diff --git a/prowler/providers/aws/aws_regions_by_service.json b/prowler/providers/aws/aws_regions_by_service.json index d1145c2b..5ebdd2e0 100644 --- a/prowler/providers/aws/aws_regions_by_service.json +++ b/prowler/providers/aws/aws_regions_by_service.json @@ -21,6 +21,7 @@ "me-south-1", "us-east-1", "us-west-1", + "ap-south-2", "ap-southeast-2", "ca-central-1", "eu-central-1", @@ -39,6 +40,40 @@ ] } }, + "acm-pca": { + "regions": { + "aws": [ + "ap-east-1", + "ap-northeast-3", + "ap-south-1", + "ap-southeast-1", + "eu-south-1", + "eu-west-2", + "me-central-1", + "me-south-1", + "us-east-2", + "us-west-1", + "af-south-1", + "ap-northeast-1", + "ap-northeast-2", + "ap-southeast-2", + "ap-southeast-3", + "ca-central-1", + "eu-central-1", + "eu-west-1", + "us-east-1", + "eu-north-1", + "eu-west-3", + "sa-east-1", + "us-west-2" + ], + "cn": {}, + "gov": [ + "us-gov-west-1", + "us-gov-east-1" + ] + } + }, "ahl": { "regions": { "aws": [ @@ -153,6 +188,7 @@ "me-central-1", "us-east-2", "ap-south-1", + "ap-south-2", "ap-southeast-1", "ca-central-1", "eu-central-2", @@ -275,6 +311,7 @@ "eu-central-1", "eu-west-1", "eu-west-2", + "sa-east-1", "us-west-2", "ap-southeast-2", "us-east-1", @@ -361,6 +398,7 @@ "af-south-1", "ap-northeast-1", "ap-northeast-3", + "ap-south-2", "eu-north-1", "eu-south-1", "eu-west-1", @@ -471,6 +509,7 @@ "eu-west-3", "us-east-2", "ap-south-1", + "ap-south-2", "ap-southeast-3", "eu-central-1", "eu-north-1", @@ -504,6 +543,7 @@ "ap-east-1", "ap-northeast-2", "ap-northeast-3", + "ap-south-2", "ca-central-1", "eu-north-1", "eu-south-1", @@ -522,8 +562,8 @@ "cn-northwest-1" ], "gov": [ - "us-gov-west-1", - "us-gov-east-1" + "us-gov-east-1", + "us-gov-west-1" ] } }, @@ -811,7 +851,7 @@ "cloudformation": { "regions": { "aws": [ - "ap-south-1", + "ap-south-2", "ap-southeast-2", "eu-central-2", "eu-south-2", @@ -821,11 +861,11 @@ "af-south-1", "ap-east-1", "ap-northeast-1", + "ap-south-1", "ap-southeast-3", "ca-central-1", "eu-central-1", "eu-west-3", - "us-east-1", "us-west-2", "ap-northeast-2", "ap-northeast-3", @@ -835,6 +875,7 @@ "eu-west-1", "me-south-1", "sa-east-1", + "us-east-1", "us-west-1" ], "cn": [ @@ -851,20 +892,20 @@ "regions": { "aws": [ "ap-east-1", + "ap-south-2", "ca-central-1", "eu-central-1", "eu-south-2", - "eu-west-1", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-2", - "ap-northeast-3", "ap-south-1", "ap-southeast-1", "ap-southeast-3", "eu-north-1", + "eu-west-1", "eu-west-2", "me-central-1", "me-south-1", @@ -872,6 +913,7 @@ "af-south-1", "ap-northeast-1", "ap-northeast-2", + "ap-northeast-3", "ap-southeast-2", "eu-central-2", "eu-south-1" @@ -970,10 +1012,10 @@ "sa-east-1", "us-west-2", "ap-northeast-3", + "ap-south-2", "ap-southeast-2", "ap-southeast-3", "ca-central-1", - "eu-north-1", "eu-south-1", "eu-west-1", "us-east-2", @@ -981,6 +1023,7 @@ "ap-southeast-1", "eu-central-1", "eu-central-2", + "eu-north-1", "eu-west-2", "me-south-1", "us-east-1", @@ -1000,8 +1043,8 @@ "regions": { "aws": [ "ap-northeast-2", + "ap-south-2", "ca-central-1", - "eu-north-1", "me-central-1", "me-south-1", "sa-east-1", @@ -1015,11 +1058,12 @@ "ap-northeast-3", "ap-southeast-3", "eu-central-2", - "eu-south-1", + "eu-north-1", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "eu-central-1", + "eu-south-1", "eu-south-2", "eu-west-1", "eu-west-2", @@ -1149,6 +1193,7 @@ "sa-east-1", "us-east-2", "ap-northeast-1", + "ap-south-2", "ap-southeast-3", "eu-central-1", "eu-north-1", @@ -1251,6 +1296,7 @@ "ca-central-1", "eu-central-1", "eu-north-1", + "eu-south-1", "eu-west-2", "me-south-1", "sa-east-1", @@ -1349,12 +1395,12 @@ "us-west-1", "ap-northeast-1", "ap-northeast-3", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", "ca-central-1", "eu-north-1", "eu-west-2", - "sa-east-1", "us-west-2", "af-south-1", "ap-southeast-2", @@ -1363,6 +1409,7 @@ "eu-west-1", "eu-west-3", "me-central-1", + "sa-east-1", "us-east-2" ], "cn": [ @@ -1617,6 +1664,7 @@ "af-south-1", "ap-northeast-3", "ap-south-1", + "ap-south-2", "eu-central-1", "eu-south-1", "eu-south-2", @@ -1632,8 +1680,8 @@ "us-east-1" ], "cn": [ - "cn-north-1", - "cn-northwest-1" + "cn-northwest-1", + "cn-north-1" ], "gov": [ "us-gov-west-1", @@ -1668,8 +1716,8 @@ "me-south-1", "sa-east-1", "us-east-1", - "ap-east-1", "ap-northeast-2", + "ap-south-2", "ap-southeast-1", "eu-central-1", "eu-south-1", @@ -1678,6 +1726,7 @@ "us-east-2", "us-west-1", "af-south-1", + "ap-east-1", "ap-northeast-1", "ap-northeast-3", "ap-south-1", @@ -1793,12 +1842,12 @@ "dynamodb": { "regions": { "aws": [ + "ap-south-2", "ap-southeast-3", "ca-central-1", "eu-central-1", "eu-central-2", "eu-north-1", - "eu-west-1", "eu-west-2", "me-south-1", "ap-east-1", @@ -1806,9 +1855,9 @@ "ap-northeast-2", "ap-southeast-2", "eu-south-2", + "eu-west-1", "me-central-1", "us-east-2", - "us-west-1", "us-west-2", "af-south-1", "ap-northeast-3", @@ -1817,7 +1866,8 @@ "eu-south-1", "eu-west-3", "sa-east-1", - "us-east-1" + "us-east-1", + "us-west-1" ], "cn": [ "cn-north-1", @@ -1841,7 +1891,7 @@ "eu-south-2", "eu-west-1", "me-south-1", - "af-south-1", + "ap-south-2", "ap-southeast-3", "ca-central-1", "eu-central-1", @@ -1850,6 +1900,7 @@ "sa-east-1", "us-east-2", "us-west-1", + "af-south-1", "ap-northeast-2", "ap-south-1", "ap-southeast-2", @@ -1883,12 +1934,13 @@ "af-south-1", "ap-east-1", "ap-northeast-2", - "ap-southeast-1", + "ap-south-2", "eu-south-1", "eu-south-2", "us-east-1", "us-east-2", "us-west-2", + "ap-southeast-1", "ap-southeast-3", "ca-central-1", "eu-central-1", @@ -1913,8 +1965,8 @@ "ap-east-1", "ap-northeast-1", "ap-northeast-3", + "ap-south-2", "ap-southeast-1", - "eu-south-1", "eu-west-2", "eu-west-3", "me-south-1", @@ -1924,9 +1976,9 @@ "ap-southeast-3", "ca-central-1", "eu-central-2", + "eu-south-1", "eu-west-1", "me-central-1", - "us-east-1", "us-east-2", "us-west-1", "af-south-1", @@ -1934,6 +1986,7 @@ "eu-central-1", "eu-north-1", "eu-south-2", + "us-east-1", "us-west-2" ], "cn": [ @@ -1950,10 +2003,10 @@ "regions": { "aws": [ "ap-northeast-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", "ca-central-1", - "eu-central-2", "eu-north-1", "eu-south-1", "eu-south-2", @@ -1963,13 +2016,14 @@ "ap-northeast-3", "ap-south-1", "ap-southeast-2", - "eu-west-2", + "eu-central-2", "us-east-1", "us-west-1", "af-south-1", "ap-northeast-2", "eu-central-1", "eu-west-1", + "eu-west-2", "me-central-1", "me-south-1", "sa-east-1", @@ -2079,20 +2133,20 @@ "af-south-1", "ap-northeast-1", "ap-south-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", - "ca-central-1", "eu-central-2", "eu-south-2", "eu-west-1", "me-central-1", "ap-east-1", "ap-southeast-2", + "ca-central-1", "eu-north-1", "eu-west-2", "sa-east-1", "us-east-1", - "us-west-1", "ap-northeast-2", "ap-northeast-3", "eu-central-1", @@ -2100,6 +2154,7 @@ "eu-west-3", "me-south-1", "us-east-2", + "us-west-1", "us-west-2" ], "cn": [ @@ -2168,7 +2223,7 @@ "regions": { "aws": [ "ap-northeast-1", - "ap-northeast-3", + "ap-south-2", "eu-north-1", "eu-south-1", "eu-west-2", @@ -2176,8 +2231,8 @@ "me-south-1", "us-east-2", "us-west-2", - "ap-east-1", "ap-northeast-2", + "ap-northeast-3", "ap-south-1", "ap-southeast-3", "eu-central-1", @@ -2187,6 +2242,7 @@ "sa-east-1", "us-east-1", "af-south-1", + "ap-east-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", @@ -2207,24 +2263,25 @@ "regions": { "aws": [ "af-south-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", "ca-central-1", "eu-north-1", - "eu-west-2", "me-central-1", "me-south-1", "sa-east-1", "us-west-2", - "ap-northeast-2", "ap-northeast-3", "ap-southeast-2", "eu-central-1", "eu-central-2", "eu-west-1", + "eu-west-2", "eu-west-3", "ap-east-1", "ap-northeast-1", + "ap-northeast-2", "ap-south-1", "eu-south-1", "eu-south-2", @@ -2254,7 +2311,7 @@ "us-west-1", "us-west-2", "af-south-1", - "ap-southeast-1", + "ap-south-2", "ca-central-1", "eu-central-1", "eu-central-2", @@ -2265,6 +2322,7 @@ "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", + "ap-southeast-1", "ap-southeast-3", "eu-west-2", "me-central-1", @@ -2287,24 +2345,25 @@ "af-south-1", "ap-northeast-2", "ap-northeast-3", + "ap-south-2", "eu-central-1", "eu-north-1", "eu-west-3", - "us-east-1", "us-west-2", "ap-east-1", "ap-southeast-1", - "ca-central-1", "eu-west-1", "eu-west-2", "me-central-1", "me-south-1", "sa-east-1", + "us-east-1", "us-east-2", "ap-northeast-1", "ap-south-1", "ap-southeast-2", "ap-southeast-3", + "ca-central-1", "eu-central-2", "eu-south-1", "eu-south-2", @@ -2331,7 +2390,7 @@ "me-south-1", "sa-east-1", "us-east-1", - "ap-northeast-1", + "ap-south-2", "ca-central-1", "eu-central-1", "eu-central-2", @@ -2341,6 +2400,7 @@ "eu-west-1", "us-west-2", "ap-east-1", + "ap-northeast-1", "ap-northeast-3", "ap-south-1", "ap-southeast-2", @@ -2610,16 +2670,20 @@ "fsx-openzfs": { "regions": { "aws": [ + "ap-east-1", "ap-northeast-1", - "ap-southeast-1", + "ap-northeast-2", + "ap-south-1", "ap-southeast-2", "ca-central-1", - "eu-central-1", "eu-west-1", "eu-west-2", - "us-east-1", "us-east-2", - "us-west-2" + "us-west-2", + "ap-southeast-1", + "eu-central-1", + "eu-north-1", + "us-east-1" ], "cn": {}, "gov": {} @@ -2845,6 +2909,7 @@ "us-east-2", "ap-northeast-2", "ap-south-1", + "eu-central-2", "eu-north-1", "us-west-1" ], @@ -2870,22 +2935,23 @@ "iam": { "regions": { "aws": [ + "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", "eu-north-1", - "me-central-1", "us-west-1", "af-south-1", - "ap-east-1", "ap-northeast-1", "ca-central-1", "eu-central-1", "eu-south-2", "eu-west-2", + "me-central-1", "me-south-1", "us-east-2", "us-west-2", + "ap-east-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", @@ -2906,6 +2972,29 @@ ] } }, + "inspector": { + "regions": { + "aws": [ + "ap-northeast-1", + "ap-northeast-2", + "ap-southeast-2", + "eu-central-1", + "eu-north-1", + "eu-west-2", + "us-east-2", + "us-west-1", + "us-west-2", + "ap-south-1", + "eu-west-1", + "us-east-1" + ], + "cn": {}, + "gov": [ + "us-gov-west-1", + "us-gov-east-1" + ] + } + }, "inspector2": { "regions": { "aws": [ @@ -3047,6 +3136,7 @@ "ca-central-1", "eu-north-1", "eu-west-2", + "me-central-1", "us-east-1", "us-west-2", "eu-west-1", @@ -3213,6 +3303,7 @@ "eu-south-2", "us-east-2", "ap-east-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", "eu-central-1", @@ -3293,25 +3384,26 @@ "kms": { "regions": { "aws": [ - "ap-east-1", "ap-northeast-2", "ap-south-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", "eu-central-2", "eu-west-1", "us-east-1", "us-east-2", + "ap-east-1", "ap-northeast-1", "ap-southeast-2", "eu-central-1", - "eu-north-1", "eu-south-2", "me-south-1", "sa-east-1", "af-south-1", "ap-northeast-3", "ca-central-1", + "eu-north-1", "eu-south-1", "eu-west-2", "eu-west-3", @@ -3387,6 +3479,7 @@ "us-west-2", "af-south-1", "ap-northeast-3", + "ap-south-2", "ca-central-1", "eu-central-1", "eu-west-1", @@ -3415,11 +3508,13 @@ "eu-west-1", "eu-west-2", "us-east-1", - "us-west-2", - "ap-southeast-2" + "ap-southeast-2", + "us-west-2" ], "cn": {}, - "gov": {} + "gov": [ + "us-gov-west-1" + ] } }, "license-manager": { @@ -3654,6 +3749,7 @@ "us-east-2", "ap-east-1", "ap-south-1", + "ap-south-2", "ap-southeast-2", "eu-central-1", "eu-north-1", @@ -3916,12 +4012,12 @@ "eu-central-1", "eu-north-1", "eu-west-2", + "me-central-1", "us-east-2", "us-west-2", "ap-southeast-1", "ap-southeast-2", "ca-central-1", - "eu-south-1", "eu-west-1", "eu-west-3", "me-south-1", @@ -3930,7 +4026,8 @@ "us-west-1", "ap-northeast-1", "ap-northeast-3", - "ap-south-1" + "ap-south-1", + "eu-south-1" ], "cn": [ "cn-north-1", @@ -4006,7 +4103,7 @@ "ap-northeast-3", "ap-southeast-1", "ap-southeast-2", - "eu-west-2", + "ap-southeast-3", "eu-west-3", "me-south-1", "us-east-2", @@ -4015,11 +4112,12 @@ "ap-northeast-2", "ap-south-1", "ca-central-1", - "eu-central-1", "eu-north-1", "eu-south-1", "eu-west-1", + "eu-west-2", "us-east-1", + "eu-central-1", "sa-east-1", "us-west-2" ], @@ -4105,17 +4203,17 @@ "regions": { "aws": [ "ap-south-1", + "ap-south-2", "ap-southeast-2", "ap-southeast-3", - "ca-central-1", "eu-central-1", "eu-south-1", "eu-south-2", "me-south-1", "us-west-1", - "ap-northeast-2", "ap-northeast-3", "ap-southeast-1", + "ca-central-1", "eu-central-2", "eu-north-1", "eu-west-2", @@ -4124,6 +4222,7 @@ "af-south-1", "ap-east-1", "ap-northeast-1", + "ap-northeast-2", "eu-west-1", "eu-west-3", "me-central-1", @@ -4201,11 +4300,11 @@ "ap-east-1", "ap-northeast-2", "ap-northeast-3", + "ap-south-2", "ap-southeast-1", "ca-central-1", "me-south-1", "sa-east-1", - "ap-southeast-2", "ap-southeast-3", "eu-central-1", "eu-central-2", @@ -4217,6 +4316,7 @@ "us-west-1", "ap-northeast-1", "ap-south-1", + "ap-southeast-2", "eu-north-1", "eu-south-2", "eu-west-1", @@ -4286,6 +4386,40 @@ ] } }, + "private-ca": { + "regions": { + "aws": [ + "ap-east-1", + "ap-northeast-1", + "ap-south-1", + "ap-southeast-2", + "eu-south-1", + "eu-west-1", + "me-central-1", + "sa-east-1", + "us-east-2", + "us-west-2", + "af-south-1", + "ap-northeast-2", + "ap-northeast-3", + "ap-southeast-1", + "ap-southeast-3", + "eu-north-1", + "eu-west-2", + "us-east-1", + "ca-central-1", + "eu-central-1", + "eu-west-3", + "me-south-1", + "us-west-1" + ], + "cn": {}, + "gov": [ + "us-gov-east-1", + "us-gov-west-1" + ] + } + }, "privatelink": { "regions": { "aws": [ @@ -4310,6 +4444,7 @@ "us-west-1", "af-south-1", "ap-northeast-1", + "ap-south-2", "eu-north-1", "eu-west-1", "me-central-1", @@ -4446,6 +4581,7 @@ "ap-northeast-1", "ap-northeast-3", "ap-south-1", + "ap-south-2", "ap-southeast-2", "eu-central-1", "eu-north-1", @@ -4484,15 +4620,16 @@ "us-west-2", "ap-northeast-1", "ap-northeast-2", + "ap-south-2", "ap-southeast-1", "ap-southeast-2", - "ap-southeast-3", "eu-central-2", "eu-west-1", "eu-west-3", "me-central-1", "us-east-1", "ap-northeast-3", + "ap-southeast-3", "ca-central-1", "eu-central-1", "eu-north-1", @@ -4622,6 +4759,7 @@ "us-west-1", "af-south-1", "ap-northeast-2", + "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", @@ -4629,9 +4767,9 @@ "eu-south-1", "eu-south-2", "eu-west-3", - "me-central-1", "ap-northeast-1", "ca-central-1", + "me-central-1", "me-south-1", "us-east-1", "us-east-2", @@ -4655,15 +4793,16 @@ "me-central-1", "sa-east-1", "us-west-1", - "ap-northeast-2", "ap-northeast-3", "ap-south-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", "eu-south-2", "us-east-1", "af-south-1", + "ap-northeast-2", "ca-central-1", "eu-central-2", "eu-north-1", @@ -4741,6 +4880,7 @@ "us-west-2", "ap-northeast-1", "ap-northeast-2", + "ap-south-2", "ca-central-1", "eu-south-1", "eu-west-2", @@ -4793,6 +4933,21 @@ ] } }, + "securitylake": { + "regions": { + "aws": [ + "ap-northeast-1", + "ap-southeast-2", + "eu-central-1", + "eu-west-1", + "us-east-1", + "us-east-2", + "us-west-2" + ], + "cn": {}, + "gov": {} + } + }, "serverlessrepo": { "regions": { "aws": [ @@ -5089,6 +5244,7 @@ "af-south-1", "ap-northeast-1", "ap-northeast-3", + "ap-south-2", "ca-central-1", "eu-west-1", "us-east-2", @@ -5110,13 +5266,12 @@ "af-south-1", "ap-east-1", "ap-northeast-2", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", "eu-west-3", - "us-east-1", "us-east-2", "us-west-1", - "ap-northeast-1", "ap-south-1", "ca-central-1", "eu-central-2", @@ -5125,6 +5280,8 @@ "eu-west-2", "me-central-1", "me-south-1", + "us-east-1", + "ap-northeast-1", "ap-northeast-3", "ap-southeast-2", "eu-central-1", @@ -5147,11 +5304,11 @@ "regions": { "aws": [ "ap-northeast-2", + "ap-south-2", "ap-southeast-2", "eu-south-2", "eu-west-2", "me-central-1", - "me-south-1", "sa-east-1", "us-east-2", "us-west-1", @@ -5161,8 +5318,8 @@ "ca-central-1", "eu-central-1", "eu-north-1", + "me-south-1", "us-east-1", - "us-west-2", "af-south-1", "ap-northeast-1", "ap-south-1", @@ -5170,7 +5327,8 @@ "eu-central-2", "eu-south-1", "eu-west-1", - "eu-west-3" + "eu-west-3", + "us-west-2" ], "cn": [ "cn-northwest-1", @@ -5237,6 +5395,7 @@ "ap-east-1", "ap-northeast-1", "ap-northeast-3", + "ap-south-2", "ap-southeast-3", "eu-north-1", "us-west-1" @@ -5334,6 +5493,7 @@ "me-south-1", "us-east-1", "af-south-1", + "ap-south-2", "eu-central-1", "eu-north-1", "eu-west-1", @@ -5357,14 +5517,15 @@ "ap-northeast-1", "ap-northeast-3", "ap-south-1", + "ap-south-2", "ap-southeast-1", "ap-southeast-3", - "ca-central-1", "eu-central-1", "eu-south-1", "sa-east-1", "ap-east-1", "ap-southeast-2", + "ca-central-1", "eu-central-2", "eu-north-1", "eu-west-2", @@ -5609,6 +5770,7 @@ "us-west-1", "af-south-1", "ap-northeast-3", + "ap-south-2", "ap-southeast-2", "eu-west-2", "sa-east-1", @@ -5637,6 +5799,7 @@ "us-east-1", "us-east-2", "us-west-2", + "af-south-1", "ap-east-1", "ap-northeast-1", "ap-northeast-3", @@ -5677,6 +5840,7 @@ "us-west-2", "ap-northeast-1", "ap-northeast-2", + "ap-south-2", "ca-central-1", "eu-west-1", "eu-west-2", @@ -5698,23 +5862,24 @@ "regions": { "aws": [ "af-south-1", + "ap-south-2", "ap-southeast-2", "eu-central-1", "eu-north-1", "eu-south-1", "eu-south-2", "eu-west-3", - "me-south-1", "us-west-2", "ap-east-1", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", - "ap-south-1", "ap-southeast-1", "ap-southeast-3", "eu-west-2", + "me-south-1", "us-east-2", + "ap-south-1", "ca-central-1", "eu-central-2", "eu-west-1", @@ -5879,6 +6044,7 @@ "xray": { "regions": { "aws": [ + "ap-south-2", "ap-southeast-1", "eu-central-1", "eu-central-2", @@ -5893,13 +6059,13 @@ "ap-southeast-2", "ap-southeast-3", "ca-central-1", - "eu-south-1", "eu-west-1", "me-central-1", "af-south-1", "ap-northeast-3", "ap-south-1", "eu-north-1", + "eu-south-1", "eu-south-2", "me-south-1", "sa-east-1", @@ -5916,4 +6082,4 @@ } } } -} +} \ No newline at end of file diff --git a/tests/config/config_test.py b/tests/config/config_test.py index 2c0cb503..03192040 100644 --- a/tests/config/config_test.py +++ b/tests/config/config_test.py @@ -3,4 +3,4 @@ from prowler.config.config import get_aws_available_regions class Test_Config: def test_get_aws_available_regions(self): - assert len(get_aws_available_regions()) == 29 + assert len(get_aws_available_regions()) == 30 diff --git a/tests/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py b/tests/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py index 921392d7..9b35a7f8 100644 --- a/tests/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py +++ b/tests/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py @@ -36,6 +36,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled: ) current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.cloudtrail.cloudtrail_cloudwatch_logging_enabled.cloudtrail_cloudwatch_logging_enabled.cloudtrail_client", @@ -111,6 +112,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled: ) current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.cloudtrail.cloudtrail_cloudwatch_logging_enabled.cloudtrail_cloudwatch_logging_enabled.cloudtrail_client", @@ -137,8 +139,8 @@ class Test_cloudtrail_cloudwatch_logging_enabled: check = cloudtrail_cloudwatch_logging_enabled() result = check.execute() - # len of result should be 24 -> (1 multiregion entry per region + 1 entry because of single region trail) - assert len(result) == 26 + # len of result should be 3 -> (1 multiregion entry per region + 1 entry because of single region trail) + assert len(result) == 3 for report in result: if report.resource_id == trail_name_us: assert report.resource_id == trail_name_us @@ -186,6 +188,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled: ) current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.cloudtrail.cloudtrail_cloudwatch_logging_enabled.cloudtrail_cloudwatch_logging_enabled.cloudtrail_client", diff --git a/tests/providers/aws/services/cloudtrail/cloudtrail_service_test.py b/tests/providers/aws/services/cloudtrail/cloudtrail_service_test.py index a0d9d453..4b49cd72 100644 --- a/tests/providers/aws/services/cloudtrail/cloudtrail_service_test.py +++ b/tests/providers/aws/services/cloudtrail/cloudtrail_service_test.py @@ -24,7 +24,7 @@ class Test_Cloudtrail_Service: profile_region=None, credentials=None, assumed_role_info=None, - audited_regions=None, + audited_regions=["eu-west-1", "us-east-1"], organizations_metadata=None, ) return audit_info @@ -83,8 +83,7 @@ class Test_Cloudtrail_Service: ) audit_info = self.set_mocked_audit_info() cloudtrail = Cloudtrail(audit_info) - # 1 None result per region plus 2 created - assert len(cloudtrail.trails) == 25 + assert len(cloudtrail.trails) == 2 for trail in cloudtrail.trails: if trail.name: assert trail.name == trail_name_us or trail.name == trail_name_eu @@ -129,8 +128,7 @@ class Test_Cloudtrail_Service: ) audit_info = self.set_mocked_audit_info() cloudtrail = Cloudtrail(audit_info) - # 1 None result per region plus 2 created - assert len(cloudtrail.trails) == 25 + assert len(cloudtrail.trails) == 2 for trail in cloudtrail.trails: if trail.name: if trail.name == trail_name_us: @@ -171,8 +169,7 @@ class Test_Cloudtrail_Service: )["EventSelectors"] audit_info = self.set_mocked_audit_info() cloudtrail = Cloudtrail(audit_info) - # 1 None result per region plus 2 created - assert len(cloudtrail.trails) == 25 + assert len(cloudtrail.trails) == 2 for trail in cloudtrail.trails: if trail.name: if trail.name == trail_name_us: diff --git a/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py b/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py index a674d386..92d5a52c 100644 --- a/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py +++ b/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py @@ -13,6 +13,7 @@ class Test_config_recorder_all_regions_enabled: from prowler.providers.aws.services.config.config_service import Config current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.config.config_recorder_all_regions_enabled.config_recorder_all_regions_enabled.config_client", @@ -27,7 +28,7 @@ class Test_config_recorder_all_regions_enabled: result = check.execute() assert ( - len(result) == 25 + len(result) == 2 ) # One fail result per region, since there are no recorders assert result[0].status == "FAIL" @@ -43,6 +44,7 @@ class Test_config_recorder_all_regions_enabled: from prowler.providers.aws.services.config.config_service import Config current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.config.config_recorder_all_regions_enabled.config_recorder_all_regions_enabled.config_client", @@ -55,7 +57,7 @@ class Test_config_recorder_all_regions_enabled: check = config_recorder_all_regions_enabled() result = check.execute() - assert len(result) == 25 + assert len(result) == 2 # Search for the recorder just created for recorder in result: if recorder.resource_id: @@ -83,6 +85,7 @@ class Test_config_recorder_all_regions_enabled: from prowler.providers.aws.services.config.config_service import Config current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.config.config_recorder_all_regions_enabled.config_recorder_all_regions_enabled.config_client", @@ -95,7 +98,7 @@ class Test_config_recorder_all_regions_enabled: check = config_recorder_all_regions_enabled() result = check.execute() - assert len(result) == 25 + assert len(result) == 2 # Search for the recorder just created for recorder in result: if recorder.resource_id: diff --git a/tests/providers/aws/services/config/config_service_test.py b/tests/providers/aws/services/config/config_service_test.py index 880fa439..72bfae33 100644 --- a/tests/providers/aws/services/config/config_service_test.py +++ b/tests/providers/aws/services/config/config_service_test.py @@ -25,7 +25,7 @@ class Test_Config_Service: profile_region=None, credentials=None, assumed_role_info=None, - audited_regions=None, + audited_regions=["eu-west-1", "us-east-1"], organizations_metadata=None, ) return audit_info @@ -81,7 +81,7 @@ class Test_Config_Service: audit_info = self.set_mocked_audit_info() config = Config(audit_info) # One recorder per region - assert len(config.recorders) == 25 + assert len(config.recorders) == 2 # Check the active one # Search for the recorder just created for recorder in config.recorders: diff --git a/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py b/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py index 5a5e71d0..d23e922b 100644 --- a/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py +++ b/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py @@ -15,6 +15,7 @@ class Test_ec2_ami_public: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ami_public.ec2_ami_public.ec2_client", @@ -47,6 +48,7 @@ class Test_ec2_ami_public: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ami_public.ec2_ami_public.ec2_client", @@ -90,6 +92,7 @@ class Test_ec2_ami_public: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ami_public.ec2_ami_public.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py b/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py index 404c31f9..a9f68151 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py @@ -19,6 +19,7 @@ class Test_ec2_ebs_default_encryption: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_default_encryption.ec2_ebs_default_encryption.ec2_client", @@ -33,7 +34,7 @@ class Test_ec2_ebs_default_encryption: results = check.execute() # One result per region - assert len(results) == 25 + assert len(results) == 2 for result in results: if result.region == AWS_REGION: assert result.status == "PASS" @@ -49,6 +50,7 @@ class Test_ec2_ebs_default_encryption: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_default_encryption.ec2_ebs_default_encryption.ec2_client", @@ -63,7 +65,7 @@ class Test_ec2_ebs_default_encryption: result = check.execute() # One result per region - assert len(result) == 25 + assert len(result) == 2 assert result[0].status == "FAIL" assert search( "EBS Default Encryption is not activated", diff --git a/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py b/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py index 3374277a..dfba20b3 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py @@ -14,6 +14,7 @@ class Test_ec2_ebs_public_snapshot: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_public_snapshot.ec2_ebs_public_snapshot.ec2_client", @@ -28,7 +29,7 @@ class Test_ec2_ebs_public_snapshot: result = check.execute() # Default snapshots - assert len(result) == 1485 + assert len(result) == 122 @mock_ec2 def test_ec2_public_snapshot(self): @@ -47,6 +48,7 @@ class Test_ec2_ebs_public_snapshot: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_public_snapshot.ec2_ebs_public_snapshot.ec2_client", @@ -61,7 +63,7 @@ class Test_ec2_ebs_public_snapshot: results = check.execute() # Default snapshots + 1 created - assert len(results) == 1486 + assert len(results) == 123 for snap in results: if snap.resource_id == snapshot.id: @@ -83,6 +85,7 @@ class Test_ec2_ebs_public_snapshot: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_public_snapshot.ec2_ebs_public_snapshot.ec2_client", @@ -97,7 +100,7 @@ class Test_ec2_ebs_public_snapshot: results = check.execute() # Default snapshots + 1 created - assert len(results) == 1486 + assert len(results) == 123 for snap in results: if snap.resource_id == snapshot.id: diff --git a/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py b/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py index 0285efd0..ab71a200 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py @@ -14,6 +14,7 @@ class Test_ec2_ebs_snapshots_encrypted: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_snapshots_encrypted.ec2_ebs_snapshots_encrypted.ec2_client", @@ -28,7 +29,7 @@ class Test_ec2_ebs_snapshots_encrypted: result = check.execute() # Default snapshots - assert len(result) == 1485 + assert len(result) == 122 @mock_ec2 def test_ec2_unencrypted_snapshot(self): @@ -41,6 +42,7 @@ class Test_ec2_ebs_snapshots_encrypted: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_snapshots_encrypted.ec2_ebs_snapshots_encrypted.ec2_client", @@ -55,7 +57,7 @@ class Test_ec2_ebs_snapshots_encrypted: results = check.execute() # Default snapshots + 1 created - assert len(results) == 1486 + assert len(results) == 123 for snap in results: if snap.resource_id == snapshot.id: @@ -77,6 +79,7 @@ class Test_ec2_ebs_snapshots_encrypted: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_snapshots_encrypted.ec2_ebs_snapshots_encrypted.ec2_client", @@ -91,7 +94,7 @@ class Test_ec2_ebs_snapshots_encrypted: results = check.execute() # Default snapshots + 1 created - assert len(results) == 1486 + assert len(results) == 123 for snap in results: if snap.resource_id == snapshot.id: diff --git a/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py b/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py index 0633c310..637d9b86 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py @@ -14,6 +14,7 @@ class Test_ec2_ebs_volume_encryption: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_volume_encryption.ec2_ebs_volume_encryption.ec2_client", @@ -39,6 +40,7 @@ class Test_ec2_ebs_volume_encryption: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_volume_encryption.ec2_ebs_volume_encryption.ec2_client", @@ -71,6 +73,7 @@ class Test_ec2_ebs_volume_encryption: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_volume_encryption.ec2_ebs_volume_encryption.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py b/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py index 9459f08c..fce59e49 100644 --- a/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py +++ b/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py @@ -25,6 +25,7 @@ class Test_ec2_elastic_ip_shodan: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_shodan.ec2_elastic_ip_shodan.ec2_client", @@ -53,6 +54,7 @@ class Test_ec2_elastic_ip_shodan: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_shodan.ec2_elastic_ip_shodan.ec2_client", @@ -88,6 +90,7 @@ class Test_ec2_elastic_ip_shodan: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_shodan.ec2_elastic_ip_shodan.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py b/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py index b2ea562a..1652a0c6 100644 --- a/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py +++ b/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py @@ -16,6 +16,7 @@ class Test_ec2_elastic_ip_unassgined: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_unassgined.ec2_elastic_ip_unassgined.ec2_client", @@ -41,6 +42,7 @@ class Test_ec2_elastic_ip_unassgined: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_unassgined.ec2_elastic_ip_unassgined.ec2_client", @@ -84,6 +86,7 @@ class Test_ec2_elastic_ip_unassgined: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_unassgined.ec2_elastic_ip_unassgined.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py b/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py index c2190b2d..decf9b51 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py @@ -16,6 +16,7 @@ class Test_ec2_instance_imdsv2_enabled: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_imdsv2_enabled.ec2_instance_imdsv2_enabled.ec2_client", @@ -49,6 +50,7 @@ class Test_ec2_instance_imdsv2_enabled: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_imdsv2_enabled.ec2_instance_imdsv2_enabled.ec2_client", @@ -90,6 +92,7 @@ class Test_ec2_instance_imdsv2_enabled: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_imdsv2_enabled.ec2_instance_imdsv2_enabled.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py b/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py index e0e97f75..04312965 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py @@ -16,6 +16,7 @@ class Test_ec2_instance_internet_facing_with_instance_profile: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_internet_facing_with_instance_profile.ec2_instance_internet_facing_with_instance_profile.ec2_client", @@ -60,6 +61,7 @@ class Test_ec2_instance_internet_facing_with_instance_profile: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_internet_facing_with_instance_profile.ec2_instance_internet_facing_with_instance_profile.ec2_client", @@ -109,6 +111,7 @@ class Test_ec2_instance_internet_facing_with_instance_profile: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_internet_facing_with_instance_profile.ec2_instance_internet_facing_with_instance_profile.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py b/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py index d22a19b1..f7f322d9 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py @@ -18,6 +18,7 @@ class Test_ec2_instance_older_than_specific_days: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_older_than_specific_days.ec2_instance_older_than_specific_days.ec2_client", @@ -48,6 +49,7 @@ class Test_ec2_instance_older_than_specific_days: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_older_than_specific_days.ec2_instance_older_than_specific_days.ec2_client", @@ -82,6 +84,7 @@ class Test_ec2_instance_older_than_specific_days: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_older_than_specific_days.ec2_instance_older_than_specific_days.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py b/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py index d4aadc98..55c296c2 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py @@ -16,6 +16,7 @@ class Test_ec2_instance_profile_attached: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_profile_attached.ec2_instance_profile_attached.ec2_client", @@ -60,6 +61,7 @@ class Test_ec2_instance_profile_attached: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_profile_attached.ec2_instance_profile_attached.ec2_client", @@ -102,6 +104,7 @@ class Test_ec2_instance_profile_attached: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_profile_attached.ec2_instance_profile_attached.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py b/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py index 7381286e..b4f3a732 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py @@ -16,6 +16,7 @@ class Test_ec2_instance_public_ip: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_public_ip.ec2_instance_public_ip.ec2_client", @@ -54,6 +55,7 @@ class Test_ec2_instance_public_ip: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_public_ip.ec2_instance_public_ip.ec2_client", @@ -97,6 +99,7 @@ class Test_ec2_instance_public_ip: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_public_ip.ec2_instance_public_ip.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py b/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py index 86876cd1..adca0806 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py @@ -15,6 +15,7 @@ class Test_ec2_instance_secrets_user_data: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", @@ -45,6 +46,7 @@ class Test_ec2_instance_secrets_user_data: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", @@ -80,6 +82,7 @@ class Test_ec2_instance_secrets_user_data: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", @@ -117,6 +120,7 @@ class Test_ec2_instance_secrets_user_data: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", @@ -149,6 +153,7 @@ class Test_ec2_instance_secrets_user_data: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", diff --git a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py index d3bf22b8..ab06f27d 100644 --- a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py +++ b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py @@ -14,6 +14,7 @@ class ec2_networkacl_allow_ingress_any_port: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", @@ -28,7 +29,7 @@ class ec2_networkacl_allow_ingress_any_port: result = check.execute() # One default nacl per region - assert len(result) == 25 + assert len(result) == 3 @mock_ec2 def test_ec2_non_default_compliant_nacl(self): @@ -37,6 +38,7 @@ class ec2_networkacl_allow_ingress_any_port: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", @@ -51,7 +53,7 @@ class ec2_networkacl_allow_ingress_any_port: result = check.execute() # One default sg per region - assert len(result) == 25 + assert len(result) == 3 # by default nacls are public assert result[0].status == "FAIL" @@ -81,6 +83,7 @@ class ec2_networkacl_allow_ingress_any_port: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", @@ -95,7 +98,7 @@ class ec2_networkacl_allow_ingress_any_port: result = check.execute() # One default sg per region + default of new VPC + new NACL - assert len(result) == 27 + assert len(result) == 4 # Search changed sg for nacl in result: if nacl.resource_id == nacl_id: @@ -126,6 +129,7 @@ class ec2_networkacl_allow_ingress_any_port: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", @@ -140,7 +144,7 @@ class ec2_networkacl_allow_ingress_any_port: result = check.execute() # One default sg per region + default of new VPC + new NACL - assert len(result) == 27 + assert len(result) == 4 # Search changed sg for nacl in result: if nacl.resource_id == nacl_id: diff --git a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py index b3e72215..97ea57c5 100644 --- a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py +++ b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py @@ -14,6 +14,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", @@ -28,7 +29,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: result = check.execute() # One default nacl per region - assert len(result) == 25 + assert len(result) == 2 @mock_ec2 def test_ec2_non_default_compliant_nacl(self): @@ -37,6 +38,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", @@ -51,7 +53,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: result = check.execute() # One default sg per region - assert len(result) == 25 + assert len(result) == 2 # by default nacls are public assert result[0].status == "FAIL" @@ -82,6 +84,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", @@ -96,7 +99,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: result = check.execute() # One default sg per region + default of new VPC + new NACL - assert len(result) == 27 + assert len(result) == 4 # Search changed sg for nacl in result: if nacl.resource_id == nacl_id: @@ -128,6 +131,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", @@ -142,7 +146,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: result = check.execute() # One default sg per region + default of new VPC + new NACL - assert len(result) == 27 + assert len(result) == 4 # Search changed sg for nacl in result: if nacl.resource_id == nacl_id: diff --git a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py index 313664de..2fd6ce4a 100644 --- a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py +++ b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py @@ -14,6 +14,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", @@ -28,7 +29,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: result = check.execute() # One default nacl per region - assert len(result) == 25 + assert len(result) == 2 @mock_ec2 def test_ec2_non_default_compliant_nacl(self): @@ -37,6 +38,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", @@ -51,7 +53,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: result = check.execute() # One default sg per region - assert len(result) == 25 + assert len(result) == 2 # by default nacls are public assert result[0].status == "FAIL" @@ -82,6 +84,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", @@ -96,7 +99,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: result = check.execute() # One default sg per region + default of new VPC + new NACL - assert len(result) == 27 + assert len(result) == 4 # Search changed sg for nacl in result: if nacl.resource_id == nacl_id: @@ -128,6 +131,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", @@ -142,7 +146,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: result = check.execute() # One default sg per region + default of new VPC + new NACL - assert len(result) == 27 + assert len(result) == 4 # Search changed sg for nacl in result: if nacl.resource_id == nacl_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py index 58129049..0b49fc5e 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_client", @@ -32,7 +33,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -58,6 +59,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_client", @@ -72,7 +74,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -104,6 +106,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_client", @@ -118,7 +121,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py index 383b2a67..b64dc971 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py index b8360128..90f14e83 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py index 3b34ecc6..44dbf38d 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_client", @@ -32,7 +33,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -60,6 +61,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_client", @@ -74,7 +76,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -108,6 +110,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_client", @@ -122,7 +125,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py index e72121b8..3c0218c2 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_client", @@ -32,7 +33,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -60,6 +61,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_client", @@ -74,7 +76,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -108,6 +110,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_client", @@ -122,7 +125,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py index 8bdeb896..398f7753 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py index 0f726d6d..c177bc02 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py index aba5ad6d..c1be44cf 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -111,6 +113,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_client", @@ -127,7 +130,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py index bd6d6ffe..fc69e283 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py index 5c6528c7..6ac1881b 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py index a54443a0..94d9c4af 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py index 665da2ed..e667d0a5 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_client", @@ -128,7 +131,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py index f60ccfb3..a5556685 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -111,6 +113,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_client", @@ -127,7 +130,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py index 37efa7a8..ae933a34 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py @@ -18,6 +18,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_client", @@ -34,7 +35,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_client", @@ -78,7 +80,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -112,6 +114,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_client", @@ -128,7 +131,7 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py index 8e11596f..ff302ed2 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_client", @@ -34,7 +35,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -62,6 +63,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_client", @@ -78,7 +80,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -111,6 +113,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_client", @@ -127,7 +130,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py index bc7e3565..8f2d6516 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_client", @@ -32,7 +33,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -58,6 +59,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_client", @@ -72,7 +74,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -104,6 +106,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_client", @@ -118,7 +121,7 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py index 5c524c0e..231172d6 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py @@ -17,6 +17,7 @@ class Test_ec2_securitygroup_default_restrict_traffic: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_default_restrict_traffic.ec2_securitygroup_default_restrict_traffic.ec2_client", @@ -31,7 +32,7 @@ class Test_ec2_securitygroup_default_restrict_traffic: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -52,6 +53,7 @@ class Test_ec2_securitygroup_default_restrict_traffic: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_default_restrict_traffic.ec2_securitygroup_default_restrict_traffic.ec2_client", @@ -66,7 +68,7 @@ class Test_ec2_securitygroup_default_restrict_traffic: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -95,6 +97,7 @@ class Test_ec2_securitygroup_default_restrict_traffic: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_default_restrict_traffic.ec2_securitygroup_default_restrict_traffic.ec2_client", @@ -109,7 +112,7 @@ class Test_ec2_securitygroup_default_restrict_traffic: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py index 5c61267a..a3c14ce6 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py @@ -19,6 +19,7 @@ class Test_ec2_securitygroup_from_launch_wizard: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_from_launch_wizard.ec2_securitygroup_from_launch_wizard.ec2_client", @@ -33,7 +34,7 @@ class Test_ec2_securitygroup_from_launch_wizard: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -50,6 +51,7 @@ class Test_ec2_securitygroup_from_launch_wizard: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_from_launch_wizard.ec2_securitygroup_from_launch_wizard.ec2_client", @@ -64,7 +66,7 @@ class Test_ec2_securitygroup_from_launch_wizard: result = check.execute() # One default sg per region + created one - assert len(result) == 27 + assert len(result) == 4 # Search changed sg for sg in result: if sg.resource_id == sg_id: @@ -96,6 +98,7 @@ class Test_ec2_securitygroup_from_launch_wizard: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_from_launch_wizard.ec2_securitygroup_from_launch_wizard.ec2_client", @@ -110,7 +113,7 @@ class Test_ec2_securitygroup_from_launch_wizard: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_in_use_without_ingress_filtering/ec2_securitygroup_in_use_without_ingress_filtering_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_in_use_without_ingress_filtering/ec2_securitygroup_in_use_without_ingress_filtering_test.py index dfef038e..49a3a46a 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_in_use_without_ingress_filtering/ec2_securitygroup_in_use_without_ingress_filtering_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_in_use_without_ingress_filtering/ec2_securitygroup_in_use_without_ingress_filtering_test.py @@ -19,6 +19,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_in_use_without_ingress_filtering.ec2_securitygroup_in_use_without_ingress_filtering.ec2_client", @@ -33,7 +34,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -59,6 +60,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_in_use_without_ingress_filtering.ec2_securitygroup_in_use_without_ingress_filtering.ec2_client", @@ -73,7 +75,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -113,6 +115,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_in_use_without_ingress_filtering.ec2_securitygroup_in_use_without_ingress_filtering.ec2_client", @@ -127,7 +130,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -150,6 +153,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_in_use_without_ingress_filtering.ec2_securitygroup_in_use_without_ingress_filtering.ec2_client", @@ -164,7 +168,7 @@ class Test_ec2_securitygroup_in_use_without_ingress_filtering: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py index a8e3bb88..fd83a016 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py @@ -19,6 +19,7 @@ class Test_ec2_securitygroup_not_used: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_not_used.ec2_securitygroup_not_used.ec2_client", @@ -33,7 +34,7 @@ class Test_ec2_securitygroup_not_used: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are unused by default assert result[0].status == "FAIL" @@ -50,6 +51,7 @@ class Test_ec2_securitygroup_not_used: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_not_used.ec2_securitygroup_not_used.ec2_client", @@ -64,7 +66,7 @@ class Test_ec2_securitygroup_not_used: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -96,6 +98,7 @@ class Test_ec2_securitygroup_not_used: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_not_used.ec2_securitygroup_not_used.ec2_client", @@ -110,7 +113,7 @@ class Test_ec2_securitygroup_not_used: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py index 9216607c..dcf21c09 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py @@ -18,6 +18,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_with_many_ingress_egress_rules.ec2_securitygroup_with_many_ingress_egress_rules.ec2_client", @@ -32,7 +33,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # All are compliant by default assert result[0].status == "PASS" @@ -61,6 +62,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_with_many_ingress_egress_rules.ec2_securitygroup_with_many_ingress_egress_rules.ec2_client", @@ -75,7 +77,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: @@ -108,6 +110,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: from prowler.providers.aws.services.ec2.ec2_service import EC2 current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_with_many_ingress_egress_rules.ec2_securitygroup_with_many_ingress_egress_rules.ec2_client", @@ -122,7 +125,7 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: result = check.execute() # One default sg per region - assert len(result) == 26 + assert len(result) == 3 # Search changed sg for sg in result: if sg.resource_id == default_sg_id: diff --git a/tests/providers/aws/services/ec2/ec2_service_test.py b/tests/providers/aws/services/ec2/ec2_service_test.py index 19e5bec6..c425226c 100644 --- a/tests/providers/aws/services/ec2/ec2_service_test.py +++ b/tests/providers/aws/services/ec2/ec2_service_test.py @@ -28,7 +28,7 @@ class Test_EC2_Service: profile_region=None, credentials=None, assumed_role_info=None, - audited_regions=None, + audited_regions=["eu-west-1", "us-east-1"], organizations_metadata=None, ) return audit_info @@ -195,7 +195,7 @@ class Test_EC2_Service: ec2 = EC2(audit_info) # One result per region - assert len(ec2.ebs_encryption_by_default) == 25 + assert len(ec2.ebs_encryption_by_default) == 2 for result in ec2.ebs_encryption_by_default: if result.region == AWS_REGION: assert result.status diff --git a/tests/providers/aws/services/vpc/vpc_endpoint_connections_trust_boundaries/vpc_endpoint_connections_trust_boundaries_test.py b/tests/providers/aws/services/vpc/vpc_endpoint_connections_trust_boundaries/vpc_endpoint_connections_trust_boundaries_test.py index 8dc0dc5a..10ef098a 100644 --- a/tests/providers/aws/services/vpc/vpc_endpoint_connections_trust_boundaries/vpc_endpoint_connections_trust_boundaries_test.py +++ b/tests/providers/aws/services/vpc/vpc_endpoint_connections_trust_boundaries/vpc_endpoint_connections_trust_boundaries_test.py @@ -21,6 +21,7 @@ class Test_vpc_endpoint_connections_trust_boundaries: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_endpoint_connections_trust_boundaries.vpc_endpoint_connections_trust_boundaries.vpc_client", @@ -66,6 +67,7 @@ class Test_vpc_endpoint_connections_trust_boundaries: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_endpoint_connections_trust_boundaries.vpc_endpoint_connections_trust_boundaries.vpc_client", @@ -118,6 +120,7 @@ class Test_vpc_endpoint_connections_trust_boundaries: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] current_audit_info.audited_account = ACCOUNT_ID with mock.patch( @@ -171,6 +174,7 @@ class Test_vpc_endpoint_connections_trust_boundaries: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] current_audit_info.audited_account = ACCOUNT_ID with mock.patch( @@ -223,6 +227,7 @@ class Test_vpc_endpoint_connections_trust_boundaries: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] current_audit_info.audited_account = ACCOUNT_ID with mock.patch( diff --git a/tests/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries_test.py b/tests/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries_test.py index 3c4c569a..ec053b83 100644 --- a/tests/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries_test.py +++ b/tests/providers/aws/services/vpc/vpc_endpoint_services_allowed_principals_trust_boundaries/vpc_endpoint_services_allowed_principals_trust_boundaries_test.py @@ -40,6 +40,7 @@ class Test_vpc_endpoint_services_allowed_principals_trust_boundaries: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_endpoint_services_allowed_principals_trust_boundaries.vpc_endpoint_services_allowed_principals_trust_boundaries.vpc_client", @@ -53,7 +54,7 @@ class Test_vpc_endpoint_services_allowed_principals_trust_boundaries: check = vpc_endpoint_services_allowed_principals_trust_boundaries() result = check.execute() - assert len(result) == 25 # one endpoint per region + assert len(result) == 2 # one endpoint per region @mock_ec2 @mock_elbv2 @@ -87,6 +88,7 @@ class Test_vpc_endpoint_services_allowed_principals_trust_boundaries: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_endpoint_services_allowed_principals_trust_boundaries.vpc_endpoint_services_allowed_principals_trust_boundaries.vpc_client", @@ -100,7 +102,7 @@ class Test_vpc_endpoint_services_allowed_principals_trust_boundaries: check = vpc_endpoint_services_allowed_principals_trust_boundaries() result = check.execute() - assert len(result) == 25 # one per region + assert len(result) == 2 # one per region assert result[0].status == "PASS" assert ( result[0].status_extended diff --git a/tests/providers/aws/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled_test.py b/tests/providers/aws/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled_test.py index 30912b2a..889a9926 100644 --- a/tests/providers/aws/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled_test.py +++ b/tests/providers/aws/services/vpc/vpc_flow_logs_enabled/vpc_flow_logs_enabled_test.py @@ -14,6 +14,7 @@ class Test_vpc_flow_logs_enabled: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_flow_logs_enabled.vpc_flow_logs_enabled.vpc_client", @@ -27,9 +28,7 @@ class Test_vpc_flow_logs_enabled: check = vpc_flow_logs_enabled() result = check.execute() - assert ( - len(result) == 25 - ) # Number of AWS regions, one default VPC per region + assert len(result) == 2 # Number of AWS regions, one default VPC per region @mock_ec2 def test_vpc_with_flow_logs(self): @@ -51,6 +50,7 @@ class Test_vpc_flow_logs_enabled: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_flow_logs_enabled.vpc_flow_logs_enabled.vpc_client", @@ -85,6 +85,7 @@ class Test_vpc_flow_logs_enabled: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_flow_logs_enabled.vpc_flow_logs_enabled.vpc_client", diff --git a/tests/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege_test.py b/tests/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege_test.py index e1543094..0c3fbe75 100644 --- a/tests/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege_test.py +++ b/tests/providers/aws/services/vpc/vpc_peering_routing_tables_with_least_privilege/vpc_peering_routing_tables_with_least_privilege_test.py @@ -14,6 +14,7 @@ class Test_vpc_peering_routing_tables_with_least_privilege: from prowler.providers.aws.services.vpc.vpc_service import VPC current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_peering_routing_tables_with_least_privilege.vpc_peering_routing_tables_with_least_privilege.vpc_client", @@ -61,6 +62,7 @@ class Test_vpc_peering_routing_tables_with_least_privilege: from prowler.providers.aws.services.vpc.vpc_service import VPC, Route current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_peering_routing_tables_with_least_privilege.vpc_peering_routing_tables_with_least_privilege.vpc_client", @@ -123,6 +125,7 @@ class Test_vpc_peering_routing_tables_with_least_privilege: from prowler.providers.aws.services.vpc.vpc_service import VPC, Route current_audit_info.audited_partition = "aws" + current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] with mock.patch( "prowler.providers.aws.services.vpc.vpc_peering_routing_tables_with_least_privilege.vpc_peering_routing_tables_with_least_privilege.vpc_client", diff --git a/tests/providers/aws/services/vpc/vpc_service_test.py b/tests/providers/aws/services/vpc/vpc_service_test.py index 685c9b0e..07e846e5 100644 --- a/tests/providers/aws/services/vpc/vpc_service_test.py +++ b/tests/providers/aws/services/vpc/vpc_service_test.py @@ -27,7 +27,7 @@ class Test_VPC_Service: profile_region=None, credentials=None, assumed_role_info=None, - audited_regions=None, + audited_regions=["eu-west-1", "us-east-1"], organizations_metadata=None, ) return audit_info @@ -76,7 +76,7 @@ class Test_VPC_Service: audit_info = self.set_mocked_audit_info() vpc = VPC(audit_info) assert ( - len(vpc.vpcs) == 26 + len(vpc.vpcs) == 3 ) # Number of AWS regions + created VPC, one default VPC per region # Test VPC Describe Flow Logs