-
Notifications
You must be signed in to change notification settings - Fork 672
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Amazon Linux Scap Content #7034
Comments
This is probably developed by some other fork of this project and they haven't contributed back any of this work to upstream. The official ComplianceAsCode project has never had any Amazon Linux 2 content so far. So, I'm afraid we can't do much about it. I've had this conversation in the past regarding content for Amazon Linux 2. It might interest you if you want to take this effort and propose contents for Amazon Linux 2. |
Any idea id there is any plans for the official ComplianceAsCode project to have the Amazon linux 2 varient of checks |
We don't have any plans to add Amazon Linux content to the project at this moment. This would probably need to be driven by amazon itself or anyone else willing to contribute this new product to the project. The content itself should be applicable for most of the cases, it's just a matter of creating the new product and making sure that rules are applicable to the new product. |
Is there some documentation or a previous PR i could look at if i was considering to contribute this feature? |
there is someone adding a new product at this moment: #8566 you can base the work on this PR |
This documentation is also helpful: https://complianceascode.readthedocs.io/en/latest/manual/developer/03_creating_content.html#creating-a-new-product |
Again, there is the official documentation and a fresh PR that introduced a new product to the project that could be used as a template: Feel free to propose a new product. @marcusburghardt I would consider closing this ticket due to inactivity. |
I agree. |
Description of problem:
I'm trying to make sense of this. Amazon Linux 2 STIG / Scap content exists when you install scap-security-guide from the host, but does not exist in the release package on this Git project.
If you use an amazon linux machine and perform:
yum install scap-security-guide -y
You will see scap content for Amazon Linux in
/usr/share/xml/scap/ssg/content
:ssg-amzn2-ds.xml
ssg-amzn2-xccdf.xml
SCAP Security Guide Version:
scap-security-guide-0.1.40-12.amzn2.0.1.1.noarch
Operating System Version:
Amazon Linux 2 - 4.14.225-169.362.amzn2.x86_64
Steps to Reproduce:
-rw-r--r--. 1 root root 16894799 Apr 19 2019 ssg-amzn2-ds.xml
-rw-r--r--. 1 root root 4037917 Apr 19 2019 ssg-amzn2-xccdf.xml
4 wget https://github.com/ComplianceAsCode/content/releases/download/v0.1.55/scap-security-guide-0.1.55-oval-510.zip
Actual Results:
Packages ssg-amzn2-ds.xml and ssg-amzn2-xccdf.xml do not exist in the release.
Expected Results:
Packages ssg-amzn2-xccdf.xml and ssg-amzn2-ds.xml exist in the release when pulling via wget.
Additional Information/Debugging Steps:
What is also odd is if you do an oscap info on the package that is pulled down from amazon linux scap-security-guide it shows profiles:
Which seems to be incorrect.
The text was updated successfully, but these errors were encountered: