Skip to content

Commit

Permalink
Merge pull request #6984 from Checkmarx/new-queries-update
Browse files Browse the repository at this point in the history 
update(queries): queries severity updates
  • Loading branch information
@gabriel-cx
gabriel-cx committed Apr 4, 2024
2 parents 9b7965b + 2f5913a commit 217625a
Show file tree
Hide file tree
Showing 167 changed files with 242 additions and 2,847 deletions.
2 changes: 1 addition & 1 deletion assets/queries/ansible/aws/cloudtrail_sns_topic_name_undefined/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"id": "5ba316a9-c466-4ec1-8d5b-bc6107dc9a92",
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO",
"severity": "LOW",
"category": "Observability",
"descriptionText": "Check if SNS topic name is set for CloudTrail",
"descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/cloudtrail_module.html",
Expand Down
4 changes: 2 additions & 2 deletions ...ueries/ansible/aws/cloudtrail_sns_topic_name_undefined/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
[
{
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO",
"severity": "LOW",
"line": 2
},
{
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO",
"severity": "LOW",
"line": 15
}
]
12 changes: 0 additions & 12 deletions assets/queries/ansible/aws/ecs_task_definition_with_plaintext_password/metadata.json
View file

This file was deleted.

29 changes: 0 additions & 29 deletions assets/queries/ansible/aws/ecs_task_definition_with_plaintext_password/query.rego
View file

This file was deleted.

15 changes: 0 additions & 15 deletions assets/queries/ansible/aws/ecs_task_definition_with_plaintext_password/test/negative.yaml
View file

This file was deleted.

17 changes: 0 additions & 17 deletions assets/queries/ansible/aws/ecs_task_definition_with_plaintext_password/test/positive.yaml
View file

This file was deleted.

7 changes: 0 additions & 7 deletions ...nsible/aws/ecs_task_definition_with_plaintext_password/test/positive_expected_result.json
View file

This file was deleted.

2 changes: 1 addition & 1 deletion assets/queries/ansible/aws/iam_role_allows_all_principals_to_assume/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"id": "babdedcf-d859-43da-9a7b-6d72e661a8fd",
"queryName": "IAM Role Allows All Principals To Assume",
"severity": "HIGH",
"severity": "MEDIUM",
"category": "Access Control",
"descriptionText": "IAM role allows all services or principals to assume it",
"descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/community/aws/iam_managed_policy_module.html",
Expand Down
4 changes: 2 additions & 2 deletions ...s/ansible/aws/iam_role_allows_all_principals_to_assume/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
[
{
"queryName": "IAM Role Allows All Principals To Assume",
"severity": "HIGH",
"severity": "MEDIUM",
"line": 4,
"fileName": "positive.yaml"
},
{
"queryName": "IAM Role Allows All Principals To Assume",
"severity": "HIGH",
"severity": "MEDIUM",
"line": 17,
"fileName": "positive.yaml"
}
Expand Down
13 changes: 0 additions & 13 deletions assets/queries/ansible/aws/user_data_shell_script_is_encoded/metadata.json
View file

This file was deleted.

33 changes: 0 additions & 33 deletions assets/queries/ansible/aws/user_data_shell_script_is_encoded/query.rego
View file

This file was deleted.

34 changes: 0 additions & 34 deletions assets/queries/ansible/aws/user_data_shell_script_is_encoded/test/negative.yaml
View file

This file was deleted.

18 changes: 0 additions & 18 deletions assets/queries/ansible/aws/user_data_shell_script_is_encoded/test/positive.yaml
View file

This file was deleted.

7 changes: 0 additions & 7 deletions .../queries/ansible/aws/user_data_shell_script_is_encoded/test/positive_expected_result.json
View file

This file was deleted.

2 changes: 1 addition & 1 deletion assets/queries/ansible/gcp/cloud_storage_bucket_versioning_disabled/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"id": "7814ddda-e758-4a56-8be3-289a81ded929",
"queryName": "Cloud Storage Bucket Versioning Disabled",
"severity": "LOW",
"severity": "MEDIUM",
"category": "Observability",
"descriptionText": "Cloud Storage Bucket should have versioning enabled",
"descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/google/cloud/gcp_storage_bucket_module.html#parameter-versioning",
Expand Down
4 changes: 2 additions & 2 deletions ...s/ansible/gcp/cloud_storage_bucket_versioning_disabled/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
[
{
"queryName": "Cloud Storage Bucket Versioning Disabled",
"severity": "LOW",
"severity": "MEDIUM",
"line": 3
},
{
"queryName": "Cloud Storage Bucket Versioning Disabled",
"severity": "LOW",
"severity": "MEDIUM",
"line": 17
}
]
2 changes: 1 addition & 1 deletion assets/queries/cloudFormation/aws/cloudtrail_sns_topic_name_undefined/metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"id": "3e09413f-471e-40f3-8626-990c79ae63f3",
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO",
"severity": "LOW",
"category": "Observability",
"descriptionText": "Check if SNS topic name is set for CloudTrail",
"descriptionUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-snstopicname",
Expand Down
8 changes: 4 additions & 4 deletions ...cloudFormation/aws/cloudtrail_sns_topic_name_undefined/test/positive_expected_result.json
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,25 @@
[
{
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO",
"severity": "LOW",
"line": 12,
"fileName": "positive1.yaml"
},
{
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO",
"severity": "LOW",
"line": 22,
"fileName": "positive1.yaml"
},
{
"line": 9,
"fileName": "positive2.json",
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO"
"severity": "LOW"
},
{
"queryName": "CloudTrail SNS Topic Name Undefined",
"severity": "INFO",
"severity": "LOW",
"line": 23,
"fileName": "positive2.json"
}
Expand Down
12 changes: 0 additions & 12 deletions assets/queries/cloudFormation/aws/ecs_task_definition_with_plaintext_password/metadata.json
View file

This file was deleted.

21 changes: 0 additions & 21 deletions assets/queries/cloudFormation/aws/ecs_task_definition_with_plaintext_password/query.rego
View file

This file was deleted.

Loading

0 comments on commit 217625a

Please sign in to comment.