Add CSPM exception policy type and related attributes #431

kooomix · 2025-01-22T13:52:33Z

Enhancement

Relevant files

Enhancement

cloudposturetypes.go Introduced `CSPMExceptionPolicy` struct for CSPM exceptions armotypes/cloudposturetypes.go Added a new struct `CSPMExceptionPolicy` with attributes like `Name`, `Controls`, `Severity`, etc. Enhanced support for CSPM exception policies.	+9/-0
exceptionpolicy.go Added `CSPMExceptionPolicyType` constant for CSPM policies armotypes/exceptionpolicy.go Added a new constant `CSPMExceptionPolicyType` for CSPM exception policies. Enhanced policy type definitions to include CSPM.	+3/-0
designators.go Added `AttributeAccount` identifier for account attributes identifiers/designators.go Introduced a new identifier `AttributeAccount` for account-related attributes. Enhanced attribute definitions for better account handling.	+1/-0

Need help?
Type /help how to ... in the comments thread for any question about Qodo Merge usage.
Check out the documentation for more information.

codiumai-pr-agent-free · 2025-01-22T13:52:52Z

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
🧪 No relevant tests
🔒 No security concerns identified
⚡ Recommended focus areas for review Input Validation The CSPMExceptionPolicy struct lacks validation for required fields and potential constraints on severity values and scores. Consider adding validation or documentation for acceptable values. type CSPMExceptionPolicy struct { BaseExceptionPolicy `json:",inline"` Name string `json:"name"` // rule name Controls []string `json:"controls"` // affected controls Severity string `json:"severity"` SeverityScore int `json:"severityScore"` RuleHash string `json:"ruleHash"` }

codiumai-pr-agent-free · 2025-01-22T13:53:04Z

Explore these optional code suggestions:

Category	Suggestion	Score
General	Add severity field validation Add validation constraints for the severity field to ensure it only accepts valid severity levels. This prevents potential issues with invalid severity values. armotypes/cloudposturetypes.go [103-110] type CSPMExceptionPolicy struct { BaseExceptionPolicy `json:",inline"` Name string `json:"name"` // rule name Controls []string `json:"controls"` // affected controls - Severity string `json:"severity"` + Severity string `json:"severity" validate:"oneof=low medium high critical"` SeverityScore int `json:"severityScore"` RuleHash string `json:"ruleHash"` } Apply this suggestion Suggestion importance[1-10]: 7 Why: Adding validation constraints for the severity field is a valuable improvement that prevents potential runtime issues by ensuring only valid severity levels are accepted. This enhances data integrity and reduces potential bugs.	7

Add CSPM exception policy type and related attributes

a26bf30

codiumai-pr-agent-free bot added the Review effort [1-5]: 2 label Jan 22, 2025

idohuber approved these changes Jan 22, 2025

View reviewed changes

kooomix merged commit c73f6cc into main Jan 22, 2025
3 checks passed