feat(IaC): PoC for IaC Security Scanner (#7852)

Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
This commit is contained in:
Sergio Garcia
2025-06-17 23:23:25 +08:00
committed by GitHub
parent 644cdc81b9
commit c4bd9122d4
172 changed files with 2665 additions and 856 deletions
+5
View File
@@ -27,6 +27,11 @@ provider/github:
- any-glob-to-any-file: "prowler/providers/github/**"
- any-glob-to-any-file: "tests/providers/github/**"
provider/iac:
- changed-files:
- any-glob-to-any-file: "prowler/providers/iac/**"
- any-glob-to-any-file: "tests/providers/iac/**"
github_actions:
- changed-files:
- any-glob-to-any-file: ".github/workflows/*"
+15
View File
@@ -212,6 +212,21 @@ jobs:
run: |
poetry run pytest -n auto --cov=./prowler/providers/m365 --cov-report=xml:m365_coverage.xml tests/providers/m365
# Test IaC
- name: IaC - Check if any file has changed
id: iac-changed-files
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
with:
files: |
./prowler/providers/iac/**
./tests/providers/iac/**
.poetry.lock
- name: IaC - Test
if: steps.iac-changed-files.outputs.any_changed == 'true'
run: |
poetry run pytest -n auto --cov=./prowler/providers/iac --cov-report=xml:iac_coverage.xml tests/providers/iac
# Common Tests
- name: Lib - Test
if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
+1 -1
View File
@@ -115,7 +115,7 @@ repos:
- id: safety
name: safety
description: "Safety is a tool that checks your installed dependencies for known security vulnerabilities"
entry: bash -c 'safety check --ignore 70612,66963,74429'
entry: bash -c 'safety check --ignore 70612,66963,74429,76352,76353'
language: system
- id: vulture
Generated
+1152 -145
View File
File diff suppressed because it is too large Load Diff
+3 -2
View File
@@ -27,8 +27,9 @@ All notable changes to the **Prowler SDK** are documented in this file.
- `storage_ensure_file_shares_soft_delete_is_enabled` check for Azure provider [(#7966)](https://github.com/prowler-cloud/prowler/pull/7966)
- Make `validate_mutelist` method static inside `Mutelist` class [(#7811)](https://github.com/prowler-cloud/prowler/pull/7811)
- Avoid bypassing IAM check using wildcards [(#7708)](https://github.com/prowler-cloud/prowler/pull/7708)
- Add new method to authenticate in AppInsights in check `app_function_application_insights_enabled` [(#7763)](https://github.com/prowler-cloud/prowler/pull/7763)
- Add ISO 27001 2022 for M365 provider. [(#7985)](https://github.com/prowler-cloud/prowler/pull/7985)
- New method to authenticate in AppInsights in check `app_function_application_insights_enabled` [(#7763)](https://github.com/prowler-cloud/prowler/pull/7763)
- ISO 27001 2022 for M365 provider. [(#7985)](https://github.com/prowler-cloud/prowler/pull/7985)
- IaC provider [(#7852)](https://github.com/prowler-cloud/prowler/pull/7852)
---
## [v5.7.5] (Prowler UNRELEASED)
+49 -35
View File
@@ -99,6 +99,7 @@ from prowler.providers.common.provider import Provider
from prowler.providers.common.quick_inventory import run_provider_quick_inventory
from prowler.providers.gcp.models import GCPOutputOptions
from prowler.providers.github.models import GithubOutputOptions
from prowler.providers.iac.models import IACOutputOptions
from prowler.providers.kubernetes.models import KubernetesOutputOptions
from prowler.providers.m365.models import M365OutputOptions
from prowler.providers.nhn.models import NHNOutputOptions
@@ -176,11 +177,13 @@ def prowler():
# Load compliance frameworks
logger.debug("Loading compliance frameworks from .json files")
bulk_compliance_frameworks = Compliance.get_bulk(provider)
# Complete checks metadata with the compliance framework specification
bulk_checks_metadata = update_checks_metadata_with_compliance(
bulk_compliance_frameworks, bulk_checks_metadata
)
# Skip compliance frameworks for IAC provider
if provider != "iac":
bulk_compliance_frameworks = Compliance.get_bulk(provider)
# Complete checks metadata with the compliance framework specification
bulk_checks_metadata = update_checks_metadata_with_compliance(
bulk_compliance_frameworks, bulk_checks_metadata
)
# Update checks metadata if the --custom-checks-metadata-file is present
custom_checks_metadata = None
@@ -232,39 +235,45 @@ def prowler():
if not args.only_logs:
global_provider.print_credentials()
# Import custom checks from folder
if checks_folder:
custom_checks = parse_checks_from_folder(global_provider, checks_folder)
# Workaround to be able to execute custom checks alongside all checks if nothing is explicitly set
if (
not checks_file
and not checks
and not services
and not severities
and not compliance_framework
and not categories
):
checks_to_execute.update(custom_checks)
# Skip service and check loading for IAC provider
if provider != "iac":
# Import custom checks from folder
if checks_folder:
custom_checks = parse_checks_from_folder(global_provider, checks_folder)
# Workaround to be able to execute custom checks alongside all checks if nothing is explicitly set
if (
not checks_file
and not checks
and not services
and not severities
and not compliance_framework
and not categories
):
checks_to_execute.update(custom_checks)
# Exclude checks if -e/--excluded-checks
if excluded_checks:
checks_to_execute = exclude_checks_to_run(checks_to_execute, excluded_checks)
# Exclude checks if -e/--excluded-checks
if excluded_checks:
checks_to_execute = exclude_checks_to_run(
checks_to_execute, excluded_checks
)
# Exclude services if --excluded-services
if excluded_services:
checks_to_execute = exclude_services_to_run(
checks_to_execute, excluded_services, provider
# Exclude services if --excluded-services
if excluded_services:
checks_to_execute = exclude_services_to_run(
checks_to_execute, excluded_services, provider
)
# Once the provider is set and we have the eventual checks based on the resource identifier,
# it is time to check what Prowler's checks are going to be executed
checks_from_resources = (
global_provider.get_checks_to_execute_by_audit_resources()
)
# Intersect checks from resources with checks to execute so we only run the checks that apply to the resources with the specified ARNs or tags
if getattr(args, "resource_arn", None) or getattr(args, "resource_tag", None):
checks_to_execute = checks_to_execute.intersection(checks_from_resources)
# Once the provider is set and we have the eventual checks based on the resource identifier,
# it is time to check what Prowler's checks are going to be executed
checks_from_resources = global_provider.get_checks_to_execute_by_audit_resources()
# Intersect checks from resources with checks to execute so we only run the checks that apply to the resources with the specified ARNs or tags
if getattr(args, "resource_arn", None) or getattr(args, "resource_tag", None):
checks_to_execute = checks_to_execute.intersection(checks_from_resources)
# Sort final check list
checks_to_execute = sorted(checks_to_execute)
# Sort final check list
checks_to_execute = sorted(checks_to_execute)
# Setup Output Options
if provider == "aws":
@@ -295,6 +304,8 @@ def prowler():
output_options = NHNOutputOptions(
args, bulk_checks_metadata, global_provider.identity
)
elif provider == "iac":
output_options = IACOutputOptions(args, bulk_checks_metadata)
# Run the quick inventory for the provider if available
if hasattr(args, "quick_inventory") and args.quick_inventory:
@@ -304,7 +315,10 @@ def prowler():
# Execute checks
findings = []
if len(checks_to_execute):
if provider == "iac":
# For IAC provider, run the scan directly
findings = global_provider.run()
elif len(checks_to_execute):
findings = execute_checks(
checks_to_execute,
global_provider,
View File
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
+1
View File
@@ -30,6 +30,7 @@ class Provider(str, Enum):
KUBERNETES = "kubernetes"
M365 = "m365"
GITHUB = "github"
IAC = "iac"
NHN = "nhn"
+4
View File
@@ -20,6 +20,10 @@ def load_checks_to_execute(
) -> set:
"""Generate the list of checks to execute based on the cloud provider and the input arguments given"""
try:
# Bypass check loading for IAC provider since it uses Checkov directly
if provider == "iac":
return set()
# Local subsets
checks_to_execute = set()
check_aliases = {}
+22 -18
View File
@@ -3,7 +3,7 @@ import sys
from enum import Enum
from typing import Optional, Union
from pydantic import BaseModel, ValidationError, root_validator
from pydantic.v1 import BaseModel, ValidationError, root_validator
from prowler.lib.check.utils import list_compliance_modules
from prowler.lib.logger import logger
@@ -56,22 +56,26 @@ class ENS_Requirement_Attribute(BaseModel):
class Generic_Compliance_Requirement_Attribute(BaseModel):
"""Generic Compliance Requirement Attribute"""
ItemId: Optional[str]
Section: Optional[str]
SubSection: Optional[str]
SubGroup: Optional[str]
Service: Optional[str]
Type: Optional[str]
ItemId: Optional[str] = None
Section: Optional[str] = None
SubSection: Optional[str] = None
SubGroup: Optional[str] = None
Service: Optional[str] = None
Type: Optional[str] = None
class CIS_Requirement_Attribute_Profile(str):
class CIS_Requirement_Attribute_Profile(str, Enum):
"""CIS Requirement Attribute Profile"""
Level_1 = "Level 1"
Level_2 = "Level 2"
E3_Level_1 = "E3 Level 1"
E3_Level_2 = "E3 Level 2"
E5_Level_1 = "E5 Level 1"
E5_Level_2 = "E5 Level 2"
class CIS_Requirement_Attribute_AssessmentStatus(str):
class CIS_Requirement_Attribute_AssessmentStatus(str, Enum):
"""CIS Requirement Attribute Assessment Status"""
Manual = "Manual"
@@ -83,7 +87,7 @@ class CIS_Requirement_Attribute(BaseModel):
"""CIS Requirement Attribute"""
Section: str
SubSection: Optional[str]
SubSection: Optional[str] = None
Profile: CIS_Requirement_Attribute_Profile
AssessmentStatus: CIS_Requirement_Attribute_AssessmentStatus
Description: str
@@ -92,7 +96,7 @@ class CIS_Requirement_Attribute(BaseModel):
RemediationProcedure: str
AuditProcedure: str
AdditionalInformation: str
DefaultValue: Optional[str]
DefaultValue: Optional[str] = None
References: str
@@ -104,7 +108,7 @@ class AWS_Well_Architected_Requirement_Attribute(BaseModel):
WellArchitectedQuestionId: str
WellArchitectedPracticeId: str
Section: str
SubSection: Optional[str]
SubSection: Optional[str] = None
LevelOfRisk: str
AssessmentMethod: str
Description: str
@@ -177,10 +181,10 @@ class KISA_ISMSP_Requirement_Attribute(BaseModel):
Domain: str
Subdomain: str
Section: str
AuditChecklist: Optional[list[str]]
RelatedRegulations: Optional[list[str]]
AuditEvidence: Optional[list[str]]
NonComplianceCases: Optional[list[str]]
AuditChecklist: Optional[list[str]] = None
RelatedRegulations: Optional[list[str]] = None
AuditEvidence: Optional[list[str]] = None
NonComplianceCases: Optional[list[str]] = None
# Prowler ThreatScore Requirement Attribute
@@ -203,7 +207,7 @@ class Compliance_Requirement(BaseModel):
Id: str
Description: str
Name: Optional[str]
Name: Optional[str] = None
Attributes: list[
Union[
CIS_Requirement_Attribute,
@@ -224,7 +228,7 @@ class Compliance(BaseModel):
Framework: str
Provider: str
Version: Optional[str]
Version: Optional[str] = None
Description: str
Requirements: list[
Union[
+26 -3
View File
@@ -5,9 +5,9 @@ import sys
from abc import ABC, abstractmethod
from dataclasses import asdict, dataclass, is_dataclass
from enum import Enum
from typing import Any, Dict, Set
from typing import Any, Dict, Optional, Set
from pydantic import BaseModel, ValidationError, validator
from pydantic.v1 import BaseModel, ValidationError, validator
from prowler.config.config import Provider
from prowler.lib.check.compliance_models import Compliance
@@ -119,7 +119,7 @@ class CheckMetadata(BaseModel):
Notes: str
# We set the compliance to None to
# store the compliance later if supplied
Compliance: list = None
Compliance: Optional[list[Any]] = []
@validator("Categories", each_item=True, pre=True, always=True)
def valid_category(value):
@@ -614,6 +614,29 @@ class CheckReportM365(Check_Report):
self.location = resource_location
@dataclass
class CheckReportIAC(Check_Report):
"""Contains the IAC Check's finding information using Checkov."""
resource_name: str
resource_path: str
resource_line_range: str
def __init__(self, metadata: dict = {}, finding: dict = {}) -> None:
"""
Initialize the IAC Check's finding information from a Checkov failed_check dict.
Args:
metadata (Dict): Optional check metadata (can be None).
failed_check (dict): A single failed_check result from Checkov's JSON output.
"""
super().__init__(metadata, finding)
self.resource_name = getattr(finding, "resource", "")
self.resource_path = getattr(finding, "file_path", "")
self.resource_line_range = getattr(finding, "file_line_range", "")
@dataclass
class CheckReportNHN(Check_Report):
"""Contains the NHN Check's finding information."""
+8
View File
@@ -14,6 +14,10 @@ def recover_checks_from_provider(
Returns a list of tuples with the following format (check_name, check_path)
"""
try:
# Bypass check loading for IAC provider since it uses Checkov directly
if provider == "iac":
return []
checks = []
modules = list_modules(provider, service)
for module_name in modules:
@@ -59,6 +63,10 @@ def recover_checks_from_service(service_list: list, provider: str) -> set:
Returns a set of checks from the given services
"""
try:
# Bypass check loading for IAC provider since it uses Checkov directly
if provider == "iac":
return set()
checks = set()
service_list = [
"awslambda" if service == "lambda" else service for service in service_list
+3 -2
View File
@@ -26,16 +26,17 @@ class ProwlerArgumentParser:
self.parser = argparse.ArgumentParser(
prog="prowler",
formatter_class=RawTextHelpFormatter,
usage="prowler [-h] [--version] {aws,azure,gcp,kubernetes,m365,github,nhn,dashboard} ...",
usage="prowler [-h] [--version] {aws,azure,gcp,kubernetes,m365,github,nhn,dashboard,iac} ...",
epilog="""
Available Cloud Providers:
{aws,azure,gcp,kubernetes,m365,nhn}
{aws,azure,gcp,kubernetes,m365,github,iac,nhn}
aws AWS Provider
azure Azure Provider
gcp GCP Provider
kubernetes Kubernetes Provider
m365 Microsoft 365 Provider
github GitHub Provider
iac IaC Provider (Preview)
nhn NHN Provider (Unofficial)
Available components:
+2 -2
View File
@@ -2,7 +2,7 @@ from json import dump
from os import SEEK_SET
from typing import Optional
from pydantic import BaseModel, validator
from pydantic.v1 import BaseModel, validator
from prowler.config.config import prowler_version, timestamp_utc
from prowler.lib.logger import logger
@@ -279,7 +279,7 @@ class Resource(BaseModel):
Id: str
Partition: str
Region: str
Tags: Optional[dict]
Tags: Optional[dict] = None
@validator("Tags", pre=True, always=True)
def tags_cannot_be_empty_dict(tags):
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class AWSWellArchitectedModel(BaseModel):
@@ -19,7 +19,7 @@ class AWSWellArchitectedModel(BaseModel):
Requirements_Attributes_WellArchitectedQuestionId: str
Requirements_Attributes_WellArchitectedPracticeId: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_LevelOfRisk: str
Requirements_Attributes_AssessmentMethod: str
Requirements_Attributes_Description: str
+10 -10
View File
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class AWSCISModel(BaseModel):
@@ -16,7 +16,7 @@ class AWSCISModel(BaseModel):
Requirements_Id: str
Requirements_Description: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_Profile: str
Requirements_Attributes_AssessmentStatus: str
Requirements_Attributes_Description: str
@@ -25,9 +25,9 @@ class AWSCISModel(BaseModel):
Requirements_Attributes_RemediationProcedure: str
Requirements_Attributes_AuditProcedure: str
Requirements_Attributes_AdditionalInformation: str
Requirements_Attributes_DefaultValue: Optional[
str
] # TODO Optional for now since it's not present in the CIS 1.5, 2.0 and 3.0 AWS benchmark
Requirements_Attributes_DefaultValue: Optional[str] = (
None # TODO Optional for now since it's not present in the CIS 1.5, 2.0 and 3.0 AWS benchmark
)
Requirements_Attributes_References: str
Status: str
StatusExtended: str
@@ -50,7 +50,7 @@ class AzureCISModel(BaseModel):
Requirements_Id: str
Requirements_Description: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_Profile: str
Requirements_Attributes_AssessmentStatus: str
Requirements_Attributes_Description: str
@@ -82,7 +82,7 @@ class M365CISModel(BaseModel):
Requirements_Id: str
Requirements_Description: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_Profile: str
Requirements_Attributes_AssessmentStatus: str
Requirements_Attributes_Description: str
@@ -114,7 +114,7 @@ class GCPCISModel(BaseModel):
Requirements_Id: str
Requirements_Description: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_Profile: str
Requirements_Attributes_AssessmentStatus: str
Requirements_Attributes_Description: str
@@ -145,8 +145,8 @@ class KubernetesCISModel(BaseModel):
Requirements_Id: str
Requirements_Description: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_Profile: str
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_Profile: Optional[str] = None
Requirements_Attributes_AssessmentStatus: str
Requirements_Attributes_Description: str
Requirements_Attributes_RationaleStatement: str
+1 -1
View File
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class AWSENSModel(BaseModel):
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class GenericComplianceModel(BaseModel):
@@ -15,11 +15,11 @@ class GenericComplianceModel(BaseModel):
AssessmentDate: str
Requirements_Id: str
Requirements_Description: str
Requirements_Attributes_Section: Optional[str]
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubGroup: Optional[str]
Requirements_Attributes_Service: Optional[str]
Requirements_Attributes_Type: Optional[str]
Requirements_Attributes_Section: Optional[str] = None
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_SubGroup: Optional[str] = None
Requirements_Attributes_Service: Optional[str] = None
Requirements_Attributes_Type: Optional[str] = None
Status: str
StatusExtended: str
ResourceId: str
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class AWSISO27001Model(BaseModel):
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class AWSKISAISMSPModel(BaseModel):
@@ -19,10 +19,10 @@ class AWSKISAISMSPModel(BaseModel):
Requirements_Attributes_Domain: str
Requirements_Attributes_Subdomain: str
Requirements_Attributes_Section: str
Requirements_Attributes_AuditChecklist: Optional[list[str]]
Requirements_Attributes_RelatedRegulations: Optional[list[str]]
Requirements_Attributes_AuditEvidence: Optional[list[str]]
Requirements_Attributes_NonComplianceCases: Optional[list[str]]
Requirements_Attributes_AuditChecklist: Optional[list[str]] = None
Requirements_Attributes_RelatedRegulations: Optional[list[str]] = None
Requirements_Attributes_AuditEvidence: Optional[list[str]] = None
Requirements_Attributes_NonComplianceCases: Optional[list[str]] = None
Status: str
StatusExtended: str
ResourceId: str
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class AWSMitreAttackModel(BaseModel):
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
class ProwlerThreatScoreAWSModel(BaseModel):
@@ -17,7 +17,7 @@ class ProwlerThreatScoreAWSModel(BaseModel):
Requirements_Description: str
Requirements_Attributes_Title: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_AttributeDescription: str
Requirements_Attributes_AdditionalInformation: str
Requirements_Attributes_LevelOfRisk: int
@@ -44,7 +44,7 @@ class ProwlerThreatScoreAzureModel(BaseModel):
Requirements_Description: str
Requirements_Attributes_Title: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_AttributeDescription: str
Requirements_Attributes_AdditionalInformation: str
Requirements_Attributes_LevelOfRisk: int
@@ -71,7 +71,7 @@ class ProwlerThreatScoreGCPModel(BaseModel):
Requirements_Description: str
Requirements_Attributes_Title: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_AttributeDescription: str
Requirements_Attributes_AdditionalInformation: str
Requirements_Attributes_LevelOfRisk: int
@@ -98,7 +98,7 @@ class ProwlerThreatScoreM365Model(BaseModel):
Requirements_Description: str
Requirements_Attributes_Title: str
Requirements_Attributes_Section: str
Requirements_Attributes_SubSection: Optional[str]
Requirements_Attributes_SubSection: Optional[str] = None
Requirements_Attributes_AttributeDescription: str
Requirements_Attributes_AdditionalInformation: str
Requirements_Attributes_LevelOfRisk: int
+15 -3
View File
@@ -3,7 +3,7 @@ from datetime import datetime
from types import SimpleNamespace
from typing import Optional, Union
from pydantic import BaseModel, Field, ValidationError
from pydantic.v1 import BaseModel, Field, ValidationError
from prowler.config.config import prowler_version
from prowler.lib.check.models import (
@@ -38,7 +38,7 @@ class Finding(BaseModel):
account_organization_uid: Optional[str] = None
account_organization_name: Optional[str] = None
metadata: CheckMetadata
account_tags: dict = {}
account_tags: dict = Field(default_factory=dict)
uid: str
status: Status
status_extended: str
@@ -50,7 +50,7 @@ class Finding(BaseModel):
resource_tags: dict = Field(default_factory=dict)
partition: Optional[str] = None
region: str
compliance: dict
compliance: dict = Field(default_factory=dict)
prowler_version: str = prowler_version
raw: dict = Field(default_factory=dict)
@@ -282,6 +282,18 @@ class Finding(BaseModel):
output_data["resource_uid"] = check_output.resource_id
output_data["region"] = check_output.location
elif provider.type == "iac":
output_data["auth_method"] = "local" # Until we support remote repos
output_data["account_uid"] = "iac"
output_data["account_name"] = "iac"
output_data["resource_name"] = check_output.resource["resource"]
output_data["resource_uid"] = check_output.resource["resource"]
output_data["region"] = check_output.resource_path
output_data["resource_line_range"] = check_output.resource_line_range
output_data["framework"] = (
check_output.check_metadata.ServiceName
) # TODO: can we get the framework from the check_output?
# check_output Unique ID
# TODO: move this to a function
# TODO: in Azure, GCP and K8s there are findings without resource_name
+47 -2
View File
@@ -41,7 +41,7 @@ class HTML(Output):
<td>{finding_status}</td>
<td>{finding.metadata.Severity.value}</td>
<td>{finding.metadata.ServiceName}</td>
<td>{finding.region.lower()}</td>
<td>{":".join([finding.resource_metadata['file_path'], "-".join(map(str, finding.resource_metadata['file_line_range']))]) if finding.metadata.Provider == "iac" else finding.region.lower()}</td>
<td>{finding.metadata.CheckID.replace("_", "<wbr />_")}</td>
<td>{finding.metadata.CheckTitle}</td>
<td>{finding.resource_uid.replace("<", "&lt;").replace(">", "&gt;").replace("_", "<wbr />_")}</td>
@@ -204,7 +204,7 @@ class HTML(Output):
<th scope="col">Status</th>
<th scope="col">Severity</th>
<th scope="col">Service Name</th>
<th scope="col">Region</th>
<th scope="col">{"File" if provider.type == "iac" else "Region"}</th>
<th style="width:20%" scope="col">Check ID</th>
<th style="width:20%" scope="col">Check Title</th>
<th scope="col">Resource ID</th>
@@ -689,6 +689,51 @@ class HTML(Output):
)
return ""
@staticmethod
def get_iac_assessment_summary(provider: Provider) -> str:
"""
get_iac_assessment_summary gets the HTML assessment summary for the provider
Args:
provider (Provider): the provider object
Returns:
str: the HTML assessment summary
"""
try:
return f"""
<div class="col-md-2">
<div class="card">
<div class="card-header">
IAC Assessment Summary
</div>
<ul class="list-group
list-group-flush">
<li class="list-group-item">
<b>IAC path:</b> {provider.scan_path}
</li>
</ul>
</div>
</div>
<div class="col-md-4">
<div class="card">
<div class="card-header">
IAC Credentials
</div>
<ul class="list-group
list-group-flush">
<li class="list-group-item">
<b>IAC authentication method:</b> local
</li>
</ul>
</div>
</div>"""
except Exception as error:
logger.error(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}] -- {error}"
)
return ""
@staticmethod
def get_assessment_summary(provider: Provider) -> str:
"""
+2 -2
View File
@@ -3,9 +3,9 @@ from datetime import datetime
from typing import List
from py_ocsf_models.events.base_event import SeverityID, StatusID
from py_ocsf_models.events.findings.detection_finding import DetectionFinding
from py_ocsf_models.events.findings.detection_finding import (
TypeID as DetectionFindingTypeID,
DetectionFinding,
DetectionFindingTypeID,
)
from py_ocsf_models.events.findings.finding import ActivityID, FindingInformation
from py_ocsf_models.objects.account import Account, TypeID
+3
View File
@@ -54,6 +54,9 @@ def display_summary_table(
elif provider.type == "nhn":
entity_type = "Tenant Domain"
audited_entities = provider.identity.tenant_domain
elif provider.type == "iac":
entity_type = "Directory"
audited_entities = provider.scan_path
# Check if there are findings and that they are not all MANUAL
if findings and not all(finding.status == "MANUAL" for finding in findings):
+2 -2
View File
@@ -1,7 +1,7 @@
import os
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.providers.aws.exceptions.exceptions import AWSIAMRoleARNMissingFieldsError
@@ -10,7 +10,7 @@ class ARN(BaseModel):
arn: str
partition: str
service: str
region: Optional[str] # In IAM ARN's do not have region
region: Optional[str] = None # In IAM ARN's do not have region
account_id: str
resource: str
resource_type: str
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ from typing import Optional
from venv import logger
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.providers.aws.lib.service.service import AWSService
@@ -101,6 +101,6 @@ class Account(AWSService):
class Contact(BaseModel):
type: str
email: Optional[str]
name: Optional[str]
phone_number: Optional[str]
email: Optional[str] = None
name: Optional[str] = None
phone_number: Optional[str] = None
@@ -1,7 +1,7 @@
from datetime import datetime
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -111,5 +111,5 @@ class Certificate(BaseModel):
tags: Optional[list] = []
expiration_days: int
in_use: bool
transparency_logging: Optional[bool]
transparency_logging: Optional[bool] = None
region: str
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -224,11 +224,11 @@ class Stage(BaseModel):
arn: str
logging: bool
client_certificate: bool
waf: Optional[str]
waf: Optional[str] = None
tags: Optional[list] = []
tracing_enabled: Optional[bool]
cache_enabled: Optional[bool]
cache_data_encrypted: Optional[bool]
tracing_enabled: Optional[bool] = None
cache_enabled: Optional[bool] = None
cache_data_encrypted: Optional[bool] = None
class PathResourceMethods(BaseModel):
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -7,7 +7,7 @@ from typing import Any, Optional
import requests
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -196,12 +196,12 @@ class Function(BaseModel):
name: str
arn: str
security_groups: list
runtime: Optional[str]
runtime: Optional[str] = None
environment: dict = None
region: str
policy: dict = None
policy: dict = {}
code: LambdaCode = None
url_config: URLConfig = None
vpc_id: Optional[str]
subnet_ids: Optional[set]
vpc_id: Optional[str] = None
subnet_ids: Optional[set] = None
tags: Optional[list] = []
@@ -2,7 +2,7 @@ from datetime import datetime
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -227,7 +227,7 @@ class BackupVault(BaseModel):
locked: bool
min_retention_days: int = None
max_retention_days: int = None
tags: Optional[list]
tags: Optional[list] = None
class BackupPlan(BaseModel):
@@ -236,17 +236,17 @@ class BackupPlan(BaseModel):
region: str
name: str
version_id: str
last_execution_date: Optional[datetime]
last_execution_date: Optional[datetime] = None
advanced_settings: list
tags: Optional[list]
tags: Optional[list] = None
class BackupReportPlan(BaseModel):
arn: str
region: str
name: str
last_attempted_execution_date: Optional[datetime]
last_successful_execution_date: Optional[datetime]
last_attempted_execution_date: Optional[datetime] = None
last_successful_execution_date: Optional[datetime] = None
class RecoveryPoint(BaseModel):
@@ -256,4 +256,4 @@ class RecoveryPoint(BaseModel):
backup_vault_name: str
encrypted: bool
backup_vault_region: str
tags: Optional[list]
tags: Optional[list] = None
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -116,7 +116,7 @@ class Guardrail(BaseModel):
region: str
tags: Optional[list] = []
sensitive_information_filter: bool = False
prompt_attack_filter_strength: Optional[str]
prompt_attack_filter_strength: Optional[str] = None
class BedrockAgent(AWSService):
@@ -169,6 +169,6 @@ class Agent(BaseModel):
id: str
name: str
arn: str
guardrail_id: Optional[str]
guardrail_id: Optional[str] = None
region: str
tags: Optional[list] = []
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from enum import Enum
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -186,7 +186,7 @@ class SSLSupportMethod(Enum):
class DefaultCacheConfigBehaviour(BaseModel):
realtime_log_config_arn: Optional[str]
realtime_log_config_arn: Optional[str] = None
viewer_protocol_policy: ViewerProtocolPolicy
field_level_encryption_id: str
@@ -196,8 +196,8 @@ class Origin(BaseModel):
domain_name: str
origin_protocol_policy: str
origin_ssl_protocols: list[str]
origin_access_control: Optional[str]
s3_origin_config: Optional[dict]
origin_access_control: Optional[str] = None
s3_origin_config: Optional[dict] = None
class Distribution(BaseModel):
@@ -207,14 +207,14 @@ class Distribution(BaseModel):
id: str
region: str
logging_enabled: bool = False
default_cache_config: Optional[DefaultCacheConfigBehaviour]
geo_restriction_type: Optional[GeoRestrictionType]
default_cache_config: Optional[DefaultCacheConfigBehaviour] = None
geo_restriction_type: Optional[GeoRestrictionType] = None
origins: list[Origin]
web_acl_id: str = ""
default_certificate: Optional[bool]
default_root_object: Optional[str]
viewer_protocol_policy: Optional[str]
default_certificate: Optional[bool] = None
default_root_object: Optional[str] = None
viewer_protocol_policy: Optional[str] = None
tags: Optional[list] = []
origin_failover: Optional[bool]
ssl_support_method: Optional[SSLSupportMethod]
certificate: Optional[str]
origin_failover: Optional[bool] = None
ssl_support_method: Optional[SSLSupportMethod] = None
certificate: Optional[str] = None
@@ -2,7 +2,7 @@ from datetime import datetime, timedelta
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -3,7 +3,7 @@ from datetime import datetime, timezone
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -278,8 +278,8 @@ class Logs(AWSService):
class MetricAlarm(BaseModel):
arn: str
name: str
metric: Optional[str]
name_space: Optional[str]
metric: Optional[str] = None
name_space: Optional[str] = None
region: str
tags: Optional[list] = []
alarm_actions: list
@@ -310,7 +310,7 @@ class MetricFilter(BaseModel):
name: str
metric: str
pattern: str
log_group: Optional[LogGroup]
log_group: Optional[LogGroup] = None
region: str
@@ -2,7 +2,7 @@ from enum import Enum
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -246,7 +246,7 @@ class Package(BaseModel):
"""Details of a package"""
name: str
namespace: Optional[str]
namespace: Optional[str] = None
format: str
origin_configuration: OriginConfiguration
latest_version: LatestPackageVersion
@@ -1,7 +1,7 @@
import datetime
from typing import List, Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -211,15 +211,15 @@ class Project(BaseModel):
name: str
arn: str
region: str
last_build: Optional[Build]
last_invoked_time: Optional[datetime.datetime]
buildspec: Optional[str]
source: Optional[Source]
last_build: Optional[Build] = None
last_invoked_time: Optional[datetime.datetime] = None
buildspec: Optional[str] = None
source: Optional[Source] = None
secondary_sources: Optional[list[Source]] = []
environment_variables: Optional[List[EnvironmentVariable]]
s3_logs: Optional[s3Logs]
cloudwatch_logs: Optional[CloudWatchLogs]
tags: Optional[list]
environment_variables: Optional[List[EnvironmentVariable]] = []
s3_logs: Optional[s3Logs] = None
cloudwatch_logs: Optional[CloudWatchLogs] = None
tags: Optional[list] = []
class ExportConfig(BaseModel):
@@ -233,6 +233,6 @@ class ReportGroup(BaseModel):
arn: str
name: str
region: str
status: Optional[str]
export_config: Optional[ExportConfig]
tags: Optional[list]
status: Optional[str] = None
export_config: Optional[ExportConfig] = None
tags: Optional[list] = []
@@ -1,7 +1,7 @@
from datetime import datetime
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from typing import Dict, List, Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -3,7 +3,7 @@ from enum import Enum
from typing import Optional, Union
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.providers.aws.lib.service.service import AWSService
@@ -1,7 +1,7 @@
import json
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,5 +1,5 @@
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -3,7 +3,7 @@ from ipaddress import IPv4Address, IPv6Address, ip_address
from typing import Optional, Union
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -3,7 +3,7 @@ from json import loads
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from re import sub
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from typing import Dict, Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ from enum import Enum
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from typing import Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ from enum import Enum
from typing import Dict, List, Optional
from botocore.client import ClientError
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,5 +1,5 @@
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from typing import Dict, List, Optional
from botocore.exceptions import ClientError
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -3,7 +3,7 @@ from datetime import datetime
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.config.config import encoding_format_utf_8
from prowler.lib.logger import logger
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.providers.aws.lib.service.service import AWSService
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from enum import Enum
from typing import Dict, List, Optional
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
import json
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Dict, List
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.providers.aws.lib.service.service import AWSService
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from enum import Enum
from typing import Dict, List
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from enum import Enum
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from json import JSONDecodeError, loads
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ from datetime import datetime
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,5 +1,5 @@
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from typing import Dict, List, Optional
from botocore.client import ClientError
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -2,7 +2,7 @@ import json
from datetime import datetime, timezone
from typing import Dict, List, Optional
from pydantic import BaseModel, Field
from pydantic.v1 import BaseModel, Field
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from typing import Optional
from botocore.client import ClientError
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,6 +1,6 @@
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,7 +1,7 @@
from json import loads
from typing import Optional
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
@@ -1,4 +1,4 @@
from pydantic import BaseModel
from pydantic.v1 import BaseModel
from prowler.lib.logger import logger
from prowler.providers.aws.lib.service.service import AWSService

Some files were not shown because too many files have changed in this diff Show More