From fad5622ea44134e70f60388f4aad5590f7223a2c Mon Sep 17 00:00:00 2001 From: Manan Vaghasiya Date: Thu, 20 Jun 2024 19:16:28 +0530 Subject: [PATCH] Dashboard support for AWS Foundational Security benchmark type (#2210) * add dashboard support for aws foundational security benchmark * use short category hierarchy for display --- .../apps/dashboard/api-spec.json | 201 +++++++++++++++++- .../api/generated/.openapi-generator/FILES | 3 + .../src/api/generated/apis/ComplianceApi.ts | 124 +++++++++++ .../generated/models/ModelBenchmarkType.ts | 3 +- .../generated/models/ModelCloudCompliance.ts | 3 +- .../models/ModelCloudNodeAccountInfo.ts | 8 + .../ModelCloudNodeAccountRegisterReq.ts | 24 ++- .../models/ModelCloudNodeAccountsListReq.ts | 3 +- .../models/ModelCloudNodeComplianceControl.ts | 24 +++ .../models/ModelCloudNodeControlReq.ts | 3 +- .../models/ModelCloudNodeMonitoredAccount.ts | 84 ++++++++ .../ModelComplinaceScanResultsGroupReq.ts | 82 +++++++ .../ModelComplinaceScanResultsGroupResp.ts | 65 ++++++ .../src/api/generated/models/index.ts | 3 + .../ComplianceScanConfigureForm.tsx | 15 +- .../apps/dashboard/src/utils/enum.ts | 2 + 16 files changed, 626 insertions(+), 21 deletions(-) create mode 100644 deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeMonitoredAccount.ts create mode 100644 deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupReq.ts create mode 100644 deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupResp.ts diff --git a/deepfence_frontend/apps/dashboard/api-spec.json b/deepfence_frontend/apps/dashboard/api-spec.json index de2f215fe4..3d4d644b2c 100644 --- a/deepfence_frontend/apps/dashboard/api-spec.json +++ b/deepfence_frontend/apps/dashboard/api-spec.json @@ -6864,6 +6864,118 @@ "security": [{ "bearer_token": [] }] } }, + "/deepfence/scan/results/count/group/cloud-compliance": { + "post": { + "tags": ["Compliance"], + "summary": "Count Cloud Compliance Results by Control ID", + "description": "Count Cloud Compliance Results grouped by Control ID", + "operationId": "groupResultsCloudCompliance", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ModelComplinaceScanResultsGroupReq" + } + } + } + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ModelComplinaceScanResultsGroupResp" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { "$ref": "#/components/schemas/ApiDocsBadRequestResponse" } + } + } + }, + "401": { "description": "Unauthorized" }, + "403": { "description": "Forbidden" }, + "404": { + "description": "Not Found", + "content": { + "application/json": { + "schema": { "$ref": "#/components/schemas/ApiDocsFailureResponse" } + } + } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { "$ref": "#/components/schemas/ApiDocsFailureResponse" } + } + } + } + }, + "security": [{ "bearer_token": [] }] + } + }, + "/deepfence/scan/results/count/group/compliance": { + "post": { + "tags": ["Compliance"], + "summary": "Count Compliance Results by Control ID", + "description": "Count Compliance Results grouped by Control ID", + "operationId": "groupResultsCompliance", + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ModelComplinaceScanResultsGroupReq" + } + } + } + }, + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ModelComplinaceScanResultsGroupResp" + } + } + } + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { "$ref": "#/components/schemas/ApiDocsBadRequestResponse" } + } + } + }, + "401": { "description": "Unauthorized" }, + "403": { "description": "Forbidden" }, + "404": { + "description": "Not Found", + "content": { + "application/json": { + "schema": { "$ref": "#/components/schemas/ApiDocsFailureResponse" } + } + } + }, + "500": { + "description": "Internal Server Error", + "content": { + "application/json": { + "schema": { "$ref": "#/components/schemas/ApiDocsFailureResponse" } + } + } + } + }, + "security": [{ "bearer_token": [] }] + } + }, "/deepfence/scan/results/count/group/malware": { "get": { "tags": ["Malware Scan"], @@ -13263,7 +13375,16 @@ } }, "ModelBenchmarkType": { - "enum": ["hipaa", "gdpr", "pci", "nist", "cis", "soc_2", "nsa-cisa"], + "enum": [ + "hipaa", + "gdpr", + "pci", + "nist", + "cis", + "soc_2", + "nsa-cisa", + "aws_foundational_security" + ], "type": "string" }, "ModelBulkDeleteReportReq": { @@ -13335,7 +13456,16 @@ "account_id": { "type": "string" }, "cloud_provider": { "type": "string" }, "compliance_check_type": { - "enum": ["hipaa", "gdpr", "pci", "nist", "cis", "soc_2", "nsa-cisa"], + "enum": [ + "hipaa", + "gdpr", + "pci", + "nist", + "cis", + "soc_2", + "nsa-cisa", + "aws_foundational_security" + ], "type": "string" }, "control_id": { "type": "string" }, @@ -13416,6 +13546,7 @@ "ModelCloudNodeAccountInfo": { "type": "object", "properties": { + "account_name": { "type": "string" }, "active": { "type": "boolean" }, "cloud_provider": { "type": "string" }, "compliance_percentage": { "type": "number" }, @@ -13435,6 +13566,7 @@ "ModelCloudNodeAccountRegisterReq": { "required": [ "node_id", + "account_name", "host_node_id", "account_id", "cloud_provider", @@ -13443,12 +13575,13 @@ "type": "object", "properties": { "account_id": { "type": "string" }, + "account_name": { "type": "string" }, "cloud_provider": { "enum": ["aws", "gcp", "azure"], "type": "string" }, "host_node_id": { "type": "string" }, "is_organization_deployment": { "type": "boolean" }, - "monitored_account_ids": { - "type": "object", - "additionalProperties": { "type": "string" }, + "monitored_accounts": { + "type": "array", + "items": { "$ref": "#/components/schemas/ModelCloudNodeMonitoredAccount" }, "nullable": true }, "node_id": { "type": "string" }, @@ -13461,7 +13594,16 @@ "type": "object", "properties": { "cloud_provider": { - "enum": ["aws", "gcp", "azure", "linux", "kubernetes", "aws_org", "gcp_org"], + "enum": [ + "aws", + "gcp", + "azure", + "linux", + "kubernetes", + "aws_org", + "gcp_org", + "azure_org" + ], "type": "string" }, "window": { "$ref": "#/components/schemas/ModelFetchWindow" } @@ -13487,9 +13629,12 @@ "items": { "type": "string" }, "nullable": true }, + "category_hierarchy_short": { "type": "string" }, + "compliance_type": { "type": "string" }, "control_id": { "type": "string" }, "description": { "type": "string" }, "enabled": { "type": "boolean" }, + "node_id": { "type": "string" }, "service": { "type": "string" }, "title": { "type": "string" } } @@ -13503,7 +13648,16 @@ "type": "string" }, "compliance_type": { - "enum": ["hipaa", "gdpr", "pci", "nist", "cis", "soc_2", "nsa-cisa"], + "enum": [ + "hipaa", + "gdpr", + "pci", + "nist", + "cis", + "soc_2", + "nsa-cisa", + "aws_foundational_security" + ], "type": "string" }, "node_id": { "type": "string" } @@ -13530,6 +13684,15 @@ "node_id": { "type": "string" } } }, + "ModelCloudNodeMonitoredAccount": { + "required": ["node_id", "account_name", "account_id"], + "type": "object", + "properties": { + "account_id": { "type": "string" }, + "account_name": { "type": "string" }, + "node_id": { "type": "string" } + } + }, "ModelCloudNodeProvidersListResp": { "required": ["providers"], "type": "object", @@ -13768,6 +13931,27 @@ } } }, + "ModelComplinaceScanResultsGroupReq": { + "required": ["scan_id", "fields_filter"], + "type": "object", + "properties": { + "fields_filter": { "$ref": "#/components/schemas/ReportersFieldsFilters" }, + "scan_id": { "type": "string" } + } + }, + "ModelComplinaceScanResultsGroupResp": { + "type": "object", + "properties": { + "groups": { + "type": "object", + "additionalProperties": { + "type": "object", + "additionalProperties": { "type": "integer" } + }, + "nullable": true + } + } + }, "ModelConnection": { "type": "object", "properties": { @@ -16031,7 +16215,8 @@ "nist", "hipaa", "pci", - "soc_2" + "soc_2", + "aws_foundational_security" ], "type": "array", "items": { "type": "string" }, diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/.openapi-generator/FILES b/deepfence_frontend/apps/dashboard/src/api/generated/.openapi-generator/FILES index fbbded2501..3d78d6a659 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/.openapi-generator/FILES +++ b/deepfence_frontend/apps/dashboard/src/api/generated/.openapi-generator/FILES @@ -94,6 +94,7 @@ models/ModelCloudNodeComplianceControl.ts models/ModelCloudNodeControlReq.ts models/ModelCloudNodeControlResp.ts models/ModelCloudNodeEnableDisableReq.ts +models/ModelCloudNodeMonitoredAccount.ts models/ModelCloudNodeProvidersListResp.ts models/ModelCloudResource.ts models/ModelCompliance.ts @@ -102,6 +103,8 @@ models/ModelComplianceScanInfo.ts models/ModelComplianceScanResult.ts models/ModelComplianceScanStatusResp.ts models/ModelComplianceScanTriggerReq.ts +models/ModelComplinaceScanResultsGroupReq.ts +models/ModelComplinaceScanResultsGroupResp.ts models/ModelConnection.ts models/ModelContainer.ts models/ModelContainerImage.ts diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/apis/ComplianceApi.ts b/deepfence_frontend/apps/dashboard/src/api/generated/apis/ComplianceApi.ts index 1d01a813fa..e0d1cf5569 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/apis/ComplianceApi.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/apis/ComplianceApi.ts @@ -21,6 +21,8 @@ import type { IngestersComplianceScanStatus, ModelComplianceScanResult, ModelComplianceScanTriggerReq, + ModelComplinaceScanResultsGroupReq, + ModelComplinaceScanResultsGroupResp, ModelScanListReq, ModelScanListResp, ModelScanResultsReq, @@ -43,6 +45,10 @@ import { ModelComplianceScanResultToJSON, ModelComplianceScanTriggerReqFromJSON, ModelComplianceScanTriggerReqToJSON, + ModelComplinaceScanResultsGroupReqFromJSON, + ModelComplinaceScanResultsGroupReqToJSON, + ModelComplinaceScanResultsGroupRespFromJSON, + ModelComplinaceScanResultsGroupRespToJSON, ModelScanListReqFromJSON, ModelScanListReqToJSON, ModelScanListRespFromJSON, @@ -65,6 +71,14 @@ export interface CountResultsComplianceScanRequest { modelScanResultsReq?: ModelScanResultsReq; } +export interface GroupResultsCloudComplianceRequest { + modelComplinaceScanResultsGroupReq?: ModelComplinaceScanResultsGroupReq; +} + +export interface GroupResultsComplianceRequest { + modelComplinaceScanResultsGroupReq?: ModelComplinaceScanResultsGroupReq; +} + export interface IngestComplianceScanStatusRequest { ingestersComplianceScanStatus?: Array | null; } @@ -116,6 +130,38 @@ export interface ComplianceApiInterface { */ countResultsComplianceScan(requestParameters: CountResultsComplianceScanRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; + /** + * Count Cloud Compliance Results grouped by Control ID + * @summary Count Cloud Compliance Results by Control ID + * @param {ModelComplinaceScanResultsGroupReq} [modelComplinaceScanResultsGroupReq] + * @param {*} [options] Override http request option. + * @throws {RequiredError} + * @memberof ComplianceApiInterface + */ + groupResultsCloudComplianceRaw(requestParameters: GroupResultsCloudComplianceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; + + /** + * Count Cloud Compliance Results grouped by Control ID + * Count Cloud Compliance Results by Control ID + */ + groupResultsCloudCompliance(requestParameters: GroupResultsCloudComplianceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; + + /** + * Count Compliance Results grouped by Control ID + * @summary Count Compliance Results by Control ID + * @param {ModelComplinaceScanResultsGroupReq} [modelComplinaceScanResultsGroupReq] + * @param {*} [options] Override http request option. + * @throws {RequiredError} + * @memberof ComplianceApiInterface + */ + groupResultsComplianceRaw(requestParameters: GroupResultsComplianceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise>; + + /** + * Count Compliance Results grouped by Control ID + * Count Compliance Results by Control ID + */ + groupResultsCompliance(requestParameters: GroupResultsComplianceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise; + /** * Ingest compliance issues found while scanning the agent * @summary Ingest Compliance Scan Status @@ -274,6 +320,84 @@ export class ComplianceApi extends runtime.BaseAPI implements ComplianceApiInter return await response.value(); } + /** + * Count Cloud Compliance Results grouped by Control ID + * Count Cloud Compliance Results by Control ID + */ + async groupResultsCloudComplianceRaw(requestParameters: GroupResultsCloudComplianceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise> { + const queryParameters: any = {}; + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + if (this.configuration && this.configuration.accessToken) { + const token = this.configuration.accessToken; + const tokenString = await token("bearer_token", []); + + if (tokenString) { + headerParameters["Authorization"] = `Bearer ${tokenString}`; + } + } + const response = await this.request({ + path: `/deepfence/scan/results/count/group/cloud-compliance`, + method: 'POST', + headers: headerParameters, + query: queryParameters, + body: ModelComplinaceScanResultsGroupReqToJSON(requestParameters.modelComplinaceScanResultsGroupReq), + }, initOverrides); + + return new runtime.JSONApiResponse(response, (jsonValue) => ModelComplinaceScanResultsGroupRespFromJSON(jsonValue)); + } + + /** + * Count Cloud Compliance Results grouped by Control ID + * Count Cloud Compliance Results by Control ID + */ + async groupResultsCloudCompliance(requestParameters: GroupResultsCloudComplianceRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise { + const response = await this.groupResultsCloudComplianceRaw(requestParameters, initOverrides); + return await response.value(); + } + + /** + * Count Compliance Results grouped by Control ID + * Count Compliance Results by Control ID + */ + async groupResultsComplianceRaw(requestParameters: GroupResultsComplianceRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise> { + const queryParameters: any = {}; + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + if (this.configuration && this.configuration.accessToken) { + const token = this.configuration.accessToken; + const tokenString = await token("bearer_token", []); + + if (tokenString) { + headerParameters["Authorization"] = `Bearer ${tokenString}`; + } + } + const response = await this.request({ + path: `/deepfence/scan/results/count/group/compliance`, + method: 'POST', + headers: headerParameters, + query: queryParameters, + body: ModelComplinaceScanResultsGroupReqToJSON(requestParameters.modelComplinaceScanResultsGroupReq), + }, initOverrides); + + return new runtime.JSONApiResponse(response, (jsonValue) => ModelComplinaceScanResultsGroupRespFromJSON(jsonValue)); + } + + /** + * Count Compliance Results grouped by Control ID + * Count Compliance Results by Control ID + */ + async groupResultsCompliance(requestParameters: GroupResultsComplianceRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise { + const response = await this.groupResultsComplianceRaw(requestParameters, initOverrides); + return await response.value(); + } + /** * Ingest compliance issues found while scanning the agent * Ingest Compliance Scan Status diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelBenchmarkType.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelBenchmarkType.ts index da8bf981f7..c31ed9972c 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelBenchmarkType.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelBenchmarkType.ts @@ -24,7 +24,8 @@ export const ModelBenchmarkType = { Nist: 'nist', Cis: 'cis', Soc2: 'soc_2', - NsaCisa: 'nsa-cisa' + NsaCisa: 'nsa-cisa', + AwsFoundationalSecurity: 'aws_foundational_security' } as const; export type ModelBenchmarkType = typeof ModelBenchmarkType[keyof typeof ModelBenchmarkType]; diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudCompliance.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudCompliance.ts index 46785a6183..fbc941d898 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudCompliance.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudCompliance.ts @@ -159,7 +159,8 @@ export const ModelCloudComplianceComplianceCheckTypeEnum = { Nist: 'nist', Cis: 'cis', Soc2: 'soc_2', - NsaCisa: 'nsa-cisa' + NsaCisa: 'nsa-cisa', + AwsFoundationalSecurity: 'aws_foundational_security' } as const; export type ModelCloudComplianceComplianceCheckTypeEnum = typeof ModelCloudComplianceComplianceCheckTypeEnum[keyof typeof ModelCloudComplianceComplianceCheckTypeEnum]; diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountInfo.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountInfo.ts index 944781184d..3624c0e43e 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountInfo.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountInfo.ts @@ -19,6 +19,12 @@ import { exists, mapValues } from '../runtime'; * @interface ModelCloudNodeAccountInfo */ export interface ModelCloudNodeAccountInfo { + /** + * + * @type {string} + * @memberof ModelCloudNodeAccountInfo + */ + account_name?: string; /** * * @type {boolean} @@ -100,6 +106,7 @@ export function ModelCloudNodeAccountInfoFromJSONTyped(json: any, ignoreDiscrimi } return { + 'account_name': !exists(json, 'account_name') ? undefined : json['account_name'], 'active': !exists(json, 'active') ? undefined : json['active'], 'cloud_provider': !exists(json, 'cloud_provider') ? undefined : json['cloud_provider'], 'compliance_percentage': !exists(json, 'compliance_percentage') ? undefined : json['compliance_percentage'], @@ -122,6 +129,7 @@ export function ModelCloudNodeAccountInfoToJSON(value?: ModelCloudNodeAccountInf } return { + 'account_name': value.account_name, 'active': value.active, 'cloud_provider': value.cloud_provider, 'compliance_percentage': value.compliance_percentage, diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountRegisterReq.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountRegisterReq.ts index 8363c6e98f..4ed00f9aff 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountRegisterReq.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountRegisterReq.ts @@ -13,6 +13,13 @@ */ import { exists, mapValues } from '../runtime'; +import type { ModelCloudNodeMonitoredAccount } from './ModelCloudNodeMonitoredAccount'; +import { + ModelCloudNodeMonitoredAccountFromJSON, + ModelCloudNodeMonitoredAccountFromJSONTyped, + ModelCloudNodeMonitoredAccountToJSON, +} from './ModelCloudNodeMonitoredAccount'; + /** * * @export @@ -25,6 +32,12 @@ export interface ModelCloudNodeAccountRegisterReq { * @memberof ModelCloudNodeAccountRegisterReq */ account_id: string; + /** + * + * @type {string} + * @memberof ModelCloudNodeAccountRegisterReq + */ + account_name: string; /** * * @type {string} @@ -45,10 +58,10 @@ export interface ModelCloudNodeAccountRegisterReq { is_organization_deployment?: boolean; /** * - * @type {{ [key: string]: string; }} + * @type {Array} * @memberof ModelCloudNodeAccountRegisterReq */ - monitored_account_ids?: { [key: string]: string; } | null; + monitored_accounts?: Array | null; /** * * @type {string} @@ -87,6 +100,7 @@ export type ModelCloudNodeAccountRegisterReqCloudProviderEnum = typeof ModelClou export function instanceOfModelCloudNodeAccountRegisterReq(value: object): boolean { let isInstance = true; isInstance = isInstance && "account_id" in value; + isInstance = isInstance && "account_name" in value; isInstance = isInstance && "cloud_provider" in value; isInstance = isInstance && "host_node_id" in value; isInstance = isInstance && "node_id" in value; @@ -106,10 +120,11 @@ export function ModelCloudNodeAccountRegisterReqFromJSONTyped(json: any, ignoreD return { 'account_id': json['account_id'], + 'account_name': json['account_name'], 'cloud_provider': json['cloud_provider'], 'host_node_id': json['host_node_id'], 'is_organization_deployment': !exists(json, 'is_organization_deployment') ? undefined : json['is_organization_deployment'], - 'monitored_account_ids': !exists(json, 'monitored_account_ids') ? undefined : json['monitored_account_ids'], + 'monitored_accounts': !exists(json, 'monitored_accounts') ? undefined : (json['monitored_accounts'] === null ? null : (json['monitored_accounts'] as Array).map(ModelCloudNodeMonitoredAccountFromJSON)), 'node_id': json['node_id'], 'organization_account_id': !exists(json, 'organization_account_id') ? undefined : json['organization_account_id'], 'version': json['version'], @@ -126,10 +141,11 @@ export function ModelCloudNodeAccountRegisterReqToJSON(value?: ModelCloudNodeAcc return { 'account_id': value.account_id, + 'account_name': value.account_name, 'cloud_provider': value.cloud_provider, 'host_node_id': value.host_node_id, 'is_organization_deployment': value.is_organization_deployment, - 'monitored_account_ids': value.monitored_account_ids, + 'monitored_accounts': value.monitored_accounts === undefined ? undefined : (value.monitored_accounts === null ? null : (value.monitored_accounts as Array).map(ModelCloudNodeMonitoredAccountToJSON)), 'node_id': value.node_id, 'organization_account_id': value.organization_account_id, 'version': value.version, diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountsListReq.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountsListReq.ts index 55fbbe2a29..d724b9c59e 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountsListReq.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeAccountsListReq.ts @@ -51,7 +51,8 @@ export const ModelCloudNodeAccountsListReqCloudProviderEnum = { Linux: 'linux', Kubernetes: 'kubernetes', AwsOrg: 'aws_org', - GcpOrg: 'gcp_org' + GcpOrg: 'gcp_org', + AzureOrg: 'azure_org' } as const; export type ModelCloudNodeAccountsListReqCloudProviderEnum = typeof ModelCloudNodeAccountsListReqCloudProviderEnum[keyof typeof ModelCloudNodeAccountsListReqCloudProviderEnum]; diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeComplianceControl.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeComplianceControl.ts index 5c486a67b2..5b927125d4 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeComplianceControl.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeComplianceControl.ts @@ -25,6 +25,18 @@ export interface ModelCloudNodeComplianceControl { * @memberof ModelCloudNodeComplianceControl */ category_hierarchy?: Array | null; + /** + * + * @type {string} + * @memberof ModelCloudNodeComplianceControl + */ + category_hierarchy_short?: string; + /** + * + * @type {string} + * @memberof ModelCloudNodeComplianceControl + */ + compliance_type?: string; /** * * @type {string} @@ -43,6 +55,12 @@ export interface ModelCloudNodeComplianceControl { * @memberof ModelCloudNodeComplianceControl */ enabled?: boolean; + /** + * + * @type {string} + * @memberof ModelCloudNodeComplianceControl + */ + node_id?: string; /** * * @type {string} @@ -77,9 +95,12 @@ export function ModelCloudNodeComplianceControlFromJSONTyped(json: any, ignoreDi return { 'category_hierarchy': !exists(json, 'category_hierarchy') ? undefined : json['category_hierarchy'], + 'category_hierarchy_short': !exists(json, 'category_hierarchy_short') ? undefined : json['category_hierarchy_short'], + 'compliance_type': !exists(json, 'compliance_type') ? undefined : json['compliance_type'], 'control_id': !exists(json, 'control_id') ? undefined : json['control_id'], 'description': !exists(json, 'description') ? undefined : json['description'], 'enabled': !exists(json, 'enabled') ? undefined : json['enabled'], + 'node_id': !exists(json, 'node_id') ? undefined : json['node_id'], 'service': !exists(json, 'service') ? undefined : json['service'], 'title': !exists(json, 'title') ? undefined : json['title'], }; @@ -95,9 +116,12 @@ export function ModelCloudNodeComplianceControlToJSON(value?: ModelCloudNodeComp return { 'category_hierarchy': value.category_hierarchy, + 'category_hierarchy_short': value.category_hierarchy_short, + 'compliance_type': value.compliance_type, 'control_id': value.control_id, 'description': value.description, 'enabled': value.enabled, + 'node_id': value.node_id, 'service': value.service, 'title': value.title, }; diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeControlReq.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeControlReq.ts index 623a0fe596..28c8616c2d 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeControlReq.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeControlReq.ts @@ -62,7 +62,8 @@ export const ModelCloudNodeControlReqComplianceTypeEnum = { Nist: 'nist', Cis: 'cis', Soc2: 'soc_2', - NsaCisa: 'nsa-cisa' + NsaCisa: 'nsa-cisa', + AwsFoundationalSecurity: 'aws_foundational_security' } as const; export type ModelCloudNodeControlReqComplianceTypeEnum = typeof ModelCloudNodeControlReqComplianceTypeEnum[keyof typeof ModelCloudNodeControlReqComplianceTypeEnum]; diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeMonitoredAccount.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeMonitoredAccount.ts new file mode 100644 index 0000000000..fc4b9fbbd5 --- /dev/null +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelCloudNodeMonitoredAccount.ts @@ -0,0 +1,84 @@ +/* tslint:disable */ +/* eslint-disable */ +/** + * Deepfence ThreatMapper + * Deepfence Runtime API provides programmatic control over Deepfence microservice securing your container, kubernetes and cloud deployments. The API abstracts away underlying infrastructure details like cloud provider, container distros, container orchestrator and type of deployment. This is one uniform API to manage and control security alerts, policies and response to alerts for microservices running anywhere i.e. managed pure greenfield container deployments or a mix of containers, VMs and serverless paradigms like AWS Fargate. + * + * The version of the OpenAPI document: v2.2.1 + * Contact: community@deepfence.io + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + +import { exists, mapValues } from '../runtime'; +/** + * + * @export + * @interface ModelCloudNodeMonitoredAccount + */ +export interface ModelCloudNodeMonitoredAccount { + /** + * + * @type {string} + * @memberof ModelCloudNodeMonitoredAccount + */ + account_id: string; + /** + * + * @type {string} + * @memberof ModelCloudNodeMonitoredAccount + */ + account_name: string; + /** + * + * @type {string} + * @memberof ModelCloudNodeMonitoredAccount + */ + node_id: string; +} + +/** + * Check if a given object implements the ModelCloudNodeMonitoredAccount interface. + */ +export function instanceOfModelCloudNodeMonitoredAccount(value: object): boolean { + let isInstance = true; + isInstance = isInstance && "account_id" in value; + isInstance = isInstance && "account_name" in value; + isInstance = isInstance && "node_id" in value; + + return isInstance; +} + +export function ModelCloudNodeMonitoredAccountFromJSON(json: any): ModelCloudNodeMonitoredAccount { + return ModelCloudNodeMonitoredAccountFromJSONTyped(json, false); +} + +export function ModelCloudNodeMonitoredAccountFromJSONTyped(json: any, ignoreDiscriminator: boolean): ModelCloudNodeMonitoredAccount { + if ((json === undefined) || (json === null)) { + return json; + } + return { + + 'account_id': json['account_id'], + 'account_name': json['account_name'], + 'node_id': json['node_id'], + }; +} + +export function ModelCloudNodeMonitoredAccountToJSON(value?: ModelCloudNodeMonitoredAccount | null): any { + if (value === undefined) { + return undefined; + } + if (value === null) { + return null; + } + return { + + 'account_id': value.account_id, + 'account_name': value.account_name, + 'node_id': value.node_id, + }; +} + diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupReq.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupReq.ts new file mode 100644 index 0000000000..c59854616c --- /dev/null +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupReq.ts @@ -0,0 +1,82 @@ +/* tslint:disable */ +/* eslint-disable */ +/** + * Deepfence ThreatMapper + * Deepfence Runtime API provides programmatic control over Deepfence microservice securing your container, kubernetes and cloud deployments. The API abstracts away underlying infrastructure details like cloud provider, container distros, container orchestrator and type of deployment. This is one uniform API to manage and control security alerts, policies and response to alerts for microservices running anywhere i.e. managed pure greenfield container deployments or a mix of containers, VMs and serverless paradigms like AWS Fargate. + * + * The version of the OpenAPI document: v2.2.1 + * Contact: community@deepfence.io + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + +import { exists, mapValues } from '../runtime'; +import type { ReportersFieldsFilters } from './ReportersFieldsFilters'; +import { + ReportersFieldsFiltersFromJSON, + ReportersFieldsFiltersFromJSONTyped, + ReportersFieldsFiltersToJSON, +} from './ReportersFieldsFilters'; + +/** + * + * @export + * @interface ModelComplinaceScanResultsGroupReq + */ +export interface ModelComplinaceScanResultsGroupReq { + /** + * + * @type {ReportersFieldsFilters} + * @memberof ModelComplinaceScanResultsGroupReq + */ + fields_filter: ReportersFieldsFilters; + /** + * + * @type {string} + * @memberof ModelComplinaceScanResultsGroupReq + */ + scan_id: string; +} + +/** + * Check if a given object implements the ModelComplinaceScanResultsGroupReq interface. + */ +export function instanceOfModelComplinaceScanResultsGroupReq(value: object): boolean { + let isInstance = true; + isInstance = isInstance && "fields_filter" in value; + isInstance = isInstance && "scan_id" in value; + + return isInstance; +} + +export function ModelComplinaceScanResultsGroupReqFromJSON(json: any): ModelComplinaceScanResultsGroupReq { + return ModelComplinaceScanResultsGroupReqFromJSONTyped(json, false); +} + +export function ModelComplinaceScanResultsGroupReqFromJSONTyped(json: any, ignoreDiscriminator: boolean): ModelComplinaceScanResultsGroupReq { + if ((json === undefined) || (json === null)) { + return json; + } + return { + + 'fields_filter': ReportersFieldsFiltersFromJSON(json['fields_filter']), + 'scan_id': json['scan_id'], + }; +} + +export function ModelComplinaceScanResultsGroupReqToJSON(value?: ModelComplinaceScanResultsGroupReq | null): any { + if (value === undefined) { + return undefined; + } + if (value === null) { + return null; + } + return { + + 'fields_filter': ReportersFieldsFiltersToJSON(value.fields_filter), + 'scan_id': value.scan_id, + }; +} + diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupResp.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupResp.ts new file mode 100644 index 0000000000..e837cf24f5 --- /dev/null +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/ModelComplinaceScanResultsGroupResp.ts @@ -0,0 +1,65 @@ +/* tslint:disable */ +/* eslint-disable */ +/** + * Deepfence ThreatMapper + * Deepfence Runtime API provides programmatic control over Deepfence microservice securing your container, kubernetes and cloud deployments. The API abstracts away underlying infrastructure details like cloud provider, container distros, container orchestrator and type of deployment. This is one uniform API to manage and control security alerts, policies and response to alerts for microservices running anywhere i.e. managed pure greenfield container deployments or a mix of containers, VMs and serverless paradigms like AWS Fargate. + * + * The version of the OpenAPI document: v2.2.1 + * Contact: community@deepfence.io + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + +import { exists, mapValues } from '../runtime'; +/** + * + * @export + * @interface ModelComplinaceScanResultsGroupResp + */ +export interface ModelComplinaceScanResultsGroupResp { + /** + * + * @type {{ [key: string]: { [key: string]: number; }; }} + * @memberof ModelComplinaceScanResultsGroupResp + */ + groups?: { [key: string]: { [key: string]: number; }; } | null; +} + +/** + * Check if a given object implements the ModelComplinaceScanResultsGroupResp interface. + */ +export function instanceOfModelComplinaceScanResultsGroupResp(value: object): boolean { + let isInstance = true; + + return isInstance; +} + +export function ModelComplinaceScanResultsGroupRespFromJSON(json: any): ModelComplinaceScanResultsGroupResp { + return ModelComplinaceScanResultsGroupRespFromJSONTyped(json, false); +} + +export function ModelComplinaceScanResultsGroupRespFromJSONTyped(json: any, ignoreDiscriminator: boolean): ModelComplinaceScanResultsGroupResp { + if ((json === undefined) || (json === null)) { + return json; + } + return { + + 'groups': !exists(json, 'groups') ? undefined : json['groups'], + }; +} + +export function ModelComplinaceScanResultsGroupRespToJSON(value?: ModelComplinaceScanResultsGroupResp | null): any { + if (value === undefined) { + return undefined; + } + if (value === null) { + return null; + } + return { + + 'groups': value.groups, + }; +} + diff --git a/deepfence_frontend/apps/dashboard/src/api/generated/models/index.ts b/deepfence_frontend/apps/dashboard/src/api/generated/models/index.ts index 811a434610..bdb5fbfccf 100644 --- a/deepfence_frontend/apps/dashboard/src/api/generated/models/index.ts +++ b/deepfence_frontend/apps/dashboard/src/api/generated/models/index.ts @@ -68,6 +68,7 @@ export * from './ModelCloudNodeComplianceControl'; export * from './ModelCloudNodeControlReq'; export * from './ModelCloudNodeControlResp'; export * from './ModelCloudNodeEnableDisableReq'; +export * from './ModelCloudNodeMonitoredAccount'; export * from './ModelCloudNodeProvidersListResp'; export * from './ModelCloudResource'; export * from './ModelCompliance'; @@ -76,6 +77,8 @@ export * from './ModelComplianceScanInfo'; export * from './ModelComplianceScanResult'; export * from './ModelComplianceScanStatusResp'; export * from './ModelComplianceScanTriggerReq'; +export * from './ModelComplinaceScanResultsGroupReq'; +export * from './ModelComplinaceScanResultsGroupResp'; export * from './ModelConnection'; export * from './ModelContainer'; export * from './ModelContainerImage'; diff --git a/deepfence_frontend/apps/dashboard/src/components/scan-configure-forms/ComplianceScanConfigureForm.tsx b/deepfence_frontend/apps/dashboard/src/components/scan-configure-forms/ComplianceScanConfigureForm.tsx index 1ada4c361a..bcb269537a 100644 --- a/deepfence_frontend/apps/dashboard/src/components/scan-configure-forms/ComplianceScanConfigureForm.tsx +++ b/deepfence_frontend/apps/dashboard/src/components/scan-configure-forms/ComplianceScanConfigureForm.tsx @@ -39,6 +39,7 @@ export const complianceType: { ModelBenchmarkType.Hipaa, ModelBenchmarkType.Soc2, ModelBenchmarkType.Gdpr, + ModelBenchmarkType.AwsFoundationalSecurity, ], aws_org: [ ModelBenchmarkType.Cis, @@ -364,9 +365,7 @@ const ControlTable = ({ nodeType={_nodeType} checkType={selectedTab.toLowerCase()} checked={!!info.row.original.enabled} - controlId={ - info.row.original?.control_id ? [info.row.original.control_id] : [''] - } + controlId={info.row.original?.node_id ? [info.row.original.node_id] : ['']} /> ); }, @@ -374,9 +373,15 @@ const ControlTable = ({ size: 50, minSize: 60, }), - columnHelper.accessor('category_hierarchy', { + columnHelper.accessor('category_hierarchy_short', { id: 'category', - cell: (info) => , + cell: (info) => { + let text = info.getValue() ?? ''; + if (!text.length) { + text = info.row.original?.category_hierarchy?.join(', ') ?? ''; + } + return ; + }, header: () => Category, maxSize: 100, size: 120, diff --git a/deepfence_frontend/apps/dashboard/src/utils/enum.ts b/deepfence_frontend/apps/dashboard/src/utils/enum.ts index db28513513..b61d6e1a5a 100644 --- a/deepfence_frontend/apps/dashboard/src/utils/enum.ts +++ b/deepfence_frontend/apps/dashboard/src/utils/enum.ts @@ -40,6 +40,8 @@ export function getBenchmarkPrettyName(backendBenchmark: ModelBenchmarkType) { return 'GDPR'; case ModelBenchmarkType.NsaCisa: return 'NSA-CISA'; + case ModelBenchmarkType.AwsFoundationalSecurity: + return 'AWS Foundational Security'; default: // eslint-disable-next-line no-case-declarations