feat: update queries

Mahanmmi · Mahanmmi · commit f51089ef2802 · 2024-10-18T19:03:06.000+04:00
diff --git a/compliance/controls/aws/aws_cis_v300_1_17.yaml b/compliance/controls/aws/aws_cis_v300_1_17.yaml
@@ -13,6 +13,8 @@ Query:
         'arn:' || a.partition || ':::' || a.account_id as resource,
         count(policy_arn),
         a.account_id,
+        a.kaytu_account_id as kaytu_account_id,
+        a.kaytu_resource_id as kaytu_resource_id,
         a._ctx
       from
         aws_account as a
@@ -24,12 +26,14 @@ Query:
       group by
         a.account_id,
         a.partition,
+        a.kaytu_account_id,
+        a.kaytu_resource_id,
         a._ctx
     )
     select
       resource,
-      a.kaytu_account_id as kaytu_account_id,
-      a.kaytu_resource_id as kaytu_resource_id,
+      kaytu_account_id as kaytu_account_id,
+      kaytu_resource_id as kaytu_resource_id,
       case
         when count > 0 then 'ok'
         else 'alarm'
diff --git a/compliance/controls/aws/aws_cis_v300_1_2.yaml b/compliance/controls/aws/aws_cis_v300_1_2.yaml
@@ -21,6 +21,8 @@ Query:
         partition,
         title,
         account_id,
+        kaytu_account_id as kaytu_account_id,
+        kaytu_resource_id as kaytu_resource_id,
         _ctx
       from
         aws_account
diff --git a/compliance/controls/aws/aws_cis_v300_3_8.yaml b/compliance/controls/aws/aws_cis_v300_3_8.yaml
@@ -11,7 +11,9 @@ Query:
       select
         name as trail_name,
         is_multi_region_trail,
-        bucket_selector
+        bucket_selector,
+        kaytu_account_id,
+        kaytu_resource_id
       from
         aws_cloudtrail_trail,
         jsonb_array_elements(event_selectors) as event_selector,
@@ -47,7 +49,7 @@ Query:
         on bucket_selector like (b.arn || '%')
         or bucket_selector = 'arn:aws:s3'
     group by
-      b.account_id, b.region, b.arn, b.name, b.tags, b._ctx;
+      b.account_id, b.kaytu_account_id, b.kaytu_resource_id, b.region, b.arn, b.name, b.tags, b._ctx;
   PrimaryTable: aws_s3_bucket
   ListOfTables:
   - aws_cloudtrail_trail
diff --git a/compliance/controls/aws/aws_cis_v300_3_9.yaml b/compliance/controls/aws/aws_cis_v300_3_9.yaml
@@ -11,7 +11,9 @@ Query:
       select
         name as trail_name,
         is_multi_region_trail,
-        bucket_selector
+        bucket_selector,
+        kaytu_account_id,
+        kaytu_resource_id
       from
         aws_cloudtrail_trail,
         jsonb_array_elements(event_selectors) as event_selector,
@@ -28,8 +30,8 @@ Query:
     )
     select
       b.arn as resource,
-      t.kaytu_account_id as kaytu_account_id,
-      t.kaytu_resource_id as kaytu_resource_id,
+      b.kaytu_account_id as kaytu_account_id,
+      b.kaytu_resource_id as kaytu_resource_id,
       case
         when count(bucket_selector) > 0 then 'ok'
         else 'alarm'
@@ -45,7 +47,7 @@ Query:
         on bucket_selector like (b.arn || '%')
         or bucket_selector = 'arn:aws:s3'
     group by
-      b.account_id, b.region, b.arn, b.name, b.tags, b._ctx;
+      b.account_id, b.kaytu_account_id, b.kaytu_resource_id, b.region, b.arn, b.name, b.tags, b._ctx;
   PrimaryTable: aws_s3_bucket
   ListOfTables:
   - aws_cloudtrail_trail
diff --git a/compliance/controls/aws/aws_cis_v300_5_2.yaml b/compliance/controls/aws/aws_cis_v300_5_2.yaml
@@ -41,6 +41,8 @@ Query:
         region,
         account_id,
         group_id,
+        kaytu_account_id as kaytu_account_id,
+        kaytu_resource_id as kaytu_resource_id,
         _ctx
       from
         aws_vpc_security_group
diff --git a/compliance/controls/aws/aws_dms_replication_task_source_database_logging_enabled.yaml b/compliance/controls/aws/aws_dms_replication_task_source_database_logging_enabled.yaml
@@ -9,13 +9,17 @@ Query:
     with replication_task_logging as (
       select
         arn,
+        kaytu_account_id,
+        kaytu_resource_id,
         bool_or(o ->> 'Id' = 'SOURCE_CAPTURE' and o ->> 'Severity' in ('LOGGER_SEVERITY_DEFAULT', 'LOGGER_SEVERITY_DEBUG', 'LOGGER_SEVERITY_DETAILED_DEBUG')) as capture_logging_enabled,
         bool_or(o ->> 'Id' = 'SOURCE_UNLOAD' and o ->> 'Severity' in ('LOGGER_SEVERITY_DEFAULT', 'LOGGER_SEVERITY_DEBUG', 'LOGGER_SEVERITY_DETAILED_DEBUG')) as unload_logging_enabled
       from
         aws_dms_replication_task,
         jsonb_array_elements(replication_task_settings -> 'Logging' -> 'LogComponents') as o
       group by
-        arn
+        arn,
+        kaytu_account_id,
+        kaytu_resource_id
     )
     select
       t.arn as resource,
