feat(compliance): add DORA compliance framework for Azure (#11551)

This commit is contained in:
Pedro Martín
2026-06-18 08:56:04 +02:00
committed by GitHub
parent 5ec4a1cbba
commit c0ae8b9739
15 changed files with 276 additions and 26 deletions
+2 -2
View File
@@ -112,14 +112,14 @@ def get_compliance_frameworks(provider_type: Provider.ProviderChoices) -> list[s
"""List compliance framework identifiers available for `provider_type`.
Includes both per-provider frameworks and universal top-level frameworks
(e.g. ``dora``, ``csa_ccm_4.0``).
(e.g. ``dora_2022_2554``, ``csa_ccm_4.0``).
Args:
provider_type (Provider.ProviderChoices): The cloud provider type
(e.g., "aws", "azure", "gcp", "m365").
Returns:
list[str]: Framework identifiers (e.g., "cis_1.4_aws", "dora").
list[str]: Framework identifiers (e.g., "cis_1.4_aws", "dora_2022_2554").
"""
global AVAILABLE_COMPLIANCE_FRAMEWORKS
if provider_type not in AVAILABLE_COMPLIANCE_FRAMEWORKS:
+2 -2
View File
@@ -1884,7 +1884,7 @@ class ProviderViewSet(DisablePaginationMixin, BaseRLSViewSet):
description=(
"Download a specific compliance report as an OCSF JSON file. "
"Only universal frameworks that declare an output configuration "
"produce this artifact (currently 'dora' and 'csa_ccm_4.0'); any "
"produce this artifact (currently 'dora_2022_2554' and 'csa_ccm_4.0'); any "
"other framework returns 404."
),
parameters=[
@@ -1893,7 +1893,7 @@ class ProviderViewSet(DisablePaginationMixin, BaseRLSViewSet):
type=str,
location=OpenApiParameter.PATH,
required=True,
description="The compliance report name, like 'dora'",
description="The compliance report name, like 'dora_2022_2554'",
),
],
responses={
+2 -2
View File
@@ -560,7 +560,7 @@ def generate_outputs_task(scan_id: str, provider_id: str, tenant_id: str):
# Per-framework exporters in `COMPLIANCE_CLASS_MAP` consume the legacy bulk.
frameworks_bulk = Compliance.get_bulk(provider_type)
# Universal-only frameworks (top-level JSONs like `dora.json`) are emitted
# Universal-only frameworks (top-level JSONs like `dora_2022_2554.json`) are emitted
# via `process_universal_compliance_frameworks` below.
universal_bulk = get_prowler_provider_compliance(provider_type)
universal_only_names = {
@@ -650,7 +650,7 @@ def generate_outputs_task(scan_id: str, provider_id: str, tenant_id: str):
writer.batch_write_data_to_file(**extra)
writer._data.clear()
# Universal-only frameworks (e.g. `dora.json`).
# Universal-only frameworks (e.g. `dora_2022_2554.json`).
if universal_only_names:
process_universal_compliance_frameworks(
input_compliance_frameworks=universal_only_names,