feat(network): extract Network resource metadata automated (#6555)

Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
prowler-cloud · Jan 16, 2025 · 783ce13 · 783ce13
1 parent f829145
commit 783ce13
Show file tree

Hide file tree

Showing 9 changed files with 27 additions and 30 deletions.
diff --git a/...oviders/azure/services/network/network_bastion_host_exists/network_bastion_host_exists.py b/...oviders/azure/services/network/network_bastion_host_exists/network_bastion_host_exists.py
@@ -18,7 +18,9 @@ def execute(self) -> Check_Report_Azure:
                 status = "PASS"
                 status_extended = f"Bastion Host from subscription {subscription} available are: {bastion_names}"
 
-            report = Check_Report_Azure(self.metadata())
+            report = Check_Report_Azure(
+                metadata=self.metadata(), resource_metadata=bastion_hosts
+            )
             report.subscription = subscription
             report.resource_name = "Bastion Host"
             report.resource_id = "Bastion Host"

diff --git a/...s/azure/services/network/network_flow_log_captured_sent/network_flow_log_captured_sent.py b/...s/azure/services/network/network_flow_log_captured_sent/network_flow_log_captured_sent.py
@@ -7,12 +7,11 @@ def execute(self) -> Check_Report_Azure:
         findings = []
         for subscription, network_watchers in network_client.network_watchers.items():
             for network_watcher in network_watchers:
-                report = Check_Report_Azure(self.metadata())
+                report = Check_Report_Azure(
+                    metadata=self.metadata(), resource_metadata=network_watcher
+                )
                 report.subscription = subscription
-                report.resource_name = network_watcher.name
-                report.resource_id = network_watcher.id
                 report.status = "FAIL"
-                report.location = network_watcher.location
                 report.status_extended = f"Network Watcher {network_watcher.name} from subscription {subscription} has no flow logs"
                 if network_watcher.flow_logs:
                     report.status = "FAIL"

diff --git a/...services/network/network_flow_log_more_than_90_days/network_flow_log_more_than_90_days.py b/...services/network/network_flow_log_more_than_90_days/network_flow_log_more_than_90_days.py
@@ -7,11 +7,10 @@ def execute(self) -> Check_Report_Azure:
         findings = []
         for subscription, network_watchers in network_client.network_watchers.items():
             for network_watcher in network_watchers:
-                report = Check_Report_Azure(self.metadata())
+                report = Check_Report_Azure(
+                    metadata=self.metadata(), resource_metadata=network_watcher
+                )
                 report.subscription = subscription
-                report.resource_name = network_watcher.name
-                report.resource_id = network_watcher.id
-                report.location = network_watcher.location
                 if network_watcher.flow_logs:
                     report.status = "PASS"
                     report.status_extended = f"Network Watcher {network_watcher.name} from subscription {subscription} has flow logs enabled for more than 90 days"

diff --git a/...etwork/network_http_internet_access_restricted/network_http_internet_access_restricted.py b/...etwork/network_http_internet_access_restricted/network_http_internet_access_restricted.py
@@ -7,12 +7,11 @@ def execute(self) -> Check_Report_Azure:
         findings = []
         for subscription, security_groups in network_client.security_groups.items():
             for security_group in security_groups:
-                report = Check_Report_Azure(self.metadata())
+                report = Check_Report_Azure(
+                    metadata=self.metadata(), resource_metadata=security_group
+                )
                 report.subscription = subscription
-                report.resource_name = security_group.name
-                report.resource_id = security_group.id
                 report.status = "PASS"
-                report.location = security_group.location
                 report.status_extended = f"Security Group {security_group.name} from subscription {subscription} has HTTP internet access restricted."
                 rule_fail_condition = any(
                     (

diff --git a/...ler/providers/azure/services/network/network_public_ip_shodan/network_public_ip_shodan.py b/...ler/providers/azure/services/network/network_public_ip_shodan/network_public_ip_shodan.py
@@ -13,11 +13,10 @@ def execute(self):
             api = shodan.Shodan(shodan_api_key)
             for subscription, public_ips in network_client.public_ip_addresses.items():
                 for ip in public_ips:
-                    report = Check_Report_Azure(self.metadata())
+                    report = Check_Report_Azure(
+                        metadata=self.metadata(), resource_metadata=ip
+                    )
                     report.subscription = subscription
-                    report.resource_name = ip.name
-                    report.resource_id = ip.id
-                    report.location = ip.location
                     try:
                         shodan_info = api.host(ip.ip_address)
                         report.status = "FAIL"

diff --git a/.../network/network_rdp_internet_access_restricted/network_rdp_internet_access_restricted.py b/.../network/network_rdp_internet_access_restricted/network_rdp_internet_access_restricted.py
@@ -7,12 +7,11 @@ def execute(self) -> Check_Report_Azure:
         findings = []
         for subscription, security_groups in network_client.security_groups.items():
             for security_group in security_groups:
-                report = Check_Report_Azure(self.metadata())
+                report = Check_Report_Azure(
+                    metadata=self.metadata(), resource_metadata=security_group
+                )
                 report.subscription = subscription
-                report.resource_name = security_group.name
-                report.resource_id = security_group.id
                 report.status = "PASS"
-                report.location = security_group.location
                 report.status_extended = f"Security Group {security_group.name} from subscription {subscription} has RDP internet access restricted."
                 rule_fail_condition = any(
                     (

diff --git a/.../network/network_ssh_internet_access_restricted/network_ssh_internet_access_restricted.py b/.../network/network_ssh_internet_access_restricted/network_ssh_internet_access_restricted.py
@@ -7,12 +7,11 @@ def execute(self) -> Check_Report_Azure:
         findings = []
         for subscription, security_groups in network_client.security_groups.items():
             for security_group in security_groups:
-                report = Check_Report_Azure(self.metadata())
+                report = Check_Report_Azure(
+                    metadata=self.metadata(), resource_metadata=security_group
+                )
                 report.subscription = subscription
-                report.resource_name = security_group.name
-                report.resource_id = security_group.id
                 report.status = "PASS"
-                report.location = security_group.location
                 report.status_extended = f"Security Group {security_group.name} from subscription {subscription} has SSH internet access restricted."
                 rule_fail_condition = any(
                     (

diff --git a/.../network/network_udp_internet_access_restricted/network_udp_internet_access_restricted.py b/.../network/network_udp_internet_access_restricted/network_udp_internet_access_restricted.py
@@ -7,12 +7,11 @@ def execute(self) -> Check_Report_Azure:
         findings = []
         for subscription, security_groups in network_client.security_groups.items():
             for security_group in security_groups:
-                report = Check_Report_Azure(self.metadata())
+                report = Check_Report_Azure(
+                    metadata=self.metadata(), resource_metadata=security_group
+                )
                 report.subscription = subscription
-                report.resource_name = security_group.name
-                report.resource_id = security_group.id
                 report.status = "PASS"
-                report.location = security_group.location
                 report.status_extended = f"Security Group {security_group.name} from subscription {subscription} has UDP internet access restricted."
                 rule_fail_condition = any(
                     rule.protocol in ["UDP", "Udp"]

diff --git a/prowler/providers/azure/services/network/network_watcher_enabled/network_watcher_enabled.py b/prowler/providers/azure/services/network/network_watcher_enabled/network_watcher_enabled.py
@@ -6,7 +6,9 @@ class network_watcher_enabled(Check):
     def execute(self) -> list[Check_Report_Azure]:
         findings = []
         for subscription, network_watchers in network_client.network_watchers.items():
-            report = Check_Report_Azure(self.metadata())
+            report = Check_Report_Azure(
+                metadata=self.metadata(), resource_metadata=network_watchers
+            )
             report.subscription = subscription
             report.resource_name = "Network Watcher"
             report.location = "global"