From 28a6b66e42953516c74cc6e83f131440434af5a1 Mon Sep 17 00:00:00 2001 From: cryptoak Date: Thu, 7 Dec 2023 22:59:53 +0530 Subject: [PATCH 01/10] update1 --- ...cted_framework_performance_pillar_aws.json | 102 ++++++++++++++++++ prowler/lib/banner.py | 13 +-- prowler/lib/outputs/file_descriptors.py | 51 +++++++-- 3 files changed, 146 insertions(+), 20 deletions(-) create mode 100644 prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json diff --git a/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json b/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json new file mode 100644 index 00000000000..1482af72858 --- /dev/null +++ b/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json @@ -0,0 +1,102 @@ +{ + "Framework": "AWS-Well-Architected-Framework-Performance-Efficiency-Pillar", + "Version": "", + "Provider": "AWS", + "Description": "Best Practices for the AWS Well-Architected Framework Performance Efficiency Pillar encompass the ability of a workload to use computing resources efficiently and meet requirements. Performance efficiency focuses on the efficient use of cloud resources to meet requirements and avoid unnecessary costs.", + "Requirements": [ + { + "Id": "PERF03-BP02", + "Description": "Optimize the use of computing resources by selecting the right instance types and sizes for your workload. Regularly review and update your choices based on the workload's evolving requirements.", + "Attributes": [ + { + "Name": "PERF03-BP02 Optimize instance types and sizes", + "WellArchitectedQuestionId": "selecting-right-instance-types", + "WellArchitectedPracticeId": "perf_selecting_right_instance_types", + "Section": "Resource optimization", + "SubSection": "Selecting the right instance types", + "LevelOfRisk": "Medium", + "AssessmentMethod": "Manual", + "Description": "Optimize the use of computing resources by selecting the right instance types and sizes for your workload. Regularly review and update your choices based on the workload's evolving requirements.", + "ImplementationGuidanceUrl": "https://docs.aws.amazon.com/wellarchitected/latest/performance-pillar/perf_selecting_right_instance_types.html#implementation-guidance" + } + ], + "Checks": [ + "ec2_instance_optimized", + "lambda_function_memory_size_optimized", + "ecs_task_memory_reservation", + "ecr_image_scan_on_push_enabled", + "batch_compute_environment_optimized" + ] + }, + { + "Id": "PERF07-BP01", + "Description": "Implement efficient data storage practices, including selecting the appropriate storage types, managing lifecycle policies, and using data compression where applicable.", + "Attributes": [ + { + "Name": "PERF07-BP01 Optimize data storage", + "WellArchitectedQuestionId": "storage-efficiency", + "WellArchitectedPracticeId": "perf_storage_efficiency", + "Section": "Resource optimization", + "SubSection": "Storage efficiency", + "LevelOfRisk": "Medium", + "AssessmentMethod": "Manual", + "Description": "Implement efficient data storage practices, including selecting the appropriate storage types, managing lifecycle policies, and using data compression where applicable.", + "ImplementationGuidanceUrl": "https://docs.aws.amazon.com/wellarchitected/latest/performance-pillar/perf_storage_efficiency.html#implementation-guidance" + } + ], + "Checks": [ + "s3_bucket_versioning_enabled", + "s3_bucket_logging_enabled", + "ebs_volume_optimized", + "glacier_vault_notifications_enabled", + "dynamodb_auto_scaling_enabled" + ] + }, + { + "Id": "PERF04-BP03", + "Description": "Design your architecture to scale horizontally, allowing you to distribute incoming traffic and workload demand across multiple resources.", + "Attributes": [ + { + "Name": "PERF04-BP03 Scale horizontally", + "WellArchitectedQuestionId": "horizontal-scalability", + "WellArchitectedPracticeId": "perf_horizontal_scalability", + "Section": "Scalability", + "SubSection": "Scale horizontally", + "LevelOfRisk": "High", + "AssessmentMethod": "Automated", + "Description": "Design your architecture to scale horizontally, allowing you to distribute incoming traffic and workload demand across multiple resources.", + "ImplementationGuidanceUrl": "https://docs.aws.amazon.com/wellarchitected/latest/performance-pillar/perf_horizontal_scalability.html#implementation-guidance" + } + ], + "Checks": [ + "autoscaling_group_min_size", + "autoscaling_group_desired_capacity", + "ecs_service_autoscaling_enabled", + "appmesh_mesh_specified" + ] + }, + { + "Id": "PERF05-BP02", + "Description": "Optimize network performance by using Content Delivery Networks (CDN) and selecting the right AWS network services for your workload.", + "Attributes": [ + { + "Name": "PERF05-BP02 Optimize network performance", + "WellArchitectedQuestionId": "network-performance", + "WellArchitectedPracticeId": "perf_network_performance", + "Section": "Network optimization", + "SubSection": "Optimize network performance", + "LevelOfRisk": "Medium", + "AssessmentMethod": "Manual", + "Description": "Optimize network performance by using Content Delivery Networks (CDN) and selecting the right AWS network services for your workload.", + "ImplementationGuidanceUrl": "https://docs.aws.amazon.com/wellarchitected/latest/performance-pillar/perf_network_performance.html#implementation-guidance" + } + ], + "Checks": [ + "cloudfront_distribution_enabled", + "elasticache_replication_group_automatic_failover_enabled", + "api_gateway_stage_cache_data_encrypted", + "directconnect_connection_logical_redundancy" + ] + } + ] +} diff --git a/prowler/lib/banner.py b/prowler/lib/banner.py index 867bfd663eb..a84d49dc7c5 100644 --- a/prowler/lib/banner.py +++ b/prowler/lib/banner.py @@ -4,15 +4,10 @@ def print_banner(args): - banner = f"""{banner_color} _ - _ __ _ __ _____ _| | ___ _ __ -| '_ \| '__/ _ \ \ /\ / / |/ _ \ '__| -| |_) | | | (_) \ V V /| | __/ | -| .__/|_| \___/ \_/\_/ |_|\___|_|v{prowler_version} -|_|{Fore.BLUE} the handy cloud security tool - -{Fore.YELLOW}Date: {timestamp.strftime("%Y-%m-%d %H:%M:%S")}{Style.RESET_ALL} -""" + banner = f"""{banner_color} + The handy cloud security tool + {Fore.YELLOW}Date: {timestamp.strftime("%Y-%m-%d %H:%M:%S")}{Style.RESET_ALL} + """ print(banner) if args.verbose or args.quiet: diff --git a/prowler/lib/outputs/file_descriptors.py b/prowler/lib/outputs/file_descriptors.py index 9b5def4d224..a3e39a3c6c1 100644 --- a/prowler/lib/outputs/file_descriptors.py +++ b/prowler/lib/outputs/file_descriptors.py @@ -9,9 +9,12 @@ json_file_suffix, json_ocsf_file_suffix, ) + from prowler.lib.logger import logger from prowler.lib.outputs.html import add_html_header from prowler.lib.outputs.models import ( + Aws_Check_Output_CSV, + Azure_Check_Output_CSV, Check_Output_CSV_AWS_CIS, Check_Output_CSV_AWS_ISO27001_2013, Check_Output_CSV_AWS_Well_Architected, @@ -19,18 +22,19 @@ Check_Output_CSV_GCP_CIS, Check_Output_CSV_Generic_Compliance, Check_Output_MITRE_ATTACK, + Gcp_Check_Output_CSV, generate_csv_fields, ) from prowler.lib.utils.utils import file_exists, open_file from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info -from prowler.providers.common.outputs import get_provider_output_model +from prowler.providers.azure.lib.audit_info.models import Azure_Audit_Info from prowler.providers.gcp.lib.audit_info.models import GCP_Audit_Info def initialize_file_descriptor( filename: str, output_mode: str, - audit_info: Any, + audit_info: AWS_Audit_Info, format: Any = None, ) -> TextIOWrapper: """Open/Create the output file. If needed include headers or the required format""" @@ -72,15 +76,27 @@ def fill_file_descriptors(output_modes, output_directory, output_filename, audit for output_mode in output_modes: if output_mode == "csv": filename = f"{output_directory}/{output_filename}{csv_file_suffix}" - output_model = get_provider_output_model( - audit_info.__class__.__name__ - ) - file_descriptor = initialize_file_descriptor( - filename, - output_mode, - audit_info, - output_model, - ) + if isinstance(audit_info, AWS_Audit_Info): + file_descriptor = initialize_file_descriptor( + filename, + output_mode, + audit_info, + Aws_Check_Output_CSV, + ) + if isinstance(audit_info, Azure_Audit_Info): + file_descriptor = initialize_file_descriptor( + filename, + output_mode, + audit_info, + Azure_Check_Output_CSV, + ) + if isinstance(audit_info, GCP_Audit_Info): + file_descriptor = initialize_file_descriptor( + filename, + output_mode, + audit_info, + Gcp_Check_Output_CSV, + ) file_descriptors.update({output_mode: file_descriptor}) elif output_mode == "json": @@ -172,6 +188,19 @@ def fill_file_descriptors(output_modes, output_directory, output_filename, audit ) file_descriptors.update({output_mode: file_descriptor}) + elif ( + output_mode + == "aws_well_architected_framework_performance_pillar_aws" + ): + filename = f"{output_directory}/{output_filename}_aws_well_architected_framework_performance_pillar_aws{csv_file_suffix}" + file_descriptor = initialize_file_descriptor( + filename, + output_mode, + audit_info, + Check_Output_CSV_AWS_Well_Architected, + ) + file_descriptors.update({output_mode: file_descriptor}) + elif output_mode == "iso27001_2013_aws": filename = f"{output_directory}/{output_filename}_iso27001_2013_aws{csv_file_suffix}" file_descriptor = initialize_file_descriptor( From 7c416aa877ad8e5bdc83f0a688fd35d96c8d15d2 Mon Sep 17 00:00:00 2001 From: cryptoak Date: Thu, 7 Dec 2023 23:06:42 +0530 Subject: [PATCH 02/10] update2 --- .../__init__.py | 0 ...caling_group_scaling_enabled.metadata.json | 31 +++++++++++++++++++ .../autoscaling_group_scaling_enabled.py | 30 ++++++++++++++++++ .../__init__.py | 0 ...tion_serverless_architecture.metadata.json | 31 +++++++++++++++++++ ...lambda_function_serverless_architecture.py | 0 .../ec2_instance_type_optimized/__init__.py | 0 .../ec2_instance_type_optimized.py | 0 ...2_instance_type_optimized.py.metadata.json | 0 9 files changed, 92 insertions(+) create mode 100644 prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/__init__.py create mode 100644 prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.metadata.json create mode 100644 prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.py create mode 100644 prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/__init__.py create mode 100644 prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.metadata.json create mode 100644 prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.py create mode 100644 prowler/providers/aws/services/ec2/ec2_instance_type_optimized/__init__.py create mode 100644 prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py create mode 100644 prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json diff --git a/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/__init__.py b/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/__init__.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.metadata.json b/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.metadata.json new file mode 100644 index 00000000000..43cfaf1e127 --- /dev/null +++ b/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.metadata.json @@ -0,0 +1,31 @@ +{ + "Provider": "aws", + "CheckID": "autoscaling_group_scaling_enabled", + "CheckTitle": "Ensure Auto Scaling group has scaling enabled", + "CheckType": ["Service"], + "ServiceName": "autoscaling", + "SubServiceName": "", + "ResourceIdTemplate": "", + "Severity": "medium", + "ResourceType": "Other", + "Description": "Ensure Auto Scaling group has scaling enabled.", + "Risk": "If Auto Scaling group does not have scaling enabled, it may not effectively respond to changes in demand, leading to suboptimal resource utilization.", + "RelatedUrl": "https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scale-based-on-demand.html", + "Remediation": { + "Code": { + "CLI": "aws autoscaling update-auto-scaling-group --auto-scaling-group-name --min-size --max-size --desired-capacity ", + "NativeIaC": "", + "Other": "", + "Terraform": "resource \"aws_autoscaling_group\" \"example\" {\n desired_capacity = \n min_size = \n max_size = \n}" + }, + "Recommendation": { + "Text": "We recommend enabling scaling for Auto Scaling groups to effectively respond to changes in demand.", + "Url": "https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scale-based-on-demand.html" + } + }, + "Categories": ["autoscaling"], + "DependsOn": [], + "RelatedTo": [], + "Notes": "" + } + \ No newline at end of file diff --git a/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.py b/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.py new file mode 100644 index 00000000000..a67379fb905 --- /dev/null +++ b/prowler/providers/aws/services/autoscaling/autoscaling_group_scaling_enabled/autoscaling_group_scaling_enabled.py @@ -0,0 +1,30 @@ +from prowler.lib.check.models import Check, Check_Report_AWS +from prowler.providers.aws.services.autoscaling.autoscaling_client import autoscaling_client + +class autoscaling_group_scaling_enabled(Check): + def execute(self): + findings = [] + + # Fetch the audit configuration value from prowler config.yaml + max_autoscaling_group_size = autoscaling_client.audit_config.get( + "max_autoscaling_group_size", 10 + ) + + for autoscaling_group in autoscaling_client.groups: + report = Check_Report_AWS(self.metadata()) + report.region = autoscaling_group.region + report.resource_id = autoscaling_group.name + report.resource_arn = autoscaling_group.arn + report.resource_tags = autoscaling_group.tags + + report.status = "PASS" + report.status_extended = f"Auto Scaling group {autoscaling_group.name} has scaling enabled." + + # Check if scaling is enabled + if not autoscaling_group.scaling_enabled: + report.status = "FAIL" + report.status_extended = f"Auto Scaling group {autoscaling_group.name} does not have scaling enabled." + + findings.append(report) + + return findings diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/__init__.py b/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/__init__.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.metadata.json b/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.metadata.json new file mode 100644 index 00000000000..2ac97efa4a6 --- /dev/null +++ b/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.metadata.json @@ -0,0 +1,31 @@ +{ + "Provider": "aws", + "CheckID": "awslambda_function_serverless_architecture", + "CheckTitle": "Ensure AWS Lambda functions use serverless architecture", + "CheckType": ["Service"], + "ServiceName": "awslambda", + "SubServiceName": "", + "ResourceIdTemplate": "", + "Severity": "medium", + "ResourceType": "Other", + "Description": "Ensure AWS Lambda functions use serverless architecture.", + "Risk": "Using non-serverless architecture for Lambda functions may require infrastructure provisioning and maintenance, reducing the efficiency of resource usage.", + "RelatedUrl": "https://docs.aws.amazon.com/lambda/latest/dg/serverless_app_arch.html", + "Remediation": { + "Code": { + "CLI": "N/A", + "NativeIaC": "", + "Other": "", + "Terraform": "N/A" + }, + "Recommendation": { + "Text": "We recommend leveraging serverless architecture for AWS Lambda functions to eliminate the need for infrastructure provisioning and maintenance.", + "Url": "https://docs.aws.amazon.com/lambda/latest/dg/serverless_app_arch.html" + } + }, + "Categories": ["compute"], + "DependsOn": [], + "RelatedTo": [], + "Notes": "" + } + \ No newline at end of file diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.py b/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/__init__.py b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/__init__.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json new file mode 100644 index 00000000000..e69de29bb2d From a2a9022c1c77a4ceefd8244e27f81e1cd586349a Mon Sep 17 00:00:00 2001 From: cryptoak Date: Thu, 7 Dec 2023 23:10:35 +0530 Subject: [PATCH 03/10] update3 --- ...cted_framework_performance_pillar_aws.json | 78 +------------------ 1 file changed, 3 insertions(+), 75 deletions(-) diff --git a/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json b/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json index 1482af72858..a2e0cf6e7aa 100644 --- a/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json +++ b/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json @@ -21,81 +21,9 @@ } ], "Checks": [ - "ec2_instance_optimized", - "lambda_function_memory_size_optimized", - "ecs_task_memory_reservation", - "ecr_image_scan_on_push_enabled", - "batch_compute_environment_optimized" - ] - }, - { - "Id": "PERF07-BP01", - "Description": "Implement efficient data storage practices, including selecting the appropriate storage types, managing lifecycle policies, and using data compression where applicable.", - "Attributes": [ - { - "Name": "PERF07-BP01 Optimize data storage", - "WellArchitectedQuestionId": "storage-efficiency", - "WellArchitectedPracticeId": "perf_storage_efficiency", - "Section": "Resource optimization", - "SubSection": "Storage efficiency", - "LevelOfRisk": "Medium", - "AssessmentMethod": "Manual", - "Description": "Implement efficient data storage practices, including selecting the appropriate storage types, managing lifecycle policies, and using data compression where applicable.", - "ImplementationGuidanceUrl": "https://docs.aws.amazon.com/wellarchitected/latest/performance-pillar/perf_storage_efficiency.html#implementation-guidance" - } - ], - "Checks": [ - "s3_bucket_versioning_enabled", - "s3_bucket_logging_enabled", - "ebs_volume_optimized", - "glacier_vault_notifications_enabled", - "dynamodb_auto_scaling_enabled" - ] - }, - { - "Id": "PERF04-BP03", - "Description": "Design your architecture to scale horizontally, allowing you to distribute incoming traffic and workload demand across multiple resources.", - "Attributes": [ - { - "Name": "PERF04-BP03 Scale horizontally", - "WellArchitectedQuestionId": "horizontal-scalability", - "WellArchitectedPracticeId": "perf_horizontal_scalability", - "Section": "Scalability", - "SubSection": "Scale horizontally", - "LevelOfRisk": "High", - "AssessmentMethod": "Automated", - "Description": "Design your architecture to scale horizontally, allowing you to distribute incoming traffic and workload demand across multiple resources.", - "ImplementationGuidanceUrl": "https://docs.aws.amazon.com/wellarchitected/latest/performance-pillar/perf_horizontal_scalability.html#implementation-guidance" - } - ], - "Checks": [ - "autoscaling_group_min_size", - "autoscaling_group_desired_capacity", - "ecs_service_autoscaling_enabled", - "appmesh_mesh_specified" - ] - }, - { - "Id": "PERF05-BP02", - "Description": "Optimize network performance by using Content Delivery Networks (CDN) and selecting the right AWS network services for your workload.", - "Attributes": [ - { - "Name": "PERF05-BP02 Optimize network performance", - "WellArchitectedQuestionId": "network-performance", - "WellArchitectedPracticeId": "perf_network_performance", - "Section": "Network optimization", - "SubSection": "Optimize network performance", - "LevelOfRisk": "Medium", - "AssessmentMethod": "Manual", - "Description": "Optimize network performance by using Content Delivery Networks (CDN) and selecting the right AWS network services for your workload.", - "ImplementationGuidanceUrl": "https://docs.aws.amazon.com/wellarchitected/latest/performance-pillar/perf_network_performance.html#implementation-guidance" - } - ], - "Checks": [ - "cloudfront_distribution_enabled", - "elasticache_replication_group_automatic_failover_enabled", - "api_gateway_stage_cache_data_encrypted", - "directconnect_connection_logical_redundancy" + "ec2_instance_type_optimized", + "autoscaling_group_scaling_enabled", + "awslambda_function_serverless_architecture" ] } ] From be19c79e3c21024cf6e985b92082672681dd85f4 Mon Sep 17 00:00:00 2001 From: cryptoak Date: Mon, 11 Dec 2023 20:15:58 +0530 Subject: [PATCH 04/10] wafr-checks-update-1 --- ...lambda_function_serverless_architecture.py | 28 +++++++++++++++++++ .../ec2_instance_type_optimized.py | 25 +++++++++++++++++ 2 files changed, 53 insertions(+) diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.py b/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.py index e69de29bb2d..666c6b338f9 100644 --- a/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.py +++ b/prowler/providers/aws/services/awslambda/awslambda_function_serverless_architecture/awslambda_function_serverless_architecture.py @@ -0,0 +1,28 @@ +from prowler.lib.check.models import Check, Check_Report_AWS +from prowler.providers.aws.services.awslambda.awslambda_client import awslambda_client # Update with the correct import path + +class awslambda_function_serverless_architecture(Check): + """awslambda_function_serverless_architecture verifies if an AWS Lambda function uses a serverless architecture""" + + def execute(self): + findings = [] + + for lambda_function in awslambda_client.functions: + report = Check_Report_AWS(self.metadata()) + + report.region = lambda_function.region + report.resource_id = lambda_function.name + report.resource_arn = lambda_function.arn + report.resource_tags = lambda_function.tags + + report.status = "PASS" + report.status_extended = f"AWS Lambda function {lambda_function.name} is not using a serverless architecture." + + # Replace the condition with the actual logic to check if the Lambda function uses a serverless architecture + if not lambda_function.serverless_architecture: + report.status = "FAIL" + report.status_extended = f"AWS Lambda function {lambda_function.name} is using a serverless architecture." + + findings.append(report) + + return findings \ No newline at end of file diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py index e69de29bb2d..c344f8c7316 100644 --- a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py +++ b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py @@ -0,0 +1,25 @@ +from prowler.lib.check.models import Check, Check_Report_AWS +from prowler.providers.aws.services.ec2.ec2_client import ec2_client + +class ec2_instance_type_optimized(Check): + def execute(self): + findings = [] + + for instance in ec2_client.instances: + report = Check_Report_AWS(self.metadata()) + report.region = instance.region + report.resource_id = instance.id + report.resource_arn = instance.arn + report.resource_tags = instance.tags + + report.status = "PASS" + report.status_extended = f"EC2 instance {instance.id} is using an optimized instance type." + + # Check if instance type is optimized + if not instance.is_instance_type_optimized: + report.status = "FAIL" + report.status_extended = f"EC2 instance {instance.id} is not using an optimized instance type." + + findings.append(report) + + return findings From 7b1c63fd47b357650b3914aff53168af2ceecc5f Mon Sep 17 00:00:00 2001 From: cryptoak Date: Mon, 11 Dec 2023 22:45:18 +0530 Subject: [PATCH 05/10] wafr-codelogic-metatdata-update-2 --- prowler/lib/banner.py | 15 ++++--- ...tion_not_publicly_accessible.metadata.json | 36 ++++++++-------- ...lambda_function_not_publicly_accessible.py | 43 ++++++------------- .../ec2_instance_type_optimized.py | 14 ++++-- ...2_instance_type_optimized.py.metadata.json | 31 +++++++++++++ 5 files changed, 82 insertions(+), 57 deletions(-) diff --git a/prowler/lib/banner.py b/prowler/lib/banner.py index a84d49dc7c5..7955f8c66d3 100644 --- a/prowler/lib/banner.py +++ b/prowler/lib/banner.py @@ -4,10 +4,15 @@ def print_banner(args): - banner = f"""{banner_color} - The handy cloud security tool - {Fore.YELLOW}Date: {timestamp.strftime("%Y-%m-%d %H:%M:%S")}{Style.RESET_ALL} - """ + banner = f"""{banner_color} _ + _ __ _ __ _____ _| | ___ _ __ +| '_ \| '__/ _ \ \ /\ / / |/ _ \ '__| +| |_) | | | (_) \ V V /| | __/ | +| .__/|_| \___/ \_/\_/ |_|\___|_|v{prowler_version} +|_|{Fore.BLUE} the handy cloud security tool + +{Fore.YELLOW}Date: {timestamp.strftime("%Y-%m-%d %H:%M:%S")}{Style.RESET_ALL} +""" print(banner) if args.verbose or args.quiet: @@ -19,4 +24,4 @@ def print_banner(args): - {orange_color}WARNING (Ignored by allowlist){Style.RESET_ALL} - {Fore.RED}FAIL (Fix required){Style.RESET_ALL} """ - ) + ) \ No newline at end of file diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json index cdc5176105c..af6a29daf34 100644 --- a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json +++ b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json @@ -1,32 +1,30 @@ { "Provider": "aws", - "CheckID": "awslambda_function_not_publicly_accessible", - "CheckTitle": "Check if Lambda functions have resource-based policy set as Public.", - "CheckType": [], + "CheckID": "awslambda_function_serverless_architecture", + "CheckTitle": "Ensure AWS Lambda function uses a serverless architecture", + "CheckType": ["Serverless Architecture"], "ServiceName": "lambda", "SubServiceName": "", - "ResourceIdTemplate": "arn:partition:lambda:region:account-id:function/function-name", - "Severity": "critical", - "ResourceType": "AwsLambdaFunction", - "Description": "Check if Lambda functions have resource-based policy set as Public.", - "Risk": "Publicly accessible services could expose sensitive data to bad actors.", - "RelatedUrl": "https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html", + "ResourceIdTemplate": "arn:aws:lambda:{region}:{account-id}:function:{function-name}", + "Severity": "medium", + "ResourceType": "AWS::Lambda::Function", + "Description": "Verify if an AWS Lambda function uses a serverless architecture by checking if it is part of an AWS SAM deployment.", + "Risk": "AWS SAM deployments are often associated with serverless architectures. A Lambda function that is part of an AWS SAM deployment is considered to be using a serverless architecture.", + "RelatedUrl": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html", "Remediation": { "Code": { - "CLI": "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/Lambda/function-exposed.html", - "NativeIaC": "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/Lambda/function-exposed.html", - "Other": "", - "Terraform": "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/Lambda/function-exposed.html" + "CLI": "N/A", + "NativeIaC": "N/A", + "Other": "N/A", + "Terraform": "N/A" }, "Recommendation": { - "Text": "Grant usage permission on a per-resource basis and applying least privilege principle.", - "Url": "https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html" + "Text": "Consider reviewing the AWS SAM documentation to understand the characteristics of serverless architectures. Ensure that your Lambda functions align with your architectural principles.", + "Url": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html" } }, - "Categories": [ - "internet-exposed" - ], + "Categories": ["serverless-architecture"], "DependsOn": [], "RelatedTo": [], - "Notes": "" + "Notes": "This check determines if an AWS Lambda function is using a serverless architecture based on whether it is part of an AWS SAM deployment." } diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py index a39b8576443..fbe3ae4383a 100644 --- a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py +++ b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py @@ -1,42 +1,27 @@ from prowler.lib.check.models import Check, Check_Report_AWS from prowler.providers.aws.services.awslambda.awslambda_client import awslambda_client +class awslambda_function_serverless_architecture(Check): + """awslambda_function_serverless_architecture verifies if an AWS Lambda function uses a serverless architecture""" -class awslambda_function_not_publicly_accessible(Check): def execute(self): findings = [] - for function in awslambda_client.functions.values(): + + for lambda_function in awslambda_client.functions: report = Check_Report_AWS(self.metadata()) - report.region = function.region - report.resource_id = function.name - report.resource_arn = function.arn - report.resource_tags = function.tags + + report.region = lambda_function.region + report.resource_id = lambda_function.name + report.resource_arn = lambda_function.arn + report.resource_tags = lambda_function.tags report.status = "PASS" - report.status_extended = f"Lambda function {function.name} has a policy resource-based policy not public." - - public_access = False - if function.policy: - for statement in function.policy["Statement"]: - # Only check allow statements - if statement["Effect"] == "Allow": - if ( - "*" in statement["Principal"] - or ( - "AWS" in statement["Principal"] - and "*" in statement["Principal"]["AWS"] - ) - or ( - "CanonicalUser" in statement["Principal"] - and "*" in statement["Principal"]["CanonicalUser"] - ) - ): - public_access = True - break - - if public_access: + report.status_extended = f"AWS Lambda function {lambda_function.name} is not using a serverless architecture." + + # Check if the Lambda function is part of an AWS SAM deployment + if "AWS::Serverless" in lambda_function.resource_type: report.status = "FAIL" - report.status_extended = f"Lambda function {function.name} has a policy resource-based policy with public access." + report.status_extended = f"AWS Lambda function {lambda_function.name} is using a serverless architecture." findings.append(report) diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py index c344f8c7316..ef16f5b96ad 100644 --- a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py +++ b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py @@ -5,6 +5,9 @@ class ec2_instance_type_optimized(Check): def execute(self): findings = [] + # List of optimized instance types (modify as needed) + optimized_instance_types = ["t3.micro", "t3.small", "t3.medium"] + for instance in ec2_client.instances: report = Check_Report_AWS(self.metadata()) report.region = instance.region @@ -15,11 +18,14 @@ def execute(self): report.status = "PASS" report.status_extended = f"EC2 instance {instance.id} is using an optimized instance type." - # Check if instance type is optimized - if not instance.is_instance_type_optimized: + # Get the instance type + instance_type = instance.instance_type + + # Check if the instance type is in the list of optimized instance types + if instance_type not in optimized_instance_types: report.status = "FAIL" - report.status_extended = f"EC2 instance {instance.id} is not using an optimized instance type." + report.status_extended = f"EC2 instance {instance.id} is not using an optimized instance type. Current type: {instance_type}" findings.append(report) - return findings + return findings \ No newline at end of file diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json index e69de29bb2d..0ef7da667de 100644 --- a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json +++ b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json @@ -0,0 +1,31 @@ +{ + "Provider": "aws", + "CheckID": "ec2_instance_type_optimized", + "CheckTitle": "Ensure EC2 instances are of the optimized type", + "CheckType": ["Service"], + "ServiceName": "ec2", + "SubServiceName": "", + "ResourceIdTemplate": "", + "Severity": "high", + "ResourceType": "Other", + "Description": "Ensure EC2 instances are of the optimized type.", + "Risk": "Using non-optimized EC2 instance types may result in suboptimal performance and increased costs.", + "RelatedUrl": "https://aws.amazon.com/ec2/instance-types/", + "Remediation": { + "Code": { + "CLI": "N/A", + "NativeIaC": "", + "Other": "", + "Terraform": "N/A" + }, + "Recommendation": { + "Text": "We recommend choosing EC2 instance types that are optimized for your specific workload to achieve better performance and cost efficiency.", + "Url": "https://aws.amazon.com/ec2/instance-types/" + } + }, + "Categories": ["compute"], + "DependsOn": [], + "RelatedTo": [], + "Notes": "" + } + \ No newline at end of file From 9b87e29d70ce3abd2aca489d93d32f9e2d00717d Mon Sep 17 00:00:00 2001 From: Sergio Garcia Date: Tue, 12 Dec 2023 12:55:50 +0100 Subject: [PATCH 06/10] fix filename typo --- prowler/lib/banner.py | 2 +- .../ec2_instance_type_optimized.metadata.json | 34 +++++++++++++++++++ ...2_instance_type_optimized.py.metadata.json | 31 ----------------- 3 files changed, 35 insertions(+), 32 deletions(-) create mode 100644 prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.metadata.json delete mode 100644 prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json diff --git a/prowler/lib/banner.py b/prowler/lib/banner.py index 7955f8c66d3..867bfd663eb 100644 --- a/prowler/lib/banner.py +++ b/prowler/lib/banner.py @@ -24,4 +24,4 @@ def print_banner(args): - {orange_color}WARNING (Ignored by allowlist){Style.RESET_ALL} - {Fore.RED}FAIL (Fix required){Style.RESET_ALL} """ - ) \ No newline at end of file + ) diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.metadata.json b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.metadata.json new file mode 100644 index 00000000000..7bc8064ee98 --- /dev/null +++ b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.metadata.json @@ -0,0 +1,34 @@ +{ + "Provider": "aws", + "CheckID": "ec2_instance_type_optimized", + "CheckTitle": "Ensure EC2 instances are of the optimized type", + "CheckType": [ + "Service" + ], + "ServiceName": "ec2", + "SubServiceName": "", + "ResourceIdTemplate": "", + "Severity": "high", + "ResourceType": "Other", + "Description": "Ensure EC2 instances are of the optimized type.", + "Risk": "Using non-optimized EC2 instance types may result in suboptimal performance and increased costs.", + "RelatedUrl": "https://aws.amazon.com/ec2/instance-types/", + "Remediation": { + "Code": { + "CLI": "N/A", + "NativeIaC": "", + "Other": "", + "Terraform": "N/A" + }, + "Recommendation": { + "Text": "We recommend choosing EC2 instance types that are optimized for your specific workload to achieve better performance and cost efficiency.", + "Url": "https://aws.amazon.com/ec2/instance-types/" + } + }, + "Categories": [ + "compute" + ], + "DependsOn": [], + "RelatedTo": [], + "Notes": "" +} diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json deleted file mode 100644 index 0ef7da667de..00000000000 --- a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py.metadata.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "Provider": "aws", - "CheckID": "ec2_instance_type_optimized", - "CheckTitle": "Ensure EC2 instances are of the optimized type", - "CheckType": ["Service"], - "ServiceName": "ec2", - "SubServiceName": "", - "ResourceIdTemplate": "", - "Severity": "high", - "ResourceType": "Other", - "Description": "Ensure EC2 instances are of the optimized type.", - "Risk": "Using non-optimized EC2 instance types may result in suboptimal performance and increased costs.", - "RelatedUrl": "https://aws.amazon.com/ec2/instance-types/", - "Remediation": { - "Code": { - "CLI": "N/A", - "NativeIaC": "", - "Other": "", - "Terraform": "N/A" - }, - "Recommendation": { - "Text": "We recommend choosing EC2 instance types that are optimized for your specific workload to achieve better performance and cost efficiency.", - "Url": "https://aws.amazon.com/ec2/instance-types/" - } - }, - "Categories": ["compute"], - "DependsOn": [], - "RelatedTo": [], - "Notes": "" - } - \ No newline at end of file From 44c0417275d6da0f228f1b242eb702a9e5d1dec0 Mon Sep 17 00:00:00 2001 From: Sergio Garcia Date: Fri, 22 Dec 2023 14:26:25 +0100 Subject: [PATCH 07/10] restore awslambda_function_not_publicly_accessible check --- ...tion_not_publicly_accessible.metadata.json | 36 ++++++++-------- ...lambda_function_not_publicly_accessible.py | 43 +++++++++++++------ 2 files changed, 48 insertions(+), 31 deletions(-) diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json index af6a29daf34..cdc5176105c 100644 --- a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json +++ b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.metadata.json @@ -1,30 +1,32 @@ { "Provider": "aws", - "CheckID": "awslambda_function_serverless_architecture", - "CheckTitle": "Ensure AWS Lambda function uses a serverless architecture", - "CheckType": ["Serverless Architecture"], + "CheckID": "awslambda_function_not_publicly_accessible", + "CheckTitle": "Check if Lambda functions have resource-based policy set as Public.", + "CheckType": [], "ServiceName": "lambda", "SubServiceName": "", - "ResourceIdTemplate": "arn:aws:lambda:{region}:{account-id}:function:{function-name}", - "Severity": "medium", - "ResourceType": "AWS::Lambda::Function", - "Description": "Verify if an AWS Lambda function uses a serverless architecture by checking if it is part of an AWS SAM deployment.", - "Risk": "AWS SAM deployments are often associated with serverless architectures. A Lambda function that is part of an AWS SAM deployment is considered to be using a serverless architecture.", - "RelatedUrl": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html", + "ResourceIdTemplate": "arn:partition:lambda:region:account-id:function/function-name", + "Severity": "critical", + "ResourceType": "AwsLambdaFunction", + "Description": "Check if Lambda functions have resource-based policy set as Public.", + "Risk": "Publicly accessible services could expose sensitive data to bad actors.", + "RelatedUrl": "https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html", "Remediation": { "Code": { - "CLI": "N/A", - "NativeIaC": "N/A", - "Other": "N/A", - "Terraform": "N/A" + "CLI": "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/Lambda/function-exposed.html", + "NativeIaC": "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/Lambda/function-exposed.html", + "Other": "", + "Terraform": "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/Lambda/function-exposed.html" }, "Recommendation": { - "Text": "Consider reviewing the AWS SAM documentation to understand the characteristics of serverless architectures. Ensure that your Lambda functions align with your architectural principles.", - "Url": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html" + "Text": "Grant usage permission on a per-resource basis and applying least privilege principle.", + "Url": "https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html" } }, - "Categories": ["serverless-architecture"], + "Categories": [ + "internet-exposed" + ], "DependsOn": [], "RelatedTo": [], - "Notes": "This check determines if an AWS Lambda function is using a serverless architecture based on whether it is part of an AWS SAM deployment." + "Notes": "" } diff --git a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py index fbe3ae4383a..a39b8576443 100644 --- a/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py +++ b/prowler/providers/aws/services/awslambda/awslambda_function_not_publicly_accessible/awslambda_function_not_publicly_accessible.py @@ -1,27 +1,42 @@ from prowler.lib.check.models import Check, Check_Report_AWS from prowler.providers.aws.services.awslambda.awslambda_client import awslambda_client -class awslambda_function_serverless_architecture(Check): - """awslambda_function_serverless_architecture verifies if an AWS Lambda function uses a serverless architecture""" +class awslambda_function_not_publicly_accessible(Check): def execute(self): findings = [] - - for lambda_function in awslambda_client.functions: + for function in awslambda_client.functions.values(): report = Check_Report_AWS(self.metadata()) - - report.region = lambda_function.region - report.resource_id = lambda_function.name - report.resource_arn = lambda_function.arn - report.resource_tags = lambda_function.tags + report.region = function.region + report.resource_id = function.name + report.resource_arn = function.arn + report.resource_tags = function.tags report.status = "PASS" - report.status_extended = f"AWS Lambda function {lambda_function.name} is not using a serverless architecture." - - # Check if the Lambda function is part of an AWS SAM deployment - if "AWS::Serverless" in lambda_function.resource_type: + report.status_extended = f"Lambda function {function.name} has a policy resource-based policy not public." + + public_access = False + if function.policy: + for statement in function.policy["Statement"]: + # Only check allow statements + if statement["Effect"] == "Allow": + if ( + "*" in statement["Principal"] + or ( + "AWS" in statement["Principal"] + and "*" in statement["Principal"]["AWS"] + ) + or ( + "CanonicalUser" in statement["Principal"] + and "*" in statement["Principal"]["CanonicalUser"] + ) + ): + public_access = True + break + + if public_access: report.status = "FAIL" - report.status_extended = f"AWS Lambda function {lambda_function.name} is using a serverless architecture." + report.status_extended = f"Lambda function {function.name} has a policy resource-based policy with public access." findings.append(report) From b465cdb145f1ccc7a48941173b7c9d30279d1242 Mon Sep 17 00:00:00 2001 From: Sergio Garcia Date: Fri, 22 Dec 2023 14:32:18 +0100 Subject: [PATCH 08/10] restore file descriptor --- prowler/lib/outputs/file_descriptors.py | 38 +++++++------------------ 1 file changed, 11 insertions(+), 27 deletions(-) diff --git a/prowler/lib/outputs/file_descriptors.py b/prowler/lib/outputs/file_descriptors.py index a3e39a3c6c1..33a991fdda8 100644 --- a/prowler/lib/outputs/file_descriptors.py +++ b/prowler/lib/outputs/file_descriptors.py @@ -9,12 +9,9 @@ json_file_suffix, json_ocsf_file_suffix, ) - from prowler.lib.logger import logger from prowler.lib.outputs.html import add_html_header from prowler.lib.outputs.models import ( - Aws_Check_Output_CSV, - Azure_Check_Output_CSV, Check_Output_CSV_AWS_CIS, Check_Output_CSV_AWS_ISO27001_2013, Check_Output_CSV_AWS_Well_Architected, @@ -22,19 +19,18 @@ Check_Output_CSV_GCP_CIS, Check_Output_CSV_Generic_Compliance, Check_Output_MITRE_ATTACK, - Gcp_Check_Output_CSV, generate_csv_fields, ) from prowler.lib.utils.utils import file_exists, open_file from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info -from prowler.providers.azure.lib.audit_info.models import Azure_Audit_Info +from prowler.providers.common.outputs import get_provider_output_model from prowler.providers.gcp.lib.audit_info.models import GCP_Audit_Info def initialize_file_descriptor( filename: str, output_mode: str, - audit_info: AWS_Audit_Info, + audit_info: Any, format: Any = None, ) -> TextIOWrapper: """Open/Create the output file. If needed include headers or the required format""" @@ -76,27 +72,15 @@ def fill_file_descriptors(output_modes, output_directory, output_filename, audit for output_mode in output_modes: if output_mode == "csv": filename = f"{output_directory}/{output_filename}{csv_file_suffix}" - if isinstance(audit_info, AWS_Audit_Info): - file_descriptor = initialize_file_descriptor( - filename, - output_mode, - audit_info, - Aws_Check_Output_CSV, - ) - if isinstance(audit_info, Azure_Audit_Info): - file_descriptor = initialize_file_descriptor( - filename, - output_mode, - audit_info, - Azure_Check_Output_CSV, - ) - if isinstance(audit_info, GCP_Audit_Info): - file_descriptor = initialize_file_descriptor( - filename, - output_mode, - audit_info, - Gcp_Check_Output_CSV, - ) + output_model = get_provider_output_model( + audit_info.__class__.__name__ + ) + file_descriptor = initialize_file_descriptor( + filename, + output_mode, + audit_info, + output_model, + ) file_descriptors.update({output_mode: file_descriptor}) elif output_mode == "json": From 381782cfbc6d40959a9c461363eb4cb6a7fd4084 Mon Sep 17 00:00:00 2001 From: Sergio Garcia Date: Fri, 22 Dec 2023 14:40:46 +0100 Subject: [PATCH 09/10] fix ec2_instance_type_optimized --- .../ec2_instance_type_optimized.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py index ef16f5b96ad..3b3091d6559 100644 --- a/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py +++ b/prowler/providers/aws/services/ec2/ec2_instance_type_optimized/ec2_instance_type_optimized.py @@ -1,6 +1,7 @@ from prowler.lib.check.models import Check, Check_Report_AWS from prowler.providers.aws.services.ec2.ec2_client import ec2_client + class ec2_instance_type_optimized(Check): def execute(self): findings = [] @@ -16,16 +17,15 @@ def execute(self): report.resource_tags = instance.tags report.status = "PASS" - report.status_extended = f"EC2 instance {instance.id} is using an optimized instance type." - - # Get the instance type - instance_type = instance.instance_type + report.status_extended = ( + f"EC2 instance {instance.id} is using an optimized instance type." + ) # Check if the instance type is in the list of optimized instance types - if instance_type not in optimized_instance_types: + if instance.type not in optimized_instance_types: report.status = "FAIL" - report.status_extended = f"EC2 instance {instance.id} is not using an optimized instance type. Current type: {instance_type}" + report.status_extended = f"EC2 instance {instance.id} is not using an optimized instance type. Current type: {instance.type}" findings.append(report) - return findings \ No newline at end of file + return findings From f943c4d5dcd64fd6f21a031f518ed80b2e937361 Mon Sep 17 00:00:00 2001 From: Sergio Garcia Date: Fri, 22 Dec 2023 14:56:48 +0100 Subject: [PATCH 10/10] fix compliance naming --- ...aws_well_architected_framework_performance_pillar_aws.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json b/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json index a2e0cf6e7aa..d1da8896e59 100644 --- a/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json +++ b/prowler/compliance/aws/aws_well_architected_framework_performance_pillar_aws.json @@ -1,5 +1,5 @@ { - "Framework": "AWS-Well-Architected-Framework-Performance-Efficiency-Pillar", + "Framework": "AWS-Well-Architected-Framework-Performance-Pillar", "Version": "", "Provider": "AWS", "Description": "Best Practices for the AWS Well-Architected Framework Performance Efficiency Pillar encompass the ability of a workload to use computing resources efficiently and meet requirements. Performance efficiency focuses on the efficient use of cloud resources to meet requirements and avoid unnecessary costs.", @@ -21,7 +21,7 @@ } ], "Checks": [ - "ec2_instance_type_optimized", + "ec2_instance_type_optimized", "autoscaling_group_scaling_enabled", "awslambda_function_serverless_architecture" ]