Closed fgomesz closed 2 years ago
Thanks @fgomesz for using Steampipe 👍 , hope you are having a good experience !!
The concern mentioned in this issue does look valid. Thanks for highlighting this, we will dig in a bit more and add the correct query to the control 👍
@fgomesz Appreciate this catch. Thanks Definitely a few observations while reviewing this issue, let me know if it explains
The link for control Azure DDoS Protection Standard should be enabled
in Steampipe Azure Mods holds the control for NIST, however, tagged wrongly to hipaa_hitrust_v92 = true > we will correct this
In mods, we re-use some of these queries to avoid re-work.
The same query (network_security_group_udp_service_restricted.sql) is used in the below controls
The reason, why the same query was referenced Neither CIS nor Nist steps are mentioned in their respective content with specific steps.
But, we understand it might be confusing, we are checking this internally to separate this as well.
The table azure_virtual_network
inherently supports enable_ddos_protection
attribute as mentioned here, we can bring this part of the NIST control validation
PR reference - Still we are checking further to re-validate before release next week.
Share your feedback.
Thank you for looking into this and sorry for wasting your time.
@fgomesz Definitely not a waste of time!
You found a bug in our tagging of the control 👍 and we really appreciate people working through these in detail - it's critical to keeping them as well described and accurate as possible!
Thank you. Please keep those issues (and PRs) coming!
Describe the bug The site refers to another query.
To reproduce Visit https://hub.steampipe.io/mods/turbot/azure_compliance/controls/control.network_security_group_udp_service_restricted?context=benchmark.nist_sp_800_53_rev_5/benchmark.nist_sp_800_53_rev_5_sc/benchmark.nist_sp_800_53_rev_5_sc_5 the query is pointed to https://github.com/turbot/steampipe-mod-azure-compliance/blob/v0.8/regulatory_compliance/network.sp#L90-L98
Expected behavior A query for DDOS Protection Standard should be used.