mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 14:55:00 +00:00
fix(findingID): remove duplicate finding IDs (#2890)
This commit is contained in:
Sergio Garcia
@@ -67,7 +67,7 @@ class iam_disable_30_days_credentials(Check):
|
|||||||
old_access_keys = True
|
old_access_keys = True
|
||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.resource_id = user["user"]
|
report.resource_id = user["user"] + "/AccessKey1"
|
||||||
report.resource_arn = user["arn"]
|
report.resource_arn = user["arn"]
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user['user']} has not used access key 1 in the last {maximum_expiration_days} days ({access_key_1_last_used_date.days} days)."
|
report.status_extended = f"User {user['user']} has not used access key 1 in the last {maximum_expiration_days} days ({access_key_1_last_used_date.days} days)."
|
||||||
@@ -86,7 +86,7 @@ class iam_disable_30_days_credentials(Check):
|
|||||||
old_access_keys = True
|
old_access_keys = True
|
||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.resource_id = user["user"]
|
report.resource_id = user["user"] + "/AccessKey2"
|
||||||
report.resource_arn = user["arn"]
|
report.resource_arn = user["arn"]
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user['user']} has not used access key 2 in the last {maximum_expiration_days} days ({access_key_2_last_used_date.days} days)."
|
report.status_extended = f"User {user['user']} has not used access key 2 in the last {maximum_expiration_days} days ({access_key_2_last_used_date.days} days)."
|
||||||
|
|||||||
@@ -67,7 +67,7 @@ class iam_disable_45_days_credentials(Check):
|
|||||||
old_access_keys = True
|
old_access_keys = True
|
||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.resource_id = user["user"]
|
report.resource_id = user["user"] + "/AccessKey1"
|
||||||
report.resource_arn = user["arn"]
|
report.resource_arn = user["arn"]
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user['user']} has not used access key 1 in the last {maximum_expiration_days} days ({access_key_1_last_used_date.days} days)."
|
report.status_extended = f"User {user['user']} has not used access key 1 in the last {maximum_expiration_days} days ({access_key_1_last_used_date.days} days)."
|
||||||
@@ -86,7 +86,7 @@ class iam_disable_45_days_credentials(Check):
|
|||||||
old_access_keys = True
|
old_access_keys = True
|
||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.resource_id = user["user"]
|
report.resource_id = user["user"] + "/AccessKey2"
|
||||||
report.resource_arn = user["arn"]
|
report.resource_arn = user["arn"]
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user['user']} has not used access key 2 in the last {maximum_expiration_days} days ({access_key_2_last_used_date.days} days)."
|
report.status_extended = f"User {user['user']} has not used access key 2 in the last {maximum_expiration_days} days ({access_key_2_last_used_date.days} days)."
|
||||||
|
|||||||
@@ -67,7 +67,7 @@ class iam_disable_90_days_credentials(Check):
|
|||||||
old_access_keys = True
|
old_access_keys = True
|
||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.resource_id = user["user"]
|
report.resource_id = user["user"] + "/AccessKey1"
|
||||||
report.resource_arn = user["arn"]
|
report.resource_arn = user["arn"]
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user['user']} has not used access key 1 in the last {maximum_expiration_days} days ({access_key_1_last_used_date.days} days)."
|
report.status_extended = f"User {user['user']} has not used access key 1 in the last {maximum_expiration_days} days ({access_key_1_last_used_date.days} days)."
|
||||||
@@ -86,7 +86,7 @@ class iam_disable_90_days_credentials(Check):
|
|||||||
old_access_keys = True
|
old_access_keys = True
|
||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.resource_id = user["user"]
|
report.resource_id = user["user"] + "/AccessKey2"
|
||||||
report.resource_arn = user["arn"]
|
report.resource_arn = user["arn"]
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user['user']} has not used access key 2 in the last {maximum_expiration_days} days ({access_key_2_last_used_date.days} days)."
|
report.status_extended = f"User {user['user']} has not used access key 2 in the last {maximum_expiration_days} days ({access_key_2_last_used_date.days} days)."
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ class iam_inline_policy_no_administrative_privileges(Check):
|
|||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.resource_arn = policy.arn
|
report.resource_arn = policy.arn
|
||||||
report.resource_id = policy.entity
|
report.resource_id = f"{policy.entity}/{policy.name}"
|
||||||
report.resource_tags = policy.tags
|
report.resource_tags = policy.tags
|
||||||
report.status = "PASS"
|
report.status = "PASS"
|
||||||
report.status_extended = f"{policy.type} policy {policy.name} for IAM identity {policy.arn} does not allow '*:*' administrative privileges."
|
report.status_extended = f"{policy.type} policy {policy.name} for IAM identity {policy.arn} does not allow '*:*' administrative privileges."
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ class iam_policy_attached_only_to_group_or_roles(Check):
|
|||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user.name} has the policy {policy['PolicyName']} attached."
|
report.status_extended = f"User {user.name} has the policy {policy['PolicyName']} attached."
|
||||||
report.resource_id = user.name
|
report.resource_id = f"{user.name}/{policy['PolicyName']}"
|
||||||
report.resource_arn = user.arn
|
report.resource_arn = user.arn
|
||||||
findings.append(report)
|
findings.append(report)
|
||||||
if user.inline_policies:
|
if user.inline_policies:
|
||||||
@@ -23,7 +23,7 @@ class iam_policy_attached_only_to_group_or_roles(Check):
|
|||||||
report.region = iam_client.region
|
report.region = iam_client.region
|
||||||
report.status = "FAIL"
|
report.status = "FAIL"
|
||||||
report.status_extended = f"User {user.name} has the inline policy {policy} attached."
|
report.status_extended = f"User {user.name} has the inline policy {policy} attached."
|
||||||
report.resource_id = user.name
|
report.resource_id = f"{user.name}/{policy}"
|
||||||
report.resource_arn = user.arn
|
report.resource_arn = user.arn
|
||||||
findings.append(report)
|
findings.append(report)
|
||||||
|
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ class route53_dangling_ip_subdomain_takeover(Check):
|
|||||||
# Check if record is an IP Address
|
# Check if record is an IP Address
|
||||||
if validate_ip_address(record):
|
if validate_ip_address(record):
|
||||||
report = Check_Report_AWS(self.metadata())
|
report = Check_Report_AWS(self.metadata())
|
||||||
report.resource_id = record_set.hosted_zone_id
|
report.resource_id = f"{record_set.hosted_zone_id}/{record}"
|
||||||
report.resource_arn = route53_client.hosted_zones[
|
report.resource_arn = route53_client.hosted_zones[
|
||||||
record_set.hosted_zone_id
|
record_set.hosted_zone_id
|
||||||
].arn
|
].arn
|
||||||
|
|||||||
@@ -275,7 +275,7 @@ class Test_iam_disable_30_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 1 in the last 30 days (100 days)."
|
== f"User {user} has not used access key 1 in the last 30 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey1"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
|
|
||||||
@@ -325,7 +325,7 @@ class Test_iam_disable_30_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 2 in the last 30 days (100 days)."
|
== f"User {user} has not used access key 2 in the last 30 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey2"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
|
|
||||||
@@ -380,7 +380,7 @@ class Test_iam_disable_30_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 1 in the last 30 days (100 days)."
|
== f"User {user} has not used access key 1 in the last 30 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey1"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
|
|
||||||
@@ -389,7 +389,7 @@ class Test_iam_disable_30_days_credentials_test:
|
|||||||
result[2].status_extended
|
result[2].status_extended
|
||||||
== f"User {user} has not used access key 2 in the last 30 days (100 days)."
|
== f"User {user} has not used access key 2 in the last 30 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[2].resource_id == user
|
assert result[2].resource_id == user + "/AccessKey2"
|
||||||
assert result[2].resource_arn == arn
|
assert result[2].resource_arn == arn
|
||||||
assert result[2].region == AWS_REGION
|
assert result[2].region == AWS_REGION
|
||||||
|
|
||||||
|
|||||||
@@ -275,7 +275,7 @@ class Test_iam_disable_45_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 1 in the last 45 days (100 days)."
|
== f"User {user} has not used access key 1 in the last 45 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey1"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
|
|
||||||
@@ -325,7 +325,7 @@ class Test_iam_disable_45_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 2 in the last 45 days (100 days)."
|
== f"User {user} has not used access key 2 in the last 45 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey2"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
|
|
||||||
@@ -380,7 +380,7 @@ class Test_iam_disable_45_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 1 in the last 45 days (100 days)."
|
== f"User {user} has not used access key 1 in the last 45 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey1"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
assert result[2].status == "FAIL"
|
assert result[2].status == "FAIL"
|
||||||
@@ -388,7 +388,7 @@ class Test_iam_disable_45_days_credentials_test:
|
|||||||
result[2].status_extended
|
result[2].status_extended
|
||||||
== f"User {user} has not used access key 2 in the last 45 days (100 days)."
|
== f"User {user} has not used access key 2 in the last 45 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[2].resource_id == user
|
assert result[2].resource_id == user + "/AccessKey2"
|
||||||
assert result[2].resource_arn == arn
|
assert result[2].resource_arn == arn
|
||||||
assert result[2].region == AWS_REGION
|
assert result[2].region == AWS_REGION
|
||||||
|
|
||||||
|
|||||||
@@ -273,7 +273,7 @@ class Test_iam_disable_90_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 1 in the last 90 days (100 days)."
|
== f"User {user} has not used access key 1 in the last 90 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey1"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
|
|
||||||
@@ -323,7 +323,7 @@ class Test_iam_disable_90_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 2 in the last 90 days (100 days)."
|
== f"User {user} has not used access key 2 in the last 90 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey2"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
|
|
||||||
@@ -378,7 +378,7 @@ class Test_iam_disable_90_days_credentials_test:
|
|||||||
result[1].status_extended
|
result[1].status_extended
|
||||||
== f"User {user} has not used access key 1 in the last 90 days (100 days)."
|
== f"User {user} has not used access key 1 in the last 90 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[1].resource_id == user
|
assert result[1].resource_id == user + "/AccessKey1"
|
||||||
assert result[1].resource_arn == arn
|
assert result[1].resource_arn == arn
|
||||||
assert result[1].region == AWS_REGION
|
assert result[1].region == AWS_REGION
|
||||||
assert result[2].status == "FAIL"
|
assert result[2].status == "FAIL"
|
||||||
@@ -386,7 +386,7 @@ class Test_iam_disable_90_days_credentials_test:
|
|||||||
result[2].status_extended
|
result[2].status_extended
|
||||||
== f"User {user} has not used access key 2 in the last 90 days (100 days)."
|
== f"User {user} has not used access key 2 in the last 90 days (100 days)."
|
||||||
)
|
)
|
||||||
assert result[2].resource_id == user
|
assert result[2].resource_id == user + "/AccessKey2"
|
||||||
assert result[2].resource_arn == arn
|
assert result[2].resource_arn == arn
|
||||||
assert result[2].region == AWS_REGION
|
assert result[2].region == AWS_REGION
|
||||||
|
|
||||||
|
|||||||
@@ -128,7 +128,7 @@ class Test_iam_inline_policy_no_administrative_privileges:
|
|||||||
assert len(results) == 1
|
assert len(results) == 1
|
||||||
assert results[0].region == AWS_REGION
|
assert results[0].region == AWS_REGION
|
||||||
assert results[0].resource_arn == group_arn
|
assert results[0].resource_arn == group_arn
|
||||||
assert results[0].resource_id == group_name
|
assert results[0].resource_id == f"{group_name}/{policy_name}"
|
||||||
assert results[0].resource_tags == []
|
assert results[0].resource_tags == []
|
||||||
assert results[0].status == "FAIL"
|
assert results[0].status == "FAIL"
|
||||||
assert (
|
assert (
|
||||||
@@ -172,7 +172,7 @@ class Test_iam_inline_policy_no_administrative_privileges:
|
|||||||
assert len(results) == 1
|
assert len(results) == 1
|
||||||
assert results[0].region == AWS_REGION
|
assert results[0].region == AWS_REGION
|
||||||
assert results[0].resource_arn == group_arn
|
assert results[0].resource_arn == group_arn
|
||||||
assert results[0].resource_id == group_name
|
assert results[0].resource_id == f"{group_name}/{policy_name}"
|
||||||
assert results[0].resource_tags == []
|
assert results[0].resource_tags == []
|
||||||
assert results[0].status == "PASS"
|
assert results[0].status == "PASS"
|
||||||
assert (
|
assert (
|
||||||
@@ -316,7 +316,7 @@ class Test_iam_inline_policy_no_administrative_privileges:
|
|||||||
assert len(results) == 1
|
assert len(results) == 1
|
||||||
assert results[0].region == AWS_REGION
|
assert results[0].region == AWS_REGION
|
||||||
assert results[0].resource_arn == role_arn
|
assert results[0].resource_arn == role_arn
|
||||||
assert results[0].resource_id == role_name
|
assert results[0].resource_id == f"{role_name}/{policy_name}"
|
||||||
assert results[0].resource_tags == []
|
assert results[0].resource_tags == []
|
||||||
assert results[0].status == "FAIL"
|
assert results[0].status == "FAIL"
|
||||||
assert (
|
assert (
|
||||||
@@ -363,7 +363,7 @@ class Test_iam_inline_policy_no_administrative_privileges:
|
|||||||
assert len(results) == 1
|
assert len(results) == 1
|
||||||
assert results[0].region == AWS_REGION
|
assert results[0].region == AWS_REGION
|
||||||
assert results[0].resource_arn == role_arn
|
assert results[0].resource_arn == role_arn
|
||||||
assert results[0].resource_id == role_name
|
assert results[0].resource_id == f"{role_name}/{policy_name}"
|
||||||
assert results[0].resource_tags == []
|
assert results[0].resource_tags == []
|
||||||
assert results[0].status == "PASS"
|
assert results[0].status == "PASS"
|
||||||
assert (
|
assert (
|
||||||
@@ -507,7 +507,7 @@ class Test_iam_inline_policy_no_administrative_privileges:
|
|||||||
assert len(results) == 1
|
assert len(results) == 1
|
||||||
assert results[0].region == AWS_REGION
|
assert results[0].region == AWS_REGION
|
||||||
assert results[0].resource_arn == user_arn
|
assert results[0].resource_arn == user_arn
|
||||||
assert results[0].resource_id == user_name
|
assert results[0].resource_id == f"{user_name}/{policy_name}"
|
||||||
assert results[0].resource_tags == []
|
assert results[0].resource_tags == []
|
||||||
assert results[0].status == "FAIL"
|
assert results[0].status == "FAIL"
|
||||||
assert (
|
assert (
|
||||||
@@ -553,7 +553,7 @@ class Test_iam_inline_policy_no_administrative_privileges:
|
|||||||
assert len(results) == 1
|
assert len(results) == 1
|
||||||
assert results[0].region == AWS_REGION
|
assert results[0].region == AWS_REGION
|
||||||
assert results[0].resource_arn == user_arn
|
assert results[0].resource_arn == user_arn
|
||||||
assert results[0].resource_id == user_name
|
assert results[0].resource_id == f"{user_name}/{policy_name}"
|
||||||
assert results[0].resource_tags == []
|
assert results[0].resource_tags == []
|
||||||
assert results[0].status == "PASS"
|
assert results[0].status == "PASS"
|
||||||
assert (
|
assert (
|
||||||
|
|||||||
@@ -83,7 +83,7 @@ class Test_iam_policy_attached_only_to_group_or_roles:
|
|||||||
== f"User {user} has the policy {policy_name} attached."
|
== f"User {user} has the policy {policy_name} attached."
|
||||||
)
|
)
|
||||||
assert result[0].region == AWS_REGION
|
assert result[0].region == AWS_REGION
|
||||||
assert result[0].resource_id == user
|
assert result[0].resource_id == f"{user}/{policy_name}"
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
|
== f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
|
||||||
@@ -133,7 +133,7 @@ class Test_iam_policy_attached_only_to_group_or_roles:
|
|||||||
== f"User {user} has the policy {policyName} attached."
|
== f"User {user} has the policy {policyName} attached."
|
||||||
)
|
)
|
||||||
assert result[0].region == AWS_REGION
|
assert result[0].region == AWS_REGION
|
||||||
assert result[0].resource_id == user
|
assert result[0].resource_id == f"{user}/{policyName}"
|
||||||
|
|
||||||
assert result[0].status == "FAIL"
|
assert result[0].status == "FAIL"
|
||||||
assert (
|
assert (
|
||||||
@@ -141,7 +141,7 @@ class Test_iam_policy_attached_only_to_group_or_roles:
|
|||||||
== f"User {user} has the policy {policyName} attached."
|
== f"User {user} has the policy {policyName} attached."
|
||||||
)
|
)
|
||||||
assert result[0].region == AWS_REGION
|
assert result[0].region == AWS_REGION
|
||||||
assert result[0].resource_id == user
|
assert result[0].resource_id == f"{user}/{policyName}"
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
|
== f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
|
||||||
@@ -186,7 +186,7 @@ class Test_iam_policy_attached_only_to_group_or_roles:
|
|||||||
== f"User {user} has the inline policy {policyName} attached."
|
== f"User {user} has the inline policy {policyName} attached."
|
||||||
)
|
)
|
||||||
assert result[0].region == AWS_REGION
|
assert result[0].region == AWS_REGION
|
||||||
assert result[0].resource_id == user
|
assert result[0].resource_id == f"{user}/{policyName}"
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
|
== f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
|
||||||
|
|||||||
@@ -165,7 +165,10 @@ class Test_route53_dangling_ip_subdomain_takeover:
|
|||||||
"is not a dangling IP",
|
"is not a dangling IP",
|
||||||
result[0].status_extended,
|
result[0].status_extended,
|
||||||
)
|
)
|
||||||
assert result[0].resource_id == zone_id.replace("/hostedzone/", "")
|
assert (
|
||||||
|
result[0].resource_id
|
||||||
|
== zone_id.replace("/hostedzone/", "") + "/192.168.1.1"
|
||||||
|
)
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
||||||
@@ -226,7 +229,10 @@ class Test_route53_dangling_ip_subdomain_takeover:
|
|||||||
"does not belong to AWS and it is not a dangling IP",
|
"does not belong to AWS and it is not a dangling IP",
|
||||||
result[0].status_extended,
|
result[0].status_extended,
|
||||||
)
|
)
|
||||||
assert result[0].resource_id == zone_id.replace("/hostedzone/", "")
|
assert (
|
||||||
|
result[0].resource_id
|
||||||
|
== zone_id.replace("/hostedzone/", "") + "/17.5.7.3"
|
||||||
|
)
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
||||||
@@ -287,7 +293,10 @@ class Test_route53_dangling_ip_subdomain_takeover:
|
|||||||
"is a dangling IP",
|
"is a dangling IP",
|
||||||
result[0].status_extended,
|
result[0].status_extended,
|
||||||
)
|
)
|
||||||
assert result[0].resource_id == zone_id.replace("/hostedzone/", "")
|
assert (
|
||||||
|
result[0].resource_id
|
||||||
|
== zone_id.replace("/hostedzone/", "") + "/54.152.12.70"
|
||||||
|
)
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
||||||
@@ -351,7 +360,10 @@ class Test_route53_dangling_ip_subdomain_takeover:
|
|||||||
"is not a dangling IP",
|
"is not a dangling IP",
|
||||||
result[0].status_extended,
|
result[0].status_extended,
|
||||||
)
|
)
|
||||||
assert result[0].resource_id == zone_id.replace("/hostedzone/", "")
|
assert (
|
||||||
|
result[0].resource_id
|
||||||
|
== zone_id.replace("/hostedzone/", "") + "/17.5.7.3"
|
||||||
|
)
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
||||||
@@ -421,7 +433,10 @@ class Test_route53_dangling_ip_subdomain_takeover:
|
|||||||
"is not a dangling IP",
|
"is not a dangling IP",
|
||||||
result[0].status_extended,
|
result[0].status_extended,
|
||||||
)
|
)
|
||||||
assert result[0].resource_id == zone_id.replace("/hostedzone/", "")
|
assert (
|
||||||
|
result[0].resource_id
|
||||||
|
== zone_id.replace("/hostedzone/", "") + "/17.5.7.3"
|
||||||
|
)
|
||||||
assert (
|
assert (
|
||||||
result[0].resource_arn
|
result[0].resource_arn
|
||||||
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
== f"arn:{audit_info.audited_partition}:route53:::hostedzone/{zone_id.replace('/hostedzone/','')}"
|
||||||
|
|||||||
Reference in New Issue
Block a user