Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS new Categories #581

Merged
merged 4 commits into from
Mar 9, 2021
Merged

AWS new Categories #581

merged 4 commits into from
Mar 9, 2021

Conversation

harkirat22
Copy link
Contributor

This PR includes:

  1. Updated Risk Categories, reference ids and file names for json for all AWS policies

@harkirat22 harkirat22 changed the title aws category and rule_ids change AWS new Categories Mar 4, 2021
@gaurav-gogia gaurav-gogia self-requested a review March 5, 2021 18:53
@gaurav-gogia gaurav-gogia added the policy Issue concerning policy maintainers. label Mar 5, 2021
gaurav-gogia
gaurav-gogia suggested changes Mar 5, 2021
View reviewed changes
Copy link
Contributor

@gaurav-gogia gaurav-gogia left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, some changes are required. Please look into following logs for reference. Some issues may be due to tiny spelling or spacing error(s):

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_api_gateway_rest_api
MEDIUM -------- MEDIUM
AC-AW-IS-AP-M-0010 -------- AC-AW-IS-AP-M-0010
Infrastructure Security -------- Infrastructure Security

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_cloudfront_distribution
Medium -------- LOW
AC-AW-IS-CD-M-0026 -------- AC-AW-IS-CD-L-0026
Infrastructure Security -------- Infrastructure Security

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_cloudfront_distribution
Medium -------- Medium
AC-AW-IS-CD-M-1186 -------- AC-AW-IS-CD-M-0032
Infrastructure Security -------- Infrastructure Security

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_ecs_task_definition
HIGH -------- HIGH
AC-AW-DP-EK-H-0088 -------- AC-AW-DP-EK-H-0094
Data Protection -------- Data Protection

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_elasticsearch_domain
MEDIUM -------- HIGH
AC-AW-DP-ED-H-0109 -------- AC-AW-DP-ED-H-0109
Data Protection -------- Data Protection

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_account_password_policy
MEDIUM -------- Low
AC-AW-CV-IA-L-0127 -------- AC-AW-CV-IA-L-0127
Compliance Validation -------- Compliance Validation

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_account_password_policy
MEDIUM -------- MEDIUM
AAC-AW-CV-IA-M-0130 -------- AC-AW-CV-IA-M-0130
Compliance Validation -------- Compliance Validation

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_account_password_policy
LOW -------- LOW
AC-AW-CV-IA-M-0131 -------- AC-AW-CV-IA-L-0131
Compliance Validation -------- Compliance Validation

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_group_policy
HIGH -------- HIGH
AC-AW-IA-H-0136 -------- AC-AW-IA-IG-H-0136
Identity and Access Management -------- Identity and Access Management

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_role
HIGH -------- HIGH
AC-AW-IA-H-0139 -------- AC-AW-IA-IR-H-0139
Identity and Access Management -------- Identity and Access Management

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_role_policy
HIGH -------- HIGH
AC-AW-IA-H-0140 -------- AC-AW-IA-IP-H-0140
Identity and Access Management -------- Identity and Access Management

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_kms_key
HIGH -------- HIGH
AC-AW-RE-KK-H-0152 -------- AC-AW-RE-KK-H-0152
Resilence -------- Resilience

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_launch_configuration
HIGH -------- HIGH
AAC-AW-DP-LC-H-0162 -------- AC-AW-DP-LC-H-0162
Data Protection -------- Data Protection

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_launch_configuration
HIGH -------- HIGH
AAC-AW-DP-LC-H-0163 -------- AC-AW-DP-LC-H-0163
Data Protection -------- Data Protection

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_security_group
HIGH -------- Low
AC-AW-IS-SG-L-0312 -------- AC-AW-IS-SG-L-0312
Infrastructure Security -------- Infrastructure Security

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_security_group
HIGH -------- HIGH
AC-AW-IS-SG-M-0220 -------- AC-AW-IS-SG-H-0220
Infrastructure Security -------- Infrastructure Security

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_security_group
MEDIUM -------- MEDIUM
AC-AW-IS-SG-M-0270 -------- AC-AW-IS-SG-M-0304
Infrastructure Security -------- Infrastructure Security

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_security_group
MEDIUM -------- MEDIUM
AC-AW-IS-SG-M-0284 -------- AC-AW-IS-SG-M-0286
Infrastructure Security -------- Infrastructure Security

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_vpc
MEDIUM -------- MEDIUM
AC-AW-SP-VP-M-0363 -------- AC-AW-SP-VP-M-0363
Logging and Monitoring -------- Security Best Practices

@codecov
Copy link

codecov bot commented Mar 5, 2021
edited
Loading

Codecov Report

Merging #581 (6bb7e59) into master (71a677f) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #581   +/-   ##
=======================================
  Coverage   77.65%   77.65%           
=======================================
  Files         102      102           
  Lines        2524     2524           
=======================================
  Hits         1960     1960           
  Misses        420      420           
  Partials      144      144

gaurav-gogia
gaurav-gogia suggested changes Mar 6, 2021
View reviewed changes
Copy link
Contributor

@gaurav-gogia gaurav-gogia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a couple more changes are required:

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_account_password_policy
MEDIUM -------- MEDIUM
AAC-AW-CV-IA-M-0130 -------- AC-AW-CV-IA-M-0130
Compliance Validation -------- Compliance Validation

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_iam_policy
HIGH -------- HIGH
AC-AW-IA-H-0137 -------- AC-AW-IA-IP-H-0137
Identity and Access Management -------- Identity and Access Management

/Users/gauravgogia/Desktop/terrascan/pkg/policies/opa/rego/aws/aws_security_group
MEDIUM -------- MEDIUM
AC-AW-IS-SG-M-0304 -------- AC-AW-IS-SG-M-0270
Infrastructure Security -------- Infrastructure Security

@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 6, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@devang-gaur devang-gaur merged commit cca6d2f into tenable:master Mar 9, 2021
kanchwala-yusuf pushed a commit to kanchwala-yusuf/terrascan that referenced this pull request Mar 9, 2021
Revert "AWS new Categories (tenable#581)"
8430587 
This reverts commit cca6d2f.
cesar-rodriguez pushed a commit that referenced this pull request Mar 9, 2021
@kanchwala-yusuf
Bugfix/revert policies (#602)
1752bb7 
* Revert "New Policies for Azure & Category Updates. (#580)"

This reverts commit 02d312e.

* Revert "Terrascan K8s New categories and ruleRef ID changes (#583)"

This reverts commit 6bdcf0c.

* Revert "Updating Rule reference Id's and Policy categories (#582)"

This reverts commit dbb5a91.

* Revert "AWS new Categories (#581)"

This reverts commit cca6d2f.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gaurav-gogia gaurav-gogia gaurav-gogia approved these changes

@devang-gaur devang-gaur devang-gaur approved these changes

Assignees

@harkirat22 harkirat22

Labels
policy Issue concerning policy maintainers.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@harkirat22 @devang-gaur @gaurav-gogia