gabrielsoltz
diff --git a/‎lib/context/resources/AwsEc2Instance.py
Lines changed: 1 addition & 1 deletion b/‎lib/context/resources/AwsEc2Instance.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/context/resources/AwsElbLoadBalancer.py
Lines changed: 13 additions & 5 deletions b/‎lib/context/resources/AwsElbLoadBalancer.py
Lines changed: 13 additions & 5 deletions
diff --git a/‎lib/outputs.py
Lines changed: 73 additions & 43 deletions b/‎lib/outputs.py
Lines changed: 73 additions & 43 deletions
diff --git a/‎lib/securityhub.py
Lines changed: 27 additions & 11 deletions b/‎lib/securityhub.py
Lines changed: 27 additions & 11 deletions
diff --git a/‎powerpipe/access.pp
Lines changed: 159 additions & 0 deletions b/‎powerpipe/access.pp
Lines changed: 159 additions & 0 deletions
@@ -112,7 +112,7 @@ def _describe_instance_security_groups(self):
     def _describe_instance_autoscaling_group(self):
         autoscaling_group = {}
         if self.instance:
-            tags = self.instance.get("Tags")
+            tags = self.instance.get("Tags", [])
             for tag in tags:
                 if tag.get("Key") == "aws:autoscaling:groupName":
                     asg_name = tag.get("Value")
 
@@ -34,11 +34,19 @@ def parse_finding(self, finding, drilled):
         self.account = finding["AwsAccountId"]
         self.partition = finding["Resources"][0]["Id"].split(":")[1]
         self.resource_type = finding["Resources"][0]["Type"]
-        self.resource_id = (
-            finding["Resources"][0]["Id"].split("/")[-1]
-            if not drilled
-            else drilled.split("/")[-11]
-        )
+        if not drilled:
+            if (
+                "app" in finding["Resources"][0]["Id"]
+                or "net" in finding["Resources"][0]["Id"]
+            ):
+                self.resource_id = finding["Resources"][0]["Id"].split("/")[-2]
+            else:
+                self.resource_id = finding["Resources"][0]["Id"].split("/")[-1]
+        else:
+            if "app" in drilled or "net" in drilled:
+                self.resource_id = drilled.split("/")[-2]
+            else:
+                self.resource_id = drilled.split("/")[-1]
         self.resource_arn = finding["Resources"][0]["Id"] if not drilled else drilled
 
     # Describe function
 
@@ -109,21 +109,27 @@ def generate_output_csv(self):
                 for finding in values["findings"]:
                     for f, v in finding.items():
                         tag_column_values = [
-                            values.get("tags", {}).get(column, "")
-                            if values.get("tags")
-                            else ""
+                            (
+                                values.get("tags", {}).get(column, "")
+                                if values.get("tags")
+                                else ""
+                            )
                             for column in self.__tag_columns
                         ]
                         config_column_values = [
-                            values.get("config", {}).get(column, "")
-                            if values.get("config")
-                            else ""
+                            (
+                                values.get("config", {}).get(column, "")
+                                if values.get("config")
+                                else ""
+                            )
                             for column in self.__config_columns
                         ]
                         account_column_values = [
-                            values.get("account", {}).get(column, "")
-                            if values.get("account")
-                            else ""
+                            (
+                                values.get("account", {}).get(column, "")
+                                if values.get("account")
+                                else ""
+                            )
                             for column in self.__account_columns
                         ]
                         impact_column_values = [
@@ -206,21 +212,27 @@ def generate_output_xlsx(self):
                     else:
                         worksheet.write(current_line, 1, severity, low_format)
                     tag_column_values = [
-                        values.get("tags", {}).get(column, "")
-                        if values.get("tags")
-                        else ""
+                        (
+                            values.get("tags", {}).get(column, "")
+                            if values.get("tags")
+                            else ""
+                        )
                         for column in self.__tag_columns
                     ]
                     config_column_values = [
-                        values.get("config", {}).get(column, "")
-                        if values.get("config")
-                        else ""
+                        (
+                            values.get("config", {}).get(column, "")
+                            if values.get("config")
+                            else ""
+                        )
                         for column in self.__config_columns
                     ]
                     account_column_values = [
-                        values.get("account", {}).get(column, "")
-                        if values.get("account")
-                        else ""
+                        (
+                            values.get("account", {}).get(column, "")
+                            if values.get("account")
+                            else ""
+                        )
                         for column in self.__account_columns
                     ]
                     impact_column_values = [
@@ -444,37 +456,55 @@ def create_table(cursor, table_definition):
                 resource_findings_medium = findings["findings"]["MEDIUM"]
                 resource_findings_low = findings["findings"]["LOW"]
                 resource_findings_informational = findings["findings"]["INFORMATIONAL"]
-            account_alias = data.get("account", {})["Alias"]
-            account_organization = data.get("account", {}).get("Organizations", {})
-            if account_organization:
-                account_organization_id = account_organization.get("Id")
-                account_organization_arn = account_organization.get("Arn")
-                account_master_account_id = account_organization.get("MasterAccountId")
-                account_master_account_email = account_organization.get(
-                    "MasterAccountEmail"
+            if data.get("account", {}):
+                account_alias = data.get("account", {})["Alias"]
+                account_organization = data.get("account", {}).get("Organizations", {})
+                if account_organization:
+                    account_organization_id = account_organization.get("Id")
+                    account_organization_arn = account_organization.get("Arn")
+                    account_master_account_id = account_organization.get(
+                        "MasterAccountId"
+                    )
+                    account_master_account_email = account_organization.get(
+                        "MasterAccountEmail"
+                    )
+                else:
+                    account_organization_id = ""
+                    account_organization_arn = ""
+                    account_master_account_id = ""
+                    account_master_account_email = ""
+                account_alternate_contact_type = (
+                    data.get("account", {})
+                    .get("AlternateContact", {})
+                    .get("AlternateContactType")
+                )
+                account_alternate_contact_name = (
+                    data.get("account", {}).get("AlternateContact", {}).get("Name")
+                )
+                account_alternate_contact_email = (
+                    data.get("account", {})
+                    .get("AlternateContact", {})
+                    .get("EmailAddress")
+                )
+                account_alternate_contact_phone = (
+                    data.get("account", {})
+                    .get("AlternateContact", {})
+                    .get("PhoneNumber")
+                )
+                account_alternate_contact_title = (
+                    data.get("account", {}).get("AlternateContact", {}).get("Title")
                 )
             else:
+                account_alias = ""
                 account_organization_id = ""
                 account_organization_arn = ""
                 account_master_account_id = ""
                 account_master_account_email = ""
-            account_alternate_contact_type = (
-                data.get("account", {})
-                .get("AlternateContact", {})
-                .get("AlternateContactType")
-            )
-            account_alternate_contact_name = (
-                data.get("account", {}).get("AlternateContact", {}).get("Name")
-            )
-            account_alternate_contact_email = (
-                data.get("account", {}).get("AlternateContact", {}).get("EmailAddress")
-            )
-            account_alternate_contact_phone = (
-                data.get("account", {}).get("AlternateContact", {}).get("PhoneNumber")
-            )
-            account_alternate_contact_title = (
-                data.get("account", {}).get("AlternateContact", {}).get("Title")
-            )
+                account_alternate_contact_type = ""
+                account_alternate_contact_name = ""
+                account_alternate_contact_email = ""
+                account_alternate_contact_phone = ""
+                account_alternate_contact_title = ""
             cursor.execute(
                 INSERT_RESOURCES,
                 (
 
@@ -189,17 +189,33 @@ def update_findings_meta(self, mh_findings):
 
 def parse_finding(finding):
     """Returns resource ARN and finding parsed for it"""
-    findings = {
-        finding["Title"]: {
-            "SeverityLabel": finding.get("Severity").get("Label", "Unknown"),
-            "Workflow": finding.get("Workflow", {"Status": "Unknown"}),
-            "RecordState": finding.get("RecordState", "Unknown"),
-            "Compliance": finding.get("Compliance", {"Status": "Unknown"}),
-            "Id": finding.get("Id", "Unknown"),
-            "ProductArn": finding.get("ProductArn", "Unknown"),
-        },
-    }
-    return finding["Resources"][0]["Id"], findings
+    # ASFF Finding:
+    if "Title" in finding:
+        resource_arn = finding["Resources"][0]["Id"]
+        findings = {
+            finding["Title"]: {
+                "SeverityLabel": finding.get("Severity").get("Label", "Unknown"),
+                "Workflow": finding.get("Workflow", {"Status": "Unknown"}),
+                "RecordState": finding.get("RecordState", "Unknown"),
+                "Compliance": finding.get("Compliance", {"Status": "Unknown"}),
+                "Id": finding.get("Id", "Unknown"),
+                "ProductArn": finding.get("ProductArn", "Unknown"),
+            },
+        }
+    # OSCF Finding:
+    if "metadata" in finding:
+        resource_arn = finding.get("resources", {})[0].get("uid")
+        findings = {
+            finding.get("finding_info").get("title"): {
+                "SeverityLabel": finding.get("severity", "Unknown"),
+                "Workflow": {"Status": finding.get("status", "Unknown")},
+                "RecordState": "Unknown",
+                "Compliance": {"Status": finding.get("status_code", "Unknown")},
+                "Id": finding.get("finding_info").get("uid", "Unknown"),
+                "ProductArn": finding.get("finding_info").get("product_uid", "Unknown"),
+            },
+        }
+    return resource_arn, findings
 
 
 def parse_region(resource_arn, finding):
 
@@ -0,0 +1,159 @@
+dashboard "access" {
+  text {
+    value = "## MetaHub: [Resources](${var.host}/metahub.dashboard.resources) | [Findings](${var.host}/metahub.dashboard.findings) | [Accounts](${var.host}/metahub.dashboard.accounts) | Access | [Exposure](${var.host}/metahub.dashboard.exposure)"
+  }
+
+  container {
+    card {
+      query = query.count_access
+      width = 3
+      args = {
+        access = "unrestricted"
+      }
+      href  = "/metahub.dashboard.access?input.access=unrestricted"
+    }
+    card {
+      query = query.count_access
+      width = 3
+      args = {
+        access = "untrusted-principal"
+      }
+      href  = "/metahub.dashboard.access?input.access=untrusted-principal"
+    }
+    card {
+      query = query.count_access
+      width = 3
+      args = {
+        access = "unrestricted-principal"
+      }
+      href  = "/metahub.dashboard.access?input.access=unrestricted-principal"
+    }
+    card {
+      query = query.count_access
+      width = 3
+      args = {
+        access = "cross-account-principal"
+      }
+      href  = "/metahub.dashboard.access?input.access=cross-account-principal"
+    }
+    card {
+      query = query.count_access
+      width = 3
+      args = {
+        access = "unrestricted-actions"
+      }
+      href  = "/metahub.dashboard.access?input.access=unrestricted-actions"
+    }
+    card {
+      query = query.count_access
+      width = 3
+      args = {
+        access = "dangerous-actions"
+      }
+      href  = "/metahub.dashboard.access?input.access=dangerous-actions"
+    }
+    card {
+      query = query.count_access
+      width = 2
+      args = {
+        access = "unrestricted-service"
+      }
+      href  = "/metahub.dashboard.access?input.access=unrestricted-service"
+    }
+    card {
+      query = query.count_access
+      width = 2
+      args = {
+        access = "restricted"
+      }
+      href  = "/metahub.dashboard.access?input.access=restricted"
+    }
+    card {
+      query = query.count_access
+      width = 2
+      type = "ok"
+      args = {
+        access = "unknown"
+      }
+      href  = "/metahub.dashboard.access?input.access=unknown"
+    }
+  }
+
+  container {
+    input "exposure" {
+      base = metahub.input.exposure
+    }
+
+    input "access" {
+      base = metahub.input.access
+    }
+
+    input "encryption" {
+      base = metahub.input.encryption
+    }
+
+    input "status" {
+      base = metahub.input.status
+    }
+
+    input "severity" {
+      base = metahub.input.severity
+    }
+
+    input "environment" {
+      base = metahub.input.environment
+    }
+  }
+
+  container {
+    input "owner" {
+      base = metahub.input.owner
+    }
+
+    input "application" {
+      base = metahub.input.application
+    }
+
+    input "account" {
+      base = metahub.input.account
+    }
+
+    input "type" {
+      base = metahub.input.type
+    }
+
+    input "region" {
+      base = metahub.input.region
+    }
+
+    input "tags" {
+      base = metahub.input.tags
+    }
+  }
+
+  container {
+    table {
+      query = query.resources
+      args = {
+        exposure    = self.input.exposure.value
+        access      = self.input.access.value
+        encryption  = self.input.encryption.value
+        status      = self.input.status.value
+        severity    = self.input.severity.value
+        environment = self.input.environment.value
+        owner       = self.input.owner.value
+        application = self.input.application.value
+        account     = self.input.account.value
+        type        = self.input.type.value
+        region      = self.input.region.value
+        tags        = self.input.tags.value
+      }
+      column "name" {
+        href = "${dashboard.findings.url_path}?input.resource_arn={{.'resource_arn' | @uri}}"
+      }
+      column "resource_arn" {
+        href = "${dashboard.findings.url_path}?input.resource_arn={{.'resource_arn' | @uri}}"
+      }
+    }
+  }
+}