runbooks 0.7.9__py3-none-any.whl → 0.9.1__py3-none-any.whl

runbooks/security/report_generator.py

@@ -5,7 +5,6 @@ from string import Template
 
 from jinja2 import Template
 
-from runbooks.utils.logger import configure_logger
 from runbooks.common.rich_utils import (
     console,
     create_panel,
@@ -14,6 +13,7 @@ from runbooks.common.rich_utils import (
     print_success,
     print_warning,
 )
+from runbooks.utils.logger import configure_logger
 
 from .utils import language, level_const
 

runbooks/security/run_script.py

@@ -15,7 +15,6 @@ Compatible with both local (via pip or Docker) and AWS Lambda environments.
 import argparse
 import sys
 
-from runbooks.utils.logger import configure_logger
 from runbooks.common.rich_utils import (
     console,
     create_panel,
@@ -24,6 +23,7 @@ from runbooks.common.rich_utils import (
     print_success,
     print_warning,
 )
+from runbooks.utils.logger import configure_logger
 
 from .security_baseline_tester import SecurityBaselineTester
 
@@ -79,15 +79,11 @@ def main():
 [green]Configuration:[/green]
   [cyan]AWS Profile:[/cyan] {args.profile}
   [cyan]Language:[/cyan] {args.language}
-  [cyan]Output Directory:[/cyan] {args.output or './results'}
+  [cyan]Output Directory:[/cyan] {args.output or "./results"}
   
 [dim]Starting comprehensive security assessment...[/dim]"""
 
-        console.print(create_panel(
-            startup_info,
-            title="🔒 Security Baseline Tester",
-            border_style="cyan"
-        ))
+        console.print(create_panel(startup_info, title="🔒 Security Baseline Tester", border_style="cyan"))
 
         print_info("Initializing AWS Security Baseline Tester...")
         print_info(f"Using AWS profile: {args.profile}")
@@ -99,7 +95,7 @@ def main():
         tester.run()
 
         print_success("AWS Security Baseline testing completed successfully!")
-        
+
     except Exception as e:
         print_error(f"An unexpected error occurred: {e}", exception=e)
         logger.error(f"An unexpected error occurred: {e}", exc_info=True)

runbooks/security/security_baseline_tester.py

@@ -10,6 +10,7 @@ from typing import Any, Dict, List, Optional
 import boto3
 import botocore
 
+from runbooks.common.profile_utils import create_management_session
 from runbooks.common.rich_utils import (
     STATUS_INDICATORS,
     console,
@@ -46,9 +47,8 @@ class SecurityBaselineTester:
         self.translator = language.get_translator("main", lang_code)
 
     def _create_session(self):
-        if self.profile == "default":
-            return boto3.Session()
-        return boto3.Session(profile_name=self.profile)
+        # Use enterprise profile management for security operations (management profile for cross-account)
+        return create_management_session(profile=self.profile)
 
     def _load_config(self):
         ## Get the absolute directory where *this script* is located
@@ -70,13 +70,15 @@ class SecurityBaselineTester:
         """Execute the security baseline assessment with Rich CLI output."""
         try:
             # Print security assessment header
-            console.print(create_panel(
-                "[bold cyan]AWS Security Baseline Assessment[/bold cyan]\n\n"
-                f"[dim]Profile: {self.profile} | Language: {self.language}[/dim]",
-                title="🛡️ Starting Security Assessment",
-                border_style="cyan"
-            ))
-            
+            console.print(
+                create_panel(
+                    "[bold cyan]AWS Security Baseline Assessment[/bold cyan]\n\n"
+                    f"[dim]Profile: {self.profile} | Language: {self.language}[/dim]",
+                    title="🛡️ Starting Security Assessment",
+                    border_style="cyan",
+                )
+            )
+
             self._validate_session()
             caller_identity = self._get_caller_identity()
             self._print_auditor_info(caller_identity)
@@ -85,19 +87,16 @@ class SecurityBaselineTester:
 
             account_id, results = self._execute_tests()
             self._generate_report(account_id, results)
-            
+
             # Export results in multiple formats
             if self.export_formats:
                 print_info("Exporting security assessment results...")
                 self.exporter.export_security_results(
-                    account_id=account_id,
-                    results=results,
-                    language=self.language,
-                    formats=self.export_formats
+                    account_id=account_id, results=results, language=self.language, formats=self.export_formats
                 )
 
             print_success("Security baseline assessment completed successfully!")
-            
+
         except Exception as e:
             print_error(f"Security baseline test failed: {str(e)}", exception=e)
             logging.error(f"An error occurred during the security baseline test: {str(e)}", exc_info=True)
@@ -116,16 +115,13 @@ class SecurityBaselineTester:
 
     def _print_auditor_info(self, caller_identity):
         """Display auditor information with Rich formatting."""
-        auditor_info = f"""[bold cyan]User ID:[/bold cyan] {caller_identity['UserId']}
-[bold cyan]Account:[/bold cyan] {caller_identity['Account']}
-[bold cyan]ARN:[/bold cyan] {caller_identity['Arn']}"""
-        
-        console.print(create_panel(
-            auditor_info,
-            title="🔐 Security Assessment Context",
-            border_style="cyan",
-            padding=1
-        ))
+        auditor_info = f"""[bold cyan]User ID:[/bold cyan] {caller_identity["UserId"]}
+[bold cyan]Account:[/bold cyan] {caller_identity["Account"]}
+[bold cyan]ARN:[/bold cyan] {caller_identity["Arn"]}"""
+
+        console.print(
+            create_panel(auditor_info, title="🔐 Security Assessment Context", border_style="cyan", padding=1)
+        )
 
     def _execute_tests(self):
         iam_client = self.session.client("iam")
@@ -138,21 +134,20 @@ class SecurityBaselineTester:
         # Create progress bar for security checks
         checks = self.config.get("checks", [])
         total_checks = len(checks)
-        
+
         with create_progress_bar(description="Security Assessment") as progress:
             task = progress.add_task("Running security checks...", total=total_checks)
-            
+
             with ThreadPoolExecutor(max_workers=self.config.get("max_workers", 5)) as executor:
                 futures = {
-                    executor.submit(self._run_check, check_name, credential_report): check_name
-                    for check_name in checks
+                    executor.submit(self._run_check, check_name, credential_report): check_name for check_name in checks
                 }
 
                 results = {
                     level: [] for level in ["Success", "Warning", "Danger", "Error", "Info"] if isinstance(level, str)
                 }
                 completed_checks = 0
-                
+
                 for future in as_completed(futures):
                     result = future.result()
                     results[result.level].append(result)
@@ -172,9 +167,9 @@ class SecurityBaselineTester:
                 {"name": "Status", "style": "bold", "justify": "left"},
                 {"name": "Count", "style": "bold", "justify": "center"},
                 {"name": "Percentage", "style": "dim", "justify": "right"},
-            ]
+            ],
         )
-        
+
         # Calculate statistics
         for level in ["Danger", "Warning", "Success", "Info", "Error"]:
             count = len(results.get(level, []))
@@ -183,7 +178,7 @@ class SecurityBaselineTester:
                 percentage_str = f"{percentage:.1f}%"
             else:
                 percentage_str = "0%"
-                
+
             # Style based on level
             if level == "Danger":
                 status_text = f"🔴 {level}"
@@ -200,36 +195,32 @@ class SecurityBaselineTester:
             else:  # Error
                 status_text = f"❌ {level}"
                 style = "critical"
-                
+
             summary_table.add_row(status_text, str(count), percentage_str, style=style)
-        
+
         console.print(summary_table)
-        
+
         # Calculate overall security score
         total_issues = len(results.get("Danger", [])) + len(results.get("Warning", []))
         total_success = len(results.get("Success", []))
-        
+
         if total_checks > 0:
             security_score = (total_success / total_checks) * 100
             if security_score >= 90:
                 score_style = "success"
                 score_icon = "🛡️"
             elif security_score >= 75:
-                score_style = "warning" 
+                score_style = "warning"
                 score_icon = "⚠️"
             else:
                 score_style = "error"
                 score_icon = "🚨"
-                
+
             score_summary = f"""[bold {score_style}]{score_icon} Overall Security Score: {security_score:.1f}%[/bold {score_style}]
 
 [dim]Total Checks: {total_checks} | Issues Found: {total_issues} | Successful: {total_success}[/dim]"""
-        
-            console.print(create_panel(
-                score_summary,
-                title="Security Posture Assessment", 
-                border_style=score_style
-            ))
+
+            console.print(create_panel(score_summary, title="Security Posture Assessment", border_style=score_style))
 
     def _run_check(self, check_name, credential_report):
         # check_module = __import__(f"checklist.{check_name}", fromlist=[check_name])
@@ -331,10 +322,6 @@ class SecurityBaselineTester:
 
 [dim]Open the HTML report in your browser to view detailed findings.[/dim]"""
 
-        console.print(create_panel(
-            report_success,
-            title="📊 Report Generation Complete",
-            border_style="green"
-        ))
-        
+        console.print(create_panel(report_success, title="📊 Report Generation Complete", border_style="green"))
+
         print_success(f"HTML report saved to: {report_path}")