ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(regions_update): Changes in regions for AWS services. (#1508)

Browse Source
This commit is contained in:
github-actions[bot]
2022-11-23 15:11:22 +01:00
committed by GitHub
parent 989638a42d
commit 1a70a45805
36 changed files with 354 additions and 214 deletions
Download Patch File Download Diff File Expand all files Collapse all files

374
providers/aws/aws_regions_by_service.json
View File

File diff suppressed because it is too large Load Diff

2
providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py
View File

@@ -134,7 +134,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
check = cloudtrail_cloudwatch_logging_enabled()
result = check.execute()
# len of result should be 24 -> (1 multiregion entry per region + 1 entry because of single region trail)
assert len(result) == 24
assert len(result) == 26
for report in result:
if report.resource_id == trail_name_us:
assert report.resource_id == trail_name_us

6
providers/aws/services/cloudtrail/cloudtrail_service_test.py
View File

@@ -84,7 +84,7 @@ class Test_Cloudtrail_Service:
audit_info = self.set_mocked_audit_info()
cloudtrail = Cloudtrail(audit_info)
# 1 None result per region plus 2 created
assert len(cloudtrail.trails) == 23
assert len(cloudtrail.trails) == 25
for trail in cloudtrail.trails:
if trail.name:
assert trail.name == trail_name_us or trail.name == trail_name_eu
@@ -130,7 +130,7 @@ class Test_Cloudtrail_Service:
audit_info = self.set_mocked_audit_info()
cloudtrail = Cloudtrail(audit_info)
# 1 None result per region plus 2 created
assert len(cloudtrail.trails) == 23
assert len(cloudtrail.trails) == 25
for trail in cloudtrail.trails:
if trail.name:
if trail.name == trail_name_us:
@@ -172,7 +172,7 @@ class Test_Cloudtrail_Service:
audit_info = self.set_mocked_audit_info()
cloudtrail = Cloudtrail(audit_info)
# 1 None result per region plus 2 created
assert len(cloudtrail.trails) == 23
assert len(cloudtrail.trails) == 25
for trail in cloudtrail.trails:
if trail.name:
if trail.name == trail_name_us:

6
providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py
View File

@@ -27,7 +27,7 @@ class Test_config_recorder_all_regions_enabled:
result = check.execute()
assert (
len(result) == 23
len(result) == 25
) # One fail result per region, since there are no recorders
assert result[0].status == "FAIL"
@@ -55,7 +55,7 @@ class Test_config_recorder_all_regions_enabled:
check = config_recorder_all_regions_enabled()
result = check.execute()
assert len(result) == 23
assert len(result) == 25
# Search for the recorder just created
for recorder in result:
if recorder.resource_id:
@@ -95,7 +95,7 @@ class Test_config_recorder_all_regions_enabled:
check = config_recorder_all_regions_enabled()
result = check.execute()
assert len(result) == 23
assert len(result) == 25
# Search for the recorder just created
for recorder in result:
if recorder.resource_id:

2
providers/aws/services/config/config_service_test.py
View File

@@ -81,7 +81,7 @@ class Test_Config_Service:
audit_info = self.set_mocked_audit_info()
config = Config(audit_info)
# One recorder per region
assert len(config.recorders) == 23
assert len(config.recorders) == 25
# Check the active one
# Search for the recorder just created
for recorder in config.recorders:

4
providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py
View File

@@ -33,7 +33,7 @@ class Test_ec2_ebs_default_encryption:
results = check.execute()
# One result per region
assert len(results) == 23
assert len(results) == 25
for result in results:
if result.region == AWS_REGION:
assert result.status == "PASS"
@@ -63,7 +63,7 @@ class Test_ec2_ebs_default_encryption:
result = check.execute()
# One result per region
assert len(result) == 23
assert len(result) == 25
assert result[0].status == "FAIL"
assert search(
"EBS Default Encryption is not activated",

6
providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py
View File

@@ -28,7 +28,7 @@ class Test_ec2_ebs_public_snapshot:
result = check.execute()
# Default snapshots
assert len(result) == 1345
assert len(result) == 1433
@mock_ec2
def test_ec2_public_snapshot(self):
@@ -61,7 +61,7 @@ class Test_ec2_ebs_public_snapshot:
results = check.execute()
# Default snapshots + 1 created
assert len(results) == 1346
assert len(results) == 1434
for snap in results:
if snap.resource_id == snapshot.id:
@@ -97,7 +97,7 @@ class Test_ec2_ebs_public_snapshot:
results = check.execute()
# Default snapshots + 1 created
assert len(results) == 1346
assert len(results) == 1434
for snap in results:
if snap.resource_id == snapshot.id:

6
providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py
View File

@@ -28,7 +28,7 @@ class Test_ec2_ebs_snapshots_encrypted:
result = check.execute()
# Default snapshots
assert len(result) == 1345
assert len(result) == 1433
@mock_ec2
def test_ec2_unencrypted_snapshot(self):
@@ -55,7 +55,7 @@ class Test_ec2_ebs_snapshots_encrypted:
results = check.execute()
# Default snapshots + 1 created
assert len(results) == 1346
assert len(results) == 1434
for snap in results:
if snap.resource_id == snapshot.id:
@@ -91,7 +91,7 @@ class Test_ec2_ebs_snapshots_encrypted:
results = check.execute()
# Default snapshots + 1 created
assert len(results) == 1346
assert len(results) == 1434
for snap in results:
if snap.resource_id == snapshot.id:

8
providers/aws/services/ec2/ec2_network_acls_allow_ingress_any_port/ec2_network_acls_allow_ingress_any_port_test.py
View File

@@ -28,7 +28,7 @@ class Test_ec2_network_acls_allow_ingress_any_port:
result = check.execute()
# One default nacl per region
assert len(result) == 23
assert len(result) == 25
@mock_ec2
def test_ec2_non_default_compliant_nacl(self):
@@ -51,7 +51,7 @@ class Test_ec2_network_acls_allow_ingress_any_port:
result = check.execute()
# One default sg per region
assert len(result) == 23
assert len(result) == 25
# by default nacls are public
assert result[0].status == "FAIL"
@@ -95,7 +95,7 @@ class Test_ec2_network_acls_allow_ingress_any_port:
result = check.execute()
# One default sg per region + default of new VPC + new NACL
assert len(result) == 25
assert len(result) == 27
# Search changed sg
for nacl in result:
if nacl.resource_id == nacl_id:
@@ -140,7 +140,7 @@ class Test_ec2_network_acls_allow_ingress_any_port:
result = check.execute()
# One default sg per region + default of new VPC + new NACL
assert len(result) == 25
assert len(result) == 27
# Search changed sg
for nacl in result:
if nacl.resource_id == nacl_id:

8
providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py
View File

@@ -28,7 +28,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
result = check.execute()
# One default nacl per region
assert len(result) == 23
assert len(result) == 25
@mock_ec2
def test_ec2_non_default_compliant_nacl(self):
@@ -51,7 +51,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
result = check.execute()
# One default sg per region
assert len(result) == 23
assert len(result) == 25
# by default nacls are public
assert result[0].status == "FAIL"
@@ -96,7 +96,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
result = check.execute()
# One default sg per region + default of new VPC + new NACL
assert len(result) == 25
assert len(result) == 27
# Search changed sg
for nacl in result:
if nacl.resource_id == nacl_id:
@@ -142,7 +142,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
result = check.execute()
# One default sg per region + default of new VPC + new NACL
assert len(result) == 25
assert len(result) == 27
# Search changed sg
for nacl in result:
if nacl.resource_id == nacl_id:

8
providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py
View File

@@ -28,7 +28,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
result = check.execute()
# One default nacl per region
assert len(result) == 23
assert len(result) == 25
@mock_ec2
def test_ec2_non_default_compliant_nacl(self):
@@ -51,7 +51,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
result = check.execute()
# One default sg per region
assert len(result) == 23
assert len(result) == 25
# by default nacls are public
assert result[0].status == "FAIL"
@@ -96,7 +96,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
result = check.execute()
# One default sg per region + default of new VPC + new NACL
assert len(result) == 25
assert len(result) == 27
# Search changed sg
for nacl in result:
if nacl.resource_id == nacl_id:
@@ -142,7 +142,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
result = check.execute()
# One default sg per region + default of new VPC + new NACL
assert len(result) == 25
assert len(result) == 27
# Search changed sg
for nacl in result:
if nacl.resource_id == nacl_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py
View File

@@ -32,7 +32,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -72,7 +72,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -118,7 +118,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py
View File

@@ -32,7 +32,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -74,7 +74,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -122,7 +122,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py
View File

@@ -32,7 +32,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -74,7 +74,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -122,7 +122,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -127,7 +127,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -127,7 +127,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py
View File

@@ -34,7 +34,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -128,7 +128,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py
View File

@@ -34,7 +34,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -78,7 +78,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -127,7 +127,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py
View File

@@ -32,7 +32,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -72,7 +72,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -118,7 +118,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py
View File

@@ -31,7 +31,7 @@ class Test_ec2_securitygroup_default_restrict_traffic:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -66,7 +66,7 @@ class Test_ec2_securitygroup_default_restrict_traffic:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -109,7 +109,7 @@ class Test_ec2_securitygroup_default_restrict_traffic:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py
View File

@@ -33,7 +33,7 @@ class Test_ec2_securitygroup_from_launch_wizard:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -64,7 +64,7 @@ class Test_ec2_securitygroup_from_launch_wizard:
result = check.execute()
# One default sg per region + created one
assert len(result) == 25
assert len(result) == 27
# Search changed sg
for sg in result:
if sg.resource_id == sg_id:
@@ -110,7 +110,7 @@ class Test_ec2_securitygroup_from_launch_wizard:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

8
providers/aws/services/ec2/ec2_securitygroup_in_use_without_ingress_filtering/ec2_securitygroup_in_use_without_ingress_filtering_test.py
View File

@@ -33,7 +33,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -73,7 +73,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -127,7 +127,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -164,7 +164,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py
View File

@@ -33,7 +33,7 @@ class Test_ec2_securitygroup_not_used:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are unused by default
assert result[0].status == "FAIL"
@@ -64,7 +64,7 @@ class Test_ec2_securitygroup_not_used:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -110,7 +110,7 @@ class Test_ec2_securitygroup_not_used:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

6
providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py
View File

@@ -32,7 +32,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# All are compliant by default
assert result[0].status == "PASS"
@@ -75,7 +75,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:
@@ -122,7 +122,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules:
result = check.execute()
# One default sg per region
assert len(result) == 24
assert len(result) == 26
# Search changed sg
for sg in result:
if sg.resource_id == default_sg_id:

2
providers/aws/services/ec2/ec2_service_test.py
View File

@@ -195,7 +195,7 @@ class Test_EC2_Service:
ec2 = EC2(audit_info)
# One result per region
assert len(ec2.ebs_encryption_by_default) == 23
assert len(ec2.ebs_encryption_by_default) == 25
for result in ec2.ebs_encryption_by_default:
if result.region == AWS_REGION:
assert result.status

4
providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries_test.py
View File

@@ -53,7 +53,7 @@ class Test_vpc_endpoint_services_allowed_principals_trust_boundaries:
check = vpc_endpoint_services_allowed_principals_trust_boundaries()
result = check.execute()
assert len(result) == 23 # one endpoint per region
assert len(result) == 25 # one endpoint per region
@mock_ec2
@mock_elbv2
@@ -100,7 +100,7 @@ class Test_vpc_endpoint_services_allowed_principals_trust_boundaries:
check = vpc_endpoint_services_allowed_principals_trust_boundaries()
result = check.execute()
assert len(result) == 23 # one per region
assert len(result) == 25 # one per region
assert result[0].status == "PASS"
assert (
result[0].status_extended

2
providers/aws/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled_test.py
View File

@@ -28,7 +28,7 @@ class Test_vpc_flow_logs_enabled:
result = check.execute()
assert (
len(result) == 23
len(result) == 25
) # Number of AWS regions, one default VPC per region
@mock_ec2

2
providers/aws/services/vpc/vpc_service_test.py
View File

@@ -76,7 +76,7 @@ class Test_VPC_Service:
audit_info = self.set_mocked_audit_info()
vpc = VPC(audit_info)
assert (
len(vpc.vpcs) == 24
len(vpc.vpcs) == 26
) # Number of AWS regions + created VPC, one default VPC per region
# Test VPC Describe Flow Logs