prowler-cloud 5.14.1__py3-none-any.whl → 5.15.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- dashboard/assets/images/providers/alibabacloud_provider.png +0 -0
- dashboard/compliance/cis_2_0_alibabacloud.py +24 -0
- dashboard/lib/layouts.py +1 -0
- dashboard/pages/compliance.py +8 -2
- dashboard/pages/overview.py +52 -1
- prowler/CHANGELOG.md +59 -20
- prowler/__main__.py +40 -0
- prowler/compliance/alibabacloud/__init__.py +0 -0
- prowler/compliance/alibabacloud/cis_2.0_alibabacloud.json +1833 -0
- prowler/compliance/aws/iso27001_2013_aws.json +158 -158
- prowler/compliance/aws/soc2_aws.json +100 -0
- prowler/compliance/azure/rbi_cyber_security_framework_azure.json +248 -0
- prowler/compliance/azure/soc2_azure.json +87 -1
- prowler/compliance/gcp/soc2_gcp.json +82 -1
- prowler/config/config.py +2 -1
- prowler/lib/check/check.py +47 -1
- prowler/lib/check/models.py +23 -0
- prowler/lib/check/utils.py +1 -1
- prowler/lib/cli/parser.py +3 -2
- prowler/lib/outputs/compliance/cis/cis_alibabacloud.py +106 -0
- prowler/lib/outputs/compliance/cis/models.py +35 -0
- prowler/lib/outputs/finding.py +16 -0
- prowler/lib/outputs/html/html.py +67 -0
- prowler/lib/outputs/outputs.py +2 -0
- prowler/lib/outputs/summary_table.py +3 -0
- prowler/providers/alibabacloud/__init__.py +0 -0
- prowler/providers/alibabacloud/alibabacloud_provider.py +872 -0
- prowler/providers/alibabacloud/config.py +41 -0
- prowler/providers/alibabacloud/exceptions/__init__.py +0 -0
- prowler/providers/alibabacloud/exceptions/exceptions.py +116 -0
- prowler/providers/alibabacloud/lib/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/arguments/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/arguments/arguments.py +58 -0
- prowler/providers/alibabacloud/lib/mutelist/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/mutelist/mutelist.py +175 -0
- prowler/providers/alibabacloud/lib/service/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/service/service.py +113 -0
- prowler/providers/alibabacloud/models.py +266 -0
- prowler/providers/alibabacloud/services/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_client.py +6 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/actiontrail_multi_region_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/actiontrail_multi_region_enabled.py +81 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/actiontrail_oss_bucket_not_publicly_accessible.metadata.json +40 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/actiontrail_oss_bucket_not_publicly_accessible.py +119 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_service.py +110 -0
- prowler/providers/alibabacloud/services/cs/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_client.py +4 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/cs_kubernetes_cloudmonitor_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/cs_kubernetes_cloudmonitor_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/cs_kubernetes_cluster_check_recent.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/cs_kubernetes_cluster_check_recent.py +62 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_weekly/cs_kubernetes_cluster_check_weekly.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_weekly/cs_kubernetes_cluster_check_weekly.py +62 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/cs_kubernetes_dashboard_disabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/cs_kubernetes_dashboard_disabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/cs_kubernetes_eni_multiple_ip_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/cs_kubernetes_eni_multiple_ip_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/cs_kubernetes_log_service_enabled.metadata.json +40 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/cs_kubernetes_log_service_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/cs_kubernetes_network_policy_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/cs_kubernetes_network_policy_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/cs_kubernetes_private_cluster_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/cs_kubernetes_private_cluster_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/cs_kubernetes_rbac_enabled.metadata.json +40 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/cs_kubernetes_rbac_enabled.py +28 -0
- prowler/providers/alibabacloud/services/cs/cs_service.py +354 -0
- prowler/providers/alibabacloud/services/ecs/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/ecs_attached_disk_encrypted.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/ecs_attached_disk_encrypted.py +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_client.py +4 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/ecs_instance_endpoint_protection_installed.metadata.json +41 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/ecs_instance_endpoint_protection_installed.py +47 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/ecs_instance_latest_os_patches_applied.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/ecs_instance_latest_os_patches_applied.py +50 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/ecs_instance_no_legacy_network.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/ecs_instance_no_legacy_network.py +34 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/ecs_securitygroup_restrict_rdp_internet.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/ecs_securitygroup_restrict_rdp_internet.py +68 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/ecs_securitygroup_restrict_ssh_internet.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/ecs_securitygroup_restrict_ssh_internet.py +68 -0
- prowler/providers/alibabacloud/services/ecs/ecs_service.py +380 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/ecs_unattached_disk_encrypted.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/ecs_unattached_disk_encrypted.py +38 -0
- prowler/providers/alibabacloud/services/ecs/lib/security_groups.py +23 -0
- prowler/providers/alibabacloud/services/oss/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/oss_bucket_logging_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/oss_bucket_logging_enabled.py +37 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/oss_bucket_not_publicly_accessible.metadata.json +39 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/oss_bucket_not_publicly_accessible.py +89 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/oss_bucket_secure_transport_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/oss_bucket_secure_transport_enabled.py +87 -0
- prowler/providers/alibabacloud/services/oss/oss_client.py +4 -0
- prowler/providers/alibabacloud/services/oss/oss_service.py +317 -0
- prowler/providers/alibabacloud/services/ram/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_client.py +4 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/ram_no_root_access_key.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/ram_no_root_access_key.py +33 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/ram_password_policy_lowercase.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/ram_password_policy_lowercase.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/ram_password_policy_max_login_attempts.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/ram_password_policy_max_login_attempts.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/ram_password_policy_max_password_age.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/ram_password_policy_max_password_age.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/ram_password_policy_minimum_length.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/ram_password_policy_minimum_length.py +30 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_number/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_number/ram_password_policy_number.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/ram_password_policy_password_reuse_prevention.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/ram_password_policy_password_reuse_prevention.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/ram_password_policy_symbol.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/ram_password_policy_symbol.py +34 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/ram_password_policy_uppercase.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/ram_password_policy_uppercase.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/ram_policy_attached_only_to_group_or_roles.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/ram_policy_attached_only_to_group_or_roles.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/ram_policy_no_administrative_privileges.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/ram_policy_no_administrative_privileges.py +73 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/ram_rotate_access_key_90_days.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/ram_rotate_access_key_90_days.py +58 -0
- prowler/providers/alibabacloud/services/ram/ram_service.py +478 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/ram_user_console_access_unused.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/ram_user_console_access_unused.py +56 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/ram_user_mfa_enabled_console_access.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/ram_user_mfa_enabled_console_access.py +36 -0
- prowler/providers/alibabacloud/services/rds/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_client.py +4 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/rds_instance_no_public_access_whitelist.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/rds_instance_no_public_access_whitelist.py +36 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/rds_instance_postgresql_log_connections_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/rds_instance_postgresql_log_connections_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/rds_instance_postgresql_log_disconnections_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/rds_instance_postgresql_log_disconnections_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/rds_instance_postgresql_log_duration_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/rds_instance_postgresql_log_duration_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/rds_instance_sql_audit_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/rds_instance_sql_audit_enabled.py +32 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/rds_instance_sql_audit_retention.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/rds_instance_sql_audit_retention.py +41 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/rds_instance_ssl_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/rds_instance_ssl_enabled.py +30 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/rds_instance_tde_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/rds_instance_tde_enabled.py +32 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/rds_instance_tde_key_custom.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/rds_instance_tde_key_custom.py +38 -0
- prowler/providers/alibabacloud/services/rds/rds_service.py +274 -0
- prowler/providers/alibabacloud/services/securitycenter/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/securitycenter_advanced_or_enterprise_edition.metadata.json +43 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/securitycenter_advanced_or_enterprise_edition.py +48 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/securitycenter_all_assets_agent_installed.metadata.json +42 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/securitycenter_all_assets_agent_installed.py +48 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_client.py +6 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/securitycenter_notification_enabled_high_risk.metadata.json +42 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/securitycenter_notification_enabled_high_risk.py +65 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_service.py +394 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/securitycenter_vulnerability_scan_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/securitycenter_vulnerability_scan_enabled.py +68 -0
- prowler/providers/alibabacloud/services/sls/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_client.py +4 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/sls_cloud_firewall_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/sls_cloud_firewall_changes_alert_enabled.py +50 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/sls_customer_created_cmk_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/sls_customer_created_cmk_changes_alert_enabled.py +48 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/sls_logstore_retention_period.metadata.json +38 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/sls_logstore_retention_period.py +32 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/sls_management_console_authentication_failures_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/sls_management_console_authentication_failures_alert_enabled.py +44 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/sls_management_console_signin_without_mfa_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/sls_management_console_signin_without_mfa_alert_enabled.py +49 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/sls_oss_bucket_policy_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/sls_oss_bucket_policy_changes_alert_enabled.py +57 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/sls_oss_permission_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/sls_oss_permission_changes_alert_enabled.py +48 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/sls_ram_role_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/sls_ram_role_changes_alert_enabled.py +54 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/sls_rds_instance_configuration_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/sls_rds_instance_configuration_changes_alert_enabled.py +72 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/sls_root_account_usage_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/sls_root_account_usage_alert_enabled.py +50 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/sls_security_group_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/sls_security_group_changes_alert_enabled.py +56 -0
- prowler/providers/alibabacloud/services/sls/sls_service.py +137 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/sls_unauthorized_api_calls_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/sls_unauthorized_api_calls_alert_enabled.py +56 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/sls_vpc_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/sls_vpc_changes_alert_enabled.py +57 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/sls_vpc_network_route_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/sls_vpc_network_route_changes_alert_enabled.py +52 -0
- prowler/providers/alibabacloud/services/vpc/__init__.py +0 -0
- prowler/providers/alibabacloud/services/vpc/vpc_client.py +4 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled.py +30 -0
- prowler/providers/alibabacloud/services/vpc/vpc_service.py +102 -0
- prowler/providers/aws/aws_regions_by_service.json +20 -0
- prowler/providers/aws/services/apigateway/apigateway_restapi_waf_acl_attached/apigateway_restapi_waf_acl_attached.metadata.json +1 -3
- prowler/providers/aws/services/cloudtrail/cloudtrail_insights_exist/cloudtrail_insights_exist.metadata.json +1 -1
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_acls_alarm_configured/cloudwatch_changes_to_network_acls_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_gateways_alarm_configured/cloudwatch_changes_to_network_gateways_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_route_tables_alarm_configured/cloudwatch_changes_to_network_route_tables_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_vpcs_alarm_configured/cloudwatch_changes_to_vpcs_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_authentication_failures/cloudwatch_log_metric_filter_authentication_failures.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_aws_organizations_changes/cloudwatch_log_metric_filter_aws_organizations_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_policy_changes/cloudwatch_log_metric_filter_policy_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_root_usage/cloudwatch_log_metric_filter_root_usage.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_security_group_changes/cloudwatch_log_metric_filter_security_group_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_sign_in_without_mfa/cloudwatch_log_metric_filter_sign_in_without_mfa.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_unauthorized_api_calls/cloudwatch_log_metric_filter_unauthorized_api_calls.metadata.json +0 -1
- prowler/providers/aws/services/guardduty/guardduty_centrally_managed/guardduty_centrally_managed.metadata.json +16 -10
- prowler/providers/aws/services/guardduty/guardduty_ec2_malware_protection_enabled/guardduty_ec2_malware_protection_enabled.metadata.json +23 -14
- prowler/providers/aws/services/guardduty/guardduty_eks_audit_log_enabled/guardduty_eks_audit_log_enabled.metadata.json +19 -13
- prowler/providers/aws/services/guardduty/guardduty_eks_runtime_monitoring_enabled/guardduty_eks_runtime_monitoring_enabled.metadata.json +18 -12
- prowler/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled.metadata.json +24 -13
- prowler/providers/aws/services/guardduty/guardduty_lambda_protection_enabled/guardduty_lambda_protection_enabled.metadata.json +20 -14
- prowler/providers/aws/services/guardduty/guardduty_no_high_severity_findings/guardduty_no_high_severity_findings.metadata.json +18 -9
- prowler/providers/aws/services/guardduty/guardduty_rds_protection_enabled/guardduty_rds_protection_enabled.metadata.json +18 -11
- prowler/providers/aws/services/guardduty/guardduty_s3_protection_enabled/guardduty_s3_protection_enabled.metadata.json +21 -12
- prowler/providers/aws/services/lightsail/lightsail_database_public/lightsail_database_public.metadata.json +21 -13
- prowler/providers/aws/services/lightsail/lightsail_instance_automated_snapshots/lightsail_instance_automated_snapshots.metadata.json +24 -13
- prowler/providers/aws/services/lightsail/lightsail_instance_public/lightsail_instance_public.metadata.json +21 -13
- prowler/providers/aws/services/lightsail/lightsail_static_ip_unused/lightsail_static_ip_unused.metadata.json +23 -14
- prowler/providers/aws/services/macie/macie_automated_sensitive_data_discovery_enabled/macie_automated_sensitive_data_discovery_enabled.metadata.json +20 -12
- prowler/providers/aws/services/macie/macie_is_enabled/macie_is_enabled.metadata.json +17 -12
- prowler/providers/aws/services/mq/mq_broker_active_deployment_mode/mq_broker_active_deployment_mode.metadata.json +22 -13
- prowler/providers/aws/services/mq/mq_broker_auto_minor_version_upgrades/mq_broker_auto_minor_version_upgrades.metadata.json +21 -12
- prowler/providers/aws/services/mq/mq_broker_cluster_deployment_mode/mq_broker_cluster_deployment_mode.metadata.json +23 -14
- prowler/providers/aws/services/mq/mq_broker_logging_enabled/mq_broker_logging_enabled.metadata.json +22 -13
- prowler/providers/aws/services/mq/mq_broker_not_publicly_accessible/mq_broker_not_publicly_accessible.metadata.json +20 -12
- prowler/providers/aws/services/networkfirewall/networkfirewall_deletion_protection/networkfirewall_deletion_protection.metadata.json +21 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_in_all_vpc/networkfirewall_in_all_vpc.metadata.json +23 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_logging_enabled/networkfirewall_logging_enabled.metadata.json +20 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_multi_az/networkfirewall_multi_az.metadata.json +22 -14
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_default_action_fragmented_packets/networkfirewall_policy_default_action_fragmented_packets.metadata.json +26 -14
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_default_action_full_packets/networkfirewall_policy_default_action_full_packets.metadata.json +22 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_rule_group_associated/networkfirewall_policy_rule_group_associated.metadata.json +25 -14
- prowler/providers/common/provider.py +12 -0
- prowler/providers/gcp/services/accesscontextmanager/__init__.py +0 -0
- prowler/providers/gcp/services/accesscontextmanager/accesscontextmanager_client.py +6 -0
- prowler/providers/gcp/services/accesscontextmanager/accesscontextmanager_service.py +101 -0
- prowler/providers/gcp/services/cloudresourcemanager/cloudresourcemanager_service.py +10 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_service.py +13 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/__init__.py +0 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/cloudstorage_uses_vpc_service_controls.metadata.json +36 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/cloudstorage_uses_vpc_service_controls.py +67 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/compute_instance_automatic_restart_enabled.metadata.json +36 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/compute_instance_automatic_restart_enabled.py +35 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/compute_instance_deletion_protection_enabled.metadata.json +36 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/compute_instance_deletion_protection_enabled.py +29 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/compute_instance_preemptible_vm_disabled.metadata.json +37 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/compute_instance_preemptible_vm_disabled.py +32 -0
- prowler/providers/gcp/services/compute/compute_service.py +16 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/__init__.py +0 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/repository_immutable_releases_enabled.metadata.json +33 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/repository_immutable_releases_enabled.py +41 -0
- prowler/providers/github/services/repository/repository_service.py +52 -0
- {prowler_cloud-5.14.1.dist-info → prowler_cloud-5.15.0.dist-info}/METADATA +40 -22
- {prowler_cloud-5.14.1.dist-info → prowler_cloud-5.15.0.dist-info}/RECORD +326 -73
- {prowler_cloud-5.14.1.dist-info → prowler_cloud-5.15.0.dist-info}/LICENSE +0 -0
- {prowler_cloud-5.14.1.dist-info → prowler_cloud-5.15.0.dist-info}/WHEEL +0 -0
- {prowler_cloud-5.14.1.dist-info → prowler_cloud-5.15.0.dist-info}/entry_points.txt +0 -0
|
Binary file
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import warnings
|
|
2
|
+
|
|
3
|
+
from dashboard.common_methods import get_section_containers_cis
|
|
4
|
+
|
|
5
|
+
warnings.filterwarnings("ignore")
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
def get_table(data):
|
|
9
|
+
aux = data[
|
|
10
|
+
[
|
|
11
|
+
"REQUIREMENTS_ID",
|
|
12
|
+
"REQUIREMENTS_DESCRIPTION",
|
|
13
|
+
"REQUIREMENTS_ATTRIBUTES_SECTION",
|
|
14
|
+
"CHECKID",
|
|
15
|
+
"STATUS",
|
|
16
|
+
"REGION",
|
|
17
|
+
"ACCOUNTID",
|
|
18
|
+
"RESOURCEID",
|
|
19
|
+
]
|
|
20
|
+
].copy()
|
|
21
|
+
|
|
22
|
+
return get_section_containers_cis(
|
|
23
|
+
aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
|
|
24
|
+
)
|
dashboard/lib/layouts.py
CHANGED
|
@@ -61,6 +61,7 @@ def create_layout_overview(
|
|
|
61
61
|
html.Div(className="flex", id="gcp_card", n_clicks=0),
|
|
62
62
|
html.Div(className="flex", id="k8s_card", n_clicks=0),
|
|
63
63
|
html.Div(className="flex", id="m365_card", n_clicks=0),
|
|
64
|
+
html.Div(className="flex", id="alibabacloud_card", n_clicks=0),
|
|
64
65
|
],
|
|
65
66
|
className=f"grid gap-x-4 mb-[30px] sm:grid-cols-2 lg:grid-cols-{amount_providers}",
|
|
66
67
|
),
|
dashboard/pages/compliance.py
CHANGED
|
@@ -78,6 +78,8 @@ def load_csv_files(csv_files):
|
|
|
78
78
|
result = result.replace("_KUBERNETES", " - KUBERNETES")
|
|
79
79
|
if "M65" in result:
|
|
80
80
|
result = result.replace("_M65", " - M65")
|
|
81
|
+
if "ALIBABACLOUD" in result:
|
|
82
|
+
result = result.replace("_ALIBABACLOUD", " - ALIBABACLOUD")
|
|
81
83
|
results.append(result)
|
|
82
84
|
|
|
83
85
|
unique_results = set(results)
|
|
@@ -125,7 +127,7 @@ if data is None:
|
|
|
125
127
|
)
|
|
126
128
|
else:
|
|
127
129
|
|
|
128
|
-
data["ASSESSMENTDATE"] = pd.to_datetime(data["ASSESSMENTDATE"])
|
|
130
|
+
data["ASSESSMENTDATE"] = pd.to_datetime(data["ASSESSMENTDATE"], format="mixed")
|
|
129
131
|
data["ASSESSMENT_TIME"] = data["ASSESSMENTDATE"].dt.strftime("%Y-%m-%d %H:%M:%S")
|
|
130
132
|
|
|
131
133
|
data_values = data["ASSESSMENT_TIME"].unique()
|
|
@@ -278,9 +280,13 @@ def display_data(
|
|
|
278
280
|
data["REQUIREMENTS_ATTRIBUTES_PROFILE"] = data[
|
|
279
281
|
"REQUIREMENTS_ATTRIBUTES_PROFILE"
|
|
280
282
|
].apply(lambda x: x.split(" - ")[0])
|
|
283
|
+
|
|
284
|
+
# Rename the column LOCATION to REGION for Alibaba Cloud
|
|
285
|
+
if "alibabacloud" in analytics_input:
|
|
286
|
+
data = data.rename(columns={"LOCATION": "REGION"})
|
|
281
287
|
# Filter the chosen level of the CIS
|
|
282
288
|
if is_level_1:
|
|
283
|
-
data = data[data["REQUIREMENTS_ATTRIBUTES_PROFILE"]
|
|
289
|
+
data = data[data["REQUIREMENTS_ATTRIBUTES_PROFILE"].str.contains("Level 1")]
|
|
284
290
|
|
|
285
291
|
# Rename the column PROJECTID to ACCOUNTID for GCP
|
|
286
292
|
if data.columns.str.contains("PROJECTID").any():
|
dashboard/pages/overview.py
CHANGED
|
@@ -79,6 +79,9 @@ ks8_provider_logo = html.Img(
|
|
|
79
79
|
m365_provider_logo = html.Img(
|
|
80
80
|
src="assets/images/providers/m365_provider.png", alt="m365 provider"
|
|
81
81
|
)
|
|
82
|
+
alibabacloud_provider_logo = html.Img(
|
|
83
|
+
src="assets/images/providers/alibabacloud_provider.png", alt="alibabacloud provider"
|
|
84
|
+
)
|
|
82
85
|
|
|
83
86
|
|
|
84
87
|
def load_csv_files(csv_files):
|
|
@@ -253,6 +256,8 @@ else:
|
|
|
253
256
|
accounts.append(account + " - AWS")
|
|
254
257
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
255
258
|
accounts.append(account + " - K8S")
|
|
259
|
+
if "alibabacloud" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
260
|
+
accounts.append(account + " - ALIBABACLOUD")
|
|
256
261
|
|
|
257
262
|
account_dropdown = create_account_dropdown(accounts)
|
|
258
263
|
|
|
@@ -298,6 +303,8 @@ else:
|
|
|
298
303
|
services.append(service + " - GCP")
|
|
299
304
|
if "m365" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
|
|
300
305
|
services.append(service + " - M365")
|
|
306
|
+
if "alibabacloud" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
|
|
307
|
+
services.append(service + " - ALIBABACLOUD")
|
|
301
308
|
|
|
302
309
|
services = ["All"] + services
|
|
303
310
|
services = [
|
|
@@ -520,6 +527,7 @@ else:
|
|
|
520
527
|
Output("gcp_card", "children"),
|
|
521
528
|
Output("k8s_card", "children"),
|
|
522
529
|
Output("m365_card", "children"),
|
|
530
|
+
Output("alibabacloud_card", "children"),
|
|
523
531
|
Output("subscribe_card", "children"),
|
|
524
532
|
Output("info-file-over", "title"),
|
|
525
533
|
Output("severity-filter", "value"),
|
|
@@ -537,6 +545,7 @@ else:
|
|
|
537
545
|
Output("gcp_card", "n_clicks"),
|
|
538
546
|
Output("k8s_card", "n_clicks"),
|
|
539
547
|
Output("m365_card", "n_clicks"),
|
|
548
|
+
Output("alibabacloud_card", "n_clicks"),
|
|
540
549
|
],
|
|
541
550
|
Input("cloud-account-filter", "value"),
|
|
542
551
|
Input("region-filter", "value"),
|
|
@@ -560,6 +569,7 @@ else:
|
|
|
560
569
|
Input("sort_button_region", "n_clicks"),
|
|
561
570
|
Input("sort_button_service", "n_clicks"),
|
|
562
571
|
Input("sort_button_account", "n_clicks"),
|
|
572
|
+
Input("alibabacloud_card", "n_clicks"),
|
|
563
573
|
)
|
|
564
574
|
def filter_data(
|
|
565
575
|
cloud_account_values,
|
|
@@ -584,6 +594,7 @@ def filter_data(
|
|
|
584
594
|
sort_button_region,
|
|
585
595
|
sort_button_service,
|
|
586
596
|
sort_button_account,
|
|
597
|
+
alibabacloud_clicks,
|
|
587
598
|
):
|
|
588
599
|
# Use n_clicks for vulture
|
|
589
600
|
n_clicks_csv = n_clicks_csv
|
|
@@ -599,6 +610,7 @@ def filter_data(
|
|
|
599
610
|
gcp_clicks = 0
|
|
600
611
|
k8s_clicks = 0
|
|
601
612
|
m365_clicks = 0
|
|
613
|
+
alibabacloud_clicks = 0
|
|
602
614
|
if azure_clicks > 0:
|
|
603
615
|
filtered_data = data.copy()
|
|
604
616
|
if azure_clicks % 2 != 0 and "azure" in list(data["PROVIDER"]):
|
|
@@ -607,6 +619,7 @@ def filter_data(
|
|
|
607
619
|
gcp_clicks = 0
|
|
608
620
|
k8s_clicks = 0
|
|
609
621
|
m365_clicks = 0
|
|
622
|
+
alibabacloud_clicks = 0
|
|
610
623
|
if gcp_clicks > 0:
|
|
611
624
|
filtered_data = data.copy()
|
|
612
625
|
if gcp_clicks % 2 != 0 and "gcp" in list(data["PROVIDER"]):
|
|
@@ -615,6 +628,7 @@ def filter_data(
|
|
|
615
628
|
azure_clicks = 0
|
|
616
629
|
k8s_clicks = 0
|
|
617
630
|
m365_clicks = 0
|
|
631
|
+
alibabacloud_clicks = 0
|
|
618
632
|
if k8s_clicks > 0:
|
|
619
633
|
filtered_data = data.copy()
|
|
620
634
|
if k8s_clicks % 2 != 0 and "kubernetes" in list(data["PROVIDER"]):
|
|
@@ -623,6 +637,7 @@ def filter_data(
|
|
|
623
637
|
azure_clicks = 0
|
|
624
638
|
gcp_clicks = 0
|
|
625
639
|
m365_clicks = 0
|
|
640
|
+
alibabacloud_clicks = 0
|
|
626
641
|
if m365_clicks > 0:
|
|
627
642
|
filtered_data = data.copy()
|
|
628
643
|
if m365_clicks % 2 != 0 and "m365" in list(data["PROVIDER"]):
|
|
@@ -631,7 +646,16 @@ def filter_data(
|
|
|
631
646
|
azure_clicks = 0
|
|
632
647
|
gcp_clicks = 0
|
|
633
648
|
k8s_clicks = 0
|
|
634
|
-
|
|
649
|
+
alibabacloud_clicks = 0
|
|
650
|
+
if alibabacloud_clicks > 0:
|
|
651
|
+
filtered_data = data.copy()
|
|
652
|
+
if alibabacloud_clicks % 2 != 0 and "alibabacloud" in list(data["PROVIDER"]):
|
|
653
|
+
filtered_data = filtered_data[filtered_data["PROVIDER"] == "alibabacloud"]
|
|
654
|
+
aws_clicks = 0
|
|
655
|
+
azure_clicks = 0
|
|
656
|
+
gcp_clicks = 0
|
|
657
|
+
k8s_clicks = 0
|
|
658
|
+
m365_clicks = 0
|
|
635
659
|
# For all the data, we will add to the status column the value 'MUTED (FAIL)' and 'MUTED (PASS)' depending on the value of the column 'STATUS' and 'MUTED'
|
|
636
660
|
if "MUTED" in filtered_data.columns:
|
|
637
661
|
filtered_data["STATUS"] = filtered_data.apply(
|
|
@@ -723,6 +747,8 @@ def filter_data(
|
|
|
723
747
|
all_account_ids.append(account)
|
|
724
748
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
725
749
|
all_account_ids.append(account)
|
|
750
|
+
if "alibabacloud" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
751
|
+
all_account_ids.append(account)
|
|
726
752
|
|
|
727
753
|
all_account_names = []
|
|
728
754
|
if "ACCOUNT_NAME" in filtered_data.columns:
|
|
@@ -745,6 +771,10 @@ def filter_data(
|
|
|
745
771
|
cloud_accounts_options.append(item + " - AWS")
|
|
746
772
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == item]["PROVIDER"]):
|
|
747
773
|
cloud_accounts_options.append(item + " - K8S")
|
|
774
|
+
if "alibabacloud" in list(
|
|
775
|
+
data[data["ACCOUNT_UID"] == item]["PROVIDER"]
|
|
776
|
+
):
|
|
777
|
+
cloud_accounts_options.append(item + " - ALIBABACLOUD")
|
|
748
778
|
if "ACCOUNT_NAME" in filtered_data.columns:
|
|
749
779
|
if "azure" in list(data[data["ACCOUNT_NAME"] == item]["PROVIDER"]):
|
|
750
780
|
cloud_accounts_options.append(item + " - AZURE")
|
|
@@ -873,6 +903,10 @@ def filter_data(
|
|
|
873
903
|
filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
|
|
874
904
|
):
|
|
875
905
|
service_filter_options.append(item + " - M365")
|
|
906
|
+
if "alibabacloud" in list(
|
|
907
|
+
filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
|
|
908
|
+
):
|
|
909
|
+
service_filter_options.append(item + " - ALIBABACLOUD")
|
|
876
910
|
|
|
877
911
|
# Filter Service
|
|
878
912
|
if service_values == ["All"]:
|
|
@@ -1324,6 +1358,12 @@ def filter_data(
|
|
|
1324
1358
|
filtered_data.loc[
|
|
1325
1359
|
filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
|
|
1326
1360
|
] = (account + " - M365")
|
|
1361
|
+
if "alibabacloud" in list(
|
|
1362
|
+
data[data["ACCOUNT_UID"] == account]["PROVIDER"]
|
|
1363
|
+
):
|
|
1364
|
+
filtered_data.loc[
|
|
1365
|
+
filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
|
|
1366
|
+
] = (account + " - ALIBABACLOUD")
|
|
1327
1367
|
|
|
1328
1368
|
table_collapsible = []
|
|
1329
1369
|
for item in filtered_data.to_dict("records"):
|
|
@@ -1410,6 +1450,13 @@ def filter_data(
|
|
|
1410
1450
|
else:
|
|
1411
1451
|
m365_card = None
|
|
1412
1452
|
|
|
1453
|
+
if "alibabacloud" in list(data["PROVIDER"].unique()):
|
|
1454
|
+
alibabacloud_card = create_provider_card(
|
|
1455
|
+
"alibabacloud", alibabacloud_provider_logo, "Accounts", full_filtered_data
|
|
1456
|
+
)
|
|
1457
|
+
else:
|
|
1458
|
+
alibabacloud_card = None
|
|
1459
|
+
|
|
1413
1460
|
# Subscribe to Prowler Cloud card
|
|
1414
1461
|
subscribe_card = [
|
|
1415
1462
|
html.Div(
|
|
@@ -1454,6 +1501,7 @@ def filter_data(
|
|
|
1454
1501
|
gcp_card,
|
|
1455
1502
|
k8s_card,
|
|
1456
1503
|
m365_card,
|
|
1504
|
+
alibabacloud_card,
|
|
1457
1505
|
subscribe_card,
|
|
1458
1506
|
list_files,
|
|
1459
1507
|
severity_values,
|
|
@@ -1469,6 +1517,7 @@ def filter_data(
|
|
|
1469
1517
|
gcp_clicks,
|
|
1470
1518
|
k8s_clicks,
|
|
1471
1519
|
m365_clicks,
|
|
1520
|
+
alibabacloud_clicks,
|
|
1472
1521
|
)
|
|
1473
1522
|
else:
|
|
1474
1523
|
return (
|
|
@@ -1487,6 +1536,7 @@ def filter_data(
|
|
|
1487
1536
|
gcp_card,
|
|
1488
1537
|
k8s_card,
|
|
1489
1538
|
m365_card,
|
|
1539
|
+
alibabacloud_card,
|
|
1490
1540
|
subscribe_card,
|
|
1491
1541
|
list_files,
|
|
1492
1542
|
severity_values,
|
|
@@ -1504,6 +1554,7 @@ def filter_data(
|
|
|
1504
1554
|
gcp_clicks,
|
|
1505
1555
|
k8s_clicks,
|
|
1506
1556
|
m365_clicks,
|
|
1557
|
+
alibabacloud_clicks,
|
|
1507
1558
|
)
|
|
1508
1559
|
|
|
1509
1560
|
|
prowler/CHANGELOG.md
CHANGED
|
@@ -2,7 +2,45 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to the **Prowler SDK** are documented in this file.
|
|
4
4
|
|
|
5
|
-
## [
|
|
5
|
+
## [5.15.0] (Prowler v5.15.0)
|
|
6
|
+
|
|
7
|
+
### Added
|
|
8
|
+
- `cloudstorage_uses_vpc_service_controls` check for GCP provider [(#9256)](https://github.com/prowler-cloud/prowler/pull/9256)
|
|
9
|
+
- Alibaba Cloud provider with CIS 2.0 benchmark [(#9329)](https://github.com/prowler-cloud/prowler/pull/9329)
|
|
10
|
+
- `repository_immutable_releases_enabled` check for GitHub provider [(#9162)](https://github.com/prowler-cloud/prowler/pull/9162)
|
|
11
|
+
- `compute_instance_preemptible_vm_disabled` check for GCP provider [(#9342)](https://github.com/prowler-cloud/prowler/pull/9342)
|
|
12
|
+
- `compute_instance_automatic_restart_enabled` check for GCP provider [(#9271)](https://github.com/prowler-cloud/prowler/pull/9271)
|
|
13
|
+
- `compute_instance_deletion_protection_enabled` check for GCP provider [(#9358)](https://github.com/prowler-cloud/prowler/pull/9358)
|
|
14
|
+
- Update SOC2 - Azure with Processing Integrity requirements [(#9463)](https://github.com/prowler-cloud/prowler/pull/9463)
|
|
15
|
+
- Update SOC2 - GCP with Processing Integrity requirements [(#9464)](https://github.com/prowler-cloud/prowler/pull/9464)
|
|
16
|
+
- Update SOC2 - AWS with Processing Integrity requirements [(#9462)](https://github.com/prowler-cloud/prowler/pull/9462)
|
|
17
|
+
- RBI Cyber Security Framework compliance for Azure provider [(#8822)](https://github.com/prowler-cloud/prowler/pull/8822)
|
|
18
|
+
|
|
19
|
+
### Changed
|
|
20
|
+
- Update AWS Macie service metadata to new format [(#9265)](https://github.com/prowler-cloud/prowler/pull/9265)
|
|
21
|
+
- Update AWS Lightsail service metadata to new format [(#9264)](https://github.com/prowler-cloud/prowler/pull/9264)
|
|
22
|
+
- Update AWS GuardDuty service metadata to new format [(#9259)](https://github.com/prowler-cloud/prowler/pull/9259)
|
|
23
|
+
- Update AWS Network Firewall service metadata to new format [(#9382)](https://github.com/prowler-cloud/prowler/pull/9382)
|
|
24
|
+
- Update AWS MQ service metadata to new format [(#9267)](https://github.com/prowler-cloud/prowler/pull/9267)
|
|
25
|
+
- Update AWS Macie service metadata to new format [(#9265)](https://github.com/prowler-cloud/prowler/pull/9265)
|
|
26
|
+
- Update AWS Lightsail service metadata to new format [(#9264)](https://github.com/prowler-cloud/prowler/pull/9264)
|
|
27
|
+
|
|
28
|
+
### Fixed
|
|
29
|
+
- Fix duplicate requirement IDs in ISO 27001:2013 AWS compliance framework by adding unique letter suffixes
|
|
30
|
+
- Removed incorrect threat-detection category from checks metadata [(#9489)](https://github.com/prowler-cloud/prowler/pull/9489)
|
|
31
|
+
- GCP `cloudstorage_uses_vpc_service_controls` check to handle VPC Service Controls blocked API access [(#9478)](https://github.com/prowler-cloud/prowler/pull/9478)
|
|
32
|
+
|
|
33
|
+
---
|
|
34
|
+
|
|
35
|
+
## [5.14.2] (Prowler v5.14.2)
|
|
36
|
+
|
|
37
|
+
### Fixed
|
|
38
|
+
- Custom check folder metadata validation [(#9335)](https://github.com/prowler-cloud/prowler/pull/9335)
|
|
39
|
+
- Pin `alibabacloud-gateway-oss-util` to version 0.0.3 to address missing dependency [(#9487)](https://github.com/prowler-cloud/prowler/pull/9487)
|
|
40
|
+
|
|
41
|
+
---
|
|
42
|
+
|
|
43
|
+
## [5.14.1] (Prowler v5.14.1)
|
|
6
44
|
|
|
7
45
|
### Fixed
|
|
8
46
|
- `sharepoint_external_sharing_managed` check to handle external sharing disabled at organization level [(#9298)](https://github.com/prowler-cloud/prowler/pull/9298)
|
|
@@ -10,7 +48,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
10
48
|
|
|
11
49
|
---
|
|
12
50
|
|
|
13
|
-
## [
|
|
51
|
+
## [5.14.0] (Prowler v5.14.0)
|
|
14
52
|
|
|
15
53
|
### Added
|
|
16
54
|
- GitHub provider check `organization_default_repository_permission_strict` [(#8785)](https://github.com/prowler-cloud/prowler/pull/8785)
|
|
@@ -72,6 +110,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
72
110
|
- Update AWS Kinesis service metadata to new format [(#9262)](https://github.com/prowler-cloud/prowler/pull/9262)
|
|
73
111
|
- Update AWS DocumentDB service metadata to new format [(#8862)](https://github.com/prowler-cloud/prowler/pull/8862)
|
|
74
112
|
|
|
113
|
+
|
|
75
114
|
### Fixed
|
|
76
115
|
- Check `check_name` has no `resource_name` error for GCP provider [(#9169)](https://github.com/prowler-cloud/prowler/pull/9169)
|
|
77
116
|
- Depth Truncation and parsing error in PowerShell queries [(#9181)](https://github.com/prowler-cloud/prowler/pull/9181)
|
|
@@ -87,7 +126,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
87
126
|
|
|
88
127
|
---
|
|
89
128
|
|
|
90
|
-
## [
|
|
129
|
+
## [5.13.1] (Prowler v5.13.1)
|
|
91
130
|
|
|
92
131
|
### Fixed
|
|
93
132
|
- Add `resource_name` for checks under `logging` for the GCP provider [(#9023)](https://github.com/prowler-cloud/prowler/pull/9023)
|
|
@@ -103,7 +142,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
103
142
|
|
|
104
143
|
---
|
|
105
144
|
|
|
106
|
-
## [
|
|
145
|
+
## [5.13.0] (Prowler v5.13.0)
|
|
107
146
|
|
|
108
147
|
### Added
|
|
109
148
|
- Support for AdditionalURLs in outputs [(#8651)](https://github.com/prowler-cloud/prowler/pull/8651)
|
|
@@ -161,7 +200,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
161
200
|
|
|
162
201
|
---
|
|
163
202
|
|
|
164
|
-
## [
|
|
203
|
+
## [5.12.1] (Prowler v5.12.1)
|
|
165
204
|
|
|
166
205
|
### Fixed
|
|
167
206
|
- Replaced old check id with new ones for compliance files [(#8682)](https://github.com/prowler-cloud/prowler/pull/8682)
|
|
@@ -170,7 +209,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
170
209
|
|
|
171
210
|
---
|
|
172
211
|
|
|
173
|
-
## [
|
|
212
|
+
## [5.12.0] (Prowler v5.12.0)
|
|
174
213
|
|
|
175
214
|
### Added
|
|
176
215
|
- Add more fields for the Jira ticket and handle custom fields errors [(#8601)](https://github.com/prowler-cloud/prowler/pull/8601)
|
|
@@ -206,7 +245,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
206
245
|
|
|
207
246
|
---
|
|
208
247
|
|
|
209
|
-
## [
|
|
248
|
+
## [5.11.0] (Prowler v5.11.0)
|
|
210
249
|
|
|
211
250
|
### Added
|
|
212
251
|
- Certificate authentication for M365 provider [(#8404)](https://github.com/prowler-cloud/prowler/pull/8404)
|
|
@@ -237,7 +276,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
237
276
|
|
|
238
277
|
---
|
|
239
278
|
|
|
240
|
-
## [
|
|
279
|
+
## [5.10.2] (Prowler v5.10.2)
|
|
241
280
|
|
|
242
281
|
### Fixed
|
|
243
282
|
- Order requirements by ID in Prowler ThreatScore AWS compliance framework [(#8495)](https://github.com/prowler-cloud/prowler/pull/8495)
|
|
@@ -251,14 +290,14 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
251
290
|
|
|
252
291
|
---
|
|
253
292
|
|
|
254
|
-
## [
|
|
293
|
+
## [5.10.1] (Prowler v5.10.1)
|
|
255
294
|
|
|
256
295
|
### Fixed
|
|
257
296
|
- Remove invalid requirements from CIS 1.0 for GitHub provider [(#8472)](https://github.com/prowler-cloud/prowler/pull/8472)
|
|
258
297
|
|
|
259
298
|
---
|
|
260
299
|
|
|
261
|
-
## [
|
|
300
|
+
## [5.10.0] (Prowler v5.10.0)
|
|
262
301
|
|
|
263
302
|
### Added
|
|
264
303
|
- `bedrock_api_key_no_administrative_privileges` check for AWS provider [(#8321)](https://github.com/prowler-cloud/prowler/pull/8321)
|
|
@@ -298,14 +337,14 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
298
337
|
|
|
299
338
|
---
|
|
300
339
|
|
|
301
|
-
## [
|
|
340
|
+
## [5.9.2] (Prowler v5.9.2)
|
|
302
341
|
|
|
303
342
|
### Fixed
|
|
304
343
|
- Use the correct resource name in `defender_domain_dkim_enabled` check [(#8334)](https://github.com/prowler-cloud/prowler/pull/8334)
|
|
305
344
|
|
|
306
345
|
---
|
|
307
346
|
|
|
308
|
-
## [
|
|
347
|
+
## [5.9.0] (Prowler v5.9.0)
|
|
309
348
|
|
|
310
349
|
### Added
|
|
311
350
|
- `storage_smb_channel_encryption_with_secure_algorithm` check for Azure provider [(#8123)](https://github.com/prowler-cloud/prowler/pull/8123)
|
|
@@ -339,7 +378,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
339
378
|
|
|
340
379
|
---
|
|
341
380
|
|
|
342
|
-
## [
|
|
381
|
+
## [5.8.1] (Prowler v5.8.1)
|
|
343
382
|
|
|
344
383
|
### Fixed
|
|
345
384
|
- Detect wildcarded ARNs in sts:AssumeRole policy resources [(#8164)](https://github.com/prowler-cloud/prowler/pull/8164)
|
|
@@ -349,7 +388,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
349
388
|
|
|
350
389
|
---
|
|
351
390
|
|
|
352
|
-
## [
|
|
391
|
+
## [5.8.0] (Prowler v5.8.0)
|
|
353
392
|
|
|
354
393
|
### Added
|
|
355
394
|
|
|
@@ -411,7 +450,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
411
450
|
|
|
412
451
|
---
|
|
413
452
|
|
|
414
|
-
## [
|
|
453
|
+
## [5.7.5] (Prowler v5.7.5)
|
|
415
454
|
|
|
416
455
|
### Fixed
|
|
417
456
|
- Use unified timestamp for all requirements [(#8059)](https://github.com/prowler-cloud/prowler/pull/8059)
|
|
@@ -429,7 +468,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
429
468
|
|
|
430
469
|
---
|
|
431
470
|
|
|
432
|
-
## [
|
|
471
|
+
## [5.7.3] (Prowler v5.7.3)
|
|
433
472
|
|
|
434
473
|
### Fixed
|
|
435
474
|
- Automatically encrypt password in Microsoft365 provider [(#7784)](https://github.com/prowler-cloud/prowler/pull/7784)
|
|
@@ -437,7 +476,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
437
476
|
|
|
438
477
|
---
|
|
439
478
|
|
|
440
|
-
## [
|
|
479
|
+
## [5.7.2] (Prowler v5.7.2)
|
|
441
480
|
|
|
442
481
|
### Fixed
|
|
443
482
|
- `m365_powershell test_credentials` to use sanitized credentials [(#7761)](https://github.com/prowler-cloud/prowler/pull/7761)
|
|
@@ -449,7 +488,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
449
488
|
|
|
450
489
|
---
|
|
451
490
|
|
|
452
|
-
## [
|
|
491
|
+
## [5.7.0] (Prowler v5.7.0)
|
|
453
492
|
|
|
454
493
|
### Added
|
|
455
494
|
- Update the compliance list supported for each provider from docs [(#7694)](https://github.com/prowler-cloud/prowler/pull/7694)
|
|
@@ -477,7 +516,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
477
516
|
|
|
478
517
|
---
|
|
479
518
|
|
|
480
|
-
## [
|
|
519
|
+
## [5.6.0] (Prowler v5.6.0)
|
|
481
520
|
|
|
482
521
|
### Added
|
|
483
522
|
- SOC2 compliance framework to Azure [(#7489)](https://github.com/prowler-cloud/prowler/pull/7489)
|
|
@@ -546,7 +585,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
546
585
|
|
|
547
586
|
---
|
|
548
587
|
|
|
549
|
-
## [
|
|
588
|
+
## [5.5.1] (Prowler v5.5.1)
|
|
550
589
|
|
|
551
590
|
### Fixed
|
|
552
591
|
- Default name to contacts in Azure Defender [(#7483)](https://github.com/prowler-cloud/prowler/pull/7483)
|
prowler/__main__.py
CHANGED
|
@@ -24,6 +24,7 @@ from prowler.lib.check.check import (
|
|
|
24
24
|
list_checks_json,
|
|
25
25
|
list_fixers,
|
|
26
26
|
list_services,
|
|
27
|
+
load_custom_checks_metadata,
|
|
27
28
|
parse_checks_from_file,
|
|
28
29
|
parse_checks_from_folder,
|
|
29
30
|
print_categories,
|
|
@@ -55,6 +56,7 @@ from prowler.lib.outputs.compliance.c5.c5_gcp import GCPC5
|
|
|
55
56
|
from prowler.lib.outputs.compliance.ccc.ccc_aws import CCC_AWS
|
|
56
57
|
from prowler.lib.outputs.compliance.ccc.ccc_azure import CCC_Azure
|
|
57
58
|
from prowler.lib.outputs.compliance.ccc.ccc_gcp import CCC_GCP
|
|
59
|
+
from prowler.lib.outputs.compliance.cis.cis_alibabacloud import AlibabaCloudCIS
|
|
58
60
|
from prowler.lib.outputs.compliance.cis.cis_aws import AWSCIS
|
|
59
61
|
from prowler.lib.outputs.compliance.cis.cis_azure import AzureCIS
|
|
60
62
|
from prowler.lib.outputs.compliance.cis.cis_gcp import GCPCIS
|
|
@@ -103,6 +105,7 @@ from prowler.lib.outputs.ocsf.ocsf import OCSF
|
|
|
103
105
|
from prowler.lib.outputs.outputs import extract_findings_statistics, report
|
|
104
106
|
from prowler.lib.outputs.slack.slack import Slack
|
|
105
107
|
from prowler.lib.outputs.summary_table import display_summary_table
|
|
108
|
+
from prowler.providers.alibabacloud.models import AlibabaCloudOutputOptions
|
|
106
109
|
from prowler.providers.aws.lib.s3.s3 import S3
|
|
107
110
|
from prowler.providers.aws.lib.security_hub.security_hub import SecurityHub
|
|
108
111
|
from prowler.providers.aws.models import AWSOutputOptions
|
|
@@ -185,6 +188,11 @@ def prowler():
|
|
|
185
188
|
logger.debug("Loading checks metadata from .metadata.json files")
|
|
186
189
|
bulk_checks_metadata = CheckMetadata.get_bulk(provider)
|
|
187
190
|
|
|
191
|
+
# Load custom checks metadata before validation
|
|
192
|
+
if checks_folder:
|
|
193
|
+
custom_folder_metadata = load_custom_checks_metadata(checks_folder)
|
|
194
|
+
bulk_checks_metadata.update(custom_folder_metadata)
|
|
195
|
+
|
|
188
196
|
if args.list_categories:
|
|
189
197
|
print_categories(list_categories(bulk_checks_metadata))
|
|
190
198
|
sys.exit()
|
|
@@ -341,6 +349,10 @@ def prowler():
|
|
|
341
349
|
output_options = OCIOutputOptions(
|
|
342
350
|
args, bulk_checks_metadata, global_provider.identity
|
|
343
351
|
)
|
|
352
|
+
elif provider == "alibabacloud":
|
|
353
|
+
output_options = AlibabaCloudOutputOptions(
|
|
354
|
+
args, bulk_checks_metadata, global_provider.identity
|
|
355
|
+
)
|
|
344
356
|
|
|
345
357
|
# Run the quick inventory for the provider if available
|
|
346
358
|
if hasattr(args, "quick_inventory") and args.quick_inventory:
|
|
@@ -1012,6 +1024,34 @@ def prowler():
|
|
|
1012
1024
|
generated_outputs["compliance"].append(generic_compliance)
|
|
1013
1025
|
generic_compliance.batch_write_data_to_file()
|
|
1014
1026
|
|
|
1027
|
+
elif provider == "alibabacloud":
|
|
1028
|
+
for compliance_name in input_compliance_frameworks:
|
|
1029
|
+
if compliance_name.startswith("cis_"):
|
|
1030
|
+
# Generate CIS Finding Object
|
|
1031
|
+
filename = (
|
|
1032
|
+
f"{output_options.output_directory}/compliance/"
|
|
1033
|
+
f"{output_options.output_filename}_{compliance_name}.csv"
|
|
1034
|
+
)
|
|
1035
|
+
cis = AlibabaCloudCIS(
|
|
1036
|
+
findings=finding_outputs,
|
|
1037
|
+
compliance=bulk_compliance_frameworks[compliance_name],
|
|
1038
|
+
file_path=filename,
|
|
1039
|
+
)
|
|
1040
|
+
generated_outputs["compliance"].append(cis)
|
|
1041
|
+
cis.batch_write_data_to_file()
|
|
1042
|
+
else:
|
|
1043
|
+
filename = (
|
|
1044
|
+
f"{output_options.output_directory}/compliance/"
|
|
1045
|
+
f"{output_options.output_filename}_{compliance_name}.csv"
|
|
1046
|
+
)
|
|
1047
|
+
generic_compliance = GenericCompliance(
|
|
1048
|
+
findings=finding_outputs,
|
|
1049
|
+
compliance=bulk_compliance_frameworks[compliance_name],
|
|
1050
|
+
file_path=filename,
|
|
1051
|
+
)
|
|
1052
|
+
generated_outputs["compliance"].append(generic_compliance)
|
|
1053
|
+
generic_compliance.batch_write_data_to_file()
|
|
1054
|
+
|
|
1015
1055
|
# AWS Security Hub Integration
|
|
1016
1056
|
if provider == "aws":
|
|
1017
1057
|
# Send output to S3 if needed (-B / -D) for all the output formats
|
|
File without changes
|