Queries between Control 2.4 and 2.11 of CIS v2.0.0 don't support multiple GCP projects?

turbot / steampipe-mod-gcp-compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS across all of your GCP projects using Powerpipe and Steampipe.

https://hub.powerpipe.io/mods/turbot/gcp_compliance

Apache License 2.0

36 stars 10 forks source link

Queries between Control 2.4 and 2.11 of CIS v2.0.0 don't support multiple GCP projects? #149

Closed k-kawa closed 8 months ago

k-kawa commented 9 months ago

When the steampipe config has an aggregated connection of GCP plugin, the controls between Control 2.4 and 2.11 of CIS v2.0.0 return ok if one of GCP projects has a proper configuration.

Is this a bug? I expected that the controls check each project and show the result of each project separately. But I'm not sure about CIS v2.0.0 so that I cannot tell it a bug or not.

saisirishreddy commented 9 months ago

That does look like a bug, when using aggregator connections. I also observed otherwise, where one of the project fails and all the projects are returned with fail for a specific control (from 2.4 and 2.11).

khushboo9024 commented 8 months ago

Thanks @k-kawa for catching this bug. We have pushed the fix in the branch, could you please test and let us know if this works for you. Thanks!