prowler 5.14.2__py3-none-any.whl → 5.15.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- dashboard/assets/images/providers/alibabacloud_provider.png +0 -0
- dashboard/compliance/cis_2_0_alibabacloud.py +24 -0
- dashboard/lib/layouts.py +1 -0
- dashboard/pages/compliance.py +8 -2
- dashboard/pages/overview.py +52 -1
- prowler/CHANGELOG.md +53 -21
- prowler/__main__.py +34 -0
- prowler/compliance/alibabacloud/__init__.py +0 -0
- prowler/compliance/alibabacloud/cis_2.0_alibabacloud.json +1833 -0
- prowler/compliance/aws/iso27001_2013_aws.json +158 -158
- prowler/compliance/aws/soc2_aws.json +100 -0
- prowler/compliance/azure/rbi_cyber_security_framework_azure.json +248 -0
- prowler/compliance/azure/soc2_azure.json +87 -1
- prowler/compliance/gcp/soc2_gcp.json +82 -1
- prowler/config/config.py +2 -1
- prowler/lib/check/check.py +4 -0
- prowler/lib/check/models.py +23 -0
- prowler/lib/check/utils.py +1 -1
- prowler/lib/cli/parser.py +3 -2
- prowler/lib/outputs/compliance/cis/cis_alibabacloud.py +106 -0
- prowler/lib/outputs/compliance/cis/models.py +35 -0
- prowler/lib/outputs/finding.py +16 -0
- prowler/lib/outputs/html/html.py +67 -0
- prowler/lib/outputs/outputs.py +2 -0
- prowler/lib/outputs/summary_table.py +3 -0
- prowler/providers/alibabacloud/__init__.py +0 -0
- prowler/providers/alibabacloud/alibabacloud_provider.py +872 -0
- prowler/providers/alibabacloud/config.py +41 -0
- prowler/providers/alibabacloud/exceptions/__init__.py +0 -0
- prowler/providers/alibabacloud/exceptions/exceptions.py +116 -0
- prowler/providers/alibabacloud/lib/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/arguments/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/arguments/arguments.py +58 -0
- prowler/providers/alibabacloud/lib/mutelist/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/mutelist/mutelist.py +175 -0
- prowler/providers/alibabacloud/lib/service/__init__.py +0 -0
- prowler/providers/alibabacloud/lib/service/service.py +113 -0
- prowler/providers/alibabacloud/models.py +266 -0
- prowler/providers/alibabacloud/services/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_client.py +6 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/actiontrail_multi_region_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_multi_region_enabled/actiontrail_multi_region_enabled.py +81 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/__init__.py +0 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/actiontrail_oss_bucket_not_publicly_accessible.metadata.json +40 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_oss_bucket_not_publicly_accessible/actiontrail_oss_bucket_not_publicly_accessible.py +119 -0
- prowler/providers/alibabacloud/services/actiontrail/actiontrail_service.py +110 -0
- prowler/providers/alibabacloud/services/cs/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_client.py +4 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/cs_kubernetes_cloudmonitor_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cloudmonitor_enabled/cs_kubernetes_cloudmonitor_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/cs_kubernetes_cluster_check_recent.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_recent/cs_kubernetes_cluster_check_recent.py +62 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_weekly/cs_kubernetes_cluster_check_weekly.metadata.json +38 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_cluster_check_weekly/cs_kubernetes_cluster_check_weekly.py +62 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/cs_kubernetes_dashboard_disabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_dashboard_disabled/cs_kubernetes_dashboard_disabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/cs_kubernetes_eni_multiple_ip_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_eni_multiple_ip_enabled/cs_kubernetes_eni_multiple_ip_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/cs_kubernetes_log_service_enabled.metadata.json +40 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_log_service_enabled/cs_kubernetes_log_service_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/cs_kubernetes_network_policy_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_network_policy_enabled/cs_kubernetes_network_policy_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/cs_kubernetes_private_cluster_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_private_cluster_enabled/cs_kubernetes_private_cluster_enabled.py +26 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/cs_kubernetes_rbac_enabled.metadata.json +40 -0
- prowler/providers/alibabacloud/services/cs/cs_kubernetes_rbac_enabled/cs_kubernetes_rbac_enabled.py +28 -0
- prowler/providers/alibabacloud/services/cs/cs_service.py +354 -0
- prowler/providers/alibabacloud/services/ecs/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/ecs_attached_disk_encrypted.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_attached_disk_encrypted/ecs_attached_disk_encrypted.py +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_client.py +4 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/ecs_instance_endpoint_protection_installed.metadata.json +41 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_endpoint_protection_installed/ecs_instance_endpoint_protection_installed.py +47 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/ecs_instance_latest_os_patches_applied.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_latest_os_patches_applied/ecs_instance_latest_os_patches_applied.py +50 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/ecs_instance_no_legacy_network.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_instance_no_legacy_network/ecs_instance_no_legacy_network.py +34 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/ecs_securitygroup_restrict_rdp_internet.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_rdp_internet/ecs_securitygroup_restrict_rdp_internet.py +68 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/ecs_securitygroup_restrict_ssh_internet.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ecs/ecs_securitygroup_restrict_ssh_internet/ecs_securitygroup_restrict_ssh_internet.py +68 -0
- prowler/providers/alibabacloud/services/ecs/ecs_service.py +380 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/ecs_unattached_disk_encrypted.metadata.json +38 -0
- prowler/providers/alibabacloud/services/ecs/ecs_unattached_disk_encrypted/ecs_unattached_disk_encrypted.py +38 -0
- prowler/providers/alibabacloud/services/ecs/lib/security_groups.py +23 -0
- prowler/providers/alibabacloud/services/oss/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/oss_bucket_logging_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_logging_enabled/oss_bucket_logging_enabled.py +37 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/oss_bucket_not_publicly_accessible.metadata.json +39 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_not_publicly_accessible/oss_bucket_not_publicly_accessible.py +89 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/oss_bucket_secure_transport_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/oss/oss_bucket_secure_transport_enabled/oss_bucket_secure_transport_enabled.py +87 -0
- prowler/providers/alibabacloud/services/oss/oss_client.py +4 -0
- prowler/providers/alibabacloud/services/oss/oss_service.py +317 -0
- prowler/providers/alibabacloud/services/ram/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_client.py +4 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/ram_no_root_access_key.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_no_root_access_key/ram_no_root_access_key.py +33 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/ram_password_policy_lowercase.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_lowercase/ram_password_policy_lowercase.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/ram_password_policy_max_login_attempts.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_login_attempts/ram_password_policy_max_login_attempts.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/ram_password_policy_max_password_age.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_max_password_age/ram_password_policy_max_password_age.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/ram_password_policy_minimum_length.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_minimum_length/ram_password_policy_minimum_length.py +30 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_number/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_number/ram_password_policy_number.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/ram_password_policy_password_reuse_prevention.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_password_reuse_prevention/ram_password_policy_password_reuse_prevention.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/ram_password_policy_symbol.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_symbol/ram_password_policy_symbol.py +34 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/ram_password_policy_uppercase.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_password_policy_uppercase/ram_password_policy_uppercase.py +32 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/ram_policy_attached_only_to_group_or_roles.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_attached_only_to_group_or_roles/ram_policy_attached_only_to_group_or_roles.py +35 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/ram_policy_no_administrative_privileges.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_policy_no_administrative_privileges/ram_policy_no_administrative_privileges.py +73 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/ram_rotate_access_key_90_days.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_rotate_access_key_90_days/ram_rotate_access_key_90_days.py +58 -0
- prowler/providers/alibabacloud/services/ram/ram_service.py +478 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/ram_user_console_access_unused.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_user_console_access_unused/ram_user_console_access_unused.py +56 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/__init__.py +0 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/ram_user_mfa_enabled_console_access.metadata.json +39 -0
- prowler/providers/alibabacloud/services/ram/ram_user_mfa_enabled_console_access/ram_user_mfa_enabled_console_access.py +36 -0
- prowler/providers/alibabacloud/services/rds/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_client.py +4 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/rds_instance_no_public_access_whitelist.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_no_public_access_whitelist/rds_instance_no_public_access_whitelist.py +36 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/rds_instance_postgresql_log_connections_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_connections_enabled/rds_instance_postgresql_log_connections_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/rds_instance_postgresql_log_disconnections_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_disconnections_enabled/rds_instance_postgresql_log_disconnections_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/rds_instance_postgresql_log_duration_enabled.metadata.json +38 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_postgresql_log_duration_enabled/rds_instance_postgresql_log_duration_enabled.py +29 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/rds_instance_sql_audit_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_enabled/rds_instance_sql_audit_enabled.py +32 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/rds_instance_sql_audit_retention.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_sql_audit_retention/rds_instance_sql_audit_retention.py +41 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/rds_instance_ssl_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_ssl_enabled/rds_instance_ssl_enabled.py +30 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/rds_instance_tde_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_enabled/rds_instance_tde_enabled.py +32 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/__init__.py +0 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/rds_instance_tde_key_custom.metadata.json +39 -0
- prowler/providers/alibabacloud/services/rds/rds_instance_tde_key_custom/rds_instance_tde_key_custom.py +38 -0
- prowler/providers/alibabacloud/services/rds/rds_service.py +274 -0
- prowler/providers/alibabacloud/services/securitycenter/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/securitycenter_advanced_or_enterprise_edition.metadata.json +43 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_advanced_or_enterprise_edition/securitycenter_advanced_or_enterprise_edition.py +48 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/securitycenter_all_assets_agent_installed.metadata.json +42 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_all_assets_agent_installed/securitycenter_all_assets_agent_installed.py +48 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_client.py +6 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/securitycenter_notification_enabled_high_risk.metadata.json +42 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_notification_enabled_high_risk/securitycenter_notification_enabled_high_risk.py +65 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_service.py +394 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/securitycenter_vulnerability_scan_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/securitycenter/securitycenter_vulnerability_scan_enabled/securitycenter_vulnerability_scan_enabled.py +68 -0
- prowler/providers/alibabacloud/services/sls/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_client.py +4 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/sls_cloud_firewall_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_cloud_firewall_changes_alert_enabled/sls_cloud_firewall_changes_alert_enabled.py +50 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/sls_customer_created_cmk_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_customer_created_cmk_changes_alert_enabled/sls_customer_created_cmk_changes_alert_enabled.py +48 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/sls_logstore_retention_period.metadata.json +38 -0
- prowler/providers/alibabacloud/services/sls/sls_logstore_retention_period/sls_logstore_retention_period.py +32 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/sls_management_console_authentication_failures_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_authentication_failures_alert_enabled/sls_management_console_authentication_failures_alert_enabled.py +44 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/sls_management_console_signin_without_mfa_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_management_console_signin_without_mfa_alert_enabled/sls_management_console_signin_without_mfa_alert_enabled.py +49 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/sls_oss_bucket_policy_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_bucket_policy_changes_alert_enabled/sls_oss_bucket_policy_changes_alert_enabled.py +57 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/sls_oss_permission_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_oss_permission_changes_alert_enabled/sls_oss_permission_changes_alert_enabled.py +48 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/sls_ram_role_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_ram_role_changes_alert_enabled/sls_ram_role_changes_alert_enabled.py +54 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/sls_rds_instance_configuration_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_rds_instance_configuration_changes_alert_enabled/sls_rds_instance_configuration_changes_alert_enabled.py +72 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/sls_root_account_usage_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_root_account_usage_alert_enabled/sls_root_account_usage_alert_enabled.py +50 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/sls_security_group_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_security_group_changes_alert_enabled/sls_security_group_changes_alert_enabled.py +56 -0
- prowler/providers/alibabacloud/services/sls/sls_service.py +137 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/sls_unauthorized_api_calls_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_unauthorized_api_calls_alert_enabled/sls_unauthorized_api_calls_alert_enabled.py +56 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/sls_vpc_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_changes_alert_enabled/sls_vpc_changes_alert_enabled.py +57 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/sls_vpc_network_route_changes_alert_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/sls/sls_vpc_network_route_changes_alert_enabled/sls_vpc_network_route_changes_alert_enabled.py +52 -0
- prowler/providers/alibabacloud/services/vpc/__init__.py +0 -0
- prowler/providers/alibabacloud/services/vpc/vpc_client.py +4 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/__init__.py +0 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled.metadata.json +39 -0
- prowler/providers/alibabacloud/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled.py +30 -0
- prowler/providers/alibabacloud/services/vpc/vpc_service.py +102 -0
- prowler/providers/aws/aws_regions_by_service.json +20 -0
- prowler/providers/aws/services/apigateway/apigateway_restapi_waf_acl_attached/apigateway_restapi_waf_acl_attached.metadata.json +1 -3
- prowler/providers/aws/services/cloudtrail/cloudtrail_insights_exist/cloudtrail_insights_exist.metadata.json +1 -1
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_acls_alarm_configured/cloudwatch_changes_to_network_acls_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_gateways_alarm_configured/cloudwatch_changes_to_network_gateways_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_route_tables_alarm_configured/cloudwatch_changes_to_network_route_tables_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_changes_to_vpcs_alarm_configured/cloudwatch_changes_to_vpcs_alarm_configured.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_authentication_failures/cloudwatch_log_metric_filter_authentication_failures.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_aws_organizations_changes/cloudwatch_log_metric_filter_aws_organizations_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_policy_changes/cloudwatch_log_metric_filter_policy_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_root_usage/cloudwatch_log_metric_filter_root_usage.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_security_group_changes/cloudwatch_log_metric_filter_security_group_changes.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_sign_in_without_mfa/cloudwatch_log_metric_filter_sign_in_without_mfa.metadata.json +1 -2
- prowler/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_unauthorized_api_calls/cloudwatch_log_metric_filter_unauthorized_api_calls.metadata.json +0 -1
- prowler/providers/aws/services/guardduty/guardduty_centrally_managed/guardduty_centrally_managed.metadata.json +16 -10
- prowler/providers/aws/services/guardduty/guardduty_ec2_malware_protection_enabled/guardduty_ec2_malware_protection_enabled.metadata.json +23 -14
- prowler/providers/aws/services/guardduty/guardduty_eks_audit_log_enabled/guardduty_eks_audit_log_enabled.metadata.json +19 -13
- prowler/providers/aws/services/guardduty/guardduty_eks_runtime_monitoring_enabled/guardduty_eks_runtime_monitoring_enabled.metadata.json +18 -12
- prowler/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled.metadata.json +24 -13
- prowler/providers/aws/services/guardduty/guardduty_lambda_protection_enabled/guardduty_lambda_protection_enabled.metadata.json +20 -14
- prowler/providers/aws/services/guardduty/guardduty_no_high_severity_findings/guardduty_no_high_severity_findings.metadata.json +18 -9
- prowler/providers/aws/services/guardduty/guardduty_rds_protection_enabled/guardduty_rds_protection_enabled.metadata.json +18 -11
- prowler/providers/aws/services/guardduty/guardduty_s3_protection_enabled/guardduty_s3_protection_enabled.metadata.json +21 -12
- prowler/providers/aws/services/lightsail/lightsail_database_public/lightsail_database_public.metadata.json +21 -13
- prowler/providers/aws/services/lightsail/lightsail_instance_automated_snapshots/lightsail_instance_automated_snapshots.metadata.json +24 -13
- prowler/providers/aws/services/lightsail/lightsail_instance_public/lightsail_instance_public.metadata.json +21 -13
- prowler/providers/aws/services/lightsail/lightsail_static_ip_unused/lightsail_static_ip_unused.metadata.json +23 -14
- prowler/providers/aws/services/macie/macie_automated_sensitive_data_discovery_enabled/macie_automated_sensitive_data_discovery_enabled.metadata.json +20 -12
- prowler/providers/aws/services/macie/macie_is_enabled/macie_is_enabled.metadata.json +17 -12
- prowler/providers/aws/services/mq/mq_broker_active_deployment_mode/mq_broker_active_deployment_mode.metadata.json +22 -13
- prowler/providers/aws/services/mq/mq_broker_auto_minor_version_upgrades/mq_broker_auto_minor_version_upgrades.metadata.json +21 -12
- prowler/providers/aws/services/mq/mq_broker_cluster_deployment_mode/mq_broker_cluster_deployment_mode.metadata.json +23 -14
- prowler/providers/aws/services/mq/mq_broker_logging_enabled/mq_broker_logging_enabled.metadata.json +22 -13
- prowler/providers/aws/services/mq/mq_broker_not_publicly_accessible/mq_broker_not_publicly_accessible.metadata.json +20 -12
- prowler/providers/aws/services/networkfirewall/networkfirewall_deletion_protection/networkfirewall_deletion_protection.metadata.json +21 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_in_all_vpc/networkfirewall_in_all_vpc.metadata.json +23 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_logging_enabled/networkfirewall_logging_enabled.metadata.json +20 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_multi_az/networkfirewall_multi_az.metadata.json +22 -14
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_default_action_fragmented_packets/networkfirewall_policy_default_action_fragmented_packets.metadata.json +26 -14
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_default_action_full_packets/networkfirewall_policy_default_action_full_packets.metadata.json +22 -13
- prowler/providers/aws/services/networkfirewall/networkfirewall_policy_rule_group_associated/networkfirewall_policy_rule_group_associated.metadata.json +25 -14
- prowler/providers/common/provider.py +12 -0
- prowler/providers/gcp/services/accesscontextmanager/__init__.py +0 -0
- prowler/providers/gcp/services/accesscontextmanager/accesscontextmanager_client.py +6 -0
- prowler/providers/gcp/services/accesscontextmanager/accesscontextmanager_service.py +101 -0
- prowler/providers/gcp/services/cloudresourcemanager/cloudresourcemanager_service.py +10 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_service.py +13 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/__init__.py +0 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/cloudstorage_uses_vpc_service_controls.metadata.json +36 -0
- prowler/providers/gcp/services/cloudstorage/cloudstorage_uses_vpc_service_controls/cloudstorage_uses_vpc_service_controls.py +67 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/compute_instance_automatic_restart_enabled.metadata.json +36 -0
- prowler/providers/gcp/services/compute/compute_instance_automatic_restart_enabled/compute_instance_automatic_restart_enabled.py +35 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/compute_instance_deletion_protection_enabled.metadata.json +36 -0
- prowler/providers/gcp/services/compute/compute_instance_deletion_protection_enabled/compute_instance_deletion_protection_enabled.py +29 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/__init__.py +0 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/compute_instance_preemptible_vm_disabled.metadata.json +37 -0
- prowler/providers/gcp/services/compute/compute_instance_preemptible_vm_disabled/compute_instance_preemptible_vm_disabled.py +32 -0
- prowler/providers/gcp/services/compute/compute_service.py +16 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/__init__.py +0 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/repository_immutable_releases_enabled.metadata.json +33 -0
- prowler/providers/github/services/repository/repository_immutable_releases_enabled/repository_immutable_releases_enabled.py +41 -0
- prowler/providers/github/services/repository/repository_service.py +52 -0
- {prowler-5.14.2.dist-info → prowler-5.15.0.dist-info}/METADATA +40 -22
- {prowler-5.14.2.dist-info → prowler-5.15.0.dist-info}/RECORD +326 -73
- {prowler-5.14.2.dist-info → prowler-5.15.0.dist-info}/LICENSE +0 -0
- {prowler-5.14.2.dist-info → prowler-5.15.0.dist-info}/WHEEL +0 -0
- {prowler-5.14.2.dist-info → prowler-5.15.0.dist-info}/entry_points.txt +0 -0
|
Binary file
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import warnings
|
|
2
|
+
|
|
3
|
+
from dashboard.common_methods import get_section_containers_cis
|
|
4
|
+
|
|
5
|
+
warnings.filterwarnings("ignore")
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
def get_table(data):
|
|
9
|
+
aux = data[
|
|
10
|
+
[
|
|
11
|
+
"REQUIREMENTS_ID",
|
|
12
|
+
"REQUIREMENTS_DESCRIPTION",
|
|
13
|
+
"REQUIREMENTS_ATTRIBUTES_SECTION",
|
|
14
|
+
"CHECKID",
|
|
15
|
+
"STATUS",
|
|
16
|
+
"REGION",
|
|
17
|
+
"ACCOUNTID",
|
|
18
|
+
"RESOURCEID",
|
|
19
|
+
]
|
|
20
|
+
].copy()
|
|
21
|
+
|
|
22
|
+
return get_section_containers_cis(
|
|
23
|
+
aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
|
|
24
|
+
)
|
dashboard/lib/layouts.py
CHANGED
|
@@ -61,6 +61,7 @@ def create_layout_overview(
|
|
|
61
61
|
html.Div(className="flex", id="gcp_card", n_clicks=0),
|
|
62
62
|
html.Div(className="flex", id="k8s_card", n_clicks=0),
|
|
63
63
|
html.Div(className="flex", id="m365_card", n_clicks=0),
|
|
64
|
+
html.Div(className="flex", id="alibabacloud_card", n_clicks=0),
|
|
64
65
|
],
|
|
65
66
|
className=f"grid gap-x-4 mb-[30px] sm:grid-cols-2 lg:grid-cols-{amount_providers}",
|
|
66
67
|
),
|
dashboard/pages/compliance.py
CHANGED
|
@@ -78,6 +78,8 @@ def load_csv_files(csv_files):
|
|
|
78
78
|
result = result.replace("_KUBERNETES", " - KUBERNETES")
|
|
79
79
|
if "M65" in result:
|
|
80
80
|
result = result.replace("_M65", " - M65")
|
|
81
|
+
if "ALIBABACLOUD" in result:
|
|
82
|
+
result = result.replace("_ALIBABACLOUD", " - ALIBABACLOUD")
|
|
81
83
|
results.append(result)
|
|
82
84
|
|
|
83
85
|
unique_results = set(results)
|
|
@@ -125,7 +127,7 @@ if data is None:
|
|
|
125
127
|
)
|
|
126
128
|
else:
|
|
127
129
|
|
|
128
|
-
data["ASSESSMENTDATE"] = pd.to_datetime(data["ASSESSMENTDATE"])
|
|
130
|
+
data["ASSESSMENTDATE"] = pd.to_datetime(data["ASSESSMENTDATE"], format="mixed")
|
|
129
131
|
data["ASSESSMENT_TIME"] = data["ASSESSMENTDATE"].dt.strftime("%Y-%m-%d %H:%M:%S")
|
|
130
132
|
|
|
131
133
|
data_values = data["ASSESSMENT_TIME"].unique()
|
|
@@ -278,9 +280,13 @@ def display_data(
|
|
|
278
280
|
data["REQUIREMENTS_ATTRIBUTES_PROFILE"] = data[
|
|
279
281
|
"REQUIREMENTS_ATTRIBUTES_PROFILE"
|
|
280
282
|
].apply(lambda x: x.split(" - ")[0])
|
|
283
|
+
|
|
284
|
+
# Rename the column LOCATION to REGION for Alibaba Cloud
|
|
285
|
+
if "alibabacloud" in analytics_input:
|
|
286
|
+
data = data.rename(columns={"LOCATION": "REGION"})
|
|
281
287
|
# Filter the chosen level of the CIS
|
|
282
288
|
if is_level_1:
|
|
283
|
-
data = data[data["REQUIREMENTS_ATTRIBUTES_PROFILE"]
|
|
289
|
+
data = data[data["REQUIREMENTS_ATTRIBUTES_PROFILE"].str.contains("Level 1")]
|
|
284
290
|
|
|
285
291
|
# Rename the column PROJECTID to ACCOUNTID for GCP
|
|
286
292
|
if data.columns.str.contains("PROJECTID").any():
|
dashboard/pages/overview.py
CHANGED
|
@@ -79,6 +79,9 @@ ks8_provider_logo = html.Img(
|
|
|
79
79
|
m365_provider_logo = html.Img(
|
|
80
80
|
src="assets/images/providers/m365_provider.png", alt="m365 provider"
|
|
81
81
|
)
|
|
82
|
+
alibabacloud_provider_logo = html.Img(
|
|
83
|
+
src="assets/images/providers/alibabacloud_provider.png", alt="alibabacloud provider"
|
|
84
|
+
)
|
|
82
85
|
|
|
83
86
|
|
|
84
87
|
def load_csv_files(csv_files):
|
|
@@ -253,6 +256,8 @@ else:
|
|
|
253
256
|
accounts.append(account + " - AWS")
|
|
254
257
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
255
258
|
accounts.append(account + " - K8S")
|
|
259
|
+
if "alibabacloud" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
260
|
+
accounts.append(account + " - ALIBABACLOUD")
|
|
256
261
|
|
|
257
262
|
account_dropdown = create_account_dropdown(accounts)
|
|
258
263
|
|
|
@@ -298,6 +303,8 @@ else:
|
|
|
298
303
|
services.append(service + " - GCP")
|
|
299
304
|
if "m365" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
|
|
300
305
|
services.append(service + " - M365")
|
|
306
|
+
if "alibabacloud" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
|
|
307
|
+
services.append(service + " - ALIBABACLOUD")
|
|
301
308
|
|
|
302
309
|
services = ["All"] + services
|
|
303
310
|
services = [
|
|
@@ -520,6 +527,7 @@ else:
|
|
|
520
527
|
Output("gcp_card", "children"),
|
|
521
528
|
Output("k8s_card", "children"),
|
|
522
529
|
Output("m365_card", "children"),
|
|
530
|
+
Output("alibabacloud_card", "children"),
|
|
523
531
|
Output("subscribe_card", "children"),
|
|
524
532
|
Output("info-file-over", "title"),
|
|
525
533
|
Output("severity-filter", "value"),
|
|
@@ -537,6 +545,7 @@ else:
|
|
|
537
545
|
Output("gcp_card", "n_clicks"),
|
|
538
546
|
Output("k8s_card", "n_clicks"),
|
|
539
547
|
Output("m365_card", "n_clicks"),
|
|
548
|
+
Output("alibabacloud_card", "n_clicks"),
|
|
540
549
|
],
|
|
541
550
|
Input("cloud-account-filter", "value"),
|
|
542
551
|
Input("region-filter", "value"),
|
|
@@ -560,6 +569,7 @@ else:
|
|
|
560
569
|
Input("sort_button_region", "n_clicks"),
|
|
561
570
|
Input("sort_button_service", "n_clicks"),
|
|
562
571
|
Input("sort_button_account", "n_clicks"),
|
|
572
|
+
Input("alibabacloud_card", "n_clicks"),
|
|
563
573
|
)
|
|
564
574
|
def filter_data(
|
|
565
575
|
cloud_account_values,
|
|
@@ -584,6 +594,7 @@ def filter_data(
|
|
|
584
594
|
sort_button_region,
|
|
585
595
|
sort_button_service,
|
|
586
596
|
sort_button_account,
|
|
597
|
+
alibabacloud_clicks,
|
|
587
598
|
):
|
|
588
599
|
# Use n_clicks for vulture
|
|
589
600
|
n_clicks_csv = n_clicks_csv
|
|
@@ -599,6 +610,7 @@ def filter_data(
|
|
|
599
610
|
gcp_clicks = 0
|
|
600
611
|
k8s_clicks = 0
|
|
601
612
|
m365_clicks = 0
|
|
613
|
+
alibabacloud_clicks = 0
|
|
602
614
|
if azure_clicks > 0:
|
|
603
615
|
filtered_data = data.copy()
|
|
604
616
|
if azure_clicks % 2 != 0 and "azure" in list(data["PROVIDER"]):
|
|
@@ -607,6 +619,7 @@ def filter_data(
|
|
|
607
619
|
gcp_clicks = 0
|
|
608
620
|
k8s_clicks = 0
|
|
609
621
|
m365_clicks = 0
|
|
622
|
+
alibabacloud_clicks = 0
|
|
610
623
|
if gcp_clicks > 0:
|
|
611
624
|
filtered_data = data.copy()
|
|
612
625
|
if gcp_clicks % 2 != 0 and "gcp" in list(data["PROVIDER"]):
|
|
@@ -615,6 +628,7 @@ def filter_data(
|
|
|
615
628
|
azure_clicks = 0
|
|
616
629
|
k8s_clicks = 0
|
|
617
630
|
m365_clicks = 0
|
|
631
|
+
alibabacloud_clicks = 0
|
|
618
632
|
if k8s_clicks > 0:
|
|
619
633
|
filtered_data = data.copy()
|
|
620
634
|
if k8s_clicks % 2 != 0 and "kubernetes" in list(data["PROVIDER"]):
|
|
@@ -623,6 +637,7 @@ def filter_data(
|
|
|
623
637
|
azure_clicks = 0
|
|
624
638
|
gcp_clicks = 0
|
|
625
639
|
m365_clicks = 0
|
|
640
|
+
alibabacloud_clicks = 0
|
|
626
641
|
if m365_clicks > 0:
|
|
627
642
|
filtered_data = data.copy()
|
|
628
643
|
if m365_clicks % 2 != 0 and "m365" in list(data["PROVIDER"]):
|
|
@@ -631,7 +646,16 @@ def filter_data(
|
|
|
631
646
|
azure_clicks = 0
|
|
632
647
|
gcp_clicks = 0
|
|
633
648
|
k8s_clicks = 0
|
|
634
|
-
|
|
649
|
+
alibabacloud_clicks = 0
|
|
650
|
+
if alibabacloud_clicks > 0:
|
|
651
|
+
filtered_data = data.copy()
|
|
652
|
+
if alibabacloud_clicks % 2 != 0 and "alibabacloud" in list(data["PROVIDER"]):
|
|
653
|
+
filtered_data = filtered_data[filtered_data["PROVIDER"] == "alibabacloud"]
|
|
654
|
+
aws_clicks = 0
|
|
655
|
+
azure_clicks = 0
|
|
656
|
+
gcp_clicks = 0
|
|
657
|
+
k8s_clicks = 0
|
|
658
|
+
m365_clicks = 0
|
|
635
659
|
# For all the data, we will add to the status column the value 'MUTED (FAIL)' and 'MUTED (PASS)' depending on the value of the column 'STATUS' and 'MUTED'
|
|
636
660
|
if "MUTED" in filtered_data.columns:
|
|
637
661
|
filtered_data["STATUS"] = filtered_data.apply(
|
|
@@ -723,6 +747,8 @@ def filter_data(
|
|
|
723
747
|
all_account_ids.append(account)
|
|
724
748
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
725
749
|
all_account_ids.append(account)
|
|
750
|
+
if "alibabacloud" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
|
|
751
|
+
all_account_ids.append(account)
|
|
726
752
|
|
|
727
753
|
all_account_names = []
|
|
728
754
|
if "ACCOUNT_NAME" in filtered_data.columns:
|
|
@@ -745,6 +771,10 @@ def filter_data(
|
|
|
745
771
|
cloud_accounts_options.append(item + " - AWS")
|
|
746
772
|
if "kubernetes" in list(data[data["ACCOUNT_UID"] == item]["PROVIDER"]):
|
|
747
773
|
cloud_accounts_options.append(item + " - K8S")
|
|
774
|
+
if "alibabacloud" in list(
|
|
775
|
+
data[data["ACCOUNT_UID"] == item]["PROVIDER"]
|
|
776
|
+
):
|
|
777
|
+
cloud_accounts_options.append(item + " - ALIBABACLOUD")
|
|
748
778
|
if "ACCOUNT_NAME" in filtered_data.columns:
|
|
749
779
|
if "azure" in list(data[data["ACCOUNT_NAME"] == item]["PROVIDER"]):
|
|
750
780
|
cloud_accounts_options.append(item + " - AZURE")
|
|
@@ -873,6 +903,10 @@ def filter_data(
|
|
|
873
903
|
filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
|
|
874
904
|
):
|
|
875
905
|
service_filter_options.append(item + " - M365")
|
|
906
|
+
if "alibabacloud" in list(
|
|
907
|
+
filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
|
|
908
|
+
):
|
|
909
|
+
service_filter_options.append(item + " - ALIBABACLOUD")
|
|
876
910
|
|
|
877
911
|
# Filter Service
|
|
878
912
|
if service_values == ["All"]:
|
|
@@ -1324,6 +1358,12 @@ def filter_data(
|
|
|
1324
1358
|
filtered_data.loc[
|
|
1325
1359
|
filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
|
|
1326
1360
|
] = (account + " - M365")
|
|
1361
|
+
if "alibabacloud" in list(
|
|
1362
|
+
data[data["ACCOUNT_UID"] == account]["PROVIDER"]
|
|
1363
|
+
):
|
|
1364
|
+
filtered_data.loc[
|
|
1365
|
+
filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
|
|
1366
|
+
] = (account + " - ALIBABACLOUD")
|
|
1327
1367
|
|
|
1328
1368
|
table_collapsible = []
|
|
1329
1369
|
for item in filtered_data.to_dict("records"):
|
|
@@ -1410,6 +1450,13 @@ def filter_data(
|
|
|
1410
1450
|
else:
|
|
1411
1451
|
m365_card = None
|
|
1412
1452
|
|
|
1453
|
+
if "alibabacloud" in list(data["PROVIDER"].unique()):
|
|
1454
|
+
alibabacloud_card = create_provider_card(
|
|
1455
|
+
"alibabacloud", alibabacloud_provider_logo, "Accounts", full_filtered_data
|
|
1456
|
+
)
|
|
1457
|
+
else:
|
|
1458
|
+
alibabacloud_card = None
|
|
1459
|
+
|
|
1413
1460
|
# Subscribe to Prowler Cloud card
|
|
1414
1461
|
subscribe_card = [
|
|
1415
1462
|
html.Div(
|
|
@@ -1454,6 +1501,7 @@ def filter_data(
|
|
|
1454
1501
|
gcp_card,
|
|
1455
1502
|
k8s_card,
|
|
1456
1503
|
m365_card,
|
|
1504
|
+
alibabacloud_card,
|
|
1457
1505
|
subscribe_card,
|
|
1458
1506
|
list_files,
|
|
1459
1507
|
severity_values,
|
|
@@ -1469,6 +1517,7 @@ def filter_data(
|
|
|
1469
1517
|
gcp_clicks,
|
|
1470
1518
|
k8s_clicks,
|
|
1471
1519
|
m365_clicks,
|
|
1520
|
+
alibabacloud_clicks,
|
|
1472
1521
|
)
|
|
1473
1522
|
else:
|
|
1474
1523
|
return (
|
|
@@ -1487,6 +1536,7 @@ def filter_data(
|
|
|
1487
1536
|
gcp_card,
|
|
1488
1537
|
k8s_card,
|
|
1489
1538
|
m365_card,
|
|
1539
|
+
alibabacloud_card,
|
|
1490
1540
|
subscribe_card,
|
|
1491
1541
|
list_files,
|
|
1492
1542
|
severity_values,
|
|
@@ -1504,6 +1554,7 @@ def filter_data(
|
|
|
1504
1554
|
gcp_clicks,
|
|
1505
1555
|
k8s_clicks,
|
|
1506
1556
|
m365_clicks,
|
|
1557
|
+
alibabacloud_clicks,
|
|
1507
1558
|
)
|
|
1508
1559
|
|
|
1509
1560
|
|
prowler/CHANGELOG.md
CHANGED
|
@@ -2,14 +2,45 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to the **Prowler SDK** are documented in this file.
|
|
4
4
|
|
|
5
|
-
## [
|
|
5
|
+
## [5.15.0] (Prowler v5.15.0)
|
|
6
|
+
|
|
7
|
+
### Added
|
|
8
|
+
- `cloudstorage_uses_vpc_service_controls` check for GCP provider [(#9256)](https://github.com/prowler-cloud/prowler/pull/9256)
|
|
9
|
+
- Alibaba Cloud provider with CIS 2.0 benchmark [(#9329)](https://github.com/prowler-cloud/prowler/pull/9329)
|
|
10
|
+
- `repository_immutable_releases_enabled` check for GitHub provider [(#9162)](https://github.com/prowler-cloud/prowler/pull/9162)
|
|
11
|
+
- `compute_instance_preemptible_vm_disabled` check for GCP provider [(#9342)](https://github.com/prowler-cloud/prowler/pull/9342)
|
|
12
|
+
- `compute_instance_automatic_restart_enabled` check for GCP provider [(#9271)](https://github.com/prowler-cloud/prowler/pull/9271)
|
|
13
|
+
- `compute_instance_deletion_protection_enabled` check for GCP provider [(#9358)](https://github.com/prowler-cloud/prowler/pull/9358)
|
|
14
|
+
- Update SOC2 - Azure with Processing Integrity requirements [(#9463)](https://github.com/prowler-cloud/prowler/pull/9463)
|
|
15
|
+
- Update SOC2 - GCP with Processing Integrity requirements [(#9464)](https://github.com/prowler-cloud/prowler/pull/9464)
|
|
16
|
+
- Update SOC2 - AWS with Processing Integrity requirements [(#9462)](https://github.com/prowler-cloud/prowler/pull/9462)
|
|
17
|
+
- RBI Cyber Security Framework compliance for Azure provider [(#8822)](https://github.com/prowler-cloud/prowler/pull/8822)
|
|
18
|
+
|
|
19
|
+
### Changed
|
|
20
|
+
- Update AWS Macie service metadata to new format [(#9265)](https://github.com/prowler-cloud/prowler/pull/9265)
|
|
21
|
+
- Update AWS Lightsail service metadata to new format [(#9264)](https://github.com/prowler-cloud/prowler/pull/9264)
|
|
22
|
+
- Update AWS GuardDuty service metadata to new format [(#9259)](https://github.com/prowler-cloud/prowler/pull/9259)
|
|
23
|
+
- Update AWS Network Firewall service metadata to new format [(#9382)](https://github.com/prowler-cloud/prowler/pull/9382)
|
|
24
|
+
- Update AWS MQ service metadata to new format [(#9267)](https://github.com/prowler-cloud/prowler/pull/9267)
|
|
25
|
+
- Update AWS Macie service metadata to new format [(#9265)](https://github.com/prowler-cloud/prowler/pull/9265)
|
|
26
|
+
- Update AWS Lightsail service metadata to new format [(#9264)](https://github.com/prowler-cloud/prowler/pull/9264)
|
|
27
|
+
|
|
28
|
+
### Fixed
|
|
29
|
+
- Fix duplicate requirement IDs in ISO 27001:2013 AWS compliance framework by adding unique letter suffixes
|
|
30
|
+
- Removed incorrect threat-detection category from checks metadata [(#9489)](https://github.com/prowler-cloud/prowler/pull/9489)
|
|
31
|
+
- GCP `cloudstorage_uses_vpc_service_controls` check to handle VPC Service Controls blocked API access [(#9478)](https://github.com/prowler-cloud/prowler/pull/9478)
|
|
32
|
+
|
|
33
|
+
---
|
|
34
|
+
|
|
35
|
+
## [5.14.2] (Prowler v5.14.2)
|
|
6
36
|
|
|
7
37
|
### Fixed
|
|
8
38
|
- Custom check folder metadata validation [(#9335)](https://github.com/prowler-cloud/prowler/pull/9335)
|
|
39
|
+
- Pin `alibabacloud-gateway-oss-util` to version 0.0.3 to address missing dependency [(#9487)](https://github.com/prowler-cloud/prowler/pull/9487)
|
|
9
40
|
|
|
10
41
|
---
|
|
11
42
|
|
|
12
|
-
## [
|
|
43
|
+
## [5.14.1] (Prowler v5.14.1)
|
|
13
44
|
|
|
14
45
|
### Fixed
|
|
15
46
|
- `sharepoint_external_sharing_managed` check to handle external sharing disabled at organization level [(#9298)](https://github.com/prowler-cloud/prowler/pull/9298)
|
|
@@ -17,7 +48,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
17
48
|
|
|
18
49
|
---
|
|
19
50
|
|
|
20
|
-
## [
|
|
51
|
+
## [5.14.0] (Prowler v5.14.0)
|
|
21
52
|
|
|
22
53
|
### Added
|
|
23
54
|
- GitHub provider check `organization_default_repository_permission_strict` [(#8785)](https://github.com/prowler-cloud/prowler/pull/8785)
|
|
@@ -79,6 +110,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
79
110
|
- Update AWS Kinesis service metadata to new format [(#9262)](https://github.com/prowler-cloud/prowler/pull/9262)
|
|
80
111
|
- Update AWS DocumentDB service metadata to new format [(#8862)](https://github.com/prowler-cloud/prowler/pull/8862)
|
|
81
112
|
|
|
113
|
+
|
|
82
114
|
### Fixed
|
|
83
115
|
- Check `check_name` has no `resource_name` error for GCP provider [(#9169)](https://github.com/prowler-cloud/prowler/pull/9169)
|
|
84
116
|
- Depth Truncation and parsing error in PowerShell queries [(#9181)](https://github.com/prowler-cloud/prowler/pull/9181)
|
|
@@ -94,7 +126,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
94
126
|
|
|
95
127
|
---
|
|
96
128
|
|
|
97
|
-
## [
|
|
129
|
+
## [5.13.1] (Prowler v5.13.1)
|
|
98
130
|
|
|
99
131
|
### Fixed
|
|
100
132
|
- Add `resource_name` for checks under `logging` for the GCP provider [(#9023)](https://github.com/prowler-cloud/prowler/pull/9023)
|
|
@@ -110,7 +142,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
110
142
|
|
|
111
143
|
---
|
|
112
144
|
|
|
113
|
-
## [
|
|
145
|
+
## [5.13.0] (Prowler v5.13.0)
|
|
114
146
|
|
|
115
147
|
### Added
|
|
116
148
|
- Support for AdditionalURLs in outputs [(#8651)](https://github.com/prowler-cloud/prowler/pull/8651)
|
|
@@ -168,7 +200,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
168
200
|
|
|
169
201
|
---
|
|
170
202
|
|
|
171
|
-
## [
|
|
203
|
+
## [5.12.1] (Prowler v5.12.1)
|
|
172
204
|
|
|
173
205
|
### Fixed
|
|
174
206
|
- Replaced old check id with new ones for compliance files [(#8682)](https://github.com/prowler-cloud/prowler/pull/8682)
|
|
@@ -177,7 +209,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
177
209
|
|
|
178
210
|
---
|
|
179
211
|
|
|
180
|
-
## [
|
|
212
|
+
## [5.12.0] (Prowler v5.12.0)
|
|
181
213
|
|
|
182
214
|
### Added
|
|
183
215
|
- Add more fields for the Jira ticket and handle custom fields errors [(#8601)](https://github.com/prowler-cloud/prowler/pull/8601)
|
|
@@ -213,7 +245,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
213
245
|
|
|
214
246
|
---
|
|
215
247
|
|
|
216
|
-
## [
|
|
248
|
+
## [5.11.0] (Prowler v5.11.0)
|
|
217
249
|
|
|
218
250
|
### Added
|
|
219
251
|
- Certificate authentication for M365 provider [(#8404)](https://github.com/prowler-cloud/prowler/pull/8404)
|
|
@@ -244,7 +276,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
244
276
|
|
|
245
277
|
---
|
|
246
278
|
|
|
247
|
-
## [
|
|
279
|
+
## [5.10.2] (Prowler v5.10.2)
|
|
248
280
|
|
|
249
281
|
### Fixed
|
|
250
282
|
- Order requirements by ID in Prowler ThreatScore AWS compliance framework [(#8495)](https://github.com/prowler-cloud/prowler/pull/8495)
|
|
@@ -258,14 +290,14 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
258
290
|
|
|
259
291
|
---
|
|
260
292
|
|
|
261
|
-
## [
|
|
293
|
+
## [5.10.1] (Prowler v5.10.1)
|
|
262
294
|
|
|
263
295
|
### Fixed
|
|
264
296
|
- Remove invalid requirements from CIS 1.0 for GitHub provider [(#8472)](https://github.com/prowler-cloud/prowler/pull/8472)
|
|
265
297
|
|
|
266
298
|
---
|
|
267
299
|
|
|
268
|
-
## [
|
|
300
|
+
## [5.10.0] (Prowler v5.10.0)
|
|
269
301
|
|
|
270
302
|
### Added
|
|
271
303
|
- `bedrock_api_key_no_administrative_privileges` check for AWS provider [(#8321)](https://github.com/prowler-cloud/prowler/pull/8321)
|
|
@@ -305,14 +337,14 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
305
337
|
|
|
306
338
|
---
|
|
307
339
|
|
|
308
|
-
## [
|
|
340
|
+
## [5.9.2] (Prowler v5.9.2)
|
|
309
341
|
|
|
310
342
|
### Fixed
|
|
311
343
|
- Use the correct resource name in `defender_domain_dkim_enabled` check [(#8334)](https://github.com/prowler-cloud/prowler/pull/8334)
|
|
312
344
|
|
|
313
345
|
---
|
|
314
346
|
|
|
315
|
-
## [
|
|
347
|
+
## [5.9.0] (Prowler v5.9.0)
|
|
316
348
|
|
|
317
349
|
### Added
|
|
318
350
|
- `storage_smb_channel_encryption_with_secure_algorithm` check for Azure provider [(#8123)](https://github.com/prowler-cloud/prowler/pull/8123)
|
|
@@ -346,7 +378,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
346
378
|
|
|
347
379
|
---
|
|
348
380
|
|
|
349
|
-
## [
|
|
381
|
+
## [5.8.1] (Prowler v5.8.1)
|
|
350
382
|
|
|
351
383
|
### Fixed
|
|
352
384
|
- Detect wildcarded ARNs in sts:AssumeRole policy resources [(#8164)](https://github.com/prowler-cloud/prowler/pull/8164)
|
|
@@ -356,7 +388,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
356
388
|
|
|
357
389
|
---
|
|
358
390
|
|
|
359
|
-
## [
|
|
391
|
+
## [5.8.0] (Prowler v5.8.0)
|
|
360
392
|
|
|
361
393
|
### Added
|
|
362
394
|
|
|
@@ -418,7 +450,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
418
450
|
|
|
419
451
|
---
|
|
420
452
|
|
|
421
|
-
## [
|
|
453
|
+
## [5.7.5] (Prowler v5.7.5)
|
|
422
454
|
|
|
423
455
|
### Fixed
|
|
424
456
|
- Use unified timestamp for all requirements [(#8059)](https://github.com/prowler-cloud/prowler/pull/8059)
|
|
@@ -436,7 +468,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
436
468
|
|
|
437
469
|
---
|
|
438
470
|
|
|
439
|
-
## [
|
|
471
|
+
## [5.7.3] (Prowler v5.7.3)
|
|
440
472
|
|
|
441
473
|
### Fixed
|
|
442
474
|
- Automatically encrypt password in Microsoft365 provider [(#7784)](https://github.com/prowler-cloud/prowler/pull/7784)
|
|
@@ -444,7 +476,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
444
476
|
|
|
445
477
|
---
|
|
446
478
|
|
|
447
|
-
## [
|
|
479
|
+
## [5.7.2] (Prowler v5.7.2)
|
|
448
480
|
|
|
449
481
|
### Fixed
|
|
450
482
|
- `m365_powershell test_credentials` to use sanitized credentials [(#7761)](https://github.com/prowler-cloud/prowler/pull/7761)
|
|
@@ -456,7 +488,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
456
488
|
|
|
457
489
|
---
|
|
458
490
|
|
|
459
|
-
## [
|
|
491
|
+
## [5.7.0] (Prowler v5.7.0)
|
|
460
492
|
|
|
461
493
|
### Added
|
|
462
494
|
- Update the compliance list supported for each provider from docs [(#7694)](https://github.com/prowler-cloud/prowler/pull/7694)
|
|
@@ -484,7 +516,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
484
516
|
|
|
485
517
|
---
|
|
486
518
|
|
|
487
|
-
## [
|
|
519
|
+
## [5.6.0] (Prowler v5.6.0)
|
|
488
520
|
|
|
489
521
|
### Added
|
|
490
522
|
- SOC2 compliance framework to Azure [(#7489)](https://github.com/prowler-cloud/prowler/pull/7489)
|
|
@@ -553,7 +585,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
|
|
|
553
585
|
|
|
554
586
|
---
|
|
555
587
|
|
|
556
|
-
## [
|
|
588
|
+
## [5.5.1] (Prowler v5.5.1)
|
|
557
589
|
|
|
558
590
|
### Fixed
|
|
559
591
|
- Default name to contacts in Azure Defender [(#7483)](https://github.com/prowler-cloud/prowler/pull/7483)
|
prowler/__main__.py
CHANGED
|
@@ -56,6 +56,7 @@ from prowler.lib.outputs.compliance.c5.c5_gcp import GCPC5
|
|
|
56
56
|
from prowler.lib.outputs.compliance.ccc.ccc_aws import CCC_AWS
|
|
57
57
|
from prowler.lib.outputs.compliance.ccc.ccc_azure import CCC_Azure
|
|
58
58
|
from prowler.lib.outputs.compliance.ccc.ccc_gcp import CCC_GCP
|
|
59
|
+
from prowler.lib.outputs.compliance.cis.cis_alibabacloud import AlibabaCloudCIS
|
|
59
60
|
from prowler.lib.outputs.compliance.cis.cis_aws import AWSCIS
|
|
60
61
|
from prowler.lib.outputs.compliance.cis.cis_azure import AzureCIS
|
|
61
62
|
from prowler.lib.outputs.compliance.cis.cis_gcp import GCPCIS
|
|
@@ -104,6 +105,7 @@ from prowler.lib.outputs.ocsf.ocsf import OCSF
|
|
|
104
105
|
from prowler.lib.outputs.outputs import extract_findings_statistics, report
|
|
105
106
|
from prowler.lib.outputs.slack.slack import Slack
|
|
106
107
|
from prowler.lib.outputs.summary_table import display_summary_table
|
|
108
|
+
from prowler.providers.alibabacloud.models import AlibabaCloudOutputOptions
|
|
107
109
|
from prowler.providers.aws.lib.s3.s3 import S3
|
|
108
110
|
from prowler.providers.aws.lib.security_hub.security_hub import SecurityHub
|
|
109
111
|
from prowler.providers.aws.models import AWSOutputOptions
|
|
@@ -347,6 +349,10 @@ def prowler():
|
|
|
347
349
|
output_options = OCIOutputOptions(
|
|
348
350
|
args, bulk_checks_metadata, global_provider.identity
|
|
349
351
|
)
|
|
352
|
+
elif provider == "alibabacloud":
|
|
353
|
+
output_options = AlibabaCloudOutputOptions(
|
|
354
|
+
args, bulk_checks_metadata, global_provider.identity
|
|
355
|
+
)
|
|
350
356
|
|
|
351
357
|
# Run the quick inventory for the provider if available
|
|
352
358
|
if hasattr(args, "quick_inventory") and args.quick_inventory:
|
|
@@ -1018,6 +1024,34 @@ def prowler():
|
|
|
1018
1024
|
generated_outputs["compliance"].append(generic_compliance)
|
|
1019
1025
|
generic_compliance.batch_write_data_to_file()
|
|
1020
1026
|
|
|
1027
|
+
elif provider == "alibabacloud":
|
|
1028
|
+
for compliance_name in input_compliance_frameworks:
|
|
1029
|
+
if compliance_name.startswith("cis_"):
|
|
1030
|
+
# Generate CIS Finding Object
|
|
1031
|
+
filename = (
|
|
1032
|
+
f"{output_options.output_directory}/compliance/"
|
|
1033
|
+
f"{output_options.output_filename}_{compliance_name}.csv"
|
|
1034
|
+
)
|
|
1035
|
+
cis = AlibabaCloudCIS(
|
|
1036
|
+
findings=finding_outputs,
|
|
1037
|
+
compliance=bulk_compliance_frameworks[compliance_name],
|
|
1038
|
+
file_path=filename,
|
|
1039
|
+
)
|
|
1040
|
+
generated_outputs["compliance"].append(cis)
|
|
1041
|
+
cis.batch_write_data_to_file()
|
|
1042
|
+
else:
|
|
1043
|
+
filename = (
|
|
1044
|
+
f"{output_options.output_directory}/compliance/"
|
|
1045
|
+
f"{output_options.output_filename}_{compliance_name}.csv"
|
|
1046
|
+
)
|
|
1047
|
+
generic_compliance = GenericCompliance(
|
|
1048
|
+
findings=finding_outputs,
|
|
1049
|
+
compliance=bulk_compliance_frameworks[compliance_name],
|
|
1050
|
+
file_path=filename,
|
|
1051
|
+
)
|
|
1052
|
+
generated_outputs["compliance"].append(generic_compliance)
|
|
1053
|
+
generic_compliance.batch_write_data_to_file()
|
|
1054
|
+
|
|
1021
1055
|
# AWS Security Hub Integration
|
|
1022
1056
|
if provider == "aws":
|
|
1023
1057
|
# Send output to S3 if needed (-B / -D) for all the output formats
|
|
File without changes
|