Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement/Azure Improvements (Storage Accounts & Security Centre) #505

Closed
wants to merge 6 commits into from
Closed

Enhancement/Azure Improvements (Storage Accounts & Security Centre) #505

wants to merge 6 commits into from

Conversation

JJmako
Copy link
Contributor

@JJmako JJmako commented Aug 20, 2019

No description provided.

@JJmako JJmako requested a review from x4v13r64 August 20, 2019 11:14
@x4v13r64
Merge branch 'develop' into enhancement/new-rules
de1c5e4 
# Conflicts:
#	ScoutSuite/providers/azure/resources/storageaccounts/base.py
#	ScoutSuite/providers/azure/rules/findings/storageaccount-default-network-access.json
x4v13r64
x4v13r64 reviewed Aug 21, 2019
View reviewed changes
ScoutSuite/providers/azure/facade/securitycenter.py
async def get_information_protection_policies(self):
try:
return await run_concurrently(
lambda: list(self._client.information_protection_policies.list())
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm getting a securitycenter.py L40: Failed to retrieve information protection policies: list() missing 1 required positional argument: 'scope' error.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't have that error on my code. Maybe is fixed now, can you check please?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nope, and it's in the code https://github.com/Azure/azure-sdk-for-python/blob/ccd73c15088f969b8adaaf10f26faf00387405d8/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_information_protection_policies_operations.py#L170 so maybe you're not running latest version of the sdk?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

opened an issue - Azure/azure-sdk-for-python#7687

x4v13r64
x4v13r64 reviewed Aug 21, 2019
View reviewed changes
ScoutSuite/providers/azure/rules/rulesets/default.json
@@ -206,6 +206,18 @@
"enabled": true,
"level": "warning"
}
],
"storageaccount-trusted-microsoft-services-enabled.json": [
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this rule is there twice?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok this is now fixed. I think I mixed some code

@x4v13r64
Copy link
Collaborator

Reviewed this PR and left some comments.

Looks like there's some mixed code coming from #498, next time please be wary of this as it makes it harder to review changes!

@x4v13r64 x4v13r64 changed the title Enhancement/new rules Enhancement/Azure Improvements (Storage Accounts & Security Centre) Aug 21, 2019
@codecov-io
Copy link

codecov-io commented Aug 21, 2019
edited

Codecov Report

Merging #505 into develop will decrease coverage by 0.01%.
The diff coverage is 34.61%.

Impacted file tree graph

@@            Coverage Diff             @@
##           develop    #505      +/-   ##
==========================================
- Coverage    33.52%   33.5%   -0.02%     
==========================================
  Files          270     273       +3     
  Lines         8177    8247      +70     
==========================================
+ Hits          2741    2763      +22     
- Misses        5436    5484      +48
Impacted Files Coverage Δ
.../providers/azure/resources/storageaccounts/base.py 31.42% <0%> (ø) ⬆️
...Suite/providers/azure/resources/graphrbac/users.py 16% <0%> (-0.67%) ⬇️
...e/providers/azure/resources/securitycenter/base.py 90% <100%> (+2.5%) ⬆️
ScoutSuite/providers/azure/facade/graphrbac.py 38.88% <16.66%> (-11.12%) ⬇️
...coutSuite/providers/azure/facade/securitycenter.py 27.77% <16.66%> (-5.56%) ⬇️
.../securitycenter/information_protection_policies.py 44.44% <44.44%> (ø)
...uite/providers/azure/resources/graphrbac/groups.py 44.44% <44.44%> (ø)
...oviders/azure/resources/securitycenter/settings.py 44.44% <44.44%> (ø)
...tSuite/providers/azure/resources/graphrbac/base.py 85.71% <50%> (+2.38%) ⬆️
.../providers/base/authentication_strategy_factory.py 56.25% <0%> (-31.25%) ⬇️
... and 5 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7116810...8c6150d. Read the comment docs.

@JJmako JJmako requested a review from x4v13r64 September 3, 2019 09:43
@x4v13r64 x4v13r64 mentioned this pull request Oct 7, 2019
Merged
4 tasks
@x4v13r64
Copy link
Collaborator

x4v13r64 commented Oct 7, 2019

Closing, code is now in #539.

@x4v13r64 x4v13r64 closed this Oct 7, 2019
@x4v13r64
Copy link
Collaborator

x4v13r64 commented Oct 7, 2019

Closing, code is now in #539.

@x4v13r64 x4v13r64 deleted the enhancement/new-rules branch October 7, 2019 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@x4v13r64 x4v13r64 Awaiting requested review from x4v13r64

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@JJmako @x4v13r64 @codecov-io