
exit $EXITCODE
if [[ -z "${PROWLER_PRODUCT_SUBSCRIPTION_ENABLED}" ]]; then
echo -e "\n$RED ERROR!$NORMAL Security Hub is not enabled in $regx. Enable it running '$AWSCLI securityhub --region $regx $PROFILE_OPT enable-security-hub'. More info: https://github.com/toniblyx/prowler/#security-hub-integration\n"
EXITCODE=1
exit $EXITCODE
fi
else
PROWLER_PRODUCT_SUBSCRIPTION_ENABLED=$($AWSCLI securityhub --region "$regx" $PROFILE_OPT list-enabled-products-for-import --output text | grep "prowler/prowler" )
if [[ -z "${PROWLER_PRODUCT_SUBSCRIPTION_ENABLED}" ]]; then
echo -e "\n$RED ERROR!$NORMAL Security Hub is enabled in $regx but Prowler integration does not accept findings. Enable it running '$AWSCLI securityhub --region $regx $PROFILE_OPT enable-import-findings-for-product --product-arn arn:aws:securityhub:$regx::product/prowler/prowler'. More info: https://github.com/toniblyx/prowler/#security-hub-integration\n"
EXITCODE=1
exit $EXITCODE
fi
fi
done
}