Azure no result

[Vbubblery]

The config.js include the current credential for azure, and i use the command belong to generate the report

./index.js --json=azure.json --junit=azure.xml --cloud=azure --config=./config.js

But it throw the issue, and nothing return to json and xml file.

url: https://management.azure.com//subscriptions/78131263-201b-4c2e-8ba9-57731b087025/resourceGroups/rg-flowlity-global/providers/Microsoft.Storage/storageAccounts/stdatasynctrigger/listKeys?api-version=2019-06-01 obj: {"url":"https://management.azure.com//subscriptions/78131263-201b-4c2e-8ba9-57731b087025/resourceGroups/rg-flowlity-global/providers/Microsoft.Storage/storageAccounts/stdatasynctrigger/listKeys?api-version=2019-06-01","post":true,"rateLimit":3000} localData: undefined

INFO: Metadata collection complete. Analyzing...
INFO: Analysis complete. Scan report to follow...
Plugin Virtual Network Peering returned no results. There may be a problem with this plugin.
Plugin VM Desired SKU Size returned no results. There may be a problem with this plugin.
Plugin VM Approved Extensions returned no results. There may be a problem with this plugin.
/home/bubble/cloudsploit/helpers/azure/functions.js:203
    if (!policyAssignmentStatus.length) {
                                ^

TypeError: Cannot read properties of undefined (reading 'length')
    at Object.checkPolicyAssignment (/home/bubble/cloudsploit/helpers/azure/functions.js:203:33)
    at /home/bubble/cloudsploit/plugins/azure/securitycenter/monitorBlobEncryption.js:24:21
    at /home/bubble/cloudsploit/node_modules/async/dist/async.js:3113:16
    at eachOfArrayLike (/home/bubble/cloudsploit/node_modules/async/dist/async.js:1072:9)
    at eachOf (/home/bubble/cloudsploit/node_modules/async/dist/async.js:1120:5)
    at Object.eachLimit (/home/bubble/cloudsploit/node_modules/async/dist/async.js:3175:5)
    at Object.run (/home/bubble/cloudsploit/plugins/azure/securitycenter/monitorBlobEncryption.js:19:15)
    at /home/bubble/cloudsploit/engine.js:223:28
    at /home/bubble/cloudsploit/node_modules/async/dist/async.js:3685:9
    at replenish (/home/bubble/cloudsploit/node_modules/async/dist/async.js:1014:17)

Is Azure api updated?

[tudorghigheanu]

i see the same error.

[alphadev4]

hi @Vbubblery looking into it.

[MateuszBelczowski]

If I understand it correctly, this is the commit that broke this -> 8415d5c#diff-e820abec8c98dc12e01a66376533a10a5099daba4f6accc37668721b03fd2aa4R200

and it would be enough to just add default value

policyAssignmentStatus =  defualtPolicyAssignments[param] || '';

Is that correct?

[jmeit-fwdsec]

If I understand it correctly, this is the commit that broke this -> 8415d5c#diff-e820abec8c98dc12e01a66376533a10a5099daba4f6accc37668721b03fd2aa4R200

and it would be enough to just add default value

policyAssignmentStatus =  defualtPolicyAssignments[param] || '';

Is that correct?

This works for me, and makes sense based on helpers/azure/functions.js:196-201

[telekomancer]

I have this error:

INFO: Using CloudSploit config file: ./creds.json
/home/username/tools/cloudsploit/index.js:134
if (config.credentials.aws.credential_file && (!settings.cloud || (settings.cloud == 'aws'))) {
                       ^

TypeError: Cannot read properties of undefined (reading 'aws')
    at Object.<anonymous> (/home/username/tools/cloudsploit/index.js:134:24)
    at Module._compile (node:internal/modules/cjs/loader:1218:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1272:10)
    at Module.load (node:internal/modules/cjs/loader:1081:32)
    at Module._load (node:internal/modules/cjs/loader:922:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
    at node:internal/main/run_main_module:23:47

Node.js v18.13.0

I'm trying to audit only azure but keeps asking aws parameters, my creds.json file it's something like this:

{
  "ApplicationID": "my-app-id-on-azure",
  "KeyValue": ".string~of.keyvalue...",
  "DirectoryID": "my-dir-id-on-azure",
  "SubscriptionID": "my-subs-id-on-azure"
}

also, i tried on config.js:

...
azure: {
            // OPTION 1: If using a credential JSON file, enter the path below
            credential_file: '/home/username/tools/cloudsploit/creds.json',
            // OPTION 2: If using hard-coded credentials, enter them below
            //application_id: my-app-id-on-azure,
            //key_value: .string~of.keyvalue...,
            //directory_id: my-dir-id-on-azure,
            //subscription_id: my-subs-id-on-azure
        }
        //azure_remediate: {
            // OPTION 1: If using a credential JSON file, enter the path below
            // credential_file: './azure.json',
            // OPTION 2: If using hard-coded credentials, enter them below
            // application_id: process.env.AZURE_APPLICATION_ID || '',
            // key_value: process.env.AZURE_KEY_VALUE || '',
            // directory_id: process.env.AZURE_DIRECTORY_ID || '',
            // subscription_id: process.env.AZURE_SUBSCRIPTION_ID || ''
        //},
...

If i only trigger the command (./index.js) the output looks fine, but ask for aws data:

[alphadev4]

Hi @Vbubblery can you check now?

[alphadev4]

hi @telekomancer , i see you have added the credentials in config.js file but your attributes for the object are commented out. Can you try out like this in config.js file
azure: {
// OPTION 1: If using a credential JSON file, enter the path below
credential_file: '/home/username/tools/cloudsploit/creds.json',
// OPTION 2: If using hard-coded credentials, enter them below
application_id: my-app-id-on-azure,
key_value: .string~of.keyvalue...,
directory_id: my-dir-id-on-azure,
subscription_id: my-subs-id-on-azure
},

[telekomancer]

Oh! Actually, that was the options that i changed, i had to make some changes at code (#1728 (comment)) and some changes at config.js level and everything works.

Thanks for the help!

[alphadev4]

@Vbubblery Can we close this now?