search

turbot / steampipe-mod-azure-compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more across all of your Azure subscriptions using Powerpipe and Steampipe.
https://hub.powerpipe.io/mods/turbot/azure_compliance
Apache License 2.0
56 stars 16 forks source link

control.cis_v200_5_1_4 is returning false negatives #186

Closed KingBrewer closed 1 year ago

KingBrewer commented 1 year ago

Describe the bug Related to #184, as it is using the same method to enumerate storage account's containers that store activity logs

Steampipe version (steampipe -v) v0.20.6

Plugin version (steampipe plugin list) v0.28

To reproduce

  1. Enable public access on a container storing activity logs
  2. steampipe check --mod-location steampipe-mod-azure-compliance control.cis_v200_5_1_4

  3. Result:

    + 5.1.4 Ensure the storage account containing the container w… 0 / 0 [          ]     

Summary

OK ............................................................. 0 [          ]
SKIP ........................................................... 0 [          ]
INFO ........................................................... 0 [          ]
ALARM .......................................................... 0 [          ]
ERROR .......................................................... 0 [          ]   

TOTAL ...................................................... 0 / 0 [          ]

Expected behavior

KingBrewer commented 1 year ago

@misraved similar to #185. I decided to open a separate PR though, to not make them dependent on each other. If you prefer it in a single one I can obviously change it.

misraved commented 1 year ago

Fixed in https://github.com/turbot/steampipe-mod-azure-compliance/pull/187

Thanks @KingBrewer for the updates 👍.