ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(accessanalyzer_enabled_without_findings): fixed status findings (#1799)

Browse Source
This commit is contained in:
Nacho Rivera
2023-01-30 13:22:05 +01:00
committed by GitHub
parent cb7439a831
commit 552e0fefc3
4 changed files with 126 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
tests/providers/aws/services/accessanalyzer/accessanalyzer_enabled_without_findings/accessanalyzer_enabled_without_findings_test.py
View File

@@ -2,6 +2,7 @@ from unittest import mock
from prowler.providers.aws.services.accessanalyzer.accessanalyzer_service import (
Analyzer,
Finding,
)
@@ -28,13 +29,12 @@ class Test_accessanalyzer_enabled_without_findings:
accessanalyzer_client = mock.MagicMock
accessanalyzer_client.analyzers = [
Analyzer(
"",
"Test Analyzer",
"NOT_AVAILABLE",
"",
"",
"",
"eu-west-1",
arn="",
name="Test Analyzer",
status="NOT_AVAILABLE",
tags="",
type="",
region="eu-west-1",
)
]
with mock.patch(
@@ -50,29 +50,40 @@ class Test_accessanalyzer_enabled_without_findings:
assert len(result) == 1
assert result[0].status == "FAIL"
assert result[0].status_extended == "IAM Access Analyzer is not enabled"
assert (
result[0].status_extended
== "IAM Access Analyzer Test Analyzer is not enabled"
)
assert result[0].resource_id == "Test Analyzer"
def test_two_analyzers(self):
accessanalyzer_client = mock.MagicMock
accessanalyzer_client.analyzers = [
Analyzer(
"",
"Test Analyzer",
"NOT_AVAILABLE",
"",
"",
"",
"eu-west-1",
arn="",
name="Test Analyzer",
status="NOT_AVAILABLE",
tags="",
type="",
region="eu-west-1",
),
Analyzer(
"",
"Test Analyzer",
"ACTIVE",
10,
"",
"",
"eu-west-1",
arn="",
name="Test Analyzer",
status="ACTIVE",
findings=[
Finding(
id="test-finding-1",
status="ACTIVE",
),
Finding(
id="test-finding-2",
status="ARCHIVED",
),
],
tags="",
type="",
region="eu-west-2",
),
]
@@ -91,26 +102,30 @@ class Test_accessanalyzer_enabled_without_findings:
assert len(result) == 2
assert result[0].status == "FAIL"
assert result[0].status_extended == "IAM Access Analyzer is not enabled"
assert (
result[0].status_extended
== "IAM Access Analyzer Test Analyzer is not enabled"
)
assert result[0].resource_id == "Test Analyzer"
assert result[0].region == "eu-west-1"
assert result[1].status == "FAIL"
assert (
result[1].status_extended
== "IAM Access Analyzer Test Analyzer has 10 active findings"
== "IAM Access Analyzer Test Analyzer has 1 active findings"
)
assert result[1].resource_id == "Test Analyzer"
assert result[1].region == "eu-west-2"
def test_one_active_analyzer_without_findings(self):
accessanalyzer_client = mock.MagicMock
accessanalyzer_client.analyzers = [
Analyzer(
"",
"Test Analyzer",
"ACTIVE",
0,
"",
"",
"eu-west-1",
arn="",
name="Test Analyzer",
status="ACTIVE",
tags="",
type="",
region="eu-west-2",
)
]
@@ -130,22 +145,22 @@ class Test_accessanalyzer_enabled_without_findings:
assert result[0].status == "PASS"
assert (
result[0].status_extended
== "IAM Access Analyzer Test Analyzer has no active findings"
== "IAM Access Analyzer Test Analyzer does not have active findings"
)
assert result[0].resource_id == "Test Analyzer"
assert result[0].region == "eu-west-2"
def test_one_active_analyzer_not_active(self):
accessanalyzer_client = mock.MagicMock
accessanalyzer_client.analyzers = [
Analyzer(
"",
"Test Analyzer",
"FAILED",
0,
"",
"",
"eu-west-1",
)
arn="",
name="Test Analyzer",
status="NOT_AVAILABLE",
tags="",
type="",
region="eu-west-1",
),
]
# Patch AccessAnalyzer Client
with mock.patch(
@@ -164,6 +179,7 @@ class Test_accessanalyzer_enabled_without_findings:
assert result[0].status == "FAIL"
assert (
result[0].status_extended
== "IAM Access Analyzer Test Analyzer is not active"
== "IAM Access Analyzer Test Analyzer is not enabled"
)
assert result[0].resource_id == "Test Analyzer"
assert result[0].region == "eu-west-1"

17
tests/providers/aws/services/accessanalyzer/accessanalyzer_service_test.py
View File

@@ -39,11 +39,20 @@ def mock_make_api_call(self, operation_name, kwarg):
if operation_name == "ListFindings":
# If we only want to count the number of findings
# we return a list of values just to count them
return {"findings": [0, 1, 2]}
return {
"findings": [
{
"id": "test_id1",
}
]
}
if operation_name == "GetFinding":
# If we only want to count the number of findings
# we return a list of values just to count them
return {"finding": {"id": "test_id1", "status": "ARCHIVED"}}
return make_api_call(self, operation_name, kwarg)
# Mock generate_regional_clients()
def mock_generate_regional_clients(service, audit_info):
regional_client = audit_info.audit_session.client(service, region_name=AWS_REGION)
regional_client.region = AWS_REGION
@@ -92,4 +101,6 @@ class Test_AccessAnalyzer_Service:
current_audit_info.audited_partition = "aws"
access_analyzer = AccessAnalyzer(current_audit_info)
assert len(access_analyzer.analyzers) == 1
assert access_analyzer.analyzers[0].findings_count == 3
assert len(access_analyzer.analyzers[0].findings) == 1
assert access_analyzer.analyzers[0].findings[0].status == "ARCHIVED"
assert access_analyzer.analyzers[0].findings[0].id == "test_id1"