From a55a6bf94ba3112edbb9a65752bbd8d3acb99c26 Mon Sep 17 00:00:00 2001 From: Sergio Garcia <38561120+sergargar@users.noreply.github.com> Date: Mon, 17 Apr 2023 10:54:56 +0200 Subject: [PATCH] fix(test): Mock audit info in EC2 (#2224) --- .../ec2/ec2_ami_public/ec2_ami_public_test.py | 52 ++++++++++---- .../ec2_ebs_default_encryption_test.py | 43 +++++++++--- .../ec2_ebs_public_snapshot_test.py | 51 +++++++++++--- .../ec2_ebs_snapshots_encrypted_test.py | 50 +++++++++++--- .../ec2_ebs_volume_encryption_test.py | 50 +++++++++++--- .../ec2_elastic_ip_shodan_test.py | 54 ++++++++++----- .../ec2_elastic_ip_unassgined_test.py | 50 +++++++++++--- .../ec2_instance_imdsv2_enabled_test.py | 52 ++++++++++---- ...ernet_facing_with_instance_profile_test.py | 50 +++++++++++--- ..._instance_older_than_specific_days_test.py | 52 ++++++++++---- .../ec2_instance_profile_attached_test.py | 50 +++++++++++--- .../ec2_instance_public_ip_test.py | 52 ++++++++++---- .../ec2_instance_secrets_user_data_test.py | 67 +++++++++++++------ ..._networkacl_allow_ingress_any_port_test.py | 58 +++++++++++----- ...tworkacl_allow_ingress_tcp_port_22_test.py | 58 +++++++++++----- ...orkacl_allow_ingress_tcp_port_3389_test.py | 58 +++++++++++----- ..._ingress_from_internet_to_any_port_test.py | 49 +++++++++++--- ...ternet_to_port_mongodb_27017_27018_test.py | 49 +++++++++++--- ...rom_internet_to_tcp_ftp_port_20_21_test.py | 49 +++++++++++--- ...gress_from_internet_to_tcp_port_22_test.py | 49 +++++++++++--- ...ess_from_internet_to_tcp_port_3389_test.py | 49 +++++++++++--- ..._tcp_port_cassandra_7199_9160_8888_test.py | 49 +++++++++++--- ...lasticsearch_kibana_9200_9300_5601_test.py | 49 +++++++++++--- ...om_internet_to_tcp_port_kafka_9092_test.py | 49 +++++++++++--- ...ternet_to_tcp_port_memcached_11211_test.py | 49 +++++++++++--- ...om_internet_to_tcp_port_mysql_3306_test.py | 49 +++++++++++--- ...ernet_to_tcp_port_oracle_1521_2483_test.py | 49 +++++++++++--- ...internet_to_tcp_port_postgres_5432_test.py | 49 +++++++++++--- ...om_internet_to_tcp_port_redis_6379_test.py | 49 +++++++++++--- ...t_to_tcp_port_sql_server_1433_1434_test.py | 49 +++++++++++--- ...rom_internet_to_tcp_port_telnet_23_test.py | 49 +++++++++++--- ...ygroup_allow_wide_open_public_ipv4_test.py | 49 +++++++++++--- ...ritygroup_default_restrict_traffic_test.py | 49 +++++++++++--- ...2_securitygroup_from_launch_wizard_test.py | 50 +++++++++++--- .../ec2_securitygroup_not_used_test.py | 49 +++++++++++--- ...oup_with_many_ingress_egress_rules_test.py | 49 +++++++++++--- 36 files changed, 1423 insertions(+), 405 deletions(-) diff --git a/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py b/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py index 2dd48a70..1f7746b4 100644 --- a/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py +++ b/tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py @@ -1,23 +1,49 @@ from unittest import mock -from boto3 import client, resource +from boto3 import client, resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_ami_public: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_no_amis(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ami_public.ec2_ami_public.ec2_client", new=EC2(current_audit_info), ): @@ -33,7 +59,6 @@ class Test_ec2_ami_public: @mock_ec2 def test_one_private_ami(self): - ec2 = client("ec2", region_name="us-east-1") reservation = ec2.run_instances(ImageId=EXAMPLE_AMI_ID, MinCount=1, MaxCount=1) @@ -44,13 +69,14 @@ class Test_ec2_ami_public: InstanceId=instance_id, Name="test-ami", Description="this is a test ami" )["ImageId"] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ami_public.ec2_ami_public.ec2_client", new=EC2(current_audit_info), ): @@ -72,7 +98,6 @@ class Test_ec2_ami_public: @mock_ec2 def test_one_public_ami(self): - ec2 = client("ec2", region_name="us-east-1") reservation = ec2.run_instances(ImageId=EXAMPLE_AMI_ID, MinCount=1, MaxCount=1) @@ -92,13 +117,14 @@ class Test_ec2_ami_public: } image.modify_attribute(**ADD_GROUP_ARGS) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ami_public.ec2_ami_public.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py b/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py index a9f68151..7fed5871 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py @@ -1,27 +1,54 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_ebs_default_encryption: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_ebs_encryption_enabled(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.enable_ebs_encryption_by_default() - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_default_encryption.ec2_ebs_default_encryption.ec2_client", new=EC2(current_audit_info), ): @@ -45,14 +72,14 @@ class Test_ec2_ebs_default_encryption: @mock_ec2 def test_ec2_ebs_encryption_disabled(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_default_encryption.ec2_ebs_default_encryption.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py b/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py index 54578255..6fc047b5 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py @@ -1,10 +1,13 @@ from unittest import mock -from boto3 import client, resource +from boto3 import client, resource, session from mock import patch from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" def mock_generate_regional_clients(service, audit_info): @@ -18,15 +21,39 @@ def mock_generate_regional_clients(service, audit_info): new=mock_generate_regional_clients, ) class Test_ec2_ebs_public_snapshot: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_snapshots(self): - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_public_snapshot.ec2_ebs_public_snapshot.ec2_client", new=EC2(current_audit_info), ): @@ -54,13 +81,15 @@ class Test_ec2_ebs_public_snapshot: OperationType="add", GroupNames=["all"], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info + from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_public_snapshot.ec2_ebs_public_snapshot.ec2_client", new=EC2(current_audit_info), ): @@ -95,13 +124,15 @@ class Test_ec2_ebs_public_snapshot: Size=80, AvailabilityZone=f"{AWS_REGION}a", Encrypted=True ) snapshot = volume.create_snapshot(Description="testsnap") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info + from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_public_snapshot.ec2_ebs_public_snapshot.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py b/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py index 73d38e6e..f5a343a6 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py @@ -1,10 +1,13 @@ from unittest import mock -from boto3 import resource +from boto3 import resource, session from mock import patch from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" def mock_generate_regional_clients(service, audit_info): @@ -18,15 +21,39 @@ def mock_generate_regional_clients(service, audit_info): new=mock_generate_regional_clients, ) class Test_ec2_ebs_snapshots_encrypted: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_snapshots(self): - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_snapshots_encrypted.ec2_ebs_snapshots_encrypted.ec2_client", new=EC2(current_audit_info), ): @@ -48,13 +75,14 @@ class Test_ec2_ebs_snapshots_encrypted: volume = ec2.create_volume(Size=80, AvailabilityZone=f"{AWS_REGION}a") snapshot = volume.create_snapshot(Description="testsnap") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_snapshots_encrypted.ec2_ebs_snapshots_encrypted.ec2_client", new=EC2(current_audit_info), ): @@ -89,13 +117,15 @@ class Test_ec2_ebs_snapshots_encrypted: Size=80, AvailabilityZone=f"{AWS_REGION}a", Encrypted=True ) snapshot = volume.create_snapshot(Description="testsnap") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info + from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_snapshots_encrypted.ec2_ebs_snapshots_encrypted.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py b/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py index 0f3893f7..6b45a75e 100644 --- a/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py +++ b/tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py @@ -1,22 +1,48 @@ from unittest import mock -from boto3 import resource +from boto3 import resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_ebs_volume_encryption: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_no_volumes(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_volume_encryption.ec2_ebs_volume_encryption.ec2_client", new=EC2(current_audit_info), ): @@ -36,13 +62,14 @@ class Test_ec2_ebs_volume_encryption: ec2 = resource("ec2", region_name=AWS_REGION) volume = ec2.create_volume(Size=80, AvailabilityZone=f"{AWS_REGION}a") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_volume_encryption.ec2_ebs_volume_encryption.ec2_client", new=EC2(current_audit_info), ): @@ -73,13 +100,14 @@ class Test_ec2_ebs_volume_encryption: Size=80, AvailabilityZone=f"{AWS_REGION}a", Encrypted=True ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_ebs_volume_encryption.ec2_ebs_volume_encryption.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py b/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py index fce59e49..0ba734ac 100644 --- a/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py +++ b/tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py @@ -1,15 +1,40 @@ from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 from prowler.config.config import get_config_var +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info EXAMPLE_AMI_ID = "ami-12c6146b" shodan_api_key = get_config_var("shodan_api_key") +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_elastic_ip_shodan: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + if shodan_api_key: @mock_ec2 @@ -19,15 +44,14 @@ class Test_ec2_elastic_ip_shodan: # Create EC2 Instance ec2_client.run_instances(ImageId=EXAMPLE_AMI_ID, MinCount=1, MaxCount=1) - from prowler.providers.aws.lib.audit_info.audit_info import ( - current_audit_info, - ) from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_shodan.ec2_elastic_ip_shodan.ec2_client", new=EC2(current_audit_info), ): @@ -48,15 +72,14 @@ class Test_ec2_elastic_ip_shodan: # Create EC2 Instance ec2_client.allocate_address(Domain="vpc") - from prowler.providers.aws.lib.audit_info.audit_info import ( - current_audit_info, - ) from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_shodan.ec2_elastic_ip_shodan.ec2_client", new=EC2(current_audit_info), ): @@ -84,15 +107,14 @@ class Test_ec2_elastic_ip_shodan: InstanceId=instance["Instances"][0]["InstanceId"], ) - from prowler.providers.aws.lib.audit_info.audit_info import ( - current_audit_info, - ) from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_shodan.ec2_elastic_ip_shodan.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py b/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py index 4192fcb8..e59796c3 100644 --- a/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py +++ b/tests/providers/aws/services/ec2/ec2_elastic_ip_unassgined/ec2_elastic_ip_unassgined_test.py @@ -1,24 +1,50 @@ from re import search from unittest import mock -from boto3 import client, resource +from boto3 import client, resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_elastic_ip_unassgined: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_no_eips(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_unassgined.ec2_elastic_ip_unassgined.ec2_client", new=EC2(current_audit_info), ): @@ -40,13 +66,14 @@ class Test_ec2_elastic_ip_unassgined: Domain="vpc", Address="127.38.43.222" )["AllocationId"] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_unassgined.ec2_elastic_ip_unassgined.ec2_client", new=EC2(current_audit_info), ): @@ -88,13 +115,14 @@ class Test_ec2_elastic_ip_unassgined: InstanceId=instance.id, AllocationId=eip.allocation_id ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_elastic_ip_unassgined.ec2_elastic_ip_unassgined.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py b/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py index 867370df..f0a3a414 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py @@ -1,24 +1,50 @@ from re import search from unittest import mock -from boto3 import resource +from boto3 import resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_instance_imdsv2_enabled: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_no_instances(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_imdsv2_enabled.ec2_instance_imdsv2_enabled.ec2_client", new=EC2(current_audit_info), ): @@ -34,7 +60,6 @@ class Test_ec2_instance_imdsv2_enabled: @mock_ec2 def test_one_compliant_ec2(self): - ec2 = resource("ec2", region_name=AWS_REGION) instance = ec2.create_instances( ImageId=EXAMPLE_AMI_ID, @@ -46,13 +71,14 @@ class Test_ec2_instance_imdsv2_enabled: }, )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_imdsv2_enabled.ec2_instance_imdsv2_enabled.ec2_client", new=EC2(current_audit_info), ) as service_client: @@ -80,7 +106,6 @@ class Test_ec2_instance_imdsv2_enabled: @mock_ec2 def test_one_uncompliant_ec2(self): - ec2 = resource("ec2", region_name=AWS_REGION) instance = ec2.create_instances( ImageId=EXAMPLE_AMI_ID, @@ -92,13 +117,14 @@ class Test_ec2_instance_imdsv2_enabled: }, )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_imdsv2_enabled.ec2_instance_imdsv2_enabled.ec2_client", new=EC2(current_audit_info), ) as service_client: diff --git a/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py b/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py index 787ddfa9..b3fdde05 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py @@ -1,24 +1,50 @@ from re import search from unittest import mock -from boto3 import client, resource +from boto3 import client, resource, session from moto import mock_ec2, mock_iam +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_instance_internet_facing_with_instance_profile: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_no_instances(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_internet_facing_with_instance_profile.ec2_instance_internet_facing_with_instance_profile.ec2_client", new=EC2(current_audit_info), ): @@ -57,13 +83,14 @@ class Test_ec2_instance_internet_facing_with_instance_profile: ], )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_internet_facing_with_instance_profile.ec2_instance_internet_facing_with_instance_profile.ec2_client", new=EC2(current_audit_info), ): @@ -111,13 +138,14 @@ class Test_ec2_instance_internet_facing_with_instance_profile: ], )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_internet_facing_with_instance_profile.ec2_instance_internet_facing_with_instance_profile.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py b/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py index 6ea29cde..75ad5c4e 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py @@ -2,25 +2,51 @@ import datetime from re import search from unittest import mock -from boto3 import resource +from boto3 import resource, session from dateutil.tz import tzutc from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_instance_older_than_specific_days: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_no_instances(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_older_than_specific_days.ec2_instance_older_than_specific_days.ec2_client", new=EC2(current_audit_info), ): @@ -36,7 +62,6 @@ class Test_ec2_instance_older_than_specific_days: @mock_ec2 def test_one_compliant_ec2(self): - ec2 = resource("ec2", region_name=AWS_REGION) instance = ec2.create_instances( ImageId=EXAMPLE_AMI_ID, @@ -45,13 +70,14 @@ class Test_ec2_instance_older_than_specific_days: UserData="This is some user_data", )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_older_than_specific_days.ec2_instance_older_than_specific_days.ec2_client", new=EC2(current_audit_info), ): @@ -75,7 +101,6 @@ class Test_ec2_instance_older_than_specific_days: @mock_ec2 def test_one_old_ec2(self): - ec2 = resource("ec2", region_name=AWS_REGION) instance = ec2.create_instances( ImageId=EXAMPLE_AMI_ID, @@ -84,13 +109,14 @@ class Test_ec2_instance_older_than_specific_days: UserData="This is some user_data", )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_older_than_specific_days.ec2_instance_older_than_specific_days.ec2_client", new=EC2(current_audit_info), ) as service_client: diff --git a/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py b/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py index 404cc75f..bf0e168b 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py @@ -1,24 +1,50 @@ from re import search from unittest import mock -from boto3 import client, resource +from boto3 import client, resource, session from moto import mock_ec2, mock_iam +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_instance_profile_attached: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_no_instances(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_profile_attached.ec2_instance_profile_attached.ec2_client", new=EC2(current_audit_info), ): @@ -57,13 +83,14 @@ class Test_ec2_instance_profile_attached: ], )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_profile_attached.ec2_instance_profile_attached.ec2_client", new=EC2(current_audit_info), ): @@ -104,13 +131,14 @@ class Test_ec2_instance_profile_attached: ], )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_profile_attached.ec2_instance_profile_attached.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py b/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py index 3a079c24..22f13d91 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py @@ -1,24 +1,50 @@ from re import search from unittest import mock -from boto3 import resource +from boto3 import resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_instance_public_ip: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_no_instances(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_public_ip.ec2_instance_public_ip.ec2_client", new=EC2(current_audit_info), ): @@ -34,7 +60,6 @@ class Test_ec2_instance_public_ip: @mock_ec2 def test_one_compliant_ec2(self): - ec2 = resource("ec2", region_name=AWS_REGION) vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16") subnet = ec2.create_subnet(VpcId=vpc.id, CidrBlock="10.0.0.0/18") @@ -51,13 +76,14 @@ class Test_ec2_instance_public_ip: ], )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_public_ip.ec2_instance_public_ip.ec2_client", new=EC2(current_audit_info), ): @@ -82,7 +108,6 @@ class Test_ec2_instance_public_ip: @mock_ec2 def test_one_ec2_with_public_ip(self): - ec2 = resource("ec2", region_name=AWS_REGION) vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16") subnet = ec2.create_subnet(VpcId=vpc.id, CidrBlock="10.0.0.0/18") @@ -99,13 +124,14 @@ class Test_ec2_instance_public_ip: ], )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_public_ip.ec2_instance_public_ip.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py b/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py index 84737747..e485ade4 100644 --- a/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py +++ b/tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py @@ -1,23 +1,49 @@ from unittest import mock -from boto3 import resource +from boto3 import resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_instance_secrets_user_data: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_no_ec2(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", new=EC2(current_audit_info), ): @@ -33,7 +59,6 @@ class Test_ec2_instance_secrets_user_data: @mock_ec2 def test_one_ec2_with_no_secrets(self): - ec2 = resource("ec2", region_name=AWS_REGION) instance = ec2.create_instances( ImageId=EXAMPLE_AMI_ID, @@ -42,13 +67,14 @@ class Test_ec2_instance_secrets_user_data: UserData="This is some user_data", )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", new=EC2(current_audit_info), ): @@ -69,7 +95,6 @@ class Test_ec2_instance_secrets_user_data: @mock_ec2 def test_one_ec2_with_secrets(self): - ec2 = resource("ec2", region_name=AWS_REGION) instance = ec2.create_instances( ImageId=EXAMPLE_AMI_ID, @@ -78,13 +103,14 @@ class Test_ec2_instance_secrets_user_data: UserData="DB_PASSWORD=foobar123", )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", new=EC2(current_audit_info), ): @@ -120,13 +146,14 @@ class Test_ec2_instance_secrets_user_data: ImageId=EXAMPLE_AMI_ID, MinCount=1, MaxCount=1, UserData=secrets )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", new=EC2(current_audit_info), ): @@ -151,19 +178,19 @@ class Test_ec2_instance_secrets_user_data: @mock_ec2 def test_one_launch_configurations_without_user_data(self): - ec2 = resource("ec2", region_name=AWS_REGION) instance = ec2.create_instances( ImageId=EXAMPLE_AMI_ID, MinCount=1, MaxCount=1, UserData="" )[0] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_instance_secrets_user_data.ec2_instance_secrets_user_data.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py index 195a4bb6..980b53e6 100644 --- a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py +++ b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py @@ -1,22 +1,48 @@ from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class ec2_networkacl_allow_ingress_any_port: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_nacls(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", new=EC2(current_audit_info), ): @@ -33,14 +59,14 @@ class ec2_networkacl_allow_ingress_any_port: @mock_ec2 def test_ec2_non_default_compliant_nacl(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", new=EC2(current_audit_info), ): @@ -79,13 +105,14 @@ class ec2_networkacl_allow_ingress_any_port: CidrBlock="0.0.0.0/0", ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", new=EC2(current_audit_info), ): @@ -129,13 +156,14 @@ class ec2_networkacl_allow_ingress_any_port: CidrBlock="10.0.0.2/32", ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_any_port.ec2_networkacl_allow_ingress_any_port.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py index 715f5948..e25a93f7 100644 --- a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py +++ b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py @@ -1,22 +1,48 @@ from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_networkacl_allow_ingress_tcp_port_22: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_nacls(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", new=EC2(current_audit_info), ): @@ -33,14 +59,14 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: @mock_ec2 def test_ec2_non_default_compliant_nacl(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", new=EC2(current_audit_info), ): @@ -80,13 +106,14 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: CidrBlock="0.0.0.0/0", ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", new=EC2(current_audit_info), ): @@ -131,13 +158,14 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22: CidrBlock="10.0.0.2/32", ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_22.ec2_networkacl_allow_ingress_tcp_port_22.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py index 87d61a77..689e18f2 100644 --- a/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py +++ b/tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py @@ -1,22 +1,48 @@ from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_networkacl_allow_ingress_tcp_port_3389: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_nacls(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", new=EC2(current_audit_info), ): @@ -33,14 +59,14 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: @mock_ec2 def test_ec2_non_default_compliant_nacl(self): - - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", new=EC2(current_audit_info), ): @@ -80,13 +106,14 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: CidrBlock="0.0.0.0/0", ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", new=EC2(current_audit_info), ): @@ -131,13 +158,14 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389: CidrBlock="10.0.0.2/32", ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_networkacl_allow_ingress_tcp_port_3389.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py index aeaa3e43..14c028ae 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_client", new=EC2(current_audit_info), ): @@ -55,13 +82,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_client", new=EC2(current_audit_info), ): @@ -106,13 +134,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_securitygroup_allow_ingress_from_internet_to_any_port.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py index d812946a..2c015d6e 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py index a3748fed..44a91a08 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py index ab431628..35382aba 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_client", new=EC2(current_audit_info), ): @@ -57,13 +84,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_client", new=EC2(current_audit_info), ): @@ -110,13 +138,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py index 2d154fd5..72c24a70 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_client", new=EC2(current_audit_info), ): @@ -57,13 +84,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_client", new=EC2(current_audit_info), ): @@ -110,13 +138,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py index b3626c33..883cacff 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py index 58cb281c..e65bb902 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py index e4f1bb91..1e430970 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_client", new=EC2(current_audit_info), ): @@ -113,13 +141,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py index 71e00426..1cd9e282 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py index 70b5412f..91f08a0c 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py index 65a63bcc..42c06362 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py index ccf19a0a..ef3dfaee 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py index 0d3d4865..040715c2 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_client", new=EC2(current_audit_info), ): @@ -113,13 +141,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py index 3fe7ea96..b798f8a1 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_client", new=EC2(current_audit_info), ): @@ -114,13 +142,14 @@ class ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_ ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py index 19a9f014..6e7a09cd 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_client", new=EC2(current_audit_info), ): @@ -59,13 +86,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_client", new=EC2(current_audit_info), ): @@ -113,13 +141,14 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py index 97351f22..bdd72b5c 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_allow_wide_open_public_ipv4: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_client", new=EC2(current_audit_info), ): @@ -55,13 +82,14 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_client", new=EC2(current_audit_info), ): @@ -106,13 +134,14 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_securitygroup_allow_wide_open_public_ipv4.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py index 48979955..c558a7ed 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_default_restrict_traffic/ec2_securitygroup_default_restrict_traffic_test.py @@ -1,25 +1,52 @@ from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_default_restrict_traffic: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_default_restrict_traffic.ec2_securitygroup_default_restrict_traffic.ec2_client", new=EC2(current_audit_info), ): @@ -49,13 +76,14 @@ class Test_ec2_securitygroup_default_restrict_traffic: IpPermissions=[{"IpProtocol": "-1", "IpRanges": [{"CidrIp": "0.0.0.0/0"}]}], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_default_restrict_traffic.ec2_securitygroup_default_restrict_traffic.ec2_client", new=EC2(current_audit_info), ): @@ -97,13 +125,14 @@ class Test_ec2_securitygroup_default_restrict_traffic: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_default_restrict_traffic.ec2_securitygroup_default_restrict_traffic.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py index e5814221..377ad586 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py @@ -1,27 +1,54 @@ from re import search from unittest import mock -from boto3 import client, resource +from boto3 import client, resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_from_launch_wizard: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_from_launch_wizard.ec2_securitygroup_from_launch_wizard.ec2_client", new=EC2(current_audit_info), ): @@ -47,13 +74,14 @@ class Test_ec2_securitygroup_from_launch_wizard: GroupName="launch-wizard-1", Description="launch wizard sg" )["GroupId"] - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_from_launch_wizard.ec2_securitygroup_from_launch_wizard.ec2_client", new=EC2(current_audit_info), ): @@ -98,13 +126,15 @@ class Test_ec2_securitygroup_from_launch_wizard: default_sg_id, ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info + from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_from_launch_wizard.ec2_securitygroup_from_launch_wizard.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py index 8fd5dfdd..4dfa3b39 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py @@ -1,27 +1,54 @@ from re import search from unittest import mock -from boto3 import client, resource +from boto3 import client, resource, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" EXAMPLE_AMI_ID = "ami-12c6146b" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_not_used: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_not_used.ec2_securitygroup_not_used.ec2_client", new=EC2(current_audit_info), ): @@ -46,13 +73,14 @@ class Test_ec2_securitygroup_not_used: GroupName="test-sg", Description="test", VpcId=vpc_id ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_not_used.ec2_securitygroup_not_used.ec2_client", new=EC2(current_audit_info), ): @@ -88,13 +116,14 @@ class Test_ec2_securitygroup_not_used: subnet = ec2.create_subnet(VpcId=vpc_id, CidrBlock="10.0.0.0/18") subnet.create_network_interface(Groups=[sg.id]) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_not_used.ec2_securitygroup_not_used.ec2_client", new=EC2(current_audit_info), ): diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py index aa2e07ba..283a1b5f 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py @@ -1,26 +1,53 @@ from re import search from unittest import mock -from boto3 import client +from boto3 import client, session from moto import mock_ec2 +from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info + AWS_REGION = "us-east-1" +AWS_ACCOUNT_NUMBER = "123456789012" class Test_ec2_securitygroup_with_many_ingress_egress_rules: + def set_mocked_audit_info(self): + audit_info = AWS_Audit_Info( + session_config=None, + original_session=None, + audit_session=session.Session( + profile_name=None, + botocore_session=None, + ), + audited_account=AWS_ACCOUNT_NUMBER, + audited_user_id=None, + audited_partition="aws", + audited_identity_arn=None, + profile=None, + profile_region=None, + credentials=None, + assumed_role_info=None, + audited_regions=["us-east-1", "eu-west-1"], + organizations_metadata=None, + audit_resources=None, + ) + + return audit_info + @mock_ec2 def test_ec2_default_sgs(self): # Create EC2 Mocked Resources ec2_client = client("ec2", region_name=AWS_REGION) ec2_client.create_vpc(CidrBlock="10.0.0.0/16") - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_with_many_ingress_egress_rules.ec2_securitygroup_with_many_ingress_egress_rules.ec2_client", new=EC2(current_audit_info), ): @@ -58,13 +85,14 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_with_many_ingress_egress_rules.ec2_securitygroup_with_many_ingress_egress_rules.ec2_client", new=EC2(current_audit_info), ): @@ -110,13 +138,14 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: ], ) - from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info from prowler.providers.aws.services.ec2.ec2_service import EC2 - current_audit_info.audited_partition = "aws" - current_audit_info.audited_regions = ["eu-west-1", "us-east-1"] + current_audit_info = self.set_mocked_audit_info() with mock.patch( + "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", + new=current_audit_info, + ), mock.patch( "prowler.providers.aws.services.ec2.ec2_securitygroup_with_many_ingress_egress_rules.ec2_securitygroup_with_many_ingress_egress_rules.ec2_client", new=EC2(current_audit_info), ):