PyPI - regscale-cli - Versions diffs - 6.16.0.0__py3-none-any.whl - Mend

regscale-cli 6.16.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (481) hide show

regscale/__init__.py +1 -0
regscale/airflow/__init__.py +9 -0
regscale/airflow/azure/__init__.py +9 -0
regscale/airflow/azure/cli.py +89 -0
regscale/airflow/azure/upload_dags.py +116 -0
regscale/airflow/click_dags.py +127 -0
regscale/airflow/click_mixins.py +82 -0
regscale/airflow/config.py +25 -0
regscale/airflow/factories/__init__.py +0 -0
regscale/airflow/factories/connections.py +58 -0
regscale/airflow/factories/workflows.py +78 -0
regscale/airflow/hierarchy.py +88 -0
regscale/airflow/operators/__init__.py +0 -0
regscale/airflow/operators/click.py +36 -0
regscale/airflow/sensors/__init__.py +0 -0
regscale/airflow/sensors/sql.py +107 -0
regscale/airflow/sessions/__init__.py +0 -0
regscale/airflow/sessions/sql/__init__.py +3 -0
regscale/airflow/sessions/sql/queries.py +64 -0
regscale/airflow/sessions/sql/sql_server_queries.py +248 -0
regscale/airflow/tasks/__init__.py +0 -0
regscale/airflow/tasks/branches.py +22 -0
regscale/airflow/tasks/cli.py +116 -0
regscale/airflow/tasks/click.py +73 -0
regscale/airflow/tasks/debugging.py +9 -0
regscale/airflow/tasks/groups.py +116 -0
regscale/airflow/tasks/init.py +60 -0
regscale/airflow/tasks/states.py +47 -0
regscale/airflow/tasks/workflows.py +36 -0
regscale/ansible/__init__.py +9 -0
regscale/core/__init__.py +0 -0
regscale/core/app/__init__.py +3 -0
regscale/core/app/api.py +571 -0
regscale/core/app/application.py +665 -0
regscale/core/app/internal/__init__.py +136 -0
regscale/core/app/internal/admin_actions.py +230 -0
regscale/core/app/internal/assessments_editor.py +873 -0
regscale/core/app/internal/catalog.py +316 -0
regscale/core/app/internal/comparison.py +459 -0
regscale/core/app/internal/control_editor.py +571 -0
regscale/core/app/internal/encrypt.py +79 -0
regscale/core/app/internal/evidence.py +1240 -0
regscale/core/app/internal/file_uploads.py +151 -0
regscale/core/app/internal/healthcheck.py +66 -0
regscale/core/app/internal/login.py +305 -0
regscale/core/app/internal/migrations.py +240 -0
regscale/core/app/internal/model_editor.py +1701 -0
regscale/core/app/internal/poam_editor.py +632 -0
regscale/core/app/internal/workflow.py +105 -0
regscale/core/app/logz.py +74 -0
regscale/core/app/utils/XMLIR.py +258 -0
regscale/core/app/utils/__init__.py +0 -0
regscale/core/app/utils/api_handler.py +358 -0
regscale/core/app/utils/app_utils.py +1110 -0
regscale/core/app/utils/catalog_utils/__init__.py +0 -0
regscale/core/app/utils/catalog_utils/common.py +91 -0
regscale/core/app/utils/catalog_utils/compare_catalog.py +193 -0
regscale/core/app/utils/catalog_utils/diagnostic_catalog.py +97 -0
regscale/core/app/utils/catalog_utils/download_catalog.py +103 -0
regscale/core/app/utils/catalog_utils/update_catalog.py +718 -0
regscale/core/app/utils/catalog_utils/update_catalog_v2.py +1378 -0
regscale/core/app/utils/catalog_utils/update_catalog_v3.py +1272 -0
regscale/core/app/utils/catalog_utils/update_plans.py +334 -0
regscale/core/app/utils/file_utils.py +238 -0
regscale/core/app/utils/parser_utils.py +81 -0
regscale/core/app/utils/pickle_file_handler.py +57 -0
regscale/core/app/utils/regscale_utils.py +319 -0
regscale/core/app/utils/report_utils.py +119 -0
regscale/core/app/utils/variables.py +226 -0
regscale/core/decorators.py +31 -0
regscale/core/lazy_group.py +65 -0
regscale/core/login.py +63 -0
regscale/core/server/__init__.py +0 -0
regscale/core/server/flask_api.py +473 -0
regscale/core/server/helpers.py +373 -0
regscale/core/server/rest.py +64 -0
regscale/core/server/static/css/bootstrap.css +6030 -0
regscale/core/server/static/css/bootstrap.min.css +6 -0
regscale/core/server/static/css/main.css +176 -0
regscale/core/server/static/images/regscale-cli.svg +49 -0
regscale/core/server/static/images/regscale.svg +38 -0
regscale/core/server/templates/base.html +74 -0
regscale/core/server/templates/index.html +43 -0
regscale/core/server/templates/login.html +28 -0
regscale/core/server/templates/make_base64.html +22 -0
regscale/core/server/templates/upload_STIG.html +109 -0
regscale/core/server/templates/upload_STIG_result.html +26 -0
regscale/core/server/templates/upload_ssp.html +144 -0
regscale/core/server/templates/upload_ssp_result.html +128 -0
regscale/core/static/__init__.py +0 -0
regscale/core/static/regex.py +14 -0
regscale/core/utils/__init__.py +117 -0
regscale/core/utils/click_utils.py +13 -0
regscale/core/utils/date.py +238 -0
regscale/core/utils/graphql.py +254 -0
regscale/core/utils/urls.py +23 -0
regscale/dev/__init__.py +6 -0
regscale/dev/analysis.py +454 -0
regscale/dev/cli.py +235 -0
regscale/dev/code_gen.py +492 -0
regscale/dev/dirs.py +69 -0
regscale/dev/docs.py +384 -0
regscale/dev/monitoring.py +26 -0
regscale/dev/profiling.py +216 -0
regscale/exceptions/__init__.py +4 -0
regscale/exceptions/license_exception.py +7 -0
regscale/exceptions/validation_exception.py +9 -0
regscale/integrations/__init__.py +1 -0
regscale/integrations/commercial/__init__.py +486 -0
regscale/integrations/commercial/ad.py +433 -0
regscale/integrations/commercial/amazon/__init__.py +0 -0
regscale/integrations/commercial/amazon/common.py +106 -0
regscale/integrations/commercial/aqua/__init__.py +0 -0
regscale/integrations/commercial/aqua/aqua.py +91 -0
regscale/integrations/commercial/aws/__init__.py +6 -0
regscale/integrations/commercial/aws/cli.py +322 -0
regscale/integrations/commercial/aws/inventory/__init__.py +110 -0
regscale/integrations/commercial/aws/inventory/base.py +64 -0
regscale/integrations/commercial/aws/inventory/resources/__init__.py +19 -0
regscale/integrations/commercial/aws/inventory/resources/compute.py +234 -0
regscale/integrations/commercial/aws/inventory/resources/containers.py +113 -0
regscale/integrations/commercial/aws/inventory/resources/database.py +101 -0
regscale/integrations/commercial/aws/inventory/resources/integration.py +237 -0
regscale/integrations/commercial/aws/inventory/resources/networking.py +253 -0
regscale/integrations/commercial/aws/inventory/resources/security.py +240 -0
regscale/integrations/commercial/aws/inventory/resources/storage.py +91 -0
regscale/integrations/commercial/aws/scanner.py +823 -0
regscale/integrations/commercial/azure/__init__.py +0 -0
regscale/integrations/commercial/azure/common.py +32 -0
regscale/integrations/commercial/azure/intune.py +488 -0
regscale/integrations/commercial/azure/scanner.py +49 -0
regscale/integrations/commercial/burp.py +78 -0
regscale/integrations/commercial/cpe.py +144 -0
regscale/integrations/commercial/crowdstrike.py +1117 -0
regscale/integrations/commercial/defender.py +1511 -0
regscale/integrations/commercial/dependabot.py +210 -0
regscale/integrations/commercial/durosuite/__init__.py +0 -0
regscale/integrations/commercial/durosuite/api.py +1546 -0
regscale/integrations/commercial/durosuite/process_devices.py +101 -0
regscale/integrations/commercial/durosuite/scanner.py +637 -0
regscale/integrations/commercial/durosuite/variables.py +21 -0
regscale/integrations/commercial/ecr.py +90 -0
regscale/integrations/commercial/gcp/__init__.py +237 -0
regscale/integrations/commercial/gcp/auth.py +96 -0
regscale/integrations/commercial/gcp/control_tests.py +238 -0
regscale/integrations/commercial/gcp/variables.py +18 -0
regscale/integrations/commercial/gitlab.py +332 -0
regscale/integrations/commercial/grype.py +165 -0
regscale/integrations/commercial/ibm.py +90 -0
regscale/integrations/commercial/import_all/__init__.py +0 -0
regscale/integrations/commercial/import_all/import_all_cmd.py +467 -0
regscale/integrations/commercial/import_all/scan_file_fingerprints.json +27 -0
regscale/integrations/commercial/jira.py +1046 -0
regscale/integrations/commercial/mappings/__init__.py +0 -0
regscale/integrations/commercial/mappings/csf_controls.json +713 -0
regscale/integrations/commercial/mappings/nist_800_53_r5_controls.json +1516 -0
regscale/integrations/commercial/nessus/__init__.py +0 -0
regscale/integrations/commercial/nessus/nessus_utils.py +429 -0
regscale/integrations/commercial/nessus/scanner.py +416 -0
regscale/integrations/commercial/nexpose.py +90 -0
regscale/integrations/commercial/okta.py +798 -0
regscale/integrations/commercial/opentext/__init__.py +0 -0
regscale/integrations/commercial/opentext/click.py +99 -0
regscale/integrations/commercial/opentext/scanner.py +143 -0
regscale/integrations/commercial/prisma.py +91 -0
regscale/integrations/commercial/qualys.py +1462 -0
regscale/integrations/commercial/salesforce.py +980 -0
regscale/integrations/commercial/sap/__init__.py +0 -0
regscale/integrations/commercial/sap/click.py +31 -0
regscale/integrations/commercial/sap/sysdig/__init__.py +0 -0
regscale/integrations/commercial/sap/sysdig/click.py +57 -0
regscale/integrations/commercial/sap/sysdig/sysdig_scanner.py +190 -0
regscale/integrations/commercial/sap/tenable/__init__.py +0 -0
regscale/integrations/commercial/sap/tenable/click.py +49 -0
regscale/integrations/commercial/sap/tenable/scanner.py +196 -0
regscale/integrations/commercial/servicenow.py +1756 -0
regscale/integrations/commercial/sicura/__init__.py +0 -0
regscale/integrations/commercial/sicura/api.py +855 -0
regscale/integrations/commercial/sicura/commands.py +73 -0
regscale/integrations/commercial/sicura/scanner.py +481 -0
regscale/integrations/commercial/sicura/variables.py +16 -0
regscale/integrations/commercial/snyk.py +90 -0
regscale/integrations/commercial/sonarcloud.py +260 -0
regscale/integrations/commercial/sqlserver.py +369 -0
regscale/integrations/commercial/stig_mapper_integration/__init__.py +0 -0
regscale/integrations/commercial/stig_mapper_integration/click_commands.py +38 -0
regscale/integrations/commercial/stig_mapper_integration/mapping_engine.py +353 -0
regscale/integrations/commercial/stigv2/__init__.py +0 -0
regscale/integrations/commercial/stigv2/ckl_parser.py +349 -0
regscale/integrations/commercial/stigv2/click_commands.py +95 -0
regscale/integrations/commercial/stigv2/stig_integration.py +202 -0
regscale/integrations/commercial/synqly/__init__.py +0 -0
regscale/integrations/commercial/synqly/assets.py +46 -0
regscale/integrations/commercial/synqly/ticketing.py +132 -0
regscale/integrations/commercial/synqly/vulnerabilities.py +223 -0
regscale/integrations/commercial/synqly_jira.py +840 -0
regscale/integrations/commercial/tenablev2/__init__.py +0 -0
regscale/integrations/commercial/tenablev2/authenticate.py +31 -0
regscale/integrations/commercial/tenablev2/click.py +1584 -0
regscale/integrations/commercial/tenablev2/scanner.py +504 -0
regscale/integrations/commercial/tenablev2/stig_parsers.py +140 -0
regscale/integrations/commercial/tenablev2/utils.py +78 -0
regscale/integrations/commercial/tenablev2/variables.py +17 -0
regscale/integrations/commercial/trivy.py +162 -0
regscale/integrations/commercial/veracode.py +96 -0
regscale/integrations/commercial/wizv2/WizDataMixin.py +97 -0
regscale/integrations/commercial/wizv2/__init__.py +0 -0
regscale/integrations/commercial/wizv2/click.py +429 -0
regscale/integrations/commercial/wizv2/constants.py +1001 -0
regscale/integrations/commercial/wizv2/issue.py +361 -0
regscale/integrations/commercial/wizv2/models.py +112 -0
regscale/integrations/commercial/wizv2/parsers.py +339 -0
regscale/integrations/commercial/wizv2/sbom.py +115 -0
regscale/integrations/commercial/wizv2/scanner.py +416 -0
regscale/integrations/commercial/wizv2/utils.py +796 -0
regscale/integrations/commercial/wizv2/variables.py +39 -0
regscale/integrations/commercial/wizv2/wiz_auth.py +159 -0
regscale/integrations/commercial/xray.py +91 -0
regscale/integrations/integration/__init__.py +2 -0
regscale/integrations/integration/integration.py +26 -0
regscale/integrations/integration/inventory.py +17 -0
regscale/integrations/integration/issue.py +100 -0
regscale/integrations/integration_override.py +149 -0
regscale/integrations/public/__init__.py +103 -0
regscale/integrations/public/cisa.py +641 -0
regscale/integrations/public/criticality_updater.py +70 -0
regscale/integrations/public/emass.py +411 -0
regscale/integrations/public/emass_slcm_import.py +697 -0
regscale/integrations/public/fedramp/__init__.py +0 -0
regscale/integrations/public/fedramp/appendix_parser.py +548 -0
regscale/integrations/public/fedramp/click.py +479 -0
regscale/integrations/public/fedramp/components.py +714 -0
regscale/integrations/public/fedramp/docx_parser.py +259 -0
regscale/integrations/public/fedramp/fedramp_cis_crm.py +1124 -0
regscale/integrations/public/fedramp/fedramp_common.py +3181 -0
regscale/integrations/public/fedramp/fedramp_docx.py +388 -0
regscale/integrations/public/fedramp/fedramp_five.py +2343 -0
regscale/integrations/public/fedramp/fedramp_traversal.py +138 -0
regscale/integrations/public/fedramp/import_fedramp_r4_ssp.py +279 -0
regscale/integrations/public/fedramp/import_workbook.py +495 -0
regscale/integrations/public/fedramp/inventory_items.py +244 -0
regscale/integrations/public/fedramp/mappings/__init__.py +0 -0
regscale/integrations/public/fedramp/mappings/fedramp_r4_parts.json +7388 -0
regscale/integrations/public/fedramp/mappings/fedramp_r5_params.json +8636 -0
regscale/integrations/public/fedramp/mappings/fedramp_r5_parts.json +9605 -0
regscale/integrations/public/fedramp/mappings/system_roles.py +34 -0
regscale/integrations/public/fedramp/mappings/user.py +175 -0
regscale/integrations/public/fedramp/mappings/values.py +141 -0
regscale/integrations/public/fedramp/markdown_parser.py +150 -0
regscale/integrations/public/fedramp/metadata.py +689 -0
regscale/integrations/public/fedramp/models/__init__.py +59 -0
regscale/integrations/public/fedramp/models/leveraged_auth_new.py +168 -0
regscale/integrations/public/fedramp/models/poam_importer.py +522 -0
regscale/integrations/public/fedramp/parts_mapper.py +107 -0
regscale/integrations/public/fedramp/poam/__init__.py +0 -0
regscale/integrations/public/fedramp/poam/scanner.py +851 -0
regscale/integrations/public/fedramp/properties.py +201 -0
regscale/integrations/public/fedramp/reporting.py +84 -0
regscale/integrations/public/fedramp/resources.py +496 -0
regscale/integrations/public/fedramp/rosetta.py +110 -0
regscale/integrations/public/fedramp/ssp_logger.py +87 -0
regscale/integrations/public/fedramp/system_characteristics.py +922 -0
regscale/integrations/public/fedramp/system_control_implementations.py +582 -0
regscale/integrations/public/fedramp/system_implementation.py +190 -0
regscale/integrations/public/fedramp/xml_utils.py +87 -0
regscale/integrations/public/nist_catalog.py +275 -0
regscale/integrations/public/oscal.py +1946 -0
regscale/integrations/public/otx.py +169 -0
regscale/integrations/scanner_integration.py +2692 -0
regscale/integrations/variables.py +25 -0
regscale/models/__init__.py +7 -0
regscale/models/app_models/__init__.py +5 -0
regscale/models/app_models/catalog_compare.py +213 -0
regscale/models/app_models/click.py +252 -0
regscale/models/app_models/datetime_encoder.py +21 -0
regscale/models/app_models/import_validater.py +321 -0
regscale/models/app_models/mapping.py +260 -0
regscale/models/app_models/pipeline.py +37 -0
regscale/models/click_models.py +413 -0
regscale/models/config.py +154 -0
regscale/models/email_style.css +67 -0
regscale/models/hierarchy.py +8 -0
regscale/models/inspect_models.py +79 -0
regscale/models/integration_models/__init__.py +0 -0
regscale/models/integration_models/amazon_models/__init__.py +0 -0
regscale/models/integration_models/amazon_models/inspector.py +262 -0
regscale/models/integration_models/amazon_models/inspector_scan.py +206 -0
regscale/models/integration_models/aqua.py +247 -0
regscale/models/integration_models/azure_alerts.py +255 -0
regscale/models/integration_models/base64.py +23 -0
regscale/models/integration_models/burp.py +433 -0
regscale/models/integration_models/burp_models.py +128 -0
regscale/models/integration_models/cisa_kev_data.json +19333 -0
regscale/models/integration_models/defender_data.py +93 -0
regscale/models/integration_models/defenderimport.py +143 -0
regscale/models/integration_models/drf.py +443 -0
regscale/models/integration_models/ecr_models/__init__.py +0 -0
regscale/models/integration_models/ecr_models/data.py +69 -0
regscale/models/integration_models/ecr_models/ecr.py +239 -0
regscale/models/integration_models/flat_file_importer.py +1079 -0
regscale/models/integration_models/grype_import.py +247 -0
regscale/models/integration_models/ibm.py +126 -0
regscale/models/integration_models/implementation_results.py +85 -0
regscale/models/integration_models/nexpose.py +140 -0
regscale/models/integration_models/prisma.py +202 -0
regscale/models/integration_models/qualys.py +720 -0
regscale/models/integration_models/qualys_scanner.py +160 -0
regscale/models/integration_models/sbom/__init__.py +0 -0
regscale/models/integration_models/sbom/cyclone_dx.py +139 -0
regscale/models/integration_models/send_reminders.py +620 -0
regscale/models/integration_models/snyk.py +155 -0
regscale/models/integration_models/synqly_models/__init__.py +0 -0
regscale/models/integration_models/synqly_models/capabilities.json +1 -0
regscale/models/integration_models/synqly_models/connector_types.py +22 -0
regscale/models/integration_models/synqly_models/connectors/__init__.py +7 -0
regscale/models/integration_models/synqly_models/connectors/assets.py +97 -0
regscale/models/integration_models/synqly_models/connectors/ticketing.py +583 -0
regscale/models/integration_models/synqly_models/connectors/vulnerabilities.py +169 -0
regscale/models/integration_models/synqly_models/ocsf_mapper.py +331 -0
regscale/models/integration_models/synqly_models/param.py +72 -0
regscale/models/integration_models/synqly_models/synqly_model.py +733 -0
regscale/models/integration_models/synqly_models/tenants.py +39 -0
regscale/models/integration_models/tenable_models/__init__.py +0 -0
regscale/models/integration_models/tenable_models/integration.py +187 -0
regscale/models/integration_models/tenable_models/models.py +513 -0
regscale/models/integration_models/trivy_import.py +231 -0
regscale/models/integration_models/veracode.py +217 -0
regscale/models/integration_models/xray.py +135 -0
regscale/models/locking.py +100 -0
regscale/models/platform.py +110 -0
regscale/models/regscale_models/__init__.py +67 -0
regscale/models/regscale_models/assessment.py +570 -0
regscale/models/regscale_models/assessment_plan.py +52 -0
regscale/models/regscale_models/asset.py +567 -0
regscale/models/regscale_models/asset_mapping.py +190 -0
regscale/models/regscale_models/case.py +42 -0
regscale/models/regscale_models/catalog.py +261 -0
regscale/models/regscale_models/cci.py +46 -0
regscale/models/regscale_models/change.py +167 -0
regscale/models/regscale_models/checklist.py +372 -0
regscale/models/regscale_models/comment.py +49 -0
regscale/models/regscale_models/compliance_settings.py +112 -0
regscale/models/regscale_models/component.py +412 -0
regscale/models/regscale_models/component_mapping.py +65 -0
regscale/models/regscale_models/control.py +38 -0
regscale/models/regscale_models/control_implementation.py +1128 -0
regscale/models/regscale_models/control_objective.py +261 -0
regscale/models/regscale_models/control_parameter.py +100 -0
regscale/models/regscale_models/control_test.py +34 -0
regscale/models/regscale_models/control_test_plan.py +75 -0
regscale/models/regscale_models/control_test_result.py +52 -0
regscale/models/regscale_models/custom_field.py +245 -0
regscale/models/regscale_models/data.py +109 -0
regscale/models/regscale_models/data_center.py +40 -0
regscale/models/regscale_models/deviation.py +203 -0
regscale/models/regscale_models/email.py +97 -0
regscale/models/regscale_models/evidence.py +47 -0
regscale/models/regscale_models/evidence_mapping.py +40 -0
regscale/models/regscale_models/facility.py +59 -0
regscale/models/regscale_models/file.py +382 -0
regscale/models/regscale_models/filetag.py +37 -0
regscale/models/regscale_models/form_field_value.py +94 -0
regscale/models/regscale_models/group.py +169 -0
regscale/models/regscale_models/implementation_objective.py +335 -0
regscale/models/regscale_models/implementation_option.py +275 -0
regscale/models/regscale_models/implementation_role.py +33 -0
regscale/models/regscale_models/incident.py +177 -0
regscale/models/regscale_models/interconnection.py +43 -0
regscale/models/regscale_models/issue.py +1176 -0
regscale/models/regscale_models/leveraged_authorization.py +125 -0
regscale/models/regscale_models/line_of_inquiry.py +52 -0
regscale/models/regscale_models/link.py +205 -0
regscale/models/regscale_models/meta_data.py +64 -0
regscale/models/regscale_models/mixins/__init__.py +0 -0
regscale/models/regscale_models/mixins/parent_cache.py +124 -0
regscale/models/regscale_models/module.py +224 -0
regscale/models/regscale_models/modules.py +191 -0
regscale/models/regscale_models/objective.py +14 -0
regscale/models/regscale_models/parameter.py +87 -0
regscale/models/regscale_models/ports_protocol.py +81 -0
regscale/models/regscale_models/privacy.py +89 -0
regscale/models/regscale_models/profile.py +50 -0
regscale/models/regscale_models/profile_link.py +68 -0
regscale/models/regscale_models/profile_mapping.py +124 -0
regscale/models/regscale_models/project.py +63 -0
regscale/models/regscale_models/property.py +278 -0
regscale/models/regscale_models/question.py +85 -0
regscale/models/regscale_models/questionnaire.py +87 -0
regscale/models/regscale_models/questionnaire_instance.py +177 -0
regscale/models/regscale_models/rbac.py +132 -0
regscale/models/regscale_models/reference.py +86 -0
regscale/models/regscale_models/regscale_model.py +1643 -0
regscale/models/regscale_models/requirement.py +29 -0
regscale/models/regscale_models/risk.py +274 -0
regscale/models/regscale_models/sbom.py +54 -0
regscale/models/regscale_models/scan_history.py +436 -0
regscale/models/regscale_models/search.py +53 -0
regscale/models/regscale_models/security_control.py +132 -0
regscale/models/regscale_models/security_plan.py +204 -0
regscale/models/regscale_models/software_inventory.py +159 -0
regscale/models/regscale_models/stake_holder.py +64 -0
regscale/models/regscale_models/stig.py +647 -0
regscale/models/regscale_models/supply_chain.py +152 -0
regscale/models/regscale_models/system_role.py +188 -0
regscale/models/regscale_models/system_role_external_assignment.py +40 -0
regscale/models/regscale_models/tag.py +37 -0
regscale/models/regscale_models/tag_mapping.py +19 -0
regscale/models/regscale_models/task.py +133 -0
regscale/models/regscale_models/threat.py +196 -0
regscale/models/regscale_models/user.py +175 -0
regscale/models/regscale_models/user_group.py +55 -0
regscale/models/regscale_models/vulnerability.py +242 -0
regscale/models/regscale_models/vulnerability_mapping.py +162 -0
regscale/models/regscale_models/workflow.py +55 -0
regscale/models/regscale_models/workflow_action.py +34 -0
regscale/models/regscale_models/workflow_instance.py +269 -0
regscale/models/regscale_models/workflow_instance_step.py +114 -0
regscale/models/regscale_models/workflow_template.py +58 -0
regscale/models/regscale_models/workflow_template_step.py +45 -0
regscale/regscale.py +815 -0
regscale/utils/__init__.py +7 -0
regscale/utils/b64conversion.py +14 -0
regscale/utils/click_utils.py +118 -0
regscale/utils/decorators.py +48 -0
regscale/utils/dict_utils.py +59 -0
regscale/utils/files.py +79 -0
regscale/utils/fxns.py +30 -0
regscale/utils/graphql_client.py +113 -0
regscale/utils/lists.py +16 -0
regscale/utils/numbers.py +12 -0
regscale/utils/shell.py +148 -0
regscale/utils/string.py +121 -0
regscale/utils/synqly_utils.py +165 -0
regscale/utils/threading/__init__.py +8 -0
regscale/utils/threading/threadhandler.py +131 -0
regscale/utils/threading/threadsafe_counter.py +47 -0
regscale/utils/threading/threadsafe_dict.py +242 -0
regscale/utils/threading/threadsafe_list.py +83 -0
regscale/utils/version.py +104 -0
regscale/validation/__init__.py +0 -0
regscale/validation/address.py +37 -0
regscale/validation/record.py +48 -0
regscale/visualization/__init__.py +5 -0
regscale/visualization/click.py +34 -0
regscale_cli-6.16.0.0.dist-info/LICENSE +21 -0
regscale_cli-6.16.0.0.dist-info/METADATA +659 -0
regscale_cli-6.16.0.0.dist-info/RECORD +481 -0
regscale_cli-6.16.0.0.dist-info/WHEEL +5 -0
regscale_cli-6.16.0.0.dist-info/entry_points.txt +6 -0
regscale_cli-6.16.0.0.dist-info/top_level.txt +2 -0
tests/fixtures/__init__.py +2 -0
tests/fixtures/api.py +87 -0
tests/fixtures/models.py +91 -0
tests/fixtures/test_fixture.py +144 -0
tests/mocks/__init__.py +0 -0
tests/mocks/objects.py +3 -0
tests/mocks/response.py +32 -0
tests/mocks/xml.py +13 -0
tests/regscale/__init__.py +0 -0
tests/regscale/core/__init__.py +0 -0
tests/regscale/core/test_api.py +232 -0
tests/regscale/core/test_app.py +406 -0
tests/regscale/core/test_login.py +37 -0
tests/regscale/core/test_logz.py +66 -0
tests/regscale/core/test_sbom_generator.py +87 -0
tests/regscale/core/test_validation_utils.py +163 -0
tests/regscale/core/test_version.py +78 -0
tests/regscale/models/__init__.py +0 -0
tests/regscale/models/test_asset.py +71 -0
tests/regscale/models/test_config.py +26 -0
tests/regscale/models/test_control_implementation.py +27 -0
tests/regscale/models/test_import.py +97 -0
tests/regscale/models/test_issue.py +36 -0
tests/regscale/models/test_mapping.py +52 -0
tests/regscale/models/test_platform.py +31 -0
tests/regscale/models/test_regscale_model.py +346 -0
tests/regscale/models/test_report.py +32 -0
tests/regscale/models/test_tenable_integrations.py +118 -0
tests/regscale/models/test_user_model.py +121 -0
tests/regscale/test_about.py +19 -0
tests/regscale/test_authorization.py +65 -0

regscale/integrations/commercial/aws/scanner.py ADDED Viewed

@@ -0,0 +1,823 @@
+"""Module for AWS resource inventory scanning integration."""
+import json
+import logging
+import os
+import time
+from typing import Any, Dict, Iterator, List, Optional, Tuple
+from regscale.core.utils.date import date_str, datetime_str
+from regscale.integrations.commercial.amazon.common import (
+    check_finding_severity,
+    determine_status_and_results,
+    get_comments,
+    get_due_date,
+)
+from regscale.integrations.scanner_integration import (
+    IntegrationAsset,
+    IntegrationFinding,
+    ScannerIntegration,
+    ScannerIntegrationType,
+)
+from regscale.models import IssueStatus, regscale_models
+from .inventory import AWSInventoryCollector
+logger = logging.getLogger("regscale")
+# Constants for file paths
+INVENTORY_FILE_PATH = os.path.join("artifacts", "aws", "inventory.json")
+CACHE_TTL_SECONDS = 8 * 60 * 60  # 8 hours in seconds
+class AWSInventoryIntegration(ScannerIntegration):
+    """Integration class for AWS resource inventory scanning."""
+    title = "AWS"
+    asset_identifier_field = "awsIdentifier"
+    issue_identifier_field = "awsIdentifier"
+    finding_severity_map = {
+        "CRITICAL": regscale_models.IssueSeverity.High,
+        "HIGH": regscale_models.IssueSeverity.High,
+        "MEDIUM": regscale_models.IssueSeverity.Moderate,
+        "LOW": regscale_models.IssueSeverity.Low,
+        "INFORMATIONAL": regscale_models.IssueSeverity.NotAssigned,
+    }
+    checklist_status_map = {
+        "Pass": regscale_models.ChecklistStatus.PASS,
+        "Fail": regscale_models.ChecklistStatus.FAIL,
+    }
+    type = ScannerIntegrationType.CHECKLIST
+    def __init__(self, plan_id: int, **kwargs):
+        """
+        Initialize the AWS inventory integration.
+        :param int plan_id: The RegScale plan ID
+        """
+        super().__init__(plan_id=plan_id, kwargs=kwargs)
+        self.collector: Optional[AWSInventoryCollector] = None
+    def authenticate(
+        self,
+        aws_access_key_id: Optional[str],
+        aws_secret_access_key: Optional[str],
+        region: str = os.getenv("AWS_REGION", "us-east-1"),
+        aws_session_token: Optional[str] = os.getenv("AWS_SESSION_TOKEN"),
+    ) -> None:
+        """
+        Authenticate with AWS and initialize the inventory collector.
+        :param str aws_access_key_id: Optional AWS access key ID
+        :param str aws_secret_access_key: Optional AWS secret access key
+        :param str region: AWS region to collect inventory from
+        :param str aws_session_token: Optional AWS session ID
+        """
+        self.collector = AWSInventoryCollector(
+            region=region,
+            aws_access_key_id=aws_access_key_id,
+            aws_secret_access_key=aws_secret_access_key,
+            aws_session_token=aws_session_token,
+        )
+    def fetch_aws_data_if_needed(
+        self,
+        region: str,
+        aws_access_key_id: Optional[str],
+        aws_secret_access_key: Optional[str],
+        aws_session_token: Optional[str] = None,
+    ) -> Dict[str, Any]:
+        """
+        Fetch AWS inventory data, using cached data if available and not expired.
+        :param str region: AWS region to collect inventory from
+        :param str aws_access_key_id: Optional AWS access key ID
+        :param str aws_secret_access_key: Optional AWS secret access key
+        :param str aws_session_token: Optional AWS session ID
+        :return: Dictionary containing AWS inventory data
+        :rtype: Dict[str, Any]
+        """
+        from regscale.models import DateTimeEncoder
+        # Check if we have cached data that's still valid
+        if os.path.exists(INVENTORY_FILE_PATH):
+            file_age = time.time() - os.path.getmtime(INVENTORY_FILE_PATH)
+            if file_age < CACHE_TTL_SECONDS:
+                with open(INVENTORY_FILE_PATH, "r", encoding="utf-8") as file:
+                    return json.load(file)
+        # No valid cache, need to fetch new data
+        if not self.collector:
+            self.authenticate(aws_access_key_id, aws_secret_access_key, region, aws_session_token)
+        if not self.collector:
+            raise RuntimeError("Failed to initialize AWS inventory collector")
+        inventory = self.collector.collect_all()
+        # Ensure the artifacts directory exists
+        os.makedirs(os.path.dirname(INVENTORY_FILE_PATH), exist_ok=True)
+        with open(INVENTORY_FILE_PATH, "w", encoding="utf-8") as file:
+            json.dump(inventory, file, cls=DateTimeEncoder, indent=2)
+        return inventory
+    def _process_asset_collection(
+        self, assets: List[Dict[str, Any]], asset_type: str, parser_method
+    ) -> Iterator[IntegrationAsset]:
+        """
+        Process a collection of assets using the specified parser method.
+        :param List[Dict[str, Any]] assets: List of assets to process
+        :param str asset_type: Type of asset being processed
+        :param callable parser_method: Method to parse the asset
+        :yield: Iterator[IntegrationAsset]
+        """
+        for asset in assets:
+            if not isinstance(asset, dict) and asset not in ["Users", "Roles"]:
+                logger.warning(f"Skipping {asset_type} due to invalid data format: {asset}")
+                continue
+            try:
+                if asset in ["Users", "Roles"]:
+                    for user in assets[asset]:
+                        self.num_assets_to_process += 1
+                        yield parser_method(user)
+                else:
+                    self.num_assets_to_process += 1
+                    yield parser_method(asset)
+            except Exception as e:
+                logger.error(f"Error parsing {asset_type} {asset}: {str(e)}", exc_info=True)
+    def _process_inventory_section(
+        self, inventory: Dict[str, Any], section_key: str, asset_type: str, parser_method
+    ) -> Iterator[IntegrationAsset]:
+        """
+        Process a section of the inventory.
+        :param Dict[str, Any] inventory: The complete inventory data
+        :param str section_key: Key for the section in the inventory
+        :param str asset_type: Type of asset being processed
+        :param callable parser_method: Method to parse the asset
+        :yield: Iterator[IntegrationAsset]
+        """
+        assets = inventory.get(section_key, [])
+        yield from self._process_asset_collection(assets, asset_type, parser_method)
+    def get_asset_configs(self) -> List[Tuple[str, str, callable]]:
+        """
+        Get the asset configurations for parsing.
+        :return: List of asset configurations
+        :rtype: List[Tuple[str, str, callable]]
+        """
+        return [
+            ("IAM", "Roles", self.parse_aws_account),
+            ("EC2Instances", "EC2 instance", self.parse_ec2_instance),
+            ("LambdaFunctions", "Lambda function", self.parse_lambda_function),
+            ("S3Buckets", "S3 bucket", self.parse_s3_bucket),
+            ("RDSInstances", "RDS instance", self.parse_rds_instance),
+            ("DynamoDBTables", "DynamoDB table", self.parse_dynamodb_table),
+            ("VPCs", "VPC", self.parse_vpc),
+            ("LoadBalancers", "Load Balancer", self.parse_load_balancer),
+            ("ECRRepositories", "ECR repository", self.parse_ecr_repository),
+        ]
+    def fetch_assets(
+        self,
+        region: str,
+        aws_access_key_id: Optional[str] = None,
+        aws_secret_access_key: Optional[str] = None,
+        aws_session_token: Optional[str] = None,
+    ) -> Iterator[IntegrationAsset]:
+        """
+        Fetch AWS assets from the inventory.
+        :param str region: AWS region to collect inventory from
+        :param str aws_access_key_id: Optional AWS access key ID
+        :param str aws_secret_access_key: Optional AWS secret access key
+        :param str aws_session_token: Optional AWS session ID
+        :yield: Iterator[IntegrationAsset]
+        """
+        inventory = self.fetch_aws_data_if_needed(region, aws_access_key_id, aws_secret_access_key, aws_session_token)
+        # Process each asset type using the corresponding parser
+        asset_configs = self.get_asset_configs()
+        self.num_assets_to_process = 0
+        for section_key, asset_type, parser_method in asset_configs:
+            yield from self._process_inventory_section(inventory, section_key, asset_type, parser_method)
+    def parse_ec2_instance(self, instance: Dict[str, Any]) -> IntegrationAsset:
+        """Parse EC2 instance data into an IntegrationAsset.
+        :param Dict[str, Any] instance: The EC2 instance data
+        :return: The parsed IntegrationAsset
+        :rtype: IntegrationAsset
+        """
+        # Get instance name from tags
+        instance_name = next(
+            (tag["Value"] for tag in instance.get("Tags", []) if tag["Key"] == "Name"), instance.get("InstanceId", "")
+        )
+        name = instance_name
+        # Calculate total storage from block devices
+        total_storage = 0
+        for device in instance.get("BlockDeviceMappings", []):
+            if "Ebs" in device:
+                # Note: We need to add a call to describe_volumes to get actual size
+                total_storage += 8  # Default to 8 GB if size unknown
+        # Calculate RAM based on instance type
+        # This would need a mapping of instance types to RAM
+        ram = 16  # Default to 16 GB for c5.2xlarge
+        # Get CPU info
+        cpu_options = instance.get("CpuOptions", {})
+        cpu_count = int(cpu_options.get("CoreCount", 0) * cpu_options.get("ThreadsPerCore", 0))
+        # Determine if instance is public facing
+        is_public_facing = bool(instance.get("PublicIpAddress"))
+        # Get OS details from platform and image info
+        image_info = instance.get("ImageInfo", {})
+        image_name = image_info.get("Name", "").lower()
+        # Check for Palo Alto device first
+        if "pa-vm-aws" in image_name:
+            operating_system = regscale_models.AssetOperatingSystem.PaloAlto
+            # Also update the asset type to reflect it's a network security device
+            asset_type = regscale_models.AssetType.Appliance
+            asset_category = regscale_models.AssetCategory.Hardware
+            component_type = regscale_models.ComponentType.Hardware
+            component_names = ["Palo Alto Networks IDPS"]
+        elif instance.get("Platform") == "windows":
+            operating_system = regscale_models.AssetOperatingSystem.WindowsServer
+            asset_type = regscale_models.AssetType.VM
+            asset_category = regscale_models.AssetCategory.Hardware
+            component_type = regscale_models.ComponentType.Hardware
+            component_names = ["EC2 Instances"]
+        else:
+            operating_system = regscale_models.AssetOperatingSystem.Linux
+            asset_type = regscale_models.AssetType.VM
+            asset_category = regscale_models.AssetCategory.Hardware
+            component_type = regscale_models.ComponentType.Hardware
+            component_names = ["EC2 Instances"]
+        os_version = image_info.get("Description", "")
+        # Get FQDN - use public DNS name, private DNS name, or instance name
+        fqdn = (
+            instance.get("PublicDnsName")
+            or instance.get("PrivateDnsName")
+            or instance_name
+            or instance.get("InstanceId", "")
+        )
+        # Create description
+        description = f"{instance_name} - {instance.get('PlatformDetails', 'Linux')} instance running on {instance.get('InstanceType', '')} with {cpu_count} vCPUs and {ram}GB RAM"
+        # Build notes with additional details
+        notes = f"""Description: {description}
+AMI ID: {instance.get('ImageId', '')}
+AMI Description: {image_info.get('Description', '')}
+Architecture: {instance.get('Architecture', '')}
+Root Device Type: {image_info.get('RootDeviceType', '')}
+Virtualization: {image_info.get('VirtualizationType', '')}
+Instance Type: {instance.get('InstanceType', '')}
+vCPUs: {cpu_count}
+RAM: {ram}GB
+State: {instance.get('State')}
+Platform Details: {instance.get('PlatformDetails', 'Linux')}
+Private IP: {instance.get('PrivateIpAddress', 'N/A')}
+Public IP: {instance.get('PublicIpAddress', 'N/A')}
+VPC ID: {instance.get('VpcId', 'N/A')}
+Subnet ID: {instance.get('SubnetId', 'N/A')}"""
+        # Create URI for AWS Console link
+        uri = f"https://console.aws.amazon.com/ec2/v2/home?region={instance.get('Region', 'us-east-1')}#InstanceDetails:instanceId={instance.get('InstanceId', '')}"
+        return IntegrationAsset(
+            name=name,
+            identifier=instance.get("InstanceId", ""),
+            asset_type=asset_type,
+            asset_category=asset_category,
+            component_type=component_type,
+            component_names=component_names,
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            status=(
+                regscale_models.AssetStatus.Active
+                if instance.get("State") == "running"
+                else regscale_models.AssetStatus.Inactive
+            ),
+            ip_address=instance.get("PrivateIpAddress") or instance.get("PublicIpAddress", ""),
+            mac_address=None,  # Would need to get from network interfaces
+            fqdn=fqdn,
+            disk_storage=total_storage,
+            cpu=cpu_count,
+            ram=ram,
+            operating_system=operating_system,
+            os_version=os_version,
+            location=instance.get("Region", "us-east-1"),
+            notes=notes,
+            model=instance.get("InstanceType"),
+            manufacturer="AWS",
+            is_public_facing=is_public_facing,
+            aws_identifier=instance.get("InstanceId"),
+            vlan_id=instance.get("SubnetId"),
+            uri=uri,
+            source_data=instance,
+            description=description,
+            is_virtual=True,  # EC2 instances are always virtual
+        )
+    def parse_lambda_function(self, function: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse Lambda function data into RegScale asset format.
+        :param Dict[str, Any] function: Lambda function data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        name = function.get("FunctionName", "")
+        notes: str = ""  # Initialize notes with type hint
+        # Handle description - only slice if it's a string
+        description = function.get("Description")
+        if isinstance(description, str) and description:
+            # Move description to notes instead
+            notes = f"Description: {description}\n{notes}"
+        # Create full description
+        full_description = f"AWS Lambda function {function.get('FunctionName', '')} running {function.get('Runtime', 'unknown runtime')} with {function.get('MemorySize', 0)}MB memory"
+        if isinstance(description, str) and description:
+            full_description += f"\nFunction description: {description}"
+        # Build notes with additional details
+        notes = f"""Function Name: {function.get('FunctionName', '')}
+Runtime: {function.get('Runtime', 'unknown')}
+Memory Size: {function.get('MemorySize', 0)} MB
+Timeout: {function.get('Timeout', 0)} seconds
+Handler: {function.get('Handler', '')}
+Description: {description if isinstance(description, str) else ''}"""
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=str(function.get("FunctionName", "")),
+            asset_type=regscale_models.AssetType.Other,
+            asset_category=regscale_models.AssetCategory.Software,
+            component_type=regscale_models.ComponentType.Software,
+            component_names=["Lambda Functions"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Status and location
+            status=regscale_models.AssetStatus.Active,  # Lambda functions are always available
+            location=function.get("Region"),
+            # Software details
+            software_name=function.get("Runtime"),
+            software_version=function.get("Runtime", "").split(".")[-1] if function.get("Runtime") else None,
+            ram=function.get("MemorySize"),
+            # Cloud identifiers
+            external_id=function.get("FunctionName"),
+            aws_identifier=function.get("FunctionArn"),
+            uri=function.get("FunctionUrl"),
+            # Additional metadata
+            manufacturer="AWS",
+            source_data=function,
+            notes=notes,
+            description=full_description,
+            is_virtual=True,  # Lambda functions are serverless/virtual
+        )
+    def parse_aws_account(self, iam: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse IAM data to an AWS Account RegScale asset.
+        :param Dict[str, Any] iam: iam data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        def get_aws_account_id(arn: str) -> str:
+            """
+            Get the AWS account ID from an ARN.
+            :param str arn: The ARN to extract the account ID from
+            :return: The AWS account ID
+            :rtype: str
+            """
+            return arn.split(":")[4]
+        name = get_aws_account_id(iam.get("Arn", ""))
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=f"AWS::::Account:{name}",
+            asset_type=regscale_models.AssetType.Other,
+            asset_category=regscale_models.AssetCategory.Hardware,
+            component_type=regscale_models.ComponentType.Software,
+            component_names=["AWS Account"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Status and location
+            status=regscale_models.AssetStatus.Active,
+            location="Unknown",
+            # Cloud identifiers
+            external_id=name,
+            aws_identifier=f"AWS::::Account:{name}",
+            # Additional metadata
+            manufacturer="AWS",
+            source_data=iam,
+        )
+    def parse_s3_bucket(self, bucket: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse S3 bucket data into RegScale asset format.
+        :param Dict[str, Any] bucket: S3 bucket data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        name = bucket.get("Name", "")
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=str(bucket.get("Name", "")),
+            asset_type=regscale_models.AssetType.Other,
+            asset_category=regscale_models.AssetCategory.Hardware,
+            component_type=regscale_models.ComponentType.Hardware,
+            component_names=["S3 Buckets"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Status and location
+            status=regscale_models.AssetStatus.Active,
+            location=bucket.get("Region"),
+            # Cloud identifiers
+            external_id=bucket.get("Name"),
+            aws_identifier=f"arn:aws:s3:::{bucket.get('Name')}",
+            uri=f"https://{bucket.get('Name')}.s3.amazonaws.com",
+            # Additional metadata
+            manufacturer="AWS",
+            is_public_facing=any(
+                grant.get("Grantee", {}).get("URI") == "http://acs.amazonaws.com/groups/global/AllUsers"
+                for grant in bucket.get("Grants", [])
+            ),
+            source_data=bucket,
+        )
+    def parse_rds_instance(self, db: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse RDS instance data into RegScale asset format.
+        :param Dict[str, Any] db: RDS instance data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        name = db.get("DBInstanceIdentifier", "")
+        if db.get("EngineVersion"):
+            name += f" {db.get('EngineVersion')}"
+        name += f") - {db.get('DBInstanceClass', '')}"
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=str(db.get("DBInstanceIdentifier", "")),
+            asset_type=regscale_models.AssetType.VM,
+            asset_category=regscale_models.AssetCategory.Hardware,
+            component_type=regscale_models.ComponentType.Hardware,
+            component_names=["RDS Instances"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Network information
+            fqdn=db.get("Endpoint", {}).get("Address"),
+            vlan_id=db.get("VpcId"),
+            # Status and location
+            status=(
+                regscale_models.AssetStatus.Active
+                if db.get("DBInstanceStatus") == "available"
+                else regscale_models.AssetStatus.Inactive
+            ),
+            location=db.get("AvailabilityZone"),
+            # Hardware details
+            model=db.get("DBInstanceClass"),
+            manufacturer="AWS",
+            disk_storage=db.get("AllocatedStorage"),
+            # Software details
+            software_name=db.get("Engine"),
+            software_version=db.get("EngineVersion"),
+            # Cloud identifiers
+            external_id=db.get("DBInstanceIdentifier"),
+            aws_identifier=db.get("DBInstanceArn"),
+            # Additional metadata
+            is_public_facing=db.get("PubliclyAccessible", False),
+            source_data=db,
+        )
+    def parse_dynamodb_table(self, table: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse DynamoDB table data into RegScale asset format.
+        :param Dict[str, Any] table: DynamoDB table data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        name = table.get("TableName", "")
+        if table.get("TableStatus"):
+            name += f" ({table.get('TableStatus')})"
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=str(table.get("TableName", "")),
+            asset_type=regscale_models.AssetType.Other,
+            asset_category=regscale_models.AssetCategory.Software,
+            component_type=regscale_models.ComponentType.Software,
+            component_names=["DynamoDB Tables"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Status and location
+            status=(
+                regscale_models.AssetStatus.Active
+                if table.get("TableStatus") == "ACTIVE"
+                else regscale_models.AssetStatus.Inactive
+            ),
+            location=table.get("Region"),
+            # Hardware details
+            disk_storage=table.get("TableSizeBytes"),
+            # Cloud identifiers
+            external_id=table.get("TableName"),
+            aws_identifier=table.get("TableArn"),
+            # Additional metadata
+            manufacturer="AWS",
+            source_data=table,
+        )
+    def parse_vpc(self, vpc: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse VPC data into RegScale asset format.
+        :param Dict[str, Any] vpc: VPC data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        # Get VPC name from tags
+        name = next((tag["Value"] for tag in vpc.get("Tags", []) if tag["Key"] == "Name"), vpc.get("VpcId", ""))
+        notes: str = ""  # Initialize notes with type hint
+        if vpc.get("IsDefault"):
+            notes = "Default VPC\n" + notes
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=str(vpc.get("VpcId", "")),
+            asset_type=regscale_models.AssetType.NetworkRouter,
+            asset_category=regscale_models.AssetCategory.Hardware,
+            component_type=regscale_models.ComponentType.Hardware,
+            component_names=["VPCs"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Status and location
+            status=(
+                regscale_models.AssetStatus.Active
+                if vpc.get("State") == "available"
+                else regscale_models.AssetStatus.Inactive
+            ),
+            location=vpc.get("Region"),
+            # Network information
+            vlan_id=vpc.get("VpcId"),
+            # Cloud identifiers
+            external_id=vpc.get("VpcId"),
+            aws_identifier=vpc.get("VpcId"),
+            # Additional metadata
+            manufacturer="AWS",
+            notes=f"CIDR: {vpc.get('CidrBlock')}",
+            source_data=vpc,
+        )
+    def parse_load_balancer(self, lb: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse Load Balancer data into RegScale asset format.
+        :param Dict[str, Any] lb: Load Balancer data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        name = lb.get("LoadBalancerName", "")
+        notes: str = ""  # Initialize notes with type hint
+        if lb.get("Scheme"):
+            notes = f"Scheme: {lb.get('Scheme')}\n{notes}"
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=str(lb.get("LoadBalancerName", "")),
+            asset_type=regscale_models.AssetType.NetworkRouter,
+            asset_category=regscale_models.AssetCategory.Hardware,
+            component_type=regscale_models.ComponentType.Hardware,
+            component_names=["Load Balancers"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Network information
+            fqdn=lb.get("DNSName"),
+            vlan_id=lb.get("VpcId"),
+            # Status and location
+            status=(
+                regscale_models.AssetStatus.Active
+                if lb.get("State") == "active"
+                else regscale_models.AssetStatus.Inactive
+            ),
+            location=lb.get("Region"),
+            # Cloud identifiers
+            external_id=lb.get("LoadBalancerName"),
+            aws_identifier=lb.get("LoadBalancerArn"),
+            # Additional metadata
+            manufacturer="AWS",
+            is_public_facing=lb.get("Scheme") == "internet-facing",
+            source_data=lb,
+            # Ports and protocols
+            ports_and_protocols=[
+                {"port": listener.get("Port"), "protocol": listener.get("Protocol")}
+                for listener in lb.get("Listeners", [])
+            ],
+        )
+    def parse_ecr_repository(self, repo: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse ECR repository data into RegScale asset format.
+        :param Dict[str, Any] repo: ECR repository data
+        :return: RegScale asset
+        :rtype: IntegrationAsset
+        """
+        name = repo.get("RepositoryName", "")
+        notes: str = ""  # Initialize notes with type hint
+        if repo.get("ImageTagMutability"):
+            notes = f"Image Tag Mutability: {repo.get('ImageTagMutability')}\n{notes}"
+        if repo.get("ImageScanningConfiguration", {}).get("ScanOnPush"):
+            notes = "Scan on Push enabled\n" + notes
+        return IntegrationAsset(
+            # Required fields
+            name=name,
+            identifier=str(repo.get("RepositoryName", "")),
+            asset_type=regscale_models.AssetType.Other,
+            asset_category=regscale_models.AssetCategory.Software,
+            component_type=regscale_models.ComponentType.Software,
+            component_names=["ECR Repositories"],
+            # Parent information
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            # Status and location
+            status=regscale_models.AssetStatus.Active,
+            location=repo.get("Region"),
+            # Cloud identifiers
+            external_id=repo.get("RepositoryName"),
+            aws_identifier=repo.get("RepositoryArn"),
+            uri=repo.get("RepositoryUri"),
+            # Additional metadata
+            manufacturer="AWS",
+            source_data=repo,
+        )
+    def fetch_findings(self, *args, **kwargs) -> Iterator[IntegrationFinding]:
+        """
+        Fetch security findings.
+        Currently, we're only doing inventory collection.
+        :yield: Iterator[IntegrationFinding]
+        """
+        import boto3
+        from regscale.integrations.commercial.amazon.common import fetch_aws_findings
+        aws_secret_key_id = kwargs.get("aws_access_key_id") or os.getenv("AWS_ACCESS_KEY_ID")
+        aws_secret_access_key = kwargs.get("aws_secret_access_key") or os.getenv("AWS_SECRET_ACCESS_KEY")
+        region = kwargs.get("region")
+        if not aws_secret_key_id or not aws_secret_access_key:
+            raise ValueError(
+                "AWS Access Key ID and Secret Access Key are required.\nPlease update in environment "
+                "variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) or pass as arguments."
+            )
+        if not region:
+            logger.warning("AWS region not provided. Defaulting to 'us-east-1'.")
+        client = boto3.client(
+            "securityhub",
+            region_name=kwargs.get(region, "us-east-1"),
+            aws_access_key_id=aws_secret_key_id,
+            aws_secret_access_key=aws_secret_access_key,
+        )
+        aws_findings = fetch_aws_findings(aws_client=client)
+        self.num_findings_to_process = len(aws_findings)
+        for finding in aws_findings:
+            yield from iter(self.parse_finding(finding))
+    @staticmethod
+    def get_baseline(resource: dict) -> str:
+        """
+        Get Baseline
+        :param dict resource: AWS Resource
+        :return: AWS Baseline string
+        :rtype: str
+        """
+        baseline = resource.get("Type", "")
+        baseline_map = {
+            "AwsAccount": "AWS Account",
+            "AwsS3Bucket": "S3 Bucket",
+            "AwsIamRole": "IAM Role",
+            "AwsEc2Instance": "EC2 Instance",
+        }
+        return baseline_map.get(baseline, baseline)
+    @staticmethod
+    def extract_name_from_arn(arn: str) -> Optional[str]:
+        """
+        Extract the name from an ARN.
+        :param str arn: The ARN to extract the name from
+        :return: The extracted name, or None if not found
+        :rtype: Optional[str]
+        """
+        # Get the last part after the last '/'
+        try:
+            return arn.split("/")[-1]
+        except IndexError:
+            # For ARNs without '/', try getting the last part after ':'
+            try:
+                return arn.split(":")[-1]
+            except IndexError:
+                return None
+    def parse_finding(self, finding: dict) -> list[IntegrationFinding]:
+        """
+        Parse AWS Security Hub to RegScale IntegrationFinding format.
+        :param dict finding: AWS Security Hub finding
+        :return: RegScale IntegrationFinding
+        :rtype: list[IntegrationFinding]
+        """
+        findings = []
+        try:
+            for resource in finding["Resources"]:
+                status, results = determine_status_and_results(finding)
+                comments = get_comments(finding)
+                severity = check_finding_severity(comments)
+                friendly_sev = "low"
+                if severity in ["CRITICAL", "HIGH"]:
+                    friendly_sev = "high"
+                elif severity in ["MEDIUM", "MODERATE"]:
+                    friendly_sev = "moderate"
+                try:
+                    days = self.app.config["issues"]["amazon"][friendly_sev]
+                except KeyError:
+                    logger.warning("Invalid severity level: %s, defaulting to 30 day due date", severity)
+                    days = 30
+                due_date = datetime_str(get_due_date(date_str(finding["CreatedAt"]), days))
+                plugin_name = next(iter(finding.get("Types", [])))
+                findings.append(
+                    IntegrationFinding(
+                        asset_identifier=self.extract_name_from_arn(resource["Id"]),
+                        external_id=self.extract_name_from_arn(resource["Id"]),
+                        control_labels=[],  # Determine how to populate this
+                        title=finding["Title"],
+                        category="SecurityHub",
+                        issue_title=finding["Title"],
+                        severity=self.finding_severity_map.get(severity),
+                        description=finding["Description"],
+                        status=IssueStatus.Open if status == "Fail" else IssueStatus.Closed,
+                        checklist_status=self.get_checklist_status(status),
+                        vulnerability_number="",
+                        results=results,
+                        recommendation_for_mitigation=finding.get("Remediation", {})
+                        .get("Recommendation", {})
+                        .get("Text", ""),
+                        comments=comments,
+                        poam_comments=comments,
+                        date_created=date_str(finding["CreatedAt"]),
+                        due_date=due_date,
+                        plugin_name=plugin_name,
+                        baseline=self.get_baseline(resource),
+                        observations=comments,
+                        gaps="",
+                        evidence="",
+                        impact="",
+                        vulnerability_type="Vulnerability Scan",
+                    )
+                )
+        except Exception as e:
+            logger.error(f"Error parsing AWS Security Hub finding: {str(e)}", exc_info=True)
+        return findings