Added Cloudtrail.3 as an alternative control for Cloudtrail.1 (#146)

tmekari · web-flow · commit 001ec08ba4cf · 2023-03-16T09:08:09.000-07:00
diff --git a/source/playbooks/SC/bin/security_controls.ts b/source/playbooks/SC/bin/security_controls.ts
@@ -31,6 +31,7 @@ const remediations: IControl[] = [
   { control: 'AutoScaling.1' },
   { control: 'CloudTrail.1' },
   { control: 'CloudTrail.2' },
+  { control: 'CloudTrail.3', executes: 'CloudTrail.1' },
   { control: 'CloudTrail.4' },
   { control: 'CloudTrail.5' },
   { control: 'CloudTrail.6' },
diff --git a/source/playbooks/SC/ssmdocs/SC_CloudTrail.1.ts b/source/playbooks/SC/ssmdocs/SC_CloudTrail.1.ts
@@ -6,7 +6,11 @@ import { PlaybookProps } from '../lib/control_runbooks-construct';
 import { HardCodedString, StringVariable } from '@cdklabs/cdk-ssm-documents';
 
 export function createControlRunbook(scope: Construct, id: string, props: PlaybookProps): ControlRunbookDocument {
-  return new CreateCloudTrailMultiRegionTrailDocument(scope, id, { ...props, controlId: 'CloudTrail.1' });
+  return new CreateCloudTrailMultiRegionTrailDocument(scope, id, {
+    ...props,
+    controlId: 'CloudTrail.1',
+    otherControlIds: ['CloudTrail.3'],
+  });
 }
 
 export class CreateCloudTrailMultiRegionTrailDocument extends ControlRunbookDocument {
diff --git a/source/playbooks/SC/test/__snapshots__/security_controls_stack.test.ts.snap b/source/playbooks/SC/test/__snapshots__/security_controls_stack.test.ts.snap
@@ -1868,6 +1868,7 @@ Note: this remediation will create a NEW trail.
                   "Finding": "{{ Finding }}",
                   "expected_control_id": [
                     "CloudTrail.1",
+                    "CloudTrail.3",
                   ],
                   "parse_id_pattern": "",
                 },
