Need help in mapping compliance report across each resource

[SrinivasMydur]

Dear Team,

I have extracted compliance reports for aws, gcp and m365. Report looks awesome covering lot of compliance standards and reports failed and passed resource counts. But I'm interesting in knowing the actual list of resource names for each compliance failed/passed list for accurate understanding.
Could you please help me how to map it

[jonrau1]

Hi @SrinivasMydur thanks for the note, glad you are getting some use out of it.

To answer the direct question, right now the only way to do that is with one of the various outputs - JSON, SecHub, MongoDB, or otherwise - as by default it's resource-aligned and will have each control mapped along with pass/fail status.

To visualize, it'll be a bit more difficult, as the ASFF specification has Compliance.RelatedRequirements as a Python List/JSON Object.

The Compliance HTML output was a bit experimental to use alongside the resources HTML report, but I could see the sense in combining them.

Could you open up an Issue with how you would want this feature to look like? The obvious (to me) would have a way to do an unordered list object in a new column on the resources report to include each related control but it could be a bit messy alongside the iconography and other columns.

Just put what you'd like ideally and I can get it on the backlog. I just started a new role but will likely come back to drop a few PRs in the next month or so for ElectricEye.

Thanks for using it!

Stay Dangerous