mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-06-10 21:42:29 +00:00
Pedro Martín
96 lines
4.6 KiB
Python
96 lines
4.6 KiB
Python
from prowler.config.config import timestamp
|
|
from prowler.lib.check.compliance_models import Compliance
|
|
from prowler.lib.outputs.compliance.compliance_output import ComplianceOutput
|
|
from prowler.lib.outputs.compliance.csa.models import AzureCSAModel
|
|
from prowler.lib.outputs.finding import Finding
|
|
|
|
|
|
class AzureCSA(ComplianceOutput):
|
|
"""
|
|
This class represents the Azure CSA compliance output.
|
|
|
|
Attributes:
|
|
- _data (list): A list to store transformed data from findings.
|
|
- _file_descriptor (TextIOWrapper): A file descriptor to write data to a file.
|
|
|
|
Methods:
|
|
- transform: Transforms findings into Azure CSA compliance format.
|
|
"""
|
|
|
|
def transform(
|
|
self,
|
|
findings: list[Finding],
|
|
compliance: Compliance,
|
|
compliance_name: str,
|
|
) -> None:
|
|
"""
|
|
Transforms a list of findings into Azure CSA compliance format.
|
|
|
|
Parameters:
|
|
- findings (list): A list of findings.
|
|
- compliance (Compliance): A compliance model.
|
|
- compliance_name (str): The name of the compliance model.
|
|
|
|
Returns:
|
|
- None
|
|
"""
|
|
for finding in findings:
|
|
for requirement in compliance.Requirements:
|
|
# Source of truth: framework JSON, not finding.compliance snapshot (avoids CSV/UI count drift).
|
|
if finding.check_id in requirement.Checks:
|
|
for attribute in requirement.Attributes:
|
|
compliance_row = AzureCSAModel(
|
|
Provider=finding.provider,
|
|
Description=compliance.Description,
|
|
SubscriptionId=finding.account_uid,
|
|
Location=finding.region,
|
|
AssessmentDate=str(timestamp),
|
|
Requirements_Id=requirement.Id,
|
|
Requirements_Description=requirement.Description,
|
|
Requirements_Name=requirement.Name,
|
|
Requirements_Attributes_Section=attribute.Section,
|
|
Requirements_Attributes_CCMLite=attribute.CCMLite,
|
|
Requirements_Attributes_IaaS=attribute.IaaS,
|
|
Requirements_Attributes_PaaS=attribute.PaaS,
|
|
Requirements_Attributes_SaaS=attribute.SaaS,
|
|
Requirements_Attributes_ScopeApplicability=attribute.ScopeApplicability,
|
|
Status=finding.status,
|
|
StatusExtended=finding.status_extended,
|
|
ResourceId=finding.resource_uid,
|
|
ResourceName=finding.resource_name,
|
|
CheckId=finding.check_id,
|
|
Muted=finding.muted,
|
|
Framework=compliance.Framework,
|
|
Name=compliance.Name,
|
|
)
|
|
self._data.append(compliance_row)
|
|
# Add manual requirements to the compliance output
|
|
for requirement in compliance.Requirements:
|
|
if not requirement.Checks:
|
|
for attribute in requirement.Attributes:
|
|
compliance_row = AzureCSAModel(
|
|
Provider=compliance.Provider.lower(),
|
|
Description=compliance.Description,
|
|
SubscriptionId="",
|
|
Location="",
|
|
AssessmentDate=str(timestamp),
|
|
Requirements_Id=requirement.Id,
|
|
Requirements_Description=requirement.Description,
|
|
Requirements_Name=requirement.Name,
|
|
Requirements_Attributes_Section=attribute.Section,
|
|
Requirements_Attributes_CCMLite=attribute.CCMLite,
|
|
Requirements_Attributes_IaaS=attribute.IaaS,
|
|
Requirements_Attributes_PaaS=attribute.PaaS,
|
|
Requirements_Attributes_SaaS=attribute.SaaS,
|
|
Requirements_Attributes_ScopeApplicability=attribute.ScopeApplicability,
|
|
Status="MANUAL",
|
|
StatusExtended="Manual check",
|
|
ResourceId="manual_check",
|
|
ResourceName="Manual check",
|
|
CheckId="manual",
|
|
Muted=False,
|
|
Framework=compliance.Framework,
|
|
Name=compliance.Name,
|
|
)
|
|
self._data.append(compliance_row)
|