ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e187875da5a97f2c530a5c54e8d2a2ecf25281b7
prowler/tests/providers/aws/services/guardduty/guardduty_service_test.py
Pepe Fagoaga e187875da5 test(audit_info): refactor guardduty (#3160)
2023-12-05 15:00:46 +01:00

194 lines
7.8 KiB
Python
Raw Blame History

from datetime import datetime
from unittest.mock import patch
import botocore
from boto3 import client
from moto import mock_guardduty
from prowler.providers.aws.services.guardduty.guardduty_service import GuardDuty
from tests.providers.aws.audit_info_utils import (
AWS_ACCOUNT_NUMBER,
AWS_REGION_EU_WEST_1,
set_mocked_aws_audit_info,
)
AWS_ACCOUNT_NUMBER_ADMIN = "123456789013"
make_api_call = botocore.client.BaseClient._make_api_call
def mock_make_api_call(self, operation_name, kwarg):
if operation_name == "ListFindings":
return {"FindingIds": ["86c1d16c9ec63f634ccd087ae0d427ba1"]}
if operation_name == "ListTagsForResource":
return {"Tags": {"test": "test"}}
if operation_name == "ListMembers":
return {
"Members": [
{
"AccountId": AWS_ACCOUNT_NUMBER,
"DetectorId": "11b4a9318fd146914420a637a4a9248b",
"MasterId": AWS_ACCOUNT_NUMBER_ADMIN,
"Email": "security@prowler.com",
"RelationshipStatus": "Enabled",
"InvitedAt": datetime(2020, 1, 1),
"UpdatedAt": datetime(2021, 1, 1),
"AdministratorId": AWS_ACCOUNT_NUMBER_ADMIN,
},
],
}
if operation_name == "GetAdministratorAccount":
return {
"Administrator": {
"AccountId": AWS_ACCOUNT_NUMBER_ADMIN,
"InvitationId": "12b1a931a981d1e1f1f452cf2fb3d515",
"RelationshipStatus": "Enabled",
"InvitedAt": datetime(2020, 1, 1),
}
}
return make_api_call(self, operation_name, kwarg)
def mock_generate_regional_clients(service, audit_info, _):
regional_client = audit_info.audit_session.client(
service, region_name=AWS_REGION_EU_WEST_1
)
regional_client.region = AWS_REGION_EU_WEST_1
return {AWS_REGION_EU_WEST_1: regional_client}
@patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call)
@patch(
"prowler.providers.aws.lib.service.service.generate_regional_clients",
new=mock_generate_regional_clients,
)
class Test_GuardDuty_Service:
# Test GuardDuty Service
def test_service(self):
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
assert guardduty.service == "guardduty"
# Test GuardDuty client
def test_client(self):
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
for reg_client in guardduty.regional_clients.values():
assert reg_client.__class__.__name__ == "GuardDuty"
# Test GuardDuty session
def test__get_session__(self):
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
assert guardduty.session.__class__.__name__ == "Session"
@mock_guardduty
# Test GuardDuty session
def test__list_detectors__(self):
guardduty_client = client("guardduty", region_name=AWS_REGION_EU_WEST_1)
response = guardduty_client.create_detector(Enable=True, Tags={"test": "test"})
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
assert len(guardduty.detectors) == 1
assert guardduty.detectors[0].id == response["DetectorId"]
assert (
guardduty.detectors[0].arn
== f"arn:aws:guardduty:{AWS_REGION_EU_WEST_1}:{AWS_ACCOUNT_NUMBER}:detector/{response['DetectorId']}"
)
assert guardduty.detectors[0].enabled_in_account
assert len(guardduty.detectors[0].findings) == 1
assert guardduty.detectors[0].member_accounts == ["123456789012"]
assert guardduty.detectors[0].administrator_account == "123456789013"
assert guardduty.detectors[0].region == AWS_REGION_EU_WEST_1
assert guardduty.detectors[0].tags == [{"test": "test"}]
@mock_guardduty
# Test GuardDuty session
def test__get_detector__(self):
guardduty_client = client("guardduty", region_name=AWS_REGION_EU_WEST_1)
response = guardduty_client.create_detector(Enable=True)
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
assert len(guardduty.detectors) == 1
assert guardduty.detectors[0].id == response["DetectorId"]
assert (
guardduty.detectors[0].arn
== f"arn:aws:guardduty:{AWS_REGION_EU_WEST_1}:{AWS_ACCOUNT_NUMBER}:detector/{response['DetectorId']}"
)
assert guardduty.detectors[0].enabled_in_account
assert len(guardduty.detectors[0].findings) == 1
assert guardduty.detectors[0].member_accounts == ["123456789012"]
assert guardduty.detectors[0].administrator_account == "123456789013"
assert guardduty.detectors[0].region == AWS_REGION_EU_WEST_1
assert guardduty.detectors[0].tags == [{"test": "test"}]
@mock_guardduty
# Test GuardDuty session
def test__list_findings__(self):
guardduty_client = client("guardduty", region_name=AWS_REGION_EU_WEST_1)
response = guardduty_client.create_detector(Enable=True)
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
assert len(guardduty.detectors) == 1
assert guardduty.detectors[0].id == response["DetectorId"]
assert (
guardduty.detectors[0].arn
== f"arn:aws:guardduty:{AWS_REGION_EU_WEST_1}:{AWS_ACCOUNT_NUMBER}:detector/{response['DetectorId']}"
)
assert guardduty.detectors[0].enabled_in_account
assert len(guardduty.detectors[0].findings) == 1
assert guardduty.detectors[0].member_accounts == ["123456789012"]
assert guardduty.detectors[0].administrator_account == "123456789013"
assert guardduty.detectors[0].region == AWS_REGION_EU_WEST_1
assert guardduty.detectors[0].tags == [{"test": "test"}]
@mock_guardduty
def test__list_members__(self):
guardduty_client = client("guardduty", region_name=AWS_REGION_EU_WEST_1)
response = guardduty_client.create_detector(Enable=True)
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
assert len(guardduty.detectors) == 1
assert guardduty.detectors[0].id == response["DetectorId"]
assert (
guardduty.detectors[0].arn
== f"arn:aws:guardduty:{AWS_REGION_EU_WEST_1}:{AWS_ACCOUNT_NUMBER}:detector/{response['DetectorId']}"
)
assert guardduty.detectors[0].enabled_in_account
assert len(guardduty.detectors[0].findings) == 1
assert guardduty.detectors[0].member_accounts == ["123456789012"]
assert guardduty.detectors[0].administrator_account == "123456789013"
assert guardduty.detectors[0].region == AWS_REGION_EU_WEST_1
assert guardduty.detectors[0].tags == [{"test": "test"}]
@mock_guardduty
# Test GuardDuty session
def test__get_administrator_account__(self):
guardduty_client = client("guardduty", region_name=AWS_REGION_EU_WEST_1)
response = guardduty_client.create_detector(Enable=True)
audit_info = set_mocked_aws_audit_info()
guardduty = GuardDuty(audit_info)
assert len(guardduty.detectors) == 1
assert guardduty.detectors[0].id == response["DetectorId"]
assert (
guardduty.detectors[0].arn
== f"arn:aws:guardduty:{AWS_REGION_EU_WEST_1}:{AWS_ACCOUNT_NUMBER}:detector/{response['DetectorId']}"
)
assert guardduty.detectors[0].enabled_in_account
assert len(guardduty.detectors[0].findings) == 1
assert guardduty.detectors[0].member_accounts == ["123456789012"]
assert guardduty.detectors[0].administrator_account == "123456789013"
assert guardduty.detectors[0].region == AWS_REGION_EU_WEST_1
assert guardduty.detectors[0].tags == [{"test": "test"}]
Reference in New Issue View Git Blame Copy Permalink