fix(report): use AWS_REGION env for secrets in asff template (#6011)

aquasecurity · Jan 26, 2024 · 70dd572 · 70dd572
1 parent 13f797f
commit 70dd572
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/contrib/asff.tpl b/contrib/asff.tpl
@@ -128,7 +128,7 @@
         {
             "SchemaVersion": "2018-10-08",
             "Id": "{{ $target }}",
-            "ProductArn": "arn:aws:securityhub:{{ env "AWS_DEFAULT_REGION" }}::product/aquasecurity/aquasecurity",
+            "ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}::product/aquasecurity/aquasecurity",
             "GeneratorId": "Trivy",
             "AwsAccountId": "{{ env "AWS_ACCOUNT_ID" }}",
             "Types": [ "Sensitive Data Identifications" ],
@@ -145,7 +145,7 @@
                     "Type": "Other",
                     "Id": "{{ $target }}",
                     "Partition": "aws",
-                    "Region": "{{ env "AWS_DEFAULT_REGION" }}",
+                    "Region": "{{ env "AWS_REGION" }}",
                     "Details": {
                         "Other": {
                             "Filename": "{{ $target }}"

diff --git a/integration/testdata/secrets.asff.golden b/integration/testdata/secrets.asff.golden
@@ -2,7 +2,7 @@
     "Findings": [{
             "SchemaVersion": "2018-10-08",
             "Id": "deploy.sh",
-            "ProductArn": "arn:aws:securityhub:::product/aquasecurity/aquasecurity",
+            "ProductArn": "arn:aws:securityhub:test-region::product/aquasecurity/aquasecurity",
             "GeneratorId": "Trivy",
             "AwsAccountId": "123456789012",
             "Types": [ "Sensitive Data Identifications" ],
@@ -19,7 +19,7 @@
                     "Type": "Other",
                     "Id": "deploy.sh",
                     "Partition": "aws",
-                    "Region": "",
+                    "Region": "test-region",
                     "Details": {
                         "Other": {
                             "Filename": "deploy.sh"
@@ -31,7 +31,7 @@
         },{
             "SchemaVersion": "2018-10-08",
             "Id": "deploy.sh",
-            "ProductArn": "arn:aws:securityhub:::product/aquasecurity/aquasecurity",
+            "ProductArn": "arn:aws:securityhub:test-region::product/aquasecurity/aquasecurity",
             "GeneratorId": "Trivy",
             "AwsAccountId": "123456789012",
             "Types": [ "Sensitive Data Identifications" ],
@@ -48,7 +48,7 @@
                     "Type": "Other",
                     "Id": "deploy.sh",
                     "Partition": "aws",
-                    "Region": "",
+                    "Region": "test-region",
                     "Details": {
                         "Other": {
                             "Filename": "deploy.sh"