mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 14:55:00 +00:00
feat(defender service): retrieving key dicts with get (#2129)
This commit is contained in:
Nacho Rivera
6
poetry.lock
generated
6
poetry.lock
generated
@@ -914,14 +914,14 @@ uritemplate = ">=3.0.1,<5"
|
||||
|
||||
[[package]]
|
||||
name = "google-auth"
|
||||
version = "2.16.2"
|
||||
version = "2.16.3"
|
||||
description = "Google Authentication Library"
|
||||
category = "main"
|
||||
optional = false
|
||||
python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*"
|
||||
files = [
|
||||
{file = "google-auth-2.16.2.tar.gz", hash = "sha256:07e14f34ec288e3f33e00e2e3cc40c8942aa5d4ceac06256a28cd8e786591420"},
|
||||
{file = "google_auth-2.16.2-py2.py3-none-any.whl", hash = "sha256:2fef3cf94876d1a0e204afece58bb4d83fb57228aaa366c64045039fda6770a2"},
|
||||
{file = "google-auth-2.16.3.tar.gz", hash = "sha256:611779ce33a3aee265b94b74d4bb8c188f33010f5814761250a0ebbde94cc745"},
|
||||
{file = "google_auth-2.16.3-py2.py3-none-any.whl", hash = "sha256:4dfcfd8ecd1cf03ddc97fddfb3b1f2973ea4f3f664aa0d8cfaf582ef9f0c60e7"},
|
||||
]
|
||||
|
||||
[package.dependencies]
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_app_services_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan App Services"
|
||||
report.resource_id = pricings["AppServices"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["AppServices"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "AppServices" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan App Services"
|
||||
report.resource_id = pricings["AppServices"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["AppServices"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_arm_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["Arm"].resource_id
|
||||
report.resource_name = "Defender planARM"
|
||||
report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["Arm"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "Arm" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["Arm"].resource_id
|
||||
report.resource_name = "Defender planARM"
|
||||
report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["Arm"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_azure_sql_databases_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["SqlServers"].resource_id
|
||||
report.resource_name = "Defender plan Azure sql db servers"
|
||||
report.status_extended = f"Defender plan Defender for Azure sql db servers from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["SqlServers"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Azure sql db servers from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "SqlServers" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["SqlServers"].resource_id
|
||||
report.resource_name = "Defender plan Azure sql db servers"
|
||||
report.status_extended = f"Defender plan Defender for Azure sql db servers from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["SqlServers"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Azure sql db servers from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_containers_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["Containers"].resource_id
|
||||
report.resource_name = "Defender plan Container Registries"
|
||||
report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["Containers"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "Containers" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["Containers"].resource_id
|
||||
report.resource_name = "Defender plan Container Registries"
|
||||
report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["Containers"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_cosmosdb_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["CosmosDbs"].resource_id
|
||||
report.resource_name = "Defender plan Cosmos DB"
|
||||
report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["CosmosDbs"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "CosmosDbs" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["CosmosDbs"].resource_id
|
||||
report.resource_name = "Defender plan Cosmos DB"
|
||||
report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["CosmosDbs"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,19 +6,26 @@ class defender_ensure_defender_for_databases_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.resource_name = "Defender plan Databases"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["SqlServers"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if (
|
||||
pricings["SqlServers"].pricing_tier != "Standard"
|
||||
or pricings["SqlServerVirtualMachines"].pricing_tier != "Standard"
|
||||
or pricings["OpenSourceRelationalDatabases"].pricing_tier != "Standard"
|
||||
or pricings["CosmosDbs"].pricing_tier != "Standard"
|
||||
"SqlServers" in pricings
|
||||
and "SqlServerVirtualMachines" in pricings
|
||||
and "OpenSourceRelationalDatabases" in pricings
|
||||
and "CosmosDbs" in pricings
|
||||
):
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.resource_name = "Defender plan Databases"
|
||||
report.subscription = subscription
|
||||
report.resource_id = pricings["SqlServers"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if (
|
||||
pricings["SqlServers"].pricing_tier != "Standard"
|
||||
or pricings["SqlServerVirtualMachines"].pricing_tier != "Standard"
|
||||
or pricings["OpenSourceRelationalDatabases"].pricing_tier
|
||||
!= "Standard"
|
||||
or pricings["CosmosDbs"].pricing_tier != "Standard"
|
||||
):
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_dns_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan DNS"
|
||||
report.resource_id = pricings["Dns"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["Dns"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "Dns" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan DNS"
|
||||
report.resource_id = pricings["Dns"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["Dns"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_keyvault_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan KeyVaults"
|
||||
report.resource_id = pricings["KeyVaults"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for KeyVaults from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["KeyVaults"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for KeyVaults subscription from {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "KeyVaults" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan KeyVaults"
|
||||
report.resource_id = pricings["KeyVaults"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for KeyVaults from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["KeyVaults"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for KeyVaults subscription from {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,18 @@ class defender_ensure_defender_for_os_relational_databases_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan Open-Source Relational Databases"
|
||||
report.resource_id = pricings["OpenSourceRelationalDatabases"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["OpenSourceRelationalDatabases"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "OpenSourceRelationalDatabases" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan Open-Source Relational Databases"
|
||||
report.resource_id = pricings[
|
||||
"OpenSourceRelationalDatabases"
|
||||
].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["OpenSourceRelationalDatabases"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_server_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan Servers"
|
||||
report.resource_id = pricings["VirtualMachines"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["VirtualMachines"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "VirtualMachines" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan Servers"
|
||||
report.resource_id = pricings["VirtualMachines"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["VirtualMachines"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_sql_servers_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan SQL Server VMs"
|
||||
report.resource_id = pricings["SqlServerVirtualMachines"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["SqlServerVirtualMachines"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "SqlServerVirtualMachines" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan SQL Server VMs"
|
||||
report.resource_id = pricings["SqlServerVirtualMachines"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["SqlServerVirtualMachines"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
@@ -6,15 +6,16 @@ class defender_ensure_defender_for_storage_is_on(Check):
|
||||
def execute(self) -> Check_Report_Azure:
|
||||
findings = []
|
||||
for subscription, pricings in defender_client.pricings.items():
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan Storage Accounts"
|
||||
report.resource_id = pricings["StorageAccounts"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["StorageAccounts"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
if "StorageAccounts" in pricings:
|
||||
report = Check_Report_Azure(self.metadata())
|
||||
report.status = "PASS"
|
||||
report.subscription = subscription
|
||||
report.resource_name = "Defender plan Storage Accounts"
|
||||
report.resource_id = pricings["StorageAccounts"].resource_id
|
||||
report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to ON (pricing tier standard)"
|
||||
if pricings["StorageAccounts"].pricing_tier != "Standard":
|
||||
report.status = "FAIL"
|
||||
report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to OFF (pricing tier not standard)"
|
||||
|
||||
findings.append(report)
|
||||
findings.append(report)
|
||||
return findings
|
||||
|
||||
Reference in New Issue
Block a user