v2.4.3

New filters! You can now filter by Impact keys using the option --mh-filters-impact (in addition to --mh-filters-tags, --mh-filters-config and security hub filters --sh-filters

Examples:

Filter all Security Findings affecting resources with exposure calculated as effectively-public: ./metahub --mh-filters-impact exposure=effectively-public

Filter all Security Findings affecting resources with status calculated as not-attached: ./metahub --mh-filters-impact status=not-attached

Other changes:

• Implement different ASFF fixing mechanisms, as some sources are not correctly generating the outputs. For example, fixing Region when it is not present and fixing Resource Type when it is incorrect.
• Some improvements in error handling
• For some time already, AWS Security Hub has added Tags to the affected resources 🥳 The code will check if the Tags are present as part of the Resources Details, and avoid fetching the API if they are already there.
• New Resource Type: Container, for now, we check if there is a policy attached
• Improved README with examples on how to use MetaHub with PowerPipe, Trivy, and Prowler
• Code quality and improvements

What's Changed

• Implement different ASFF fixing mechanisms and other improvements by @gabrielsoltz in #88
• Bump black from 24.2.0 to 24.3.0 by @dependabot in #91
• Bump boto3 from 1.34.59 to 1.34.65 by @dependabot in #90
• code-improvements by @gabrielsoltz in #92
• New Impact Filters (--mh-filters-impact) by @gabrielsoltz in #93

Full Changelog: v2.4.2...v2.4.3