chore(mitre azure): add mapping to mitre for azure provider

dashboard/compliance/mitre_attack_azure.py

@@ -0,0 +1,23 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_format2
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+ aux = data[
+ [
+ "REQUIREMENTS_ID",
+ "REQUIREMENTS_SUBTECHNIQUES",
+ "CHECKID",
+ "STATUS",
+ "REGION",
+ "ACCOUNTID",
+ "RESOURCEID",
+ ]
+ ].copy()
+
+ return get_section_containers_format2(
+ aux, "REQUIREMENTS_ID", "REQUIREMENTS_SUBTECHNIQUES"
+ )

dashboard/pages/compliance.py

@@ -267,6 +267,7 @@ def load_csv_files(files):
  # Rename the column SUBSCRIPTIONID to ACCOUNTID for Azure
  if data.columns.str.contains("SUBSCRIPTIONID").any():
  data.rename(columns={"SUBSCRIPTIONID": "ACCOUNTID"}, inplace=True)
+ data["REGION"] = "-"
  # Handle v3 azure cis compliance
  if data.columns.str.contains("SUBSCRIPTION").any():
  data.rename(columns={"SUBSCRIPTION": "ACCOUNTID"}, inplace=True)
@@ -433,6 +434,12 @@ def load_csv_files(files):
  ):
  pie_2 = get_bar_graph(df, "REQUIREMENTS_ATTRIBUTES_SERVICE")
  current_filter = "services"
+ elif (
+ "REQUIREMENTS_ID" in df.columns
+ and not df["REQUIREMENTS_ID"].isnull().values.any()
+ ):
+ pie_2 = get_bar_graph(df, "REQUIREMENTS_ID")
+ current_filter = "techniques"
  else:
  fig = px.pie()
  fig.update_layout(

prowler/lib/outputs/compliance/compliance.py

@@ -124,10 +124,9 @@
  file_descriptors, finding, compliance, output_options, provider
  )
 
  elif compliance.Framework == "MITRE-ATTACK" and compliance.Version == "":
- # print(file_descriptors)
  write_compliance_row_mitre_attack(
- file_descriptors, finding, compliance, output_options, provider
+ file_descriptors, finding, compliance, provider
  )
 
  else:

prowler/lib/outputs/compliance/mitre_attack.py

@@ -11,54 +11,52 @@
 from prowler.lib.utils.utils import outputs_unix_timestamp
 
 
-def write_compliance_row_mitre_attack(
- file_descriptors, finding, compliance, output_options, provider
-):
+def write_compliance_row_mitre_attack(file_descriptors, finding, compliance, provider):
  try:
  compliance_output = compliance.Framework
  if compliance.Version != "":
  compliance_output += "_" + compliance.Version
  if compliance.Provider != "":
  compliance_output += "_" + compliance.Provider
 
  mitre_attack_model_name = "Check_Output_MITRE_ATTACK_" + compliance.Provider
  module = import_module("prowler.lib.outputs.compliance.models")
  mitre_attack_model = getattr(module, mitre_attack_model_name)
  compliance_output = compliance_output.lower().replace("-", "_")
  csv_header = generate_csv_fields(mitre_attack_model)
  csv_writer = DictWriter(
  file_descriptors[compliance_output],
  fieldnames=csv_header,
  delimiter=";",
  )
  for requirement in compliance.Requirements:
 
  if compliance.Provider == "AWS":
  attributes_services = ", ".join(
  attribute.AWSService for attribute in requirement.Attributes
  )
  elif compliance.Provider == "Azure":
  attributes_services = ", ".join(
  attribute.AzureService for attribute in requirement.Attributes
  )
  requirement_description = requirement.Description
  requirement_id = requirement.Id
  requirement_name = requirement.Name
  attributes_categories = ", ".join(
  attribute.Category for attribute in requirement.Attributes
  )
  attributes_values = ", ".join(
  attribute.Value for attribute in requirement.Attributes
  )
  attributes_comments = ", ".join(
  attribute.Comment for attribute in requirement.Attributes
  )
 
  common_data = {
  "Provider": finding.check_metadata.Provider,
  "Description": compliance.Description,
  "AssessmentDate": outputs_unix_timestamp(
- output_options.unix_timestamp, timestamp
+ provider.output_options.unix_timestamp, timestamp
  ),
  "Requirements_Id": requirement_id,
  "Requirements_Name": requirement_name,
@@ -77,19 +75,19 @@
  "CheckId": finding.check_metadata.CheckID,
  "Muted": finding.muted,
  }
  if compliance.Provider == "AWS":
  common_data["AccountId"] = provider.identity.account
  common_data["Region"] = finding.region
  elif compliance.Provider == "Azure":
  common_data["SubscriptionId"] = unroll_list(
  provider.identity.subscriptions
  )
 
  compliance_row = mitre_attack_model(**common_data)
 
  csv_writer.writerow(compliance_row.__dict__)
  except Exception as error:
  logger.critical(
  f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
  )