aws-cis-controls-assessment 1.1.0__tar.gz → 1.1.2__tar.gz

{aws_cis_controls_assessment-1.1.0/aws_cis_controls_assessment.egg-info → aws_cis_controls_assessment-1.1.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aws-cis-controls-assessment
-Version: 1.1.0
+Version: 1.1.2
 Summary: Production-ready AWS CIS Controls compliance assessment framework with 145 comprehensive rules
 Author-email: AWS CIS Assessment Team <security@example.com>
 Maintainer-email: AWS CIS Assessment Team <security@example.com>

{aws_cis_controls_assessment-1.1.0 → aws_cis_controls_assessment-1.1.2}/aws_cis_assessment/__init__.py

@@ -6,6 +6,6 @@ CIS Controls Implementation Groups (IG1, IG2, IG3). Implements 163 comprehensive
 across all implementation groups for complete security compliance assessment.
 """
 
-__version__ = "1.1.0"
+__version__ = "1.1.2"
 __author__ = "AWS CIS Assessment Team"
 __description__ = "Production-ready AWS CIS Controls Compliance Assessment Framework"

{aws_cis_controls_assessment-1.1.0 → aws_cis_controls_assessment-1.1.2}/aws_cis_assessment/reporters/html_reporter.py

@@ -274,6 +274,8 @@ class HTMLReporter(ReportGenerator):
     def _generate_html_body(self, html_data: Dict[str, Any]) -> str:
         """Generate HTML body section with content.
         
+        Modified in v1.1.2 to remove Detailed Findings and Remediation sections.
+        
         Args:
             html_data: Enhanced HTML report data
             
@@ -285,9 +287,7 @@ class HTMLReporter(ReportGenerator):
         navigation = self._generate_navigation(html_data)
         executive_dashboard = self._generate_executive_dashboard(html_data)
         implementation_groups = self._generate_implementation_groups_section(html_data)
-        detailed_findings = self._generate_detailed_findings_section(html_data)
         resource_details = self._generate_resource_details_section(html_data)
-        remediation_section = self._generate_remediation_section(html_data)
         footer = self._generate_footer(html_data)
         
         body_content = f"""<body>
@@ -296,9 +296,7 @@ class HTMLReporter(ReportGenerator):
         {navigation}
         {executive_dashboard}
         {implementation_groups}
-        {detailed_findings}
         {resource_details}
-        {remediation_section}
         {footer}
     </div>
     
@@ -771,6 +769,44 @@ class HTMLReporter(ReportGenerator):
             background-color: #2c3e50;
         }
         
+        /* Resource ID column width constraint - increased to 220px in v1.1.2 */
+        .resource-table td:first-child {
+            max-width: 220px;
+            overflow: hidden;
+            text-overflow: ellipsis;
+            white-space: nowrap;
+        }
+        
+        .resource-table td:first-child:hover {
+            overflow: visible;
+            white-space: normal;
+            word-wrap: break-word;
+        }
+        
+        /* Resource Type column width constraint - added in v1.1.2 (reduced by 20%) */
+        .resource-table td:nth-child(2) {
+            max-width: 150px;
+            overflow: hidden;
+            text-overflow: ellipsis;
+            white-space: nowrap;
+        }
+        
+        .resource-table td:nth-child(2):hover {
+            overflow: visible;
+            white-space: normal;
+            word-wrap: break-word;
+        }
+        
+        /* Visual frames around each resource row */
+        .resource-row {
+            border: 1px solid #e0e0e0;
+            border-radius: 4px;
+        }
+        
+        .resource-row:hover {
+            box-shadow: 0 2px 8px rgba(0,0,0,0.1);
+        }
+        
         .resource-row.compliant {
             background-color: #f8fff8;
         }
@@ -1262,56 +1298,6 @@ class HTMLReporter(ReportGenerator):
                 return;
             }}
             
-            // Implementation Groups Compliance Chart
-            const igChartCtx = document.getElementById('igComplianceChart');
-            if (igChartCtx) {{
-                new Chart(igChartCtx, {{
-                    type: 'doughnut',
-                    data: chartData.igCompliance,
-                    options: {{
-                        responsive: true,
-                        maintainAspectRatio: false,
-                        plugins: {{
-                            legend: {{
-                                position: 'bottom'
-                            }},
-                            title: {{
-                                display: true,
-                                text: 'Implementation Groups Compliance'
-                            }}
-                        }}
-                    }}
-                }});
-            }}
-            
-            // Overall Compliance Trend Chart
-            const trendChartCtx = document.getElementById('complianceTrendChart');
-            if (trendChartCtx) {{
-                new Chart(trendChartCtx, {{
-                    type: 'bar',
-                    data: chartData.complianceTrend,
-                    options: {{
-                        responsive: true,
-                        maintainAspectRatio: false,
-                        scales: {{
-                            y: {{
-                                beginAtZero: true,
-                                max: 100
-                            }}
-                        }},
-                        plugins: {{
-                            legend: {{
-                                display: false
-                            }},
-                            title: {{
-                                display: true,
-                                text: 'Compliance by Implementation Group'
-                            }}
-                        }}
-                    }}
-                }});
-            }}
-            
             // Risk Distribution Chart
             const riskChartCtx = document.getElementById('riskDistributionChart');
             if (riskChartCtx) {{
@@ -1474,17 +1460,34 @@ class HTMLReporter(ReportGenerator):
         function exportToCSV() {{
             const tables = document.querySelectorAll('.findings-table');
             let csvContent = '';
+            let headersAdded = false;
             
             tables.forEach(function(table) {{
                 const rows = table.querySelectorAll('tr');
-                rows.forEach(function(row) {{
-                    const cells = row.querySelectorAll('th, td');
-                    const rowData = Array.from(cells).map(cell => 
-                        '"' + cell.textContent.replace(/"/g, '""') + '"'
-                    ).join(',');
-                    csvContent += rowData + '\\n';
+                rows.forEach(function(row, index) {{
+                    // Add headers only once (from first table)
+                    if (index === 0) {{
+                        if (!headersAdded) {{
+                            const cells = row.querySelectorAll('th');
+                            if (cells.length > 0) {{
+                                const rowData = Array.from(cells).map(cell => 
+                                    '"' + cell.textContent.replace(/"/g, '""') + '"'
+                                ).join(',');
+                                csvContent += rowData + '\\n';
+                                headersAdded = true;
+                            }}
+                        }}
+                    }} else {{
+                        // Add data rows (skip header rows from subsequent tables)
+                        const cells = row.querySelectorAll('td');
+                        if (cells.length > 0) {{
+                            const rowData = Array.from(cells).map(cell => 
+                                '"' + cell.textContent.replace(/"/g, '""') + '"'
+                            ).join(',');
+                            csvContent += rowData + '\\n';
+                        }}
+                    }}
                 }});
-                csvContent += '\\n';
             }});
             
             const blob = new Blob([csvContent], {{ type: 'text/csv' }});
@@ -1496,11 +1499,12 @@ class HTMLReporter(ReportGenerator):
             window.URL.revokeObjectURL(url);
         }}
         
-        // Resource filtering functionality
+        // Resource filtering functionality (updated in v1.1.2 to support Control filter)
         function filterResources() {{
             const searchTerm = document.getElementById('resourceSearch').value.toLowerCase();
             const statusFilter = document.getElementById('statusFilter').value;
             const typeFilter = document.getElementById('typeFilter').value;
+            const controlFilter = document.getElementById('controlFilter').value;
             const rows = document.querySelectorAll('#resourceTable tbody tr');
             
             rows.forEach(function(row) {{
@@ -1509,6 +1513,7 @@ class HTMLReporter(ReportGenerator):
                 const resourceType = cells[1].textContent;
                 const status = cells[3].textContent.includes('COMPLIANT') ? 
                     (cells[3].textContent.includes('NON_COMPLIANT') ? 'NON_COMPLIANT' : 'COMPLIANT') : 'NON_COMPLIANT';
+                const controlId = cells[4].textContent;
                 const evaluationReason = cells[6].textContent.toLowerCase();
                 
                 const matchesSearch = resourceId.includes(searchTerm) || 
@@ -1516,8 +1521,9 @@ class HTMLReporter(ReportGenerator):
                                     evaluationReason.includes(searchTerm);
                 const matchesStatus = !statusFilter || status === statusFilter;
                 const matchesType = !typeFilter || resourceType === typeFilter;
+                const matchesControl = !controlFilter || controlId === controlFilter;
                 
-                row.style.display = (matchesSearch && matchesStatus && matchesType) ? '' : 'none';
+                row.style.display = (matchesSearch && matchesStatus && matchesType && matchesControl) ? '' : 'none';
             }});
         }}
         
@@ -1547,18 +1553,74 @@ class HTMLReporter(ReportGenerator):
             }});
         }}
         
-        // Export resources to CSV
+        // Export resources to CSV (updated in v1.1.2 with ARN, aggregate filtering, and port truncation)
         function exportResourcesToCSV() {{
             const table = document.getElementById('resourceTable');
             const rows = table.querySelectorAll('tr');
             let csvContent = '';
             
-            rows.forEach(function(row) {{
+            // Excluded aggregate row IDs (v1.1.2)
+            const excludedIds = ['5631', '6460', '629'];
+            
+            // Helper function to truncate port lists (v1.1.2)
+            function truncatePortList(text) {{
+                // Match port list patterns like [0, 1, 2, 3, ...]
+                const portListRegex = /\\[(\\d+(?:,\\s*\\d+)*)\\]/g;
+                
+                return text.replace(portListRegex, function(match, ports) {{
+                    const portArray = ports.split(',').map(p => p.trim());
+                    if (portArray.length > 10) {{
+                        const truncated = portArray.slice(0, 10).join(', ');
+                        return `[${{truncated}}, ...]`;
+                    }}
+                    return match;
+                }});
+            }}
+            
+            rows.forEach(function(row, index) {{
                 const cells = row.querySelectorAll('th, td');
-                const rowData = Array.from(cells).map(cell => 
-                    '"' + cell.textContent.replace(/"/g, '""').replace(/\\s+/g, ' ').trim() + '"'
-                ).join(',');
-                csvContent += rowData + '\\n';
+                
+                // Handle header row - change "Resource ID" to "Resource ARN"
+                if (index === 0) {{
+                    const headerData = Array.from(cells).map((cell, cellIndex) => {{
+                        let headerText = cell.textContent.replace(/\\s+/g, ' ').trim();
+                        // Replace "Resource ID" with "Resource ARN" in header
+                        if (cellIndex === 0 && headerText.includes('Resource ID')) {{
+                            headerText = headerText.replace('Resource ID', 'Resource ARN');
+                        }}
+                        return '"' + headerText.replace(/"/g, '""') + '"';
+                    }}).join(',');
+                    csvContent += headerData + '\\n';
+                }} else if (cells.length > 0) {{
+                    // Get resource ID to check if it should be excluded
+                    const resourceIdCell = cells[0];
+                    const resourceId = resourceIdCell.textContent.replace(/\\s+/g, ' ').trim();
+                    
+                    // Skip aggregate rows (v1.1.2)
+                    if (excludedIds.includes(resourceId)) {{
+                        return;
+                    }}
+                    
+                    // Get ARN from data attribute or fall back to resource ID
+                    const resourceArn = resourceIdCell.getAttribute('data-arn') || resourceId;
+                    
+                    const rowData = Array.from(cells).map((cell, cellIndex) => {{
+                        let cellText = cell.textContent.replace(/\\s+/g, ' ').trim();
+                        
+                        // Use ARN for first column instead of Resource ID (v1.1.2)
+                        if (cellIndex === 0) {{
+                            cellText = resourceArn;
+                        }}
+                        
+                        // Apply port list truncation to evaluation reason column (v1.1.2)
+                        if (cellIndex === 6) {{
+                            cellText = truncatePortList(cellText);
+                        }}
+                        
+                        return '"' + cellText.replace(/"/g, '""') + '"';
+                    }}).join(',');
+                    csvContent += rowData + '\\n';
+                }}
             }});
             
             const blob = new Blob([csvContent], {{ type: 'text/csv' }});
@@ -1657,6 +1719,9 @@ class HTMLReporter(ReportGenerator):
     def _generate_executive_dashboard(self, html_data: Dict[str, Any]) -> str:
         """Generate executive dashboard section.
         
+        Modified in v1.1.1 to remove pie chart (igComplianceChart) and bar chart 
+        (complianceTrendChart), keeping only risk distribution chart.
+        
         Args:
             html_data: Enhanced HTML report data
             
@@ -1731,12 +1796,6 @@ class HTMLReporter(ReportGenerator):
         if self.include_charts:
             charts_section = f"""
             <div class="charts-section">
-                <div class="chart-container">
-                    <canvas id="igComplianceChart"></canvas>
-                </div>
-                <div class="chart-container">
-                    <canvas id="complianceTrendChart"></canvas>
-                </div>
                 <div class="chart-container">
                     <canvas id="riskDistributionChart"></canvas>
                 </div>
@@ -1861,161 +1920,7 @@ class HTMLReporter(ReportGenerator):
         </section>
         """
     
-    def _generate_detailed_findings_section(self, html_data: Dict[str, Any]) -> str:
-        """Generate detailed findings section.
-        
-        This method consolidates findings by control ID only (not by IG) to eliminate
-        duplication. Each control appears once with IG membership indicators.
-        
-        Args:
-            html_data: Enhanced HTML report data
-            
-        Returns:
-            Detailed findings HTML as string
-        """
-        # Consolidate findings by control ID (deduplicated across IGs)
-        consolidated_findings = self._consolidate_findings_by_control(
-            html_data.get("implementation_groups", {})
-        )
-        
-        findings_content = ""
-        
-        # Generate findings grouped by control ID only (sorted alphanumerically)
-        for control_id, control_data in consolidated_findings.items():
-            findings = control_data.get('findings', [])
-            
-            # Skip if no non-compliant findings
-            if not findings:
-                continue
-            
-            # Get control metadata
-            config_rule_name = control_data.get('config_rule_name', '')
-            title = control_data.get('title', f'CIS Control {control_id}')
-            member_igs = control_data.get('member_igs', [])
-            
-            # Format display name for collapsible header
-            display_name = self._format_control_display_name(control_id, config_rule_name, title)
-            
-            # Generate IG membership badges
-            ig_badges_html = ""
-            for ig in member_igs:
-                badge_class = self._get_ig_badge_class(ig)
-                ig_badges_html += f'<span class="ig-membership-badge {badge_class}">{ig}</span>'
-            
-            # Generate findings table rows
-            findings_rows = ""
-            for finding in findings:
-                if finding.get("compliance_status") == "NON_COMPLIANT":
-                    findings_rows += f"""
-                    <tr>
-                        <td>{finding.get('resource_id', 'N/A')}</td>
-                        <td>{finding.get('resource_type', 'N/A')}</td>
-                        <td>{finding.get('region', 'N/A')}</td>
-                        <td><span class="badge {finding.get('compliance_status', '').lower()}">{finding.get('compliance_status', 'UNKNOWN')}</span></td>
-                        <td>{finding.get('evaluation_reason', 'N/A')}</td>
-                        <td>{finding.get('config_rule_name', config_rule_name)}</td>
-                    </tr>
-                    """
-            
-            # Only add control section if there are non-compliant findings
-            if findings_rows:
-                non_compliant_count = len([f for f in findings if f.get('compliance_status') == 'NON_COMPLIANT'])
-                
-                findings_content += f"""
-                <div class="control-findings-section">
-                    <button class="collapsible">
-                        <span class="control-display-name">{display_name}</span>
-                        <span class="findings-count"> - Non-Compliant Resources ({non_compliant_count} items)</span>
-                    </button>
-                    <div class="collapsible-content">
-                        <div class="ig-membership-badges" style="margin-bottom: 15px;">
-                            <strong>Implementation Groups:</strong> {ig_badges_html}
-                        </div>
-                        <table class="findings-table">
-                            <thead>
-                                <tr>
-                                    <th>Resource ID</th>
-                                    <th>Resource Type</th>
-                                    <th>Region</th>
-                                    <th>Compliance Status</th>
-                                    <th>Reason</th>
-                                    <th>Config Rule</th>
-                                </tr>
-                            </thead>
-                            <tbody>
-                                {findings_rows}
-                            </tbody>
-                        </table>
-                    </div>
-                </div>
-                """
-        
-        return f"""
-        <section id="detailed-findings" class="detailed-findings">
-            <h2>Detailed Findings</h2>
-            <p class="section-description">
-                Findings are grouped by control ID and deduplicated across Implementation Groups. 
-                Each control shows which IGs include it.
-            </p>
-            <div class="search-container">
-                <input type="text" placeholder="Search findings..." onkeyup="searchFindings(this.value)" style="width: 100%; padding: 10px; margin-bottom: 20px; border: 1px solid #ddd; border-radius: 5px;">
-            </div>
-            {findings_content if findings_content else '<p>No non-compliant findings to display.</p>'}
-        </section>
-        """
     
-    def _generate_remediation_section(self, html_data: Dict[str, Any]) -> str:
-        """Generate remediation section.
-        
-        Args:
-            html_data: Enhanced HTML report data
-            
-        Returns:
-            Remediation HTML as string
-        """
-        remediation_items = ""
-        
-        for remediation in html_data["remediation_priorities"]:
-            steps_html = ""
-            for step in remediation["remediation_steps"]:
-                steps_html += f"<li>{step}</li>"
-            
-            # Normalize priority and effort text to proper capitalization
-            priority_text = remediation['priority'].capitalize()
-            effort_text = remediation['estimated_effort'].capitalize()
-            
-            remediation_items += f"""
-            <div class="remediation-item">
-                <div class="remediation-header">
-                    <div>
-                        <h4>{remediation['control_id']} - {remediation['config_rule_name']}</h4>
-                    </div>
-                    <div class="remediation-badges">
-                        <span class="badge {remediation['priority_badge']}">{priority_text}</span>
-                        <span class="badge {remediation['effort_badge']}">{effort_text}</span>
-                    </div>
-                </div>
-                <div class="remediation-content">
-                    <h5>Remediation Steps:</h5>
-                    <ol>
-                        {steps_html}
-                    </ol>
-                    <p><strong>Documentation:</strong> <a href="{remediation['aws_documentation_link']}" target="_blank">AWS Documentation</a></p>
-                </div>
-            </div>
-            """
-        
-        return f"""
-        <section id="remediation" class="remediation">
-            <h2>Remediation Priorities</h2>
-            <div class="remediation-list">
-                {remediation_items}
-            </div>
-            <div class="export-actions">
-                <button onclick="exportToCSV()" class="export-btn">Export Findings to CSV</button>
-            </div>
-        </section>
-        """
     
     def _generate_footer(self, html_data: Dict[str, Any]) -> str:
         """Generate footer section.
@@ -2121,6 +2026,8 @@ class HTMLReporter(ReportGenerator):
     def _build_navigation_structure(self, html_data: Dict[str, Any]) -> Dict[str, Any]:
         """Build navigation structure for the report.
         
+        Modified in v1.1.2 to remove Detailed Findings and Remediation sections.
+        
         Args:
             html_data: Enhanced HTML report data
             
@@ -2131,9 +2038,7 @@ class HTMLReporter(ReportGenerator):
             "sections": [
                 {"id": "dashboard", "title": "Dashboard"},
                 {"id": "implementation-groups", "title": "Implementation Groups"},
-                {"id": "detailed-findings", "title": "Detailed Findings"},
-                {"id": "resource-details", "title": "Resource Details"},
-                {"id": "remediation", "title": "Remediation"}
+                {"id": "resource-details", "title": "Resource Details"}
             ]
         }
     
@@ -2196,8 +2101,33 @@ class HTMLReporter(ReportGenerator):
             return "low"
     
     def _get_priority_badge(self, priority: str) -> str:
-        """Get priority badge class."""
-        return priority.lower()
+        """Get priority badge class ensuring single value.
+        
+        Modified in v1.1.1 to normalize priority values and handle duplicates.
+        Fixes issues like "High High" → "high" and "High Medium" → "high".
+        
+        Args:
+            priority: Priority string (may contain multiple values like "High High" or "High Medium")
+            
+        Returns:
+            Single priority class: 'high', 'medium', or 'low'
+        """
+        # Extract first priority if multiple exist
+        priority_lower = priority.lower().strip()
+        
+        # Handle multiple priorities (take first one)
+        if ' ' in priority_lower:
+            priority_lower = priority_lower.split()[0]
+        
+        # Normalize to standard values
+        if 'high' in priority_lower:
+            return 'high'
+        elif 'medium' in priority_lower or 'med' in priority_lower:
+            return 'medium'
+        elif 'low' in priority_lower:
+            return 'low'
+        else:
+            return 'medium'  # Default fallback
     
     def _get_effort_badge(self, effort: str) -> str:
         """Get effort badge class."""
@@ -2238,40 +2168,27 @@ class HTMLReporter(ReportGenerator):
                                           score_diff: float) -> str:
         """Generate scoring methodology comparison section.
         
+        Modified in v1.1.1 to remove "our approach" phrase, "Reflects actual security 
+        posture" text, and score difference warning for cleaner presentation.
+        
         Args:
-            weighted_score: Our weighted compliance score
+            weighted_score: Weighted compliance score
             aws_config_score: AWS Config Conformance Pack style score
-            score_diff: Difference between the two scores
+            score_diff: Difference between the two scores (not displayed)
             
         Returns:
             HTML section comparing the two scoring approaches
         """
-        # Determine interpretation based on difference
-        if abs(score_diff) < 1.0:
-            interpretation = "Both scoring approaches show similar results, indicating balanced compliance across all control priorities."
-            icon = "ℹ️"
-            diff_class = "neutral"
-        elif score_diff < 0:
-            # Weighted score is lower
-            interpretation = f"The weighted score is {abs(score_diff):.1f}% lower, indicating critical security controls need attention despite good overall resource compliance."
-            icon = "⚠️"
-            diff_class = "warning"
-        else:
-            # Weighted score is higher
-            interpretation = f"The weighted score is {score_diff:.1f}% higher, indicating strong performance in critical security controls despite some gaps in less critical areas."
-            icon = "✓"
-            diff_class = "positive"
-        
         return f"""
         <div class="score-comparison-section">
             <h3>Scoring Methodology Comparison</h3>
             <div class="comparison-grid">
                 <div class="comparison-card">
-                    <h4>Weighted Score (Our Approach)</h4>
+                    <h4>Weighted Score</h4>
                     <div class="comparison-value">{weighted_score:.1f}%</div>
                     <p class="comparison-description">
                         Uses risk-based weighting where critical controls (encryption, access control) 
-                        have higher impact on the overall score. Reflects actual security posture.
+                        have higher impact on the overall score.
                     </p>
                     <ul class="comparison-features">
                         <li>✓ Prioritizes critical security controls</li>
@@ -2294,16 +2211,6 @@ class HTMLReporter(ReportGenerator):
                     </ul>
                 </div>
             </div>
-            
-            <div class="score-difference {diff_class}">
-                <span class="diff-icon">{icon}</span>
-                <div class="diff-content">
-                    <strong>Score Difference: {score_diff:+.1f}%</strong>
-                    <p>{interpretation}</p>
-                </div>
-            </div>
-            
-
         </div>
         """
     
@@ -2604,9 +2511,14 @@ class HTMLReporter(ReportGenerator):
             status_class = "compliant" if resource["compliance_status"] == "COMPLIANT" else "non_compliant"
             status_icon = "✓" if resource["compliance_status"] == "COMPLIANT" else "✗"
             
+            # Construct pseudo-ARN for CSV export (v1.1.2)
+            # Format: arn:aws:service:region:account:resource-type/resource-id
+            # Since we don't have account ID in resource data, we'll use a placeholder
+            resource_arn = f"arn:aws:{resource['resource_type'].split('::')[1].lower() if '::' in resource['resource_type'] else 'unknown'}:{resource['region']}:*:{resource['resource_id']}"
+            
             resource_rows += f"""
             <tr class="resource-row {status_class}">
-                <td><code>{resource['resource_id']}</code></td>
+                <td data-arn="{resource_arn}"><code>{resource['resource_id']}</code></td>
                 <td>{resource['resource_type']}</td>
                 <td>{resource['region']}</td>
                 <td>
@@ -2626,6 +2538,12 @@ class HTMLReporter(ReportGenerator):
         non_compliant_resources = total_resources - compliant_resources
         compliance_percentage = (compliant_resources / total_resources * 100) if total_resources > 0 else 0
         
+        # Extract unique Control IDs for filter dropdown (v1.1.2)
+        unique_control_ids = sorted(set(r["control_id"] for r in all_resources), key=self._sort_control_id)
+        control_filter_options = ""
+        for control_id in unique_control_ids:
+            control_filter_options += f'<option value="{control_id}">{control_id}</option>'
+        
         # Generate resource type breakdown
         resource_type_stats = {}
         for resource in all_resources:
@@ -2699,6 +2617,10 @@ class HTMLReporter(ReportGenerator):
                         <option value="">All Types</option>
                         {self._generate_resource_type_options(resource_type_stats)}
                     </select>
+                    <select id="controlFilter" onchange="filterResources()" class="filter-select">
+                        <option value="">All Controls</option>
+                        {control_filter_options}
+                    </select>
                 </div>
                 
                 <table class="findings-table resource-table" id="resourceTable">
@@ -2869,6 +2791,8 @@ class HTMLReporter(ReportGenerator):
         Enriches control data with additional fields needed for improved display,
         including formatted names, IG membership badges, and truncation indicators.
         
+        Modified in v1.1.2 to remove duplicate Control ID prefix from display names.
+        
         Args:
             control_data: Existing control data dictionary
             control_id: Control identifier (e.g., "1.5")
@@ -2877,7 +2801,7 @@ class HTMLReporter(ReportGenerator):
             
         Returns:
             Enhanced control data with additional fields:
-            - display_name: Formatted name combining control ID and rule name
+            - display_name: Formatted name without duplicate Control ID prefix
             - originating_ig: Which IG introduced this control (IG1, IG2, or IG3)
             - ig_badge_class: CSS class for IG badge styling
             - needs_truncation: Boolean indicating if display name exceeds 50 characters
@@ -2894,7 +2818,7 @@ class HTMLReporter(ReportGenerator):
             Output enriched data (includes all input fields plus):
             {
                 ...original fields...,
-                'display_name': '1.5: root-account-hardware-mfa-enabled',
+                'display_name': 'root-account-hardware-mfa-enabled',  # No "1.5:" prefix
                 'originating_ig': 'IG1',
                 'ig_badge_class': 'ig-badge-1',
                 'needs_truncation': False
@@ -2905,16 +2829,25 @@ class HTMLReporter(ReportGenerator):
             - Truncation threshold is 50 characters
             - Gracefully handles missing config_rule_name
             - Originating IG is determined by checking IG1, IG2, IG3 in order
+            - v1.1.2: Removes duplicate Control ID prefix from display names
         """
         enriched = control_data.copy()
         
         # Format display name
-        enriched['display_name'] = self._format_control_display_name(
+        display_name = self._format_control_display_name(
             control_id,
             control_data.get('config_rule_name', ''),
             control_data.get('title')
         )
         
+        # Remove duplicate Control ID prefix if present (v1.1.2 improvement)
+        # Check if display_name starts with "control_id: "
+        prefix = f"{control_id}: "
+        if display_name.startswith(prefix):
+            display_name = display_name[len(prefix):]
+        
+        enriched['display_name'] = display_name
+        
         # Determine originating IG (which IG introduced this control)
         originating_ig = self._determine_originating_ig(control_id, all_igs)
         enriched['originating_ig'] = originating_ig

{aws_cis_controls_assessment-1.1.0 → aws_cis_controls_assessment-1.1.2/aws_cis_controls_assessment.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aws-cis-controls-assessment
-Version: 1.1.0
+Version: 1.1.2
 Summary: Production-ready AWS CIS Controls compliance assessment framework with 145 comprehensive rules
 Author-email: AWS CIS Assessment Team <security@example.com>
 Maintainer-email: AWS CIS Assessment Team <security@example.com>