diff --git a/tests/providers/aws/audit_info_utils.py b/tests/providers/aws/audit_info_utils.py index ec149d88..50c47e25 100644 --- a/tests/providers/aws/audit_info_utils.py +++ b/tests/providers/aws/audit_info_utils.py @@ -6,6 +6,7 @@ from prowler.providers.common.models import Audit_Metadata AWS_REGION_US_EAST_1 = "us-east-1" AWS_REGION_EU_WEST_1 = "eu-west-1" AWS_REGION_EU_WEST_2 = "eu-west-2" +AWS_REGION_EU_SOUTH_2 = "eu-south-2" AWS_PARTITION = "aws" AWS_ACCOUNT_NUMBER = "123456789012" AWS_ACCOUNT_ARN = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" @@ -18,6 +19,8 @@ def set_mocked_aws_audit_info( audited_account: str = AWS_ACCOUNT_NUMBER, audited_account_arn: str = AWS_ACCOUNT_ARN, expected_checks: [str] = [], + profile_region: str = None, + audit_config: dict = {}, ): audit_info = AWS_Audit_Info( session_config=None, @@ -32,7 +35,7 @@ def set_mocked_aws_audit_info( audited_partition=AWS_PARTITION, audited_identity_arn=None, profile=None, - profile_region=None, + profile_region=profile_region, credentials=None, assumed_role_info=None, audited_regions=audited_regions, @@ -45,5 +48,6 @@ def set_mocked_aws_audit_info( completed_checks=0, audit_progress=0, ), + audit_config=audit_config, ) return audit_info diff --git a/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py b/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py index 653f4244..80bc0069 100644 --- a/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py +++ b/tests/providers/aws/services/config/config_recorder_all_regions_enabled/config_recorder_all_regions_enabled_test.py @@ -1,54 +1,26 @@ from unittest import mock -from boto3 import client, session +from boto3 import client from moto import mock_config -from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info -from prowler.providers.common.models import Audit_Metadata - -AWS_REGION = "us-east-1" -AWS_ACCOUNT_NUMBER = "123456789012" -AWS_ACCOUNT_ARN = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" +from tests.providers.aws.audit_info_utils import ( + AWS_ACCOUNT_ARN, + AWS_ACCOUNT_NUMBER, + AWS_REGION_EU_SOUTH_2, + AWS_REGION_EU_WEST_1, + AWS_REGION_US_EAST_1, + set_mocked_aws_audit_info, +) class Test_config_recorder_all_regions_enabled: - def set_mocked_audit_info(self): - audit_info = AWS_Audit_Info( - session_config=None, - original_session=None, - audit_session=session.Session( - profile_name=None, - botocore_session=None, - ), - audited_account=AWS_ACCOUNT_NUMBER, - audited_account_arn=AWS_ACCOUNT_ARN, - audited_user_id=None, - audited_partition="aws", - audited_identity_arn=None, - profile=None, - profile_region=None, - credentials=None, - assumed_role_info=None, - audited_regions=["us-east-1", "eu-west-1"], - organizations_metadata=None, - audit_resources=None, - mfa_enabled=False, - audit_metadata=Audit_Metadata( - services_scanned=0, - expected_checks=[], - completed_checks=0, - audit_progress=0, - ), - audit_config={}, - ) - - return audit_info - @mock_config def test_config_no_recorders(self): from prowler.providers.aws.services.config.config_service import Config - current_audit_info = self.set_mocked_audit_info() + current_audit_info = set_mocked_aws_audit_info( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ) with mock.patch( "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", @@ -79,15 +51,14 @@ class Test_config_recorder_all_regions_enabled: @mock_config def test_config_one_recoder_disabled(self): # Create Config Mocked Resources - config_client = client("config", region_name=AWS_REGION) + config_client = client("config", region_name=AWS_REGION_US_EAST_1) # Create Config Recorder config_client.put_configuration_recorder( ConfigurationRecorder={"name": "default", "roleARN": "somearn"} ) from prowler.providers.aws.services.config.config_service import Config - current_audit_info = self.set_mocked_audit_info() - current_audit_info.audited_regions = [AWS_REGION] + current_audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) with mock.patch( "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", @@ -114,12 +85,12 @@ class Test_config_recorder_all_regions_enabled: ) assert recorder.resource_id == "default" assert recorder.resource_arn == AWS_ACCOUNT_ARN - assert recorder.region == AWS_REGION + assert recorder.region == AWS_REGION_US_EAST_1 @mock_config def test_config_one_recoder_enabled(self): # Create Config Mocked Resources - config_client = client("config", region_name=AWS_REGION) + config_client = client("config", region_name=AWS_REGION_US_EAST_1) # Create Config Recorder and start it config_client.put_configuration_recorder( ConfigurationRecorder={"name": "default", "roleARN": "somearn"} @@ -131,8 +102,7 @@ class Test_config_recorder_all_regions_enabled: config_client.start_configuration_recorder(ConfigurationRecorderName="default") from prowler.providers.aws.services.config.config_service import Config - current_audit_info = self.set_mocked_audit_info() - current_audit_info.audited_regions = [AWS_REGION] + current_audit_info = set_mocked_aws_audit_info([AWS_REGION_US_EAST_1]) with mock.patch( "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", @@ -159,22 +129,23 @@ class Test_config_recorder_all_regions_enabled: ) assert recorder.resource_id == "default" assert recorder.resource_arn == AWS_ACCOUNT_ARN - assert recorder.region == AWS_REGION + assert recorder.region == AWS_REGION_US_EAST_1 @mock_config def test_config_one_recorder_disabled_allowlisted(self): # Create Config Mocked Resources - config_client = client("config", region_name=AWS_REGION) + config_client = client("config", region_name=AWS_REGION_US_EAST_1) # Create Config Recorder config_client.put_configuration_recorder( ConfigurationRecorder={"name": AWS_ACCOUNT_NUMBER, "roleARN": "somearn"} ) from prowler.providers.aws.services.config.config_service import Config - current_audit_info = self.set_mocked_audit_info() - current_audit_info.profile_region = "eu-south-2" - current_audit_info.audited_regions = ["eu-south-2", AWS_REGION] - current_audit_info.audit_config = {"allowlist_non_default_regions": True} + current_audit_info = set_mocked_aws_audit_info( + audited_regions=[AWS_REGION_EU_SOUTH_2, AWS_REGION_US_EAST_1], + profile_region=AWS_REGION_EU_SOUTH_2, + audit_config={"allowlist_non_default_regions": True}, + ) with mock.patch( "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info", @@ -193,7 +164,7 @@ class Test_config_recorder_all_regions_enabled: assert len(result) == 2 # Search for the recorder just created for recorder in result: - if recorder.region == AWS_REGION: + if recorder.region == AWS_REGION_US_EAST_1: assert recorder.status == "WARNING" assert ( recorder.status_extended @@ -201,7 +172,7 @@ class Test_config_recorder_all_regions_enabled: ) assert recorder.resource_id == AWS_ACCOUNT_NUMBER assert recorder.resource_arn == AWS_ACCOUNT_ARN - assert recorder.region == AWS_REGION + assert recorder.region == AWS_REGION_US_EAST_1 else: assert recorder.status == "FAIL" assert ( diff --git a/tests/providers/aws/services/config/config_service_test.py b/tests/providers/aws/services/config/config_service_test.py index b9aae1e4..bd62a9c5 100644 --- a/tests/providers/aws/services/config/config_service_test.py +++ b/tests/providers/aws/services/config/config_service_test.py @@ -1,51 +1,23 @@ -from boto3 import client, session +from boto3 import client from moto import mock_config -from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info from prowler.providers.aws.services.config.config_service import Config -from prowler.providers.common.models import Audit_Metadata - -AWS_ACCOUNT_NUMBER = "123456789012" -AWS_REGION = "us-east-1" +from tests.providers.aws.audit_info_utils import ( + AWS_ACCOUNT_NUMBER, + AWS_REGION_EU_WEST_1, + AWS_REGION_US_EAST_1, + set_mocked_aws_audit_info, +) class Test_Config_Service: - # Mocked Audit Info - def set_mocked_audit_info(self): - audit_info = AWS_Audit_Info( - session_config=None, - original_session=None, - audit_session=session.Session( - profile_name=None, - botocore_session=None, - ), - audited_account=AWS_ACCOUNT_NUMBER, - audited_account_arn=f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root", - audited_user_id=None, - audited_partition="aws", - audited_identity_arn=None, - profile=None, - profile_region=None, - credentials=None, - assumed_role_info=None, - audited_regions=["eu-west-1", "us-east-1"], - organizations_metadata=None, - audit_resources=None, - mfa_enabled=False, - audit_metadata=Audit_Metadata( - services_scanned=0, - expected_checks=[], - completed_checks=0, - audit_progress=0, - ), - ) - return audit_info - # Test Config Service @mock_config def test_service(self): # Config client for this test class - audit_info = self.set_mocked_audit_info() + audit_info = set_mocked_aws_audit_info( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ) config = Config(audit_info) assert config.service == "config" @@ -53,7 +25,9 @@ class Test_Config_Service: @mock_config def test_client(self): # Config client for this test class - audit_info = self.set_mocked_audit_info() + audit_info = set_mocked_aws_audit_info( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ) config = Config(audit_info) for regional_client in config.regional_clients.values(): assert regional_client.__class__.__name__ == "ConfigService" @@ -62,7 +36,9 @@ class Test_Config_Service: @mock_config def test__get_session__(self): # Config client for this test class - audit_info = self.set_mocked_audit_info() + audit_info = set_mocked_aws_audit_info( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ) config = Config(audit_info) assert config.session.__class__.__name__ == "Session" @@ -70,7 +46,9 @@ class Test_Config_Service: @mock_config def test_audited_account(self): # Config client for this test class - audit_info = self.set_mocked_audit_info() + audit_info = set_mocked_aws_audit_info( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ) config = Config(audit_info) assert config.audited_account == AWS_ACCOUNT_NUMBER @@ -78,7 +56,7 @@ class Test_Config_Service: @mock_config def test__describe_configuration_recorder_status__(self): # Generate Config Client - config_client = client("config", region_name=AWS_REGION) + config_client = client("config", region_name=AWS_REGION_US_EAST_1) # Create Config Recorder and start it config_client.put_configuration_recorder( ConfigurationRecorder={"name": "default", "roleARN": "somearn"} @@ -89,7 +67,9 @@ class Test_Config_Service: ) config_client.start_configuration_recorder(ConfigurationRecorderName="default") # Config client for this test class - audit_info = self.set_mocked_audit_info() + audit_info = set_mocked_aws_audit_info( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ) config = Config(audit_info) # One recorder per region assert len(config.recorders) == 2