chore(metadata): Remove CheckName and CheckAlias field (#1299)

2026-02-11 15:25:10 +00:00 · 2022-08-03 10:12:34 +02:00
parent 9f82a8a6d6
commit dfbc618d44
26 changed files with 7 additions and 55 deletions
--- a/lib/check/check.py
+++ b/lib/check/check.py
@@ -192,9 +192,9 @@ def set_output_options(

 def run_check(check, audit_info, output_options):
    print(
-        f"\nCheck Name: {check.checkName} - {Fore.MAGENTA}{check.serviceName}{Fore.YELLOW} [{check.severity}]{Style.RESET_ALL}"
+        f"\nCheck ID: {check.checkID} - {Fore.MAGENTA}{check.serviceName}{Fore.YELLOW} [{check.severity}]{Style.RESET_ALL}"
    )
-    logger.debug(f"Executing check: {check.checkName}")
+    logger.debug(f"Executing check: {check.checkID}")
    findings = check.execute()

    report(findings, output_options, audit_info)
--- a/lib/check/fixtures/metadata.json
+++ b/lib/check/fixtures/metadata.json
@@ -3,9 +3,7 @@
    "cat1",
    "cat2"
  ],
-  "CheckAlias": "extra764",
  "CheckID": "iam_disable_30_days_credentials",
-  "CheckName": "iam_disable_30_days_credentials",
  "CheckTitle": "Ensure credentials unused for 30 days or greater are disabled",
  "CheckType": "Software and Configuration Checks",
  "Compliance": [
--- a/lib/check/models.py
+++ b/lib/check/models.py
@@ -54,7 +54,7 @@ class Remediation(BaseModel):
 class Check_Metadata_Model(BaseModel):
    Provider: str
    CheckID: str
-    CheckName: str
+    # CheckName: str
    CheckTitle: str
    # CheckAlias: str
    CheckType: str
@@ -84,7 +84,7 @@ class Check(ABC):
        # Assign metadata values
        self.__Provider__ = self.__check_metadata__.Provider
        self.__CheckID__ = self.__check_metadata__.CheckID
-        self.__CheckName__ = self.__check_metadata__.CheckName
+        # self.__CheckName__ = self.__check_metadata__.CheckName
        self.__CheckTitle__ = self.__check_metadata__.CheckTitle
        # self.__CheckAlias__ = self.__check_metadata__.CheckAlias
        self.__CheckType__ = self.__check_metadata__.CheckType
@@ -112,9 +112,9 @@ class Check(ABC):
    def checkID(self):
        return self.__CheckID__

-    @property
-    def checkName(self):
-        return self.__CheckName__
+    # @property
+    # def checkName(self):
+    #     return self.__CheckName__

    @property
    def checkTitle(self):
--- a/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot.metadata.json
+++ b/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra72",
  "CheckID": "ec2_ebs_public_snapshot",
-  "CheckName": "ec2_ebs_public_snapshot",
  "CheckTitle": "Ensure there are no EBS Snapshots set as Public.",
  "CheckType": "Data Protection",
  "Compliance": [],
--- a/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted.metadata.json
+++ b/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra740",
  "CheckID": "ec2_ebs_snapshots_encrypted",
-  "CheckName": "ec2_ebs_snapshots_encrypted",
  "CheckTitle": "Check if EBS snapshots are encrypted.",
  "CheckType": "Data Protection",
  "Compliance": [],
--- a/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip.metadata.json
+++ b/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra710",
  "CheckID": "ec2_instance_public_ip",
-  "CheckName": "ec2_instance_public_ip",
  "CheckTitle": "Check for EC2 Instances with Public IP.",
  "CheckType": "Infrastructure Security",
  "Compliance": [],
--- a/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22.metadata.json
+++ b/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check45",
  "CheckID": "ec2_networkacl_allow_ingress_tcp_port_22",
-  "CheckName": "ec2_networkacl_allow_ingress_tcp_port_22",
  "CheckTitle": "Ensure no Network ACLs allow ingress from 0.0.0.0/0 to SSH port 22",
  "CheckType": "Infrastructure Security",
  "Compliance": [
--- a/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389.metadata.json
+++ b/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check45",
  "CheckID": "ec2_networkacl_allow_ingress_tcp_port_3389",
-  "CheckName": "ec2_networkacl_allow_ingress_tcp_port_3389",
  "CheckTitle": "Ensure no Network ACLs allow ingress from 0.0.0.0/0 to Microsoft RDP port 3389",
  "CheckType": "Infrastructure Security",
  "Compliance": [
--- a/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port.metadata.json
+++ b/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra748",
  "CheckID": "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
-  "CheckName": "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
  "CheckTitle": "Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to any port.",
  "CheckType": "Infrastructure Security",
  "Compliance": [],
--- a/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.metadata.json
+++ b/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra750",
  "CheckID": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
-  "CheckName": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
  "CheckTitle": "Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to SSH port 22.",
  "CheckType": "Infrastructure Security",
  "Compliance": [
--- a/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.metadata.json
+++ b/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra750",
  "CheckID": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
-  "CheckName": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
  "CheckTitle": "Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to port 3389.",
  "CheckType": "Infrastructure Security",
  "Compliance": [
--- a/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.metadata.json
+++ b/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra750",
  "CheckID": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306",
-  "CheckName": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306",
  "CheckTitle": "Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to MySQL port 3306.",
  "CheckType": "Infrastructure Security",
  "Compliance": [],
--- a/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.metadata.json
+++ b/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra749",
  "CheckID": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483",
-  "CheckName": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483",
  "CheckTitle": "Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to Oracle ports 1521 or 2483.",
  "CheckType": "Infrastructure Security",
  "Compliance": [],
--- a/providers/aws/services/iam/iam_administrator_access_with_mfa/iam_administrator_access_with_mfa.metadata.json
+++ b/providers/aws/services/iam/iam_administrator_access_with_mfa/iam_administrator_access_with_mfa.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra71",
  "CheckID": "iam_administrator_access_with_mfa",
-  "CheckName": "iam_administrator_access_with_mfa",
  "CheckTitle": "Ensure users of groups with AdministratorAccess policy have MFA tokens enabled",
  "CheckType": "Infrastructure Security",
  "Compliance": [],
--- a/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage.metadata.json
+++ b/providers/aws/services/iam/iam_avoid_root_usage/iam_avoid_root_usage.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check11",
  "CheckID": "iam_avoid_root_usage",
-  "CheckName": "iam_avoid_root_usage",
  "CheckTitle": "Avoid the use of the root accounts",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [
--- a/providers/aws/services/iam/iam_disable_30_days_credentials/iam_disable_30_days_credentials.metadata.json
+++ b/providers/aws/services/iam/iam_disable_30_days_credentials/iam_disable_30_days_credentials.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra774",
  "CheckID": "iam_disable_30_days_credentials",
-  "CheckName": "iam_disable_30_days_credentials",
  "CheckTitle": "Ensure credentials unused for 30 days or greater are disabled",
  "CheckType": "Software and Configuration Checks",
  "Compliance": [],
--- a/providers/aws/services/iam/iam_disable_90_days_credentials/iam_disable_90_days_credentials.metadata.json
+++ b/providers/aws/services/iam/iam_disable_90_days_credentials/iam_disable_90_days_credentials.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check13",
  "CheckID": "iam_disable_90_days_credentials",
-  "CheckName": "iam_disable_90_days_credentials",
  "CheckTitle": "Ensure credentials unused for 90 days or greater are disabled",
  "CheckType": "Software and Configuration Checks",
  "Compliance": [
--- a/providers/aws/services/iam/iam_no_root_access_key/iam_no_root_access_key.metadata.json
+++ b/providers/aws/services/iam/iam_no_root_access_key/iam_no_root_access_key.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check112",
  "CheckID": "iam_no_root_access_key",
-  "CheckName": "iam_no_root_access_key",
  "CheckTitle": "Ensure no root account access key exists",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [
--- a/providers/aws/services/iam/iam_root_hardware_mfa_enabled/iam_root_hardware_mfa_enabled.metadata.json
+++ b/providers/aws/services/iam/iam_root_hardware_mfa_enabled/iam_root_hardware_mfa_enabled.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check114",
  "CheckID": "iam_root_hardware_mfa_enabled",
-  "CheckName": "iam_root_hardware_mfa_enabled",
  "CheckTitle": "Ensure hardware MFA is enabled for the root account",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [
--- a/providers/aws/services/iam/iam_root_mfa_enabled/iam_root_mfa_enabled.metadata.json
+++ b/providers/aws/services/iam/iam_root_mfa_enabled/iam_root_mfa_enabled.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check113",
  "CheckID": "iam_root_mfa_enabled",
-  "CheckName": "iam_root_mfa_enabled",
  "CheckTitle": "Ensure MFA is enabled for the root account",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [
--- a/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days.metadata.json
+++ b/providers/aws/services/iam/iam_rotate_access_key_90_days/iam_rotate_access_key_90_days.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check14",
  "CheckID": "iam_rotate_access_key_90_days",
-  "CheckName": "iam_rotate_access_key_90_days",
  "CheckTitle": "Ensure access keys are rotated every 90 days or less",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [
--- a/providers/aws/services/iam/iam_user_hardware_mfa_enabled/iam_user_hardware_mfa_enabled.metadata.json
+++ b/providers/aws/services/iam/iam_user_hardware_mfa_enabled/iam_user_hardware_mfa_enabled.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra7125",
  "CheckID": "iam_user_hardware_mfa_enabled",
-  "CheckName": "iam_user_hardware_mfa_enabled",
  "CheckTitle": "Check if IAM users have Hardware MFA enabled.",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [],
--- a/providers/aws/services/iam/iam_user_mfa_enabled_console_access/iam_user_mfa_enabled_console_access.metadata.json
+++ b/providers/aws/services/iam/iam_user_mfa_enabled_console_access/iam_user_mfa_enabled_console_access.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "check12",
  "CheckID": "iam_user_mfa_enabled_console_access",
-  "CheckName": "iam_user_mfa_enabled_console_access",
  "CheckTitle": "Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password.",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [],
--- a/providers/aws/services/iam/iam_user_two_active_access_key/iam_user_two_active_access_key.metadata.json
+++ b/providers/aws/services/iam/iam_user_two_active_access_key/iam_user_two_active_access_key.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra7123",
  "CheckID": "iam_user_two_active_access_key",
-  "CheckName": "iam_user_two_active_access_key",
  "CheckTitle": "Check if IAM users have two active access keys",
  "CheckType": "Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark",
  "Compliance": [],
--- a/providers/aws/services/s3/s3_bucket_object_versioning/s3_bucket_object_versioning.metadata.json
+++ b/providers/aws/services/s3/s3_bucket_object_versioning/s3_bucket_object_versioning.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra763",
  "CheckID": "s3_bucket_object_versioning",
-  "CheckName": "s3_bucket_object_versioning",
  "CheckTitle": "Check if S3 buckets have object versioning enabled",
  "CheckType": "Data Protection",
  "Compliance": [],
--- a/providers/aws/services/s3/s3_bucket_server_access_logging_enabled/s3_bucket_server_access_logging_enabled.metadata.json
+++ b/providers/aws/services/s3/s3_bucket_server_access_logging_enabled/s3_bucket_server_access_logging_enabled.metadata.json
@@ -1,8 +1,6 @@
 {
  "Categories": [],
-  "CheckAlias": "extra718",
  "CheckID": "s3_bucket_server_access_logging_enabled",
-  "CheckName": "s3_bucket_server_access_logging_enabled",
  "CheckTitle": "Check if S3 buckets have server access logging enabled",
  "CheckType": "Logging and Monitoring",
  "Compliance": [],