diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on.py index b610a45f..58692113 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_app_services_is_on(Check): report.subscription = subscription report.resource_name = "Defender plan App Services" report.resource_id = pricings["AppServices"].resource_id - report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to ON (pricing tier standard)." if pricings["AppServices"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for App Services from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on.py index 8e9e3ba6..4483e981 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_arm_is_on(Check): report.subscription = subscription report.resource_id = pricings["Arm"].resource_id report.resource_name = "Defender plan ARM" - report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to ON (pricing tier standard)." if pricings["Arm"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for ARM from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on.py index 22dbafc5..451e947d 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_azure_sql_databases_is_on(Check): report.subscription = subscription report.resource_id = pricings["SqlServers"].resource_id report.resource_name = "Defender plan Azure SQL DB Servers" - report.status_extended = f"Defender plan Defender for Azure SQL DB Servers from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for Azure SQL DB Servers from subscription {subscription} is set to ON (pricing tier standard)." if pricings["SqlServers"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for Azure SQL DB Servers from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for Azure SQL DB Servers from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on.py index 64758f7b..365f7ff9 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_containers_is_on(Check): report.subscription = subscription report.resource_id = pricings["Containers"].resource_id report.resource_name = "Defender plan Container Registries" - report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to ON (pricing tier standard)." if pricings["Containers"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for Containers from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on.py index cc3f3587..eecaf6d7 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_cosmosdb_is_on(Check): report.subscription = subscription report.resource_id = pricings["CosmosDbs"].resource_id report.resource_name = "Defender plan Cosmos DB" - report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to ON (pricing tier standard)." if pricings["CosmosDbs"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for Cosmos DB from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on.py index 5a147eaf..f2b61f87 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on.py @@ -17,7 +17,7 @@ class defender_ensure_defender_for_databases_is_on(Check): report.subscription = subscription report.resource_id = pricings["SqlServers"].resource_id report.status = "PASS" - report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to ON (pricing tier standard)." if ( pricings["SqlServers"].pricing_tier != "Standard" or pricings["SqlServerVirtualMachines"].pricing_tier != "Standard" @@ -26,7 +26,7 @@ class defender_ensure_defender_for_databases_is_on(Check): or pricings["CosmosDbs"].pricing_tier != "Standard" ): report.status = "FAIL" - report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for Databases from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on.py index 0b935df1..89f12eff 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_dns_is_on(Check): report.subscription = subscription report.resource_name = "Defender plan DNS" report.resource_id = pricings["Dns"].resource_id - report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to ON (pricing tier standard)." if pricings["Dns"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for DNS from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on.py index 84950262..52f05a96 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_keyvault_is_on(Check): report.subscription = subscription report.resource_name = "Defender plan KeyVaults" report.resource_id = pricings["KeyVaults"].resource_id - report.status_extended = f"Defender plan Defender for KeyVaults from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for KeyVaults from subscription {subscription} is set to ON (pricing tier standard)." if pricings["KeyVaults"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for KeyVaults from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for KeyVaults from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on.py index b3cec63c..f4bbee64 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on.py @@ -14,10 +14,10 @@ class defender_ensure_defender_for_os_relational_databases_is_on(Check): report.resource_id = pricings[ "OpenSourceRelationalDatabases" ].resource_id - report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to ON (pricing tier standard)." if pricings["OpenSourceRelationalDatabases"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for Open-Source Relational Databases from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on.py index f7d2769f..dba393bd 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_server_is_on(Check): report.subscription = subscription report.resource_name = "Defender plan Servers" report.resource_id = pricings["VirtualMachines"].resource_id - report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to ON (pricing tier standard)." if pricings["VirtualMachines"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for Servers from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on.py index 9c6e564b..83c02d96 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_sql_servers_is_on(Check): report.subscription = subscription report.resource_name = "Defender plan SQL Server VMs" report.resource_id = pricings["SqlServerVirtualMachines"].resource_id - report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to ON (pricing tier standard)." if pricings["SqlServerVirtualMachines"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for SQL Server VMs from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on.py b/prowler/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on.py index 0cfe9ef7..ff028235 100644 --- a/prowler/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on.py +++ b/prowler/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on.py @@ -12,10 +12,10 @@ class defender_ensure_defender_for_storage_is_on(Check): report.subscription = subscription report.resource_name = "Defender plan Storage Accounts" report.resource_id = pricings["StorageAccounts"].resource_id - report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to ON (pricing tier standard)" + report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to ON (pricing tier standard)." if pricings["StorageAccounts"].pricing_tier != "Standard": report.status = "FAIL" - report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to OFF (pricing tier not standard)" + report.status_extended = f"Defender plan Defender for Storage Accounts from subscription {subscription} is set to OFF (pricing tier not standard)." findings.append(report) return findings diff --git a/prowler/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created.py b/prowler/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created.py index 7bf552d3..07fae327 100644 --- a/prowler/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created.py +++ b/prowler/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created.py @@ -14,14 +14,14 @@ class iam_subscription_roles_owner_custom_not_created(Check): report.resource_id = role.id report.resource_name = role.name report.status = "PASS" - report.status_extended = f"Role {role.name} from subscription {subscription} is not a custom owner role" + report.status_extended = f"Role {role.name} from subscription {subscription} is not a custom owner role." for scope in role.assignable_scopes: if search("^/.*", scope): for permission_item in role.permissions: for action in permission_item.actions: if action == "*": report.status = "FAIL" - report.status_extended = f"Role {role.name} from subscription {subscription} is a custom owner role" + report.status_extended = f"Role {role.name} from subscription {subscription} is a custom owner role." break findings.append(report) diff --git a/prowler/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled.py b/prowler/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled.py index a0d6a280..f8d82c8d 100644 --- a/prowler/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled.py +++ b/prowler/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled.py @@ -10,14 +10,14 @@ class sqlserver_auditing_enabled(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} has a auditing policy configured" + report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} has a auditing policy configured." report.resource_name = sql_server.name report.resource_id = sql_server.id for auditing_policy in sql_server.auditing_policies: if auditing_policy.state == "Disabled": report.status = "FAIL" - report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} does not have any auditing policy configured" + report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} does not have any auditing policy configured." break findings.append(report) diff --git a/prowler/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled.py b/prowler/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled.py index 24b21f42..7fb646e0 100644 --- a/prowler/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled.py +++ b/prowler/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled.py @@ -10,7 +10,7 @@ class sqlserver_azuread_administrator_enabled(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} has an Active Directory administrator" + report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} has an Active Directory administrator." report.resource_name = sql_server.name report.resource_id = sql_server.id @@ -19,7 +19,7 @@ class sqlserver_azuread_administrator_enabled(Check): or sql_server.administrators.administrator_type != "ActiveDirectory" ): report.status = "FAIL" - report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} does not have an Active Directory administrator" + report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} does not have an Active Directory administrator." findings.append(report) diff --git a/prowler/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access.py b/prowler/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access.py index e20aaee4..f3d3023f 100644 --- a/prowler/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access.py +++ b/prowler/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access.py @@ -10,7 +10,7 @@ class sqlserver_unrestricted_inbound_access(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} does not have firewall rules allowing 0.0.0.0-255.255.255.255" + report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} does not have firewall rules allowing 0.0.0.0-255.255.255.255." report.resource_name = sql_server.name report.resource_id = sql_server.id @@ -20,7 +20,7 @@ class sqlserver_unrestricted_inbound_access(Check): and firewall_rule.end_ip_address == "255.255.255.255" ): report.status = "FAIL" - report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} has firewall rules allowing 0.0.0.0-255.255.255.255" + report.status_extended = f"SQL Server {sql_server.name} from subscription {subscription} has firewall rules allowing 0.0.0.0-255.255.255.255." break findings.append(report) diff --git a/prowler/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled.py b/prowler/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled.py index 448242f0..02b0f57b 100644 --- a/prowler/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled.py +++ b/prowler/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled.py @@ -10,12 +10,12 @@ class storage_blob_public_access_level_is_disabled(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "FAIL" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has allow blob public access enabled" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has allow blob public access enabled." report.resource_name = storage_account.name report.resource_id = storage_account.id if not storage_account.allow_blob_public_access: report.status = "PASS" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has allow blob public access disabled" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has allow blob public access disabled." findings.append(report) diff --git a/prowler/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied.py b/prowler/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied.py index 6eb430a8..92c06ee3 100644 --- a/prowler/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied.py +++ b/prowler/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied.py @@ -10,12 +10,12 @@ class storage_default_network_access_rule_is_denied(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has network access rule set to Deny" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has network access rule set to Deny." report.resource_name = storage_account.name report.resource_id = storage_account.id if storage_account.network_rule_set.default_action == "Allow": report.status = "FAIL" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has network access rule set to Allow" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has network access rule set to Allow." findings.append(report) diff --git a/prowler/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled.py b/prowler/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled.py index 80fe20f8..b479865c 100644 --- a/prowler/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled.py +++ b/prowler/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled.py @@ -10,12 +10,12 @@ class storage_ensure_azure_services_are_trusted_to_access_is_enabled(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} allows trusted Microsoft services to access this storage account" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} allows trusted Microsoft services to access this storage account." report.resource_name = storage_account.name report.resource_id = storage_account.id if "AzureServices" not in storage_account.network_rule_set.bypass: report.status = "FAIL" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} does not allow trusted Microsoft services to access this storage account" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} does not allow trusted Microsoft services to access this storage account." findings.append(report) diff --git a/prowler/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys.py b/prowler/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys.py index 8f1713ca..396b636d 100644 --- a/prowler/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys.py +++ b/prowler/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys.py @@ -10,12 +10,12 @@ class storage_ensure_encryption_with_customer_managed_keys(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} encrypts with CMKs" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} encrypts with CMKs." report.resource_name = storage_account.name report.resource_id = storage_account.id if storage_account.encryption_type != "Microsoft.Keyvault": report.status = "FAIL" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} does not encrypt with CMKs" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} does not encrypt with CMKs." findings.append(report) diff --git a/prowler/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12.py b/prowler/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12.py index f9cc79df..bb572663 100644 --- a/prowler/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12.py +++ b/prowler/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12.py @@ -10,12 +10,12 @@ class storage_ensure_minimum_tls_version_12(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has TLS version set to 1.2" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has TLS version set to 1.2." report.resource_name = storage_account.name report.resource_id = storage_account.id if storage_account.minimum_tls_version != "TLS1_2": report.status = "FAIL" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} does not have TLS version set to 1.2" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} does not have TLS version set to 1.2." findings.append(report) diff --git a/prowler/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled.py b/prowler/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled.py index bf6fa14a..f8bae578 100644 --- a/prowler/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled.py +++ b/prowler/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled.py @@ -10,12 +10,12 @@ class storage_infrastructure_encryption_is_enabled(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has infrastructure encryption enabled" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has infrastructure encryption enabled." report.resource_name = storage_account.name report.resource_id = storage_account.id if not storage_account.infrastructure_encryption: report.status = "FAIL" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has infrastructure encryption disabled" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has infrastructure encryption disabled." findings.append(report) diff --git a/prowler/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled.py b/prowler/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled.py index 3d77b38f..52595229 100644 --- a/prowler/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled.py +++ b/prowler/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled.py @@ -10,12 +10,12 @@ class storage_secure_transfer_required_is_enabled(Check): report = Check_Report_Azure(self.metadata()) report.subscription = subscription report.status = "PASS" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has secure transfer required enabled" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has secure transfer required enabled." report.resource_name = storage_account.name report.resource_id = storage_account.id if not storage_account.enable_https_traffic_only: report.status = "FAIL" - report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has secure transfer required disabled" + report.status_extended = f"Storage account {storage_account.name} from subscription {subscription} has secure transfer required disabled." findings.append(report) diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on_test.py index d0b4e6c5..83bf9fe5 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_app_services_is_on/defender_ensure_defender_for_app_services_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_app_services_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for App Services from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for App Services from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan App Services" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_app_services_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for App Services from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for App Services from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan App Services" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on_test.py index 54369285..ce4aa310 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_arm_is_on/defender_ensure_defender_for_arm_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_arm_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for ARM from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for ARM from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan ARM" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_arm_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for ARM from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for ARM from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan ARM" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on_test.py index 79ed3261..70de6a0a 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_azure_sql_databases_is_on/defender_ensure_defender_for_azure_sql_databases_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_azure_sql_databases_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for Azure SQL DB Servers from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for Azure SQL DB Servers from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Azure SQL DB Servers" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_azure_sql_databases_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for Azure SQL DB Servers from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for Azure SQL DB Servers from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Azure SQL DB Servers" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on_test.py index c696cedf..5e7779ae 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_containers_is_on/defender_ensure_defender_for_containers_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_containers_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for Containers from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for Containers from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Container Registries" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_containers_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for Containers from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for Containers from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Container Registries" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on_test.py index 0a948cd7..596b501a 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_cosmosdb_is_on/defender_ensure_defender_for_cosmosdb_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_cosmosdb_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for Cosmos DB from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for Cosmos DB from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Cosmos DB" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_cosmosdb_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for Cosmos DB from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for Cosmos DB from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Cosmos DB" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on_test.py index c951195a..52ae36f7 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_databases_is_on/defender_ensure_defender_for_databases_is_on_test.py @@ -165,7 +165,7 @@ class Test_defender_ensure_defender_for_databases_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for Databases from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for Databases from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Databases" @@ -213,7 +213,7 @@ class Test_defender_ensure_defender_for_databases_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for Databases from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for Databases from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Databases" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on_test.py index 2e065d42..d34e176a 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_dns_is_on/defender_ensure_defender_for_dns_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_dns_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for DNS from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for DNS from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan DNS" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_dns_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for DNS from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for DNS from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan DNS" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on_test.py index 333e951b..e9cb4764 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_keyvault_is_on/defender_ensure_defender_for_keyvault_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_keyvault_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for KeyVaults from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for KeyVaults from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan KeyVaults" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_keyvault_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for KeyVaults from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for KeyVaults from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan KeyVaults" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on_test.py index dd1389fe..f63c447b 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_os_relational_databases_is_on/defender_ensure_defender_for_os_relational_databases_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_os_relational_databases_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for Open-Source Relational Databases from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for Open-Source Relational Databases from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert ( @@ -86,7 +86,7 @@ class Test_defender_ensure_defender_for_os_relational_databases_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for Open-Source Relational Databases from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for Open-Source Relational Databases from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert ( diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on_test.py index f6abf0a4..ff5c2211 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_server_is_on/defender_ensure_defender_for_server_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_server_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for Servers from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for Servers from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Servers" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_server_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for Servers from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for Servers from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Servers" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on_test.py index f5c0f5fa..d08a93f4 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_sql_servers_is_on/defender_ensure_defender_for_sql_servers_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_sql_servers_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for SQL Server VMs from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for SQL Server VMs from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan SQL Server VMs" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_sql_servers_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for SQL Server VMs from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for SQL Server VMs from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan SQL Server VMs" diff --git a/tests/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on_test.py b/tests/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on_test.py index 08d28b0f..0cae2e38 100644 --- a/tests/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on_test.py +++ b/tests/providers/azure/services/defender/defender_ensure_defender_for_storage_is_on/defender_ensure_defender_for_storage_is_on_test.py @@ -50,7 +50,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Defender plan Defender for Storage Accounts from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)" + == f"Defender plan Defender for Storage Accounts from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Storage Accounts" @@ -83,7 +83,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Defender plan Defender for Storage Accounts from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)" + == f"Defender plan Defender for Storage Accounts from subscription {AZURE_SUSCRIPTION} is set to ON (pricing tier standard)." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == "Defender plan Storage Accounts" diff --git a/tests/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created_test.py b/tests/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created_test.py index f76ea0e6..238fcb13 100644 --- a/tests/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created_test.py +++ b/tests/providers/azure/services/iam/iam_subscription_roles_owner_custom_not_created/iam_subscription_roles_owner_custom_not_created_test.py @@ -54,7 +54,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Role {role_name} from subscription {AZURE_SUSCRIPTION} is a custom owner role" + == f"Role {role_name} from subscription {AZURE_SUSCRIPTION} is a custom owner role." ) def test_iam_custom_owner_role_created_with_no_permissions(self): @@ -86,5 +86,5 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Role {role_name} from subscription {AZURE_SUSCRIPTION} is not a custom owner role" + == f"Role {role_name} from subscription {AZURE_SUSCRIPTION} is not a custom owner role." ) diff --git a/tests/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled_test.py b/tests/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled_test.py index 37c90028..ce8c5bf6 100644 --- a/tests/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled_test.py +++ b/tests/providers/azure/services/sqlserver/sqlserver_auditing_enabled/sqlserver_auditing_enabled_test.py @@ -61,7 +61,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have any auditing policy configured" + == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have any auditing policy configured." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == sql_server_name @@ -99,7 +99,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} has a auditing policy configured" + == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} has a auditing policy configured." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == sql_server_name diff --git a/tests/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled_test.py b/tests/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled_test.py index e9630bdb..44b3ef82 100644 --- a/tests/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled_test.py +++ b/tests/providers/azure/services/sqlserver/sqlserver_azuread_administrator_enabled/sqlserver_azuread_administrator_enabled_test.py @@ -57,7 +57,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have an Active Directory administrator" + == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have an Active Directory administrator." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == sql_server_name @@ -97,7 +97,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have an Active Directory administrator" + == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have an Active Directory administrator." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == sql_server_name @@ -137,7 +137,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} has an Active Directory administrator" + == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} has an Active Directory administrator." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == sql_server_name diff --git a/tests/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access_test.py b/tests/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access_test.py index 57955edd..5a50e3f3 100644 --- a/tests/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access_test.py +++ b/tests/providers/azure/services/sqlserver/sqlserver_unrestricted_inbound_access/sqlserver_unrestricted_inbound_access_test.py @@ -61,7 +61,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} has firewall rules allowing 0.0.0.0-255.255.255.255" + == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} has firewall rules allowing 0.0.0.0-255.255.255.255." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == sql_server_name @@ -103,7 +103,7 @@ class Test_defender_ensure_defender_for_storage_is_on: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have firewall rules allowing 0.0.0.0-255.255.255.255" + == f"SQL Server {sql_server_name} from subscription {AZURE_SUSCRIPTION} does not have firewall rules allowing 0.0.0.0-255.255.255.255." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == sql_server_name diff --git a/tests/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled_test.py b/tests/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled_test.py index 0c6c91d4..94f31b3c 100644 --- a/tests/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled_test.py +++ b/tests/providers/azure/services/storage/storage_blob_public_access_level_is_disabled/storage_blob_public_access_level_is_disabled_test.py @@ -56,7 +56,7 @@ class Test_storage_blob_public_access_level_is_disabled: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has allow blob public access enabled" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has allow blob public access enabled." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name @@ -95,7 +95,7 @@ class Test_storage_blob_public_access_level_is_disabled: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has allow blob public access disabled" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has allow blob public access disabled." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name diff --git a/tests/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied_test.py b/tests/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied_test.py index 1da7bca6..18fa9f2e 100644 --- a/tests/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied_test.py +++ b/tests/providers/azure/services/storage/storage_default_network_access_rule_is_denied/storage_default_network_access_rule_is_denied_test.py @@ -58,7 +58,7 @@ class Test_storage_default_network_access_rule_is_denied: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has network access rule set to Allow" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has network access rule set to Allow." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name @@ -97,7 +97,7 @@ class Test_storage_default_network_access_rule_is_denied: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has network access rule set to Deny" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has network access rule set to Deny." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name diff --git a/tests/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled_test.py b/tests/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled_test.py index 4c2972f3..983c5e9c 100644 --- a/tests/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled_test.py +++ b/tests/providers/azure/services/storage/storage_ensure_azure_services_are_trusted_to_access_is_enabled/storage_ensure_azure_services_are_trusted_to_access_is_enabled_test.py @@ -58,7 +58,7 @@ class Test_storage_ensure_azure_services_are_trusted_to_access_is_enabled: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} does not allow trusted Microsoft services to access this storage account" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} does not allow trusted Microsoft services to access this storage account." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name @@ -97,7 +97,7 @@ class Test_storage_ensure_azure_services_are_trusted_to_access_is_enabled: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} allows trusted Microsoft services to access this storage account" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} allows trusted Microsoft services to access this storage account." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name diff --git a/tests/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys_test.py b/tests/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys_test.py index a05bcf54..3f0deede 100644 --- a/tests/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys_test.py +++ b/tests/providers/azure/services/storage/storage_ensure_encryption_with_customer_managed_keys/storage_ensure_encryption_with_customer_managed_keys_test.py @@ -56,7 +56,7 @@ class Test_storage_ensure_encryption_with_customer_managed_keys: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} does not encrypt with CMKs" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} does not encrypt with CMKs." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name @@ -95,7 +95,7 @@ class Test_storage_ensure_encryption_with_customer_managed_keys: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} encrypts with CMKs" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} encrypts with CMKs." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name diff --git a/tests/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12_test.py b/tests/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12_test.py index a80a969b..ac35f941 100644 --- a/tests/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12_test.py +++ b/tests/providers/azure/services/storage/storage_ensure_minimum_tls_version_12/storage_ensure_minimum_tls_version_12_test.py @@ -56,7 +56,7 @@ class Test_storage_ensure_minimum_tls_version_12: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} does not have TLS version set to 1.2" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} does not have TLS version set to 1.2." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name @@ -95,7 +95,7 @@ class Test_storage_ensure_minimum_tls_version_12: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has TLS version set to 1.2" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has TLS version set to 1.2." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name diff --git a/tests/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled_test.py b/tests/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled_test.py index c3fbda47..d12aabb1 100644 --- a/tests/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled_test.py +++ b/tests/providers/azure/services/storage/storage_infrastructure_encryption_is_enabled/storage_infrastructure_encryption_is_enabled_test.py @@ -56,7 +56,7 @@ class Test_storage_infrastructure_encryption_is_enabled: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has infrastructure encryption disabled" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has infrastructure encryption disabled." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name @@ -95,7 +95,7 @@ class Test_storage_infrastructure_encryption_is_enabled: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has infrastructure encryption enabled" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has infrastructure encryption enabled." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name diff --git a/tests/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled_test.py b/tests/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled_test.py index ed5a921e..663ee684 100644 --- a/tests/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled_test.py +++ b/tests/providers/azure/services/storage/storage_secure_transfer_required_is_enabled/storage_secure_transfer_required_is_enabled_test.py @@ -56,7 +56,7 @@ class Test_storage_secure_transfer_required_is_enabled: assert result[0].status == "FAIL" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has secure transfer required disabled" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has secure transfer required disabled." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name @@ -95,7 +95,7 @@ class Test_storage_secure_transfer_required_is_enabled: assert result[0].status == "PASS" assert ( result[0].status_extended - == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has secure transfer required enabled" + == f"Storage account {storage_account_name} from subscription {AZURE_SUSCRIPTION} has secure transfer required enabled." ) assert result[0].subscription == AZURE_SUSCRIPTION assert result[0].resource_name == storage_account_name