[KinesisAnalytics.1] Applications should log to CloudWatch not getting assessed
swarnim1212 opened this issue · comments
Describe the bug
[KinesisAnalytics.1] Applications should log to CloudWatch is not getting assessed with the error message showing AWS region us-east-1 not supported for kinesisanalyticsv2
, because supported regions is returning an empty list. AWS Kinesis Analytics is supported in this region and also if logging is not configured then "CloudWatchLoggingOptionDescriptions"
key is not present which gives keyError. It should be handle in try exception. In the exception block, we can pass the finding.
To Reproduce
Steps to reproduce the behavior:
- Run the assessment and check for [KinesisAnalytics.1]
Expected behavior
[KinesisAnalytics.1] Applications should log to CloudWatch control should have a finding.
Screenshots
If applicable, add screenshots to help explain your problem.
Logs
Any stack traces, error reports, CloudTrail logs, etc.
Additional context
Add any other context about the problem here.
With kinesisanalyticsv2
, supported regions don't get listed with aws ssm get-parameters-by-path --path /aws/service/global-infrastructure/services/kinesisanalyticsv2/regions
. This is the reason why this control is not giving any finding. The supported regions can be enumerated with kinesisanalytics
.
Complete with #64