update(docs): added mention to 'descriptionID' in creating-queries do…

…cumentation (Checkmarx#4835)
Dipesh-Reen · Feb 14, 2022 · 390e13d · 390e13d
1 parent 302c8f9
commit 390e13d
Showing 1 changed file with 11 additions and 4 deletions.
diff --git a/docs/creating-queries.md b/docs/creating-queries.md
@@ -134,9 +134,11 @@ Observe the following metadata.json example and check the Guidelines below for m
   "queryName": "CloudTrail Multi Region Disabled",
   "severity": "MEDIUM",
   "category": "Observability",
-  "descriptionText": "Check if MultiRegion is Enabled",
+  "descriptionText": "CloudTrail should have 'is_multi_region_trail' and 'include_global_service_events' enabled",
   "descriptionUrl": "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudtrail#is_multi_region_trail",
-  "platform": "Terraform"
+  "platform": "Terraform",
+  "descriptionID": "feb82a62",
+  "cloudProvider": "aws"
 }
 ```
 
@@ -241,6 +243,8 @@ go run ./cmd/console/main.go generate-id
 - `descriptionText` should explain with detail the vulnerability and if possible provide a way to remediate
 - `descriptionUrl` points to the official documentation about the resource being targeted
 - `platform` query target platform (e.g. Terraform, Kubernetes, etc.)
+- `descriptionID` should be filled with the first eight characters of the `go run ./cmd/console/main.go generate-id` output
+- `cloudProvider` should specify the target cloud provider, when necessary (e.g. AWS, AZURE, GCP, etc.)
 - `aggregation` [optional] should be used when more than one query is implemented in the same query.rego file. Indicates how many queries are implemented
 - `override` [optional] should only be used when a `metadata.json` is shared between queries from different platforms or different specification versions like for example OpenAPI 2.0 (Swagger) and OpenAPI 3.0. This field defines an object that each field is mapped to a given `overrideKey` that should be provided from the query execution result (covered in the next section), if an `overrideKey` is provided, this will generate a new query that inherits the root level metadata values and only rewrites the fields defined inside this object.
 
@@ -257,7 +261,9 @@ If the **query.rego** file implements more than one query, the **metadata.json**
   "descriptionText": "A sensitive port, such as port 23 or port 110, is open for the whole network in either TCP or UDP protocol",
   "descriptionUrl": "https://docs.ansible.com/ansible/latest/collections/azure/azcollection/azure_rm_securitygroup_module.html#parameter-rules",
   "platform": "Ansible",
-  "aggregation": 35
+  "descriptionID": "33745204",
+  "cloudProvider": "azure",
+  "aggregation": 62
 }
 ```
 
@@ -279,7 +285,8 @@ If the **query.rego** file implements more than one query, the **metadata.json**
       "descriptionUrl": "https://swagger.io/specification/v2/#contactObject"
     }
   },
-  "aggregation": 2
+  "aggregation": 2,
+  "descriptionID": "f3097573"
 }
 ```