Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(output): handle --unix-timestamp flag #4079

Merged
merged 2 commits into from
May 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions prowler/lib/outputs/common_models.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
from datetime import datetime
from enum import Enum
from typing import Optional
from typing import Optional, Union

from pydantic import BaseModel

Expand Down Expand Up @@ -29,7 +29,7 @@ class FindingOutput(BaseModel):
"""

auth_method: str
timestamp: datetime
timestamp: Union[int, datetime]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a test creating a FindingOutput with the unix timestamp?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure!

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done ✅

account_uid: str
# Optional since depends on permissions
account_name: Optional[str]
Expand Down
181 changes: 181 additions & 0 deletions tests/lib/outputs/outputs_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
Compliance_Requirement,
)
from prowler.lib.check.models import Check_Report, load_check_metadata
from prowler.lib.outputs.common import generate_provider_output
from prowler.lib.outputs.common_models import FindingOutput
from prowler.lib.outputs.compliance.compliance import get_check_compliance
from prowler.lib.outputs.csv.csv import generate_csv_fields
Expand Down Expand Up @@ -743,3 +744,183 @@ def test_get_check_compliance_kubernetes(self):
"CIS-2.0": ["2.1.3"],
"CIS-2.1": ["2.1.3"],
}

def test_generate_provider_output(self):
provider = mock.MagicMock()
provider.type = "aws"
finding = mock.MagicMock()
finding.resource_id = "test"
finding.resource_arn = "test-arn"
finding.region = "eu-west-1"
finding.check_metadata = mock.MagicMock()
finding.check_metadata.CheckID = "iam_user_accesskey_unused"
csv_data = {
"resource_uid": "test",
"resource_arn": "test-arn",
"region": "eu-west-1",
"account_uid": "123456789012",
"auth_method": "test",
"resource_name": "test",
"timestamp": "2022-01-01T00:00:00Z",
"provider": "aws",
"check_id": "iam_user_accesskey_unused",
"check_title": "IAM User Access Key Unused",
"check_type": "config",
"status": "PASS",
"status_extended": "This is a test",
"service_name": "iam",
"subservice_name": "user",
"severity": "low",
"resource_type": "aws_iam_user",
"resource_details": "Test resource details",
"resource_tags": "",
"description": "IAM User Access Key Unused",
"risk": "if an access key is not used, it should be removed",
"related_url": "",
"remediation_recommendation_text": "Remove unused access keys",
"remediation_recommendation_url": "",
"remediation_code_nativeiac": "",
"remediation_code_terraform": "",
"remediation_code_cli": "",
"remediation_code_other": "",
"compliance": {
"CIS": ["2.1.3"],
"NIST-800-53-Revision-5": ["sc_28_1"],
},
"categories": "security",
"depends_on": "",
"related_to": "",
"notes": "",
"finding_uid": "test-finding",
}

assert generate_provider_output(provider, finding, csv_data) == FindingOutput(
auth_method="profile: test",
account_uid="123456789012",
timestamp="2022-01-01T00:00:00Z",
account_name=None,
account_email=None,
account_organization_uid=None,
account_organization_name=None,
account_tags=None,
finding_uid="prowler-aws-iam_user_accesskey_unused-123456789012-eu-west-1-test",
provider="aws",
check_id="iam_user_accesskey_unused",
check_title="IAM User Access Key Unused",
check_type="config",
status="PASS",
status_extended="This is a test",
service_name="iam",
subservice_name="user",
severity="low",
resource_type="aws_iam_user",
resource_uid="test-arn",
resource_name="test",
resource_tags="",
resource_details="Test resource details",
region="eu-west-1",
description="IAM User Access Key Unused",
risk="if an access key is not used, it should be removed",
related_url="",
remediation_recommendation_text="Remove unused access keys",
remediation_recommendation_url="",
remediation_code_nativeiac="",
remediation_code_terraform="",
remediation_code_cli="",
remediation_code_other="",
compliance={"CIS": ["2.1.3"], "NIST-800-53-Revision-5": ["sc_28_1"]},
categories="security",
depends_on="",
related_to="",
notes="",
)

def test_generate_provider_output_unix_timestamp(self):
provider = mock.MagicMock()
provider.type = "aws"
finding = mock.MagicMock()
finding.resource_id = "test"
finding.resource_arn = "test-arn"
finding.region = "eu-west-1"
finding.check_metadata = mock.MagicMock()
finding.check_metadata.CheckID = "iam_user_accesskey_unused"
csv_data = {
"resource_uid": "test",
"resource_arn": "test-arn",
"region": "eu-west-1",
"account_uid": "123456789012",
"auth_method": "test",
"resource_name": "test",
"timestamp": 1640995200,
"provider": "aws",
"check_id": "iam_user_accesskey_unused",
"check_title": "IAM User Access Key Unused",
"check_type": "config",
"status": "PASS",
"status_extended": "This is a test",
"service_name": "iam",
"subservice_name": "user",
"severity": "low",
"resource_type": "aws_iam_user",
"resource_details": "Test resource details",
"resource_tags": "",
"description": "IAM User Access Key Unused",
"risk": "if an access key is not used, it should be removed",
"related_url": "",
"remediation_recommendation_text": "Remove unused access keys",
"remediation_recommendation_url": "",
"remediation_code_nativeiac": "",
"remediation_code_terraform": "",
"remediation_code_cli": "",
"remediation_code_other": "",
"compliance": {
"CIS": ["2.1.3"],
"NIST-800-53-Revision-5": ["sc_28_1"],
},
"categories": "security",
"depends_on": "",
"related_to": "",
"notes": "",
"finding_uid": "test-finding",
}

assert generate_provider_output(provider, finding, csv_data) == FindingOutput(
auth_method="profile: test",
account_uid="123456789012",
timestamp=1640995200,
account_name=None,
account_email=None,
account_organization_uid=None,
account_organization_name=None,
account_tags=None,
finding_uid="prowler-aws-iam_user_accesskey_unused-123456789012-eu-west-1-test",
provider="aws",
check_id="iam_user_accesskey_unused",
check_title="IAM User Access Key Unused",
check_type="config",
status="PASS",
status_extended="This is a test",
service_name="iam",
subservice_name="user",
severity="low",
resource_type="aws_iam_user",
resource_uid="test-arn",
resource_name="test",
resource_tags="",
resource_details="Test resource details",
region="eu-west-1",
description="IAM User Access Key Unused",
risk="if an access key is not used, it should be removed",
related_url="",
remediation_recommendation_text="Remove unused access keys",
remediation_recommendation_url="",
remediation_code_nativeiac="",
remediation_code_terraform="",
remediation_code_cli="",
remediation_code_other="",
compliance={"CIS": ["2.1.3"], "NIST-800-53-Revision-5": ["sc_28_1"]},
categories="security",
depends_on="",
related_to="",
notes="",
)