mirror of
https://github.com/ghndrx/prowler.git
synced 2026-02-10 06:45:08 +00:00
fix(generate_regional_clients): Global is not needed anymore (#3162)
This commit is contained in:
Pepe Fagoaga
@@ -152,17 +152,18 @@ def input_role_mfa_token_and_code() -> tuple[str]:
|
||||
|
||||
|
||||
def generate_regional_clients(
|
||||
service: str, audit_info: AWS_Audit_Info, global_service: bool = False
|
||||
service: str,
|
||||
audit_info: AWS_Audit_Info,
|
||||
) -> dict:
|
||||
"""generate_regional_clients returns a dict with the following format for the given service:
|
||||
|
||||
Example:
|
||||
{"eu-west-1": boto3_service_client}
|
||||
"""
|
||||
try:
|
||||
regional_clients = {}
|
||||
service_regions = get_available_aws_service_regions(service, audit_info)
|
||||
# Check if it is global service to gather only one region
|
||||
if global_service:
|
||||
if service_regions:
|
||||
if audit_info.profile_region in service_regions:
|
||||
service_regions = [audit_info.profile_region]
|
||||
service_regions = service_regions[:1]
|
||||
|
||||
for region in service_regions:
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=region, config=audit_info.session_config
|
||||
|
||||
@@ -34,9 +34,7 @@ class AWSService:
|
||||
|
||||
# Generate Regional Clients
|
||||
if not global_service:
|
||||
self.regional_clients = generate_regional_clients(
|
||||
self.service, audit_info, global_service
|
||||
)
|
||||
self.regional_clients = generate_regional_clients(self.service, audit_info)
|
||||
|
||||
# Get a single region and client if the service needs it (e.g. AWS Global Service)
|
||||
# We cannot include this within an else because some services needs both the regional_clients
|
||||
|
||||
@@ -4,7 +4,6 @@ from pydantic import BaseModel
|
||||
|
||||
from prowler.lib.logger import logger
|
||||
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
|
||||
from prowler.providers.aws.aws_provider import generate_regional_clients
|
||||
from prowler.providers.aws.lib.service.service import AWSService
|
||||
|
||||
|
||||
@@ -13,7 +12,6 @@ class EKS(AWSService):
|
||||
def __init__(self, audit_info):
|
||||
# Call AWSService's __init__
|
||||
super().__init__(__class__.__name__, audit_info)
|
||||
self.regional_clients = generate_regional_clients(self.service, audit_info)
|
||||
self.clusters = []
|
||||
self.__threading_call__(self.__list_clusters__)
|
||||
self.__describe_cluster__(self.regional_clients)
|
||||
|
||||
@@ -5,8 +5,6 @@ from prowler.lib.logger import logger
|
||||
from prowler.lib.scan_filters.scan_filters import is_resource_filtered
|
||||
from prowler.providers.aws.lib.service.service import AWSService
|
||||
|
||||
# from prowler.providers.aws.aws_provider import generate_regional_clients
|
||||
|
||||
|
||||
################## FMS
|
||||
class FMS(AWSService):
|
||||
|
||||
@@ -1,8 +1,13 @@
|
||||
from boto3 import session
|
||||
|
||||
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
|
||||
from prowler.providers.aws.lib.audit_info.models import AWS_Assume_Role, AWS_Audit_Info
|
||||
from prowler.providers.common.models import Audit_Metadata
|
||||
|
||||
# Root AWS Account
|
||||
AWS_ACCOUNT_NUMBER = "123456789012"
|
||||
AWS_ACCOUNT_ARN = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root"
|
||||
|
||||
# Commercial Regions
|
||||
AWS_REGION_US_EAST_1 = "us-east-1"
|
||||
AWS_REGION_US_EAST_1_AZA = "us-east-1a"
|
||||
AWS_REGION_US_EAST_1_AZB = "us-east-1b"
|
||||
@@ -12,10 +17,22 @@ AWS_REGION_EU_WEST_1_AZB = "eu-west-1b"
|
||||
AWS_REGION_EU_WEST_2 = "eu-west-2"
|
||||
AWS_REGION_EU_SOUTH_2 = "eu-south-2"
|
||||
AWS_REGION_US_WEST_2 = "us-west-2"
|
||||
AWS_PARTITION = "aws"
|
||||
AWS_ACCOUNT_NUMBER = "123456789012"
|
||||
AWS_ACCOUNT_ARN = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root"
|
||||
AWS_REGION_US_EAST_2 = "us-east-2"
|
||||
|
||||
# China Regions
|
||||
AWS_REGION_CHINA_NORHT_1 = "cn-north-1"
|
||||
|
||||
# Gov Cloud Regions
|
||||
AWS_REGION_GOV_CLOUD_US_EAST_1 = "us-gov-east-1"
|
||||
|
||||
# Iso Regions
|
||||
AWS_REGION_ISO_GLOBAL = "aws-iso-global"
|
||||
|
||||
# AWS Partitions
|
||||
AWS_COMMERCIAL_PARTITION = "aws"
|
||||
AWS_GOV_CLOUD_PARTITION = "aws-us-gov"
|
||||
AWS_CHINA_PARTITION = "aws-cn"
|
||||
AWS_ISO_PARTITION = "aws-iso"
|
||||
|
||||
|
||||
# Mocked AWS Audit Info
|
||||
@@ -23,27 +40,31 @@ def set_mocked_aws_audit_info(
|
||||
audited_regions: [str] = [],
|
||||
audited_account: str = AWS_ACCOUNT_NUMBER,
|
||||
audited_account_arn: str = AWS_ACCOUNT_ARN,
|
||||
audited_partition: str = AWS_COMMERCIAL_PARTITION,
|
||||
expected_checks: [str] = [],
|
||||
profile_region: str = None,
|
||||
audit_config: dict = {},
|
||||
ignore_unused_services: bool = False,
|
||||
assumed_role_info: AWS_Assume_Role = None,
|
||||
audit_session: session.Session = session.Session(
|
||||
profile_name=None,
|
||||
botocore_session=None,
|
||||
),
|
||||
original_session: session.Session = None,
|
||||
):
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=session.Session(
|
||||
profile_name=None,
|
||||
botocore_session=None,
|
||||
),
|
||||
original_session=original_session,
|
||||
audit_session=audit_session,
|
||||
audited_account=audited_account,
|
||||
audited_account_arn=audited_account_arn,
|
||||
audited_user_id=None,
|
||||
audited_partition=AWS_PARTITION,
|
||||
audited_partition=audited_partition,
|
||||
audited_identity_arn=None,
|
||||
profile=None,
|
||||
profile_region=profile_region,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
assumed_role_info=assumed_role_info,
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=[],
|
||||
|
||||
@@ -12,21 +12,29 @@ from prowler.providers.aws.aws_provider import (
|
||||
get_default_region,
|
||||
get_global_region,
|
||||
)
|
||||
from prowler.providers.aws.lib.audit_info.models import AWS_Assume_Role, AWS_Audit_Info
|
||||
from prowler.providers.common.models import Audit_Metadata
|
||||
|
||||
ACCOUNT_ID = 123456789012
|
||||
AWS_REGION = "us-east-1"
|
||||
from prowler.providers.aws.lib.audit_info.models import AWS_Assume_Role
|
||||
from tests.providers.aws.audit_info_utils import (
|
||||
AWS_ACCOUNT_NUMBER,
|
||||
AWS_CHINA_PARTITION,
|
||||
AWS_GOV_CLOUD_PARTITION,
|
||||
AWS_ISO_PARTITION,
|
||||
AWS_REGION_CHINA_NORHT_1,
|
||||
AWS_REGION_EU_WEST_1,
|
||||
AWS_REGION_GOV_CLOUD_US_EAST_1,
|
||||
AWS_REGION_ISO_GLOBAL,
|
||||
AWS_REGION_US_EAST_1,
|
||||
AWS_REGION_US_EAST_2,
|
||||
set_mocked_aws_audit_info,
|
||||
)
|
||||
|
||||
|
||||
class Test_AWS_Provider:
|
||||
@mock_iam
|
||||
@mock_sts
|
||||
def test_aws_provider_user_without_mfa(self):
|
||||
audited_regions = ["eu-west-1"]
|
||||
# sessionName = "ProwlerAsessmentSession"
|
||||
# Boto 3 client to create our user
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION)
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1)
|
||||
# IAM user
|
||||
iam_user = iam_client.create_user(UserName="test-user")["User"]
|
||||
access_key = iam_client.create_access_key(UserName=iam_user["UserName"])[
|
||||
@@ -38,44 +46,27 @@ class Test_AWS_Provider:
|
||||
session = boto3.session.Session(
|
||||
aws_access_key_id=access_key_id,
|
||||
aws_secret_access_key=secret_access_key,
|
||||
region_name=AWS_REGION,
|
||||
region_name=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=session,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition=None,
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
assumed_role_info=AWS_Assume_Role(
|
||||
role_arn=None,
|
||||
session_duration=None,
|
||||
external_id=None,
|
||||
mfa_enabled=False,
|
||||
),
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
original_session=session,
|
||||
)
|
||||
|
||||
# Call assume_role
|
||||
with patch(
|
||||
"prowler.providers.aws.aws_provider.input_role_mfa_token_and_code",
|
||||
return_value=(f"arn:aws:iam::{ACCOUNT_ID}:mfa/test-role-mfa", "111111"),
|
||||
return_value=(
|
||||
f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:mfa/test-role-mfa",
|
||||
"111111",
|
||||
),
|
||||
):
|
||||
aws_provider = AWS_Provider(audit_info)
|
||||
assert aws_provider.aws_session.region_name is None
|
||||
@@ -89,9 +80,8 @@ class Test_AWS_Provider:
|
||||
@mock_iam
|
||||
@mock_sts
|
||||
def test_aws_provider_user_with_mfa(self):
|
||||
audited_regions = "eu-west-1"
|
||||
# Boto 3 client to create our user
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION)
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1)
|
||||
# IAM user
|
||||
iam_user = iam_client.create_user(UserName="test-user")["User"]
|
||||
access_key = iam_client.create_access_key(UserName=iam_user["UserName"])[
|
||||
@@ -103,38 +93,28 @@ class Test_AWS_Provider:
|
||||
session = boto3.session.Session(
|
||||
aws_access_key_id=access_key_id,
|
||||
aws_secret_access_key=secret_access_key,
|
||||
region_name=AWS_REGION,
|
||||
region_name=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=session,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition=None,
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=AWS_REGION,
|
||||
credentials=None,
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
assumed_role_info=AWS_Assume_Role(
|
||||
role_arn=None,
|
||||
session_duration=None,
|
||||
external_id=None,
|
||||
mfa_enabled=False,
|
||||
),
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=True,
|
||||
original_session=session,
|
||||
profile_region=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# # Call assume_role
|
||||
# Call assume_role
|
||||
with patch(
|
||||
"prowler.providers.aws.aws_provider.input_role_mfa_token_and_code",
|
||||
return_value=(f"arn:aws:iam::{ACCOUNT_ID}:mfa/test-role-mfa", "111111"),
|
||||
return_value=(
|
||||
f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:mfa/test-role-mfa",
|
||||
"111111",
|
||||
),
|
||||
):
|
||||
aws_provider = AWS_Provider(audit_info)
|
||||
assert aws_provider.aws_session.region_name is None
|
||||
@@ -150,12 +130,12 @@ class Test_AWS_Provider:
|
||||
def test_aws_provider_assume_role_with_mfa(self):
|
||||
# Variables
|
||||
role_name = "test-role"
|
||||
role_arn = f"arn:aws:iam::{ACCOUNT_ID}:role/{role_name}"
|
||||
role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/{role_name}"
|
||||
session_duration_seconds = 900
|
||||
audited_regions = ["eu-west-1"]
|
||||
sessionName = "ProwlerAsessmentSession"
|
||||
|
||||
# Boto 3 client to create our user
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION)
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1)
|
||||
# IAM user
|
||||
iam_user = iam_client.create_user(UserName="test-user")["User"]
|
||||
access_key = iam_client.create_access_key(UserName=iam_user["UserName"])[
|
||||
@@ -167,46 +147,29 @@ class Test_AWS_Provider:
|
||||
session = boto3.session.Session(
|
||||
aws_access_key_id=access_key_id,
|
||||
aws_secret_access_key=secret_access_key,
|
||||
region_name=AWS_REGION,
|
||||
region_name=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=session,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition=None,
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
assumed_role_info=AWS_Assume_Role(
|
||||
role_arn=role_arn,
|
||||
session_duration=session_duration_seconds,
|
||||
external_id=None,
|
||||
mfa_enabled=True,
|
||||
),
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
original_session=session,
|
||||
profile_region=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Call assume_role
|
||||
aws_provider = AWS_Provider(audit_info)
|
||||
# Patch MFA
|
||||
with patch(
|
||||
"prowler.providers.aws.aws_provider.input_role_mfa_token_and_code",
|
||||
return_value=(f"arn:aws:iam::{ACCOUNT_ID}:mfa/test-role-mfa", "111111"),
|
||||
return_value=(
|
||||
f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:mfa/test-role-mfa",
|
||||
"111111",
|
||||
),
|
||||
):
|
||||
assume_role_response = assume_role(
|
||||
aws_provider.aws_session, aws_provider.role_info
|
||||
@@ -225,7 +188,7 @@ class Test_AWS_Provider:
|
||||
# Assumed Role
|
||||
assert (
|
||||
assume_role_response["AssumedRoleUser"]["Arn"]
|
||||
== f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}"
|
||||
== f"arn:aws:sts::{AWS_ACCOUNT_NUMBER}:assumed-role/{role_name}/{sessionName}"
|
||||
)
|
||||
|
||||
# AssumedRoleUser
|
||||
@@ -245,12 +208,12 @@ class Test_AWS_Provider:
|
||||
def test_aws_provider_assume_role_without_mfa(self):
|
||||
# Variables
|
||||
role_name = "test-role"
|
||||
role_arn = f"arn:aws:iam::{ACCOUNT_ID}:role/{role_name}"
|
||||
role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/{role_name}"
|
||||
session_duration_seconds = 900
|
||||
audited_regions = "eu-west-1"
|
||||
sessionName = "ProwlerAsessmentSession"
|
||||
|
||||
# Boto 3 client to create our user
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION)
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1)
|
||||
# IAM user
|
||||
iam_user = iam_client.create_user(UserName="test-user")["User"]
|
||||
access_key = iam_client.create_access_key(UserName=iam_user["UserName"])[
|
||||
@@ -262,41 +225,21 @@ class Test_AWS_Provider:
|
||||
session = boto3.session.Session(
|
||||
aws_access_key_id=access_key_id,
|
||||
aws_secret_access_key=secret_access_key,
|
||||
region_name=AWS_REGION,
|
||||
region_name=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=session,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition=None,
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
assumed_role_info=AWS_Assume_Role(
|
||||
role_arn=role_arn,
|
||||
session_duration=session_duration_seconds,
|
||||
external_id=None,
|
||||
mfa_enabled=False,
|
||||
),
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
original_session=session,
|
||||
profile_region=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Call assume_role
|
||||
aws_provider = AWS_Provider(audit_info)
|
||||
assume_role_response = assume_role(
|
||||
aws_provider.aws_session, aws_provider.role_info
|
||||
@@ -315,7 +258,7 @@ class Test_AWS_Provider:
|
||||
# Assumed Role
|
||||
assert (
|
||||
assume_role_response["AssumedRoleUser"]["Arn"]
|
||||
== f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}"
|
||||
== f"arn:aws:sts::{AWS_ACCOUNT_NUMBER}:assumed-role/{role_name}/{sessionName}"
|
||||
)
|
||||
|
||||
# AssumedRoleUser
|
||||
@@ -335,14 +278,14 @@ class Test_AWS_Provider:
|
||||
def test_assume_role_with_sts_endpoint_region(self):
|
||||
# Variables
|
||||
role_name = "test-role"
|
||||
role_arn = f"arn:aws:iam::{ACCOUNT_ID}:role/{role_name}"
|
||||
role_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:role/{role_name}"
|
||||
session_duration_seconds = 900
|
||||
aws_region = "eu-west-1"
|
||||
sts_endpoint_region = aws_region
|
||||
audited_regions = [aws_region]
|
||||
AWS_REGION_US_EAST_1 = "eu-west-1"
|
||||
sts_endpoint_region = AWS_REGION_US_EAST_1
|
||||
sessionName = "ProwlerAsessmentSession"
|
||||
|
||||
# Boto 3 client to create our user
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION)
|
||||
iam_client = boto3.client("iam", region_name=AWS_REGION_US_EAST_1)
|
||||
# IAM user
|
||||
iam_user = iam_client.create_user(UserName="test-user")["User"]
|
||||
access_key = iam_client.create_access_key(UserName=iam_user["UserName"])[
|
||||
@@ -354,41 +297,21 @@ class Test_AWS_Provider:
|
||||
session = boto3.session.Session(
|
||||
aws_access_key_id=access_key_id,
|
||||
aws_secret_access_key=secret_access_key,
|
||||
region_name=AWS_REGION,
|
||||
region_name=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=session,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition=None,
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
assumed_role_info=AWS_Assume_Role(
|
||||
role_arn=role_arn,
|
||||
session_duration=session_duration_seconds,
|
||||
external_id=None,
|
||||
mfa_enabled=False,
|
||||
),
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
original_session=session,
|
||||
profile_region=AWS_REGION_US_EAST_1,
|
||||
)
|
||||
|
||||
# Call assume_role
|
||||
aws_provider = AWS_Provider(audit_info)
|
||||
assume_role_response = assume_role(
|
||||
aws_provider.aws_session, aws_provider.role_info, sts_endpoint_region
|
||||
@@ -407,7 +330,7 @@ class Test_AWS_Provider:
|
||||
# Assumed Role
|
||||
assert (
|
||||
assume_role_response["AssumedRoleUser"]["Arn"]
|
||||
== f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}"
|
||||
== f"arn:aws:sts::{AWS_ACCOUNT_NUMBER}:assumed-role/{role_name}/{sessionName}"
|
||||
)
|
||||
|
||||
# AssumedRoleUser
|
||||
@@ -423,368 +346,76 @@ class Test_AWS_Provider:
|
||||
) == 21 + 1 + len(sessionName)
|
||||
|
||||
def test_generate_regional_clients(self):
|
||||
# New Boto3 session with the previously create user
|
||||
session = boto3.session.Session(
|
||||
region_name=AWS_REGION,
|
||||
)
|
||||
audited_regions = ["eu-west-1", AWS_REGION]
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=session,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions = [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
audit_session=boto3.session.Session(
|
||||
region_name=AWS_REGION_US_EAST_1,
|
||||
),
|
||||
)
|
||||
|
||||
generate_regional_clients_response = generate_regional_clients(
|
||||
"ec2", audit_info
|
||||
)
|
||||
|
||||
assert set(generate_regional_clients_response.keys()) == set(audited_regions)
|
||||
|
||||
def test_generate_regional_clients_global_service(self):
|
||||
# New Boto3 session with the previously create user
|
||||
session = boto3.session.Session(
|
||||
region_name=AWS_REGION,
|
||||
)
|
||||
audited_regions = ["eu-west-1", AWS_REGION]
|
||||
profile_region = AWS_REGION
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=session,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=profile_region,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
)
|
||||
generate_regional_clients_response = generate_regional_clients(
|
||||
"route53", audit_info, global_service=True
|
||||
)
|
||||
|
||||
assert list(generate_regional_clients_response.keys()) == [profile_region]
|
||||
|
||||
def test_generate_regional_clients_cn_partition(self):
|
||||
# New Boto3 session with the previously create user
|
||||
session = boto3.session.Session(
|
||||
region_name=AWS_REGION,
|
||||
)
|
||||
audited_regions = ["cn-northwest-1", "cn-north-1"]
|
||||
# Fulfil the input session object for Prowler
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=session,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws-cn",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
audit_session=boto3.session.Session(
|
||||
region_name=AWS_REGION_US_EAST_1,
|
||||
),
|
||||
)
|
||||
generate_regional_clients_response = generate_regional_clients(
|
||||
"shield", audit_info, global_service=True
|
||||
"shield", audit_info
|
||||
)
|
||||
|
||||
# Shield does not exist in China
|
||||
assert generate_regional_clients_response == {}
|
||||
|
||||
def test_get_default_region(self):
|
||||
audited_regions = ["eu-west-1"]
|
||||
profile_region = "eu-west-1"
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=profile_region,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
profile_region=AWS_REGION_EU_WEST_1,
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
)
|
||||
assert get_default_region("ec2", audit_info) == "eu-west-1"
|
||||
assert get_default_region("ec2", audit_info) == AWS_REGION_EU_WEST_1
|
||||
|
||||
def test_get_default_region_profile_region_not_audited(self):
|
||||
audited_regions = ["eu-west-1"]
|
||||
profile_region = "us-east-2"
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=profile_region,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
profile_region=AWS_REGION_US_EAST_2,
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
)
|
||||
assert get_default_region("ec2", audit_info) == "eu-west-1"
|
||||
assert get_default_region("ec2", audit_info) == AWS_REGION_EU_WEST_1
|
||||
|
||||
def test_get_default_region_non_profile_region(self):
|
||||
audited_regions = ["eu-west-1"]
|
||||
profile_region = None
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=profile_region,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_regions=[AWS_REGION_EU_WEST_1],
|
||||
)
|
||||
assert get_default_region("ec2", audit_info) == "eu-west-1"
|
||||
assert get_default_region("ec2", audit_info) == AWS_REGION_EU_WEST_1
|
||||
|
||||
def test_get_default_region_non_profile_or_audited_region(self):
|
||||
audited_regions = None
|
||||
profile_region = None
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=profile_region,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
)
|
||||
assert get_default_region("ec2", audit_info) == "us-east-1"
|
||||
|
||||
def test_aws_get_global_region(self):
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=None,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
)
|
||||
assert get_default_region("ec2", audit_info) == "us-east-1"
|
||||
audit_info = set_mocked_aws_audit_info()
|
||||
assert get_default_region("ec2", audit_info) == AWS_REGION_US_EAST_1
|
||||
|
||||
def test_aws_gov_get_global_region(self):
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws-us-gov",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=None,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
audit_info = set_mocked_aws_audit_info(
|
||||
audited_partition=AWS_GOV_CLOUD_PARTITION
|
||||
)
|
||||
assert get_global_region(audit_info) == "us-gov-east-1"
|
||||
assert get_global_region(audit_info) == AWS_REGION_GOV_CLOUD_US_EAST_1
|
||||
|
||||
def test_aws_cn_get_global_region(self):
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws-cn",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=None,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
)
|
||||
assert get_global_region(audit_info) == "cn-north-1"
|
||||
audit_info = set_mocked_aws_audit_info(audited_partition=AWS_CHINA_PARTITION)
|
||||
assert get_global_region(audit_info) == AWS_REGION_CHINA_NORHT_1
|
||||
|
||||
def test_aws_iso_get_global_region(self):
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws-iso",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=None,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
)
|
||||
assert get_global_region(audit_info) == "aws-iso-global"
|
||||
audit_info = set_mocked_aws_audit_info(audited_partition=AWS_ISO_PARTITION)
|
||||
assert get_global_region(audit_info) == AWS_REGION_ISO_GLOBAL
|
||||
|
||||
def test_get_available_aws_service_regions_with_us_east_1_audited(self):
|
||||
audited_regions = ["us-east-1"]
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=audited_regions,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
)
|
||||
audit_info = set_mocked_aws_audit_info(audited_regions=[AWS_REGION_US_EAST_1])
|
||||
|
||||
with patch(
|
||||
"prowler.providers.aws.aws_provider.parse_json_file",
|
||||
return_value={
|
||||
@@ -815,33 +446,13 @@ class Test_AWS_Provider:
|
||||
}
|
||||
},
|
||||
):
|
||||
assert get_available_aws_service_regions("ec2", audit_info) == ["us-east-1"]
|
||||
assert get_available_aws_service_regions("ec2", audit_info) == [
|
||||
AWS_REGION_US_EAST_1
|
||||
]
|
||||
|
||||
def test_get_available_aws_service_regions_with_all_regions_audited(self):
|
||||
audit_info = AWS_Audit_Info(
|
||||
session_config=None,
|
||||
original_session=None,
|
||||
audit_session=None,
|
||||
audited_account=None,
|
||||
audited_account_arn=None,
|
||||
audited_partition="aws",
|
||||
audited_identity_arn=None,
|
||||
audited_user_id=None,
|
||||
profile=None,
|
||||
profile_region=None,
|
||||
credentials=None,
|
||||
assumed_role_info=None,
|
||||
audited_regions=None,
|
||||
organizations_metadata=None,
|
||||
audit_resources=None,
|
||||
mfa_enabled=False,
|
||||
audit_metadata=Audit_Metadata(
|
||||
services_scanned=0,
|
||||
expected_checks=[],
|
||||
completed_checks=0,
|
||||
audit_progress=0,
|
||||
),
|
||||
)
|
||||
audit_info = set_mocked_aws_audit_info()
|
||||
|
||||
with patch(
|
||||
"prowler.providers.aws.aws_provider.parse_json_file",
|
||||
return_value={
|
||||
|
||||
@@ -10,7 +10,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
@@ -43,3 +43,20 @@ class Test_AWSService:
|
||||
)
|
||||
assert service.region == AWS_REGION_US_EAST_1
|
||||
assert service.client.__class__.__name__ == service_name.upper()
|
||||
|
||||
def test_AWSService_init_global_service(self):
|
||||
service_name = "cloudfront"
|
||||
audit_info = set_mocked_aws_audit_info()
|
||||
service = AWSService(service_name, audit_info, global_service=True)
|
||||
|
||||
assert service.audit_info == audit_info
|
||||
assert service.audited_account == AWS_ACCOUNT_NUMBER
|
||||
assert service.audited_account_arn == AWS_ACCOUNT_ARN
|
||||
assert service.audited_partition == AWS_COMMERCIAL_PARTITION
|
||||
assert service.audit_resources == []
|
||||
assert service.audited_checks == []
|
||||
assert service.session == audit_info.audit_session
|
||||
assert service.service == service_name
|
||||
assert not hasattr(service, "regional_clients")
|
||||
assert service.region == AWS_REGION_US_EAST_1
|
||||
assert service.client.__class__.__name__ == "CloudFront"
|
||||
|
||||
@@ -54,7 +54,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -74,7 +74,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -51,7 +51,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(service, region_name=AWS_REGION)
|
||||
regional_client.region = AWS_REGION
|
||||
return {AWS_REGION: regional_client}
|
||||
|
||||
@@ -39,7 +39,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -46,7 +46,7 @@ def mock_request_get(_):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client_eu_west_1 = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -58,7 +58,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -119,7 +119,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -86,7 +86,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -38,7 +38,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -103,7 +103,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -38,7 +38,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -58,7 +58,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -41,7 +41,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -11,7 +11,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -82,7 +82,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -10,7 +10,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -41,7 +41,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -16,7 +16,7 @@ cidr_block_subnet_1 = "10.0.0.0/22"
|
||||
cidr_block_subnet_2 = "10.0.4.0/22"
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -81,7 +81,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -36,7 +36,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -62,7 +62,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -104,7 +104,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -50,7 +50,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -69,7 +69,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -32,7 +32,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -47,7 +47,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_Macie_Service:
|
||||
|
||||
# Test Macie Client
|
||||
def test__get_client__(self):
|
||||
macie = Macie(set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1]))
|
||||
|
||||
@@ -69,7 +69,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
@@ -84,7 +84,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
# Patch every AWS call using Boto3
|
||||
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
|
||||
class Test_Neptune_Service:
|
||||
|
||||
# Test Neptune Service
|
||||
@mock_neptune
|
||||
def test_service(self):
|
||||
|
||||
@@ -51,7 +51,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -91,7 +91,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -105,7 +105,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_OpenSearchService_Service:
|
||||
|
||||
# Test OpenSearchService Service
|
||||
def test_service(self):
|
||||
audit_info = set_mocked_aws_audit_info([])
|
||||
|
||||
@@ -46,7 +46,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -60,7 +60,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_Redshift_Service:
|
||||
|
||||
# Test Redshift Service
|
||||
def test_service(self):
|
||||
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
|
||||
|
||||
@@ -30,7 +30,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -90,7 +90,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -104,7 +104,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_SageMaker_Service:
|
||||
|
||||
# Test SageMaker Service
|
||||
def test_service(self):
|
||||
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
|
||||
|
||||
@@ -15,7 +15,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -29,7 +29,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_SecretsManager_Service:
|
||||
|
||||
# Test SecretsManager Client
|
||||
@mock_secretsmanager
|
||||
def test__get_client__(self):
|
||||
|
||||
@@ -44,7 +44,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -59,7 +59,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_SecurityHub_Service:
|
||||
|
||||
# Test SecurityHub Client
|
||||
def test__get_client__(self):
|
||||
security_hub = SecurityHub(set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1]))
|
||||
|
||||
@@ -13,7 +13,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -12,7 +12,7 @@ from tests.providers.aws.audit_info_utils import (
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
|
||||
@@ -37,7 +37,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -51,7 +51,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_SNS_Service:
|
||||
|
||||
# Test SNS Service
|
||||
def test_service(self):
|
||||
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
|
||||
|
||||
@@ -39,7 +39,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -53,7 +53,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_SQS_Service:
|
||||
|
||||
# Test SQS Service
|
||||
def test_service(self):
|
||||
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
|
||||
|
||||
@@ -66,7 +66,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -54,7 +54,7 @@ def mock_make_api_call(self, operation_name, kwargs):
|
||||
return make_api_call(self, operation_name, kwargs)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_US_EAST_1
|
||||
)
|
||||
|
||||
@@ -31,7 +31,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
|
||||
|
||||
# Mock generate_regional_clients()
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -46,7 +46,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_WAF_Service:
|
||||
|
||||
# Test WAF Service
|
||||
def test_service(self):
|
||||
# WAF client for this test class
|
||||
|
||||
@@ -40,7 +40,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -54,7 +54,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_WellArchitected_Service:
|
||||
|
||||
# Test WellArchitected Service
|
||||
def test_service(self):
|
||||
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
|
||||
|
||||
@@ -35,7 +35,7 @@ def mock_make_api_call(self, operation_name, kwarg):
|
||||
return make_api_call(self, operation_name, kwarg)
|
||||
|
||||
|
||||
def mock_generate_regional_clients(service, audit_info, _):
|
||||
def mock_generate_regional_clients(service, audit_info):
|
||||
regional_client = audit_info.audit_session.client(
|
||||
service, region_name=AWS_REGION_EU_WEST_1
|
||||
)
|
||||
@@ -49,7 +49,6 @@ def mock_generate_regional_clients(service, audit_info, _):
|
||||
new=mock_generate_regional_clients,
|
||||
)
|
||||
class Test_WorkSpaces_Service:
|
||||
|
||||
# Test WorkSpaces Service
|
||||
def test_service(self):
|
||||
audit_info = set_mocked_aws_audit_info([AWS_REGION_EU_WEST_1])
|
||||
|
||||
Reference in New Issue
Block a user