chore(metadata): Typos (#2595)

Co-authored-by: Pepe Fagoaga <pepe@verica.io>

contrib/org-multi-account/serverless_codebuild/README.md

@@ -1,6 +1,6 @@
 # Organizational Prowler with Serverless
 
-Langage: [Korean](README_kr.md)
+Language: [Korean](README_kr.md)
 
 This project is created to apply prowler in a multi-account environment within AWS Organizations.
 CloudWatch triggers CodeBuild every fixed time.
@@ -18,12 +18,12 @@ For more information on how to use prowler, see [here](https://github.com/prowle
 2. **Master Account**
    1. Deploy [ProwlerRole.yaml](templates/ProwlerRole.yaml) stack to CloudFormation in a bid to create resources to master account itself.
       (The template will be also deployed for other member accounts as a StackSet)
-      - ProwlerCodeBuildAccount :  Audit Acccount ID where CodeBuild resides. (preferably Audit/Security account)
+      - ProwlerCodeBuildAccount :  Audit Account ID where CodeBuild resides. (preferably Audit/Security account)
       - ProwlerCodeBuildRole : Role name to use in CodeBuild service
       - ProwlerCrossAccountRole : Role name to assume for Cross account
       - ProwlerS3 : The S3 bucket name where reports will be put
    1. Create **StackSet** with [ProwlerRole.yaml](templates/ProwlerRole.yaml) to deploy Role into member accounts in AWS Organizations.
-      - ProwlerCodeBuildAccount :  Audit Acccount ID where CodeBuild resides. (preferably Audit/Security account)
+      - ProwlerCodeBuildAccount :  Audit Account ID where CodeBuild resides. (preferably Audit/Security account)
       - ProwlerCodeBuildRole : Role name to use in CodeBuild service
       - ProwlerCrossAccountRole : Role name to assume for Cross account
       - ProwlerS3 : The S3 bucket name where reports will be put
@@ -45,4 +45,4 @@ For more information on how to use prowler, see [here](https://github.com/prowle
       - ProwlerReportS3Account : The account where the report S3 bucket resides.
    1. If you'd like to change the scheduled time,
       1. You can change the cron expression of ScheduleExpression within [ProwlerCodeBuildStack.yaml](templates/ProwlerCodeBuildStack.yaml).
-      2. Alternatively, you can make changes directrly from Events > Rules > ProwlerExecuteRule > Actions > Edit in CloudWatch console.
+      2. Alternatively, you can make changes directly from Events > Rules > ProwlerExecuteRule > Actions > Edit in CloudWatch console.

contrib/org-multi-account/serverless_codebuild/README_kr.md

@@ -1,6 +1,6 @@
 # Organizational Prowler with Serverless
 
-Langage: [English](README.md)
+Language: [English](README.md)
 
 이 문서는 AWS Organization 내의 multi account 환경에서 prowler 를 적용하기 위해 작성된 문서입니다.
 일정 시간마다 CloudWatch는 CodeBuild 를 트리거합니다.
@@ -22,7 +22,7 @@ prowler 의 자세한 사용방법은 [이 곳](https://github.com/prowler-cloud
 
       [ProwlerRole.yaml](templates/ProwlerRole.yaml)
 
-      - ProwlerCodeBuildAccount : CodeBuild 가 있는 Audit Acccount ID
+      - ProwlerCodeBuildAccount : CodeBuild 가 있는 Audit Account ID
       - ProwlerCodeBuildRole : CodeBuild의 생성될 Role 이름
       - ProwlerCrossAccountRole : Cross account 용 Assume할 Role 이름
       - ProwlerS3 : report 가 저장될 S3 bucket 명
@@ -30,7 +30,7 @@ prowler 의 자세한 사용방법은 [이 곳](https://github.com/prowler-cloud
 
       [ProwlerRole.yaml](templates/ProwlerRole.yaml)
 
-      - ProwlerCodeBuildAccount : CodeBuild 가 있는 Audit Acccount
+      - ProwlerCodeBuildAccount : CodeBuild 가 있는 Audit Account
       - ProwlerCodeBuildRole : CodeBuild에서 사용할 Role 이름
       - ProwlerCrossAccountRole : Cross account 용 Assume할 Role 이름
       - ProwlerS3 : report 가 저장될 S3 bucket 명

contrib/terraform-kickstarter/readme.md

@@ -2,7 +2,7 @@
 
 ## Introduction
 
-The following demonstartes how to quickly install the resources necessary to perform a security baseline using Prowler.  The speed is based on the prebuilt terraform module that can configure all the resources necessuary to run Prowler with the findings being sent to AWS Security Hub.
+The following demonstrates how to quickly install the resources necessary to perform a security baseline using Prowler.  The speed is based on the prebuilt terraform module that can configure all the resources necessary to run Prowler with the findings being sent to AWS Security Hub.
 
 ## Install
 
@@ -24,7 +24,7 @@ Installing Prowler with Terraform is simple and can be completed in under 1 minu
 
   ![Prowler Install](https://prowler-docs.s3.amazonaws.com/Prowler-Terraform-Install.gif)
 
-   - It is likely an error will return related to the SecurityHub subscription.  This appears to be Terraform related and you can validate the configuration by navigating to the SecurityHub console.  Click Integreations and search for Prowler. Take note of the green check where it says *Accepting findings*
+   - It is likely an error will return related to the SecurityHub subscription.  This appears to be Terraform related and you can validate the configuration by navigating to the SecurityHub console.  Click Integrations and search for Prowler. Take note of the green check where it says *Accepting findings*
 
   ![Prowler Subscription](https://prowler-docs.s3.amazonaws.com/Validate-Prowler-Subscription.gif)
 

contrib/wazuh/README.md

@@ -92,7 +92,7 @@ To make sure rules are working fine, run `/var/ossec/bin/ossec-logtest` and copy
 ```
 You must see 3 phases goin on.
 
-To check if there is any error you can enable the debug mode of `modulesd` setting the `wazuh_modules.debug=0` variable to 2 in `/var/ossec/etc/internal_options.conf` file. Restart wazun-manager and errors should appear in the `/var/ossec/logs/ossec.log` file.
+To check if there is any error you can enable the debug mode of `modulesd` setting the `wazuh_modules.debug=0` variable to 2 in `/var/ossec/etc/internal_options.conf` file. Restart wazuh-manager and errors should appear in the `/var/ossec/logs/ossec.log` file.
 
 ## Thanks
 

docs/index.md

@@ -237,7 +237,7 @@ prowler azure --excluded-services defender iam
 prowler gcp --excluded-services kms
 ```
 
-More options and executions methods that will save your time in [Miscelaneous](tutorials/misc.md).
+More options and executions methods that will save your time in [Miscellaneous](tutorials/misc.md).
 
 You can always use `-h`/`--help` to access to the usage information and all the possible options:
 

docs/tutorials/aws/cloudshell.md

@@ -1,6 +1,6 @@
 # AWS CloudShell
 
-Prowler can be easely executed in AWS CloudShell but it has some prerequsites to be able to to so. AWS CloudShell is a container running with `Amazon Linux release 2 (Karoo)` that comes with Python 3.7, since Prowler requires Python >= 3.9 we need to first install a newer version of Python. Follow the steps below to successfully execute Prowler v3 in AWS CloudShell:
+Prowler can be easily executed in AWS CloudShell but it has some prerequisites to be able to to so. AWS CloudShell is a container running with `Amazon Linux release 2 (Karoo)` that comes with Python 3.7, since Prowler requires Python >= 3.9 we need to first install a newer version of Python. Follow the steps below to successfully execute Prowler v3 in AWS CloudShell:
 
 - First install all dependences and then Python, in this case we need to compile it because there is not a package available at the time this document is written:
 ```

docs/tutorials/aws/multiaccount.md

@@ -41,7 +41,7 @@ for accountId in $ACCOUNTS_LIST; do
 done
 ```
 
-## Scan mutiple accounts from AWS Organizations in parallel
+## Scan multiple accounts from AWS Organizations in parallel
 
 - Declare a variable with all the accounts to scan. To do so, get the list of your AWS accounts in your AWS Organization by running the following command (will create a variable with all your ACTIVE accounts). Remember to run that command with the permissions needed to get that information in your AWS Organizations Management account.
 

docs/tutorials/aws/organizations.md

@@ -10,7 +10,7 @@ If you have AWS Organizations Prowler can get your account details like Account
 ```
 prowler aws -O arn:aws:iam::<management_organizations_account_id>:role/<role_name>
 ```
-> Make sure the role in your AWS Organizatiosn management account has the permissions `organizations:ListAccounts*` and `organizations:ListTagsForResource`.
+> Make sure the role in your AWS Organizations management account has the permissions `organizations:ListAccounts*` and `organizations:ListTagsForResource`.
 
 - In that command Prowler will scan the account and getting the account details from the AWS Organizations management account assuming a role and creating two reports with those details in JSON and CSV.
 

docs/tutorials/aws/securityhub.md

@@ -29,7 +29,7 @@ prowler -S -f eu-west-1
 
 > **Note 1**: It is recommended to send only fails to Security Hub and that is possible adding `-q` to the command.
 
-> **Note 2**: Since Prowler perform checks to all regions by default you may need to filter by region when runing Security Hub integration, as shown in the example above. Remember to enable Security Hub in the region or regions you need by calling `aws securityhub enable-security-hub --region <region>` and run Prowler with the option `-f <region>` (if no region is used it will try to push findings in all regions hubs). Prowler will send findings to the Security Hub on the region where the scanned resource is located.
+> **Note 2**: Since Prowler perform checks to all regions by default you may need to filter by region when running Security Hub integration, as shown in the example above. Remember to enable Security Hub in the region or regions you need by calling `aws securityhub enable-security-hub --region <region>` and run Prowler with the option `-f <region>` (if no region is used it will try to push findings in all regions hubs). Prowler will send findings to the Security Hub on the region where the scanned resource is located.
 
 > **Note 3**: To have updated findings in Security Hub you have to run Prowler periodically. Once a day or every certain amount of hours.
 

docs/tutorials/aws/v2_to_v3_checks_mapping.md

@@ -1,6 +1,6 @@
 # Check mapping between Prowler v3 and v2
 
-Prowler v3 comes with different identifiers but we maintained the same checks that were implemented in v2. The reason for this change is because in previows versions of Prowler, check names were mostly based on CIS Benchmark for AWS. In v3 all checks are independent from any security framework and they have its own name and ID.
+Prowler v3 comes with different identifiers but we maintained the same checks that were implemented in v2. The reason for this change is because in previous versions of Prowler, check names were mostly based on CIS Benchmark for AWS. In v3 all checks are independent from any security framework and they have its own name and ID.
 
 If you need more information about how new compliance implementation works in Prowler v3 see [Compliance](../../compliance/) section.
 

docs/tutorials/developer-guide.md

@@ -4,7 +4,7 @@ You can extend Prowler in many different ways, in most cases you will want to cr
 
 ## Get the code and install all dependencies
 
-First of all, you need a version of Python 3.9 or higher and also pip installed to be able to install all dependencies requred. Once that is satisfied go a head and clone the repo:
+First of all, you need a version of Python 3.9 or higher and also pip installed to be able to install all dependencies required. Once that is satisfied go a head and clone the repo:
 
 ```
 git clone https://github.com/prowler-cloud/prowler
@@ -229,7 +229,7 @@ If you want to create or contribute with your own security frameworks or add pub
 
 Each file version of a framework will have the following structure at high level with the case that each framework needs to be generally identified, one requirement can be also called one control but one requirement can be linked to multiple prowler checks.:
 
-- `Framework`: string. Indistiguish name of the framework, like CIS
+- `Framework`: string. Distinguish name of the framework, like CIS
 - `Provider`: string. Provider where the framework applies, such as AWS, Azure, OCI,...
 - `Version`: string. Version of the framework itself, like 1.4 for CIS.
 - `Requirements`: array of objects. Include all requirements or controls with the mapping to Prowler.
@@ -269,7 +269,7 @@ Finally, to have a proper output file for your reports, your framework data mode
 
 ## Contribute with documentation
 
-We use `mkdocs` to build this Prowler documentation site so you can easely contribute back with new docs or improving them.
+We use `mkdocs` to build this Prowler documentation site so you can easily contribute back with new docs or improving them.
 
 1. Install `mkdocs` with your favorite package manager.
 2. Inside the `prowler` repository folder run `mkdocs serve` and point your browser to `http://localhost:8000` and you will see live changes to your local copy of this documentation site.

docs/tutorials/pentesting.md

@@ -6,7 +6,7 @@ Prowler has some checks that analyse pentesting risks (Secrets, Internet Exposed
 
 Prowler uses `detect-secrets` library to search for any secrets that are stores in plaintext within your environment.
 
-The actual checks that have this funcionality are:
+The actual checks that have this functionality are:
 
 1. autoscaling_find_secrets_ec2_launch_configuration
 - awslambda_function_no_secrets_in_code

docs/tutorials/reporting.md

@@ -19,7 +19,7 @@ prowler <provider> -M csv json json-asff html -F <custom_report_name>
 ```console
 prowler <provider> -M csv json json-asff html -o <custom_report_directory>
 ```
-> Both flags can be used simultainously to provide a custom directory and filename.
+> Both flags can be used simultaneously to provide a custom directory and filename.
 ```console
 prowler <provider> -M csv json json-asff html -F <custom_report_name> -o <custom_report_directory>
 ```

prowler/compliance/aws/soc2_aws.json

@@ -129,7 +129,7 @@
     {
       "Id": "cc_3_1",
       "Name": "CC3.1 COSO Principle 6: The entity specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives",
-      "Description": "Operations Ojectives:Reflects Management's Choices - Operations objectives reflect management's choices about structure, industry considerations, and performance of the entity.Considers Tolerances for Risk - Management considers the acceptable levels of variation relative to the achievement of operations objectives.External Financial Reporting Objectives:Complies With Applicable Accounting Standards - Financial reporting objectives are consistent with accounting principles suitable and available for that entity. The accounting principles selected are appropriate in the circumstances.External Nonfinancial Reporting Objectives:Complies With Externally Established Frameworks - Management establishes objectives consistent with laws and regulations or standards and frameworks of recognized external organizations.Reflects Entity Activities - External reporting reflects the underlying transactions and events within a range of acceptable limits.Considers the Required Level of Precision—Management reflects the required level of precision and accuracy suitable for user needs and based on criteria established by third parties in nonfinancial reporting.Internal Reporting Objectives:Reflects Management's Choices - Internal reporting provides management with accurate and complete information regarding management's choices and information needed in managing the entity.Considers the Required Level of Precision—Management reflects the required level of precision and accuracy suitable for user needs in nonfinancial reporting objectives and materiality within financial reporting objectives.Reflects Entity Activities—Internal reporting reflects the underlying transactions and events within a range of acceptable limits.Compliance Objectives:Reflects External Laws and Regulations - Laws and regulations establish minimum standards of conduct, which the entity integrates into compliance objectives.Considers Tolerances for Risk - Management considers the acceptable levels of variation relative to the achievement of operations objectives.Additional point of focus specifically related to all engagements using the trust services criteria: Establishes Sub-objectives to Support Objectives—Management identifies sub-objectives related to security, availability, processing integrity, confidentiality, and privacy to support the achievement of the entity’s objectives related to reporting, operations, and compliance.",
+      "Description": "Operations Objectives: Reflects Management's Choices - Operations objectives reflect management's choices about structure, industry considerations, and performance of the entity. Considers Tolerances for Risk - Management considers the acceptable levels of variation relative to the achievement of operations objectives. External Financial Reporting Objectives: Complies With Applicable Accounting Standards - Financial reporting objectives are consistent with accounting principles suitable and available for that entity. The accounting principles selected are appropriate in the circumstances. External Nonfinancial Reporting Objectives: Complies With Externally Established Frameworks - Management establishes objectives consistent with laws and regulations or standards and frameworks of recognized external organizations. Reflects Entity Activities - External reporting reflects the underlying transactions and events within a range of acceptable limits. Considers the Required Level of Precision—Management reflects the required level of precision and accuracy suitable for user needs and based on criteria established by third parties in nonfinancial reporting. Internal Reporting Objectives: Reflects Management's Choices - Internal reporting provides management with accurate and complete information regarding management's choices and information needed in managing the entity. Considers the Required Level of Precision—Management reflects the required level of precision and accuracy suitable for user needs in nonfinancial reporting objectives and materiality within financial reporting objectives. Reflects Entity Activities—Internal reporting reflects the underlying transactions and events within a range of acceptable limits. Compliance Objectives: Reflects External Laws and Regulations - Laws and regulations establish minimum standards of conduct, which the entity integrates into compliance objectives. Considers Tolerances for Risk - Management considers the acceptable levels of variation relative to the achievement of operations objectives. Additional point of focus specifically related to all engagements using the trust services criteria: Establishes Sub-objectives to Support Objectives—Management identifies sub-objectives related to security, availability, processing integrity, confidentiality, and privacy to support the achievement of the entity’s objectives related to reporting, operations, and compliance.",
       "Attributes": [
         {
           "ItemId": "cc_3_1",

prowler/providers/aws/services/accessanalyzer/accessanalyzer_enabled/accessanalyzer_enabled.py

@@ -13,7 +13,7 @@ class accessanalyzer_enabled(Check):
             if analyzer.status == "ACTIVE":
                 report.status = "PASS"
                 report.status_extended = (
-                    f"IAM Access Analyzer {analyzer.name} is enabled"
+                    f"IAM Access Analyzer {analyzer.name} is enabled."
                 )
                 report.resource_id = analyzer.name
                 report.resource_arn = analyzer.arn
@@ -22,13 +22,13 @@ class accessanalyzer_enabled(Check):
             elif analyzer.status == "NOT_AVAILABLE":
                 report.status = "FAIL"
                 report.status_extended = (
-                    f"IAM Access Analyzer in account {analyzer.name} is not enabled"
+                    f"IAM Access Analyzer in account {analyzer.name} is not enabled."
                 )
                 report.resource_id = analyzer.name
             else:
                 report.status = "FAIL"
                 report.status_extended = (
-                    f"IAM Access Analyzer {analyzer.name} is not active"
+                    f"IAM Access Analyzer {analyzer.name} is not active."
                 )
                 report.resource_id = analyzer.name
                 report.resource_arn = analyzer.arn

prowler/providers/aws/services/efs/efs_have_backup_enabled/efs_have_backup_enabled.py

@@ -12,10 +12,10 @@ class efs_have_backup_enabled(Check):
             report.resource_arn = fs.arn
             report.resource_tags = fs.tags
             report.status = "PASS"
-            report.status_extended = f"EFS {fs.id} has backup enabled"
+            report.status_extended = f"EFS {fs.id} has backup enabled."
             if fs.backup_policy == "DISABLED" or fs.backup_policy == "DISABLING":
                 report.status = "FAIL"
-                report.status_extended = f"EFS {fs.id} does not have backup enabled"
+                report.status_extended = f"EFS {fs.id} does not have backup enabled."
 
             findings.append(report)
 

prowler/providers/aws/services/iam/iam_policy_attached_only_to_group_or_roles/iam_policy_attached_only_to_group_or_roles.py

@@ -7,32 +7,34 @@ class iam_policy_attached_only_to_group_or_roles(Check):
         findings = []
         if iam_client.users:
             for user in iam_client.users:
-                report = Check_Report_AWS(self.metadata())
-                report.region = iam_client.region
-                report.resource_id = user.name
-                report.resource_arn = user.arn
                 if user.attached_policies or user.inline_policies:
                     if user.attached_policies:
                         for policy in user.attached_policies:
                             report = Check_Report_AWS(self.metadata())
                             report.region = iam_client.region
                             report.status = "FAIL"
-                            report.status_extended = f"User {user.name} has attached the following policy {policy['PolicyName']}"
+                            report.status_extended = f"User {user.name} has the policy {policy['PolicyName']} attached."
                             report.resource_id = user.name
+                            report.resource_arn = user.arn
                             findings.append(report)
                     if user.inline_policies:
                         for policy in user.inline_policies:
                             report = Check_Report_AWS(self.metadata())
                             report.region = iam_client.region
                             report.status = "FAIL"
-                            report.status_extended = f"User {user.name} has the following inline policy {policy}"
+                            report.status_extended = f"User {user.name} has the inline policy {policy} attached."
                             report.resource_id = user.name
+                            report.resource_arn = user.arn
                             findings.append(report)
 
                 else:
+                    report = Check_Report_AWS(self.metadata())
+                    report.region = iam_client.region
+                    report.resource_id = user.name
+                    report.resource_arn = user.arn
                     report.status = "PASS"
                     report.status_extended = (
-                        f"User {user.name} has no inline or attached policies"
+                        f"User {user.name} has no inline or attached policies."
                     )
                     findings.append(report)
         return findings

prowler/providers/aws/services/securityhub/securityhub_enabled/securityhub_enabled.py

@@ -13,15 +13,15 @@ class securityhub_enabled(Check):
             if securityhub.status == "ACTIVE":
                 report.status = "PASS"
                 if securityhub.standards:
-                    report.status_extended = f"Security Hub is enabled with standards: {securityhub.standards}"
+                    report.status_extended = f"Security Hub is enabled with standards: {securityhub.standards}."
                 elif securityhub.integrations:
-                    report.status_extended = f"Security Hub is enabled without standards but with integrations: {securityhub.integrations}"
+                    report.status_extended = f"Security Hub is enabled without standards but with integrations: {securityhub.integrations}."
                 else:
                     report.status = "FAIL"
-                    report.status_extended = "Security Hub is enabled but without any standard or integration"
+                    report.status_extended = "Security Hub is enabled but without any standard or integration."
             else:
                 report.status = "FAIL"
-                report.status_extended = "Security Hub is not enabled"
+                report.status_extended = "Security Hub is not enabled."
             report.resource_id = securityhub.id
             report.resource_arn = securityhub.arn
             findings.append(report)

prowler/providers/aws/services/sns/sns_topics_kms_encryption_at_rest_enabled/sns_topics_kms_encryption_at_rest_enabled.py

@@ -12,10 +12,10 @@ class sns_topics_kms_encryption_at_rest_enabled(Check):
             report.resource_arn = topic.arn
             report.resource_tags = topic.tags
             report.status = "PASS"
-            report.status_extended = f"SNS topic {topic.arn} is encrypted"
+            report.status_extended = f"SNS topic {topic.arn} is encrypted."
             if not topic.kms_master_key_id:
                 report.status = "FAIL"
-                report.status_extended = f"SNS topic {topic.arn} is not encrypted"
+                report.status_extended = f"SNS topic {topic.arn} is not encrypted."
 
             findings.append(report)
 

prowler/providers/aws/services/ssm/ssm_managed_compliant_patching/ssm_managed_compliant_patching.py

@@ -14,12 +14,12 @@ class ssm_managed_compliant_patching(Check):
             if resource.status == ResourceStatus.COMPLIANT:
                 report.status = "PASS"
                 report.status_extended = (
-                    f"EC2 managed instance {resource.id} is compliant"
+                    f"EC2 managed instance {resource.id} is compliant."
                 )
             else:
                 report.status = "FAIL"
                 report.status_extended = (
-                    f"EC2 managed instance {resource.id} is non-compliant"
+                    f"EC2 managed instance {resource.id} is non-compliant."
                 )
 
             findings.append(report)

tests/providers/aws/services/accessanalyzer/accessanalyzer_enabled/accessanalyzer_enabled_test.py

@@ -51,7 +51,7 @@ class Test_accessanalyzer_enabled:
             assert result[0].status == "FAIL"
             assert (
                 result[0].status_extended
-                == "IAM Access Analyzer in account 012345678910 is not enabled"
+                == "IAM Access Analyzer in account 012345678910 is not enabled."
             )
             assert result[0].resource_id == "012345678910"
 
@@ -93,14 +93,14 @@ class Test_accessanalyzer_enabled:
             assert result[0].status == "FAIL"
             assert (
                 result[0].status_extended
-                == "IAM Access Analyzer in account 012345678910 is not enabled"
+                == "IAM Access Analyzer in account 012345678910 is not enabled."
             )
             assert result[0].resource_id == "012345678910"
             assert result[0].region == "eu-west-1"
             assert result[1].status == "PASS"
             assert (
                 result[1].status_extended
-                == "IAM Access Analyzer Test Analyzer is enabled"
+                == "IAM Access Analyzer Test Analyzer is enabled."
             )
             assert result[1].resource_id == "Test Analyzer"
             assert result[1].region == "eu-west-2"
@@ -134,7 +134,7 @@ class Test_accessanalyzer_enabled:
             assert result[0].status == "PASS"
             assert (
                 result[0].status_extended
-                == "IAM Access Analyzer Test Analyzer is enabled"
+                == "IAM Access Analyzer Test Analyzer is enabled."
             )
             assert result[0].resource_id == "Test Analyzer"
             assert result[0].region == "eu-west-2"

tests/providers/aws/services/iam/iam_policy_attached_only_to_group_or_roles/iam_policy_attached_only_to_group_or_roles_test.py

@@ -1,5 +1,4 @@
 from json import dumps
-from re import search
 from unittest import mock
 
 from boto3 import client, session
@@ -8,6 +7,7 @@ from moto import mock_iam
 from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
 
 AWS_ACCOUNT_NUMBER = "123456789012"
+AWS_REGION = "eu-west-1"
 
 
 class Test_iam_policy_attached_only_to_group_or_roles:
@@ -28,7 +28,7 @@ class Test_iam_policy_attached_only_to_group_or_roles:
             profile_region=None,
             credentials=None,
             assumed_role_info=None,
-            audited_regions=["us-east-1", "eu-west-1"],
+            audited_regions=[AWS_REGION],
             organizations_metadata=None,
             audit_resources=None,
             mfa_enabled=False,
@@ -71,6 +71,16 @@ class Test_iam_policy_attached_only_to_group_or_roles:
             check = iam_policy_attached_only_to_group_or_roles()
             result = check.execute()
             assert result[0].status == "FAIL"
+            assert (
+                result[0].status_extended
+                == f"User {user} has the policy {policy_name} attached."
+            )
+            assert result[0].region == AWS_REGION
+            assert result[0].resource_id == user
+            assert (
+                result[0].resource_arn
+                == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
+            )
 
     @mock_iam
     def test_iam_user_attached_and_inline_policy(self):
@@ -111,14 +121,23 @@ class Test_iam_policy_attached_only_to_group_or_roles:
             result = check.execute()
             assert len(result) == 2
             assert result[0].status == "FAIL"
-            assert result[1].status == "FAIL"
+            assert (
-            assert search(
+                result[0].status_extended
-                f"User {user} has attached the following policy",
+                == f"User {user} has the policy {policyName} attached."
-                result[0].status_extended,
             )
-            assert search(
+            assert result[0].region == AWS_REGION
-                f"User {user} has the following inline policy",
+            assert result[0].resource_id == user
-                result[1].status_extended,
+
+            assert result[0].status == "FAIL"
+            assert (
+                result[0].status_extended
+                == f"User {user} has the policy {policyName} attached."
+            )
+            assert result[0].region == AWS_REGION
+            assert result[0].resource_id == user
+            assert (
+                result[0].resource_arn
+                == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
             )
 
     @mock_iam
@@ -155,6 +174,16 @@ class Test_iam_policy_attached_only_to_group_or_roles:
             check = iam_policy_attached_only_to_group_or_roles()
             result = check.execute()
             assert result[0].status == "FAIL"
+            assert (
+                result[0].status_extended
+                == f"User {user} has the inline policy {policyName} attached."
+            )
+            assert result[0].region == AWS_REGION
+            assert result[0].resource_id == user
+            assert (
+                result[0].resource_arn
+                == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
+            )
 
     @mock_iam
     def test_iam_user_no_policies(self):
@@ -180,3 +209,13 @@ class Test_iam_policy_attached_only_to_group_or_roles:
             check = iam_policy_attached_only_to_group_or_roles()
             result = check.execute()
             assert result[0].status == "PASS"
+            assert (
+                result[0].status_extended
+                == f"User {user} has no inline or attached policies."
+            )
+            assert result[0].region == AWS_REGION
+            assert result[0].resource_id == user
+            assert (
+                result[0].resource_arn
+                == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:user/{user}"
+            )

tests/providers/aws/services/securityhub/securityhub_enabled/securityhub_enabled_test.py

@@ -31,7 +31,7 @@ class Test_securityhub_enabled:
             result = check.execute()
 
             assert result[0].status == "FAIL"
-            assert result[0].status_extended == "Security Hub is not enabled"
+            assert result[0].status_extended == "Security Hub is not enabled."
             assert result[0].resource_id == "Security Hub"
 
     def test_securityhub_hub_active_with_standards(self):
@@ -61,7 +61,7 @@ class Test_securityhub_enabled:
             assert result[0].status == "PASS"
             assert (
                 result[0].status_extended
-                == "Security Hub is enabled with standards: cis-aws-foundations-benchmark/v/1.2.0"
+                == "Security Hub is enabled with standards: cis-aws-foundations-benchmark/v/1.2.0."
             )
             assert result[0].resource_id == "default"
 
@@ -92,7 +92,7 @@ class Test_securityhub_enabled:
             assert result[0].status == "PASS"
             assert (
                 result[0].status_extended
-                == "Security Hub is enabled without standards but with integrations: prowler"
+                == "Security Hub is enabled without standards but with integrations: prowler."
             )
             assert result[0].resource_id == "default"
 
@@ -123,6 +123,6 @@ class Test_securityhub_enabled:
             assert result[0].status == "FAIL"
             assert (
                 result[0].status_extended
-                == "Security Hub is enabled but without any standard or integration"
+                == "Security Hub is enabled but without any standard or integration."
             )
             assert result[0].resource_id == "default"

tests/providers/aws/services/ssm/ssm_managed_compliant_patching/ssm_managed_compliant_patching_test.py

@@ -58,7 +58,7 @@ class Test_ssm_managed_compliant_patching:
             assert result[0].status == "PASS"
             assert (
                 result[0].status_extended
-                == f"EC2 managed instance {instance_id} is compliant"
+                == f"EC2 managed instance {instance_id} is compliant."
             )
 
     def test_compliance_resources_non_compliant(self):
@@ -91,5 +91,5 @@ class Test_ssm_managed_compliant_patching:
             assert result[0].status == "FAIL"
             assert (
                 result[0].status_extended
-                == f"EC2 managed instance {instance_id} is non-compliant"
+                == f"EC2 managed instance {instance_id} is non-compliant."
             )