ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

build(deps-dev): bump moto from 4.2.13 to 5.0.0 (#3329)

Browse Source 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
This commit is contained in:
dependabot[bot]
2024-02-05 12:06:16 +01:00
committed by GitHub
parent de77f3ff13
commit b23be4164f
229 changed files with 1291 additions and 1812 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
poetry.lock generated
View File

@@ -1643,19 +1643,19 @@ test = ["pytest", "pytest-cov"]
[[package]] [[package]]
name = "moto" name = "moto"
version = "4.2.13" version = "5.0.0"
description = "" description = ""
optional = false optional = false
python-versions = ">=3.7" python-versions = ">=3.8"
files = [ files = [
{file = "moto-4.2.13-py2.py3-none-any.whl", hash = "sha256:93e0fd13b624bd79115494f833308c3641b2be0fc9f4f18aa9264aa01f6168e0"}, {file = "moto-5.0.0-py2.py3-none-any.whl", hash = "sha256:1d01de681da1453335ec09ba43db521e577cbd58d25ddfb61e5965534b8be539"},
{file = "moto-4.2.13.tar.gz", hash = "sha256:01aef6a489a725c8d725bd3dc6f70ff1bedaee3e2641752e4b471ff0ede4b4d7"}, {file = "moto-5.0.0.tar.gz", hash = "sha256:4a94a147ee70e85e0842da8d1093728c66085165775d1d302f0f77538bf92b95"},
] ]
[package.dependencies] [package.dependencies]
aws-xray-sdk = {version = ">=0.93,<0.96 || >0.96", optional = true, markers = "extra == \"all\""} aws-xray-sdk = {version = ">=0.93,<0.96 || >0.96", optional = true, markers = "extra == \"all\""}
boto3 = ">=1.9.201" boto3 = ">=1.9.201"
botocore = ">=1.12.201" botocore = ">=1.14.0"
cfn-lint = {version = ">=0.40.0", optional = true, markers = "extra == \"all\""} cfn-lint = {version = ">=0.40.0", optional = true, markers = "extra == \"all\""}
cryptography = ">=3.3.1" cryptography = ">=3.3.1"
docker = {version = ">=3.0.0", optional = true, markers = "extra == \"all\""} docker = {version = ">=3.0.0", optional = true, markers = "extra == \"all\""}
@@ -1671,7 +1671,7 @@ python-dateutil = ">=2.1,<3.0.0"
python-jose = {version = ">=3.1.0,<4.0.0", extras = ["cryptography"], optional = true, markers = "extra == \"all\""} python-jose = {version = ">=3.1.0,<4.0.0", extras = ["cryptography"], optional = true, markers = "extra == \"all\""}
PyYAML = {version = ">=5.1", optional = true, markers = "extra == \"all\""} PyYAML = {version = ">=5.1", optional = true, markers = "extra == \"all\""}
requests = ">=2.5" requests = ">=2.5"
responses = ">=0.13.0" responses = ">=0.15.0"
setuptools = {version = "*", optional = true, markers = "extra == \"all\""} setuptools = {version = "*", optional = true, markers = "extra == \"all\""}
sshpubkeys = {version = ">=3.1.0", optional = true, markers = "extra == \"all\""} sshpubkeys = {version = ">=3.1.0", optional = true, markers = "extra == \"all\""}
werkzeug = ">=0.5,<2.2.0 || >2.2.0,<2.2.1 || >2.2.1" werkzeug = ">=0.5,<2.2.0 || >2.2.0,<2.2.1 || >2.2.1"
@@ -1686,18 +1686,13 @@ awslambda = ["docker (>=3.0.0)"]
batch = ["docker (>=3.0.0)"] batch = ["docker (>=3.0.0)"]
cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "ecdsa (!=0.15)", "graphql-core", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)", "setuptools", "sshpubkeys (>=3.1.0)"] cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "ecdsa (!=0.15)", "graphql-core", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)", "setuptools", "sshpubkeys (>=3.1.0)"]
cognitoidp = ["ecdsa (!=0.15)", "python-jose[cryptography] (>=3.1.0,<4.0.0)"] cognitoidp = ["ecdsa (!=0.15)", "python-jose[cryptography] (>=3.1.0,<4.0.0)"]
ds = ["sshpubkeys (>=3.1.0)"]
dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.0)"] dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.0)"]
dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.0)"] dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.0)"]
ebs = ["sshpubkeys (>=3.1.0)"]
ec2 = ["sshpubkeys (>=3.1.0)"] ec2 = ["sshpubkeys (>=3.1.0)"]
efs = ["sshpubkeys (>=3.1.0)"]
eks = ["sshpubkeys (>=3.1.0)"]
glue = ["pyparsing (>=3.0.7)"] glue = ["pyparsing (>=3.0.7)"]
iotdata = ["jsondiff (>=1.1.2)"] iotdata = ["jsondiff (>=1.1.2)"]
proxy = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "ecdsa (!=0.15)", "graphql-core", "jsondiff (>=1.1.2)", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)", "setuptools", "sshpubkeys (>=3.1.0)"] proxy = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "ecdsa (!=0.15)", "graphql-core", "jsondiff (>=1.1.2)", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)", "setuptools", "sshpubkeys (>=3.1.0)"]
resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "ecdsa (!=0.15)", "graphql-core", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)", "sshpubkeys (>=3.1.0)"] resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "ecdsa (!=0.15)", "graphql-core", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)"]
route53resolver = ["sshpubkeys (>=3.1.0)"]
s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.5.0)"] s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.5.0)"]
s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.5.0)"] s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.5.0)"]
server = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "ecdsa (!=0.15)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)", "setuptools", "sshpubkeys (>=3.1.0)"] server = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "ecdsa (!=0.15)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.0)", "pyparsing (>=3.0.7)", "python-jose[cryptography] (>=3.1.0,<4.0.0)", "setuptools", "sshpubkeys (>=3.1.0)"]
@@ -2809,8 +2804,7 @@ files = [
{file = "ruamel.yaml.clib-0.2.7-cp310-cp310-win32.whl", hash = "sha256:763d65baa3b952479c4e972669f679fe490eee058d5aa85da483ebae2009d231"}, {file = "ruamel.yaml.clib-0.2.7-cp310-cp310-win32.whl", hash = "sha256:763d65baa3b952479c4e972669f679fe490eee058d5aa85da483ebae2009d231"},
{file = "ruamel.yaml.clib-0.2.7-cp310-cp310-win_amd64.whl", hash = "sha256:d000f258cf42fec2b1bbf2863c61d7b8918d31ffee905da62dede869254d3b8a"}, {file = "ruamel.yaml.clib-0.2.7-cp310-cp310-win_amd64.whl", hash = "sha256:d000f258cf42fec2b1bbf2863c61d7b8918d31ffee905da62dede869254d3b8a"},
{file = "ruamel.yaml.clib-0.2.7-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:045e0626baf1c52e5527bd5db361bc83180faaba2ff586e763d3d5982a876a9e"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:045e0626baf1c52e5527bd5db361bc83180faaba2ff586e763d3d5982a876a9e"},
{file = "ruamel.yaml.clib-0.2.7-cp311-cp311-macosx_13_0_arm64.whl", hash = "sha256:1a6391a7cabb7641c32517539ca42cf84b87b667bad38b78d4d42dd23e957c81"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-macosx_12_6_arm64.whl", hash = "sha256:721bc4ba4525f53f6a611ec0967bdcee61b31df5a56801281027a3a6d1c2daf5"},
{file = "ruamel.yaml.clib-0.2.7-cp311-cp311-manylinux2014_aarch64.whl", hash = "sha256:9c7617df90c1365638916b98cdd9be833d31d337dbcd722485597b43c4a215bf"},
{file = "ruamel.yaml.clib-0.2.7-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:41d0f1fa4c6830176eef5b276af04c89320ea616655d01327d5ce65e50575c94"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:41d0f1fa4c6830176eef5b276af04c89320ea616655d01327d5ce65e50575c94"},
{file = "ruamel.yaml.clib-0.2.7-cp311-cp311-win32.whl", hash = "sha256:f6d3d39611ac2e4f62c3128a9eed45f19a6608670c5a2f4f07f24e8de3441d38"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-win32.whl", hash = "sha256:f6d3d39611ac2e4f62c3128a9eed45f19a6608670c5a2f4f07f24e8de3441d38"},
{file = "ruamel.yaml.clib-0.2.7-cp311-cp311-win_amd64.whl", hash = "sha256:da538167284de58a52109a9b89b8f6a53ff8437dd6dc26d33b57bf6699153122"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-win_amd64.whl", hash = "sha256:da538167284de58a52109a9b89b8f6a53ff8437dd6dc26d33b57bf6699153122"},
@@ -3366,4 +3360,4 @@ docs = ["mkdocs", "mkdocs-material"]
[metadata] [metadata]
lock-version = "2.0" lock-version = "2.0"
python-versions = ">=3.9,<3.12" python-versions = ">=3.9,<3.12"
content-hash = "002286855c4fae550222268dc43da4d7200a412c1bbed75bfe16494272759371" content-hash = "5cff9a377b9a0ddd11edc23b7d08ecf78f5c79163848f50cb75bf118440376b4"

2
pyproject.toml
View File

@@ -63,7 +63,7 @@ docker = "7.0.0"
flake8 = "7.0.0" flake8 = "7.0.0"
freezegun = "1.4.0" freezegun = "1.4.0"
mock = "5.1.0" mock = "5.1.0"
moto = {extras = ["all"], version = "4.2.13"} moto = {extras = ["all"], version = "5.0.0"}
openapi-schema-validator = "0.6.2" openapi-schema-validator = "0.6.2"
openapi-spec-validator = "0.7.1" openapi-spec-validator = "0.7.1"
pylint = "3.0.3" pylint = "3.0.3"

4
tests/lib/check/check_test.py
View File

@@ -6,7 +6,7 @@ from pkgutil import ModuleInfo
from boto3 import client from boto3 import client
from fixtures.bulk_checks_metadata import test_bulk_checks_metadata from fixtures.bulk_checks_metadata import test_bulk_checks_metadata
from mock import patch from mock import patch
from moto import mock_s3 from moto import mock_aws
from prowler.lib.check.check import ( from prowler.lib.check.check import (
exclude_checks_to_run, exclude_checks_to_run,
@@ -456,7 +456,7 @@ class Test_Check:
provider = test["input"]["provider"] provider = test["input"]["provider"]
assert parse_checks_from_file(check_file, provider) == test["expected"] assert parse_checks_from_file(check_file, provider) == test["expected"]
@mock_s3 @mock_aws
def test_parse_checks_from_folder(self): def test_parse_checks_from_folder(self):
test_checks_folder = ( test_checks_folder = (
f"{pathlib.Path().absolute()}/tests/lib/check/fixtures/checks_folder" f"{pathlib.Path().absolute()}/tests/lib/check/fixtures/checks_folder"

17
tests/providers/aws/aws_provider_test.py
View File

@@ -2,7 +2,7 @@ from re import search
import boto3 import boto3
from mock import patch from mock import patch
from moto import mock_iam, mock_sts from moto import mock_aws
from prowler.providers.aws.aws_provider import ( from prowler.providers.aws.aws_provider import (
AWS_Provider, AWS_Provider,
@@ -29,8 +29,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_AWS_Provider: class Test_AWS_Provider:
@mock_iam @mock_aws
@mock_sts
def test_aws_provider_user_without_mfa(self): def test_aws_provider_user_without_mfa(self):
# sessionName = "ProwlerAssessmentSession" # sessionName = "ProwlerAssessmentSession"
# Boto 3 client to create our user # Boto 3 client to create our user
@@ -79,8 +78,7 @@ class Test_AWS_Provider:
role_session_name="ProwlerAssessmentSession", role_session_name="ProwlerAssessmentSession",
) )
@mock_iam @mock_aws
@mock_sts
def test_aws_provider_user_with_mfa(self): def test_aws_provider_user_with_mfa(self):
# Boto 3 client to create our user # Boto 3 client to create our user
iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1) iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1)
@@ -129,8 +127,7 @@ class Test_AWS_Provider:
role_session_name="ProwlerAssessmentSession", role_session_name="ProwlerAssessmentSession",
) )
@mock_iam @mock_aws
@mock_sts
def test_aws_provider_assume_role_with_mfa(self): def test_aws_provider_assume_role_with_mfa(self):
# Variables # Variables
role_name = "test-role" role_name = "test-role"
@@ -208,8 +205,7 @@ class Test_AWS_Provider:
assume_role_response["AssumedRoleUser"]["AssumedRoleId"] assume_role_response["AssumedRoleUser"]["AssumedRoleId"]
) == 21 + 1 + len(sessionName) ) == 21 + 1 + len(sessionName)
@mock_iam @mock_aws
@mock_sts
def test_aws_provider_assume_role_without_mfa(self): def test_aws_provider_assume_role_without_mfa(self):
# Variables # Variables
role_name = "test-role" role_name = "test-role"
@@ -279,8 +275,7 @@ class Test_AWS_Provider:
assume_role_response["AssumedRoleUser"]["AssumedRoleId"] assume_role_response["AssumedRoleUser"]["AssumedRoleId"]
) == 21 + 1 + len(sessionName) ) == 21 + 1 + len(sessionName)
@mock_iam @mock_aws
@mock_sts
def test_assume_role_with_sts_endpoint_region(self): def test_assume_role_with_sts_endpoint_region(self):
# Variables # Variables
role_name = "test-role" role_name = "test-role"

8
tests/providers/aws/lib/allowlist/allowlist_test.py
View File

@@ -1,7 +1,7 @@
import yaml import yaml
from boto3 import resource from boto3 import resource
from mock import MagicMock from mock import MagicMock
from moto import mock_dynamodb, mock_s3 from moto import mock_aws
from prowler.providers.aws.lib.allowlist.allowlist import ( from prowler.providers.aws.lib.allowlist.allowlist import (
allowlist_findings, allowlist_findings,
@@ -25,7 +25,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Allowlist: class Test_Allowlist:
# Test S3 allowlist # Test S3 allowlist
@mock_s3 @mock_aws
def test_s3_allowlist(self): def test_s3_allowlist(self):
audit_info = set_mocked_aws_audit_info() audit_info = set_mocked_aws_audit_info()
# Create bucket and upload allowlist yaml # Create bucket and upload allowlist yaml
@@ -44,7 +44,7 @@ class Test_Allowlist:
) )
# Test DynamoDB allowlist # Test DynamoDB allowlist
@mock_dynamodb @mock_aws
def test_dynamo_allowlist(self): def test_dynamo_allowlist(self):
audit_info = set_mocked_aws_audit_info() audit_info = set_mocked_aws_audit_info()
# Create table and put item # Create table and put item
@@ -88,7 +88,7 @@ class Test_Allowlist:
)["Accounts"]["*"]["Checks"]["iam_user_hardware_mfa_enabled"]["Resources"] )["Accounts"]["*"]["Checks"]["iam_user_hardware_mfa_enabled"]["Resources"]
) )
@mock_dynamodb @mock_aws
def test_dynamo_allowlist_with_tags(self): def test_dynamo_allowlist_with_tags(self):
audit_info = set_mocked_aws_audit_info() audit_info = set_mocked_aws_audit_info()
# Create table and put item # Create table and put item

41
tests/providers/aws/lib/credentials/credentials_test.py
View File

@@ -3,7 +3,7 @@ import re
import boto3 import boto3
import botocore import botocore
from mock import patch from mock import patch
from moto import mock_iam, mock_sts from moto import mock_aws
from prowler.providers.aws.lib.arn.arn import parse_iam_credentials_arn from prowler.providers.aws.lib.arn.arn import parse_iam_credentials_arn
from prowler.providers.aws.lib.credentials.credentials import ( from prowler.providers.aws.lib.credentials.credentials import (
@@ -41,8 +41,7 @@ def mock_get_caller_identity_gov_cloud(self, operation_name, kwarg):
class Test_AWS_Credentials: class Test_AWS_Credentials:
@mock_sts @mock_aws
@mock_iam
def test_validate_credentials_commercial_partition_with_regions(self): def test_validate_credentials_commercial_partition_with_regions(self):
# AWS Region for AWS COMMERCIAL # AWS Region for AWS COMMERCIAL
aws_region = "eu-west-1" aws_region = "eu-west-1"
@@ -77,8 +76,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
def test_validate_credentials_commercial_partition_with_regions_none_and_profile_region_so_profile_region( def test_validate_credentials_commercial_partition_with_regions_none_and_profile_region_so_profile_region(
self, self,
): ):
@@ -115,8 +113,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
def test_validate_credentials_commercial_partition_with_0_regions_and_profile_region_so_profile_region( def test_validate_credentials_commercial_partition_with_0_regions_and_profile_region_so_profile_region(
self, self,
): ):
@@ -153,8 +150,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
def test_validate_credentials_commercial_partition_without_regions_and_profile_region_so_us_east_1( def test_validate_credentials_commercial_partition_without_regions_and_profile_region_so_us_east_1(
self, self,
): ):
@@ -191,8 +187,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
def test_validate_credentials_commercial_partition_with_regions_none_and_profile_region_but_sts_endpoint_region( def test_validate_credentials_commercial_partition_with_regions_none_and_profile_region_but_sts_endpoint_region(
self, self,
): ):
@@ -232,8 +227,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
def test_validate_credentials_china_partition_without_regions_and_profile_region_so_us_east_1( def test_validate_credentials_china_partition_without_regions_and_profile_region_so_us_east_1(
self, self,
): ):
@@ -270,8 +264,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
@patch( @patch(
"botocore.client.BaseClient._make_api_call", new=mock_get_caller_identity_china "botocore.client.BaseClient._make_api_call", new=mock_get_caller_identity_china
) )
@@ -312,8 +305,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
@patch( @patch(
"botocore.client.BaseClient._make_api_call", new=mock_get_caller_identity_china "botocore.client.BaseClient._make_api_call", new=mock_get_caller_identity_china
) )
@@ -359,8 +351,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
@patch( @patch(
"botocore.client.BaseClient._make_api_call", "botocore.client.BaseClient._make_api_call",
new=mock_get_caller_identity_gov_cloud, new=mock_get_caller_identity_gov_cloud,
@@ -402,8 +393,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_sts @mock_aws
@mock_iam
@patch( @patch(
"botocore.client.BaseClient._make_api_call", "botocore.client.BaseClient._make_api_call",
new=mock_get_caller_identity_gov_cloud, new=mock_get_caller_identity_gov_cloud,
@@ -450,8 +440,7 @@ class Test_AWS_Credentials:
assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"]) assert re.match("[0-9a-zA-Z]{20}", get_caller_identity["UserId"])
assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER assert get_caller_identity["Account"] == AWS_ACCOUNT_NUMBER
@mock_iam @mock_aws
@mock_sts
def test_create_sts_session(self): def test_create_sts_session(self):
aws_region = "eu-west-1" aws_region = "eu-west-1"
# Create a mock IAM user # Create a mock IAM user
@@ -474,8 +463,7 @@ class Test_AWS_Credentials:
assert sts_client._endpoint._endpoint_prefix == "sts" assert sts_client._endpoint._endpoint_prefix == "sts"
assert sts_client._endpoint.host == f"https://sts.{aws_region}.amazonaws.com" assert sts_client._endpoint.host == f"https://sts.{aws_region}.amazonaws.com"
@mock_iam @mock_aws
@mock_sts
def test_create_sts_session_gov_cloud(self): def test_create_sts_session_gov_cloud(self):
aws_region = "us-gov-east-1" aws_region = "us-gov-east-1"
# Create a mock IAM user # Create a mock IAM user
@@ -498,8 +486,7 @@ class Test_AWS_Credentials:
assert sts_client._endpoint._endpoint_prefix == "sts" assert sts_client._endpoint._endpoint_prefix == "sts"
assert sts_client._endpoint.host == f"https://sts.{aws_region}.amazonaws.com" assert sts_client._endpoint.host == f"https://sts.{aws_region}.amazonaws.com"
@mock_iam @mock_aws
@mock_sts
def test_create_sts_session_china(self): def test_create_sts_session_china(self):
aws_region = "cn-north-1" aws_region = "cn-north-1"
# Create a mock IAM user # Create a mock IAM user

6
tests/providers/aws/lib/organizations/organizations_test.py
View File

@@ -1,7 +1,7 @@
import json import json
import boto3 import boto3
from moto import mock_iam, mock_organizations, mock_sts from moto import mock_aws
from prowler.providers.aws.lib.organizations.organizations import ( from prowler.providers.aws.lib.organizations.organizations import (
get_organizations_metadata, get_organizations_metadata,
@@ -11,9 +11,7 @@ AWS_ACCOUNT_NUMBER = "123456789012"
class Test_AWS_Organizations: class Test_AWS_Organizations:
@mock_organizations @mock_aws
@mock_sts
@mock_iam
def test_organizations(self): def test_organizations(self):
client = boto3.client("organizations", region_name="us-east-1") client = boto3.client("organizations", region_name="us-east-1")
iam_client = boto3.client("iam", region_name="us-east-1") iam_client = boto3.client("iam", region_name="us-east-1")

6
tests/providers/aws/lib/s3/s3_test.py
View File

@@ -3,7 +3,7 @@ from pathlib import Path
import boto3 import boto3
from mock import MagicMock from mock import MagicMock
from moto import mock_s3 from moto import mock_aws
from prowler.config.config import csv_file_suffix from prowler.config.config import csv_file_suffix
from prowler.providers.aws.lib.s3.s3 import get_s3_object_path, send_to_s3_bucket from prowler.providers.aws.lib.s3.s3 import get_s3_object_path, send_to_s3_bucket
@@ -21,7 +21,7 @@ OUTPUT_MODE_CIS_1_4_AWS = "cis_1.4_aws"
class TestS3: class TestS3:
@mock_s3 @mock_aws
def test_send_to_s3_bucket(self): def test_send_to_s3_bucket(self):
# Mock Audit Info # Mock Audit Info
audit_info = MagicMock() audit_info = MagicMock()
@@ -60,7 +60,7 @@ class TestS3:
== "binary/octet-stream" == "binary/octet-stream"
) )
@mock_s3 @mock_aws
def test_send_to_s3_bucket_compliance(self): def test_send_to_s3_bucket_compliance(self):
# Mock Audit Info # Mock Audit Info
audit_info = MagicMock() audit_info = MagicMock()

30
tests/providers/aws/services/apigateway/apigateway_authorizers_enabled/apigateway_authorizers_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_apigateway, mock_iam, mock_lambda from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_authorizers_enabled: class Test_apigateway_restapi_authorizers_enabled:
@mock_apigateway @mock_aws
def test_apigateway_no_rest_apis(self): def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import ( from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway, APIGateway,
@@ -39,9 +39,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_apigateway @mock_aws
@mock_iam
@mock_lambda
def test_apigateway_one_rest_api_with_lambda_authorizer(self): def test_apigateway_one_rest_api_with_lambda_authorizer(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -107,7 +105,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
def test_apigateway_one_rest_api_without_lambda_authorizer(self): def test_apigateway_one_rest_api_without_lambda_authorizer(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -152,9 +150,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
@mock_iam
@mock_lambda
def test_apigateway_one_rest_api_without_api_or_methods_authorizer(self): def test_apigateway_one_rest_api_without_api_or_methods_authorizer(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -215,9 +211,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
@mock_iam
@mock_lambda
def test_apigateway_one_rest_api_without_api_auth_but_one_method_auth(self): def test_apigateway_one_rest_api_without_api_auth_but_one_method_auth(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -278,9 +272,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
@mock_iam
@mock_lambda
def test_apigateway_one_rest_api_without_api_auth_but_methods_auth_and_not(self): def test_apigateway_one_rest_api_without_api_auth_but_methods_auth_and_not(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -348,9 +340,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
@mock_iam
@mock_lambda
def test_apigateway_one_rest_api_without_api_auth_but_methods_not_auth_and_auth( def test_apigateway_one_rest_api_without_api_auth_but_methods_not_auth_and_auth(
self, self,
): ):
@@ -420,9 +410,7 @@ class Test_apigateway_restapi_authorizers_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
@mock_iam
@mock_lambda
def test_apigateway_one_rest_api_without_authorizers_with_various_resources_without_endpoints( def test_apigateway_one_rest_api_without_authorizers_with_various_resources_without_endpoints(
self, self,
): ):

8
tests/providers/aws/services/apigateway/apigateway_client_certificate_enabled/apigateway_client_certificate_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_apigateway from moto import mock_aws
from prowler.providers.aws.services.apigateway.apigateway_service import Stage from prowler.providers.aws.services.apigateway.apigateway_service import Stage
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_client_certificate_enabled: class Test_apigateway_restapi_client_certificate_enabled:
@mock_apigateway @mock_aws
def test_apigateway_no_stages(self): def test_apigateway_no_stages(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -45,7 +45,7 @@ class Test_apigateway_restapi_client_certificate_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_apigateway @mock_aws
def test_apigateway_one_stage_without_certificate(self): def test_apigateway_one_stage_without_certificate(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_apigateway_restapi_client_certificate_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [None] assert result[0].resource_tags == [None]
@mock_apigateway @mock_aws
def test_apigateway_one_stage_with_certificate(self): def test_apigateway_one_stage_with_certificate(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/apigateway/apigateway_endpoint_public/apigateway_endpoint_public_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_apigateway from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_public: class Test_apigateway_restapi_public:
@mock_apigateway @mock_aws
def test_apigateway_no_rest_apis(self): def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import ( from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway, APIGateway,
@@ -38,7 +38,7 @@ class Test_apigateway_restapi_public:
assert len(result) == 0 assert len(result) == 0
@mock_apigateway @mock_aws
def test_apigateway_one_private_rest_api(self): def test_apigateway_one_private_rest_api(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -88,7 +88,7 @@ class Test_apigateway_restapi_public:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
def test_apigateway_one_public_rest_api(self): def test_apigateway_one_public_rest_api(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/apigateway/apigateway_endpoint_public_without_authorizer/apigateway_endpoint_public_without_authorizer_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_apigateway from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -13,7 +13,7 @@ API_GW_NAME = "test-rest-api"
class Test_apigateway_restapi_public_with_authorizer: class Test_apigateway_restapi_public_with_authorizer:
@mock_apigateway @mock_aws
def test_apigateway_no_rest_apis(self): def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import ( from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway, APIGateway,
@@ -40,7 +40,7 @@ class Test_apigateway_restapi_public_with_authorizer:
assert len(result) == 0 assert len(result) == 0
@mock_apigateway @mock_aws
def test_apigateway_one_public_rest_api_without_authorizer(self): def test_apigateway_one_public_rest_api_without_authorizer(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -90,7 +90,7 @@ class Test_apigateway_restapi_public_with_authorizer:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [{}] assert result[0].resource_tags == [{}]
@mock_apigateway @mock_aws
def test_apigateway_one_public_rest_api_with_authorizer(self): def test_apigateway_one_public_rest_api_with_authorizer(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/apigateway/apigateway_logging_enabled/apigateway_logging_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_apigateway from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_logging_enabled: class Test_apigateway_restapi_logging_enabled:
@mock_apigateway @mock_aws
def test_apigateway_no_rest_apis(self): def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import ( from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway, APIGateway,
@@ -38,7 +38,7 @@ class Test_apigateway_restapi_logging_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_apigateway @mock_aws
def test_apigateway_one_rest_api_with_logging(self): def test_apigateway_one_rest_api_with_logging(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -120,7 +120,7 @@ class Test_apigateway_restapi_logging_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [None] assert result[0].resource_tags == [None]
@mock_apigateway @mock_aws
def test_apigateway_one_rest_api_without_logging(self): def test_apigateway_one_rest_api_without_logging(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

20
tests/providers/aws/services/apigateway/apigateway_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client from boto3 import client
from moto import mock_apigateway from moto import mock_aws
from prowler.providers.aws.services.apigateway.apigateway_service import APIGateway from prowler.providers.aws.services.apigateway.apigateway_service import APIGateway
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_APIGateway_Service: class Test_APIGateway_Service:
# Test APIGateway Service # Test APIGateway Service
@mock_apigateway @mock_aws
def test_service(self): def test_service(self):
# APIGateway client for this test class # APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -19,7 +19,7 @@ class Test_APIGateway_Service:
assert apigateway.service == "apigateway" assert apigateway.service == "apigateway"
# Test APIGateway Client # Test APIGateway Client
@mock_apigateway @mock_aws
def test_client(self): def test_client(self):
# APIGateway client for this test class # APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -28,7 +28,7 @@ class Test_APIGateway_Service:
assert regional_client.__class__.__name__ == "APIGateway" assert regional_client.__class__.__name__ == "APIGateway"
# Test APIGateway Session # Test APIGateway Session
@mock_apigateway @mock_aws
def test__get_session__(self): def test__get_session__(self):
# APIGateway client for this test class # APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -36,7 +36,7 @@ class Test_APIGateway_Service:
assert apigateway.session.__class__.__name__ == "Session" assert apigateway.session.__class__.__name__ == "Session"
# Test APIGateway Session # Test APIGateway Session
@mock_apigateway @mock_aws
def test_audited_account(self): def test_audited_account(self):
# APIGateway client for this test class # APIGateway client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -44,7 +44,7 @@ class Test_APIGateway_Service:
assert apigateway.audited_account == AWS_ACCOUNT_NUMBER assert apigateway.audited_account == AWS_ACCOUNT_NUMBER
# Test APIGateway Get Rest APIs # Test APIGateway Get Rest APIs
@mock_apigateway @mock_aws
def test__get_rest_apis__(self): def test__get_rest_apis__(self):
# Generate APIGateway Client # Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -60,7 +60,7 @@ class Test_APIGateway_Service:
) )
# Test APIGateway Get Authorizers # Test APIGateway Get Authorizers
@mock_apigateway @mock_aws
def test__get_authorizers__(self): def test__get_authorizers__(self):
# Generate APIGateway Client # Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -80,7 +80,7 @@ class Test_APIGateway_Service:
assert apigateway.rest_apis[0].authorizer is True assert apigateway.rest_apis[0].authorizer is True
# Test APIGateway Get Rest API # Test APIGateway Get Rest API
@mock_apigateway @mock_aws
def test__get_rest_api__(self): def test__get_rest_api__(self):
# Generate APIGateway Client # Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -97,7 +97,7 @@ class Test_APIGateway_Service:
assert apigateway.rest_apis[0].tags == [{"test": "test"}] assert apigateway.rest_apis[0].tags == [{"test": "test"}]
# Test APIGateway Get Stages # Test APIGateway Get Stages
@mock_apigateway @mock_aws
def test__get_stages__(self): def test__get_stages__(self):
# Generate APIGateway Client # Generate APIGateway Client
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -148,7 +148,7 @@ class Test_APIGateway_Service:
assert apigateway.rest_apis[0].stages[0].logging is True assert apigateway.rest_apis[0].stages[0].logging is True
# Test APIGateway __get_resources__ # Test APIGateway __get_resources__
@mock_apigateway @mock_aws
def test__get_resources__(self): def test__get_resources__(self):
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

9
tests/providers/aws/services/apigateway/apigateway_waf_acl_attached/apigateway_waf_acl_attached_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_apigateway, mock_wafv2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_apigateway_restapi_waf_acl_attached: class Test_apigateway_restapi_waf_acl_attached:
@mock_apigateway @mock_aws
def test_apigateway_no_rest_apis(self): def test_apigateway_no_rest_apis(self):
from prowler.providers.aws.services.apigateway.apigateway_service import ( from prowler.providers.aws.services.apigateway.apigateway_service import (
APIGateway, APIGateway,
@@ -38,8 +38,7 @@ class Test_apigateway_restapi_waf_acl_attached:
assert len(result) == 0 assert len(result) == 0
@mock_apigateway @mock_aws
@mock_wafv2
def test_apigateway_one_rest_api_with_waf(self): def test_apigateway_one_rest_api_with_waf(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)
@@ -126,7 +125,7 @@ class Test_apigateway_restapi_waf_acl_attached:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [None] assert result[0].resource_tags == [None]
@mock_apigateway @mock_aws
def test_apigateway_one_rest_api_without_waf(self): def test_apigateway_one_rest_api_without_waf(self):
# Create APIGateway Mocked Resources # Create APIGateway Mocked Resources
apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1) apigateway_client = client("apigateway", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/apigatewayv2/apigatewayv2_access_logging_enabled/apigatewayv2_access_logging_enabled_test.py
View File

@@ -3,7 +3,7 @@ from unittest import mock
import botocore import botocore
from boto3 import client from boto3 import client
from mock import patch from mock import patch
from moto import mock_apigatewayv2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1, AWS_REGION_US_EAST_1,
@@ -39,7 +39,7 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_apigatewayv2_api_access_logging_enabled: class Test_apigatewayv2_api_access_logging_enabled:
@mock_apigatewayv2 @mock_aws
def test_apigateway_no_apis(self): def test_apigateway_no_apis(self):
from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import ( from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import (
ApiGatewayV2, ApiGatewayV2,
@@ -66,7 +66,7 @@ class Test_apigatewayv2_api_access_logging_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_apigatewayv2 @mock_aws
def test_apigateway_one_api_with_logging_in_stage(self): def test_apigateway_one_api_with_logging_in_stage(self):
# Create ApiGatewayV2 Mocked Resources # Create ApiGatewayV2 Mocked Resources
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1) apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/apigatewayv2/apigatewayv2_authorizers_enabled/apigatewayv2_authorizers_enabled_test.py
View File

@@ -3,7 +3,7 @@ from unittest import mock
import botocore import botocore
from boto3 import client from boto3 import client
from mock import patch from mock import patch
from moto import mock_apigatewayv2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1, AWS_REGION_US_EAST_1,
@@ -39,7 +39,7 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_apigatewayv2_api_authorizers_enabled: class Test_apigatewayv2_api_authorizers_enabled:
@mock_apigatewayv2 @mock_aws
def test_apigateway_no_apis(self): def test_apigateway_no_apis(self):
from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import ( from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import (
ApiGatewayV2, ApiGatewayV2,
@@ -66,7 +66,7 @@ class Test_apigatewayv2_api_authorizers_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_apigatewayv2 @mock_aws
def test_apigateway_one_api_with_authorizer(self): def test_apigateway_one_api_with_authorizer(self):
# Create ApiGatewayV2 Mocked Resources # Create ApiGatewayV2 Mocked Resources
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1) apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)

16
tests/providers/aws/services/apigatewayv2/apigatewayv2_service_test.py
View File

@@ -1,7 +1,7 @@
import botocore import botocore
from boto3 import client from boto3 import client
from mock import patch from mock import patch
from moto import mock_apigatewayv2 from moto import mock_aws
from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import ( from prowler.providers.aws.services.apigatewayv2.apigatewayv2_service import (
ApiGatewayV2, ApiGatewayV2,
@@ -42,7 +42,7 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_ApiGatewayV2_Service: class Test_ApiGatewayV2_Service:
# Test ApiGatewayV2 Service # Test ApiGatewayV2 Service
@mock_apigatewayv2 @mock_aws
def test_service(self): def test_service(self):
# ApiGatewayV2 client for this test class # ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -50,7 +50,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.service == "apigatewayv2" assert apigatewayv2.service == "apigatewayv2"
# Test ApiGatewayV2 Client # Test ApiGatewayV2 Client
@mock_apigatewayv2 @mock_aws
def test_client(self): def test_client(self):
# ApiGatewayV2 client for this test class # ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -59,7 +59,7 @@ class Test_ApiGatewayV2_Service:
assert regional_client.__class__.__name__ == "ApiGatewayV2" assert regional_client.__class__.__name__ == "ApiGatewayV2"
# Test ApiGatewayV2 Session # Test ApiGatewayV2 Session
@mock_apigatewayv2 @mock_aws
def test__get_session__(self): def test__get_session__(self):
# ApiGatewayV2 client for this test class # ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -67,7 +67,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.session.__class__.__name__ == "Session" assert apigatewayv2.session.__class__.__name__ == "Session"
# Test ApiGatewayV2 Session # Test ApiGatewayV2 Session
@mock_apigatewayv2 @mock_aws
def test_audited_account(self): def test_audited_account(self):
# ApiGatewayV2 client for this test class # ApiGatewayV2 client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -75,7 +75,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.audited_account == AWS_ACCOUNT_NUMBER assert apigatewayv2.audited_account == AWS_ACCOUNT_NUMBER
# Test ApiGatewayV2 Get APIs # Test ApiGatewayV2 Get APIs
@mock_apigatewayv2 @mock_aws
def test__get_apis__(self): def test__get_apis__(self):
# Generate ApiGatewayV2 Client # Generate ApiGatewayV2 Client
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1) apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)
@@ -90,7 +90,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.apis[0].tags == [{"test": "test"}] assert apigatewayv2.apis[0].tags == [{"test": "test"}]
# Test ApiGatewayV2 Get Authorizers # Test ApiGatewayV2 Get Authorizers
@mock_apigatewayv2 @mock_aws
def test__get_authorizers__(self): def test__get_authorizers__(self):
# Generate ApiGatewayV2 Client # Generate ApiGatewayV2 Client
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1) apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)
@@ -110,7 +110,7 @@ class Test_ApiGatewayV2_Service:
assert apigatewayv2.apis[0].authorizer is True assert apigatewayv2.apis[0].authorizer is True
# Test ApiGatewayV2 Get Stages # Test ApiGatewayV2 Get Stages
@mock_apigatewayv2 @mock_aws
def test__get_stages__(self): def test__get_stages__(self):
# Generate ApiGatewayV2 Client # Generate ApiGatewayV2 Client
apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1) apigatewayv2_client = client("apigatewayv2", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/athena/athena_service_test.py
View File

@@ -1,6 +1,6 @@
from botocore.client import BaseClient from botocore.client import BaseClient
from mock import patch from mock import patch
from moto import mock_athena from moto import mock_aws
from prowler.providers.aws.services.athena.athena_service import Athena from prowler.providers.aws.services.athena.athena_service import Athena
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -54,7 +54,7 @@ def mock_generate_regional_clients(service, audit_info):
) )
class Test_Athena_Service: class Test_Athena_Service:
# Test Athena Get Workgrups # Test Athena Get Workgrups
@mock_athena @mock_aws
def test__get_workgroups__not_encrypted(self): def test__get_workgroups__not_encrypted(self):
default_workgroup_name = "primary" default_workgroup_name = "primary"
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
@@ -78,7 +78,7 @@ class Test_Athena_Service:
# Test Athena Get Workgrups # Test Athena Get Workgrups
# We mock the get_work_group to return an encrypted workgroup # We mock the get_work_group to return an encrypted workgroup
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
@mock_athena @mock_aws
def test__get_workgroups__encrypted(self): def test__get_workgroups__encrypted(self):
default_workgroup_name = "primary" default_workgroup_name = "primary"
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])

8
tests/providers/aws/services/athena/athena_workgroup_encryption/athena_workgroup_encryption_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from mock import patch from mock import patch
from moto import mock_athena from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -15,7 +15,7 @@ ATHENA_PRIMARY_WORKGROUP_ARN = f"arn:aws:athena:{AWS_REGION_EU_WEST_1}:{AWS_ACCO
class Test_athena_workgroup_encryption: class Test_athena_workgroup_encryption:
@mock_athena @mock_aws
def test_primary_workgroup_not_encrypted(self): def test_primary_workgroup_not_encrypted(self):
from prowler.providers.aws.services.athena.athena_service import Athena from prowler.providers.aws.services.athena.athena_service import Athena
@@ -46,7 +46,7 @@ class Test_athena_workgroup_encryption:
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_athena @mock_aws
def test_primary_workgroup_not_encrypted_ignoring(self): def test_primary_workgroup_not_encrypted_ignoring(self):
from prowler.providers.aws.services.athena.athena_service import Athena from prowler.providers.aws.services.athena.athena_service import Athena
@@ -69,7 +69,7 @@ class Test_athena_workgroup_encryption:
assert len(result) == 0 assert len(result) == 0
@mock_athena @mock_aws
# We mock the get_work_group to return an encrypted workgroup # We mock the get_work_group to return an encrypted workgroup
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
def test_primary_workgroup_encrypted(self): def test_primary_workgroup_encrypted(self):

8
tests/providers/aws/services/athena/athena_workgroup_enforce_configuration/athena_workgroup_enforce_configuration_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from mock import patch from mock import patch
from moto import mock_athena from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -15,7 +15,7 @@ ATHENA_PRIMARY_WORKGROUP_ARN = f"arn:aws:athena:{AWS_REGION_EU_WEST_1}:{AWS_ACCO
class Test_athena_workgroup_enforce_configuration: class Test_athena_workgroup_enforce_configuration:
@mock_athena @mock_aws
def test_primary_workgroup_configuration_not_enforced(self): def test_primary_workgroup_configuration_not_enforced(self):
from prowler.providers.aws.services.athena.athena_service import Athena from prowler.providers.aws.services.athena.athena_service import Athena
@@ -46,7 +46,7 @@ class Test_athena_workgroup_enforce_configuration:
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_athena @mock_aws
def test_primary_workgroup_configuration_not_enforced_ignoring(self): def test_primary_workgroup_configuration_not_enforced_ignoring(self):
from prowler.providers.aws.services.athena.athena_service import Athena from prowler.providers.aws.services.athena.athena_service import Athena
@@ -69,7 +69,7 @@ class Test_athena_workgroup_enforce_configuration:
assert len(result) == 0 assert len(result) == 0
@mock_athena @mock_aws
# We mock the get_work_group to return a workgroup not enforcing configuration # We mock the get_work_group to return a workgroup not enforcing configuration
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
def test_primary_workgroup_configuration_enforced(self): def test_primary_workgroup_configuration_enforced(self):

14
tests/providers/aws/services/autoscaling/autoscaling_find_secrets_ec2_launch_configuration/autoscaling_find_secrets_ec2_launch_configuration_test.py
View File

@@ -3,7 +3,7 @@ from pathlib import Path
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_autoscaling from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1, AWS_REGION_US_EAST_1,
@@ -15,7 +15,7 @@ FIXTURES_DIR_NAME = "fixtures"
class Test_autoscaling_find_secrets_ec2_launch_configuration: class Test_autoscaling_find_secrets_ec2_launch_configuration:
@mock_autoscaling @mock_aws
def test_no_autoscaling(self): def test_no_autoscaling(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1) autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.launch_configurations = [] autoscaling_client.launch_configurations = []
@@ -43,7 +43,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert len(result) == 0 assert len(result) == 0
@mock_autoscaling @mock_aws
def test_one_autoscaling_with_no_secrets(self): def test_one_autoscaling_with_no_secrets(self):
# Include launch_configurations to check # Include launch_configurations to check
launch_configuration_name = "tester" launch_configuration_name = "tester"
@@ -90,7 +90,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling @mock_aws
def test_one_autoscaling_with_secrets(self): def test_one_autoscaling_with_secrets(self):
# Include launch_configurations to check # Include launch_configurations to check
launch_configuration_name = "tester" launch_configuration_name = "tester"
@@ -137,7 +137,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling @mock_aws
def test_one_autoscaling_file_with_secrets(self): def test_one_autoscaling_file_with_secrets(self):
# Include launch_configurations to check # Include launch_configurations to check
f = open( f = open(
@@ -189,7 +189,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling @mock_aws
def test_one_launch_configurations_without_user_data(self): def test_one_launch_configurations_without_user_data(self):
# Include launch_configurations to check # Include launch_configurations to check
launch_configuration_name = "tester" launch_configuration_name = "tester"
@@ -235,7 +235,7 @@ class Test_autoscaling_find_secrets_ec2_launch_configuration:
assert result[0].resource_arn == launch_configuration_arn assert result[0].resource_arn == launch_configuration_arn
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_autoscaling @mock_aws
def test_one_autoscaling_file_with_secrets_gzip(self): def test_one_autoscaling_file_with_secrets_gzip(self):
# Include launch_configurations to check # Include launch_configurations to check
f = open( f = open(

10
tests/providers/aws/services/autoscaling/autoscaling_group_multiple_az/autoscaling_group_multiple_az_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_autoscaling from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_US_EAST_1, AWS_REGION_US_EAST_1,
@@ -10,7 +10,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_autoscaling_group_multiple_az: class Test_autoscaling_group_multiple_az:
@mock_autoscaling @mock_aws
def test_no_autoscaling(self): def test_no_autoscaling(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1) autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.groups = [] autoscaling_client.groups = []
@@ -38,7 +38,7 @@ class Test_autoscaling_group_multiple_az:
assert len(result) == 0 assert len(result) == 0
@mock_autoscaling @mock_aws
def test_groups_with_multi_az(self): def test_groups_with_multi_az(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1) autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.create_launch_configuration( autoscaling_client.create_launch_configuration(
@@ -94,7 +94,7 @@ class Test_autoscaling_group_multiple_az:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_autoscaling @mock_aws
def test_groups_with_single_az(self): def test_groups_with_single_az(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1) autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.create_launch_configuration( autoscaling_client.create_launch_configuration(
@@ -149,7 +149,7 @@ class Test_autoscaling_group_multiple_az:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].resource_arn == autoscaling_group_arn assert result[0].resource_arn == autoscaling_group_arn
@mock_autoscaling @mock_aws
def test_groups_witd_and_without(self): def test_groups_witd_and_without(self):
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1) autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
autoscaling_client.create_launch_configuration( autoscaling_client.create_launch_configuration(

14
tests/providers/aws/services/autoscaling/autoscaling_service_test.py
View File

@@ -1,7 +1,7 @@
from base64 import b64decode from base64 import b64decode
from boto3 import client from boto3 import client
from moto import mock_autoscaling from moto import mock_aws
from prowler.providers.aws.services.autoscaling.autoscaling_service import AutoScaling from prowler.providers.aws.services.autoscaling.autoscaling_service import AutoScaling
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_AutoScaling_Service: class Test_AutoScaling_Service:
# Test AutoScaling Service # Test AutoScaling Service
@mock_autoscaling @mock_aws
def test_service(self): def test_service(self):
# AutoScaling client for this test class # AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -21,7 +21,7 @@ class Test_AutoScaling_Service:
assert autoscaling.service == "autoscaling" assert autoscaling.service == "autoscaling"
# Test AutoScaling Client # Test AutoScaling Client
@mock_autoscaling @mock_aws
def test_client(self): def test_client(self):
# AutoScaling client for this test class # AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -30,7 +30,7 @@ class Test_AutoScaling_Service:
assert regional_client.__class__.__name__ == "AutoScaling" assert regional_client.__class__.__name__ == "AutoScaling"
# Test AutoScaling Session # Test AutoScaling Session
@mock_autoscaling @mock_aws
def test__get_session__(self): def test__get_session__(self):
# AutoScaling client for this test class # AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -38,7 +38,7 @@ class Test_AutoScaling_Service:
assert autoscaling.session.__class__.__name__ == "Session" assert autoscaling.session.__class__.__name__ == "Session"
# Test AutoScaling Session # Test AutoScaling Session
@mock_autoscaling @mock_aws
def test_audited_account(self): def test_audited_account(self):
# AutoScaling client for this test class # AutoScaling client for this test class
audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])
@@ -46,7 +46,7 @@ class Test_AutoScaling_Service:
assert autoscaling.audited_account == AWS_ACCOUNT_NUMBER assert autoscaling.audited_account == AWS_ACCOUNT_NUMBER
# Test AutoScaling Get APIs # Test AutoScaling Get APIs
@mock_autoscaling @mock_aws
def test__describe_launch_configurations__(self): def test__describe_launch_configurations__(self):
# Generate AutoScaling Client # Generate AutoScaling Client
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1) autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)
@@ -80,7 +80,7 @@ class Test_AutoScaling_Service:
assert autoscaling.launch_configurations[1].name == "tester2" assert autoscaling.launch_configurations[1].name == "tester2"
# Test Describe Auto Scaling Groups # Test Describe Auto Scaling Groups
@mock_autoscaling @mock_aws
def test__describe_auto_scaling_groups__(self): def test__describe_auto_scaling_groups__(self):
# Generate AutoScaling Client # Generate AutoScaling Client
autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1) autoscaling_client = client("autoscaling", region_name=AWS_REGION_US_EAST_1)

16
tests/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import client from boto3 import client
from mock import patch from mock import patch
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from prowler.providers.aws.services.awslambda.awslambda_service import Function from prowler.providers.aws.services.awslambda.awslambda_service import Function
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -27,7 +27,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients, new=mock_generate_regional_clients,
) )
class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled: class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
@mock_cloudtrail @mock_aws
def test_no_functions(self): def test_no_functions(self):
lambda_client = mock.MagicMock lambda_client = mock.MagicMock
lambda_client.functions = {} lambda_client.functions = {}
@@ -58,8 +58,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_lambda_not_recorded_by_cloudtrail(self): def test_lambda_not_recorded_by_cloudtrail(self):
# Lambda Client # Lambda Client
lambda_client = mock.MagicMock lambda_client = mock.MagicMock
@@ -121,8 +120,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
) )
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_lambda_recorded_by_cloudtrail_classic_event_selector(self): def test_lambda_recorded_by_cloudtrail_classic_event_selector(self):
# Lambda Client # Lambda Client
lambda_client = mock.MagicMock lambda_client = mock.MagicMock
@@ -196,8 +194,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
) )
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_lambda_recorded_by_cloudtrail_advanced_event_selector(self): def test_lambda_recorded_by_cloudtrail_advanced_event_selector(self):
# Lambda Client # Lambda Client
lambda_client = mock.MagicMock lambda_client = mock.MagicMock
@@ -274,8 +271,7 @@ class Test_awslambda_function_invoke_api_operations_cloudtrail_logging_enabled:
) )
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_all_lambdas_recorded_by_cloudtrail(self): def test_all_lambdas_recorded_by_cloudtrail(self):
# Lambda Client # Lambda Client
lambda_client = mock.MagicMock lambda_client = mock.MagicMock

6
tests/providers/aws/services/awslambda/awslambda_service_test.py
View File

@@ -7,7 +7,7 @@ from unittest.mock import patch
import mock import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_iam, mock_lambda, mock_s3 from moto import mock_aws
from prowler.providers.aws.services.awslambda.awslambda_service import AuthType, Lambda from prowler.providers.aws.services.awslambda.awslambda_service import AuthType, Lambda
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -85,9 +85,7 @@ class Test_Lambda_Service:
awslambda = Lambda(set_mocked_aws_audit_info([AWS_REGION_US_EAST_1])) awslambda = Lambda(set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]))
assert awslambda.service == "lambda" assert awslambda.service == "lambda"
@mock_lambda @mock_aws
@mock_iam
@mock_s3
def test__list_functions__(self): def test__list_functions__(self):
# Create IAM Lambda Role # Create IAM Lambda Role
iam_client = client("iam", region_name=AWS_REGION_EU_WEST_1) iam_client = client("iam", region_name=AWS_REGION_EU_WEST_1)

10
tests/providers/aws/services/cloudformation/cloudformation_service_test.py
View File

@@ -5,7 +5,7 @@ from unittest.mock import patch
import boto3 import boto3
import botocore import botocore
from dateutil.tz import tzutc from dateutil.tz import tzutc
from moto import mock_cloudformation from moto import mock_aws
from prowler.providers.aws.services.cloudformation.cloudformation_service import ( from prowler.providers.aws.services.cloudformation.cloudformation_service import (
CloudFormation, CloudFormation,
@@ -135,7 +135,7 @@ def mock_generate_regional_clients(service, audit_info):
) )
class Test_CloudFormation_Service: class Test_CloudFormation_Service:
# Test CloudFormation Client # Test CloudFormation Client
@mock_cloudformation @mock_aws
def test__get_client__(self): def test__get_client__(self):
cloudformation = CloudFormation( cloudformation = CloudFormation(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1]) set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
@@ -146,7 +146,7 @@ class Test_CloudFormation_Service:
) )
# Test CloudFormation Service # Test CloudFormation Service
@mock_cloudformation @mock_aws
def test__get_service__(self): def test__get_service__(self):
cloudformation = CloudFormation( cloudformation = CloudFormation(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1]) set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
@@ -157,14 +157,14 @@ class Test_CloudFormation_Service:
) )
# Test CloudFormation Session # Test CloudFormation Session
@mock_cloudformation @mock_aws
def test__get_session__(self): def test__get_session__(self):
cloudformation = CloudFormation( cloudformation = CloudFormation(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1]) set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
) )
assert cloudformation.session.__class__.__name__ == "Session" assert cloudformation.session.__class__.__name__ == "Session"
@mock_cloudformation @mock_aws
def test__describe_stacks__(self): def test__describe_stacks__(self):
cloudformation_client = boto3.client( cloudformation_client = boto3.client(
"cloudformation", region_name=AWS_REGION_EU_WEST_1 "cloudformation", region_name=AWS_REGION_EU_WEST_1

12
tests/providers/aws/services/cloudfront/cloudfront_service_test.py
View File

@@ -2,7 +2,7 @@ from unittest.mock import patch
import botocore import botocore
from boto3 import client from boto3 import client
from moto import mock_cloudfront from moto import mock_aws
from prowler.providers.aws.services.cloudfront.cloudfront_service import ( from prowler.providers.aws.services.cloudfront.cloudfront_service import (
CloudFront, CloudFront,
@@ -151,30 +151,30 @@ def mock_make_api_call(self, operation_name, kwarg):
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
class Test_CloudFront_Service: class Test_CloudFront_Service:
# Test CloudFront Client # Test CloudFront Client
@mock_cloudfront @mock_aws
def test__get_client__(self): def test__get_client__(self):
cloudfront = CloudFront(set_mocked_aws_audit_info()) cloudfront = CloudFront(set_mocked_aws_audit_info())
assert cloudfront.client.__class__.__name__ == "CloudFront" assert cloudfront.client.__class__.__name__ == "CloudFront"
# Test CloudFront Session # Test CloudFront Session
@mock_cloudfront @mock_aws
def test__get_session__(self): def test__get_session__(self):
cloudfront = CloudFront(set_mocked_aws_audit_info()) cloudfront = CloudFront(set_mocked_aws_audit_info())
assert cloudfront.session.__class__.__name__ == "Session" assert cloudfront.session.__class__.__name__ == "Session"
# Test CloudFront Service # Test CloudFront Service
@mock_cloudfront @mock_aws
def test__get_service__(self): def test__get_service__(self):
cloudfront = CloudFront(set_mocked_aws_audit_info()) cloudfront = CloudFront(set_mocked_aws_audit_info())
assert cloudfront.service == "cloudfront" assert cloudfront.service == "cloudfront"
@mock_cloudfront @mock_aws
def test__list_distributions__zero(self): def test__list_distributions__zero(self):
cloudfront = CloudFront(set_mocked_aws_audit_info()) cloudfront = CloudFront(set_mocked_aws_audit_info())
assert len(cloudfront.distributions) == 0 assert len(cloudfront.distributions) == 0
@mock_cloudfront @mock_aws
def test__list_distributions__complete(self): def test__list_distributions__complete(self):
cloudfront_client = client("cloudfront") cloudfront_client = client("cloudfront")
config = example_distribution_config("ref") config = example_distribution_config("ref")

18
tests/providers/aws/services/cloudtrail/cloudtrail_bucket_requires_mfa_delete/cloudtrail_bucket_requires_mfa_delete_test.py
View File

@@ -3,7 +3,7 @@ from unittest.mock import patch
import botocore import botocore
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_iam, mock_s3 from moto import mock_aws
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail
from prowler.providers.aws.services.s3.s3_service import S3 from prowler.providers.aws.services.s3.s3_service import S3
@@ -18,7 +18,7 @@ make_api_call = botocore.client.BaseClient._make_api_call
class Test_cloudtrail_bucket_requires_mfa_delete: class Test_cloudtrail_bucket_requires_mfa_delete:
@mock_cloudtrail @mock_aws
def test_no_trails(self): def test_no_trails(self):
current_audit_info = set_mocked_aws_audit_info( current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -40,8 +40,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
result = check.execute() result = check.execute()
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_trails_with_no_mfa_bucket(self): def test_trails_with_no_mfa_bucket(self):
current_audit_info = set_mocked_aws_audit_info( current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -99,9 +98,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
return {"MFADelete": "Enabled", "Status": "Enabled"} return {"MFADelete": "Enabled", "Status": "Enabled"}
return make_api_call(self, operation_name, kwarg) return make_api_call(self, operation_name, kwarg)
@mock_cloudtrail @mock_aws
@mock_s3
@mock_iam
# Patch with mock_make_api_call_getbucketversioning_mfadelete_enabled: # Patch with mock_make_api_call_getbucketversioning_mfadelete_enabled:
@patch( @patch(
"botocore.client.BaseClient._make_api_call", "botocore.client.BaseClient._make_api_call",
@@ -153,8 +150,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
assert result[0].resource_arn == trail_us["TrailARN"] assert result[0].resource_arn == trail_us["TrailARN"]
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_trails_with_no_mfa_bucket_cross(self): def test_trails_with_no_mfa_bucket_cross(self):
current_audit_info = set_mocked_aws_audit_info( current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -204,9 +200,7 @@ class Test_cloudtrail_bucket_requires_mfa_delete:
assert result[0].resource_arn == trail_us["TrailARN"] assert result[0].resource_arn == trail_us["TrailARN"]
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
@mock_iam
# Patch with mock_make_api_call_getbucketversioning_mfadelete_enabled: # Patch with mock_make_api_call_getbucketversioning_mfadelete_enabled:
@patch( @patch(
"botocore.client.BaseClient._make_api_call", "botocore.client.BaseClient._make_api_call",

14
tests/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py
View File

@@ -3,7 +3,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -13,8 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_cloudwatch_logging_enabled: class Test_cloudtrail_cloudwatch_logging_enabled:
@mock_cloudtrail @mock_aws
@mock_s3
def test_no_trails(self): def test_no_trails(self):
current_audit_info = set_mocked_aws_audit_info( current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -41,8 +40,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
result = check.execute() result = check.execute()
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_trails_sending_logs_during_and_not_last_day(self): def test_trails_sending_logs_during_and_not_last_day(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -129,8 +127,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
assert report.resource_tags == [] assert report.resource_tags == []
assert report.region == AWS_REGION_EU_WEST_1 assert report.region == AWS_REGION_EU_WEST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_multi_region_and_single_region_logging_and_not(self): def test_multi_region_and_single_region_logging_and_not(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -218,8 +215,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
) )
assert report.resource_tags == [] assert report.resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_trails_sending_and_not_sending_logs(self): def test_trails_sending_and_not_sending_logs(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

10
tests/providers/aws/services/cloudtrail/cloudtrail_insights_exist/cloudtrail_insights_exist_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_insights_exist: class Test_cloudtrail_insights_exist:
@mock_cloudtrail @mock_aws
def test_no_trails(self): def test_no_trails(self):
current_audit_info = set_mocked_aws_audit_info( current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -35,8 +35,7 @@ class Test_cloudtrail_insights_exist:
result = check.execute() result = check.execute()
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_trails_with_no_insight_selector(self): def test_trails_with_no_insight_selector(self):
current_audit_info = set_mocked_aws_audit_info( current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -81,8 +80,7 @@ class Test_cloudtrail_insights_exist:
assert result[0].resource_arn == trail_us["TrailARN"] assert result[0].resource_arn == trail_us["TrailARN"]
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_trails_with_insight_selector(self): def test_trails_with_insight_selector(self):
current_audit_info = set_mocked_aws_audit_info( current_audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]

12
tests/providers/aws/services/cloudtrail/cloudtrail_kms_encryption_enabled/cloudtrail_kms_encryption_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_kms, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_kms_encryption_enabled: class Test_cloudtrail_kms_encryption_enabled:
@mock_cloudtrail @mock_aws
@mock_s3
def test_no_trails(self): def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -38,8 +37,7 @@ class Test_cloudtrail_kms_encryption_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_no_kms(self): def test_trail_no_kms(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -84,9 +82,7 @@ class Test_cloudtrail_kms_encryption_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
@mock_kms
def test_trail_kms(self): def test_trail_kms(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

11
tests/providers/aws/services/cloudtrail/cloudtrail_log_file_validation_enabled/cloudtrail_log_file_validation_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_log_file_validation_enabled: class Test_cloudtrail_log_file_validation_enabled:
@mock_cloudtrail @mock_aws
@mock_s3
def test_no_trails(self): def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -38,8 +37,7 @@ class Test_cloudtrail_log_file_validation_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_no_logging_validation(self): def test_no_logging_validation(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -80,8 +78,7 @@ class Test_cloudtrail_log_file_validation_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_various_trails_with_and_without_logging_validation(self): def test_various_trails_with_and_without_logging_validation(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

14
tests/providers/aws/services/cloudtrail/cloudtrail_logs_s3_bucket_access_logging_enabled/cloudtrail_logs_s3_bucket_access_logging_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_logs_s3_bucket_access_logging_enabled: class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
@mock_cloudtrail @mock_aws
@mock_s3
def test_no_trails(self): def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -44,8 +43,7 @@ class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_bucket_not_logging(self): def test_bucket_not_logging(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -96,8 +94,7 @@ class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_bucket_logging(self): def test_bucket_logging(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -168,8 +165,7 @@ class Test_cloudtrail_logs_s3_bucket_access_logging_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_bucket_cross_account(self): def test_bucket_cross_account(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

17
tests/providers/aws/services/cloudtrail/cloudtrail_logs_s3_bucket_is_not_publicly_accessible/cloudtrail_logs_s3_bucket_is_not_publicly_accessible_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -12,8 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible: class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
@mock_cloudtrail @mock_aws
@mock_s3
def test_not_trails(self): def test_not_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -44,8 +43,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_bucket_no_acl(self): def test_trail_bucket_no_acl(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -95,8 +93,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_bucket_public_acl(self): def test_trail_bucket_public_acl(self):
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
bucket_name_us = "bucket_test_us" bucket_name_us = "bucket_test_us"
@@ -164,8 +161,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_bucket_not_public_acl(self): def test_trail_bucket_not_public_acl(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -232,8 +228,7 @@ class Test_cloudtrail_logs_s3_bucket_is_not_publicly_accessible:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_bucket_cross_account(self): def test_trail_bucket_cross_account(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)

13
tests/providers/aws/services/cloudtrail/cloudtrail_multi_region_enabled/cloudtrail_multi_region_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_multi_region_enabled: class Test_cloudtrail_multi_region_enabled:
@mock_cloudtrail @mock_aws
def test_no_trails(self): def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -65,8 +65,7 @@ class Test_cloudtrail_multi_region_enabled:
) )
assert report.resource_tags == [] assert report.resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_various_trails_no_logging(self): def test_various_trails_no_logging(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -142,8 +141,7 @@ class Test_cloudtrail_multi_region_enabled:
) )
assert report.resource_tags == [] assert report.resource_tags == []
@mock_cloudtrail @mock_aws
@mock_s3
def test_various_trails_with_and_without_logging(self): def test_various_trails_with_and_without_logging(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -220,8 +218,7 @@ class Test_cloudtrail_multi_region_enabled:
assert report.resource_tags == [] assert report.resource_tags == []
assert report.region == AWS_REGION_EU_WEST_1 assert report.region == AWS_REGION_EU_WEST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_multiregion_logging_and_single_region_not_logging(self): def test_trail_multiregion_logging_and_single_region_not_logging(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

16
tests/providers/aws/services/cloudtrail/cloudtrail_multi_region_enabled_logging_management_events/cloudtrail_multi_region_enabled_logging_management_events_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_multi_region_enabled_logging_management_events: class Test_cloudtrail_multi_region_enabled_logging_management_events:
@mock_cloudtrail @mock_aws
def test_no_trails(self): def test_no_trails(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -45,8 +45,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== "No trail found with multi-region enabled and logging management events." == "No trail found with multi-region enabled and logging management events."
) )
@mock_cloudtrail @mock_aws
@mock_s3
def test_compliant_trail_advanced_event_selector(self): def test_compliant_trail_advanced_event_selector(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -102,8 +101,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== f"Trail {trail_name_us} from home region {AWS_REGION_US_EAST_1} is multi-region, is logging and have management events enabled." == f"Trail {trail_name_us} from home region {AWS_REGION_US_EAST_1} is multi-region, is logging and have management events enabled."
) )
@mock_cloudtrail @mock_aws
@mock_s3
def test_non_compliant_trail_advanced_event_selector(self): def test_non_compliant_trail_advanced_event_selector(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -159,8 +157,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== "No trail found with multi-region enabled and logging management events." == "No trail found with multi-region enabled and logging management events."
) )
@mock_cloudtrail @mock_aws
@mock_s3
def test_compliant_trail_classic_event_selector(self): def test_compliant_trail_classic_event_selector(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -215,8 +212,7 @@ class Test_cloudtrail_multi_region_enabled_logging_management_events:
== f"Trail {trail_name_us} from home region {AWS_REGION_US_EAST_1} is multi-region, is logging and have management events enabled." == f"Trail {trail_name_us} from home region {AWS_REGION_US_EAST_1} is multi-region, is logging and have management events enabled."
) )
@mock_cloudtrail @mock_aws
@mock_s3
def test_non_compliant_trail_classic_event_selector(self): def test_non_compliant_trail_classic_event_selector(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

23
tests/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_read_enabled/cloudtrail_s3_dataevents_read_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -11,8 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_s3_dataevents_read_enabled: class Test_cloudtrail_s3_dataevents_read_enabled:
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_data_events(self): def test_trail_without_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -61,8 +60,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_data_events_ignoring(self): def test_trail_without_data_events_ignoring(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -92,8 +90,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_data_events_ignoring_with_buckets(self): def test_trail_without_data_events_ignoring_with_buckets(self):
s3_client_us_east_1 = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client_us_east_1 = client("s3", region_name=AWS_REGION_US_EAST_1)
bucket_name_us = "bucket_test_us" bucket_name_us = "bucket_test_us"
@@ -136,8 +133,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_s3_data_events(self): def test_trail_without_s3_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -198,8 +194,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_with_s3_classic_data_events(self): def test_trail_with_s3_classic_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -260,8 +255,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_with_s3_advanced_data_events(self): def test_trail_with_s3_advanced_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -322,8 +316,7 @@ class Test_cloudtrail_s3_dataevents_read_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_with_s3_three_colons(self): def test_trail_with_s3_three_colons(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

23
tests/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_write_enabled/cloudtrail_s3_dataevents_write_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -11,8 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudtrail_s3_dataevents_write_enabled: class Test_cloudtrail_s3_dataevents_write_enabled:
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_data_events(self): def test_trail_without_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -61,8 +60,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_s3_data_events(self): def test_trail_without_s3_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -123,8 +121,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_s3_data_events_ignoring(self): def test_trail_without_s3_data_events_ignoring(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -154,8 +151,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_without_s3_data_events_ignoring_with_buckets(self): def test_trail_without_s3_data_events_ignoring_with_buckets(self):
s3_client_us_east_1 = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client_us_east_1 = client("s3", region_name=AWS_REGION_US_EAST_1)
bucket_name_us = "bucket_test_us" bucket_name_us = "bucket_test_us"
@@ -197,8 +193,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_with_s3_data_events(self): def test_trail_with_s3_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -259,8 +254,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_with_s3_advanced_data_events(self): def test_trail_with_s3_advanced_data_events(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -320,8 +314,7 @@ class Test_cloudtrail_s3_dataevents_write_enabled:
assert result[0].resource_tags == [] assert result[0].resource_tags == []
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_cloudtrail @mock_aws
@mock_s3
def test_trail_with_s3_three_colons(self): def test_trail_with_s3_three_colons(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

22
tests/providers/aws/services/cloudtrail/cloudtrail_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_s3 from moto import mock_aws
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail from prowler.providers.aws.services.cloudtrail.cloudtrail_service import Cloudtrail
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Cloudtrail_Service: class Test_Cloudtrail_Service:
# Test Cloudtrail Service # Test Cloudtrail Service
@mock_cloudtrail @mock_aws
def test_service(self): def test_service(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -21,7 +21,7 @@ class Test_Cloudtrail_Service:
assert cloudtrail.service == "cloudtrail" assert cloudtrail.service == "cloudtrail"
# Test Cloudtrail client # Test Cloudtrail client
@mock_cloudtrail @mock_aws
def test_client(self): def test_client(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -31,7 +31,7 @@ class Test_Cloudtrail_Service:
assert regional_client.__class__.__name__ == "CloudTrail" assert regional_client.__class__.__name__ == "CloudTrail"
# Test Cloudtrail session # Test Cloudtrail session
@mock_cloudtrail @mock_aws
def test__get_session__(self): def test__get_session__(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -40,7 +40,7 @@ class Test_Cloudtrail_Service:
assert cloudtrail.session.__class__.__name__ == "Session" assert cloudtrail.session.__class__.__name__ == "Session"
# Test Cloudtrail Session # Test Cloudtrail Session
@mock_cloudtrail @mock_aws
def test_audited_account(self): def test_audited_account(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
[AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1] [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
@@ -48,8 +48,7 @@ class Test_Cloudtrail_Service:
cloudtrail = Cloudtrail(audit_info) cloudtrail = Cloudtrail(audit_info)
assert cloudtrail.audited_account == AWS_ACCOUNT_NUMBER assert cloudtrail.audited_account == AWS_ACCOUNT_NUMBER
@mock_cloudtrail @mock_aws
@mock_s3
def test_describe_trails(self): def test_describe_trails(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -112,8 +111,7 @@ class Test_Cloudtrail_Service:
{"Key": "test", "Value": "test"}, {"Key": "test", "Value": "test"},
] ]
@mock_cloudtrail @mock_aws
@mock_s3
def test_status_trails(self): def test_status_trails(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -158,8 +156,7 @@ class Test_Cloudtrail_Service:
assert not trail.latest_cloudwatch_delivery_time assert not trail.latest_cloudwatch_delivery_time
assert trail.s3_bucket == bucket_name_us assert trail.s3_bucket == bucket_name_us
@mock_cloudtrail @mock_aws
@mock_s3
def test_get_classic_event_selectors(self): def test_get_classic_event_selectors(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1
@@ -207,8 +204,7 @@ class Test_Cloudtrail_Service:
) )
assert not trail.data_events[0].is_advanced assert not trail.data_events[0].is_advanced
@mock_cloudtrail @mock_aws
@mock_s3
def test_get_advanced_event_selectors(self): def test_get_advanced_event_selectors(self):
cloudtrail_client_us_east_1 = client( cloudtrail_client_us_east_1 = client(
"cloudtrail", region_name=AWS_REGION_US_EAST_1 "cloudtrail", region_name=AWS_REGION_US_EAST_1

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_acls_alarm_configured/cloudwatch_changes_to_network_acls_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_network_acls_alarm_configured: class Test_cloudwatch_changes_to_network_acls_alarm_configured:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_network_acls_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_gateways_alarm_configured/cloudwatch_changes_to_network_gateways_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_network_gateways_alarm_configured: class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_network_gateways_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_network_route_tables_alarm_configured/cloudwatch_changes_to_network_route_tables_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_network_route_tables_alarm_configured: class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_network_route_tables_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_changes_to_vpcs_alarm_configured/cloudwatch_changes_to_vpcs_alarm_configured_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_changes_to_vpcs_alarm_configured: class Test_cloudwatch_changes_to_vpcs_alarm_configured:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_changes_to_vpcs_alarm_configured:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/cloudwatch/cloudwatch_cross_account_sharing_disabled/cloudwatch_cross_account_sharing_disabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_iam from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_cross_account_sharing_disabled: class Test_cloudwatch_cross_account_sharing_disabled:
@mock_iam @mock_aws
def test_cloudwatch_without_cross_account_role(self): def test_cloudwatch_without_cross_account_role(self):
from prowler.providers.aws.services.iam.iam_service import IAM from prowler.providers.aws.services.iam.iam_service import IAM
@@ -53,7 +53,7 @@ class Test_cloudwatch_cross_account_sharing_disabled:
) )
assert result[0].resource_id == AWS_ACCOUNT_NUMBER assert result[0].resource_id == AWS_ACCOUNT_NUMBER
@mock_iam @mock_aws
def test_cloudwatch_log_group_with_cross_account_role(self): def test_cloudwatch_log_group_with_cross_account_role(self):
# Generate Logs Client # Generate Logs Client
iam_client = client("iam", region_name=AWS_REGION_US_EAST_1) iam_client = client("iam", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/cloudwatch/cloudwatch_log_group_kms_encryption_enabled/cloudwatch_log_group_kms_encryption_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_logs from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -45,7 +45,7 @@ class Test_cloudwatch_log_group_kms_encryption_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_logs @mock_aws
def test_cloudwatch_log_group_without_kms_key(self): def test_cloudwatch_log_group_without_kms_key(self):
# Generate Logs Client # Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -93,7 +93,7 @@ class Test_cloudwatch_log_group_kms_encryption_enabled:
) )
assert result[0].resource_id == "test" assert result[0].resource_id == "test"
@mock_logs @mock_aws
def test_cloudwatch_log_group_with_kms_key(self): def test_cloudwatch_log_group_with_kms_key(self):
# Generate Logs Client # Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

6
tests/providers/aws/services/cloudwatch/cloudwatch_log_group_no_secrets_in_logs/cloudwatch_log_group_no_secrets_in_logs_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_logs from moto import mock_aws
from moto.core.utils import unix_time_millis from moto.core.utils import unix_time_millis
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -47,7 +47,7 @@ class Test_cloudwatch_log_group_no_secrets_in_logs:
assert len(result) == 0 assert len(result) == 0
@mock_logs @mock_aws
def test_cloudwatch_log_group_without_secrets(self): def test_cloudwatch_log_group_without_secrets(self):
# Generate Logs Client # Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -100,7 +100,7 @@ class Test_cloudwatch_log_group_no_secrets_in_logs:
assert result[0].status_extended == "No secrets found in test log group." assert result[0].status_extended == "No secrets found in test log group."
assert result[0].resource_id == "test" assert result[0].resource_id == "test"
@mock_logs @mock_aws
def test_cloudwatch_log_group_with_secrets(self): def test_cloudwatch_log_group_with_secrets(self):
# Generate Logs Client # Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/cloudwatch/cloudwatch_log_group_retention_policy_specific_days_enabled/cloudwatch_log_group_retention_policy_specific_days_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_logs from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -47,7 +47,7 @@ class Test_cloudwatch_log_group_retention_policy_specific_days_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_logs @mock_aws
def test_cloudwatch_log_group_without_retention_days_never_expires(self): def test_cloudwatch_log_group_without_retention_days_never_expires(self):
# Generate Logs Client # Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -100,7 +100,7 @@ class Test_cloudwatch_log_group_retention_policy_specific_days_enabled:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
def test_cloudwatch_log_group_with_compliant_retention_days(self): def test_cloudwatch_log_group_with_compliant_retention_days(self):
# Generate Logs Client # Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -154,7 +154,7 @@ class Test_cloudwatch_log_group_retention_policy_specific_days_enabled:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
def test_cloudwatch_log_group_with_no_compliant_retention_days(self): def test_cloudwatch_log_group_with_no_compliant_retention_days(self):
# Generate Logs Client # Generate Logs Client
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled: class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_changes_enabled:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -72,10 +70,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -137,10 +132,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -208,10 +200,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -294,10 +283,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -392,10 +378,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -490,10 +473,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_aws_config_configuration_c
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled/cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled: class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_changes_enabled:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -72,10 +70,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -137,10 +132,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -208,10 +200,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -294,10 +283,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -392,10 +378,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -490,10 +473,7 @@ class Test_cloudwatch_log_metric_filter_and_alarm_for_cloudtrail_configuration_c
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_authentication_failures/cloudwatch_log_metric_filter_authentication_failures_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_authentication_failures: class Test_cloudwatch_log_metric_filter_authentication_failures:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_authentication_failures:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_aws_organizations_changes/cloudwatch_log_metric_filter_aws_organizations_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_aws_organizations_changes: class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_aws_organizations_changes:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk/cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk: class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -72,10 +70,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -137,10 +132,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -208,10 +200,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -294,10 +283,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -392,10 +378,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -490,10 +473,7 @@ class Test_cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes/cloudwatch_log_metric_filter_for_s3_bucket_policy_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes: class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_for_s3_bucket_policy_changes:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_policy_changes/cloudwatch_log_metric_filter_policy_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_unauthorized_api_calls: class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_root_usage/cloudwatch_log_metric_filter_root_usage_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_root_usage: class Test_cloudwatch_log_metric_filter_root_usage:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_root_usage:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_security_group_changes/cloudwatch_log_metric_filter_security_group_changes_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_unauthorized_api_calls: class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_sign_in_without_mfa/cloudwatch_log_metric_filter_sign_in_without_mfa_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_sign_in_without_mfa: class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_sign_in_without_mfa:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

36
tests/providers/aws/services/cloudwatch/cloudwatch_log_metric_filter_unauthorized_api_calls/cloudwatch_log_metric_filter_unauthorized_api_calls_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_cloudtrail, mock_cloudwatch, mock_logs, mock_s3 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -13,9 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_cloudwatch_log_metric_filter_unauthorized_api_calls: class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
def test_cloudwatch_no_log_groups(self): def test_cloudwatch_no_log_groups(self):
from prowler.providers.aws.services.cloudtrail.cloudtrail_service import ( from prowler.providers.aws.services.cloudtrail.cloudtrail_service import (
Cloudtrail, Cloudtrail,
@@ -70,10 +68,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_no_log_group(self): def test_cloudwatch_trail_no_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
s3_client = client("s3", region_name=AWS_REGION_US_EAST_1) s3_client = client("s3", region_name=AWS_REGION_US_EAST_1)
@@ -133,10 +128,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group(self): def test_cloudwatch_trail_with_log_group(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -202,10 +194,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].region == AWS_REGION_EU_WEST_1 assert result[0].region == AWS_REGION_EU_WEST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric(self): def test_cloudwatch_trail_with_log_group_with_metric(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -286,10 +275,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -382,10 +368,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_quotes(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -478,10 +461,7 @@ class Test_cloudwatch_log_metric_filter_unauthorized_api_calls:
) )
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_logs @mock_aws
@mock_cloudtrail
@mock_cloudwatch
@mock_s3
def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self): def test_cloudwatch_trail_with_log_group_with_metric_and_alarm_with_newlines(self):
cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1) cloudtrail_client = client("cloudtrail", region_name=AWS_REGION_US_EAST_1)
cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cloudwatch_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)

26
tests/providers/aws/services/cloudwatch/cloudwatch_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client from boto3 import client
from moto import mock_cloudwatch, mock_logs from moto import mock_aws
from prowler.providers.aws.services.cloudwatch.cloudwatch_service import ( from prowler.providers.aws.services.cloudwatch.cloudwatch_service import (
CloudWatch, CloudWatch,
@@ -14,7 +14,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_CloudWatch_Service: class Test_CloudWatch_Service:
# Test CloudWatch Service # Test CloudWatch Service
@mock_cloudwatch @mock_aws
def test_service(self): def test_service(self):
# CloudWatch client for this test class # CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -24,7 +24,7 @@ class Test_CloudWatch_Service:
assert cloudwatch.service == "cloudwatch" assert cloudwatch.service == "cloudwatch"
# Test CloudWatch Client # Test CloudWatch Client
@mock_cloudwatch @mock_aws
def test_client(self): def test_client(self):
# CloudWatch client for this test class # CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -35,7 +35,7 @@ class Test_CloudWatch_Service:
assert client_.__class__.__name__ == "CloudWatch" assert client_.__class__.__name__ == "CloudWatch"
# Test CloudWatch Session # Test CloudWatch Session
@mock_cloudwatch @mock_aws
def test__get_session__(self): def test__get_session__(self):
# CloudWatch client for this test class # CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -45,7 +45,7 @@ class Test_CloudWatch_Service:
assert cloudwatch.session.__class__.__name__ == "Session" assert cloudwatch.session.__class__.__name__ == "Session"
# Test CloudWatch Session # Test CloudWatch Session
@mock_cloudwatch @mock_aws
def test_audited_account(self): def test_audited_account(self):
# CloudWatch client for this test class # CloudWatch client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -55,7 +55,7 @@ class Test_CloudWatch_Service:
assert cloudwatch.audited_account == AWS_ACCOUNT_NUMBER assert cloudwatch.audited_account == AWS_ACCOUNT_NUMBER
# Test Logs Service # Test Logs Service
@mock_logs @mock_aws
def test_logs_service(self): def test_logs_service(self):
# Logs client for this test class # Logs client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -65,7 +65,7 @@ class Test_CloudWatch_Service:
assert logs.service == "logs" assert logs.service == "logs"
# Test Logs Client # Test Logs Client
@mock_logs @mock_aws
def test_logs_client(self): def test_logs_client(self):
# Logs client for this test class # Logs client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -76,7 +76,7 @@ class Test_CloudWatch_Service:
assert client_.__class__.__name__ == "CloudWatchLogs" assert client_.__class__.__name__ == "CloudWatchLogs"
# Test Logs Session # Test Logs Session
@mock_logs @mock_aws
def test__logs_get_session__(self): def test__logs_get_session__(self):
# Logs client for this test class # Logs client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -86,7 +86,7 @@ class Test_CloudWatch_Service:
assert logs.session.__class__.__name__ == "Session" assert logs.session.__class__.__name__ == "Session"
# Test Logs Session # Test Logs Session
@mock_logs @mock_aws
def test_logs_audited_account(self): def test_logs_audited_account(self):
# Logs client for this test class # Logs client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -96,7 +96,7 @@ class Test_CloudWatch_Service:
assert logs.audited_account == AWS_ACCOUNT_NUMBER assert logs.audited_account == AWS_ACCOUNT_NUMBER
# Test CloudWatch Alarms # Test CloudWatch Alarms
@mock_cloudwatch @mock_aws
def test__describe_alarms__(self): def test__describe_alarms__(self):
# CloudWatch client for this test class # CloudWatch client for this test class
cw_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1) cw_client = client("cloudwatch", region_name=AWS_REGION_US_EAST_1)
@@ -135,7 +135,7 @@ class Test_CloudWatch_Service:
] ]
# Test Logs Filters # Test Logs Filters
@mock_logs @mock_aws
def test__describe_metric_filters__(self): def test__describe_metric_filters__(self):
# Logs client for this test class # Logs client for this test class
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -163,7 +163,7 @@ class Test_CloudWatch_Service:
assert logs.metric_filters[0].region == AWS_REGION_US_EAST_1 assert logs.metric_filters[0].region == AWS_REGION_US_EAST_1
# Test Logs Filters # Test Logs Filters
@mock_logs @mock_aws
def test__describe_log_groups__(self): def test__describe_log_groups__(self):
# Logs client for this test class # Logs client for this test class
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)
@@ -193,7 +193,7 @@ class Test_CloudWatch_Service:
{"tag_key_1": "tag_value_1", "tag_key_2": "tag_value_2"} {"tag_key_1": "tag_value_1", "tag_key_2": "tag_value_2"}
] ]
@mock_logs @mock_aws
def test__describe_log_groups__never_expire(self): def test__describe_log_groups__never_expire(self):
# Logs client for this test class # Logs client for this test class
logs_client = client("logs", region_name=AWS_REGION_US_EAST_1) logs_client = client("logs", region_name=AWS_REGION_US_EAST_1)

16
tests/providers/aws/services/cognito/cognito_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client from boto3 import client
from moto import mock_cognitoidp from moto import mock_aws
from prowler.providers.aws.services.cognito.cognito_service import CognitoIDP from prowler.providers.aws.services.cognito.cognito_service import CognitoIDP
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Cognito_Service: class Test_Cognito_Service:
# Test Cognito Service # Test Cognito Service
@mock_cognitoidp @mock_aws
def test_service(self): def test_service(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -21,7 +21,7 @@ class Test_Cognito_Service:
assert cognito.service == "cognito-idp" assert cognito.service == "cognito-idp"
# Test Cognito client # Test Cognito client
@mock_cognitoidp @mock_aws
def test_client(self): def test_client(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -31,7 +31,7 @@ class Test_Cognito_Service:
assert regional_client.__class__.__name__ == "CognitoIdentityProvider" assert regional_client.__class__.__name__ == "CognitoIdentityProvider"
# Test Cognito session # Test Cognito session
@mock_cognitoidp @mock_aws
def test__get_session__(self): def test__get_session__(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -40,7 +40,7 @@ class Test_Cognito_Service:
assert cognito.session.__class__.__name__ == "Session" assert cognito.session.__class__.__name__ == "Session"
# Test Cognito Session # Test Cognito Session
@mock_cognitoidp @mock_aws
def test_audited_account(self): def test_audited_account(self):
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] audited_regions=[AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
@@ -48,7 +48,7 @@ class Test_Cognito_Service:
cognito = CognitoIDP(audit_info) cognito = CognitoIDP(audit_info)
assert cognito.audited_account == AWS_ACCOUNT_NUMBER assert cognito.audited_account == AWS_ACCOUNT_NUMBER
@mock_cognitoidp @mock_aws
def test_list_user_pools(self): def test_list_user_pools(self):
user_pool_name_1 = "user_pool_test_1" user_pool_name_1 = "user_pool_test_1"
user_pool_name_2 = "user_pool_test_2" user_pool_name_2 = "user_pool_test_2"
@@ -67,7 +67,7 @@ class Test_Cognito_Service:
) )
assert user_pool.region == "eu-west-1" or user_pool.region == "us-east-1" assert user_pool.region == "eu-west-1" or user_pool.region == "us-east-1"
@mock_cognitoidp @mock_aws
def test_describe_user_pools(self): def test_describe_user_pools(self):
user_pool_name_1 = "user_pool_test_1" user_pool_name_1 = "user_pool_test_1"
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -88,7 +88,7 @@ class Test_Cognito_Service:
assert user_pool.advanced_security_mode is not None assert user_pool.advanced_security_mode is not None
assert user_pool.tags is not None assert user_pool.tags is not None
@mock_cognitoidp @mock_aws
def test_get_user_pool_mfa_config(self): def test_get_user_pool_mfa_config(self):
user_pool_name_1 = "user_pool_test_1" user_pool_name_1 = "user_pool_test_1"
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(

10
tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_config from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_ARN, AWS_ACCOUNT_ARN,
@@ -14,7 +14,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_config_recorder_all_regions_enabled: class Test_config_recorder_all_regions_enabled:
@mock_config @mock_aws
def test_config_no_recorders(self): def test_config_no_recorders(self):
from prowler.providers.aws.services.config.config_service import Config from prowler.providers.aws.services.config.config_service import Config
@@ -48,7 +48,7 @@ class Test_config_recorder_all_regions_enabled:
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
assert result[0].resource_id == AWS_ACCOUNT_NUMBER assert result[0].resource_id == AWS_ACCOUNT_NUMBER
@mock_config @mock_aws
def test_config_one_recoder_disabled(self): def test_config_one_recoder_disabled(self):
# Create Config Mocked Resources # Create Config Mocked Resources
config_client = client("config", region_name=AWS_REGION_US_EAST_1) config_client = client("config", region_name=AWS_REGION_US_EAST_1)
@@ -87,7 +87,7 @@ class Test_config_recorder_all_regions_enabled:
assert recorder.resource_arn == AWS_ACCOUNT_ARN assert recorder.resource_arn == AWS_ACCOUNT_ARN
assert recorder.region == AWS_REGION_US_EAST_1 assert recorder.region == AWS_REGION_US_EAST_1
@mock_config @mock_aws
def test_config_one_recoder_enabled(self): def test_config_one_recoder_enabled(self):
# Create Config Mocked Resources # Create Config Mocked Resources
config_client = client("config", region_name=AWS_REGION_US_EAST_1) config_client = client("config", region_name=AWS_REGION_US_EAST_1)
@@ -131,7 +131,7 @@ class Test_config_recorder_all_regions_enabled:
assert recorder.resource_arn == AWS_ACCOUNT_ARN assert recorder.resource_arn == AWS_ACCOUNT_ARN
assert recorder.region == AWS_REGION_US_EAST_1 assert recorder.region == AWS_REGION_US_EAST_1
@mock_config @mock_aws
def test_config_one_recorder_disabled_allowlisted(self): def test_config_one_recorder_disabled_allowlisted(self):
# Create Config Mocked Resources # Create Config Mocked Resources
config_client = client("config", region_name=AWS_REGION_US_EAST_1) config_client = client("config", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/config/config_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client from boto3 import client
from moto import mock_config from moto import mock_aws
from prowler.providers.aws.services.config.config_service import Config from prowler.providers.aws.services.config.config_service import Config
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_Config_Service: class Test_Config_Service:
# Test Config Service # Test Config Service
@mock_config @mock_aws
def test_service(self): def test_service(self):
# Config client for this test class # Config client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -22,7 +22,7 @@ class Test_Config_Service:
assert config.service == "config" assert config.service == "config"
# Test Config Client # Test Config Client
@mock_config @mock_aws
def test_client(self): def test_client(self):
# Config client for this test class # Config client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -33,7 +33,7 @@ class Test_Config_Service:
assert regional_client.__class__.__name__ == "ConfigService" assert regional_client.__class__.__name__ == "ConfigService"
# Test Config Session # Test Config Session
@mock_config @mock_aws
def test__get_session__(self): def test__get_session__(self):
# Config client for this test class # Config client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -43,7 +43,7 @@ class Test_Config_Service:
assert config.session.__class__.__name__ == "Session" assert config.session.__class__.__name__ == "Session"
# Test Config Session # Test Config Session
@mock_config @mock_aws
def test_audited_account(self): def test_audited_account(self):
# Config client for this test class # Config client for this test class
audit_info = set_mocked_aws_audit_info( audit_info = set_mocked_aws_audit_info(
@@ -53,7 +53,7 @@ class Test_Config_Service:
assert config.audited_account == AWS_ACCOUNT_NUMBER assert config.audited_account == AWS_ACCOUNT_NUMBER
# Test Config Get Rest APIs # Test Config Get Rest APIs
@mock_config @mock_aws
def test__describe_configuration_recorder_status__(self): def test__describe_configuration_recorder_status__(self):
# Generate Config Client # Generate Config Client
config_client = client("config", region_name=AWS_REGION_US_EAST_1) config_client = client("config", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/directoryservice/directoryservice_service_test.py
View File

@@ -2,7 +2,7 @@ from datetime import datetime
from unittest.mock import patch from unittest.mock import patch
import botocore import botocore
from moto import mock_ds from moto import mock_aws
from prowler.providers.aws.services.directoryservice.directoryservice_service import ( from prowler.providers.aws.services.directoryservice.directoryservice_service import (
AuthenticationProtocol, AuthenticationProtocol,
@@ -119,7 +119,7 @@ def mock_generate_regional_clients(service, audit_info):
) )
class Test_DirectoryService_Service: class Test_DirectoryService_Service:
# Test DirectoryService Client # Test DirectoryService Client
@mock_ds @mock_aws
def test__get_client__(self): def test__get_client__(self):
directoryservice = DirectoryService( directoryservice = DirectoryService(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1])
@@ -130,7 +130,7 @@ class Test_DirectoryService_Service:
) )
# Test DirectoryService Session # Test DirectoryService Session
@mock_ds @mock_aws
def test__get_session__(self): def test__get_session__(self):
directoryservice = DirectoryService( directoryservice = DirectoryService(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1])
@@ -138,14 +138,14 @@ class Test_DirectoryService_Service:
assert directoryservice.session.__class__.__name__ == "Session" assert directoryservice.session.__class__.__name__ == "Session"
# Test DirectoryService Service # Test DirectoryService Service
@mock_ds @mock_aws
def test__get_service__(self): def test__get_service__(self):
directoryservice = DirectoryService( directoryservice = DirectoryService(
set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1])
) )
assert directoryservice.service == "ds" assert directoryservice.service == "ds"
@mock_ds @mock_aws
def test__describe_directories__(self): def test__describe_directories__(self):
# Set partition for the service # Set partition for the service
directoryservice = DirectoryService( directoryservice = DirectoryService(

10
tests/providers/aws/services/dlm/dlm_ebs_snapshot_lifecycle_policy_exists/dlm_ebs_snapshot_lifecycle_policy_exists_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.dlm.dlm_service import LifecyclePolicy from prowler.providers.aws.services.dlm.dlm_service import LifecyclePolicy
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -15,7 +15,7 @@ LIFECYCLE_POLICY_ID = "policy-XXXXXXXXXXXX"
class Test_dlm_ebs_snapshot_lifecycle_policy_exists: class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
@mock_ec2 @mock_aws
def test_no_ebs_snapshot_no_lifecycle_policies(self): def test_no_ebs_snapshot_no_lifecycle_policies(self):
# DLM Mock Client # DLM Mock Client
dlm_client = mock.MagicMock dlm_client = mock.MagicMock
@@ -48,7 +48,7 @@ class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
result = check.execute() result = check.execute()
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_one_ebs_snapshot_and_dlm_lifecycle_policy(self): def test_one_ebs_snapshot_and_dlm_lifecycle_policy(self):
# Generate EC2 Client # Generate EC2 Client
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -113,7 +113,7 @@ class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
assert result[0].resource_id == AWS_ACCOUNT_NUMBER assert result[0].resource_id == AWS_ACCOUNT_NUMBER
assert result[0].resource_arn == AWS_ACCOUNT_ARN assert result[0].resource_arn == AWS_ACCOUNT_ARN
@mock_ec2 @mock_aws
def test_one_ebs_snapshot_and_no_dlm_lifecycle_policy(self): def test_one_ebs_snapshot_and_no_dlm_lifecycle_policy(self):
# Generate EC2 Client # Generate EC2 Client
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -166,7 +166,7 @@ class Test_dlm_ebs_snapshot_lifecycle_policy_exists:
result = check.execute() result = check.execute()
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_no_ebs_snapshot_and_dlm_lifecycle_policy(self): def test_no_ebs_snapshot_and_dlm_lifecycle_policy(self):
# DLM Mock Client # DLM Mock Client
dlm_client = mock.MagicMock dlm_client = mock.MagicMock

8
tests/providers/aws/services/dynamodb/dynamodb_accelerator_cluster_encryption_enabled/dynamodb_accelerator_cluster_encryption_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_dax from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_dynamodb_accelerator_cluster_encryption_enabled: class Test_dynamodb_accelerator_cluster_encryption_enabled:
@mock_dax @mock_aws
def test_dax_no_clusters(self): def test_dax_no_clusters(self):
from prowler.providers.aws.services.dynamodb.dynamodb_service import DAX from prowler.providers.aws.services.dynamodb.dynamodb_service import DAX
@@ -38,7 +38,7 @@ class Test_dynamodb_accelerator_cluster_encryption_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_dax @mock_aws
def test_dax_cluster_no_encryption(self): def test_dax_cluster_no_encryption(self):
dax_client = client("dax", region_name=AWS_REGION_US_EAST_1) dax_client = client("dax", region_name=AWS_REGION_US_EAST_1)
iam_role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/aws-service-role/dax.amazonaws.com/AWSServiceRoleForDAX" iam_role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/aws-service-role/dax.amazonaws.com/AWSServiceRoleForDAX"
@@ -80,7 +80,7 @@ class Test_dynamodb_accelerator_cluster_encryption_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_dax @mock_aws
def test_dax_cluster_with_encryption(self): def test_dax_cluster_with_encryption(self):
dax_client = client("dax", region_name=AWS_REGION_US_EAST_1) dax_client = client("dax", region_name=AWS_REGION_US_EAST_1)
iam_role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/aws-service-role/dax.amazonaws.com/AWSServiceRoleForDAX" iam_role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/aws-service-role/dax.amazonaws.com/AWSServiceRoleForDAX"

18
tests/providers/aws/services/dynamodb/dynamodb_service_test.py
View File

@@ -1,5 +1,5 @@
from boto3 import client from boto3 import client
from moto import mock_dax, mock_dynamodb from moto import mock_aws
from prowler.providers.aws.services.dynamodb.dynamodb_service import DAX, DynamoDB from prowler.providers.aws.services.dynamodb.dynamodb_service import DAX, DynamoDB
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_DynamoDB_Service: class Test_DynamoDB_Service:
# Test Dynamo Service # Test Dynamo Service
@mock_dynamodb @mock_aws
def test_service(self): def test_service(self):
# Dynamo client for this test class # Dynamo client for this test class
audit_info = set_mocked_aws_audit_info() audit_info = set_mocked_aws_audit_info()
@@ -19,7 +19,7 @@ class Test_DynamoDB_Service:
assert dynamodb.service == "dynamodb" assert dynamodb.service == "dynamodb"
# Test Dynamo Client # Test Dynamo Client
@mock_dynamodb @mock_aws
def test_client(self): def test_client(self):
# Dynamo client for this test class # Dynamo client for this test class
audit_info = set_mocked_aws_audit_info() audit_info = set_mocked_aws_audit_info()
@@ -28,7 +28,7 @@ class Test_DynamoDB_Service:
assert regional_client.__class__.__name__ == "DynamoDB" assert regional_client.__class__.__name__ == "DynamoDB"
# Test Dynamo Session # Test Dynamo Session
@mock_dynamodb @mock_aws
def test__get_session__(self): def test__get_session__(self):
# Dynamo client for this test class # Dynamo client for this test class
audit_info = set_mocked_aws_audit_info() audit_info = set_mocked_aws_audit_info()
@@ -36,7 +36,7 @@ class Test_DynamoDB_Service:
assert dynamodb.session.__class__.__name__ == "Session" assert dynamodb.session.__class__.__name__ == "Session"
# Test Dynamo Session # Test Dynamo Session
@mock_dynamodb @mock_aws
def test_audited_account(self): def test_audited_account(self):
# Dynamo client for this test class # Dynamo client for this test class
audit_info = set_mocked_aws_audit_info() audit_info = set_mocked_aws_audit_info()
@@ -44,7 +44,7 @@ class Test_DynamoDB_Service:
assert dynamodb.audited_account == AWS_ACCOUNT_NUMBER assert dynamodb.audited_account == AWS_ACCOUNT_NUMBER
# Test DynamoDB List Tables # Test DynamoDB List Tables
@mock_dynamodb @mock_aws
def test__list_tables__(self): def test__list_tables__(self):
# Generate DynamoDB Client # Generate DynamoDB Client
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1) dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
@@ -83,7 +83,7 @@ class Test_DynamoDB_Service:
assert dynamo.tables[1].region == AWS_REGION_US_EAST_1 assert dynamo.tables[1].region == AWS_REGION_US_EAST_1
# Test DynamoDB Describe Table # Test DynamoDB Describe Table
@mock_dynamodb @mock_aws
def test__describe_table__(self): def test__describe_table__(self):
# Generate DynamoDB Client # Generate DynamoDB Client
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1) dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
@@ -115,7 +115,7 @@ class Test_DynamoDB_Service:
] ]
# Test DynamoDB Describe Continuous Backups # Test DynamoDB Describe Continuous Backups
@mock_dynamodb @mock_aws
def test__describe_continuous_backups__(self): def test__describe_continuous_backups__(self):
# Generate DynamoDB Client # Generate DynamoDB Client
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1) dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
@@ -146,7 +146,7 @@ class Test_DynamoDB_Service:
assert dynamo.tables[0].region == AWS_REGION_US_EAST_1 assert dynamo.tables[0].region == AWS_REGION_US_EAST_1
# Test DAX Describe Clusters # Test DAX Describe Clusters
@mock_dax @mock_aws
def test__describe_clusters__(self): def test__describe_clusters__(self):
# Generate DAX Client # Generate DAX Client
dax_client = client("dax", region_name=AWS_REGION_US_EAST_1) dax_client = client("dax", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/dynamodb/dynamodb_tables_kms_cmk_encryption_enabled/dynamodb_tables_kms_cmk_encryption_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_dynamodb from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_dynamodb_tables_kms_cmk_encryption_enabled: class Test_dynamodb_tables_kms_cmk_encryption_enabled:
@mock_dynamodb @mock_aws
def test_dynamodb_no_tables(self): def test_dynamodb_no_tables(self):
from prowler.providers.aws.services.dynamodb.dynamodb_service import DynamoDB from prowler.providers.aws.services.dynamodb.dynamodb_service import DynamoDB
@@ -37,7 +37,7 @@ class Test_dynamodb_tables_kms_cmk_encryption_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_dynamodb @mock_aws
def test_dynamodb_table_kms_encryption(self): def test_dynamodb_table_kms_encryption(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1) dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table( table = dynamodb_client.create_table(
@@ -82,7 +82,7 @@ class Test_dynamodb_tables_kms_cmk_encryption_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_dynamodb @mock_aws
def test_dynamodb_table_default_encryption(self): def test_dynamodb_table_default_encryption(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1) dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table( table = dynamodb_client.create_table(

8
tests/providers/aws/services/dynamodb/dynamodb_tables_pitr_enabled/dynamodb_tables_pitr_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_dynamodb from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_dynamodb_tables_pitr_enabled: class Test_dynamodb_tables_pitr_enabled:
@mock_dynamodb @mock_aws
def test_dynamodb_no_tables(self): def test_dynamodb_no_tables(self):
from prowler.providers.aws.services.dynamodb.dynamodb_service import DynamoDB from prowler.providers.aws.services.dynamodb.dynamodb_service import DynamoDB
@@ -37,7 +37,7 @@ class Test_dynamodb_tables_pitr_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_dynamodb @mock_aws
def test_dynamodb_table_no_pitr(self): def test_dynamodb_table_no_pitr(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1) dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table( table = dynamodb_client.create_table(
@@ -84,7 +84,7 @@ class Test_dynamodb_tables_pitr_enabled:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_dynamodb @mock_aws
def test_dynamodb_table_with_pitr(self): def test_dynamodb_table_with_pitr(self):
dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1) dynamodb_client = client("dynamodb", region_name=AWS_REGION_US_EAST_1)
table = dynamodb_client.create_table( table = dynamodb_client.create_table(

8
tests/providers/aws/services/ec2/ec2_ami_public/ec2_ami_public_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -13,7 +13,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_ami_public: class Test_ec2_ami_public:
@mock_ec2 @mock_aws
def test_no_amis(self): def test_no_amis(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -38,7 +38,7 @@ class Test_ec2_ami_public:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_one_private_ami(self): def test_one_private_ami(self):
ec2 = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -81,7 +81,7 @@ class Test_ec2_ami_public:
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
assert result[0].resource_tags == [] assert result[0].resource_tags == []
@mock_ec2 @mock_aws
def test_one_public_ami(self): def test_one_public_ami(self):
ec2 = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = client("ec2", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/ec2/ec2_ebs_default_encryption/ec2_ebs_default_encryption_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_ebs_default_encryption: class Test_ec2_ebs_default_encryption:
@mock_ec2 @mock_aws
def test_ec2_ebs_encryption_enabled(self): def test_ec2_ebs_encryption_enabled(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -54,7 +54,7 @@ class Test_ec2_ebs_default_encryption:
result.resource_arn == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" result.resource_arn == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root"
) )
@mock_ec2 @mock_aws
def test_ec2_ebs_encryption_disabled(self): def test_ec2_ebs_encryption_disabled(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -86,7 +86,7 @@ class Test_ec2_ebs_default_encryption:
assert result[0].resource_id == AWS_ACCOUNT_NUMBER assert result[0].resource_id == AWS_ACCOUNT_NUMBER
assert result[0].resource_arn == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" assert result[0].resource_arn == f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root"
@mock_ec2 @mock_aws
def test_ec2_ebs_encryption_disabled_ignored(self): def test_ec2_ebs_encryption_disabled_ignored(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -113,7 +113,7 @@ class Test_ec2_ebs_default_encryption:
# One result per region # One result per region
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_ebs_encryption_disabled_ignoring_with_volumes(self): def test_ec2_ebs_encryption_disabled_ignoring_with_volumes(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_ebs_public_snapshot/ec2_ebs_public_snapshot_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from mock import patch from mock import patch
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -24,7 +24,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients, new=mock_generate_regional_clients,
) )
class Test_ec2_ebs_public_snapshot: class Test_ec2_ebs_public_snapshot:
@mock_ec2 @mock_aws
def test_ec2_default_snapshots(self): def test_ec2_default_snapshots(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -50,7 +50,7 @@ class Test_ec2_ebs_public_snapshot:
# Default snapshots # Default snapshots
assert len(result) == 561 assert len(result) == 561
@mock_ec2 @mock_aws
def test_ec2_public_snapshot(self): def test_ec2_public_snapshot(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -102,7 +102,7 @@ class Test_ec2_ebs_public_snapshot:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:snapshot/{snapshot.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:snapshot/{snapshot.id}"
) )
@mock_ec2 @mock_aws
def test_ec2_private_snapshot(self): def test_ec2_private_snapshot(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_ebs_snapshots_encrypted/ec2_ebs_snapshots_encrypted_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import resource from boto3 import resource
from mock import patch from mock import patch
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -24,7 +24,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients, new=mock_generate_regional_clients,
) )
class Test_ec2_ebs_snapshots_encrypted: class Test_ec2_ebs_snapshots_encrypted:
@mock_ec2 @mock_aws
def test_ec2_default_snapshots(self): def test_ec2_default_snapshots(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -50,7 +50,7 @@ class Test_ec2_ebs_snapshots_encrypted:
# Default snapshots # Default snapshots
assert len(result) == 561 assert len(result) == 561
@mock_ec2 @mock_aws
def test_ec2_unencrypted_snapshot(self): def test_ec2_unencrypted_snapshot(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -95,7 +95,7 @@ class Test_ec2_ebs_snapshots_encrypted:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:snapshot/{snapshot.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:snapshot/{snapshot.id}"
) )
@mock_ec2 @mock_aws
def test_ec2_encrypted_snapshot(self): def test_ec2_encrypted_snapshot(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_ebs_volume_encryption/ec2_ebs_volume_encryption_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import resource from boto3 import resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_ebs_volume_encryption: class Test_ec2_ebs_volume_encryption:
@mock_ec2 @mock_aws
def test_ec2_no_volumes(self): def test_ec2_no_volumes(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -36,7 +36,7 @@ class Test_ec2_ebs_volume_encryption:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_unencrypted_volume(self): def test_ec2_unencrypted_volume(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -77,7 +77,7 @@ class Test_ec2_ebs_volume_encryption:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:volume/{volume.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:volume/{volume.id}"
) )
@mock_ec2 @mock_aws
def test_ec2_encrypted_volume(self): def test_ec2_encrypted_volume(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/ec2/ec2_ebs_volume_snapshots_exists/ec2_ebs_volume_snapshots_exists_test.py
View File

@@ -2,7 +2,7 @@ from unittest import mock
from boto3 import resource from boto3 import resource
from mock import patch from mock import patch
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -26,7 +26,7 @@ def mock_generate_regional_clients(service, audit_info):
new=mock_generate_regional_clients, new=mock_generate_regional_clients,
) )
class Test_ec2_ebs_volume_snapshots_exists: class Test_ec2_ebs_volume_snapshots_exists:
@mock_ec2 @mock_aws
def test_no_volumes(self): def test_no_volumes(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -51,7 +51,7 @@ class Test_ec2_ebs_volume_snapshots_exists:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_volume_without_snapshots(self): def test_ec2_volume_without_snapshots(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
volume = ec2.create_volume(Size=80, AvailabilityZone=AWS_REGION_US_EAST_1_AZA) volume = ec2.create_volume(Size=80, AvailabilityZone=AWS_REGION_US_EAST_1_AZA)
@@ -88,7 +88,7 @@ class Test_ec2_ebs_volume_snapshots_exists:
assert result[0].resource_tags is None assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2 @mock_aws
def test_ec2_volume_with_snapshot(self): def test_ec2_volume_with_snapshot(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -128,7 +128,7 @@ class Test_ec2_ebs_volume_snapshots_exists:
assert result[0].resource_tags is None assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2 @mock_aws
def test_ec2_volume_with_and_without_snapshot(self): def test_ec2_volume_with_and_without_snapshot(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

10
tests/providers/aws/services/ec2/ec2_elastic_ip_shodan/ec2_elastic_ip_shodan_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER, AWS_ACCOUNT_NUMBER,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_elastic_ip_shodan: class Test_ec2_elastic_ip_shodan:
@mock_ec2 @mock_aws
def test_ec2_one_instances_no_public_ip(self): def test_ec2_one_instances_no_public_ip(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1) ec2_client = client("ec2", AWS_REGION_US_EAST_1)
@@ -45,7 +45,7 @@ class Test_ec2_elastic_ip_shodan:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_one_unattached_eip(self): def test_ec2_one_unattached_eip(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1) ec2_client = client("ec2", AWS_REGION_US_EAST_1)
@@ -76,7 +76,7 @@ class Test_ec2_elastic_ip_shodan:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_one_attached_eip_no_shodan_api_key(self): def test_ec2_one_attached_eip_no_shodan_api_key(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1) ec2_client = client("ec2", AWS_REGION_US_EAST_1)
@@ -114,7 +114,7 @@ class Test_ec2_elastic_ip_shodan:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_one_attached_eip_shodan_api_key(self): def test_ec2_one_attached_eip_shodan_api_key(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", AWS_REGION_US_EAST_1) ec2_client = client("ec2", AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_elastic_ip_unassigned/ec2_elastic_ip_unassigned_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_elastic_ip_unassigned: class Test_ec2_elastic_ip_unassigned:
@mock_ec2 @mock_aws
def test_no_eips(self): def test_no_eips(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,7 +39,7 @@ class Test_ec2_elastic_ip_unassigned:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_eip_unassociated(self): def test_eip_unassociated(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -81,7 +81,7 @@ class Test_ec2_elastic_ip_unassigned:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:eip-allocation/{allocation_id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:eip-allocation/{allocation_id}"
) )
@mock_ec2 @mock_aws
def test_eip_associated(self): def test_eip_associated(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

8
tests/providers/aws/services/ec2/ec2_instance_detailed_monitoring_enabled/ec2_instance_detailed_monitoring_enabled_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import resource from boto3 import resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -13,7 +13,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_detailed_monitoring_enabled: class Test_ec2_instance_detailed_monitoring_enabled:
@mock_ec2 @mock_aws
def test_ec2_no_instances(self): def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -38,7 +38,7 @@ class Test_ec2_instance_detailed_monitoring_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_instance_with_enhanced_monitoring_disabled(self): def test_instance_with_enhanced_monitoring_disabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(
@@ -83,7 +83,7 @@ class Test_ec2_instance_detailed_monitoring_enabled:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
) )
@mock_ec2 @mock_aws
def test_instance_with_enhanced_monitoring_enabled(self): def test_instance_with_enhanced_monitoring_enabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(

10
tests/providers/aws/services/ec2/ec2_instance_imdsv2_enabled/ec2_instance_imdsv2_enabled_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import resource from boto3 import resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_imdsv2_enabled: class Test_ec2_instance_imdsv2_enabled:
@mock_ec2 @mock_aws
def test_ec2_no_instances(self): def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,7 +39,7 @@ class Test_ec2_instance_imdsv2_enabled:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_one_compliant_ec2(self): def test_one_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(
@@ -90,7 +90,7 @@ class Test_ec2_instance_imdsv2_enabled:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
) )
@mock_ec2 @mock_aws
def test_one_uncompliant_ec2_metadata_server_disabled(self): def test_one_uncompliant_ec2_metadata_server_disabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(
@@ -141,7 +141,7 @@ class Test_ec2_instance_imdsv2_enabled:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
) )
@mock_ec2 @mock_aws
def test_one_uncompliant_ec2_metadata_server_enabled(self): def test_one_uncompliant_ec2_metadata_server_enabled(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(

10
tests/providers/aws/services/ec2/ec2_instance_internet_facing_with_instance_profile/ec2_instance_internet_facing_with_instance_profile_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2, mock_iam from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_internet_facing_with_instance_profile: class Test_ec2_instance_internet_facing_with_instance_profile:
@mock_ec2 @mock_aws
def test_ec2_no_instances(self): def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,8 +39,7 @@ class Test_ec2_instance_internet_facing_with_instance_profile:
assert len(result) == 0 assert len(result) == 0
@mock_iam @mock_aws
@mock_ec2
def test_one_compliant_ec2(self): def test_one_compliant_ec2(self):
iam = client("iam", "us-west-1") iam = client("iam", "us-west-1")
profile_name = "fake_profile" profile_name = "fake_profile"
@@ -97,8 +96,7 @@ class Test_ec2_instance_internet_facing_with_instance_profile:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
) )
@mock_iam @mock_aws
@mock_ec2
def test_one_non_compliant_ec2(self): def test_one_non_compliant_ec2(self):
iam = client("iam", "us-west-1") iam = client("iam", "us-west-1")
profile_name = "fake_profile" profile_name = "fake_profile"

8
tests/providers/aws/services/ec2/ec2_instance_managed_by_ssm/ec2_instance_managed_by_ssm_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import resource from boto3 import resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.ssm.ssm_service import ManagedInstance from prowler.providers.aws.services.ssm.ssm_service import ManagedInstance
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -15,7 +15,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_managed_by_ssm_test: class Test_ec2_instance_managed_by_ssm_test:
@mock_ec2 @mock_aws
def test_ec2_no_instances(self): def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -49,7 +49,7 @@ class Test_ec2_instance_managed_by_ssm_test:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_instance_managed_by_ssm_non_compliance_instance(self): def test_ec2_instance_managed_by_ssm_non_compliance_instance(self):
ssm_client = mock.MagicMock ssm_client = mock.MagicMock
ssm_client.managed_instances = {} ssm_client.managed_instances = {}
@@ -102,7 +102,7 @@ class Test_ec2_instance_managed_by_ssm_test:
) )
assert result[0].resource_id == instance.id assert result[0].resource_id == instance.id
@mock_ec2 @mock_aws
def test_ec2_instance_managed_by_ssm_compliance_instance(self): def test_ec2_instance_managed_by_ssm_compliance_instance(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(

8
tests/providers/aws/services/ec2/ec2_instance_older_than_specific_days/ec2_instance_older_than_specific_days_test.py
View File

@@ -4,7 +4,7 @@ from unittest import mock
from boto3 import resource from boto3 import resource
from dateutil.tz import tzutc from dateutil.tz import tzutc
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -16,7 +16,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_older_than_specific_days: class Test_ec2_instance_older_than_specific_days:
@mock_ec2 @mock_aws
def test_ec2_no_instances(self): def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -42,7 +42,7 @@ class Test_ec2_instance_older_than_specific_days:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_one_compliant_ec2(self): def test_one_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(
@@ -86,7 +86,7 @@ class Test_ec2_instance_older_than_specific_days:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
) )
@mock_ec2 @mock_aws
def test_one_old_ec2(self): def test_one_old_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(

9
tests/providers/aws/services/ec2/ec2_instance_profile_attached/ec2_instance_profile_attached_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2, mock_iam from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_profile_attached: class Test_ec2_instance_profile_attached:
@mock_ec2 @mock_aws
def test_ec2_no_instances(self): def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,8 +39,7 @@ class Test_ec2_instance_profile_attached:
assert len(result) == 0 assert len(result) == 0
@mock_iam @mock_aws
@mock_ec2
def test_one_compliant_ec2(self): def test_one_compliant_ec2(self):
iam = client("iam", "us-west-1") iam = client("iam", "us-west-1")
profile_name = "fake_profile" profile_name = "fake_profile"
@@ -98,7 +97,7 @@ class Test_ec2_instance_profile_attached:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
) )
@mock_ec2 @mock_aws
def test_one_non_compliant_ec2(self): def test_one_non_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16") vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16")

8
tests/providers/aws/services/ec2/ec2_instance_public_ip/ec2_instance_public_ip_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import resource from boto3 import resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -14,7 +14,7 @@ EXAMPLE_AMI_ID = "ami-12c6146b"
class Test_ec2_instance_public_ip: class Test_ec2_instance_public_ip:
@mock_ec2 @mock_aws
def test_ec2_no_instances(self): def test_ec2_no_instances(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -39,7 +39,7 @@ class Test_ec2_instance_public_ip:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_one_compliant_ec2(self): def test_one_compliant_ec2(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16") vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16")
@@ -91,7 +91,7 @@ class Test_ec2_instance_public_ip:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:instance/{instance.id}"
) )
@mock_ec2 @mock_aws
def test_one_ec2_with_public_ip(self): def test_one_ec2_with_public_ip(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16") vpc = ec2.create_vpc(CidrBlock="10.0.0.0/16")

14
tests/providers/aws/services/ec2/ec2_instance_secrets_user_data/ec2_instance_secrets_user_data_test.py
View File

@@ -3,7 +3,7 @@ from pathlib import Path
from unittest import mock from unittest import mock
from boto3 import resource from boto3 import resource
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -18,7 +18,7 @@ FIXTURES_DIR_NAME = "fixtures"
class Test_ec2_instance_secrets_user_data: class Test_ec2_instance_secrets_user_data:
@mock_ec2 @mock_aws
def test_no_ec2(self): def test_no_ec2(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -43,7 +43,7 @@ class Test_ec2_instance_secrets_user_data:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_one_ec2_with_no_secrets(self): def test_one_ec2_with_no_secrets(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(
@@ -87,7 +87,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2 @mock_aws
def test_one_ec2_with_secrets(self): def test_one_ec2_with_secrets(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(
@@ -131,7 +131,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2 @mock_aws
def test_one_ec2_file_with_secrets(self): def test_one_ec2_file_with_secrets(self):
# Include launch_configurations to check # Include launch_configurations to check
f = open( f = open(
@@ -178,7 +178,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2 @mock_aws
def test_one_launch_configurations_without_user_data(self): def test_one_launch_configurations_without_user_data(self):
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
instance = ec2.create_instances( instance = ec2.create_instances(
@@ -219,7 +219,7 @@ class Test_ec2_instance_secrets_user_data:
assert result[0].resource_tags is None assert result[0].resource_tags is None
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2 @mock_aws
def test_one_ec2_file_with_secrets_gzip(self): def test_one_ec2_file_with_secrets_gzip(self):
# Include launch_configurations to check # Include launch_configurations to check
f = open( f = open(

14
tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_any_port/ec2_networkacl_allow_ingress_any_port_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_networkacl_allow_ingress_any_port: class Test_ec2_networkacl_allow_ingress_any_port:
@mock_ec2 @mock_aws
def test_ec2_default_nacls(self): def test_ec2_default_nacls(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -37,7 +37,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
# One default nacl per region # One default nacl per region
assert len(result) == 2 assert len(result) == 2
@mock_ec2 @mock_aws
def test_ec2_non_default_compliant_nacl(self): def test_ec2_non_default_compliant_nacl(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -72,7 +72,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
== f"Network ACL {result[0].resource_id} has every port open to the Internet." == f"Network ACL {result[0].resource_id} has every port open to the Internet."
) )
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl(self): def test_ec2_non_compliant_nacl(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -127,7 +127,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
) )
@mock_ec2 @mock_aws
def test_ec2_compliant_nacl(self): def test_ec2_compliant_nacl(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -182,7 +182,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
) )
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl_ignoring(self): def test_ec2_non_compliant_nacl_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -223,7 +223,7 @@ class Test_ec2_networkacl_allow_ingress_any_port:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl_ignoring_with_sgs(self): def test_ec2_non_compliant_nacl_ignoring_with_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_22/ec2_networkacl_allow_ingress_tcp_port_22_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_networkacl_allow_ingress_tcp_port_22: class Test_ec2_networkacl_allow_ingress_tcp_port_22:
@mock_ec2 @mock_aws
def test_ec2_default_nacls(self): def test_ec2_default_nacls(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -37,7 +37,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
# One default nacl per region # One default nacl per region
assert len(result) == 2 assert len(result) == 2
@mock_ec2 @mock_aws
def test_ec2_non_default_compliant_nacl(self): def test_ec2_non_default_compliant_nacl(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -72,7 +72,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
== f"Network ACL {result[0].resource_id} has SSH port 22 open to the Internet." == f"Network ACL {result[0].resource_id} has SSH port 22 open to the Internet."
) )
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl(self): def test_ec2_non_compliant_nacl(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -128,7 +128,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
) )
@mock_ec2 @mock_aws
def test_ec2_compliant_nacl(self): def test_ec2_compliant_nacl(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -184,7 +184,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
) )
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl_ignoring(self): def test_ec2_non_compliant_nacl_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -225,7 +225,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_22:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl_ignoring_with_sgs(self): def test_ec2_non_compliant_nacl_ignoring_with_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_networkacl_allow_ingress_tcp_port_3389/ec2_networkacl_allow_ingress_tcp_port_3389_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client from boto3 import client
from moto import mock_ec2 from moto import mock_aws
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
AWS_REGION_EU_WEST_1, AWS_REGION_EU_WEST_1,
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_networkacl_allow_ingress_tcp_port_3389: class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
@mock_ec2 @mock_aws
def test_ec2_default_nacls(self): def test_ec2_default_nacls(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -37,7 +37,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
# One default nacl per region # One default nacl per region
assert len(result) == 2 assert len(result) == 2
@mock_ec2 @mock_aws
def test_ec2_non_default_compliant_nacl(self): def test_ec2_non_default_compliant_nacl(self):
from prowler.providers.aws.services.ec2.ec2_service import EC2 from prowler.providers.aws.services.ec2.ec2_service import EC2
@@ -72,7 +72,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
== f"Network ACL {result[0].resource_id} has Microsoft RDP port 3389 open to the Internet." == f"Network ACL {result[0].resource_id} has Microsoft RDP port 3389 open to the Internet."
) )
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl(self): def test_ec2_non_compliant_nacl(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -128,7 +128,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
) )
@mock_ec2 @mock_aws
def test_ec2_compliant_nacl(self): def test_ec2_compliant_nacl(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -184,7 +184,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
== f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}" == f"arn:{current_audit_info.audited_partition}:ec2:{AWS_REGION_US_EAST_1}:{current_audit_info.audited_account}:network-acl/{nacl_id}"
) )
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl_ignoring(self): def test_ec2_non_compliant_nacl_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -225,7 +225,7 @@ class Test_ec2_networkacl_allow_ingress_tcp_port_3389:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_non_compliant_nacl_ignoring_with_sgs(self): def test_ec2_non_compliant_nacl_ignoring_with_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -52,7 +52,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -182,7 +182,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg_only_open_to_one_port(self): def test_ec2_compliant_default_sg_only_open_to_one_port(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -252,7 +252,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -288,7 +288,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018: class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py
View File

@@ -2,7 +2,7 @@ from re import search
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -50,7 +50,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -118,7 +118,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -182,7 +182,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -215,7 +215,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -49,7 +49,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -82,7 +82,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -124,7 +124,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert result[0].status == "PASS" assert result[0].status == "PASS"
assert result[0].region == AWS_REGION_US_EAST_1 assert result[0].region == AWS_REGION_US_EAST_1
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -188,7 +188,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306:
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

12
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -218,7 +218,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

14
tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py
View File

@@ -1,7 +1,7 @@
from unittest import mock from unittest import mock
from boto3 import client, resource from boto3 import client, resource
from moto import mock_ec2 from moto import mock_aws
from prowler.providers.aws.services.vpc.vpc_service import VPC from prowler.providers.aws.services.vpc.vpc_service import VPC
from tests.providers.aws.audit_info_utils import ( from tests.providers.aws.audit_info_utils import (
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432: class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432:
@mock_ec2 @mock_aws
def test_ec2_default_sgs(self): def test_ec2_default_sgs(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -51,7 +51,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert result[1].status == "PASS" assert result[1].status == "PASS"
assert result[2].status == "PASS" assert result[2].status == "PASS"
@mock_ec2 @mock_aws
def test_ec2_non_compliant_default_sg(self): def test_ec2_non_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -117,7 +117,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg(self): def test_ec2_compliant_default_sg(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -183,7 +183,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_compliant_default_sg_ipv4_and_ipv6(self): def test_ec2_compliant_default_sg_ipv4_and_ipv6(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -254,7 +254,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert sg.resource_details == default_sg_name assert sg.resource_details == default_sg_name
assert sg.resource_tags == [] assert sg.resource_tags == []
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring(self): def test_ec2_default_sgs_ignoring(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1)
@@ -289,7 +289,7 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54
assert len(result) == 0 assert len(result) == 0
@mock_ec2 @mock_aws
def test_ec2_default_sgs_ignoring_vpc_in_use(self): def test_ec2_default_sgs_ignoring_vpc_in_use(self):
# Create EC2 Mocked Resources # Create EC2 Mocked Resources
ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1) ec2 = resource("ec2", region_name=AWS_REGION_US_EAST_1)

Some files were not shown because too many files have changed in this diff Show More