ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

build(deps-dev): bump moto from 4.2.13 to 5.0.0 (#3329)

Browse Source 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
This commit is contained in:
dependabot[bot]
2024-02-05 12:06:16 +01:00
committed by GitHub
parent de77f3ff13
commit b23be4164f
229 changed files with 1291 additions and 1812 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
tests/providers/aws/aws_provider_test.py
View File

@@ -2,7 +2,7 @@ from re import search
import boto3
from mock import patch
from moto import mock_iam, mock_sts
from moto import mock_aws
from prowler.providers.aws.aws_provider import (
AWS_Provider,
@@ -29,8 +29,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_AWS_Provider:
@mock_iam
@mock_sts
@mock_aws
def test_aws_provider_user_without_mfa(self):
# sessionName = "ProwlerAssessmentSession"
# Boto 3 client to create our user
@@ -79,8 +78,7 @@ class Test_AWS_Provider:
role_session_name="ProwlerAssessmentSession",
)
@mock_iam
@mock_sts
@mock_aws
def test_aws_provider_user_with_mfa(self):
# Boto 3 client to create our user
iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1)
@@ -129,8 +127,7 @@ class Test_AWS_Provider:
role_session_name="ProwlerAssessmentSession",
)
@mock_iam
@mock_sts
@mock_aws
def test_aws_provider_assume_role_with_mfa(self):
# Variables
role_name = "test-role"
@@ -208,8 +205,7 @@ class Test_AWS_Provider:
assume_role_response["AssumedRoleUser"]["AssumedRoleId"]
) == 21 + 1 + len(sessionName)
@mock_iam
@mock_sts
@mock_aws
def test_aws_provider_assume_role_without_mfa(self):
# Variables
role_name = "test-role"
@@ -279,8 +275,7 @@ class Test_AWS_Provider:
assume_role_response["AssumedRoleUser"]["AssumedRoleId"]
) == 21 + 1 + len(sessionName)
@mock_iam
@mock_sts
@mock_aws
def test_assume_role_with_sts_endpoint_region(self):
# Variables
role_name = "test-role"

8
tests/providers/aws/lib/allowlist/allowlist_test.py
View File

@@ -1,7 +1,7 @@
import yaml
from boto3 import resource
from mock import MagicMock
from moto import mock_dynamodb, mock_s3
from moto import mock_aws
from prowler.providers.aws.lib.allowlist.allowlist import (
allowlist_findings,
@@ -25,7 +25,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Allowlist:
# Test S3 allowlist
@mock_s3
@mock_aws
def test_s3_allowlist(self):
audit_info = set_mocked_aws_audit_info()
# Create bucket and upload allowlist yaml
@@ -44,7 +44,7 @@ class Test_Allowlist:
)
# Test DynamoDB allowlist
@mock_dynamodb
@mock_aws
def test_dynamo_allowlist(self):
audit_info = set_mocked_aws_audit_info()
# Create table and put item
@@ -88,7 +88,7 @@ class Test_Allowlist:
)["Accounts"]["*"]["Checks"]["iam_user_hardware_mfa_enabled"]["Resources"]
)
@mock_dynamodb
@mock_aws
def test_dynamo_allowlist_with_tags(self):
audit_info = set_mocked_aws_audit_info()
# Create table and put item

41
tests/providers/aws/lib/credentials/credentials_test.py
View File

@@ -3,7 +3,7 @@ import re
import boto3
import botocore
from mock import patch
from moto import mock_iam, mock_sts
from moto import mock_aws
from prowler.providers.aws.lib.arn.arn import parse_iam_credentials_arn
from prowler.providers.aws.lib.credentials.credentials import (
@@ -41,8 +41,7 @@ def mock_get_caller_identity_gov_cloud(self, operation_name, kwarg):
class Test_AWS_Credentials:
@mock_sts
@mock_iam
@mock_aws
def test_validate_credentials_commercial_partition_with_regions(self):
# AWS Region for AWS COMMERCIAL
aws_region = "eu-west-1"
@@ -77,8 +76,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
def test_validate_credentials_commercial_partition_with_regions_none_and_profile_region_so_profile_region(
self,
):
@@ -115,8 +113,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
def test_validate_credentials_commercial_partition_with_0_regions_and_profile_region_so_profile_region(
self,
):
@@ -153,8 +150,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
def test_validate_credentials_commercial_partition_without_regions_and_profile_region_so_us_east_1(
self,
):
@@ -191,8 +187,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
def test_validate_credentials_commercial_partition_with_regions_none_and_profile_region_but_sts_endpoint_region(
self,
):
@@ -232,8 +227,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
def test_validate_credentials_china_partition_without_regions_and_profile_region_so_us_east_1(
self,
):
@@ -270,8 +264,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
@patch(
"botocore.client.BaseClient._make_api_call", new=mock_get_caller_identity_china
)
@@ -312,8 +305,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
@patch(
"botocore.client.BaseClient._make_api_call", new=mock_get_caller_identity_china
)
@@ -359,8 +351,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
@patch(
"botocore.client.BaseClient._make_api_call",
new=mock_get_caller_identity_gov_cloud,
@@ -402,8 +393,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts
@mock_iam
@mock_aws
@patch(
"botocore.client.BaseClient._make_api_call",
new=mock_get_caller_identity_gov_cloud,
@@ -450,8 +440,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_iam
@mock_sts
@mock_aws
def test_create_sts_session(self):
aws_region = "eu-west-1"
# Create a mock IAM user
@@ -474,8 +463,7 @@ class Test_AWS_Credentials:
assert sts_client._endpoint._endpoint_prefix == "sts"
assert sts_client._endpoint.host == f"https://sts.{aws_region}.amazonaws.com"
@mock_iam
@mock_sts
@mock_aws
def test_create_sts_session_gov_cloud(self):
aws_region = "us-gov-east-1"
# Create a mock IAM user
@@ -498,8 +486,7 @@ class Test_AWS_Credentials:
assert sts_client._endpoint._endpoint_prefix == "sts"
assert sts_client._endpoint.host == f"https://sts.{aws_region}.amazonaws.com"
@mock_iam
@mock_sts
@mock_aws
def test_create_sts_session_china(self):
aws_region = "cn-north-1"
# Create a mock IAM user

6
tests/providers/aws/lib/organizations/organizations_test.py
View File

@@ -1,7 +1,7 @@
import json
import boto3
from moto import mock_iam, mock_organizations, mock_sts
from moto import mock_aws
from prowler.providers.aws.lib.organizations.organizations import (
get_organizations_metadata,
@@ -11,9 +11,7 @@ AWS_ACCOUNT_NUMBER = "123456789012"
class Test_AWS_Organizations:
@mock_organizations
@mock_sts
@mock_iam
@mock_aws
def test_organizations(self):
client = boto3.client("organizations", region_name="us-east-1")
iam_client = boto3.client("iam", region_name="us-east-1")

6
tests/providers/aws/lib/s3/s3_test.py
View File

@@ -3,7 +3,7 @@ from pathlib import Path
import boto3
from mock import MagicMock
from moto import mock_s3
from moto import mock_aws
from prowler.config.config import csv_file_suffix
from prowler.providers.aws.lib.s3.s3 import get_s3_object_path, send_to_s3_bucket
@@ -21,7 +21,7 @@ OUTPUT_MODE_CIS_1_4_AWS = "cis_1.4_aws"
class TestS3:
@mock_s3
@mock_aws
def test_send_to_s3_bucket(self):
# Mock Audit Info
audit_info = MagicMock()
@@ -60,7 +60,7 @@ class TestS3:
== "binary/octet-stream"
)
@mock_s3
@mock_aws
def test_send_to_s3_bucket_compliance(self):
# Mock Audit Info
audit_info = MagicMock()

30
tests/providers/aws/services/apigateway/apigateway_authorizers_enabled/apigateway_authorizers_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_apigateway, mock_iam, mock_lambda
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_authorizers_enabled:
@mock_apigateway
@mock_aws
def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway,
@@ -39,9 +39,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert len(result) == 0
@mock_apigateway
@mock_iam
@mock_lambda
@mock_aws
def test_apigateway_one_rest_api_with_lambda_authorizer(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -107,7 +105,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_aws
def test_apigateway_one_rest_api_without_lambda_authorizer(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -152,9 +150,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_iam
@mock_lambda
@mock_aws
def test_apigateway_one_rest_api_without_api_or_methods_authorizer(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -215,9 +211,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_iam
@mock_lambda
@mock_aws
def test_apigateway_one_rest_api_without_api_auth_but_one_method_auth(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -278,9 +272,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_iam
@mock_lambda
@mock_aws
def test_apigateway_one_rest_api_without_api_auth_but_methods_auth_and_not(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -348,9 +340,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_iam
@mock_lambda
@mock_aws
def test_apigateway_one_rest_api_without_api_auth_but_methods_not_auth_and_auth(
self,
):
@@ -420,9 +410,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_iam
@mock_lambda
@mock_aws
def test_apigateway_one_rest_api_without_authorizers_with_various_resources_without_endpoints(
self,
):

8
tests/providers/aws/services/apigateway/apigateway_client_certificate_enabled/apigateway_client_certificate_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_apigateway
from moto import mock_aws
from prowler.providers.aws.services.apigateway.apigateway_service import Stage
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_client_certificate_enabled:
@mock_apigateway
@mock_aws
def test_apigateway_no_stages(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -45,7 +45,7 @@ class Test_apigateway_restapi_client_certificate_enabled:
assert len(result) == 0
@mock_apigateway
@mock_aws
def test_apigateway_one_stage_without_certificate(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_apigateway_restapi_client_certificate_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [None]
@mock_apigateway
@mock_aws
def test_apigateway_one_stage_with_certificate(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/apigateway/apigateway_endpoint_public/apigateway_endpoint_public_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_apigateway
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_public:
@mock_apigateway
@mock_aws
def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway,
@@ -38,7 +38,7 @@ class Test_apigateway_restapi_public:
assert len(result) == 0
@mock_apigateway
@mock_aws
def test_apigateway_one_private_rest_api(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -88,7 +88,7 @@ class Test_apigateway_restapi_public:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_aws
def test_apigateway_one_public_rest_api(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/apigateway/apigateway_endpoint_public_without_authorizer/apigateway_endpoint_public_without_authorizer_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_apigateway
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -13,7 +13,7 @@ API_GW_NAME = "test-rest-api"
class Test_apigateway_restapi_public_with_authorizer:
@mock_apigateway
@mock_aws
def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway,
@@ -40,7 +40,7 @@ class Test_apigateway_restapi_public_with_authorizer:
assert len(result) == 0
@mock_apigateway
@mock_aws
def test_apigateway_one_public_rest_api_without_authorizer(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -90,7 +90,7 @@ class Test_apigateway_restapi_public_with_authorizer:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}]
@mock_apigateway
@mock_aws
def test_apigateway_one_public_rest_api_with_authorizer(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/apigateway/apigateway_logging_enabled/apigateway_logging_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_apigateway
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_logging_enabled:
@mock_apigateway
@mock_aws
def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway,
@@ -38,7 +38,7 @@ class Test_apigateway_restapi_logging_enabled:
assert len(result) == 0
@mock_apigateway
@mock_aws
def test_apigateway_one_rest_api_with_logging(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -120,7 +120,7 @@ class Test_apigateway_restapi_logging_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [None]
@mock_apigateway
@mock_aws
def test_apigateway_one_rest_api_without_logging(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

20
tests/providers/aws/services/apigateway/apigateway_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client
from moto import mock_apigateway
from moto import mock_aws
from prowler.providers.aws.services.apigateway.apigateway_service import APIGateway
from tests.providers.aws.audit_info_utils import (
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_APIGateway_Service:
# Test APIGateway Service
@mock_apigateway
@mock_aws
def test_service(self):
# APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -19,7 +19,7 @@ class Test_APIGateway_Service:
assert apigateway.service == "apigateway"
# Test APIGateway Client
@mock_apigateway
@mock_aws
def test_client(self):
# APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -28,7 +28,7 @@ class Test_APIGateway_Service:
assert regional_client.__class__.__name__ == "APIGateway"
# Test APIGateway Session
@mock_apigateway
@mock_aws
def test__get_session__(self):
# APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -36,7 +36,7 @@ class Test_APIGateway_Service:
assert apigateway.session.__class__.__name__ == "Session"
# Test APIGateway Session
@mock_apigateway
@mock_aws
def test_audited_account(self):
# APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -44,7 +44,7 @@ class Test_APIGateway_Service:
assert apigateway.audited_account == AWS_ACCOUNT_NUMBER
# Test APIGateway Get Rest APIs
@mock_apigateway
@mock_aws
def test__get_rest_apis__(self):
# Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -60,7 +60,7 @@ class Test_APIGateway_Service:
)
# Test APIGateway Get Authorizers
@mock_apigateway
@mock_aws
def test__get_authorizers__(self):
# Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -80,7 +80,7 @@ class Test_APIGateway_Service:
assert apigateway.rest_apis[0].authorizer is True
# Test APIGateway Get Rest API
@mock_apigateway
@mock_aws
def test__get_rest_api__(self):
# Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -97,7 +97,7 @@ class Test_APIGateway_Service:
assert apigateway.rest_apis[0].tags == [{"test": "test"}]
# Test APIGateway Get Stages
@mock_apigateway
@mock_aws
def test__get_stages__(self):
# Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -148,7 +148,7 @@ class Test_APIGateway_Service:
assert apigateway.rest_apis[0].stages[0].logging is True
# Test APIGateway __get_resources__
@mock_apigateway
@mock_aws
def test__get_resources__(self):
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

9
tests/providers/aws/services/apigateway/apigateway_waf_acl_attached/apigateway_waf_acl_attached_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_apigateway, mock_wafv2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_waf_acl_attached:
@mock_apigateway
@mock_aws
def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway,
@@ -38,8 +38,7 @@ class Test_apigateway_restapi_waf_acl_attached:
assert len(result) == 0
@mock_apigateway
@mock_wafv2
@mock_aws
def test_apigateway_one_rest_api_with_waf(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -126,7 +125,7 @@ class Test_apigateway_restapi_waf_acl_attached:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [None]
@mock_apigateway
@mock_aws
def test_apigateway_one_rest_api_without_waf(self):
# Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/apigatewayv2/apigatewayv2_access_logging_enabled/apigatewayv2_access_logging_enabled_test.py
View File

@@ -3,7 +3,7 @@ from unittest import mock
import botocore
from boto3 import client
from mock import patch
from moto import mock_apigatewayv2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1,
@@ -39,7 +39,7 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_apigatewayv2_api_access_logging_enabled:
@mock_apigatewayv2
@mock_aws
def test_apigateway_no_apis(self):
from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import (
ApiGatewayV2,
@@ -66,7 +66,7 @@ class Test_apigatewayv2_api_access_logging_enabled:
assert len(result) == 0
@mock_apigatewayv2
@mock_aws
def test_apigateway_one_api_with_logging_in_stage(self):
# Create ApiGatewayV2 Mocked Resources
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/apigatewayv2/apigatewayv2_authorizers_enabled/apigatewayv2_authorizers_enabled_test.py
View File

@@ -3,7 +3,7 @@ from unittest import mock
import botocore
from boto3 import client
from mock import patch
from moto import mock_apigatewayv2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1,
@@ -39,7 +39,7 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_apigatewayv2_api_authorizers_enabled:
@mock_apigatewayv2
@mock_aws
def test_apigateway_no_apis(self):
from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import (
ApiGatewayV2,
@@ -66,7 +66,7 @@ class Test_apigatewayv2_api_authorizers_enabled:
assert len(result) == 0
@mock_apigatewayv2
@mock_aws
def test_apigateway_one_api_with_authorizer(self):
# Create ApiGatewayV2 Mocked Resources
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)

16
tests/providers/aws/services/apigatewayv2/apigatewayv2_service_test.py
View File

@@ -1,7 +1,7 @@
import botocore
from boto3 import client
from mock import patch
from moto import mock_apigatewayv2
from moto import mock_aws
from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import (
ApiGatewayV2,
@@ -42,7 +42,7 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_ApiGatewayV2_Service:
# Test ApiGatewayV2 Service
@mock_apigatewayv2
@mock_aws
def test_service(self):
# ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -50,7 +50,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.service == "apigatewayv2"
# Test ApiGatewayV2 Client
@mock_apigatewayv2
@mock_aws
def test_client(self):
# ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -59,7 +59,7 @@ class Test_ApiGatewayV2_Service:
assert regional_client.__class__.__name__ == "ApiGatewayV2"
# Test ApiGatewayV2 Session
@mock_apigatewayv2
@mock_aws
def test__get_session__(self):
# ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -67,7 +67,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.session.__class__.__name__ == "Session"
# Test ApiGatewayV2 Session
@mock_apigatewayv2
@mock_aws
def test_audited_account(self):
# ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -75,7 +75,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.audited_account == AWS_ACCOUNT_NUMBER
# Test ApiGatewayV2 Get APIs
@mock_apigatewayv2
@mock_aws
def test__get_apis__(self):
# Generate ApiGatewayV2 Client
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)
@@ -90,7 +90,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.apis[0].tags == [{"test": "test"}]
# Test ApiGatewayV2 Get Authorizers
@mock_apigatewayv2
@mock_aws
def test__get_authorizers__(self):
# Generate ApiGatewayV2 Client
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)
@@ -110,7 +110,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.apis[0].authorizer is True
# Test ApiGatewayV2 Get Stages
@mock_apigatewayv2
@mock_aws
def test__get_stages__(self):
# Generate ApiGatewayV2 Client
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/athena/athena_service_test.py
View File

@@ -1,6 +1,6 @@
from botocore.client import BaseClient
from mock import patch
from moto import mock_athena
from moto import mock_aws
from prowler.providers.aws.services.athena.athena_service import Athena
from tests.providers.aws.audit_info_utils import (
@@ -54,7 +54,7 @@ def mock_generate_regional_clients(service, audit_info):
)
class Test_Athena_Service:
# Test Athena Get Workgrups
@mock_athena
@mock_aws
def test__get_workgroups__not_encrypted(self):
default_workgroup_name = "primary"
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
@@ -78,7 +78,7 @@ class Test_Athena_Service:
# Test Athena Get Workgrups
# We mock the get_work_group to return an encrypted workgroup
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
@mock_athena
@mock_aws
def test__get_workgroups__encrypted(self):
default_workgroup_name = "primary"
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])

8
tests/providers/aws/services/athena/athena_workgroup_encryption/athena_workgroup_encryption_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from mock import patch
from moto import mock_athena
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -15,7 +15,7 @@ ATHENA_PRIMARY_WORKGROUP_ARN = f"arn:aws:athena:{AWS_REGION_EU_WEST_1}:{AWS_ACCO
class Test_athena_workgroup_encryption:
@mock_athena
@mock_aws
def test_primary_workgroup_not_encrypted(self):
from prowler.providers.aws.services.athena.athena_service import Athena
@@ -46,7 +46,7 @@ class Test_athena_workgroup_encryption:
assert result[0].region == AWS_REGION_EU_WEST_1
assert result[0].resource_tags == []
@mock_athena
@mock_aws
def test_primary_workgroup_not_encrypted_ignoring(self):
from prowler.providers.aws.services.athena.athena_service import Athena
@@ -69,7 +69,7 @@ class Test_athena_workgroup_encryption:
assert len(result) == 0
@mock_athena
@mock_aws
# We mock the get_work_group to return an encrypted workgroup
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
def test_primary_workgroup_encrypted(self):

8
tests/providers/aws/services/athena/athena_workgroup_enforce_configuration/athena_workgroup_enforce_configuration_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from mock import patch
from moto import mock_athena
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -15,7 +15,7 @@ ATHENA_PRIMARY_WORKGROUP_ARN = f"arn:aws:athena:{AWS_REGION_EU_WEST_1}:{AWS_ACCO
class Test_athena_workgroup_enforce_configuration:
@mock_athena
@mock_aws
def test_primary_workgroup_configuration_not_enforced(self):
from prowler.providers.aws.services.athena.athena_service import Athena
@@ -46,7 +46,7 @@ class Test_athena_workgroup_enforce_configuration:
assert result[0].region == AWS_REGION_EU_WEST_1
assert result[0].resource_tags == []
@mock_athena
@mock_aws
def test_primary_workgroup_configuration_not_enforced_ignoring(self):
from prowler.providers.aws.services.athena.athena_service import Athena
@@ -69,7 +69,7 @@ class Test_athena_workgroup_enforce_configuration:
assert len(result) == 0
@mock_athena
@mock_aws
# We mock the get_work_group to return a workgroup not enforcing configuration
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
def test_primary_workgroup_configuration_enforced(self):

14
tests/providers/aws/services/autoscaling/autoscaling_find_secrets_ec2_launch_configuration/autoscaling_find_secrets_ec2_launch_configuration_test.py
View File

@@ -3,7 +3,7 @@ from pathlib import Path
from unittest import mock
from boto3 import client
from moto import mock_autoscaling
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1,
@@ -15,7 +15,7 @@ FIXTURES_DIR_NAME = "fixtures"
class Test_autoscaling_find_secrets_ec2_launch_configuration:
@mock_autoscaling
@mock_aws
def test_no_autoscaling(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.launch_configurations = []
@@ -43,7 +43,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert len(result) == 0
@mock_autoscaling
@mock_aws
def test_one_autoscaling_with_no_secrets(self):
# Include launch_configurations to check
launch_configuration_name = "tester"
@@ -90,7 +90,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling
@mock_aws
def test_one_autoscaling_with_secrets(self):
# Include launch_configurations to check
launch_configuration_name = "tester"
@@ -137,7 +137,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling
@mock_aws
def test_one_autoscaling_file_with_secrets(self):
# Include launch_configurations to check
f = open(
@@ -189,7 +189,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling
@mock_aws
def test_one_launch_configurations_without_user_data(self):
# Include launch_configurations to check
launch_configuration_name = "tester"
@@ -235,7 +235,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling
@mock_aws
def test_one_autoscaling_file_with_secrets_gzip(self):
# Include launch_configurations to check
f = open(

10
tests/providers/aws/services/autoscaling/autoscaling_group_multiple_az/autoscaling_group_multiple_az_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_autoscaling
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1,
@@ -10,7 +10,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_autoscaling_group_multiple_az:
@mock_autoscaling
@mock_aws
def test_no_autoscaling(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.groups = []
@@ -38,7 +38,7 @@ class Test_autoscaling_group_multiple_az:
assert len(result) == 0
@mock_autoscaling
@mock_aws
def test_groups_with_multi_az(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.create_launch_configuration(
@@ -94,7 +94,7 @@ class Test_autoscaling_group_multiple_az:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == []
@mock_autoscaling
@mock_aws
def test_groups_with_single_az(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.create_launch_configuration(
@@ -149,7 +149,7 @@ class Test_autoscaling_group_multiple_az:
assert result[0].resource_tags == []
assert result[0].resource_arn == autoscaling_group_arn
@mock_autoscaling
@mock_aws
def test_groups_witd_and_without(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.create_launch_configuration(

14
tests/providers/aws/services/autoscaling/autoscaling_service_test.py
View File

@@ -1,7 +1,7 @@
from base64 import b64decode
from boto3 import client
from moto import mock_autoscaling
from moto import mock_aws
from prowler.providers.aws.services.autoscaling.autoscaling_service import AutoScaling
from tests.providers.aws.audit_info_utils import (
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_AutoScaling_Service:
# Test AutoScaling Service
@mock_autoscaling
@mock_aws
def test_service(self):
# AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -21,7 +21,7 @@ class Test_AutoScaling_Service:
assert autoscaling.service == "autoscaling"
# Test AutoScaling Client
@mock_autoscaling
@mock_aws
def test_client(self):
# AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -30,7 +30,7 @@ class Test_AutoScaling_Service:
assert regional_client.__class__.__name__ == "AutoScaling"
# Test AutoScaling Session
@mock_autoscaling
@mock_aws
def test__get_session__(self):
# AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -38,7 +38,7 @@ class Test_AutoScaling_Service:
assert autoscaling.session.__class__.__name__ == "Session"
# Test AutoScaling Session
@mock_autoscaling
@mock_aws
def test_audited_account(self):
# AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -46,7 +46,7 @@ class Test_AutoScaling_Service:
assert autoscaling.audited_account == AWS_ACCOUNT_NUMBER
# Test AutoScaling Get APIs
@mock_autoscaling
@mock_aws
def test__describe_launch_configurations__(self):
# Generate AutoScaling Client
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
@@ -80,7 +80,7 @@ class Test_AutoScaling_Service:
assert autoscaling.launch_configurations[1].name == "tester2"
# Test Describe Auto Scaling Groups
@mock_autoscaling
@mock_aws
def test__describe_auto_scaling_groups__(self):
# Generate AutoScaling Client
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)

16
tests/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import client
from mock import patch
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from prowler.providers.aws.services.awslambda.awslambda_service import Function
from tests.providers.aws.audit_info_utils import (
@@ -27,7 +27,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients,
)
class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
@mock_cloudtrail
@mock_aws
def test_no_functions(self):
lambda_client = mock.MagicMock
lambda_client.functions = {}
@@ -58,8 +58,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_lambda_not_recorded_by_cloudtrail(self):
# Lambda Client
lambda_client = mock.MagicMock
@@ -121,8 +120,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
)
assert result[0].resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_lambda_recorded_by_cloudtrail_classic_event_selector(self):
# Lambda Client
lambda_client = mock.MagicMock
@@ -196,8 +194,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
)
assert result[0].resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_lambda_recorded_by_cloudtrail_advanced_event_selector(self):
# Lambda Client
lambda_client = mock.MagicMock
@@ -274,8 +271,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
)
assert result[0].resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_all_lambdas_recorded_by_cloudtrail(self):
# Lambda Client
lambda_client = mock.MagicMock

6
tests/providers/aws/services/awslambda/awslambda_service_test.py
View File

@@ -7,7 +7,7 @@ from unittest.mock import patch
import mock
from boto3 import client, resource
from moto import mock_iam, mock_lambda, mock_s3
from moto import mock_aws
from prowler.providers.aws.services.awslambda.awslambda_service import AuthType, Lambda
from tests.providers.aws.audit_info_utils import (
@@ -85,9 +85,7 @@ class Test_Lambda_Service:
awslambda = Lambda(set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]))
assert awslambda.service == "lambda"
@mock_lambda
@mock_iam
@mock_s3
@mock_aws
def test__list_functions__(self):
# Create IAM Lambda Role
iam_client = client("iam", region_name=AWS_REGION_EU_WEST_1)

10
tests/providers/aws/services/cloudformation/cloudformation_service_test.py
View File

@@ -5,7 +5,7 @@ from unittest.mock import patch
import boto3
import botocore
from dateutil.tz import tzutc
from moto import mock_cloudformation
from moto import mock_aws
from prowler.providers.aws.services.cloudformation.cloudformation_service import (
CloudFormation,
@@ -135,7 +135,7 @@ def mock_generate_regional_clients(service, audit_info):
)
class Test_CloudFormation_Service:
# Test CloudFormation Client
@mock_cloudformation
@mock_aws
def test__get_client__(self):
cloudformation = CloudFormation(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
@@ -146,7 +146,7 @@ class Test_CloudFormation_Service:
)
# Test CloudFormation Service
@mock_cloudformation
@mock_aws
def test__get_service__(self):
cloudformation = CloudFormation(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
@@ -157,14 +157,14 @@ class Test_CloudFormation_Service:
)
# Test CloudFormation Session
@mock_cloudformation
@mock_aws
def test__get_session__(self):
cloudformation = CloudFormation(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
)
assert cloudformation.session.__class__.__name__ == "Session"
@mock_cloudformation
@mock_aws
def test__describe_stacks__(self):
cloudformation_client = boto3.client(
"cloudformation", region_name=AWS_REGION_EU_WEST_1

12
tests/providers/aws/services/cloudfront/cloudfront_service_test.py
View File

@@ -2,7 +2,7 @@ from unittest.mock import patch
import botocore
from boto3 import client
from moto import mock_cloudfront
from moto import mock_aws
from prowler.providers.aws.services.cloudfront.cloudfront_service import (
CloudFront,
@@ -151,30 +151,30 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_CloudFront_Service:
# Test CloudFront Client
@mock_cloudfront
@mock_aws
def test__get_client__(self):
cloudfront = CloudFront(set_mocked_aws_audit_info())
assert cloudfront.client.__class__.__name__ == "CloudFront"
# Test CloudFront Session
@mock_cloudfront
@mock_aws
def test__get_session__(self):
cloudfront = CloudFront(set_mocked_aws_audit_info())
assert cloudfront.session.__class__.__name__ == "Session"
# Test CloudFront Service
@mock_cloudfront
@mock_aws
def test__get_service__(self):
cloudfront = CloudFront(set_mocked_aws_audit_info())
assert cloudfront.service == "cloudfront"
@mock_cloudfront
@mock_aws
def test__list_distributions__zero(self):
cloudfront = CloudFront(set_mocked_aws_audit_info())
assert len(cloudfront.distributions) == 0
@mock_cloudfront
@mock_aws
def test__list_distributions__complete(self):
cloudfront_client = client("cloudfront")
config = example_distribution_config("ref")

18
tests/providers/aws/services/cloudtrail/cloudtrail_bucket_requires_mfa_delete/cloudtrail_bucket_requires_mfa_delete_test.py
View File

@@ -3,7 +3,7 @@ from unittest.mock import patch
import botocore
from boto3 import client
from moto import mock_cloudtrail, mock_iam, mock_s3
from moto import mock_aws
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail
from prowler.providers.aws.services.s3.s3_service import S3
@@ -18,7 +18,7 @@ make_api_call = botocore.client.BaseClient._make_api_call
class Test_cloudtrail_bucket_requires_mfa_delete:
@mock_cloudtrail
@mock_aws
def test_no_trails(self):
current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -40,8 +40,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
result = check.execute()
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trails_with_no_mfa_bucket(self):
current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -99,9 +98,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
return {"MFADelete": "Enabled", "Status": "Enabled"}
return make_api_call(self, operation_name, kwarg)
@mock_cloudtrail
@mock_s3
@mock_iam
@mock_aws
# Patch with mock_make_api_call_getbucketversioning_mfadelete_enabled:
@patch(
"botocore.client.BaseClient._make_api_call",
@@ -153,8 +150,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
assert result[0].resource_arn == trail_us["TrailARN"]
assert result[0].resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trails_with_no_mfa_bucket_cross(self):
current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -204,9 +200,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
assert result[0].resource_arn == trail_us["TrailARN"]
assert result[0].resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_iam
@mock_aws
# Patch with mock_make_api_call_getbucketversioning_mfadelete_enabled:
@patch(
"botocore.client.BaseClient._make_api_call",

14
tests/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py
View File

@@ -3,7 +3,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -13,8 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_cloudwatch_logging_enabled:
@mock_cloudtrail
@mock_s3
@mock_aws
def test_no_trails(self):
current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -41,8 +40,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
result = check.execute()
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trails_sending_logs_during_and_not_last_day(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -129,8 +127,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
assert report.resource_tags == []
assert report.region == AWS_REGION_EU_WEST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_multi_region_and_single_region_logging_and_not(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -218,8 +215,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
)
assert report.resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trails_sending_and_not_sending_logs(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

10
tests/providers/aws/services/cloudtrail/cloudtrail_insights_exist/cloudtrail_insights_exist_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_insights_exist:
@mock_cloudtrail
@mock_aws
def test_no_trails(self):
current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -35,8 +35,7 @@ class Test_cloudtrail_insights_exist:
result = check.execute()
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trails_with_no_insight_selector(self):
current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -81,8 +80,7 @@ class Test_cloudtrail_insights_exist:
assert result[0].resource_arn == trail_us["TrailARN"]
assert result[0].resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trails_with_insight_selector(self):
current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]

12
tests/providers/aws/services/cloudtrail/cloudtrail_kms_encryption_enabled/cloudtrail_kms_encryption_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_kms, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_kms_encryption_enabled:
@mock_cloudtrail
@mock_s3
@mock_aws
def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -38,8 +37,7 @@ class Test_cloudtrail_kms_encryption_enabled:
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_no_kms(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -84,9 +82,7 @@ class Test_cloudtrail_kms_encryption_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_kms
@mock_aws
def test_trail_kms(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

11
tests/providers/aws/services/cloudtrail/cloudtrail_log_file_validation_enabled/cloudtrail_log_file_validation_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_log_file_validation_enabled:
@mock_cloudtrail
@mock_s3
@mock_aws
def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -38,8 +37,7 @@ class Test_cloudtrail_log_file_validation_enabled:
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_no_logging_validation(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -80,8 +78,7 @@ class Test_cloudtrail_log_file_validation_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_various_trails_with_and_without_logging_validation(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

14
tests/providers/aws/services/cloudtrail/cloudtrail_logs_s3_bucket_access_logging_enabled/cloudtrail_logs_s3_bucket_access_logging_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
@mock_cloudtrail
@mock_s3
@mock_aws
def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -44,8 +43,7 @@ class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_bucket_not_logging(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -96,8 +94,7 @@ class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_bucket_logging(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -168,8 +165,7 @@ class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_bucket_cross_account(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

17
tests/providers/aws/services/cloudtrail/cloudtrail_logs_s3_bucket_is_not_publicly_accessible/cloudtrail_logs_s3_bucket_is_not_publicly_accessible_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
@mock_cloudtrail
@mock_s3
@mock_aws
def test_not_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -44,8 +43,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_bucket_no_acl(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -95,8 +93,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_bucket_public_acl(self):
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
bucket_name_us = "bucket_test_us"
@@ -164,8 +161,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_bucket_not_public_acl(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -232,8 +228,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_bucket_cross_account(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)

13
tests/providers/aws/services/cloudtrail/cloudtrail_multi_region_enabled/cloudtrail_multi_region_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_multi_region_enabled:
@mock_cloudtrail
@mock_aws
def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -65,8 +65,7 @@ class Test_cloudtrail_multi_region_enabled:
)
assert report.resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_various_trails_no_logging(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -142,8 +141,7 @@ class Test_cloudtrail_multi_region_enabled:
)
assert report.resource_tags == []
@mock_cloudtrail
@mock_s3
@mock_aws
def test_various_trails_with_and_without_logging(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -220,8 +218,7 @@ class Test_cloudtrail_multi_region_enabled:
assert report.resource_tags == []
assert report.region == AWS_REGION_EU_WEST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_multiregion_logging_and_single_region_not_logging(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

16
tests/providers/aws/services/cloudtrail/cloudtrail_multi_region_enabled_logging_management_events/cloudtrail_multi_region_enabled_logging_management_events_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_multi_region_enabled_logging_management_events:
@mock_cloudtrail
@mock_aws
def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -45,8 +45,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== "No trail found with multi-region enabled and logging management events."
)
@mock_cloudtrail
@mock_s3
@mock_aws
def test_compliant_trail_advanced_event_selector(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -102,8 +101,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== f"Trail {trail_name_us} from home region {AWS_REGION_US_EAST_1} is multi-region, is logging and have management events enabled."
)
@mock_cloudtrail
@mock_s3
@mock_aws
def test_non_compliant_trail_advanced_event_selector(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -159,8 +157,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== "No trail found with multi-region enabled and logging management events."
)
@mock_cloudtrail
@mock_s3
@mock_aws
def test_compliant_trail_classic_event_selector(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -215,8 +212,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== f"Trail {trail_name_us} from home region {AWS_REGION_US_EAST_1} is multi-region, is logging and have management events enabled."
)
@mock_cloudtrail
@mock_s3
@mock_aws
def test_non_compliant_trail_classic_event_selector(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

23
tests/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_read_enabled/cloudtrail_s3_dataevents_read_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -11,8 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_s3_dataevents_read_enabled:
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -61,8 +60,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_data_events_ignoring(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -92,8 +90,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_data_events_ignoring_with_buckets(self):
s3_client_us_east_1 = client("s3", region_name=AWS_REGION_US_EAST_1)
bucket_name_us = "bucket_test_us"
@@ -136,8 +133,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_s3_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -198,8 +194,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_with_s3_classic_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -260,8 +255,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_with_s3_advanced_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -322,8 +316,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_with_s3_three_colons(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

23
tests/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_write_enabled/cloudtrail_s3_dataevents_write_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -11,8 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_s3_dataevents_write_enabled:
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -61,8 +60,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_s3_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -123,8 +121,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_s3_data_events_ignoring(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -154,8 +151,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert len(result) == 0
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_without_s3_data_events_ignoring_with_buckets(self):
s3_client_us_east_1 = client("s3", region_name=AWS_REGION_US_EAST_1)
bucket_name_us = "bucket_test_us"
@@ -197,8 +193,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_with_s3_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -259,8 +254,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_with_s3_advanced_data_events(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -320,8 +314,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail
@mock_s3
@mock_aws
def test_trail_with_s3_three_colons(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

22
tests/providers/aws/services/cloudtrail/cloudtrail_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client
from moto import mock_cloudtrail, mock_s3
from moto import mock_aws
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Cloudtrail_Service:
# Test Cloudtrail Service
@mock_cloudtrail
@mock_aws
def test_service(self):
audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -21,7 +21,7 @@ class Test_Cloudtrail_Service:
assert cloudtrail.service == "cloudtrail"
# Test Cloudtrail client
@mock_cloudtrail
@mock_aws
def test_client(self):
audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -31,7 +31,7 @@ class Test_Cloudtrail_Service:
assert regional_client.__class__.__name__ == "CloudTrail"
# Test Cloudtrail session
@mock_cloudtrail
@mock_aws
def test__get_session__(self):
audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -40,7 +40,7 @@ class Test_Cloudtrail_Service:
assert cloudtrail.session.__class__.__name__ == "Session"
# Test Cloudtrail Session
@mock_cloudtrail
@mock_aws
def test_audited_account(self):
audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -48,8 +48,7 @@ class Test_Cloudtrail_Service:
cloudtrail = Cloudtrail(audit_info)
assert cloudtrail.audited_account == AWS_ACCOUNT_NUMBER
@mock_cloudtrail
@mock_s3
@mock_aws
def test_describe_trails(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -112,8 +111,7 @@ class Test_Cloudtrail_Service:
{"Key": "test", "Value": "test"},
]
@mock_cloudtrail
@mock_s3
@mock_aws
def test_status_trails(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -158,8 +156,7 @@ class Test_Cloudtrail_Service:
assert not trail.latest_cloudwatch_delivery_time
assert trail.s3_bucket == bucket_name_us
@mock_cloudtrail
@mock_s3
@mock_aws
def test_get_classic_event_selectors(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -207,8 +204,7 @@ class Test_Cloudtrail_Service:
)
assert not trail.data_events[0].is_advanced
@mock_cloudtrail
@mock_s3
@mock_aws
def test_get_advanced_event_selectors(self):
cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_acls_alarm_configured/cloudwatch_changes_to_network_acls_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_network_acls_alarm_configured:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_gateways_alarm_configured/cloudwatch_changes_to_network_gateways_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_route_tables_alarm_configured/cloudwatch_changes_to_network_route_tables_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_vpcs_alarm_configured/cloudwatch_changes_to_vpcs_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_vpcs_alarm_configured:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/cloudwatch/cloudwatch_cross_account_sharing_disabled/cloudwatch_cross_account_sharing_disabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_iam
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_cross_account_sharing_disabled:
@mock_iam
@mock_aws
def test_cloudwatch_without_cross_account_role(self):
from prowler.providers.aws.services.iam.iam_service import IAM
@@ -53,7 +53,7 @@ class Test_cloudwatch_cross_account_sharing_disabled:
)
assert result[0].resource_id == AWS_ACCOUNT_NUMBER
@mock_iam
@mock_aws
def test_cloudwatch_log_group_with_cross_account_role(self):
# Generate Logs Client
iam_client = client("iam", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/cloudwatch/cloudwatch_log_group_kms_encryption_enabled/cloudwatch_log_group_kms_encryption_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_logs
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -45,7 +45,7 @@ class Test_cloudwatch_log_group_kms_encryption_enabled:
assert len(result) == 0
@mock_logs
@mock_aws
def test_cloudwatch_log_group_without_kms_key(self):
# Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -93,7 +93,7 @@ class Test_cloudwatch_log_group_kms_encryption_enabled:
)
assert result[0].resource_id == "test"
@mock_logs
@mock_aws
def test_cloudwatch_log_group_with_kms_key(self):
# Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/cloudwatch/cloudwatch_log_group_no_secrets_in_logs/cloudwatch_log_group_no_secrets_in_logs_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_logs
from moto import mock_aws
from moto.core.utils import unix_time_millis
from tests.providers.aws.audit_info_utils import (
@@ -47,7 +47,7 @@ class Test_cloudwatch_log_group_no_secrets_in_logs:
assert len(result) == 0
@mock_logs
@mock_aws
def test_cloudwatch_log_group_without_secrets(self):
# Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -100,7 +100,7 @@ class Test_cloudwatch_log_group_no_secrets_in_logs:
assert result[0].status_extended == "No secrets found in test log group."
assert result[0].resource_id == "test"
@mock_logs
@mock_aws
def test_cloudwatch_log_group_with_secrets(self):
# Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/cloudwatch/cloudwatch_log_group_retention_policy_specific_days_enabled/cloudwatch_log_group_retention_policy_specific_days_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_logs
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -47,7 +47,7 @@ class Test_cloudwatch_log_group_retention_policy_specific_days_enabled:
assert len(result) == 0
@mock_logs
@mock_aws
def test_cloudwatch_log_group_without_retention_days_never_expires(self):
# Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -100,7 +100,7 @@ class Test_cloudwatch_log_group_retention_policy_specific_days_enabled:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_aws
def test_cloudwatch_log_group_with_compliant_retention_days(self):
# Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -154,7 +154,7 @@ class Test_cloudwatch_log_group_retention_policy_specific_days_enabled:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_aws
def test_cloudwatch_log_group_with_no_compliant_retention_days(self):
# Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -72,10 +70,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -137,10 +132,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -208,10 +200,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -294,10 +283,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -392,10 +378,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -490,10 +473,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -72,10 +70,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -137,10 +132,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -208,10 +200,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -294,10 +283,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -392,10 +378,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -490,10 +473,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_authentication_failures/cloudwatch_log_metric_filter_authentication_failures_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_authentication_failures:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_aws_organizations_changes/cloudwatch_log_metric_filter_aws_organizations_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk/cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -72,10 +70,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -137,10 +132,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -208,10 +200,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -294,10 +283,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -392,10 +378,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -490,10 +473,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_policy_changes/cloudwatch_log_metric_filter_policy_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_root_usage/cloudwatch_log_metric_filter_root_usage_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_root_usage:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_security_group_changes/cloudwatch_log_metric_filter_security_group_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_sign_in_without_mfa/cloudwatch_log_metric_filter_sign_in_without_mfa_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_unauthorized_api_calls/cloudwatch_log_metric_filter_unauthorized_api_calls_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_aws
def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
)
assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
@mock_aws
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

26
tests/providers/aws/services/cloudwatch/cloudwatch_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client
from moto import mock_cloudwatch, mock_logs
from moto import mock_aws
from prowler.providers.aws.services.cloudwatch.cloudwatch_service import (
CloudWatch,
@@ -14,7 +14,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_CloudWatch_Service:
# Test CloudWatch Service
@mock_cloudwatch
@mock_aws
def test_service(self):
# CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -24,7 +24,7 @@ class Test_CloudWatch_Service:
assert cloudwatch.service == "cloudwatch"
# Test CloudWatch Client
@mock_cloudwatch
@mock_aws
def test_client(self):
# CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -35,7 +35,7 @@ class Test_CloudWatch_Service:
assert client_.__class__.__name__ == "CloudWatch"
# Test CloudWatch Session
@mock_cloudwatch
@mock_aws
def test__get_session__(self):
# CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -45,7 +45,7 @@ class Test_CloudWatch_Service:
assert cloudwatch.session.__class__.__name__ == "Session"
# Test CloudWatch Session
@mock_cloudwatch
@mock_aws
def test_audited_account(self):
# CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -55,7 +55,7 @@ class Test_CloudWatch_Service:
assert cloudwatch.audited_account == AWS_ACCOUNT_NUMBER
# Test Logs Service
@mock_logs
@mock_aws
def test_logs_service(self):
# Logs client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -65,7 +65,7 @@ class Test_CloudWatch_Service:
assert logs.service == "logs"
# Test Logs Client
@mock_logs
@mock_aws
def test_logs_client(self):
# Logs client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -76,7 +76,7 @@ class Test_CloudWatch_Service:
assert client_.__class__.__name__ == "CloudWatchLogs"
# Test Logs Session
@mock_logs
@mock_aws
def test__logs_get_session__(self):
# Logs client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -86,7 +86,7 @@ class Test_CloudWatch_Service:
assert logs.session.__class__.__name__ == "Session"
# Test Logs Session
@mock_logs
@mock_aws
def test_logs_audited_account(self):
# Logs client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -96,7 +96,7 @@ class Test_CloudWatch_Service:
assert logs.audited_account == AWS_ACCOUNT_NUMBER
# Test CloudWatch Alarms
@mock_cloudwatch
@mock_aws
def test__describe_alarms__(self):
# CloudWatch client for this test class
cw_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -135,7 +135,7 @@ class Test_CloudWatch_Service:
]
# Test Logs Filters
@mock_logs
@mock_aws
def test__describe_metric_filters__(self):
# Logs client for this test class
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -163,7 +163,7 @@ class Test_CloudWatch_Service:
assert logs.metric_filters[0].region == AWS_REGION_US_EAST_1
# Test Logs Filters
@mock_logs
@mock_aws
def test__describe_log_groups__(self):
# Logs client for this test class
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -193,7 +193,7 @@ class Test_CloudWatch_Service:
{"tag_key_1": "tag_value_1", "tag_key_2": "tag_value_2"}
]
@mock_logs
@mock_aws
def test__describe_log_groups__never_expire(self):
# Logs client for this test class
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

16
tests/providers/aws/services/cognito/cognito_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client
from moto import mock_cognitoidp
from moto import mock_aws
from prowler.providers.aws.services.cognito.cognito_service import CognitoIDP
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Cognito_Service:
# Test Cognito Service
@mock_cognitoidp
@mock_aws
def test_service(self):
audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -21,7 +21,7 @@ class Test_Cognito_Service:
assert cognito.service == "cognito-idp"
# Test Cognito client
@mock_cognitoidp
@mock_aws
def test_client(self):
audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -31,7 +31,7 @@ class Test_Cognito_Service:
assert regional_client.__class__.__name__ == "CognitoIdentityProvider"
# Test Cognito session
@mock_cognitoidp
@mock_aws
def test__get_session__(self):
audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -40,7 +40,7 @@ class Test_Cognito_Service:
assert cognito.session.__class__.__name__ == "Session"
# Test Cognito Session
@mock_cognitoidp
@mock_aws
def test_audited_account(self):
audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -48,7 +48,7 @@ class Test_Cognito_Service:
cognito = CognitoIDP(audit_info)
assert cognito.audited_account == AWS_ACCOUNT_NUMBER
@mock_cognitoidp
@mock_aws
def test_list_user_pools(self):
user_pool_name_1 = "user_pool_test_1"
user_pool_name_2 = "user_pool_test_2"
@@ -67,7 +67,7 @@ class Test_Cognito_Service:
)
assert user_pool.region == "eu-west-1" or user_pool.region == "us-east-1"
@mock_cognitoidp
@mock_aws
def test_describe_user_pools(self):
user_pool_name_1 = "user_pool_test_1"
audit_info = set_mocked_aws_audit_info(
@@ -88,7 +88,7 @@ class Test_Cognito_Service:
assert user_pool.advanced_security_mode is not None
assert user_pool.tags is not None
@mock_cognitoidp
@mock_aws
def test_get_user_pool_mfa_config(self):
user_pool_name_1 = "user_pool_test_1"
audit_info = set_mocked_aws_audit_info(

10
tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_config
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN,
@@ -14,7 +14,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_config_recorder_all_regions_enabled:
@mock_config
@mock_aws
def test_config_no_recorders(self):
from prowler.providers.aws.services.config.config_service import Config
@@ -48,7 +48,7 @@ class Test_config_recorder_all_regions_enabled:
assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].resource_id == AWS_ACCOUNT_NUMBER
@mock_config
@mock_aws
def test_config_one_recoder_disabled(self):
# Create Config Mocked Resources
config_client = client("config", region_name=AWS_REGION_US_EAST_1)
@@ -87,7 +87,7 @@ class Test_config_recorder_all_regions_enabled:
assert recorder.resource_arn == AWS_ACCOUNT_ARN
assert recorder.region == AWS_REGION_US_EAST_1
@mock_config
@mock_aws
def test_config_one_recoder_enabled(self):
# Create Config Mocked Resources
config_client = client("config", region_name=AWS_REGION_US_EAST_1)
@@ -131,7 +131,7 @@ class Test_config_recorder_all_regions_enabled:
assert recorder.resource_arn == AWS_ACCOUNT_ARN
assert recorder.region == AWS_REGION_US_EAST_1
@mock_config
@mock_aws
def test_config_one_recorder_disabled_allowlisted(self):
# Create Config Mocked Resources
config_client = client("config", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/config/config_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client
from moto import mock_config
from moto import mock_aws
from prowler.providers.aws.services.config.config_service import Config
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Config_Service:
# Test Config Service
@mock_config
@mock_aws
def test_service(self):
# Config client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -22,7 +22,7 @@ class Test_Config_Service:
assert config.service == "config"
# Test Config Client
@mock_config
@mock_aws
def test_client(self):
# Config client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -33,7 +33,7 @@ class Test_Config_Service:
assert regional_client.__class__.__name__ == "ConfigService"
# Test Config Session
@mock_config
@mock_aws
def test__get_session__(self):
# Config client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -43,7 +43,7 @@ class Test_Config_Service:
assert config.session.__class__.__name__ == "Session"
# Test Config Session
@mock_config
@mock_aws
def test_audited_account(self):
# Config client for this test class
audit_info = set_mocked_aws_audit_info(
@@ -53,7 +53,7 @@ class Test_Config_Service:
assert config.audited_account == AWS_ACCOUNT_NUMBER
# Test Config Get Rest APIs
@mock_config
@mock_aws
def test__describe_configuration_recorder_status__(self):
# Generate Config Client
config_client = client("config", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/directoryservice/directoryservice_service_test.py
View File

@@ -2,7 +2,7 @@ from datetime import datetime
from unittest.mock import patch
import botocore
from moto import mock_ds
from moto import mock_aws
from prowler.providers.aws.services.directoryservice.directoryservice_service import (
AuthenticationProtocol,
@@ -119,7 +119,7 @@ def mock_generate_regional_clients(service, audit_info):
)
class Test_DirectoryService_Service:
# Test DirectoryService Client
@mock_ds
@mock_aws
def test__get_client__(self):
directoryservice = DirectoryService(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1])
@@ -130,7 +130,7 @@ class Test_DirectoryService_Service:
)
# Test DirectoryService Session
@mock_ds
@mock_aws
def test__get_session__(self):
directoryservice = DirectoryService(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1])
@@ -138,14 +138,14 @@ class Test_DirectoryService_Service:
assert directoryservice.session.__class__.__name__ == "Session"
# Test DirectoryService Service
@mock_ds
@mock_aws
def test__get_service__(self):
directoryservice = DirectoryService(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1])
)
assert directoryservice.service == "ds"
@mock_ds
@mock_aws
def test__describe_directories__(self):
# Set partition for the service
directoryservice = DirectoryService(

10
tests/providers/aws/services/dlm/dlm_ebs_snapshot_lifecycle_policy_exists/dlm_ebs_snapshot_lifecycle_policy_exists_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.dlm.dlm_service import LifecyclePolicy
from tests.providers.aws.audit_info_utils import (
@@ -15,7 +15,7 @@ LIFECYCLE_POLICY_ID = "policy-XXXXXXXXXXXX"
class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
@mock_ec2
@mock_aws
def test_no_ebs_snapshot_no_lifecycle_policies(self):
# DLM Mock Client
dlm_client = mock.MagicMock
@@ -48,7 +48,7 @@ class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
result = check.execute()
assert len(result) == 0
@mock_ec2
@mock_aws
def test_one_ebs_snapshot_and_dlm_lifecycle_policy(self):
# Generate EC2 Client
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -113,7 +113,7 @@ class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
assert result[0].resource_id == AWS_ACCOUNT_NUMBER
assert result[0].resource_arn == AWS_ACCOUNT_ARN
@mock_ec2
@mock_aws
def test_one_ebs_snapshot_and_no_dlm_lifecycle_policy(self):
# Generate EC2 Client
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -166,7 +166,7 @@ class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
result = check.execute()
assert len(result) == 0
@mock_ec2
@mock_aws
def test_no_ebs_snapshot_and_dlm_lifecycle_policy(self):
# DLM Mock Client
dlm_client = mock.MagicMock

8
tests/providers/aws/services/dynamodb/dynamodb_accelerator_cluster_encryption_enabled/dynamodb_accelerator_cluster_encryption_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_dax
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_dynamodb_accelerator_cluster_encryption_enabled:
@mock_dax
@mock_aws
def test_dax_no_clusters(self):
from prowler.providers.aws.services.dynamodb.dynamodb_service import DAX
@@ -38,7 +38,7 @@ class Test_dynamodb_accelerator_cluster_encryption_enabled:
assert len(result) == 0
@mock_dax
@mock_aws
def test_dax_cluster_no_encryption(self):
dax_client = client("dax", region_name=AWS_REGION_US_EAST_1)
iam_role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/aws-service-role/dax.amazonaws.com/AWSServiceRoleForDAX"
@@ -80,7 +80,7 @@ class Test_dynamodb_accelerator_cluster_encryption_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == []
@mock_dax
@mock_aws
def test_dax_cluster_with_encryption(self):
dax_client = client("dax", region_name=AWS_REGION_US_EAST_1)
iam_role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/aws-service-role/dax.amazonaws.com/AWSServiceRoleForDAX"

18
tests/providers/aws/services/dynamodb/dynamodb_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client
from moto import mock_dax, mock_dynamodb
from moto import mock_aws
from prowler.providers.aws.services.dynamodb.dynamodb_service import DAX, DynamoDB
from tests.providers.aws.audit_info_utils import (
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_DynamoDB_Service:
# Test Dynamo Service
@mock_dynamodb
@mock_aws
def test_service(self):
# Dynamo client for this test class
audit_info = set_mocked_aws_audit_info()
@@ -19,7 +19,7 @@ class Test_DynamoDB_Service:
assert dynamodb.service == "dynamodb"
# Test Dynamo Client
@mock_dynamodb
@mock_aws
def test_client(self):
# Dynamo client for this test class
audit_info = set_mocked_aws_audit_info()
@@ -28,7 +28,7 @@ class Test_DynamoDB_Service:
assert regional_client.__class__.__name__ == "DynamoDB"
# Test Dynamo Session
@mock_dynamodb
@mock_aws
def test__get_session__(self):
# Dynamo client for this test class
audit_info = set_mocked_aws_audit_info()
@@ -36,7 +36,7 @@ class Test_DynamoDB_Service:
assert dynamodb.session.__class__.__name__ == "Session"
# Test Dynamo Session
@mock_dynamodb
@mock_aws
def test_audited_account(self):
# Dynamo client for this test class
audit_info = set_mocked_aws_audit_info()
@@ -44,7 +44,7 @@ class Test_DynamoDB_Service:
assert dynamodb.audited_account == AWS_ACCOUNT_NUMBER
# Test DynamoDB List Tables
@mock_dynamodb
@mock_aws
def test__list_tables__(self):
# Generate DynamoDB Client
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
@@ -83,7 +83,7 @@ class Test_DynamoDB_Service:
assert dynamo.tables[1].region == AWS_REGION_US_EAST_1
# Test DynamoDB Describe Table
@mock_dynamodb
@mock_aws
def test__describe_table__(self):
# Generate DynamoDB Client
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
@@ -115,7 +115,7 @@ class Test_DynamoDB_Service:
]
# Test DynamoDB Describe Continuous Backups
@mock_dynamodb
@mock_aws
def test__describe_continuous_backups__(self):
# Generate DynamoDB Client
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
@@ -146,7 +146,7 @@ class Test_DynamoDB_Service:
assert dynamo.tables[0].region == AWS_REGION_US_EAST_1
# Test DAX Describe Clusters
@mock_dax
@mock_aws
def test__describe_clusters__(self):
# Generate DAX Client
dax_client = client("dax", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/dynamodb/dynamodb_tables_kms_cmk_encryption_enabled/dynamodb_tables_kms_cmk_encryption_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_dynamodb
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_dynamodb_tables_kms_cmk_encryption_enabled:
@mock_dynamodb
@mock_aws
def test_dynamodb_no_tables(self):
from prowler.providers.aws.services.dynamodb.dynamodb_service import DynamoDB
@@ -37,7 +37,7 @@ class Test_dynamodb_tables_kms_cmk_encryption_enabled:
assert len(result) == 0
@mock_dynamodb
@mock_aws
def test_dynamodb_table_kms_encryption(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table(
@@ -82,7 +82,7 @@ class Test_dynamodb_tables_kms_cmk_encryption_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == []
@mock_dynamodb
@mock_aws
def test_dynamodb_table_default_encryption(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table(

8
tests/providers/aws/services/dynamodb/dynamodb_tables_pitr_enabled/dynamodb_tables_pitr_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client
from moto import mock_dynamodb
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_dynamodb_tables_pitr_enabled:
@mock_dynamodb
@mock_aws
def test_dynamodb_no_tables(self):
from prowler.providers.aws.services.dynamodb.dynamodb_service import DynamoDB
@@ -37,7 +37,7 @@ class Test_dynamodb_tables_pitr_enabled:
assert len(result) == 0
@mock_dynamodb
@mock_aws
def test_dynamodb_table_no_pitr(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table(
@@ -84,7 +84,7 @@ class Test_dynamodb_tables_pitr_enabled:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == []
@mock_dynamodb
@mock_aws
def test_dynamodb_table_with_pitr(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table(

8
tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -13,7 +13,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_ami_public:
@mock_ec2
@mock_aws
def test_no_amis(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -38,7 +38,7 @@ class Test_ec2_ami_public:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_one_private_ami(self):
ec2 = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -81,7 +81,7 @@ class Test_ec2_ami_public:
assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == []
@mock_ec2
@mock_aws
def test_one_public_ami(self):
ec2 = client("ec2", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_ebs_default_encryption:
@mock_ec2
@mock_aws
def test_ec2_ebs_encryption_enabled(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -54,7 +54,7 @@ class Test_ec2_ebs_default_encryption:
result.resource_arn == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root"
)
@mock_ec2
@mock_aws
def test_ec2_ebs_encryption_disabled(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -86,7 +86,7 @@ class Test_ec2_ebs_default_encryption:
assert result[0].resource_id == AWS_ACCOUNT_NUMBER
assert result[0].resource_arn == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root"
@mock_ec2
@mock_aws
def test_ec2_ebs_encryption_disabled_ignored(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -113,7 +113,7 @@ class Test_ec2_ebs_default_encryption:
# One result per region
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_ebs_encryption_disabled_ignoring_with_volumes(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import client, resource
from mock import patch
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -24,7 +24,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients,
)
class Test_ec2_ebs_public_snapshot:
@mock_ec2
@mock_aws
def test_ec2_default_snapshots(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -50,7 +50,7 @@ class Test_ec2_ebs_public_snapshot:
# Default snapshots
assert len(result) == 561
@mock_ec2
@mock_aws
def test_ec2_public_snapshot(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -102,7 +102,7 @@ class Test_ec2_ebs_public_snapshot:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:snapshot/{snapshot.id}"
)
@mock_ec2
@mock_aws
def test_ec2_private_snapshot(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import resource
from mock import patch
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -24,7 +24,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients,
)
class Test_ec2_ebs_snapshots_encrypted:
@mock_ec2
@mock_aws
def test_ec2_default_snapshots(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -50,7 +50,7 @@ class Test_ec2_ebs_snapshots_encrypted:
# Default snapshots
assert len(result) == 561
@mock_ec2
@mock_aws
def test_ec2_unencrypted_snapshot(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -95,7 +95,7 @@ class Test_ec2_ebs_snapshots_encrypted:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:snapshot/{snapshot.id}"
)
@mock_ec2
@mock_aws
def test_ec2_encrypted_snapshot(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_ebs_volume_encryption:
@mock_ec2
@mock_aws
def test_ec2_no_volumes(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -36,7 +36,7 @@ class Test_ec2_ebs_volume_encryption:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_unencrypted_volume(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -77,7 +77,7 @@ class Test_ec2_ebs_volume_encryption:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:volume/{volume.id}"
)
@mock_ec2
@mock_aws
def test_ec2_encrypted_volume(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/ec2/ec2_ebs_volume_snapshots_exists/ec2_ebs_volume_snapshots_exists_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import resource
from mock import patch
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -26,7 +26,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients,
)
class Test_ec2_ebs_volume_snapshots_exists:
@mock_ec2
@mock_aws
def test_no_volumes(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -51,7 +51,7 @@ class Test_ec2_ebs_volume_snapshots_exists:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_volume_without_snapshots(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
volume = ec2.create_volume(Size=80, AvailabilityZone=AWS_REGION_US_EAST_1_AZA)
@@ -88,7 +88,7 @@ class Test_ec2_ebs_volume_snapshots_exists:
assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2
@mock_aws
def test_ec2_volume_with_snapshot(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -128,7 +128,7 @@ class Test_ec2_ebs_volume_snapshots_exists:
assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2
@mock_aws
def test_ec2_volume_with_and_without_snapshot(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_elastic_ip_shodan:
@mock_ec2
@mock_aws
def test_ec2_one_instances_no_public_ip(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1)
@@ -45,7 +45,7 @@ class Test_ec2_elastic_ip_shodan:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_one_unattached_eip(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1)
@@ -76,7 +76,7 @@ class Test_ec2_elastic_ip_shodan:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_one_attached_eip_no_shodan_api_key(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1)
@@ -114,7 +114,7 @@ class Test_ec2_elastic_ip_shodan:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_one_attached_eip_shodan_api_key(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_elastic_ip_unassigned/ec2_elastic_ip_unassigned_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_elastic_ip_unassigned:
@mock_ec2
@mock_aws
def test_no_eips(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,7 +39,7 @@ class Test_ec2_elastic_ip_unassigned:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_eip_unassociated(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -81,7 +81,7 @@ class Test_ec2_elastic_ip_unassigned:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:eip-allocation/{allocation_id}"
)
@mock_ec2
@mock_aws
def test_eip_associated(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_instance_detailed_monitoring_enabled/ec2_instance_detailed_monitoring_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -13,7 +13,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_detailed_monitoring_enabled:
@mock_ec2
@mock_aws
def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -38,7 +38,7 @@ class Test_ec2_instance_detailed_monitoring_enabled:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_instance_with_enhanced_monitoring_disabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(
@@ -83,7 +83,7 @@ class Test_ec2_instance_detailed_monitoring_enabled:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
)
@mock_ec2
@mock_aws
def test_instance_with_enhanced_monitoring_enabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(

10
tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_imdsv2_enabled:
@mock_ec2
@mock_aws
def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,7 +39,7 @@ class Test_ec2_instance_imdsv2_enabled:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_one_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(
@@ -90,7 +90,7 @@ class Test_ec2_instance_imdsv2_enabled:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
)
@mock_ec2
@mock_aws
def test_one_uncompliant_ec2_metadata_server_disabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(
@@ -141,7 +141,7 @@ class Test_ec2_instance_imdsv2_enabled:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
)
@mock_ec2
@mock_aws
def test_one_uncompliant_ec2_metadata_server_enabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(

10
tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2, mock_iam
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_internet_facing_with_instance_profile:
@mock_ec2
@mock_aws
def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,8 +39,7 @@ class Test_ec2_instance_internet_facing_with_instance_profile:
assert len(result) == 0
@mock_iam
@mock_ec2
@mock_aws
def test_one_compliant_ec2(self):
iam = client("iam", "us-west-1")
profile_name = "fake_profile"
@@ -97,8 +96,7 @@ class Test_ec2_instance_internet_facing_with_instance_profile:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
)
@mock_iam
@mock_ec2
@mock_aws
def test_one_non_compliant_ec2(self):
iam = client("iam", "us-west-1")
profile_name = "fake_profile"

8
tests/providers/aws/services/ec2/ec2_instance_managed_by_ssm/ec2_instance_managed_by_ssm_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.ssm.ssm_service import ManagedInstance
from tests.providers.aws.audit_info_utils import (
@@ -15,7 +15,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_managed_by_ssm_test:
@mock_ec2
@mock_aws
def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -49,7 +49,7 @@ class Test_ec2_instance_managed_by_ssm_test:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_instance_managed_by_ssm_non_compliance_instance(self):
ssm_client = mock.MagicMock
ssm_client.managed_instances = {}
@@ -102,7 +102,7 @@ class Test_ec2_instance_managed_by_ssm_test:
)
assert result[0].resource_id == instance.id
@mock_ec2
@mock_aws
def test_ec2_instance_managed_by_ssm_compliance_instance(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(

8
tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py
View File

@@ -4,7 +4,7 @@ from unittest import mock
from boto3 import resource
from dateutil.tz import tzutc
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -16,7 +16,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_older_than_specific_days:
@mock_ec2
@mock_aws
def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -42,7 +42,7 @@ class Test_ec2_instance_older_than_specific_days:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_one_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(
@@ -86,7 +86,7 @@ class Test_ec2_instance_older_than_specific_days:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
)
@mock_ec2
@mock_aws
def test_one_old_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(

9
tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2, mock_iam
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_profile_attached:
@mock_ec2
@mock_aws
def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,8 +39,7 @@ class Test_ec2_instance_profile_attached:
assert len(result) == 0
@mock_iam
@mock_ec2
@mock_aws
def test_one_compliant_ec2(self):
iam = client("iam", "us-west-1")
profile_name = "fake_profile"
@@ -98,7 +97,7 @@ class Test_ec2_instance_profile_attached:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
)
@mock_ec2
@mock_aws
def test_one_non_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16")

8
tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_public_ip:
@mock_ec2
@mock_aws
def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,7 +39,7 @@ class Test_ec2_instance_public_ip:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_one_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16")
@@ -91,7 +91,7 @@ class Test_ec2_instance_public_ip:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
)
@mock_ec2
@mock_aws
def test_one_ec2_with_public_ip(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16")

14
tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py
View File

@@ -3,7 +3,7 @@ from pathlib import Path
from unittest import mock
from boto3 import resource
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -18,7 +18,7 @@ FIXTURES_DIR_NAME = "fixtures"
class Test_ec2_instance_secrets_user_data:
@mock_ec2
@mock_aws
def test_no_ec2(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -43,7 +43,7 @@ class Test_ec2_instance_secrets_user_data:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_one_ec2_with_no_secrets(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(
@@ -87,7 +87,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2
@mock_aws
def test_one_ec2_with_secrets(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(
@@ -131,7 +131,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2
@mock_aws
def test_one_ec2_file_with_secrets(self):
# Include launch_configurations to check
f = open(
@@ -178,7 +178,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2
@mock_aws
def test_one_launch_configurations_without_user_data(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances(
@@ -219,7 +219,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2
@mock_aws
def test_one_ec2_file_with_secrets_gzip(self):
# Include launch_configurations to check
f = open(

14
tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_networkacl_allow_ingress_any_port:
@mock_ec2
@mock_aws
def test_ec2_default_nacls(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -37,7 +37,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
# One default nacl per region
assert len(result) == 2
@mock_ec2
@mock_aws
def test_ec2_non_default_compliant_nacl(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -72,7 +72,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
== f"Network ACL {result[0].resource_id} has every port open to the Internet."
)
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -127,7 +127,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
)
@mock_ec2
@mock_aws
def test_ec2_compliant_nacl(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -182,7 +182,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
)
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -223,7 +223,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl_ignoring_with_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_networkacl_allow_ingress_tcp_port_22:
@mock_ec2
@mock_aws
def test_ec2_default_nacls(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -37,7 +37,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
# One default nacl per region
assert len(result) == 2
@mock_ec2
@mock_aws
def test_ec2_non_default_compliant_nacl(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -72,7 +72,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
== f"Network ACL {result[0].resource_id} has SSH port 22 open to the Internet."
)
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -128,7 +128,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
)
@mock_ec2
@mock_aws
def test_ec2_compliant_nacl(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -184,7 +184,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
)
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -225,7 +225,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl_ignoring_with_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client
from moto import mock_ec2
from moto import mock_aws
from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
@mock_ec2
@mock_aws
def test_ec2_default_nacls(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -37,7 +37,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
# One default nacl per region
assert len(result) == 2
@mock_ec2
@mock_aws
def test_ec2_non_default_compliant_nacl(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -72,7 +72,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
== f"Network ACL {result[0].resource_id} has Microsoft RDP port 3389 open to the Internet."
)
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -128,7 +128,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
)
@mock_ec2
@mock_aws
def test_ec2_compliant_nacl(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -184,7 +184,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
)
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -225,7 +225,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_non_compliant_nacl_ignoring_with_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -52,7 +52,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -182,7 +182,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg_only_open_to_one_port(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -252,7 +252,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -288,7 +288,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -50,7 +50,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -118,7 +118,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -182,7 +182,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -215,7 +215,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -49,7 +49,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -82,7 +82,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -124,7 +124,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert result[0].status == "PASS"
assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -188,7 +188,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg_ipv4_and_ipv6(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -254,7 +254,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -289,7 +289,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client_us_east_1 = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -92,7 +92,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
assert res.resource_details == sg["GroupName"]
assert res.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client_us_east_1 = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -161,7 +161,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -229,7 +229,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -267,7 +267,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock
from boto3 import client, resource
from moto import mock_ec2
from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
@mock_ec2
@mock_aws
def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
assert result[1].status == "PASS"
assert result[2].status == "PASS"
@mock_ec2
@mock_aws
def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
assert sg.resource_details == default_sg_name
assert sg.resource_tags == []
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23:
assert len(result) == 0
@mock_ec2
@mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

Some files were not shown because too many files have changed in this diff Show More