From d044e535e0a7028306ea424f000023478e34d4fb Mon Sep 17 00:00:00 2001 From: Sergio Garcia <38561120+sergargar@users.noreply.github.com> Date: Wed, 21 Jun 2023 17:04:08 +0200 Subject: [PATCH] fix(compliance): add version to ISO27001 (#2523) --- .../{iso27001_aws.json => iso27001_2013_aws.json} | 2 +- prowler/lib/check/compliance_models.py | 4 ++-- prowler/lib/outputs/compliance.py | 12 ++++++++---- prowler/lib/outputs/file_descriptors.py | 8 ++++---- prowler/lib/outputs/models.py | 4 ++-- 5 files changed, 17 insertions(+), 13 deletions(-) rename prowler/compliance/aws/{iso27001_aws.json => iso27001_2013_aws.json} (99%) diff --git a/prowler/compliance/aws/iso27001_aws.json b/prowler/compliance/aws/iso27001_2013_aws.json similarity index 99% rename from prowler/compliance/aws/iso27001_aws.json rename to prowler/compliance/aws/iso27001_2013_aws.json index 82ef8fcf..76fc153c 100644 --- a/prowler/compliance/aws/iso27001_aws.json +++ b/prowler/compliance/aws/iso27001_2013_aws.json @@ -1,6 +1,6 @@ { "Framework": "ISO27001", - "Version": "", + "Version": "2013", "Provider": "AWS", "Description": "ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.", "Requirements": [ diff --git a/prowler/lib/check/compliance_models.py b/prowler/lib/check/compliance_models.py index a79bff56..83f43d02 100644 --- a/prowler/lib/check/compliance_models.py +++ b/prowler/lib/check/compliance_models.py @@ -106,7 +106,7 @@ class AWS_Well_Architected_Requirements(BaseModel): # ISO27001 Requirements -class ISO27001_Requirements(BaseModel): +class ISO27001_2013_Requirements(BaseModel): """ISO27001 Requirements""" Category: str @@ -127,7 +127,7 @@ class Compliance_Requirement(BaseModel): CIS_Requirements, ENS_Requirements, Generic_Compliance_Requirements, - ISO27001_Requirements, + ISO27001_2013_Requirements, AWS_Well_Architected_Requirements, ] ] diff --git a/prowler/lib/outputs/compliance.py b/prowler/lib/outputs/compliance.py index a2546876..c33dc629 100644 --- a/prowler/lib/outputs/compliance.py +++ b/prowler/lib/outputs/compliance.py @@ -8,7 +8,7 @@ from prowler.config.config import orange_color, timestamp from prowler.lib.check.models import Check_Report from prowler.lib.logger import logger from prowler.lib.outputs.models import ( - Check_Output_CSV_AWS_ISO27001, + Check_Output_CSV_AWS_ISO27001_2013, Check_Output_CSV_AWS_Well_Architected, Check_Output_CSV_CIS, Check_Output_CSV_ENS_RD2022, @@ -160,7 +160,11 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors): csv_header = generate_csv_fields(Check_Output_CSV_AWS_Well_Architected) - elif compliance.Framework == "ISO27001" and compliance.Provider == "AWS": + elif ( + compliance.Framework == "ISO27001" + and compliance.Version == "2013" + and compliance.Provider == "AWS" + ): compliance_output = compliance.Framework if compliance.Version != "": compliance_output += "_" + compliance.Version @@ -174,7 +178,7 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors): requirement_id = requirement.Id requirement.Name for attribute in requirement.Attributes: - compliance_row = Check_Output_CSV_AWS_ISO27001( + compliance_row = Check_Output_CSV_AWS_ISO27001_2013( Provider=finding.check_metadata.Provider, Description=compliance.Description, AccountId=audit_info.audited_account, @@ -192,7 +196,7 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors): CheckId=finding.check_metadata.CheckID, ) - csv_header = generate_csv_fields(Check_Output_CSV_AWS_ISO27001) + csv_header = generate_csv_fields(Check_Output_CSV_AWS_ISO27001_2013) else: compliance_output = compliance.Framework diff --git a/prowler/lib/outputs/file_descriptors.py b/prowler/lib/outputs/file_descriptors.py index 53be28a5..f9b70658 100644 --- a/prowler/lib/outputs/file_descriptors.py +++ b/prowler/lib/outputs/file_descriptors.py @@ -14,7 +14,7 @@ from prowler.lib.outputs.html import add_html_header from prowler.lib.outputs.models import ( Aws_Check_Output_CSV, Azure_Check_Output_CSV, - Check_Output_CSV_AWS_ISO27001, + Check_Output_CSV_AWS_ISO27001_2013, Check_Output_CSV_AWS_Well_Architected, Check_Output_CSV_CIS, Check_Output_CSV_ENS_RD2022, @@ -164,13 +164,13 @@ def fill_file_descriptors(output_modes, output_directory, output_filename, audit ) file_descriptors.update({output_mode: file_descriptor}) - elif output_mode == "iso27001_aws": - filename = f"{output_directory}/{output_filename}_iso27001_aws{csv_file_suffix}" + elif output_mode == "iso27001_2013_aws": + filename = f"{output_directory}/{output_filename}_iso27001_2013_aws{csv_file_suffix}" file_descriptor = initialize_file_descriptor( filename, output_mode, audit_info, - Check_Output_CSV_AWS_ISO27001, + Check_Output_CSV_AWS_ISO27001_2013, ) file_descriptors.update({output_mode: file_descriptor}) diff --git a/prowler/lib/outputs/models.py b/prowler/lib/outputs/models.py index 2b43e61a..1b6f0cbf 100644 --- a/prowler/lib/outputs/models.py +++ b/prowler/lib/outputs/models.py @@ -588,9 +588,9 @@ class Check_Output_CSV_AWS_Well_Architected(BaseModel): CheckId: str -class Check_Output_CSV_AWS_ISO27001(BaseModel): +class Check_Output_CSV_AWS_ISO27001_2013(BaseModel): """ - Check_Output_CSV_AWS_ISO27001 generates a finding's output in CSV AWS ISO27001 Compliance format. + Check_Output_CSV_AWS_ISO27001_2013 generates a finding's output in CSV AWS ISO27001 Compliance format. """ Provider: str