Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ec2): include resource metadata in Check_Report #6440

Merged
merged 7 commits into from
Jan 13, 2025
Merged

feat(ec2): include resource metadata in Check_Report #6440

merged 7 commits into from
Jan 13, 2025

Conversation

MrCloudSec
Copy link
Member

Context

This PR refactors the Check_Report and Check_Report_AWS classes to dynamically handle resource_metadata. For now, the changes are applied only to the EC2 service, allowing EC2-specific details to be included in the data field of the OCSF output. This improves the context of findings for EC2 resources while maintaining flexibility for future expansion to other services.

Description

  • Added resource_metadata to Check_Report: Dynamically extracts attributes from the EC2 metadata object and serializes them into a dictionary.
  • Updated Check_Report_AWS: Automatically populates resource_id, resource_arn, and region for EC2 findings using resource_metadata.
  • Improved OCSF Output: Includes resource_metadata in the data field under metadata, providing enriched context for EC2 findings.
  • Initialization Updates: EC2 Check_Report_AWS instances now require resource_metadata as part of their initialization to ensure consistent data handling.

Checklist

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@MrCloudSec MrCloudSec requested review from a team as code owners January 9, 2025 21:03
@github-actions github-actions bot added provider/aws Issues/PRs related with the AWS provider output/ocsf Issues/PRs related with the OCSF output format labels Jan 9, 2025
@codecov Codecov
Copy link

codecov bot commented Jan 9, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 90.06%. Comparing base (901bc69) to head (e0b0f28).
Report is 21 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #6440      +/-   ##
==========================================
- Coverage   93.78%   90.06%   -3.73%     
==========================================
  Files          65     1182    +1117     
  Lines        6211    36081   +29870     
==========================================
+ Hits         5825    32495   +26670     
- Misses        386     3586    +3200
Flag Coverage Δ
api ?
prowler 90.06% <100.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
prowler 90.06% <94.54%> (∅)
api ∅ <ø> (∅)

jfagoagas
jfagoagas requested changes Jan 10, 2025
View reviewed changes
Copy link
Member

@jfagoagas jfagoagas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's great @MrCloudSec 👏

Please review my comments when you get a chance and leave all the outputs commented until we have all checks changed. Thanks!

prowler/lib/outputs/common.py Outdated Show resolved Hide resolved
prowler/lib/outputs/finding.py Outdated Show resolved Hide resolved
prowler/lib/outputs/ocsf/ocsf.py Outdated Show resolved Hide resolved
prowler/lib/check/models.py Outdated Show resolved Hide resolved
...oviders/aws/services/datasync/datasync_task_logging_enabled/datasync_task_logging_enabled.py Outdated Show resolved Hide resolved
...ws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard.py Outdated Show resolved Hide resolved
...transitgateway_auto_accept_vpc_attachments/ec2_transitgateway_auto_accept_vpc_attachments.py Outdated Show resolved Hide resolved
...er/providers/aws/services/rds/rds_instance_no_public_access/rds_instance_no_public_access.py Outdated Show resolved Hide resolved
tests/lib/outputs/ocsf/ocsf_test.py Outdated Show resolved Hide resolved
...dpoint_connection_logging_enabled/ec2_client_vpn_endpoint_connection_logging_enabled_test.py Show resolved Hide resolved
jfagoagas
jfagoagas previously approved these changes Jan 10, 2025
View reviewed changes
jfagoagas
jfagoagas previously approved these changes Jan 10, 2025
View reviewed changes
@MrCloudSec MrCloudSec requested a review from jfagoagas January 10, 2025 16:55
@jfagoagas jfagoagas changed the title feat(ec2): include resource metadata in Check_Report and OCSF output feat(ec2): include resource metadata in Check_Report Jan 13, 2025
@jfagoagas jfagoagas merged commit 15e888a into master Jan 13, 2025
10 of 11 checks passed
@jfagoagas jfagoagas deleted the PRWLR-5883-add-resource-metadata-in-ec-2-service branch January 13, 2025 07:19
@HugoPBrito HugoPBrito mentioned this pull request Jan 14, 2025
Merged
3 tasks
@puchy22 puchy22 mentioned this pull request Jan 14, 2025
Merged
3 tasks
This was referenced Jan 15, 2025
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jfagoagas jfagoagas jfagoagas approved these changes

Assignees
No one assigned
Labels
output/ocsf Issues/PRs related with the OCSF output format provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MrCloudSec @jfagoagas