From 201dd53c3936495ea8732e76890038437ba9b0a3 Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Wed, 9 Oct 2024 12:36:26 +0600
Subject: [PATCH] fix(checks): add aliases to Rego checks

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
---
 checks/cloud/aws/ec2/add_description_to_security_group.rego | 2 ++
 .../aws/ec2/add_description_to_security_group_rule.rego     | 2 ++
 checks/cloud/aws/ec2/as_enable_at_rest_encryption.rego      | 2 ++
 checks/cloud/aws/ec2/as_enforce_http_token_imds.rego        | 2 ++
 checks/cloud/aws/ec2/as_no_secrets_in_user_data.rego        | 2 ++
 checks/cloud/aws/ec2/enable_volume_encryption.rego          | 2 ++
 checks/cloud/aws/ec2/encryption_customer_key.rego           | 2 ++
 checks/cloud/aws/ec2/no_default_vpc.rego                    | 2 ++
 checks/cloud/aws/ec2/no_excessive_port_access.rego          | 2 ++
 checks/cloud/aws/ec2/no_public_egress_sgr.rego              | 2 ++
 checks/cloud/aws/ec2/no_public_ingress_acl.rego             | 2 ++
 checks/cloud/aws/ec2/no_public_ip_subnet.rego               | 2 ++
 checks/cloud/aws/ec2/no_secrets_in_user_data.rego           | 2 ++
 checks/cloud/aws/ec2/no_sensitive_info.rego                 | 2 ++
 .../cloud/aws/ec2/require_vpc_flow_logs_for_all_vpcs.rego   | 2 ++
 checks/cloud/aws/iam/enforce_group_mfa.go                   | 6 ++----
 checks/cloud/aws/iam/enforce_group_mfa.rego                 | 2 ++
 .../computing/add_description_to_security_group.rego        | 2 ++
 .../computing/add_description_to_security_group_rule.rego   | 2 ++
 .../nifcloud/computing/add_security_group_to_instance.rego  | 2 ++
 .../nifcloud/computing/no_common_private_instance.rego      | 2 ++
 checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego  | 2 ++
 .../nifcloud/nas/add_description_to_nas_security_group.rego | 2 ++
 .../cloud/nifcloud/nas/no_common_private_nas_instance.rego  | 2 ++
 checks/cloud/nifcloud/nas/no_public_ingress_nas_sgr.rego    | 2 ++
 .../nifcloud/network/add_security_group_to_router.rego      | 2 ++
 .../nifcloud/network/add_security_group_to_vpn_gateway.rego | 2 ++
 checks/cloud/nifcloud/network/no_common_private_elb.rego    | 2 ++
 checks/cloud/nifcloud/network/no_common_private_router.rego | 2 ++
 .../nifcloud/rdb/add_description_to_db_security_group.rego  | 2 ++
 .../cloud/nifcloud/rdb/no_common_private_db_instance.rego   | 2 ++
 checks/cloud/nifcloud/rdb/no_public_ingress_db_sgr.rego     | 2 ++
 32 files changed, 64 insertions(+), 4 deletions(-)

diff --git a/checks/cloud/aws/ec2/add_description_to_security_group.rego b/checks/cloud/aws/ec2/add_description_to_security_group.rego
index 366836e8..bdaaf474 100644
--- a/checks/cloud/aws/ec2/add_description_to_security_group.rego
+++ b/checks/cloud/aws/ec2/add_description_to_security_group.rego
@@ -12,6 +12,8 @@
 # custom:
 #   id: AVD-AWS-0099
 #   avd_id: AVD-AWS-0099
+#   aliases:
+#     - aws-vpc-add-description-to-security-group
 #   provider: aws
 #   service: ec2
 #   severity: LOW
diff --git a/checks/cloud/aws/ec2/add_description_to_security_group_rule.rego b/checks/cloud/aws/ec2/add_description_to_security_group_rule.rego
index 07268e3a..dc9f6d50 100644
--- a/checks/cloud/aws/ec2/add_description_to_security_group_rule.rego
+++ b/checks/cloud/aws/ec2/add_description_to_security_group_rule.rego
@@ -12,6 +12,8 @@
 # custom:
 #   id: AVD-AWS-0124
 #   avd_id: AVD-AWS-0124
+#   aliases:
+#     - aws-vpc-add-description-to-security-group-rule
 #   provider: aws
 #   service: ec2
 #   severity: LOW
diff --git a/checks/cloud/aws/ec2/as_enable_at_rest_encryption.rego b/checks/cloud/aws/ec2/as_enable_at_rest_encryption.rego
index 89176add..ffdaf698 100644
--- a/checks/cloud/aws/ec2/as_enable_at_rest_encryption.rego
+++ b/checks/cloud/aws/ec2/as_enable_at_rest_encryption.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0008
 #   avd_id: AVD-AWS-0008
+#   aliases:
+#     - aws-autoscaling-enable-at-rest-encryption
 #   provider: aws
 #   service: ec2
 #   severity: HIGH
diff --git a/checks/cloud/aws/ec2/as_enforce_http_token_imds.rego b/checks/cloud/aws/ec2/as_enforce_http_token_imds.rego
index da000acf..2c547b49 100644
--- a/checks/cloud/aws/ec2/as_enforce_http_token_imds.rego
+++ b/checks/cloud/aws/ec2/as_enforce_http_token_imds.rego
@@ -14,6 +14,8 @@
 # custom:
 #   id: AVD-AWS-0130
 #   avd_id: AVD-AWS-0130
+#   aliases:
+#     - aws-autoscaling-enforce-http-token-imds
 #   provider: aws
 #   service: ec2
 #   severity: HIGH
diff --git a/checks/cloud/aws/ec2/as_no_secrets_in_user_data.rego b/checks/cloud/aws/ec2/as_no_secrets_in_user_data.rego
index f778d6eb..3e33db7e 100644
--- a/checks/cloud/aws/ec2/as_no_secrets_in_user_data.rego
+++ b/checks/cloud/aws/ec2/as_no_secrets_in_user_data.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0129
 #   avd_id: AVD-AWS-0129
+#   aliases:
+#     - aws-autoscaling-no-secrets-in-user-data
 #   provider: aws
 #   service: ec2
 #   severity: CRITICAL
diff --git a/checks/cloud/aws/ec2/enable_volume_encryption.rego b/checks/cloud/aws/ec2/enable_volume_encryption.rego
index 9c1fa3b0..fefa6f60 100644
--- a/checks/cloud/aws/ec2/enable_volume_encryption.rego
+++ b/checks/cloud/aws/ec2/enable_volume_encryption.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0026
 #   avd_id: AVD-AWS-0026
+#   aliases:
+#     - aws-ebs-enable-volume-encryption
 #   provider: aws
 #   service: ec2
 #   severity: HIGH
diff --git a/checks/cloud/aws/ec2/encryption_customer_key.rego b/checks/cloud/aws/ec2/encryption_customer_key.rego
index cc6506d4..063d205f 100644
--- a/checks/cloud/aws/ec2/encryption_customer_key.rego
+++ b/checks/cloud/aws/ec2/encryption_customer_key.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0027
 #   avd_id: AVD-AWS-0027
+#   aliases:
+#     - aws-ebs-encryption-customer-key
 #   provider: aws
 #   service: ec2
 #   severity: LOW
diff --git a/checks/cloud/aws/ec2/no_default_vpc.rego b/checks/cloud/aws/ec2/no_default_vpc.rego
index fb250616..5f0fcbb7 100644
--- a/checks/cloud/aws/ec2/no_default_vpc.rego
+++ b/checks/cloud/aws/ec2/no_default_vpc.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0101
 #   avd_id: AVD-AWS-0101
+#   aliases:
+#     - aws-vpc-no-default-vpc
 #   provider: aws
 #   service: ec2
 #   severity: HIGH
diff --git a/checks/cloud/aws/ec2/no_excessive_port_access.rego b/checks/cloud/aws/ec2/no_excessive_port_access.rego
index 959584a4..656d5550 100644
--- a/checks/cloud/aws/ec2/no_excessive_port_access.rego
+++ b/checks/cloud/aws/ec2/no_excessive_port_access.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0102
 #   avd_id: AVD-AWS-0102
+#   aliases:
+#     - aws-vpc-no-excessive-port-access
 #   provider: aws
 #   service: ec2
 #   severity: CRITICAL
diff --git a/checks/cloud/aws/ec2/no_public_egress_sgr.rego b/checks/cloud/aws/ec2/no_public_egress_sgr.rego
index cf5b3414..60a512d4 100644
--- a/checks/cloud/aws/ec2/no_public_egress_sgr.rego
+++ b/checks/cloud/aws/ec2/no_public_egress_sgr.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0104
 #   avd_id: AVD-AWS-0104
+#   aliases:
+#     - aws-vpc-no-public-egress-sgr
 #   provider: aws
 #   service: ec2
 #   severity: CRITICAL
diff --git a/checks/cloud/aws/ec2/no_public_ingress_acl.rego b/checks/cloud/aws/ec2/no_public_ingress_acl.rego
index f5547b64..1b6d1540 100644
--- a/checks/cloud/aws/ec2/no_public_ingress_acl.rego
+++ b/checks/cloud/aws/ec2/no_public_ingress_acl.rego
@@ -14,6 +14,8 @@
 # custom:
 #   id: AVD-AWS-0105
 #   avd_id: AVD-AWS-0105
+#   aliases:
+#     - aws-vpc-no-public-ingress-acl
 #   provider: aws
 #   service: ec2
 #   severity: MEDIUM
diff --git a/checks/cloud/aws/ec2/no_public_ip_subnet.rego b/checks/cloud/aws/ec2/no_public_ip_subnet.rego
index 0869e857..e0d79679 100644
--- a/checks/cloud/aws/ec2/no_public_ip_subnet.rego
+++ b/checks/cloud/aws/ec2/no_public_ip_subnet.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0164
 #   avd_id: AVD-AWS-0164
+#   aliases:
+#     - aws-vpc-no-public-ingress-sgr
 #   provider: aws
 #   service: ec2
 #   severity: HIGH
diff --git a/checks/cloud/aws/ec2/no_secrets_in_user_data.rego b/checks/cloud/aws/ec2/no_secrets_in_user_data.rego
index d8fde07e..6c2a1335 100644
--- a/checks/cloud/aws/ec2/no_secrets_in_user_data.rego
+++ b/checks/cloud/aws/ec2/no_secrets_in_user_data.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0029
 #   avd_id: AVD-AWS-0029
+#   aliases:
+#     - aws-autoscaling-no-public-ip
 #   provider: aws
 #   service: ec2
 #   severity: CRITICAL
diff --git a/checks/cloud/aws/ec2/no_sensitive_info.rego b/checks/cloud/aws/ec2/no_sensitive_info.rego
index 236bf0b3..7d7c75b1 100644
--- a/checks/cloud/aws/ec2/no_sensitive_info.rego
+++ b/checks/cloud/aws/ec2/no_sensitive_info.rego
@@ -8,6 +8,8 @@
 # custom:
 #   id: AVD-AWS-0122
 #   avd_id: AVD-AWS-0122
+#   aliases:
+#     - aws-autoscaling-no-sensitive-info
 #   provider: aws
 #   service: ec2
 #   severity: HIGH
diff --git a/checks/cloud/aws/ec2/require_vpc_flow_logs_for_all_vpcs.rego b/checks/cloud/aws/ec2/require_vpc_flow_logs_for_all_vpcs.rego
index 80ec6af7..a01bdace 100644
--- a/checks/cloud/aws/ec2/require_vpc_flow_logs_for_all_vpcs.rego
+++ b/checks/cloud/aws/ec2/require_vpc_flow_logs_for_all_vpcs.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0178
 #   avd_id: AVD-AWS-0178
+#   aliases:
+#     - aws-autoscaling-enable-at-rest-encryption
 #   provider: aws
 #   service: ec2
 #   severity: MEDIUM
diff --git a/checks/cloud/aws/iam/enforce_group_mfa.go b/checks/cloud/aws/iam/enforce_group_mfa.go
index dd73a7d2..85376865 100644
--- a/checks/cloud/aws/iam/enforce_group_mfa.go
+++ b/checks/cloud/aws/iam/enforce_group_mfa.go
@@ -16,10 +16,8 @@ import (
 
 var CheckEnforceGroupMFA = rules.Register(
 	scan.Rule{
-		AVDID: "AVD-AWS-0123",
-		Aliases: []string{
-			"aws-iam-enforce-mfa",
-		},
+		AVDID:      "AVD-AWS-0123",
+		Aliases:    []string{"aws-iam-enforce-mfa"},
 		Provider:   providers.AWSProvider,
 		Service:    "iam",
 		ShortCode:  "enforce-group-mfa",
diff --git a/checks/cloud/aws/iam/enforce_group_mfa.rego b/checks/cloud/aws/iam/enforce_group_mfa.rego
index 2e8eb861..50364cf6 100644
--- a/checks/cloud/aws/iam/enforce_group_mfa.rego
+++ b/checks/cloud/aws/iam/enforce_group_mfa.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-AWS-0123
 #   avd_id: AVD-AWS-0123
+#   aliases:
+#     - aws-iam-enforce-mfa
 #   provider: aws
 #   service: iam
 #   severity: MEDIUM
diff --git a/checks/cloud/nifcloud/computing/add_description_to_security_group.rego b/checks/cloud/nifcloud/computing/add_description_to_security_group.rego
index 49b85399..bf82d7e7 100644
--- a/checks/cloud/nifcloud/computing/add_description_to_security_group.rego
+++ b/checks/cloud/nifcloud/computing/add_description_to_security_group.rego
@@ -12,6 +12,8 @@
 # custom:
 #   id: AVD-NIF-0002
 #   avd_id: AVD-NIF-0002
+#   aliases:
+#     - nifcloud-computing-add-description-to-security-group
 #   provider: nifcloud
 #   service: computing
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/computing/add_description_to_security_group_rule.rego b/checks/cloud/nifcloud/computing/add_description_to_security_group_rule.rego
index e67fe40c..ddf7c5da 100644
--- a/checks/cloud/nifcloud/computing/add_description_to_security_group_rule.rego
+++ b/checks/cloud/nifcloud/computing/add_description_to_security_group_rule.rego
@@ -12,6 +12,8 @@
 # custom:
 #   id: AVD-NIF-0003
 #   avd_id: AVD-NIF-0003
+#   aliases:
+#     - nifcloud-computing-add-description-to-security-group-rule
 #   provider: nifcloud
 #   service: computing
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/computing/add_security_group_to_instance.rego b/checks/cloud/nifcloud/computing/add_security_group_to_instance.rego
index ca0df95a..7b2bf36a 100644
--- a/checks/cloud/nifcloud/computing/add_security_group_to_instance.rego
+++ b/checks/cloud/nifcloud/computing/add_security_group_to_instance.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0004
 #   avd_id: AVD-NIF-0004
+#   aliases:
+#     - nifcloud-computing-add-security-group-to-instance
 #   provider: nifcloud
 #   service: computing
 #   severity: CRITICAL
diff --git a/checks/cloud/nifcloud/computing/no_common_private_instance.rego b/checks/cloud/nifcloud/computing/no_common_private_instance.rego
index 28d8a9de..94fc213a 100644
--- a/checks/cloud/nifcloud/computing/no_common_private_instance.rego
+++ b/checks/cloud/nifcloud/computing/no_common_private_instance.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0005
 #   avd_id: AVD-NIF-0005
+#   aliases:
+#     - nifcloud-computing-no-common-private-instance
 #   provider: nifcloud
 #   service: computing
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego b/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego
index 3993aa1f..f0639d2c 100644
--- a/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego
+++ b/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego
@@ -12,6 +12,8 @@
 # custom:
 #   id: AVD-NIF-0001
 #   avd_id: AVD-NIF-0001
+#   aliases:
+#     - nifcloud-computing-no-public-ingress-sgr
 #   provider: nifcloud
 #   service: computing
 #   severity: CRITICAL
diff --git a/checks/cloud/nifcloud/nas/add_description_to_nas_security_group.rego b/checks/cloud/nifcloud/nas/add_description_to_nas_security_group.rego
index 17c2f28b..6b6b66a6 100644
--- a/checks/cloud/nifcloud/nas/add_description_to_nas_security_group.rego
+++ b/checks/cloud/nifcloud/nas/add_description_to_nas_security_group.rego
@@ -12,6 +12,8 @@
 # custom:
 #   id: AVD-NIF-0015
 #   avd_id: AVD-NIF-0015
+#   aliases:
+#     - nifcloud-nas-add-description-to-nas-security-group
 #   provider: nifcloud
 #   service: nas
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/nas/no_common_private_nas_instance.rego b/checks/cloud/nifcloud/nas/no_common_private_nas_instance.rego
index da122cfa..6ca499c9 100644
--- a/checks/cloud/nifcloud/nas/no_common_private_nas_instance.rego
+++ b/checks/cloud/nifcloud/nas/no_common_private_nas_instance.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0013
 #   avd_id: AVD-NIF-0013
+#   aliases:
+#     - nifcloud-nas-no-common-private-nas-instance
 #   provider: nifcloud
 #   service: nas
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/nas/no_public_ingress_nas_sgr.rego b/checks/cloud/nifcloud/nas/no_public_ingress_nas_sgr.rego
index 5895cf5e..b159bfa2 100644
--- a/checks/cloud/nifcloud/nas/no_public_ingress_nas_sgr.rego
+++ b/checks/cloud/nifcloud/nas/no_public_ingress_nas_sgr.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0014
 #   avd_id: AVD-NIF-0014
+#   aliases:
+#     - nifcloud-nas-no-public-ingress-nas-sgr
 #   provider: nifcloud
 #   service: nas
 #   severity: CRITICAL
diff --git a/checks/cloud/nifcloud/network/add_security_group_to_router.rego b/checks/cloud/nifcloud/network/add_security_group_to_router.rego
index 0bf73643..bc7f3850 100644
--- a/checks/cloud/nifcloud/network/add_security_group_to_router.rego
+++ b/checks/cloud/nifcloud/network/add_security_group_to_router.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0016
 #   avd_id: AVD-NIF-0016
+#   aliases:
+#     - nifcloud-computing-add-security-group-to-router
 #   provider: nifcloud
 #   service: network
 #   severity: CRITICAL
diff --git a/checks/cloud/nifcloud/network/add_security_group_to_vpn_gateway.rego b/checks/cloud/nifcloud/network/add_security_group_to_vpn_gateway.rego
index 376d9dfb..cc5e0530 100644
--- a/checks/cloud/nifcloud/network/add_security_group_to_vpn_gateway.rego
+++ b/checks/cloud/nifcloud/network/add_security_group_to_vpn_gateway.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0018
 #   avd_id: AVD-NIF-0018
+#   aliases:
+#     - nifcloud-computing-add-security-group-to-vpn-gateway
 #   provider: nifcloud
 #   service: network
 #   severity: CRITICAL
diff --git a/checks/cloud/nifcloud/network/no_common_private_elb.rego b/checks/cloud/nifcloud/network/no_common_private_elb.rego
index 4173fe1d..d9aa3d61 100644
--- a/checks/cloud/nifcloud/network/no_common_private_elb.rego
+++ b/checks/cloud/nifcloud/network/no_common_private_elb.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0019
 #   avd_id: AVD-NIF-0019
+#   aliases:
+#     - nifcloud-network-no-common-private-elb
 #   provider: nifcloud
 #   service: network
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/network/no_common_private_router.rego b/checks/cloud/nifcloud/network/no_common_private_router.rego
index 9c5528fe..62ff1f97 100644
--- a/checks/cloud/nifcloud/network/no_common_private_router.rego
+++ b/checks/cloud/nifcloud/network/no_common_private_router.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0017
 #   avd_id: AVD-NIF-0017
+#   aliases:
+#     - nifcloud-network-no-common-private-router
 #   provider: nifcloud
 #   service: network
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/rdb/add_description_to_db_security_group.rego b/checks/cloud/nifcloud/rdb/add_description_to_db_security_group.rego
index d0086c72..47b07378 100644
--- a/checks/cloud/nifcloud/rdb/add_description_to_db_security_group.rego
+++ b/checks/cloud/nifcloud/rdb/add_description_to_db_security_group.rego
@@ -12,6 +12,8 @@
 # custom:
 #   id: AVD-NIF-0012
 #   avd_id: AVD-NIF-0012
+#   aliases:
+#     - nifcloud-rdb-add-description-to-db-security-group
 #   provider: nifcloud
 #   service: rdb
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/rdb/no_common_private_db_instance.rego b/checks/cloud/nifcloud/rdb/no_common_private_db_instance.rego
index 5489597a..6a52b532 100644
--- a/checks/cloud/nifcloud/rdb/no_common_private_db_instance.rego
+++ b/checks/cloud/nifcloud/rdb/no_common_private_db_instance.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0010
 #   avd_id: AVD-NIF-0010
+#   aliases:
+#     - nifcloud-rdb-no-common-private-db-instance
 #   provider: nifcloud
 #   service: rdb
 #   severity: LOW
diff --git a/checks/cloud/nifcloud/rdb/no_public_ingress_db_sgr.rego b/checks/cloud/nifcloud/rdb/no_public_ingress_db_sgr.rego
index 83c1f038..89243240 100644
--- a/checks/cloud/nifcloud/rdb/no_public_ingress_db_sgr.rego
+++ b/checks/cloud/nifcloud/rdb/no_public_ingress_db_sgr.rego
@@ -10,6 +10,8 @@
 # custom:
 #   id: AVD-NIF-0011
 #   avd_id: AVD-NIF-0011
+#   aliases:
+#     - nifcloud-rdb-no-public-ingress-db-sgr
 #   provider: nifcloud
 #   service: rdb
 #   severity: CRITICAL