ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(allowlist): remove re.escape (#1734)

Browse Source 
Co-authored-by: sergargar <sergio@verica.io>
This commit is contained in:
Sergio Garcia
2023-01-18 17:45:51 +01:00
committed by GitHub
parent 50070e8fe7
commit d02bd9b717
2 changed files with 80 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
tests/providers/aws/lib/allowlist/allowlist_test.py
View File

@@ -109,7 +109,79 @@ class Test_Allowlist:
"Checks": {
"check_test": {
"Regions": ["us-east-1", "eu-west-1"],
"Resources": ["prowler", "^test"],
"Resources": ["prowler", "^test", "prowler-pro"],
}
}
}
}
}
assert is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", AWS_REGION, "prowler"
)
assert is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", AWS_REGION, "prowler-test"
)
assert is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", AWS_REGION, "test-prowler"
)
assert is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", AWS_REGION, "prowler-pro-test"
)
assert not (
is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", "us-east-2", "test"
)
)
def test_is_allowlisted_wildcard(self):
# Allowlist example
allowlist = {
"Accounts": {
"*": {
"Checks": {
"check_test": {
"Regions": ["us-east-1", "eu-west-1"],
"Resources": [".*"],
}
}
}
}
}
assert is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", AWS_REGION, "prowler"
)
assert is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", AWS_REGION, "prowler-test"
)
assert is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", AWS_REGION, "test-prowler"
)
assert not (
is_allowlisted(
allowlist, AWS_ACCOUNT_NUMBER, "check_test", "us-east-2", "test"
)
)
def test_is_allowlisted_asterisk(self):
# Allowlist example
allowlist = {
"Accounts": {
"*": {
"Checks": {
"check_test": {
"Regions": ["us-east-1", "eu-west-1"],
"Resources": ["*"],
}
}
}