diff --git a/prowler/lib/check/check.py b/prowler/lib/check/check.py index 5dbe99c0..6dc271da 100644 --- a/prowler/lib/check/check.py +++ b/prowler/lib/check/check.py @@ -517,10 +517,8 @@ def get_checks_from_input_arn(audit_resources: list, provider: str) -> set: for resource in audit_resources: service = resource.split(":")[2] sub_service = resource.split(":")[5].split("/")[0].replace("-", "_") - - if ( - service != "wafv2" and service != "waf" - ): # WAF Services does not have checks + # WAF Services does not have checks + if service != "wafv2" and service != "waf": # Parse services when they are different in the ARNs if service == "lambda": service = "awslambda" @@ -528,7 +526,14 @@ def get_checks_from_input_arn(audit_resources: list, provider: str) -> set: service = "elb" elif service == "logs": service = "cloudwatch" - service_list.add(service) + # Check if Prowler has checks in service + try: + list_modules(provider, service) + except ModuleNotFoundError: + # Service is not supported + pass + else: + service_list.add(service) # Get subservices to execute only applicable checks if service not in services_without_subservices: diff --git a/prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/__init__.py b/prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/__init__.py similarity index 100% rename from prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/__init__.py rename to prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/__init__.py diff --git a/prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets.metadata.json b/prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/cloudformation_stack_outputs_find_secrets.metadata.json similarity index 95% rename from prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets.metadata.json rename to prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/cloudformation_stack_outputs_find_secrets.metadata.json index 9518bb00..d8cde7d3 100644 --- a/prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets.metadata.json +++ b/prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/cloudformation_stack_outputs_find_secrets.metadata.json @@ -1,6 +1,6 @@ { "Provider": "aws", - "CheckID": "cloudformation_outputs_find_secrets", + "CheckID": "cloudformation_stack_outputs_find_secrets", "CheckTitle": "Find secrets in CloudFormation outputs", "CheckType": [], "ServiceName": "cloudformation", diff --git a/prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets.py b/prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/cloudformation_stack_outputs_find_secrets.py similarity index 93% rename from prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets.py rename to prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/cloudformation_stack_outputs_find_secrets.py index edbab25c..5dbdfcc8 100644 --- a/prowler/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets.py +++ b/prowler/providers/aws/services/cloudformation/cloudformation_stack_outputs_find_secrets/cloudformation_stack_outputs_find_secrets.py @@ -10,11 +10,11 @@ from prowler.providers.aws.services.cloudformation.cloudformation_client import ) -class cloudformation_outputs_find_secrets(Check): +class cloudformation_stack_outputs_find_secrets(Check): """Check if a CloudFormation Stack has secrets in their Outputs""" def execute(self): - """Execute the cloudformation_outputs_find_secrets check""" + """Execute the cloudformation_stack_outputs_find_secrets check""" findings = [] for stack in cloudformation_client.stacks: report = Check_Report_AWS(self.metadata()) diff --git a/tests/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets_test.py b/tests/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets_test.py index 5ac1e3f4..f0e8fd8d 100644 --- a/tests/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets_test.py +++ b/tests/providers/aws/services/cloudformation/cloudformation_outputs_find_secrets/cloudformation_outputs_find_secrets_test.py @@ -6,7 +6,7 @@ from prowler.providers.aws.services.cloudformation.cloudformation_service import AWS_REGION = "eu-west-1" -class Test_cloudformation_outputs_find_secrets: +class Test_cloudformation_stack_outputs_find_secrets: def test_no_stacks(self): cloudformation_client = mock.MagicMock cloudformation_client.stacks = [] @@ -15,11 +15,11 @@ class Test_cloudformation_outputs_find_secrets: new=cloudformation_client, ): # Test Check - from prowler.providers.aws.services.cloudformation.cloudformation_outputs_find_secrets.cloudformation_outputs_find_secrets import ( - cloudformation_outputs_find_secrets, + from prowler.providers.aws.services.cloudformation.cloudformation_stack_outputs_find_secrets.cloudformation_stack_outputs_find_secrets import ( + cloudformation_stack_outputs_find_secrets, ) - check = cloudformation_outputs_find_secrets() + check = cloudformation_stack_outputs_find_secrets() result = check.execute() assert len(result) == 0 @@ -40,11 +40,11 @@ class Test_cloudformation_outputs_find_secrets: "prowler.providers.aws.services.cloudformation.cloudformation_service.CloudFormation", cloudformation_client, ): - from prowler.providers.aws.services.cloudformation.cloudformation_outputs_find_secrets.cloudformation_outputs_find_secrets import ( - cloudformation_outputs_find_secrets, + from prowler.providers.aws.services.cloudformation.cloudformation_stack_outputs_find_secrets.cloudformation_stack_outputs_find_secrets import ( + cloudformation_stack_outputs_find_secrets, ) - check = cloudformation_outputs_find_secrets() + check = cloudformation_stack_outputs_find_secrets() result = check.execute() assert len(result) == 1 @@ -76,11 +76,11 @@ class Test_cloudformation_outputs_find_secrets: "prowler.providers.aws.services.cloudformation.cloudformation_service.CloudFormation", cloudformation_client, ): - from prowler.providers.aws.services.cloudformation.cloudformation_outputs_find_secrets.cloudformation_outputs_find_secrets import ( - cloudformation_outputs_find_secrets, + from prowler.providers.aws.services.cloudformation.cloudformation_stack_outputs_find_secrets.cloudformation_stack_outputs_find_secrets import ( + cloudformation_stack_outputs_find_secrets, ) - check = cloudformation_outputs_find_secrets() + check = cloudformation_stack_outputs_find_secrets() result = check.execute() assert len(result) == 1 @@ -112,11 +112,11 @@ class Test_cloudformation_outputs_find_secrets: "prowler.providers.aws.services.cloudformation.cloudformation_service.CloudFormation", cloudformation_client, ): - from prowler.providers.aws.services.cloudformation.cloudformation_outputs_find_secrets.cloudformation_outputs_find_secrets import ( - cloudformation_outputs_find_secrets, + from prowler.providers.aws.services.cloudformation.cloudformation_stack_outputs_find_secrets.cloudformation_stack_outputs_find_secrets import ( + cloudformation_stack_outputs_find_secrets, ) - check = cloudformation_outputs_find_secrets() + check = cloudformation_stack_outputs_find_secrets() result = check.execute() assert len(result) == 1