github.com/turbot/steampipe@v1.7.0-rc.0.0.20240517123944-7cef272d4458/pkg/control/controldisplay/templates/asff.json/output.tmpl

github.com/turbot/steampipe@v1.7.0-rc.0.0.20240517123944-7cef272d4458/pkg/control/controldisplay/templates/asff.json/output.tmpl (about)

     1  {{ define "output" }}
     2  {{- $first_row_rendered := false -}}
     3  [  {{- range $runIdx,$run := .Data.ControlRuns -}}
     4          {{- range $rowIdx,$row := $run.Rows -}}
     5              {{/* check if the control is related to aws */}}
     6              {{- if $row.Run.MatchTag "plugin" "aws" -}}
     7                  {{ if $first_row_rendered -}},{{ end }}
     8                  {{- template "control_row_template" $row -}}
     9                  {{ $first_row_rendered = true }}
    10              {{- end -}}
    11      {{- end -}}
    12      {{- end }}
    13  ]
    14  {{ end }}
    15  
    16  {{/* sub template for control rows */}}
    17  {{ define "control_row_template" }}
    18  {
    19      "SchemaVersion": "2018-10-08",
    20      "Id": "{{ .Run.Control.FullName }}",
    21      "ProductArn": "arn:aws:securityhub:{{ .GetDimensionValue "region" }}:{{ .GetDimensionValue "account_id" }}:product/{{ .GetDimensionValue "account_id" }}/default",
    22      "ProductFields": {
    23          "ProviderName": "Steampipe",
    24          "ProviderVersion": "{{ render_context.Constants.SteampipeVersion }}"
    25      },
    26      "GeneratorId": "steampipe-{{ .Run.Control.ShortName }}",
    27      "AwsAccountId": "{{ .GetDimensionValue "account_id" }}",
    28      "Types": [
    29          "automated"
    30      ],
    31      "UpdatedAt": "{{ now.Format "2006-01-02T15:04:05Z07:00" }}",
    32      "CreatedAt": "{{ now.Format "2006-01-02T15:04:05Z07:00" }}",
    33      "Title": {{ toJson .Run.Control.Title }},
    34      "Description": {{ toJson .Run.Control.Description }},{{ with .Run.Control.Severity }}
    35      "Severity": {
    36          "Label": "{{ upper . }}"
    37      },{{ else }}
    38      "Severity": {
    39          "Label": "INFORMATIONAL"
    40      },{{ end }}
    41      "Resources": [
    42          {
    43              "Type": "Other",
    44              "Id": "{{ .Resource }}"
    45          }
    46      ],
    47      "Compliance": {
    48          "Status": "{{ template "statusmap" .Status -}}"
    49      }
    50  }{{ end -}}
    51  
    52  {{/* mapping steampipe statuses with ASFF status values */}}
    53  {{ define "statusmap" }}
    54      {{- if eq . "ok" -}}
    55          PASSED
    56      {{- end -}}
    57      {{- if eq . "error" -}}
    58          WARNING
    59      {{- end -}}
    60      {{- if eq . "alarm" -}}
    61          FAILED
    62      {{- end -}}
    63      {{- if eq . "skip" -}}
    64          NOT_AVAILABLE
    65      {{- end -}}
    66      {{- if eq . "info" -}}
    67          NOT_AVAILABLE
    68      {{- end -}}
    69  {{- end -}}