Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Depending on aggregated subscriptions, duplicate benchmark results with the same result #227

Closed
Pragmatisch11 opened this issue Nov 10, 2023 · 1 comment
Closed

Depending on aggregated subscriptions, duplicate benchmark results with the same result #227

Pragmatisch11 opened this issue Nov 10, 2023 · 1 comment
Assignees
@khushboo9024
Labels
bug Something isn't working

Comments

@Pragmatisch11
Copy link

Pragmatisch11 commented Nov 10, 2023
edited
Loading

Describe the bug
refering to: turbot/steampipe#2477

Some CIS-Benchmark-Controls (Version 2) result in duplicated results, depending on the number of aggregated subscriptions. The following controls were identified during my investigation:

1.5 Ensure Guest Users Are Reviewed on a Regular Basis
-> every Guest User gets listed more than once, depending on the number of aggregated subscriptions.

1.14 Ensure That 'Users Can Register Applications' Is Set to 'No'
-> If set to yes -> the ALARM gets listed several times, depending on the number of aggregated subscriptions, even though it is a tenant wide setting and not a subscription-based setting

1.19 Ensure that 'Users can create security groups in Azure portals, API or PowerShell' is set to 'No'
-> If set to yes -> the ALARM gets listed several times, depending on the number of aggregated subscriptions. even though it is a tenant wide setting and not a subscription-based setting.

In my case I tested these cases with two aggregated subscriptions. The problem, especially for control 1.5, has been validated here: turbot/steampipe#2477

Steampipe version (steampipe -v)
v0.21.1

Plugin version (steampipe plugin list)
hub.steampipe.io/plugins/turbot/azure@latest | 0.51.0 | azure,azure_sub_XX,azure_sub_XX
hub.steampipe.io/plugins/turbot/azuread@latest | 0.14.0 | azuread
hub.steampipe.io/plugins/turbot/microsoft365@latest | 0.4.1 | microsoft365
hub.steampipe.io/plugins/turbot/steampipe@latest | 0.9.1 | steampipe

To reproduce

  1. aggregate more than one azure subscription (https://steampipe.io/docs/managing/connections#querying-multiple-connections & https://steampipe.io/docs/managing/connections#using-aggregators)
  2. run the CIS Benchmark, in my case steampipe check benchmark.cis_v200

Expected behavior
Regarding Control 1.5: every user gets listed just once
Regarding Control 1.14 and 1.19: the setting gets evaluated once on tenant-level and not based on the number of subscriptions.

Additional context
thats all :)
@Pragmatisch11 Pragmatisch11 added the bug Something isn't working label Nov 10, 2023
@rajlearner17
Copy link
Contributor

@Pragmatisch11, Thank you
We will release the updates by next week.

khushboo9024 added a commit that referenced this issue Nov 23, 2023
@khushboo9024
Depending on aggregated subscriptions, duplicate benchmark results wi…
2771c7e 
…th the same result closes #227
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@khushboo9024 khushboo9024

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rajlearner17 @khushboo9024 @Pragmatisch11