mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 14:55:00 +00:00
fix(compliance): Security Hub working with compliance (#1673)
Co-authored-by: sergargar <sergio@verica.io>
This commit is contained in:
Sergio Garcia
@@ -18,13 +18,14 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
|
||||
check_compliance = output_options.bulk_checks_metadata[
|
||||
finding.check_metadata.CheckID
|
||||
].Compliance
|
||||
csv_header = compliance_row = None
|
||||
csv_header = compliance_row = compliance_output = None
|
||||
for compliance in check_compliance:
|
||||
if (
|
||||
compliance.Framework == "ENS"
|
||||
and compliance.Version == "RD2022"
|
||||
and "ens_rd2022_aws" in output_options.output_modes
|
||||
):
|
||||
compliance_output = "ens_rd2022_aws"
|
||||
for requirement in compliance.Requirements:
|
||||
requirement_description = requirement.Description
|
||||
requirement_id = requirement.Id
|
||||
@@ -60,52 +61,57 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
|
||||
elif compliance.Framework == "CIS-AWS" and "cis" in str(
|
||||
output_options.output_modes
|
||||
):
|
||||
for requirement in compliance.Requirements:
|
||||
requirement_description = requirement.Description
|
||||
requirement_id = requirement.Id
|
||||
for attribute in requirement.Attributes:
|
||||
compliance_row = Check_Output_CSV_CIS(
|
||||
Provider=finding.check_metadata.Provider,
|
||||
AccountId=audit_info.audited_account,
|
||||
Region=finding.region,
|
||||
AssessmentDate=timestamp.isoformat(),
|
||||
Requirements_Id=requirement_id,
|
||||
Requirements_Description=requirement_description,
|
||||
Requirements_Attributes_Section=attribute.get("Section"),
|
||||
Requirements_Attributes_Profile=attribute.get("Profile"),
|
||||
Requirements_Attributes_AssessmentStatus=attribute.get(
|
||||
"AssessmentStatus"
|
||||
),
|
||||
Requirements_Attributes_Description=attribute.get(
|
||||
"Description"
|
||||
),
|
||||
Requirements_Attributes_RationaleStatement=attribute.get(
|
||||
"RationaleStatement"
|
||||
),
|
||||
Requirements_Attributes_ImpactStatement=attribute.get(
|
||||
"ImpactStatement"
|
||||
),
|
||||
Requirements_Attributes_RemediationProcedure=attribute.get(
|
||||
"RemediationProcedure"
|
||||
),
|
||||
Requirements_Attributes_AuditProcedure=attribute.get(
|
||||
"AuditProcedure"
|
||||
),
|
||||
Requirements_Attributes_AdditionalInformation=attribute.get(
|
||||
"AdditionalInformation"
|
||||
),
|
||||
Requirements_Attributes_References=attribute.get("References"),
|
||||
Status=finding.status,
|
||||
StatusExtended=finding.status_extended,
|
||||
ResourceId=finding.resource_id,
|
||||
CheckId=finding.check_metadata.CheckID,
|
||||
)
|
||||
# Only with the version of CIS that was selected
|
||||
if "cis_" + compliance.Version + "_aws" in str(output_options.output_modes):
|
||||
compliance_output = "cis_" + compliance.Version + "_aws"
|
||||
for requirement in compliance.Requirements:
|
||||
requirement_description = requirement.Description
|
||||
requirement_id = requirement.Id
|
||||
for attribute in requirement.Attributes:
|
||||
compliance_row = Check_Output_CSV_CIS(
|
||||
Provider=finding.check_metadata.Provider,
|
||||
AccountId=audit_info.audited_account,
|
||||
Region=finding.region,
|
||||
AssessmentDate=timestamp.isoformat(),
|
||||
Requirements_Id=requirement_id,
|
||||
Requirements_Description=requirement_description,
|
||||
Requirements_Attributes_Section=attribute.get("Section"),
|
||||
Requirements_Attributes_Profile=attribute.get("Profile"),
|
||||
Requirements_Attributes_AssessmentStatus=attribute.get(
|
||||
"AssessmentStatus"
|
||||
),
|
||||
Requirements_Attributes_Description=attribute.get(
|
||||
"Description"
|
||||
),
|
||||
Requirements_Attributes_RationaleStatement=attribute.get(
|
||||
"RationaleStatement"
|
||||
),
|
||||
Requirements_Attributes_ImpactStatement=attribute.get(
|
||||
"ImpactStatement"
|
||||
),
|
||||
Requirements_Attributes_RemediationProcedure=attribute.get(
|
||||
"RemediationProcedure"
|
||||
),
|
||||
Requirements_Attributes_AuditProcedure=attribute.get(
|
||||
"AuditProcedure"
|
||||
),
|
||||
Requirements_Attributes_AdditionalInformation=attribute.get(
|
||||
"AdditionalInformation"
|
||||
),
|
||||
Requirements_Attributes_References=attribute.get(
|
||||
"References"
|
||||
),
|
||||
Status=finding.status,
|
||||
StatusExtended=finding.status_extended,
|
||||
ResourceId=finding.resource_id,
|
||||
CheckId=finding.check_metadata.CheckID,
|
||||
)
|
||||
|
||||
csv_header = generate_csv_fields(Check_Output_CSV_CIS)
|
||||
csv_header = generate_csv_fields(Check_Output_CSV_CIS)
|
||||
|
||||
if compliance_row:
|
||||
csv_writer = DictWriter(
|
||||
file_descriptors[output_options.output_modes[-1]],
|
||||
file_descriptors[compliance_output],
|
||||
fieldnames=csv_header,
|
||||
delimiter=";",
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user