fix(elb): add resource ARN to checks (#2906)

2026-02-10 06:45:08 +00:00 · 2023-10-04 12:37:15 +02:00
parent 4c15318f28
commit 9793de1e96
8 changed files with 24 additions and 0 deletions
--- a/prowler/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers.py
+++ b/prowler/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers.py
@@ -12,6 +12,7 @@ class elb_insecure_ssl_ciphers(Check):
            report = Check_Report_AWS(self.metadata())
            report.region = lb.region
            report.resource_id = lb.name
+            report.resource_arn = lb.arn
            report.resource_tags = lb.tags
            report.status = "PASS"
            report.status_extended = (
--- a/prowler/providers/aws/services/elb/elb_internet_facing/elb_internet_facing.py
+++ b/prowler/providers/aws/services/elb/elb_internet_facing/elb_internet_facing.py
@@ -9,6 +9,7 @@ class elb_internet_facing(Check):
            report = Check_Report_AWS(self.metadata())
            report.region = lb.region
            report.resource_id = lb.name
+            report.resource_arn = lb.arn
            report.resource_tags = lb.tags
            report.status = "PASS"
            report.status_extended = f"ELB {lb.name} is not internet facing."
--- a/prowler/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled.py
+++ b/prowler/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled.py
@@ -9,6 +9,7 @@ class elb_logging_enabled(Check):
            report = Check_Report_AWS(self.metadata())
            report.region = lb.region
            report.resource_id = lb.name
+            report.resource_arn = lb.arn
            report.resource_tags = lb.tags
            report.status = "FAIL"
            report.status_extended = (
--- a/prowler/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners.py
+++ b/prowler/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners.py
@@ -10,6 +10,7 @@ class elb_ssl_listeners(Check):
            report = Check_Report_AWS(self.metadata())
            report.region = lb.region
            report.resource_id = lb.name
+            report.resource_arn = lb.arn
            report.resource_tags = lb.tags
            report.status = "PASS"
            report.status_extended = f"ELB {lb.name} has HTTPS listeners only."
--- a/tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py
+++ b/tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py
@@ -9,6 +9,9 @@ from prowler.providers.common.models import Audit_Metadata

 AWS_REGION = "eu-west-1"
 AWS_ACCOUNT_NUMBER = "123456789012"
+elb_arn = (
+    f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
+)


 class Test_elb_insecure_ssl_ciphers:
@@ -115,6 +118,7 @@ class Test_elb_insecure_ssl_ciphers:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn

    @mock_ec2
    @mock_elb
@@ -160,3 +164,4 @@ class Test_elb_insecure_ssl_ciphers:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn
--- a/tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py
+++ b/tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py
@@ -9,6 +9,9 @@ from prowler.providers.common.models import Audit_Metadata

 AWS_REGION = "eu-west-1"
 AWS_ACCOUNT_NUMBER = "123456789012"
+elb_arn = (
+    f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
+)


 class Test_elb_request_smugling:
@@ -108,6 +111,7 @@ class Test_elb_request_smugling:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn

    @mock_ec2
    @mock_elb
@@ -153,3 +157,4 @@ class Test_elb_request_smugling:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn
--- a/tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py
+++ b/tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py
@@ -9,6 +9,9 @@ from prowler.providers.common.models import Audit_Metadata

 AWS_REGION = "eu-west-1"
 AWS_ACCOUNT_NUMBER = "123456789012"
+elb_arn = (
+    f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
+)


 class Test_elb_logging_enabled:
@@ -108,6 +111,7 @@ class Test_elb_logging_enabled:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn

    @mock_ec2
    @mock_elb
@@ -165,3 +169,4 @@ class Test_elb_logging_enabled:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn
--- a/tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py
+++ b/tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py
@@ -9,6 +9,9 @@ from prowler.providers.common.models import Audit_Metadata

 AWS_REGION = "eu-west-1"
 AWS_ACCOUNT_NUMBER = "123456789012"
+elb_arn = (
+    f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
+)


 class Test_elb_ssl_listeners:
@@ -108,6 +111,7 @@ class Test_elb_ssl_listeners:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn

    @mock_ec2
    @mock_elb
@@ -151,3 +155,4 @@ class Test_elb_ssl_listeners:
                result[0].status_extended,
            )
            assert result[0].resource_id == "my-lb"
+            assert result[0].resource_arn == elb_arn