ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(elb-test): Use a mocked current audit info (#2207)

Browse Source
This commit is contained in:
Pepe Fagoaga
2023-04-14 12:43:08 +02:00
committed by GitHub
parent 4be2539bc2
commit cb190f54fc
12 changed files with 513 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elb
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elb_insecure_ssl_ciphers:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elb
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers import (
@@ -59,14 +83,14 @@ class Test_elb_insecure_ssl_ciphers:
)
elb.describe_load_balancer_policies(LoadBalancerName="my-lb")
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers import (
elb_insecure_ssl_ciphers,
@@ -104,14 +128,14 @@ class Test_elb_insecure_ssl_ciphers:
SecurityGroups=[security_group.id],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers import (
elb_insecure_ssl_ciphers,

52
tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elb
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elb_request_smugling:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elb
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing import (
@@ -52,14 +76,14 @@ class Test_elb_request_smugling:
SecurityGroups=[security_group.id],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing import (
elb_internet_facing,
@@ -97,14 +121,14 @@ class Test_elb_request_smugling:
SecurityGroups=[security_group.id],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing import (
elb_internet_facing,

52
tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elb
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elb_logging_enabled:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elb
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled import (
@@ -52,14 +76,14 @@ class Test_elb_logging_enabled:
SecurityGroups=[security_group.id],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled import (
elb_logging_enabled,
@@ -109,14 +133,14 @@ class Test_elb_logging_enabled:
},
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled import (
elb_logging_enabled,

49
tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py
View File

@@ -1,25 +1,46 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elb
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elb_ssl_listeners:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elb
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners import (
@@ -52,14 +73,14 @@ class Test_elb_ssl_listeners:
SecurityGroups=[security_group.id],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners import (
elb_ssl_listeners,
@@ -95,14 +116,14 @@ class Test_elb_ssl_listeners:
Scheme="internal",
SecurityGroups=[security_group.id],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elb.elb_service import ELB
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client",
new=ELB(current_audit_info),
new=ELB(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners import (
elb_ssl_listeners,

52
tests/providers/aws/services/elbv2/elbv2_deletion_protection/elbv2_deletion_protection_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elbv2_deletion_protection:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection import (
@@ -63,14 +87,14 @@ class Test_elbv2_deletion_protection:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection import (
elbv2_deletion_protection,
@@ -119,14 +143,14 @@ class Test_elbv2_deletion_protection:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection import (
elbv2_deletion_protection,

56
tests/providers/aws/services/elbv2/elbv2_desync_mitigation_mode/elbv2_desync_mitigation_mode_test.py
View File

@@ -1,24 +1,46 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elbv2_desync_mitigation_mode:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode import (
@@ -66,14 +88,14 @@ class Test_elbv2_desync_mitigation_mode:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode import (
elbv2_desync_mitigation_mode,
@@ -127,14 +149,14 @@ class Test_elbv2_desync_mitigation_mode:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode import (
elbv2_desync_mitigation_mode,
@@ -183,14 +205,14 @@ class Test_elbv2_desync_mitigation_mode:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode import (
elbv2_desync_mitigation_mode,

52
tests/providers/aws/services/elbv2/elbv2_insecure_ssl_ciphers/elbv2_insecure_ssl_ciphers_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elbv2_insecure_ssl_ciphers:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers import (
@@ -80,14 +104,14 @@ class Test_elbv2_insecure_ssl_ciphers:
DefaultActions=[{"Type": "forward", "TargetGroupArn": target_group_arn}],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers import (
elbv2_insecure_ssl_ciphers,
@@ -152,14 +176,14 @@ class Test_elbv2_insecure_ssl_ciphers:
DefaultActions=[{"Type": "forward", "TargetGroupArn": target_group_arn}],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers import (
elbv2_insecure_ssl_ciphers,

51
tests/providers/aws/services/elbv2/elbv2_internet_facing/elbv2_internet_facing_test.py
View File

@@ -1,24 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elbv2_internet_facing:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing import (
@@ -55,14 +80,14 @@ class Test_elbv2_internet_facing:
Type="application",
)["LoadBalancers"][0]
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing import (
elbv2_internet_facing,
@@ -104,14 +129,14 @@ class Test_elbv2_internet_facing:
Scheme="internet-facing",
)["LoadBalancers"][0]
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing import (
elbv2_internet_facing,

52
tests/providers/aws/services/elbv2/elbv2_listeners_underneath/elbv2_listeners_underneath_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elbv2_listeners_underneath:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath import (
@@ -56,14 +80,14 @@ class Test_elbv2_listeners_underneath:
Type="application",
)["LoadBalancers"][0]
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath import (
elbv2_listeners_underneath,
@@ -127,14 +151,14 @@ class Test_elbv2_listeners_underneath:
DefaultActions=[{"Type": "forward", "TargetGroupArn": target_group_arn}],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath import (
elbv2_listeners_underneath,

52
tests/providers/aws/services/elbv2/elbv2_logging_enabled/elbv2_logging_enabled_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elbv2_logging_enabled:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled import (
@@ -66,14 +90,14 @@ class Test_elbv2_logging_enabled:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled import (
elbv2_logging_enabled,
@@ -125,14 +149,14 @@ class Test_elbv2_logging_enabled:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled import (
elbv2_logging_enabled,

60
tests/providers/aws/services/elbv2/elbv2_ssl_listeners/elbv2_ssl_listeners_test.py
View File

@@ -1,25 +1,49 @@
from re import search
from unittest import mock
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
class Test_elbv2_ssl_listeners:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners import (
@@ -78,14 +102,14 @@ class Test_elbv2_ssl_listeners:
DefaultActions=[{"Type": "forward", "TargetGroupArn": target_group_arn}],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners import (
elbv2_ssl_listeners,
@@ -149,14 +173,14 @@ class Test_elbv2_ssl_listeners:
DefaultActions=[{"Type": "forward", "TargetGroupArn": target_group_arn}],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners import (
elbv2_ssl_listeners,
@@ -213,14 +237,14 @@ class Test_elbv2_ssl_listeners:
],
)
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
):
from prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners import (
elbv2_ssl_listeners,

167
tests/providers/aws/services/elbv2/elbv2_waf_acl_attached/elbv2_waf_acl_attached_test.py
View File

@@ -2,9 +2,11 @@ from re import search
from unittest import mock
import botocore
from boto3 import client, resource
from boto3 import client, resource, session
from moto import mock_ec2, mock_elbv2, mock_wafv2
from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
@@ -31,38 +33,58 @@ def mock_make_api_call(self, operation_name, kwarg):
class Test_elbv2_waf_acl_attached:
def set_mocked_audit_info(self):
audit_info = AWS_Audit_Info(
session_config=None,
original_session=None,
audit_session=session.Session(
profile_name=None,
botocore_session=None,
),
audited_account=AWS_ACCOUNT_NUMBER,
audited_user_id=None,
audited_partition="aws",
audited_identity_arn=None,
profile=None,
profile_region=None,
credentials=None,
assumed_role_info=None,
audited_regions=["us-east-1", "eu-west-1"],
organizations_metadata=None,
audit_resources=None,
)
return audit_info
@mock_wafv2
@mock_elbv2
def test_elb_no_balancers(self):
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
from prowler.providers.aws.services.waf.waf_service import WAF
from prowler.providers.aws.services.wafv2.wafv2_service import WAFv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client",
new=WAFv2(self.set_mocked_audit_info()),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.waf_client",
new=WAF(self.set_mocked_audit_info()),
):
with mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client",
new=WAFv2(current_audit_info),
):
with mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.waf_client",
new=WAF(current_audit_info),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached import (
elbv2_waf_acl_attached,
)
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached import (
elbv2_waf_acl_attached,
)
check = elbv2_waf_acl_attached()
result = check.execute()
check = elbv2_waf_acl_attached()
result = check.execute()
assert len(result) == 0
assert len(result) == 0
@mock_wafv2
@mock_ec2
@@ -100,41 +122,39 @@ class Test_elbv2_waf_acl_attached:
Type="application",
)["LoadBalancers"][0]
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
from prowler.providers.aws.services.waf.waf_service import WAF
from prowler.providers.aws.services.wafv2.wafv2_service import WAFv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client",
new=ELBv2(current_audit_info),
new=ELBv2(self.set_mocked_audit_info()),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client",
new=WAFv2(self.set_mocked_audit_info()),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.waf_client",
new=WAF(self.set_mocked_audit_info()),
):
with mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client",
new=WAFv2(current_audit_info),
):
with mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.waf_client",
new=WAF(current_audit_info),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached import (
elbv2_waf_acl_attached,
)
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached import (
elbv2_waf_acl_attached,
)
check = elbv2_waf_acl_attached()
result = check.execute()
check = elbv2_waf_acl_attached()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"
assert search(
"is not protected by WAF Web ACL",
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == lb["LoadBalancerArn"]
assert len(result) == 1
assert result[0].status == "FAIL"
assert search(
"is not protected by WAF Web ACL",
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == lb["LoadBalancerArn"]
@mock_wafv2
@mock_ec2
@@ -174,40 +194,39 @@ class Test_elbv2_waf_acl_attached:
wafv2.associate_web_acl(WebACLArn=waf["ARN"], ResourceArn=lb["LoadBalancerArn"])
from prowler.providers.aws.lib.audit_info.audit_info import current_audit_info
from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2
from prowler.providers.aws.services.waf.waf_service import WAF
from prowler.providers.aws.services.wafv2.wafv2_service import WAFv2
current_audit_info.audited_partition = "aws"
with mock.patch(
"prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
new=self.set_mocked_audit_info(),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client",
new=ELBv2(current_audit_info),
):
new=ELBv2(self.set_mocked_audit_info()),
), mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client",
new=WAFv2(self.set_mocked_audit_info()),
) as service_client:
with mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client",
new=WAFv2(current_audit_info),
) as service_client:
with mock.patch(
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.waf_client",
new=WAF(current_audit_info),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached import (
elbv2_waf_acl_attached,
)
"prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.waf_client",
new=WAF(self.set_mocked_audit_info()),
):
# Test Check
from prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached import (
elbv2_waf_acl_attached,
)
service_client.web_acls[0].albs.append(lb["LoadBalancerArn"])
service_client.web_acls[0].albs.append(lb["LoadBalancerArn"])
check = elbv2_waf_acl_attached()
result = check.execute()
check = elbv2_waf_acl_attached()
result = check.execute()
assert len(result) == 1
assert result[0].status == "PASS"
assert search(
"is protected by WAFv2 Web ACL",
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == lb["LoadBalancerArn"]
assert len(result) == 1
assert result[0].status == "PASS"
assert search(
"is protected by WAFv2 Web ACL",
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == lb["LoadBalancerArn"]