feat(azure): New Azure checks related to CosmosDB (#3386)

Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
2026-02-10 14:55:00 +00:00 · 2024-02-13 13:53:36 +01:00
parent 4740a7b930
commit 355f589e5a
18 changed files with 686 additions and 1 deletions
--- a/tests/lib/check/check_test.py
+++ b/tests/lib/check/check_test.py
@@ -171,6 +171,42 @@ expected_packages = [
        name="prowler.providers.azure.services.sqlserver.sqlserver_va_emails_notifications_admins_enabled.sqlserver_va_emails_notifications_admins_enabled",
        ispkg=False,
    ),
+    ModuleInfo(
+        module_finder=FileFinder("/root_dir/prowler/providers/azure/services/cosmosdb"),
+        name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_firewall_use_selected_networks",
+        ispkg=True,
+    ),
+    ModuleInfo(
+        module_finder=FileFinder(
+            "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_firewall_use_selected_networks"
+        ),
+        name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_firewall_use_selected_networks.cosmosdb_account_firewall_use_selected_networks",
+        ispkg=False,
+    ),
+    ModuleInfo(
+        module_finder=FileFinder("/root_dir/prowler/providers/azure/services/cosmosdb"),
+        name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_private_endpoints",
+        ispkg=True,
+    ),
+    ModuleInfo(
+        module_finder=FileFinder(
+            "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_use_private_endpoints"
+        ),
+        name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_private_endpoints.cosmosdb_account_use_private_endpoints",
+        ispkg=False,
+    ),
+    ModuleInfo(
+        module_finder=FileFinder("/root_dir/prowler/providers/azure/services/cosmosdb"),
+        name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_aad_and_rbac",
+        ispkg=True,
+    ),
+    ModuleInfo(
+        module_finder=FileFinder(
+            "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_use_aad_and_rbac"
+        ),
+        name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_aad_and_rbac.cosmosdb_account_use_aad_and_rbac",
+        ispkg=False,
+    ),
 ]


@@ -320,6 +356,48 @@ def mock_list_modules(*_):
            name="prowler.providers.azure.services.sqlserver.sqlserver_va_emails_notifications_admins_enabled.sqlserver_va_emails_notifications_admins_enabled",
            ispkg=False,
        ),
+        ModuleInfo(
+            module_finder=FileFinder(
+                "/root_dir/prowler/providers/azure/services/cosmosdb"
+            ),
+            name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_firewall_use_selected_networks",
+            ispkg=True,
+        ),
+        ModuleInfo(
+            module_finder=FileFinder(
+                "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_firewall_use_selected_networks"
+            ),
+            name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_firewall_use_selected_networks.cosmosdb_account_firewall_use_selected_networks",
+            ispkg=False,
+        ),
+        ModuleInfo(
+            module_finder=FileFinder(
+                "/root_dir/prowler/providers/azure/services/cosmosdb"
+            ),
+            name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_private_endpoints",
+            ispkg=True,
+        ),
+        ModuleInfo(
+            module_finder=FileFinder(
+                "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_use_private_endpoints"
+            ),
+            name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_private_endpoints.cosmosdb_account_use_private_endpoints",
+            ispkg=False,
+        ),
+        ModuleInfo(
+            module_finder=FileFinder(
+                "/root_dir/prowler/providers/azure/services/cosmosdb"
+            ),
+            name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_aad_and_rbac",
+            ispkg=True,
+        ),
+        ModuleInfo(
+            module_finder=FileFinder(
+                "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_use_aad_and_rbac"
+            ),
+            name="prowler.providers.azure.services.cosmosdb.cosmosdb_account_use_aad_and_rbac.cosmosdb_account_use_aad_and_rbac",
+            ispkg=False,
+        ),
    ]
    return modules

@@ -729,6 +807,18 @@ class Test_Check:
                "sqlserver_va_emails_notifications_admins_enabled",
                "/root_dir/prowler/providers/azure/services/sqlserver/sqlserver_va_emails_notifications_admins_enabled",
            ),
+            (
+                "cosmosdb_account_firewall_use_selected_networks",
+                "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_firewall_use_selected_networks",
+            ),
+            (
+                "cosmosdb_account_use_private_endpoints",
+                "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_use_private_endpoints",
+            ),
+            (
+                "cosmosdb_account_use_aad_and_rbac",
+                "/root_dir/prowler/providers/azure/services/cosmosdb/cosmosdb_account_use_aad_and_rbac",
+            ),
        ]
        returned_checks = recover_checks_from_provider(provider, service)
        assert returned_checks == expected_checks