ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-03-22 03:08:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(sdk): scope scan_id by provider and account (#10184)

Browse Source
This commit is contained in:
Adrián Peña
2026-02-26 19:19:29 +01:00
committed by GitHub
parent 336cbe1844
commit 8ee4a9e3fc
2 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
prowler/lib/outputs/ocsf/ocsf.py
View File

@@ -57,14 +57,16 @@ class OCSF(Output):
if not findings:
return
scan_ids_by_provider = {}
scan_ids_by_provider_account = {}
for finding in findings:
provider = finding.metadata.Provider
if provider not in scan_ids_by_provider:
scan_ids_by_provider[provider] = _uuid7_from_timestamp(
account_uid = finding.account_uid
scan_key = (provider, account_uid)
if scan_key not in scan_ids_by_provider_account:
scan_ids_by_provider_account[scan_key] = _uuid7_from_timestamp(
finding.timestamp
)
scan_id = scan_ids_by_provider[provider]
scan_id = scan_ids_by_provider_account[scan_key]
finding_activity = ActivityID.Create
cloud_account_type = self.get_account_type_id_by_provider(
finding.metadata.Provider

8
tests/lib/outputs/ocsf/ocsf_test.py
View File

@@ -123,11 +123,11 @@ class TestOCSF:
1619600000, tz=timezone.utc
)
def test_scan_id_is_unique_per_provider(self):
def test_scan_id_is_unique_per_provider_and_account(self):
findings = [
generate_finding_output(provider="aws"),
generate_finding_output(provider="azure"),
generate_finding_output(provider="aws"),
generate_finding_output(provider="aws", account_uid="111111111111"),
generate_finding_output(provider="aws", account_uid="222222222222"),
generate_finding_output(provider="aws", account_uid="111111111111"),
]
ocsf = OCSF(findings)