feat(other-products): added logic for other products logic (#215)

* feat(other-products): added logic for other products logic * fix(other-products): handled resources issue * fix(other-products): updated verbiage
Enterprise-CMCS · Jun 27, 2024 · 6bb0b32 · 6bb0b32
1 parent bfdaa77
commit 6bb0b32
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 5 deletions.
diff --git a/src/libs/security-hub-lib.ts b/src/libs/security-hub-lib.ts
@@ -5,6 +5,7 @@ import {
   GetFindingsCommandOutput,
   Remediation,
   AwsSecurityFinding,
+  AwsSecurityFindingFilters,
 } from "@aws-sdk/client-securityhub";
 
 export interface Resource {
@@ -61,13 +62,12 @@ export class SecurityHub {
           : 24 * 60 * 60 * 1000; // 1 day
       const maxDatetime = new Date(currentTime.getTime() - delayForNewIssues);
 
-      const filters = {
+      const filters: AwsSecurityFindingFilters = {
         RecordState: [{ Comparison: "EQUALS", Value: "ACTIVE" }],
         WorkflowStatus: [
           { Comparison: "EQUALS", Value: "NEW" },
           { Comparison: "EQUALS", Value: "NOTIFIED" },
         ],
-        ProductName: [{ Comparison: "EQUALS", Value: "Security Hub" }],
         SeverityLabel: this.severityLabels,
         CreatedAt: [
           {
@@ -76,7 +76,21 @@ export class SecurityHub {
           },
         ],
       };
-
+      if (process.env.INCLUDE_ALL_PRODUCTS !== "true") {
+        filters.ProductName = [{ Comparison: "EQUALS", Value: "Security Hub" }];
+      }
+      if (process.env.SKIP_PRODUCTS) {
+        const skipList: string[] = process.env.SKIP_PRODUCTS.split(",");
+        skipList.forEach((product) => {
+          if (!filters.ProductName) {
+            filters.ProductName = [];
+          }
+          filters.ProductName?.push({
+            Comparison: "NOT_EQUALS",
+            Value: product,
+          });
+        });
+      }
       // use an object to store unique findings by title
       const uniqueFindings: { [title: string]: SecurityHubFinding } = {};
 

diff --git a/src/macpro-security-hub-sync.ts b/src/macpro-security-hub-sync.ts
@@ -162,9 +162,9 @@ export class SecurityHubJiraSync {
 
     let Table = `${title}| Partition   | Region     | Type    \n`;
     resources.forEach(({ Id, Partition, Region, Type }) => {
-      Table += `${Id.padEnd(maxLength + 2)}| ${Partition.padEnd(
+      Table += `${Id.padEnd(maxLength + 2)}| ${(Partition ?? "").padEnd(
         11
-      )} | ${Region.padEnd(9)} | ${Type} \n`;
+      )} | ${(Region ?? "").padEnd(9)} | ${Type ?? ""} \n`;
     });
 
     Table += `------------------------------------------------------------------------------------------------`;