Skip to content

Commit

Permalink
Merge branch 'prowler-4.0-dev' into cloudtrail-threat-detection
Browse files Browse the repository at this point in the history
  • Loading branch information
@sergargar
sergargar authored Mar 27, 2024
2 parents 6e99d98 + 522aeeb commit 5192259
Show file tree
Hide file tree
Showing 17 changed files with 218 additions and 184 deletions.
24 changes: 12 additions & 12 deletions prowler/__main__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,11 +59,11 @@ def prowler():

# Save Arguments
provider = args.provider
checks = args.checks
excluded_checks = args.excluded_checks
excluded_services = args.excluded_services
services = args.services
categories = args.categories
checks = args.check
excluded_checks = args.excluded_check
excluded_services = args.excluded_service
services = args.service
categories = args.category
checks_file = args.checks_file
checks_folder = args.checks_folder
severities = args.severity
Expand All @@ -75,10 +75,10 @@ def prowler():

# We treat the compliance framework as another output format
if compliance_framework:
args.output_modes.extend(compliance_framework)
args.output_formats.extend(compliance_framework)
# If no input compliance framework, set all
else:
args.output_modes.extend(get_available_compliance_frameworks(provider))
args.output_formats.extend(get_available_compliance_frameworks(provider))

# Set Logger configuration
set_logging_config(args.log_level, args.log_file, args.only_logs)
Expand Down Expand Up @@ -229,8 +229,8 @@ def prowler():
)
sys.exit(1)

if args.output_modes:
for mode in args.output_modes:
if args.output_formats:
for mode in args.output_formats:
# Close json file if exists
if "json" in mode:
close_json(
Expand Down Expand Up @@ -282,14 +282,14 @@ def prowler():
# Prepare the findings to be sent to Security Hub
security_hub_findings_per_region = prepare_security_hub_findings(
findings,
provider,
global_provider,
global_provider.output_options,
aws_security_enabled_regions,
)

# Send the findings to Security Hub
findings_sent_to_security_hub = batch_send_to_security_hub(
security_hub_findings_per_region, provider.session.current_session
security_hub_findings_per_region, global_provider.session.current_session
)

print(
Expand All @@ -303,7 +303,7 @@ def prowler():
)
findings_archived_in_security_hub = resolve_security_hub_previous_findings(
security_hub_findings_per_region,
provider,
global_provider,
)
print(
f"{Style.BRIGHT}{Fore.GREEN}\n{findings_archived_in_security_hub} findings archived in AWS Security Hub!{Style.RESET_ALL}"
Expand Down
94 changes: 60 additions & 34 deletions prowler/lib/cli/parser.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,24 +25,29 @@ def __init__(self):
prog="prowler",
formatter_class=RawTextHelpFormatter,
epilog="""
To see the different available options on a specific provider, run:
prowler {provider} -h|--help
Detailed documentation at https://docs.prowler.cloud
Available components:
dashboard Prowler local dashboard
To see the different available options on a specific component, run:
prowler {provider|dashboard} -h|--help
Detailed documentation at https://docs.prowler.com
""",
)
# Default
self.parser.add_argument(
"-v",
"--version",
"-v",
action="store_true",
help="show Prowler version",
help="Show Prowler version",
)
# Common arguments parser
self.common_providers_parser = argparse.ArgumentParser(add_help=False)

# Providers Parser
self.subparsers = self.parser.add_subparsers(
title="Prowler Available Cloud Providers",
title="Available cloud providers",
dest="provider",
)

Expand Down Expand Up @@ -126,44 +131,40 @@ def __init_outputs_parser__(self):
choices=finding_statuses,
)
common_outputs_parser.add_argument(
"-M",
"--output-formats",
"--output-modes",
"-M",
nargs="+",
help="Output modes, by default csv and json",
help="Output modes, by default csv and json-oscf are saved. When using AWS Security Hub integration, json-asff output is also saved.",
default=["csv", "json-ocsf"],
choices=["csv", "json-asff", "json-ocsf"],
)
common_outputs_parser.add_argument(
"-F",
"--output-filename",
"-F",
nargs="?",
help="Custom output report name without the file extension, if not specified will use default output/prowler-output-ACCOUNT_NUM-OUTPUT_DATE.format",
)
common_outputs_parser.add_argument(
"-o",
"--output-directory",
"-o",
nargs="?",
help="Custom output directory, by default the folder where Prowler is stored",
default=default_output_directory,
)
common_outputs_parser.add_argument(
"--verbose",
action="store_true",
help="Display detailed information about findings",
help="Runs showing all checks executed and results",
)
common_outputs_parser.add_argument(
"-z",
"--ignore-exit-code-3",
"-z",
action="store_true",
help="Failed checks do not trigger exit code 3",
)
common_outputs_parser.add_argument(
"-b", "--no-banner", action="store_true", help="Hide Prowler banner"
)
common_outputs_parser.add_argument(
"--slack",
action="store_true",
help="Send a summary of the execution with a Slack APP in your channel. Environment variables SLACK_API_TOKEN and SLACK_CHANNEL_ID are required (see more in https://docs.prowler.cloud/en/latest/tutorials/integrations/#slack).",
"--no-banner", "-b", action="store_true", help="Hide Prowler banner"
)
common_outputs_parser.add_argument(
"--unix-timestamp",
Expand Down Expand Up @@ -201,10 +202,17 @@ def __init_exclude_checks_parser__(self):
"Exclude checks/services to run"
)
exclude_checks_parser.add_argument(
"-e", "--excluded-checks", nargs="+", help="Checks to exclude"
"--excluded-check",
"--excluded-checks",
"-e",
nargs="+",
help="Checks to exclude",
)
exclude_checks_parser.add_argument(
"--excluded-services", nargs="+", help="Services to exclude"
"--excluded-service",
"--excluded-services",
nargs="+",
help="Services to exclude",
)

def __init_checks_parser__(self):
Expand All @@ -215,21 +223,29 @@ def __init_checks_parser__(self):
# The following arguments needs to be set exclusivelly
group = common_checks_parser.add_mutually_exclusive_group()
group.add_argument(
"-c", "--checks", nargs="+", help="List of checks to be executed."
"--check",
"--checks",
"-c",
nargs="+",
help="List of checks to be executed.",
)
group.add_argument(
"-C",
"--checks-file",
"-C",
nargs="?",
help="JSON file containing the checks to be executed. See config/checklist_example.json",
)
group.add_argument(
"-s", "--services", nargs="+", help="List of services to be executed."
"--service",
"--services",
"-s",
nargs="+",
help="List of services to be executed.",
)
common_checks_parser.add_argument(
"--severity",
nargs="+",
help=f"List of severities to be executed {valid_severities}",
help=f"Severities to be executed {valid_severities}",
choices=valid_severities,
)
group.add_argument(
Expand All @@ -239,15 +255,16 @@ def __init_checks_parser__(self):
choices=available_compliance_frameworks,
)
group.add_argument(
"--category",
"--categories",
nargs="+",
help="List of categories to be executed.",
default=[],
# Pending validate choices
# TODO: Pending validate choices
)
common_checks_parser.add_argument(
"-x",
"--checks-folder",
"-x",
nargs="?",
help="Specify external directory with custom checks (each check must have a folder with the required files, see more in https://docs.prowler.cloud/en/latest/tutorials/misc/#custom-checks).",
)
Expand All @@ -259,23 +276,27 @@ def __init_list_checks_parser__(self):
)
list_group = list_checks_parser.add_mutually_exclusive_group()
list_group.add_argument(
"-l", "--list-checks", action="store_true", help="List checks"
"--list-checks", "-l", action="store_true", help="List checks"
)
list_group.add_argument(
"--list-checks-json",
action="store_true",
help="Output a list of checks in json for use with --checks-file",
help="Output a list of checks in json format to use with --checks-file option",
)
list_group.add_argument(
"--list-services", action="store_true", help="List services"
"--list-services",
action="store_true",
help="List covered services by given provider",
)
list_group.add_argument(
"--list-compliance", action="store_true", help="List compliance frameworks"
"--list-compliance",
action="store_true",
help="List all available compliance frameworks",
)
list_group.add_argument(
"--list-compliance-requirements",
nargs="+",
help="List compliance requirements for a given compliance framework",
help="List requirements and checks per compliance framework",
choices=available_compliance_frameworks,
)
list_group.add_argument(
Expand All @@ -290,8 +311,8 @@ def __init_mutelist_parser__(self):
)
provider = sys.argv[1] if len(sys.argv) > 1 else "aws"
mutelist_subparser.add_argument(
"-w",
"--mutelist-file",
"-w",
nargs="?",
default=get_default_mute_file_path(provider),
help="Path for mutelist yaml file. See example prowler/config/<provider>_mutelist.yaml for reference and format. For AWS provider, it also accepts AWS DynamoDB Table, Lambda ARNs or S3 URIs, see more in https://docs.prowler.cloud/en/latest/tutorials/mutelist/",
Expand Down Expand Up @@ -323,10 +344,15 @@ def __init_third_party_integrations_parser__(self):
"3rd Party Integrations"
)
third_party_subparser.add_argument(
"-N",
"--shodan",
"-N",
nargs="?",
default=None,
metavar="SHODAN_API_KEY",
help="Shodan API key.",
help="Check if any public IPs in your Cloud environments are exposed in Shodan.",
)
third_party_subparser.add_argument(
"--slack",
action="store_true",
help="Send a summary of the execution with a Slack APP in your channel. Environment variables SLACK_API_TOKEN and SLACK_CHANNEL_ID are required (see more in https://docs.prowler.cloud/en/latest/tutorials/integrations/#slack).",
)
Loading

0 comments on commit 5192259

Please sign in to comment.