From ce3ef0550f690709a7a97d1a2d7039b15b983a11 Mon Sep 17 00:00:00 2001 From: Sergio Garcia <38561120+sergargar@users.noreply.github.com> Date: Tue, 21 Feb 2023 15:11:43 +0100 Subject: [PATCH] chore(Security Hub): add status extended to Security Hub (#1921) --- prowler/lib/outputs/json.py | 2 +- ...t_services_allowed_principals_trust_boundaries.metadata.json | 2 +- ...pc_peering_routing_tables_with_least_privilege.metadata.json | 2 +- tests/lib/outputs/outputs_test.py | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/prowler/lib/outputs/json.py b/prowler/lib/outputs/json.py index a667462d..4733fd5b 100644 --- a/prowler/lib/outputs/json.py +++ b/prowler/lib/outputs/json.py @@ -31,7 +31,7 @@ def fill_json_asff(finding_output, audit_info, finding): ) = finding_output.CreatedAt = timestamp_utc.strftime("%Y-%m-%dT%H:%M:%SZ") finding_output.Severity = Severity(Label=finding.check_metadata.Severity.upper()) finding_output.Title = finding.check_metadata.CheckTitle - finding_output.Description = finding.check_metadata.Description + finding_output.Description = finding.status_extended finding_output.Resources = [ Resource( Id=finding.resource_arn, diff --git a/prowler/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries.metadata.json b/prowler/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries.metadata.json index 8c0b1920..6f9cd74b 100644 --- a/prowler/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries.metadata.json +++ b/prowler/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries.metadata.json @@ -9,7 +9,7 @@ "SubServiceName": "service_endpoint", "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id", "Severity": "medium", - "ResourceType": "AwsEc2Vpc", + "ResourceType": "AwsEc2VpcEndpointService", "Description": "Find trust boundaries in VPC endpoint services allowlisted principles.", "Risk": "Account VPC could be linked to other accounts.", "RelatedUrl": "", diff --git a/prowler/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege.metadata.json b/prowler/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege.metadata.json index f6fdecb7..476f1ddf 100644 --- a/prowler/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege.metadata.json +++ b/prowler/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege.metadata.json @@ -9,7 +9,7 @@ "SubServiceName": "route_table", "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id", "Severity": "medium", - "ResourceType": "AwsEc2Vpc", + "ResourceType": "AwsEc2VpcPeeringConnection", "Description": "Ensure routing tables for VPC peering are least access.", "Risk": "Being highly selective in peering routing tables is a very effective way of minimizing the impact of breach as resources outside of these routes are inaccessible to the peered VPC.", "RelatedUrl": "", diff --git a/tests/lib/outputs/outputs_test.py b/tests/lib/outputs/outputs_test.py index f6e391da..b3038844 100644 --- a/tests/lib/outputs/outputs_test.py +++ b/tests/lib/outputs/outputs_test.py @@ -291,7 +291,7 @@ class Test_Outputs: ) = expected.CreatedAt = timestamp_utc.strftime("%Y-%m-%dT%H:%M:%SZ") expected.Severity = Severity(Label=finding.check_metadata.Severity.upper()) expected.Title = finding.check_metadata.CheckTitle - expected.Description = finding.check_metadata.Description + expected.Description = finding.status_extended expected.Resources = [ Resource( Id="test-arn",