Supplement HDF files with additional information (ex. `passthrough`, `target`)
Supplement (ex. read or modify) elements that provide contextual information in an HDF file such as passthrough or target.
Passthrough data can be any valid context and structure.
A sample passthrough JSON used to provide CDM context could be something like this:
{
"CDM": {
"HWAM": {
"Asset_ID_Tattoo": "arn:aws:ec2:us-east-1:123456789012:instance/i-12345acbd5678efgh90",
"Data_Center_ID": "1234-5678-ABCD-1BB1-CC12DD34EE56FF78",
"FQDN": "i-12345acbd5678efgh90.ec2.internal",
"Hostname": "i-12345acbd5678efgh90",
"ipv4": "10.0.1.25",
"ipv6": "none defined",
"mac": "02:32:fd:e3:68:a1",
"os": "Linux",
"FISMA_ID": "ABCD2C21-7781-92AA-F126-FF987CZZZZ"
},
"CSM": {
"Server_Type": "member server",
"source_tool": "InSpec"
}
}
}A passthrough JSON can be used to provide context for a converted scan:
{
"raw": "the original scan in string format if it were non-JSON in origin, ex. XCCDF files are XML based",
"auxiliary_data": {
"data": "that doesn't fit nicely in the other HDF attributes",
"can": "instead be stored in this open-ended section"
},
"you": "can have other top level attributes beyond 'raw' and 'auxiliary_data'"
}A passthrough JSON does not need to be an object:
"it could be a string, a number, an array, or any other valid JSON construct"Target data can be any valid context and structure.
A sample target json used to provide AWS Resource context could be something like this:
{
"AWS":{
"Resources":[
{
"Type":"AwsEc2Instance",
"Id":"arn:aws:ec2:us-east-1:123456789012:instance/i-06036f0ccaa012345",
"Partition":"aws",
"Region":"us-east-1",
"Details":{
"AwsEc2Instance":{
"Type":"t2.medium",
"ImageId":"ami-0d716eddcc7b7abcd",
"IpV4Addresses":[
"10.0.0.27"
],
"KeyName":"rhel7_1_10152021",
"VpcId":"vpc-0b53ff8f37a06abcd",
"SubnetId":"subnet-0ea14519a4ddaabcd"
}
}
}
]
}
}A target JSON does not need to be an object:
"it could be a string, a number, an array, or any other valid JSON construct"