From 66f522265e8ae9731f7bd113d1ad587c2b06ef94 Mon Sep 17 00:00:00 2001 From: artaasadi Date: Mon, 18 Nov 2024 12:26:48 +0100 Subject: [PATCH 1/2] fix: update controls --- compliance/controls/aws/aws_cis_v130_4_13.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/compliance/controls/aws/aws_cis_v130_4_13.yaml b/compliance/controls/aws/aws_cis_v130_4_13.yaml index 10c58f607..8f56eb7dc 100644 --- a/compliance/controls/aws/aws_cis_v130_4_13.yaml +++ b/compliance/controls/aws/aws_cis_v130_4_13.yaml @@ -5,13 +5,13 @@ IntegrationType: Query: Engine: CloudQL-v0.0.1 ListOfTables: + - aws_account - aws_cloudtrail_trail - aws_cloudwatch_alarm - aws_sns_topic_subscription - aws_cloudwatch_log_metric_filter - - aws_account Parameters: [] - PrimaryTable: aws_cloudtrail_trail + PrimaryTable: aws_account QueryToExecute: | WITH trails AS ( SELECT From 1ea09b4eca6c89aa6532cd80809612be4055257d Mon Sep 17 00:00:00 2001 From: artaasadi Date: Wed, 20 Nov 2024 11:59:37 +0100 Subject: [PATCH 2/2] fix: fix primary tables --- compliance/controls/aws/aws_cis_v200_3_9.yaml | 6 ++++-- compliance/controls/azure/azure_cis_v150_2_6.yaml | 2 +- compliance/controls/azure/azure_cis_v210_5_2_1.yaml | 2 +- compliance/controls/azure/azure_cis_v210_6_6.yaml | 2 +- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/compliance/controls/aws/aws_cis_v200_3_9.yaml b/compliance/controls/aws/aws_cis_v200_3_9.yaml index 43aa197ca..0d36be1fe 100644 --- a/compliance/controls/aws/aws_cis_v200_3_9.yaml +++ b/compliance/controls/aws/aws_cis_v200_3_9.yaml @@ -14,6 +14,8 @@ Query: SELECT arn, account_id, + og_account_id, + og_resource_id, region, owner_id, vpc_id, @@ -36,8 +38,8 @@ Query: ) SELECT v.arn AS resource, - v.account_id AS og_account_id, - v.vpc_id AS og_resource_id, + v.og_account_id AS og_account_id, + v.og_resource_id AS og_resource_id, CASE WHEN v.account_id <> v.owner_id THEN 'skip' WHEN f.resource_id IS NOT NULL THEN 'ok' diff --git a/compliance/controls/azure/azure_cis_v150_2_6.yaml b/compliance/controls/azure/azure_cis_v150_2_6.yaml index 5c304cab5..59b828ed6 100644 --- a/compliance/controls/azure/azure_cis_v150_2_6.yaml +++ b/compliance/controls/azure/azure_cis_v150_2_6.yaml @@ -8,7 +8,7 @@ Query: - azure_policy_assignment - azure_subscription Parameters: [] - PrimaryTable: azure_policy_assignment + PrimaryTable: azure_subscription QueryToExecute: | WITH policy_assignment_parameters AS ( SELECT diff --git a/compliance/controls/azure/azure_cis_v210_5_2_1.yaml b/compliance/controls/azure/azure_cis_v210_5_2_1.yaml index 657d0dd4d..eeec464bd 100644 --- a/compliance/controls/azure/azure_cis_v210_5_2_1.yaml +++ b/compliance/controls/azure/azure_cis_v210_5_2_1.yaml @@ -8,7 +8,7 @@ Query: - azure_log_alert - azure_subscription Parameters: [] - PrimaryTable: azure_log_alert + PrimaryTable: azure_subscription QueryToExecute: | WITH alert_rule AS ( SELECT diff --git a/compliance/controls/azure/azure_cis_v210_6_6.yaml b/compliance/controls/azure/azure_cis_v210_6_6.yaml index 27d2ee3d0..ae1ca53dd 100644 --- a/compliance/controls/azure/azure_cis_v210_6_6.yaml +++ b/compliance/controls/azure/azure_cis_v210_6_6.yaml @@ -9,7 +9,7 @@ Query: - azure_network_watcher - azure_subscription Parameters: [] - PrimaryTable: azure_network_watcher + PrimaryTable: azure_location QueryToExecute: | SELECT loc.id AS resource,