diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py index b7e217c5..6aa6ab68 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_any_port/ec2_securitygroup_allow_ingress_from_internet_to_any_port_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -122,9 +121,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has all ports open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has all ports open to the Internet." ) assert ( sg.resource_arn @@ -178,9 +178,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have all ports open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have all ports open to the Internet." ) assert ( sg.resource_arn @@ -239,9 +240,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_any_port: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have all ports open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have all ports open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py index 3bc5e96d..23ef0392 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018/ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has MongoDB ports 27017 and 27018 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has MongoDB ports 27017 and 27018 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_2 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have MongoDB ports 27017 and 27018 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have MongoDB ports 27017 and 27018 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py index 306ccce3..667ac4e8 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21/ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has FTP ports 20 and 21 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has FTP ports 20 and 21 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have FTP ports 20 and 21 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have FTP ports 20 and 21 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py index fc9aef63..e15cab31 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22_test.py @@ -122,6 +122,11 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has SSH port 22 open to the Internet." + ) assert search( "has SSH port 22 open to the Internet", sg.status_extended, @@ -180,9 +185,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have SSH port 22 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have SSH port 22 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py index 9094e252..3a083993 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -122,9 +121,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Microsoft RDP port 3389 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Microsoft RDP port 3389 open to the Internet." ) assert ( sg.resource_arn @@ -180,9 +180,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Microsoft RDP port 3389 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Microsoft RDP port 3389 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py index 894a6a64..6c0dd067 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Casandra ports 7199, 8888 and 9160 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Casandra ports 7199, 8888 and 9160 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Casandra ports 7199, 8888 and 9160 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Casandra ports 7199, 8888 and 9160 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py index 053b94c5..b35a85bd 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Elasticsearch/Kibana ports 9200, 9300 and 5601 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Elasticsearch/Kibana ports 9200, 9300 and 5601 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsear for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Elasticsearch/Kibana ports 9200, 9300 and 5601 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Elasticsearch/Kibana ports 9200, 9300 and 5601 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py index 619d330a..0702fbaf 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,8 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Kafka port 9092 open to the Internet", sg.status_extended + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Kafka port 9092 open to the Internet." ) assert ( sg.resource_arn @@ -185,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Kafka port 9092 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Kafka port 9092 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py index e4a57701..5ff87d75 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Memcached port 11211 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Memcached port 11211 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_1 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Memcached port 11211 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Memcached port 11211 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py index 512d0183..67d9abf7 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has MySQL port 3306 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has MySQL port 3306 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have MySQL port 3306 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have MySQL port 3306 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py index 5843c979..6e131681 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Oracle ports 1521 and 2483 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Oracle ports 1521 and 2483 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Oracle ports 1521 and 2483 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Oracle ports 1521 and 2483 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py index d49fa047..2e984b96 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Postgres port 5432 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Postgres port 5432 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Postgres port 5432 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Postgres port 5432 open to the Internet." ) assert ( sg.resource_arn @@ -251,9 +252,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_54 for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Postgres port 5432 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Postgres port 5432 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py index 6b047c05..97f87c56 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,8 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Redis port 6379 open to the Internet", sg.status_extended + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Redis port 6379 open to the Internet." ) assert ( sg.resource_arn @@ -185,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Redis port 6379 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Redis port 6379 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py index 2ba93476..b8a7439c 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,9 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_ for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Microsoft SQL Server ports 1433 and 1434 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Microsoft SQL Server ports 1433 and 1434 open to the Internet." ) assert ( sg.resource_arn @@ -186,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_ for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Microsoft SQL Server ports 1433 and 1434 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Microsoft SQL Server ports 1433 and 1434 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py index 8a3aa3b5..8852b206 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23/ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -126,8 +125,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has Telnet port 23 open to the Internet", sg.status_extended + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has Telnet port 23 open to the Internet." ) assert ( sg.resource_arn @@ -185,9 +186,10 @@ class Test_ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "does not have Telnet port 23 open to the Internet", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) does not have Telnet port 23 open to the Internet." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py index 2fd80748..64fd87cb 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_allow_wide_open_public_ipv4/ec2_securitygroup_allow_wide_open_public_ipv4_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -120,9 +119,10 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "has no potential wide-open non-RFC1918 address", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has no potential wide-open non-RFC1918 address." ) assert ( sg.resource_arn @@ -176,9 +176,10 @@ class Test_ec2_securitygroup_allow_wide_open_public_ipv4: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has potential wide-open non-RFC1918 address", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has potential wide-open non-RFC1918 address 82.122.0.0/16 in ingress rule." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py index 3dd76dc6..62df15f7 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_from_launch_wizard/ec2_securitygroup_from_launch_wizard_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, resource, session @@ -112,9 +111,10 @@ class Test_ec2_securitygroup_from_launch_wizard: for sg in result: if sg.resource_id == sg_id: assert sg.status == "FAIL" - assert search( - "was created using the EC2 Launch Wizard", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {sg_name} ({sg_id}) was created using the EC2 Launch Wizard." ) assert ( sg.resource_arn @@ -168,9 +168,10 @@ class Test_ec2_securitygroup_from_launch_wizard: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "was not created using the EC2 Launch Wizard", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) was not created using the EC2 Launch Wizard." ) assert ( sg.resource_arn diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py index 1885d4d5..e51048a5 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_not_used/ec2_securitygroup_not_used_test.py @@ -105,9 +105,10 @@ class Test_ec2_securitygroup_not_used: # One custom sg assert len(result) == 1 assert result[0].status == "FAIL" - assert search( - "it is not being used", - result[0].status_extended, + assert result[0].region == AWS_REGION + assert ( + result[0].status_extended + == f"Security group {sg_name} ({sg.id}) it is not being used." ) assert ( result[0].resource_arn @@ -152,6 +153,11 @@ class Test_ec2_securitygroup_not_used: # One custom sg assert len(result) == 1 assert result[0].status == "PASS" + assert result[0].region == AWS_REGION + assert ( + result[0].status_extended + == f"Security group {sg_name} ({sg.id}) it is being used." + ) assert search( "it is being used", result[0].status_extended, diff --git a/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py b/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py index f61c5c56..cc1fa195 100644 --- a/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py +++ b/tests/providers/aws/services/ec2/ec2_securitygroup_with_many_ingress_egress_rules/ec2_securitygroup_with_many_ingress_egress_rules_test.py @@ -1,4 +1,3 @@ -from re import search from unittest import mock from boto3 import client, session @@ -125,8 +124,10 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "FAIL" - assert search( - "has 60 inbound rules and 1 outbound rules", sg.status_extended + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has 60 inbound rules and 1 outbound rules." ) assert ( sg.resource_arn @@ -183,9 +184,10 @@ class Test_ec2_securitygroup_with_many_ingress_egress_rules: for sg in result: if sg.resource_id == default_sg_id: assert sg.status == "PASS" - assert search( - "has 1 inbound rules and 1 outbound rules", - sg.status_extended, + assert sg.region == AWS_REGION + assert ( + sg.status_extended + == f"Security group {default_sg_name} ({default_sg_id}) has 1 inbound rules and 1 outbound rules." ) assert ( sg.resource_arn