prowler-cloud 5.14.2__py3-none-any.whl → 5.15.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- dashboard/assets/images/providers/alibabacloud_provider.png +0 -0
- dashboard/compliance/cis_2_0_alibabacloud.py +24 -0
- dashboard/lib/layouts.py +1 -0
- dashboard/pages/compliance.py +8 -2
- dashboard/pages/overview.py +52 -1
- prowler/CHANGELOG.md +59 -21
- prowler/__main__.py +34 -0
- prowler/compliance/alibabacloud/__init__.py +0 -0
- prowler/compliance/alibabacloud/cis_2.0_alibabacloud.json +1833 -0
- prowler/compliance/aws/iso27001_2013_aws.json +158 -158
- prowler/compliance/aws/soc2_aws.json +100 -0
- prowler/compliance/azure/rbi_cyber_security_framework_azure.json +248 -0
- prowler/compliance/azure/soc2_azure.json +87 -1
- prowler/compliance/gcp/soc2_gcp.json +82 -1
- prowler/config/config.py +2 -1
- prowler/lib/check/check.py +4 -0
- prowler/lib/check/models.py +23 -0
- prowler/lib/check/utils.py +1 -1
- prowler/lib/cli/parser.py +3 -2
- prowler/lib/outputs/compliance/cis/cis_alibabacloud.py +106 -0
- prowler/lib/outputs/compliance/cis/models.py +35 -0
- prowler/lib/outputs/finding.py +16 -0
- prowler/lib/outputs/html/html.py +67 -0
- prowler/lib/outputs/outputs.py +2 -0
- prowler/lib/outputs/summary_table.py +3 -0
- prowler/providers/alibabacloud/__init__.py +0 -0
- prowler/providers/alibabacloud/alibabacloud_provider.py +872 -0
- prowler/providers/alibabacloud/config.py +41 -0
- prowler/providers/alibabacloud/exceptions/__init__.py +0 -0
- prowler/providers/alibabacloud/exceptions/exceptions.py +116 -0
- prowler/providers/alibabacloud/lib/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/arguments/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/arguments/arguments.py +58 -0
- prowler/providers/alibabacloud/lib/mutelist/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/mutelist/mutelist.py +175 -0
- prowler/providers/alibabacloud/lib/service/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/service/service.py +113 -0
- prowler/providers/alibabacloud/models.py +266 -0
- prowler/providers/alibabacloud/services/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_client.py +6 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/actiontrail_multi_region_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/actiontrail_multi_region_enabled.py +81 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/actiontrail_oss_bucket_not_publicly_accessible.metadata.json +40 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/actiontrail_oss_bucket_not_publicly_accessible.py +119 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_service.py +110 -0
- prowler/providers/alibabacloud/services/cs/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_client.py +4 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/cs_kubernetes_cloudmonitor_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/cs_kubernetes_cloudmonitor_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/cs_kubernetes_cluster_check_recent.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/cs_kubernetes_cluster_check_recent.py +62 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_weekly/cs_kubernetes_cluster_check_weekly.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_weekly/cs_kubernetes_cluster_check_weekly.py +62 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/cs_kubernetes_dashboard_disabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/cs_kubernetes_dashboard_disabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/cs_kubernetes_eni_multiple_ip_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/cs_kubernetes_eni_multiple_ip_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/cs_kubernetes_log_service_enabled.metadata.json +40 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/cs_kubernetes_log_service_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/cs_kubernetes_network_policy_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/cs_kubernetes_network_policy_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/cs_kubernetes_private_cluster_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/cs_kubernetes_private_cluster_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/cs_kubernetes_rbac_enabled.metadata.json +40 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/cs_kubernetes_rbac_enabled.py +28 -0
- prowler/providers/alibabacloud/services/cs/cs_service.py +354 -0
- prowler/providers/alibabacloud/services/ecs/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/ecs_attached_disk_encrypted.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/ecs_attached_disk_encrypted.py +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_client.py +4 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/ecs_instance_endpoint_protection_installed.metadata.json +41 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/ecs_instance_endpoint_protection_installed.py +47 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/ecs_instance_latest_os_patches_applied.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/ecs_instance_latest_os_patches_applied.py +50 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/ecs_instance_no_legacy_network.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/ecs_instance_no_legacy_network.py +34 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/ecs_securitygroup_restrict_rdp_internet.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/ecs_securitygroup_restrict_rdp_internet.py +68 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/ecs_securitygroup_restrict_ssh_internet.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/ecs_securitygroup_restrict_ssh_internet.py +68 -0
- prowler/providers/alibabacloud/services/ecs/ecs_service.py +380 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/ecs_unattached_disk_encrypted.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/ecs_unattached_disk_encrypted.py +38 -0
- prowler/providers/alibabacloud/services/ecs/lib/security_groups.py +23 -0
- prowler/providers/alibabacloud/services/oss/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/oss_bucket_logging_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/oss_bucket_logging_enabled.py +37 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/oss_bucket_not_publicly_accessible.metadata.json +39 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/oss_bucket_not_publicly_accessible.py +89 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/oss_bucket_secure_transport_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/oss_bucket_secure_transport_enabled.py +87 -0
- prowler/providers/alibabacloud/services/oss/oss_client.py +4 -0
- prowler/providers/alibabacloud/services/oss/oss_service.py +317 -0
- prowler/providers/alibabacloud/services/ram/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_client.py +4 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/ram_no_root_access_key.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/ram_no_root_access_key.py +33 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/ram_password_policy_lowercase.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/ram_password_policy_lowercase.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/ram_password_policy_max_login_attempts.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/ram_password_policy_max_login_attempts.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/ram_password_policy_max_password_age.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/ram_password_policy_max_password_age.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/ram_password_policy_minimum_length.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/ram_password_policy_minimum_length.py +30 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_number/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_number/ram_password_policy_number.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/ram_password_policy_password_reuse_prevention.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/ram_password_policy_password_reuse_prevention.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/ram_password_policy_symbol.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/ram_password_policy_symbol.py +34 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/ram_password_policy_uppercase.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/ram_password_policy_uppercase.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/ram_policy_attached_only_to_group_or_roles.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/ram_policy_attached_only_to_group_or_roles.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/ram_policy_no_administrative_privileges.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/ram_policy_no_administrative_privileges.py +73 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/ram_rotate_access_key_90_days.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/ram_rotate_access_key_90_days.py +58 -0
- prowler/providers/alibabacloud/services/ram/ram_service.py +478 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/ram_user_console_access_unused.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/ram_user_console_access_unused.py +56 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/ram_user_mfa_enabled_console_access.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/ram_user_mfa_enabled_console_access.py +36 -0
- prowler/providers/alibabacloud/services/rds/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_client.py +4 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/rds_instance_no_public_access_whitelist.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/rds_instance_no_public_access_whitelist.py +36 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/rds_instance_postgresql_log_connections_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/rds_instance_postgresql_log_connections_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/rds_instance_postgresql_log_disconnections_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/rds_instance_postgresql_log_disconnections_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/rds_instance_postgresql_log_duration_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/rds_instance_postgresql_log_duration_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/rds_instance_sql_audit_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/rds_instance_sql_audit_enabled.py +32 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/rds_instance_sql_audit_retention.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/rds_instance_sql_audit_retention.py +41 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/rds_instance_ssl_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/rds_instance_ssl_enabled.py +30 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/rds_instance_tde_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/rds_instance_tde_enabled.py +32 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/rds_instance_tde_key_custom.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/rds_instance_tde_key_custom.py +38 -0
- prowler/providers/alibabacloud/services/rds/rds_service.py +274 -0
- prowler/providers/alibabacloud/services/securitycenter/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/securitycenter_advanced_or_enterprise_edition.metadata.json +43 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/securitycenter_advanced_or_enterprise_edition.py +48 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/securitycenter_all_assets_agent_installed.metadata.json +42 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/securitycenter_all_assets_agent_installed.py +48 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_client.py +6 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/securitycenter_notification_enabled_high_risk.metadata.json +42 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/securitycenter_notification_enabled_high_risk.py +65 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_service.py +394 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/securitycenter_vulnerability_scan_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/securitycenter_vulnerability_scan_enabled.py +68 -0
- prowler/providers/alibabacloud/services/sls/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_client.py +4 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/sls_cloud_firewall_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/sls_cloud_firewall_changes_alert_enabled.py +50 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/sls_customer_created_cmk_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/sls_customer_created_cmk_changes_alert_enabled.py +48 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/sls_logstore_retention_period.metadata.json +38 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/sls_logstore_retention_period.py +32 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/sls_management_console_authentication_failures_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/sls_management_console_authentication_failures_alert_enabled.py +44 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/sls_management_console_signin_without_mfa_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/sls_management_console_signin_without_mfa_alert_enabled.py +49 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/sls_oss_bucket_policy_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/sls_oss_bucket_policy_changes_alert_enabled.py +57 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/sls_oss_permission_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/sls_oss_permission_changes_alert_enabled.py +48 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/sls_ram_role_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/sls_ram_role_changes_alert_enabled.py +54 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/sls_rds_instance_configuration_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/sls_rds_instance_configuration_changes_alert_enabled.py +72 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/sls_root_account_usage_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/sls_root_account_usage_alert_enabled.py +50 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/sls_security_group_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/sls_security_group_changes_alert_enabled.py +56 -0
- prowler/providers/alibabacloud/services/sls/sls_service.py +137 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/sls_unauthorized_api_calls_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/sls_unauthorized_api_calls_alert_enabled.py +56 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/sls_vpc_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/sls_vpc_changes_alert_enabled.py +57 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/sls_vpc_network_route_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/sls_vpc_network_route_changes_alert_enabled.py +52 -0
- prowler/providers/alibabacloud/services/vpc/__init__.py +0 -0
- prowler/providers/alibabacloud/services/vpc/vpc_client.py +4 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled.py +30 -0
- prowler/providers/alibabacloud/services/vpc/vpc_service.py +102 -0
- prowler/providers/aws/aws_regions_by_service.json +20 -0
- prowler/providers/aws/services/apigateway/apigateway_restapi_waf_acl_attached/apigateway_restapi_waf_acl_attached.metadata.json +1 -3
- prowler/providers/aws/services/apigateway/apigateway_service.py +4 -1
- prowler/providers/aws/services/cloudtrail/cloudtrail_insights_exist/cloudtrail_insights_exist.metadata.json +1 -1
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_acls_alarm_configured/cloudwatch_changes_to_network_acls_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_gateways_alarm_configured/cloudwatch_changes_to_network_gateways_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_route_tables_alarm_configured/cloudwatch_changes_to_network_route_tables_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_vpcs_alarm_configured/cloudwatch_changes_to_vpcs_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_authentication_failures/cloudwatch_log_metric_filter_authentication_failures.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_aws_organizations_changes/cloudwatch_log_metric_filter_aws_organizations_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_policy_changes/cloudwatch_log_metric_filter_policy_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_root_usage/cloudwatch_log_metric_filter_root_usage.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_security_group_changes/cloudwatch_log_metric_filter_security_group_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_sign_in_without_mfa/cloudwatch_log_metric_filter_sign_in_without_mfa.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_unauthorized_api_calls/cloudwatch_log_metric_filter_unauthorized_api_calls.metadata.json +0 -1
- prowler/providers/aws/services/guardduty/guardduty_centrally_managed/guardduty_centrally_managed.metadata.json +16 -10
- prowler/providers/aws/services/guardduty/guardduty_ec2_malware_protection_enabled/guardduty_ec2_malware_protection_enabled.metadata.json +23 -14
- prowler/providers/aws/services/guardduty/guardduty_eks_audit_log_enabled/guardduty_eks_audit_log_enabled.metadata.json +19 -13
- prowler/providers/aws/services/guardduty/guardduty_eks_runtime_monitoring_enabled/guardduty_eks_runtime_monitoring_enabled.metadata.json +18 -12
- prowler/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled.metadata.json +24 -13
- prowler/providers/aws/services/guardduty/guardduty_lambda_protection_enabled/guardduty_lambda_protection_enabled.metadata.json +20 -14
- prowler/providers/aws/services/guardduty/guardduty_no_high_severity_findings/guardduty_no_high_severity_findings.metadata.json +18 -9
- prowler/providers/aws/services/guardduty/guardduty_rds_protection_enabled/guardduty_rds_protection_enabled.metadata.json +18 -11
- prowler/providers/aws/services/guardduty/guardduty_s3_protection_enabled/guardduty_s3_protection_enabled.metadata.json +21 -12
- prowler/providers/aws/services/lightsail/lightsail_database_public/lightsail_database_public.metadata.json +21 -13
- prowler/providers/aws/services/lightsail/lightsail_instance_automated_snapshots/lightsail_instance_automated_snapshots.metadata.json +24 -13
- prowler/providers/aws/services/lightsail/lightsail_instance_public/lightsail_instance_public.metadata.json +21 -13
- prowler/providers/aws/services/lightsail/lightsail_static_ip_unused/lightsail_static_ip_unused.metadata.json +23 -14
- prowler/providers/aws/services/macie/macie_automated_sensitive_data_discovery_enabled/macie_automated_sensitive_data_discovery_enabled.metadata.json +20 -12
- prowler/providers/aws/services/macie/macie_is_enabled/macie_is_enabled.metadata.json +17 -12
- prowler/providers/aws/services/mq/mq_broker_active_deployment_mode/mq_broker_active_deployment_mode.metadata.json +22 -13
- prowler/providers/aws/services/mq/mq_broker_auto_minor_version_upgrades/mq_broker_auto_minor_version_upgrades.metadata.json +21 -12
- prowler/providers/aws/services/mq/mq_broker_cluster_deployment_mode/mq_broker_cluster_deployment_mode.metadata.json +23 -14
- prowler/providers/aws/services/mq/mq_broker_logging_enabled/mq_broker_logging_enabled.metadata.json +22 -13
- prowler/providers/aws/services/mq/mq_broker_not_publicly_accessible/mq_broker_not_publicly_accessible.metadata.json +20 -12
- prowler/providers/aws/services/networkfirewall/networkfirewall_deletion_protection/networkfirewall_deletion_protection.metadata.json +21 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_in_all_vpc/networkfirewall_in_all_vpc.metadata.json +23 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_logging_enabled/networkfirewall_logging_enabled.metadata.json +20 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_multi_az/networkfirewall_multi_az.metadata.json +22 -14
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_default_action_fragmented_packets/networkfirewall_policy_default_action_fragmented_packets.metadata.json +26 -14
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_default_action_full_packets/networkfirewall_policy_default_action_full_packets.metadata.json +22 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_rule_group_associated/networkfirewall_policy_rule_group_associated.metadata.json +25 -14
- prowler/providers/common/provider.py +12 -0
- prowler/providers/gcp/services/accesscontextmanager/__init__.py +0 -0
- prowler/providers/gcp/services/accesscontextmanager/accesscontextmanager_client.py +6 -0
- prowler/providers/gcp/services/accesscontextmanager/accesscontextmanager_service.py +101 -0
- prowler/providers/gcp/services/cloudresourcemanager/cloudresourcemanager_service.py +10 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_service.py +13 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/__init__.py +0 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/cloudstorage_uses_vpc_service_controls.metadata.json +36 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/cloudstorage_uses_vpc_service_controls.py +67 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/compute_instance_automatic_restart_enabled.metadata.json +36 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/compute_instance_automatic_restart_enabled.py +35 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/compute_instance_deletion_protection_enabled.metadata.json +36 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/compute_instance_deletion_protection_enabled.py +29 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/compute_instance_preemptible_vm_disabled.metadata.json +37 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/compute_instance_preemptible_vm_disabled.py +32 -0
- prowler/providers/gcp/services/compute/compute_service.py +16 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/__init__.py +0 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/repository_immutable_releases_enabled.metadata.json +33 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/repository_immutable_releases_enabled.py +41 -0
- prowler/providers/github/services/repository/repository_service.py +52 -0
- {prowler_cloud-5.14.2.dist-info → prowler_cloud-5.15.1.dist-info}/METADATA +40 -22
- {prowler_cloud-5.14.2.dist-info → prowler_cloud-5.15.1.dist-info}/RECORD +327 -74
- {prowler_cloud-5.14.2.dist-info → prowler_cloud-5.15.1.dist-info}/LICENSE +0 -0
- {prowler_cloud-5.14.2.dist-info → prowler_cloud-5.15.1.dist-info}/WHEEL +0 -0
- {prowler_cloud-5.14.2.dist-info → prowler_cloud-5.15.1.dist-info}/entry_points.txt +0 -0
|
Binary file
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import warnings
|
|
2
|
+
|
|
3
|
+
from dashboard.common_methods import get_section_containers_cis
|
|
4
|
+
|
|
5
|
+
warnings.filterwarnings("ignore")
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
def get_table(data):
|
|
9
|
+
aux = data[
|
|
10
|
+
[
|
|
11
|
+
"REQUIREMENTS_ID",
|
|
12
|
+
"REQUIREMENTS_DESCRIPTION",
|
|
13
|
+
"REQUIREMENTS_ATTRIBUTES_SECTION",
|
|
14
|
+
"CHECKID",
|
|
15
|
+
"STATUS",
|
|
16
|
+
"REGION",
|
|
17
|
+
"ACCOUNTID",
|
|
18
|
+
"RESOURCEID",
|
|
19
|
+
]
|
|
20
|
+
].copy()
|
|
21
|
+
|
|
22
|
+
return get_section_containers_cis(
|
|
23
|
+
aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
|
|
24
|
+
)
|
dashboard/lib/layouts.py
CHANGED
|
@@ -61,6 +61,7 @@ def create_layout_overview(
|
|
|
61
61
|
html.Div(className="flex", id="gcp_card", n_clicks=0),
|
|
62
62
|
html.Div(className="flex", id="k8s_card", n_clicks=0),
|
|
63
63
|
html.Div(className="flex", id="m365_card", n_clicks=0),
|
|
64
|
+
html.Div(className="flex", id="alibabacloud_card", n_clicks=0),
|
|
64
65
|
],
|
|
65
66
|
className=f"grid gap-x-4 mb-[30px] sm:grid-cols-2 lg:grid-cols-{amount_providers}",
|
|
66
67
|
),
|
dashboard/pages/compliance.py
CHANGED
|
@@ -78,6 +78,8 @@ def load_csv_files(csv_files):
|
|
|
78
78
|
result = result.replace("_KUBERNETES", " - KUBERNETES")
|
|
79
79
|
if "M65" in result:
|
|
80
80
|
result = result.replace("_M65", " - M65")
|
|
81
|
+
if "ALIBABACLOUD" in result:
|
|
82
|
+
result = result.replace("_ALIBABACLOUD", " - ALIBABACLOUD")
|
|
81
83
|
results.append(result)
|
|
82
84
|
|
|
83
85
|
unique_results = set(results)
|
|
@@ -125,7 +127,7 @@ if data is None:
|
|
|
125
127
|
)
|
|
126
128
|
else:
|
|
127
129
|
|
|
128
|
-
data["ASSESSMENTDATE"] = pd.to_datetime(data["ASSESSMENTDATE"])
|
|
130
|
+
data["ASSESSMENTDATE"] = pd.to_datetime(data["ASSESSMENTDATE"], format="mixed")
|
|
129
131
|
data["ASSESSMENT_TIME"] = data["ASSESSMENTDATE"].dt.strftime("%Y-%m-%d %H:%M:%S")
|
|
130
132
|
|
|
131
133
|
data_values = data["ASSESSMENT_TIME"].unique()
|
|
@@ -278,9 +280,13 @@ def display_data(
|
|
|
278
280
|
data["REQUIREMENTS_ATTRIBUTES_PROFILE"] = data[
|
|
279
281
|
"REQUIREMENTS_ATTRIBUTES_PROFILE"
|
|
280
282
|
].apply(lambda x: x.split(" - ")[0])
|
|
283
|
+
|
|
284
|
+
# Rename the column LOCATION to REGION for Alibaba Cloud
|
|
285
|
+
if "alibabacloud" in analytics_input:
|
|
286
|
+
data = data.rename(columns={"LOCATION": "REGION"})
|
|
281
287
|
# Filter the chosen level of the CIS
|
|
282
288
|
if is_level_1:
|
|
283
|
-
data = data[data["REQUIREMENTS_ATTRIBUTES_PROFILE"]
|
|
289
|
+
data = data[data["REQUIREMENTS_ATTRIBUTES_PROFILE"].str.contains("Level 1")]
|
|
284
290
|
|
|
285
291
|
# Rename the column PROJECTID to ACCOUNTID for GCP
|
|
286
292
|
if data.columns.str.contains("PROJECTID").any():
|
dashboard/pages/overview.py
CHANGED
|
@@ -79,6 +79,9 @@ ks8_provider_logo = html.Img(
|
|
|
79
79
|
m365_provider_logo = html.Img(
|
|
80
80
|
src="assets/images/providers/m365_provider.png", alt="m365 provider"
|
|
81
81
|
)
|
|
82
|
+
alibabacloud_provider_logo = html.Img(
|
|
83
|
+
src="assets/images/providers/alibabacloud_provider.png", alt="alibabacloud provider"
|
|
84
|
+
)
|
|
82
85
|
|
|
83
86
|
|
|
84
87
|
def load_csv_files(csv_files):
|
|
@@ -253,6 +256,8 @@ else:
|
|
|
253
256
|
accounts.append(account + " - AWS")
|
|
254
257
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
255
258
|
accounts.append(account + " - K8S")
|
|
259
|
+
if "alibabacloud" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
260
|
+
accounts.append(account + " - ALIBABACLOUD")
|
|
256
261
|
|
|
257
262
|
account_dropdown = create_account_dropdown(accounts)
|
|
258
263
|
|
|
@@ -298,6 +303,8 @@ else:
|
|
|
298
303
|
services.append(service + " - GCP")
|
|
299
304
|
if "m365" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
|
|
300
305
|
services.append(service + " - M365")
|
|
306
|
+
if "alibabacloud" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
|
|
307
|
+
services.append(service + " - ALIBABACLOUD")
|
|
301
308
|
|
|
302
309
|
services = ["All"] + services
|
|
303
310
|
services = [
|
|
@@ -520,6 +527,7 @@ else:
|
|
|
520
527
|
Output("gcp_card", "children"),
|
|
521
528
|
Output("k8s_card", "children"),
|
|
522
529
|
Output("m365_card", "children"),
|
|
530
|
+
Output("alibabacloud_card", "children"),
|
|
523
531
|
Output("subscribe_card", "children"),
|
|
524
532
|
Output("info-file-over", "title"),
|
|
525
533
|
Output("severity-filter", "value"),
|
|
@@ -537,6 +545,7 @@ else:
|
|
|
537
545
|
Output("gcp_card", "n_clicks"),
|
|
538
546
|
Output("k8s_card", "n_clicks"),
|
|
539
547
|
Output("m365_card", "n_clicks"),
|
|
548
|
+
Output("alibabacloud_card", "n_clicks"),
|
|
540
549
|
],
|
|
541
550
|
Input("cloud-account-filter", "value"),
|
|
542
551
|
Input("region-filter", "value"),
|
|
@@ -560,6 +569,7 @@ else:
|
|
|
560
569
|
Input("sort_button_region", "n_clicks"),
|
|
561
570
|
Input("sort_button_service", "n_clicks"),
|
|
562
571
|
Input("sort_button_account", "n_clicks"),
|
|
572
|
+
Input("alibabacloud_card", "n_clicks"),
|
|
563
573
|
)
|
|
564
574
|
def filter_data(
|
|
565
575
|
cloud_account_values,
|
|
@@ -584,6 +594,7 @@ def filter_data(
|
|
|
584
594
|
sort_button_region,
|
|
585
595
|
sort_button_service,
|
|
586
596
|
sort_button_account,
|
|
597
|
+
alibabacloud_clicks,
|
|
587
598
|
):
|
|
588
599
|
# Use n_clicks for vulture
|
|
589
600
|
n_clicks_csv = n_clicks_csv
|
|
@@ -599,6 +610,7 @@ def filter_data(
|
|
|
599
610
|
gcp_clicks = 0
|
|
600
611
|
k8s_clicks = 0
|
|
601
612
|
m365_clicks = 0
|
|
613
|
+
alibabacloud_clicks = 0
|
|
602
614
|
if azure_clicks > 0:
|
|
603
615
|
filtered_data = data.copy()
|
|
604
616
|
if azure_clicks % 2 != 0 and "azure" in list(data["PROVIDER"]):
|
|
@@ -607,6 +619,7 @@ def filter_data(
|
|
|
607
619
|
gcp_clicks = 0
|
|
608
620
|
k8s_clicks = 0
|
|
609
621
|
m365_clicks = 0
|
|
622
|
+
alibabacloud_clicks = 0
|
|
610
623
|
if gcp_clicks > 0:
|
|
611
624
|
filtered_data = data.copy()
|
|
612
625
|
if gcp_clicks % 2 != 0 and "gcp" in list(data["PROVIDER"]):
|
|
@@ -615,6 +628,7 @@ def filter_data(
|
|
|
615
628
|
azure_clicks = 0
|
|
616
629
|
k8s_clicks = 0
|
|
617
630
|
m365_clicks = 0
|
|
631
|
+
alibabacloud_clicks = 0
|
|
618
632
|
if k8s_clicks > 0:
|
|
619
633
|
filtered_data = data.copy()
|
|
620
634
|
if k8s_clicks % 2 != 0 and "kubernetes" in list(data["PROVIDER"]):
|
|
@@ -623,6 +637,7 @@ def filter_data(
|
|
|
623
637
|
azure_clicks = 0
|
|
624
638
|
gcp_clicks = 0
|
|
625
639
|
m365_clicks = 0
|
|
640
|
+
alibabacloud_clicks = 0
|
|
626
641
|
if m365_clicks > 0:
|
|
627
642
|
filtered_data = data.copy()
|
|
628
643
|
if m365_clicks % 2 != 0 and "m365" in list(data["PROVIDER"]):
|
|
@@ -631,7 +646,16 @@ def filter_data(
|
|
|
631
646
|
azure_clicks = 0
|
|
632
647
|
gcp_clicks = 0
|
|
633
648
|
k8s_clicks = 0
|
|
634
|
-
|
|
649
|
+
alibabacloud_clicks = 0
|
|
650
|
+
if alibabacloud_clicks > 0:
|
|
651
|
+
filtered_data = data.copy()
|
|
652
|
+
if alibabacloud_clicks % 2 != 0 and "alibabacloud" in list(data["PROVIDER"]):
|
|
653
|
+
filtered_data = filtered_data[filtered_data["PROVIDER"] == "alibabacloud"]
|
|
654
|
+
aws_clicks = 0
|
|
655
|
+
azure_clicks = 0
|
|
656
|
+
gcp_clicks = 0
|
|
657
|
+
k8s_clicks = 0
|
|
658
|
+
m365_clicks = 0
|
|
635
659
|
# For all the data, we will add to the status column the value 'MUTED (FAIL)' and 'MUTED (PASS)' depending on the value of the column 'STATUS' and 'MUTED'
|
|
636
660
|
if "MUTED" in filtered_data.columns:
|
|
637
661
|
filtered_data["STATUS"] = filtered_data.apply(
|
|
@@ -723,6 +747,8 @@ def filter_data(
|
|
|
723
747
|
all_account_ids.append(account)
|
|
724
748
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
725
749
|
all_account_ids.append(account)
|
|
750
|
+
if "alibabacloud" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
751
|
+
all_account_ids.append(account)
|
|
726
752
|
|
|
727
753
|
all_account_names = []
|
|
728
754
|
if "ACCOUNT_NAME" in filtered_data.columns:
|
|
@@ -745,6 +771,10 @@ def filter_data(
|
|
|
745
771
|
cloud_accounts_options.append(item + " - AWS")
|
|
746
772
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == item]["PROVIDER"]):
|
|
747
773
|
cloud_accounts_options.append(item + " - K8S")
|
|
774
|
+
if "alibabacloud" in list(
|
|
775
|
+
data[data["ACCOUNT_UID"] == item]["PROVIDER"]
|
|
776
|
+
):
|
|
777
|
+
cloud_accounts_options.append(item + " - ALIBABACLOUD")
|
|
748
778
|
if "ACCOUNT_NAME" in filtered_data.columns:
|
|
749
779
|
if "azure" in list(data[data["ACCOUNT_NAME"] == item]["PROVIDER"]):
|
|
750
780
|
cloud_accounts_options.append(item + " - AZURE")
|
|
@@ -873,6 +903,10 @@ def filter_data(
|
|
|
873
903
|
filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
|
|
874
904
|
):
|
|
875
905
|
service_filter_options.append(item + " - M365")
|
|
906
|
+
if "alibabacloud" in list(
|
|
907
|
+
filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
|
|
908
|
+
):
|
|
909
|
+
service_filter_options.append(item + " - ALIBABACLOUD")
|
|
876
910
|
|
|
877
911
|
# Filter Service
|
|
878
912
|
if service_values == ["All"]:
|
|
@@ -1324,6 +1358,12 @@ def filter_data(
|
|
|
1324
1358
|
filtered_data.loc[
|
|
1325
1359
|
filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
|
|
1326
1360
|
] = (account + " - M365")
|
|
1361
|
+
if "alibabacloud" in list(
|
|
1362
|
+
data[data["ACCOUNT_UID"] == account]["PROVIDER"]
|
|
1363
|
+
):
|
|
1364
|
+
filtered_data.loc[
|
|
1365
|
+
filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
|
|
1366
|
+
] = (account + " - ALIBABACLOUD")
|
|
1327
1367
|
|
|
1328
1368
|
table_collapsible = []
|
|
1329
1369
|
for item in filtered_data.to_dict("records"):
|
|
@@ -1410,6 +1450,13 @@ def filter_data(
|
|
|
1410
1450
|
else:
|
|
1411
1451
|
m365_card = None
|
|
1412
1452
|
|
|
1453
|
+
if "alibabacloud" in list(data["PROVIDER"].unique()):
|
|
1454
|
+
alibabacloud_card = create_provider_card(
|
|
1455
|
+
"alibabacloud", alibabacloud_provider_logo, "Accounts", full_filtered_data
|
|
1456
|
+
)
|
|
1457
|
+
else:
|
|
1458
|
+
alibabacloud_card = None
|
|
1459
|
+
|
|
1413
1460
|
# Subscribe to Prowler Cloud card
|
|
1414
1461
|
subscribe_card = [
|
|
1415
1462
|
html.Div(
|
|
@@ -1454,6 +1501,7 @@ def filter_data(
|
|
|
1454
1501
|
gcp_card,
|
|
1455
1502
|
k8s_card,
|
|
1456
1503
|
m365_card,
|
|
1504
|
+
alibabacloud_card,
|
|
1457
1505
|
subscribe_card,
|
|
1458
1506
|
list_files,
|
|
1459
1507
|
severity_values,
|
|
@@ -1469,6 +1517,7 @@ def filter_data(
|
|
|
1469
1517
|
gcp_clicks,
|
|
1470
1518
|
k8s_clicks,
|
|
1471
1519
|
m365_clicks,
|
|
1520
|
+
alibabacloud_clicks,
|
|
1472
1521
|
)
|
|
1473
1522
|
else:
|
|
1474
1523
|
return (
|
|
@@ -1487,6 +1536,7 @@ def filter_data(
|
|
|
1487
1536
|
gcp_card,
|
|
1488
1537
|
k8s_card,
|
|
1489
1538
|
m365_card,
|
|
1539
|
+
alibabacloud_card,
|
|
1490
1540
|
subscribe_card,
|
|
1491
1541
|
list_files,
|
|
1492
1542
|
severity_values,
|
|
@@ -1504,6 +1554,7 @@ def filter_data(
|
|
|
1504
1554
|
gcp_clicks,
|
|
1505
1555
|
k8s_clicks,
|
|
1506
1556
|
m365_clicks,
|
|
1557
|
+
alibabacloud_clicks,
|
|
1507
1558
|
)
|
|
1508
1559
|
|
|
1509
1560
|
|
prowler/CHANGELOG.md
CHANGED
|
@@ -2,14 +2,51 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to the **Prowler SDK** are documented in this file.
|
|
4
4
|
|
|
5
|
-
## [
|
|
5
|
+
## [5.15.1] (Prowler v5.15.1)
|
|
6
|
+
|
|
7
|
+
### Fixed
|
|
8
|
+
- Fix false negative in AWS `apigateway_restapi_logging_enabled` check by refining stage logging evaluation to ensure logging level is not set to "OFF" [(#9304)](https://github.com/prowler-cloud/prowler/pull/9304)
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
## [5.15.0] (Prowler v5.15.0)
|
|
12
|
+
|
|
13
|
+
### Added
|
|
14
|
+
- `cloudstorage_uses_vpc_service_controls` check for GCP provider [(#9256)](https://github.com/prowler-cloud/prowler/pull/9256)
|
|
15
|
+
- Alibaba Cloud provider with CIS 2.0 benchmark [(#9329)](https://github.com/prowler-cloud/prowler/pull/9329)
|
|
16
|
+
- `repository_immutable_releases_enabled` check for GitHub provider [(#9162)](https://github.com/prowler-cloud/prowler/pull/9162)
|
|
17
|
+
- `compute_instance_preemptible_vm_disabled` check for GCP provider [(#9342)](https://github.com/prowler-cloud/prowler/pull/9342)
|
|
18
|
+
- `compute_instance_automatic_restart_enabled` check for GCP provider [(#9271)](https://github.com/prowler-cloud/prowler/pull/9271)
|
|
19
|
+
- `compute_instance_deletion_protection_enabled` check for GCP provider [(#9358)](https://github.com/prowler-cloud/prowler/pull/9358)
|
|
20
|
+
- Update SOC2 - Azure with Processing Integrity requirements [(#9463)](https://github.com/prowler-cloud/prowler/pull/9463)
|
|
21
|
+
- Update SOC2 - GCP with Processing Integrity requirements [(#9464)](https://github.com/prowler-cloud/prowler/pull/9464)
|
|
22
|
+
- Update SOC2 - AWS with Processing Integrity requirements [(#9462)](https://github.com/prowler-cloud/prowler/pull/9462)
|
|
23
|
+
- RBI Cyber Security Framework compliance for Azure provider [(#8822)](https://github.com/prowler-cloud/prowler/pull/8822)
|
|
24
|
+
|
|
25
|
+
### Changed
|
|
26
|
+
- Update AWS Macie service metadata to new format [(#9265)](https://github.com/prowler-cloud/prowler/pull/9265)
|
|
27
|
+
- Update AWS Lightsail service metadata to new format [(#9264)](https://github.com/prowler-cloud/prowler/pull/9264)
|
|
28
|
+
- Update AWS GuardDuty service metadata to new format [(#9259)](https://github.com/prowler-cloud/prowler/pull/9259)
|
|
29
|
+
- Update AWS Network Firewall service metadata to new format [(#9382)](https://github.com/prowler-cloud/prowler/pull/9382)
|
|
30
|
+
- Update AWS MQ service metadata to new format [(#9267)](https://github.com/prowler-cloud/prowler/pull/9267)
|
|
31
|
+
- Update AWS Macie service metadata to new format [(#9265)](https://github.com/prowler-cloud/prowler/pull/9265)
|
|
32
|
+
- Update AWS Lightsail service metadata to new format [(#9264)](https://github.com/prowler-cloud/prowler/pull/9264)
|
|
33
|
+
|
|
34
|
+
### Fixed
|
|
35
|
+
- Fix duplicate requirement IDs in ISO 27001:2013 AWS compliance framework by adding unique letter suffixes
|
|
36
|
+
- Removed incorrect threat-detection category from checks metadata [(#9489)](https://github.com/prowler-cloud/prowler/pull/9489)
|
|
37
|
+
- GCP `cloudstorage_uses_vpc_service_controls` check to handle VPC Service Controls blocked API access [(#9478)](https://github.com/prowler-cloud/prowler/pull/9478)
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## [5.14.2] (Prowler v5.14.2)
|
|
6
42
|
|
|
7
43
|
### Fixed
|
|
8
44
|
- Custom check folder metadata validation [(#9335)](https://github.com/prowler-cloud/prowler/pull/9335)
|
|
45
|
+
- Pin `alibabacloud-gateway-oss-util` to version 0.0.3 to address missing dependency [(#9487)](https://github.com/prowler-cloud/prowler/pull/9487)
|
|
9
46
|
|
|
10
47
|
---
|
|
11
48
|
|
|
12
|
-
## [
|
|
49
|
+
## [5.14.1] (Prowler v5.14.1)
|
|
13
50
|
|
|
14
51
|
### Fixed
|
|
15
52
|
- `sharepoint_external_sharing_managed` check to handle external sharing disabled at organization level [(#9298)](https://github.com/prowler-cloud/prowler/pull/9298)
|
|
@@ -17,7 +54,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
17
54
|
|
|
18
55
|
---
|
|
19
56
|
|
|
20
|
-
## [
|
|
57
|
+
## [5.14.0] (Prowler v5.14.0)
|
|
21
58
|
|
|
22
59
|
### Added
|
|
23
60
|
- GitHub provider check `organization_default_repository_permission_strict` [(#8785)](https://github.com/prowler-cloud/prowler/pull/8785)
|
|
@@ -79,6 +116,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
79
116
|
- Update AWS Kinesis service metadata to new format [(#9262)](https://github.com/prowler-cloud/prowler/pull/9262)
|
|
80
117
|
- Update AWS DocumentDB service metadata to new format [(#8862)](https://github.com/prowler-cloud/prowler/pull/8862)
|
|
81
118
|
|
|
119
|
+
|
|
82
120
|
### Fixed
|
|
83
121
|
- Check `check_name` has no `resource_name` error for GCP provider [(#9169)](https://github.com/prowler-cloud/prowler/pull/9169)
|
|
84
122
|
- Depth Truncation and parsing error in PowerShell queries [(#9181)](https://github.com/prowler-cloud/prowler/pull/9181)
|
|
@@ -94,7 +132,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
94
132
|
|
|
95
133
|
---
|
|
96
134
|
|
|
97
|
-
## [
|
|
135
|
+
## [5.13.1] (Prowler v5.13.1)
|
|
98
136
|
|
|
99
137
|
### Fixed
|
|
100
138
|
- Add `resource_name` for checks under `logging` for the GCP provider [(#9023)](https://github.com/prowler-cloud/prowler/pull/9023)
|
|
@@ -110,7 +148,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
110
148
|
|
|
111
149
|
---
|
|
112
150
|
|
|
113
|
-
## [
|
|
151
|
+
## [5.13.0] (Prowler v5.13.0)
|
|
114
152
|
|
|
115
153
|
### Added
|
|
116
154
|
- Support for AdditionalURLs in outputs [(#8651)](https://github.com/prowler-cloud/prowler/pull/8651)
|
|
@@ -168,7 +206,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
168
206
|
|
|
169
207
|
---
|
|
170
208
|
|
|
171
|
-
## [
|
|
209
|
+
## [5.12.1] (Prowler v5.12.1)
|
|
172
210
|
|
|
173
211
|
### Fixed
|
|
174
212
|
- Replaced old check id with new ones for compliance files [(#8682)](https://github.com/prowler-cloud/prowler/pull/8682)
|
|
@@ -177,7 +215,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
177
215
|
|
|
178
216
|
---
|
|
179
217
|
|
|
180
|
-
## [
|
|
218
|
+
## [5.12.0] (Prowler v5.12.0)
|
|
181
219
|
|
|
182
220
|
### Added
|
|
183
221
|
- Add more fields for the Jira ticket and handle custom fields errors [(#8601)](https://github.com/prowler-cloud/prowler/pull/8601)
|
|
@@ -213,7 +251,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
213
251
|
|
|
214
252
|
---
|
|
215
253
|
|
|
216
|
-
## [
|
|
254
|
+
## [5.11.0] (Prowler v5.11.0)
|
|
217
255
|
|
|
218
256
|
### Added
|
|
219
257
|
- Certificate authentication for M365 provider [(#8404)](https://github.com/prowler-cloud/prowler/pull/8404)
|
|
@@ -244,7 +282,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
244
282
|
|
|
245
283
|
---
|
|
246
284
|
|
|
247
|
-
## [
|
|
285
|
+
## [5.10.2] (Prowler v5.10.2)
|
|
248
286
|
|
|
249
287
|
### Fixed
|
|
250
288
|
- Order requirements by ID in Prowler ThreatScore AWS compliance framework [(#8495)](https://github.com/prowler-cloud/prowler/pull/8495)
|
|
@@ -258,14 +296,14 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
258
296
|
|
|
259
297
|
---
|
|
260
298
|
|
|
261
|
-
## [
|
|
299
|
+
## [5.10.1] (Prowler v5.10.1)
|
|
262
300
|
|
|
263
301
|
### Fixed
|
|
264
302
|
- Remove invalid requirements from CIS 1.0 for GitHub provider [(#8472)](https://github.com/prowler-cloud/prowler/pull/8472)
|
|
265
303
|
|
|
266
304
|
---
|
|
267
305
|
|
|
268
|
-
## [
|
|
306
|
+
## [5.10.0] (Prowler v5.10.0)
|
|
269
307
|
|
|
270
308
|
### Added
|
|
271
309
|
- `bedrock_api_key_no_administrative_privileges` check for AWS provider [(#8321)](https://github.com/prowler-cloud/prowler/pull/8321)
|
|
@@ -305,14 +343,14 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
305
343
|
|
|
306
344
|
---
|
|
307
345
|
|
|
308
|
-
## [
|
|
346
|
+
## [5.9.2] (Prowler v5.9.2)
|
|
309
347
|
|
|
310
348
|
### Fixed
|
|
311
349
|
- Use the correct resource name in `defender_domain_dkim_enabled` check [(#8334)](https://github.com/prowler-cloud/prowler/pull/8334)
|
|
312
350
|
|
|
313
351
|
---
|
|
314
352
|
|
|
315
|
-
## [
|
|
353
|
+
## [5.9.0] (Prowler v5.9.0)
|
|
316
354
|
|
|
317
355
|
### Added
|
|
318
356
|
- `storage_smb_channel_encryption_with_secure_algorithm` check for Azure provider [(#8123)](https://github.com/prowler-cloud/prowler/pull/8123)
|
|
@@ -346,7 +384,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
346
384
|
|
|
347
385
|
---
|
|
348
386
|
|
|
349
|
-
## [
|
|
387
|
+
## [5.8.1] (Prowler v5.8.1)
|
|
350
388
|
|
|
351
389
|
### Fixed
|
|
352
390
|
- Detect wildcarded ARNs in sts:AssumeRole policy resources [(#8164)](https://github.com/prowler-cloud/prowler/pull/8164)
|
|
@@ -356,7 +394,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
356
394
|
|
|
357
395
|
---
|
|
358
396
|
|
|
359
|
-
## [
|
|
397
|
+
## [5.8.0] (Prowler v5.8.0)
|
|
360
398
|
|
|
361
399
|
### Added
|
|
362
400
|
|
|
@@ -418,7 +456,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
418
456
|
|
|
419
457
|
---
|
|
420
458
|
|
|
421
|
-
## [
|
|
459
|
+
## [5.7.5] (Prowler v5.7.5)
|
|
422
460
|
|
|
423
461
|
### Fixed
|
|
424
462
|
- Use unified timestamp for all requirements [(#8059)](https://github.com/prowler-cloud/prowler/pull/8059)
|
|
@@ -436,7 +474,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
436
474
|
|
|
437
475
|
---
|
|
438
476
|
|
|
439
|
-
## [
|
|
477
|
+
## [5.7.3] (Prowler v5.7.3)
|
|
440
478
|
|
|
441
479
|
### Fixed
|
|
442
480
|
- Automatically encrypt password in Microsoft365 provider [(#7784)](https://github.com/prowler-cloud/prowler/pull/7784)
|
|
@@ -444,7 +482,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
444
482
|
|
|
445
483
|
---
|
|
446
484
|
|
|
447
|
-
## [
|
|
485
|
+
## [5.7.2] (Prowler v5.7.2)
|
|
448
486
|
|
|
449
487
|
### Fixed
|
|
450
488
|
- `m365_powershell test_credentials` to use sanitized credentials [(#7761)](https://github.com/prowler-cloud/prowler/pull/7761)
|
|
@@ -456,7 +494,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
456
494
|
|
|
457
495
|
---
|
|
458
496
|
|
|
459
|
-
## [
|
|
497
|
+
## [5.7.0] (Prowler v5.7.0)
|
|
460
498
|
|
|
461
499
|
### Added
|
|
462
500
|
- Update the compliance list supported for each provider from docs [(#7694)](https://github.com/prowler-cloud/prowler/pull/7694)
|
|
@@ -484,7 +522,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
484
522
|
|
|
485
523
|
---
|
|
486
524
|
|
|
487
|
-
## [
|
|
525
|
+
## [5.6.0] (Prowler v5.6.0)
|
|
488
526
|
|
|
489
527
|
### Added
|
|
490
528
|
- SOC2 compliance framework to Azure [(#7489)](https://github.com/prowler-cloud/prowler/pull/7489)
|
|
@@ -553,7 +591,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
553
591
|
|
|
554
592
|
---
|
|
555
593
|
|
|
556
|
-
## [
|
|
594
|
+
## [5.5.1] (Prowler v5.5.1)
|
|
557
595
|
|
|
558
596
|
### Fixed
|
|
559
597
|
- Default name to contacts in Azure Defender [(#7483)](https://github.com/prowler-cloud/prowler/pull/7483)
|
prowler/__main__.py
CHANGED
|
@@ -56,6 +56,7 @@ from prowler.lib.outputs.compliance.c5.c5_gcp import GCPC5
|
|
|
56
56
|
from prowler.lib.outputs.compliance.ccc.ccc_aws import CCC_AWS
|
|
57
57
|
from prowler.lib.outputs.compliance.ccc.ccc_azure import CCC_Azure
|
|
58
58
|
from prowler.lib.outputs.compliance.ccc.ccc_gcp import CCC_GCP
|
|
59
|
+
from prowler.lib.outputs.compliance.cis.cis_alibabacloud import AlibabaCloudCIS
|
|
59
60
|
from prowler.lib.outputs.compliance.cis.cis_aws import AWSCIS
|
|
60
61
|
from prowler.lib.outputs.compliance.cis.cis_azure import AzureCIS
|
|
61
62
|
from prowler.lib.outputs.compliance.cis.cis_gcp import GCPCIS
|
|
@@ -104,6 +105,7 @@ from prowler.lib.outputs.ocsf.ocsf import OCSF
|
|
|
104
105
|
from prowler.lib.outputs.outputs import extract_findings_statistics, report
|
|
105
106
|
from prowler.lib.outputs.slack.slack import Slack
|
|
106
107
|
from prowler.lib.outputs.summary_table import display_summary_table
|
|
108
|
+
from prowler.providers.alibabacloud.models import AlibabaCloudOutputOptions
|
|
107
109
|
from prowler.providers.aws.lib.s3.s3 import S3
|
|
108
110
|
from prowler.providers.aws.lib.security_hub.security_hub import SecurityHub
|
|
109
111
|
from prowler.providers.aws.models import AWSOutputOptions
|
|
@@ -347,6 +349,10 @@ def prowler():
|
|
|
347
349
|
output_options = OCIOutputOptions(
|
|
348
350
|
args, bulk_checks_metadata, global_provider.identity
|
|
349
351
|
)
|
|
352
|
+
elif provider == "alibabacloud":
|
|
353
|
+
output_options = AlibabaCloudOutputOptions(
|
|
354
|
+
args, bulk_checks_metadata, global_provider.identity
|
|
355
|
+
)
|
|
350
356
|
|
|
351
357
|
# Run the quick inventory for the provider if available
|
|
352
358
|
if hasattr(args, "quick_inventory") and args.quick_inventory:
|
|
@@ -1018,6 +1024,34 @@ def prowler():
|
|
|
1018
1024
|
generated_outputs["compliance"].append(generic_compliance)
|
|
1019
1025
|
generic_compliance.batch_write_data_to_file()
|
|
1020
1026
|
|
|
1027
|
+
elif provider == "alibabacloud":
|
|
1028
|
+
for compliance_name in input_compliance_frameworks:
|
|
1029
|
+
if compliance_name.startswith("cis_"):
|
|
1030
|
+
# Generate CIS Finding Object
|
|
1031
|
+
filename = (
|
|
1032
|
+
f"{output_options.output_directory}/compliance/"
|
|
1033
|
+
f"{output_options.output_filename}_{compliance_name}.csv"
|
|
1034
|
+
)
|
|
1035
|
+
cis = AlibabaCloudCIS(
|
|
1036
|
+
findings=finding_outputs,
|
|
1037
|
+
compliance=bulk_compliance_frameworks[compliance_name],
|
|
1038
|
+
file_path=filename,
|
|
1039
|
+
)
|
|
1040
|
+
generated_outputs["compliance"].append(cis)
|
|
1041
|
+
cis.batch_write_data_to_file()
|
|
1042
|
+
else:
|
|
1043
|
+
filename = (
|
|
1044
|
+
f"{output_options.output_directory}/compliance/"
|
|
1045
|
+
f"{output_options.output_filename}_{compliance_name}.csv"
|
|
1046
|
+
)
|
|
1047
|
+
generic_compliance = GenericCompliance(
|
|
1048
|
+
findings=finding_outputs,
|
|
1049
|
+
compliance=bulk_compliance_frameworks[compliance_name],
|
|
1050
|
+
file_path=filename,
|
|
1051
|
+
)
|
|
1052
|
+
generated_outputs["compliance"].append(generic_compliance)
|
|
1053
|
+
generic_compliance.batch_write_data_to_file()
|
|
1054
|
+
|
|
1021
1055
|
# AWS Security Hub Integration
|
|
1022
1056
|
if provider == "aws":
|
|
1023
1057
|
# Send output to S3 if needed (-B / -D) for all the output formats
|
|
File without changes
|