From 736a1e75af4df18c3a38eb3d3e4db58a75eda94d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 23:34:11 +0000 Subject: [PATCH 1/7] chore(deps-dev): bump moto from 5.0.16 to 5.0.27 Bumps [moto](https://github.com/getmoto/moto) from 5.0.16 to 5.0.27. - [Release notes](https://github.com/getmoto/moto/releases) - [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md) - [Commits](https://github.com/getmoto/moto/compare/5.0.16...5.0.27) --- updated-dependencies: - dependency-name: moto dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- poetry.lock | 63 ++++++++++++++++++-------------------------------- pyproject.toml | 2 +- 2 files changed, 24 insertions(+), 41 deletions(-) diff --git a/poetry.lock b/poetry.lock index 79f946085d8..78a5ec57bc0 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2055,23 +2055,6 @@ cryptography = "*" [package.extras] drafts = ["pycryptodome"] -[[package]] -name = "jsondiff" -version = "2.2.1" -description = "Diff JSON and JSON-like structures in Python" -optional = false -python-versions = ">=3.8" -files = [ - {file = "jsondiff-2.2.1-py3-none-any.whl", hash = "sha256:b1f0f7e2421881848b1d556d541ac01a91680cfcc14f51a9b62cdf4da0e56722"}, - {file = "jsondiff-2.2.1.tar.gz", hash = "sha256:658d162c8a86ba86de26303cd86a7b37e1b2c1ec98b569a60e2ca6180545f7fe"}, -] - -[package.dependencies] -pyyaml = "*" - -[package.extras] -dev = ["build", "hypothesis", "pytest", "setuptools-scm"] - [[package]] name = "jsonpatch" version = "1.33" @@ -2639,59 +2622,59 @@ test = ["pytest", "pytest-cov"] [[package]] name = "moto" -version = "5.0.16" -description = "" +version = "5.0.27" +description = "A library that allows you to easily mock out tests based on AWS infrastructure" optional = false python-versions = ">=3.8" files = [ - {file = "moto-5.0.16-py2.py3-none-any.whl", hash = "sha256:4ce1f34830307f7b3d553d77a7ef26066ab3b70006203d4226b048c9d11a3be4"}, - {file = "moto-5.0.16.tar.gz", hash = "sha256:f4afb176a964cd7a70da9bc5e053d43109614ce3cab26044bcbb53610435dff4"}, + {file = "moto-5.0.27-py3-none-any.whl", hash = "sha256:27042fd94c8def0166d9f2ae8d39d9488d4b3115542b5fca88566c0424549013"}, + {file = "moto-5.0.27.tar.gz", hash = "sha256:6c123de7e0e5e6508a10c399ba3ecf2d5143f263f8e804fd4a7091941c3f5207"}, ] [package.dependencies] antlr4-python3-runtime = {version = "*", optional = true, markers = "extra == \"all\""} aws-xray-sdk = {version = ">=0.93,<0.96 || >0.96", optional = true, markers = "extra == \"all\""} boto3 = ">=1.9.201" -botocore = ">=1.14.0" +botocore = ">=1.14.0,<1.35.45 || >1.35.45,<1.35.46 || >1.35.46" cfn-lint = {version = ">=0.40.0", optional = true, markers = "extra == \"all\""} -cryptography = ">=3.3.1" +cryptography = ">=35.0.0" docker = {version = ">=3.0.0", optional = true, markers = "extra == \"all\""} graphql-core = {version = "*", optional = true, markers = "extra == \"all\""} Jinja2 = ">=2.10.1" joserfc = {version = ">=0.9.0", optional = true, markers = "extra == \"all\""} -jsondiff = {version = ">=1.1.2", optional = true, markers = "extra == \"all\""} jsonpath-ng = {version = "*", optional = true, markers = "extra == \"all\""} +jsonschema = {version = "*", optional = true, markers = "extra == \"all\""} multipart = {version = "*", optional = true, markers = "extra == \"all\""} openapi-spec-validator = {version = ">=0.5.0", optional = true, markers = "extra == \"all\""} -py-partiql-parser = {version = "0.5.6", optional = true, markers = "extra == \"all\""} +py-partiql-parser = {version = "0.6.1", optional = true, markers = "extra == \"all\""} pyparsing = {version = ">=3.0.7", optional = true, markers = "extra == \"all\""} python-dateutil = ">=2.1,<3.0.0" PyYAML = {version = ">=5.1", optional = true, markers = "extra == \"all\""} requests = ">=2.5" -responses = ">=0.15.0" +responses = ">=0.15.0,<0.25.5 || >0.25.5" setuptools = {version = "*", optional = true, markers = "extra == \"all\""} werkzeug = ">=0.5,<2.2.0 || >2.2.0,<2.2.1 || >2.2.1" xmltodict = "*" [package.extras] -all = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] +all = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsonpath-ng", "jsonschema", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] apigateway = ["PyYAML (>=5.1)", "joserfc (>=0.9.0)", "openapi-spec-validator (>=0.5.0)"] apigatewayv2 = ["PyYAML (>=5.1)", "openapi-spec-validator (>=0.5.0)"] appsync = ["graphql-core"] awslambda = ["docker (>=3.0.0)"] batch = ["docker (>=3.0.0)"] -cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] +cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] cognitoidp = ["joserfc (>=0.9.0)"] -dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.6)"] -dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.6)"] +dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.6.1)"] +dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.6.1)"] events = ["jsonpath-ng"] glue = ["pyparsing (>=3.0.7)"] -iotdata = ["jsondiff (>=1.1.2)"] -proxy = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] -resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)"] -s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.5.6)"] -s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.5.6)"] -server = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] +proxy = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "graphql-core", "joserfc (>=0.9.0)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] +quicksight = ["jsonschema"] +resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)"] +s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.6.1)"] +s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.6.1)"] +server = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "joserfc (>=0.9.0)", "jsonpath-ng", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] ssm = ["PyYAML (>=5.1)"] stepfunctions = ["antlr4-python3-runtime", "jsonpath-ng"] xray = ["aws-xray-sdk (>=0.93,!=0.96)", "setuptools"] @@ -3631,13 +3614,13 @@ pydantic = "1.10.18" [[package]] name = "py-partiql-parser" -version = "0.5.6" +version = "0.6.1" description = "Pure Python PartiQL Parser" optional = false python-versions = "*" files = [ - {file = "py_partiql_parser-0.5.6-py2.py3-none-any.whl", hash = "sha256:622d7b0444becd08c1f4e9e73b31690f4b1c309ab6e5ed45bf607fe71319309f"}, - {file = "py_partiql_parser-0.5.6.tar.gz", hash = "sha256:6339f6bf85573a35686529fc3f491302e71dd091711dfe8df3be89a93767f97b"}, + {file = "py_partiql_parser-0.6.1-py2.py3-none-any.whl", hash = "sha256:ff6a48067bff23c37e9044021bf1d949c83e195490c17e020715e927fe5b2456"}, + {file = "py_partiql_parser-0.6.1.tar.gz", hash = "sha256:8583ff2a0e15560ef3bc3df109a7714d17f87d81d33e8c38b7fed4e58a63215d"}, ] [package.extras] @@ -5199,4 +5182,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.0" python-versions = ">=3.9,<3.13" -content-hash = "f61504004f28f4fc53d238f46538fe689237e9c5a53da34388ed4f826219ba84" +content-hash = "c9c870b99acdfb297d4dd3ce71b62a216e658895033c267b67f34a75d5b47834" diff --git a/pyproject.toml b/pyproject.toml index a3c2ffc0950..08eeb1e23ca 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -82,7 +82,7 @@ docker = "7.1.0" flake8 = "7.1.1" freezegun = "1.5.1" mock = "5.1.0" -moto = {extras = ["all"], version = "5.0.16"} +moto = {extras = ["all"], version = "5.0.27"} openapi-schema-validator = "0.6.3" openapi-spec-validator = "0.7.1" pylint = "3.3.3" From d1e890a6ffe91adea2f52a36a968a77abb8a767a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 21 Jan 2025 14:19:53 +0000 Subject: [PATCH 2/7] chore(deps-dev): bump moto from 5.0.16 to 5.0.27 Bumps [moto](https://github.com/getmoto/moto) from 5.0.16 to 5.0.27. - [Release notes](https://github.com/getmoto/moto/releases) - [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md) - [Commits](https://github.com/getmoto/moto/compare/5.0.16...5.0.27) --- updated-dependencies: - dependency-name: moto dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- poetry.lock | 63 ++++++++++++++++++-------------------------------- pyproject.toml | 2 +- 2 files changed, 24 insertions(+), 41 deletions(-) diff --git a/poetry.lock b/poetry.lock index 15cfa5bf4b0..f93f5b443c5 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2055,23 +2055,6 @@ cryptography = "*" [package.extras] drafts = ["pycryptodome"] -[[package]] -name = "jsondiff" -version = "2.2.1" -description = "Diff JSON and JSON-like structures in Python" -optional = false -python-versions = ">=3.8" -files = [ - {file = "jsondiff-2.2.1-py3-none-any.whl", hash = "sha256:b1f0f7e2421881848b1d556d541ac01a91680cfcc14f51a9b62cdf4da0e56722"}, - {file = "jsondiff-2.2.1.tar.gz", hash = "sha256:658d162c8a86ba86de26303cd86a7b37e1b2c1ec98b569a60e2ca6180545f7fe"}, -] - -[package.dependencies] -pyyaml = "*" - -[package.extras] -dev = ["build", "hypothesis", "pytest", "setuptools-scm"] - [[package]] name = "jsonpatch" version = "1.33" @@ -2639,59 +2622,59 @@ test = ["pytest", "pytest-cov"] [[package]] name = "moto" -version = "5.0.16" -description = "" +version = "5.0.27" +description = "A library that allows you to easily mock out tests based on AWS infrastructure" optional = false python-versions = ">=3.8" files = [ - {file = "moto-5.0.16-py2.py3-none-any.whl", hash = "sha256:4ce1f34830307f7b3d553d77a7ef26066ab3b70006203d4226b048c9d11a3be4"}, - {file = "moto-5.0.16.tar.gz", hash = "sha256:f4afb176a964cd7a70da9bc5e053d43109614ce3cab26044bcbb53610435dff4"}, + {file = "moto-5.0.27-py3-none-any.whl", hash = "sha256:27042fd94c8def0166d9f2ae8d39d9488d4b3115542b5fca88566c0424549013"}, + {file = "moto-5.0.27.tar.gz", hash = "sha256:6c123de7e0e5e6508a10c399ba3ecf2d5143f263f8e804fd4a7091941c3f5207"}, ] [package.dependencies] antlr4-python3-runtime = {version = "*", optional = true, markers = "extra == \"all\""} aws-xray-sdk = {version = ">=0.93,<0.96 || >0.96", optional = true, markers = "extra == \"all\""} boto3 = ">=1.9.201" -botocore = ">=1.14.0" +botocore = ">=1.14.0,<1.35.45 || >1.35.45,<1.35.46 || >1.35.46" cfn-lint = {version = ">=0.40.0", optional = true, markers = "extra == \"all\""} -cryptography = ">=3.3.1" +cryptography = ">=35.0.0" docker = {version = ">=3.0.0", optional = true, markers = "extra == \"all\""} graphql-core = {version = "*", optional = true, markers = "extra == \"all\""} Jinja2 = ">=2.10.1" joserfc = {version = ">=0.9.0", optional = true, markers = "extra == \"all\""} -jsondiff = {version = ">=1.1.2", optional = true, markers = "extra == \"all\""} jsonpath-ng = {version = "*", optional = true, markers = "extra == \"all\""} +jsonschema = {version = "*", optional = true, markers = "extra == \"all\""} multipart = {version = "*", optional = true, markers = "extra == \"all\""} openapi-spec-validator = {version = ">=0.5.0", optional = true, markers = "extra == \"all\""} -py-partiql-parser = {version = "0.5.6", optional = true, markers = "extra == \"all\""} +py-partiql-parser = {version = "0.6.1", optional = true, markers = "extra == \"all\""} pyparsing = {version = ">=3.0.7", optional = true, markers = "extra == \"all\""} python-dateutil = ">=2.1,<3.0.0" PyYAML = {version = ">=5.1", optional = true, markers = "extra == \"all\""} requests = ">=2.5" -responses = ">=0.15.0" +responses = ">=0.15.0,<0.25.5 || >0.25.5" setuptools = {version = "*", optional = true, markers = "extra == \"all\""} werkzeug = ">=0.5,<2.2.0 || >2.2.0,<2.2.1 || >2.2.1" xmltodict = "*" [package.extras] -all = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] +all = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsonpath-ng", "jsonschema", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] apigateway = ["PyYAML (>=5.1)", "joserfc (>=0.9.0)", "openapi-spec-validator (>=0.5.0)"] apigatewayv2 = ["PyYAML (>=5.1)", "openapi-spec-validator (>=0.5.0)"] appsync = ["graphql-core"] awslambda = ["docker (>=3.0.0)"] batch = ["docker (>=3.0.0)"] -cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] +cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] cognitoidp = ["joserfc (>=0.9.0)"] -dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.6)"] -dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.6)"] +dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.6.1)"] +dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.6.1)"] events = ["jsonpath-ng"] glue = ["pyparsing (>=3.0.7)"] -iotdata = ["jsondiff (>=1.1.2)"] -proxy = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] -resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)"] -s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.5.6)"] -s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.5.6)"] -server = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.6)", "pyparsing (>=3.0.7)", "setuptools"] +proxy = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "graphql-core", "joserfc (>=0.9.0)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] +quicksight = ["jsonschema"] +resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)"] +s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.6.1)"] +s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.6.1)"] +server = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "joserfc (>=0.9.0)", "jsonpath-ng", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.6.1)", "pyparsing (>=3.0.7)", "setuptools"] ssm = ["PyYAML (>=5.1)"] stepfunctions = ["antlr4-python3-runtime", "jsonpath-ng"] xray = ["aws-xray-sdk (>=0.93,!=0.96)", "setuptools"] @@ -3631,13 +3614,13 @@ pydantic = "1.10.18" [[package]] name = "py-partiql-parser" -version = "0.5.6" +version = "0.6.1" description = "Pure Python PartiQL Parser" optional = false python-versions = "*" files = [ - {file = "py_partiql_parser-0.5.6-py2.py3-none-any.whl", hash = "sha256:622d7b0444becd08c1f4e9e73b31690f4b1c309ab6e5ed45bf607fe71319309f"}, - {file = "py_partiql_parser-0.5.6.tar.gz", hash = "sha256:6339f6bf85573a35686529fc3f491302e71dd091711dfe8df3be89a93767f97b"}, + {file = "py_partiql_parser-0.6.1-py2.py3-none-any.whl", hash = "sha256:ff6a48067bff23c37e9044021bf1d949c83e195490c17e020715e927fe5b2456"}, + {file = "py_partiql_parser-0.6.1.tar.gz", hash = "sha256:8583ff2a0e15560ef3bc3df109a7714d17f87d81d33e8c38b7fed4e58a63215d"}, ] [package.extras] @@ -5199,4 +5182,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.0" python-versions = ">=3.9,<3.13" -content-hash = "dca46badb8c71b7a99cdfe6b6ecd6c421e5acb6c602f913eec16126a4c97ca22" +content-hash = "4b340d703e81427c719df1e9f135e1bfd24ae4bd40e07311f16b8cc6b67ebb41" diff --git a/pyproject.toml b/pyproject.toml index 591011f9c02..86ed8bbdcb8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -82,7 +82,7 @@ docker = "7.1.0" flake8 = "7.1.1" freezegun = "1.5.1" mock = "5.1.0" -moto = {extras = ["all"], version = "5.0.16"} +moto = {extras = ["all"], version = "5.0.27"} openapi-schema-validator = "0.6.3" openapi-spec-validator = "0.7.1" pylint = "3.3.3" From ad057a5e35ad54aa2f614ff5c746d39665680700 Mon Sep 17 00:00:00 2001 From: MrCloudSec Date: Tue, 21 Jan 2025 10:11:56 -0500 Subject: [PATCH 3/7] fix: tests --- tests/providers/aws/aws_provider_test.py | 4 +- ...ions_account_part_of_organizations_test.py | 2 +- ...nizations_delegated_administrators_test.py | 6 +- ...ganizations_scp_check_deny_regions_test.py | 10 +- .../organizations_service_test.py | 12 +-- ...io_shared_within_organization_only_test.py | 91 +++++++++++-------- 6 files changed, 68 insertions(+), 57 deletions(-) diff --git a/tests/providers/aws/aws_provider_test.py b/tests/providers/aws/aws_provider_test.py index 36ffcfe5db1..4e864982dc1 100644 --- a/tests/providers/aws/aws_provider_test.py +++ b/tests/providers/aws/aws_provider_test.py @@ -327,7 +327,7 @@ def test_aws_provider_with_session_credentials(self): @mock_aws def test_aws_provider_organizations_delegated_administrator(self): organizations_client = client("organizations", region_name=AWS_REGION_EU_WEST_1) - organization = organizations_client.create_organization()["Organization"] + organization = organizations_client.describe_organization()["Organization"] organizations_client.tag_resource( ResourceId=AWS_ACCOUNT_NUMBER, Tags=[ @@ -404,7 +404,7 @@ def test_aws_provider_organizations_with_role(self): PolicyArn=policy["Arn"], ) organizations_client = client("organizations", region_name=AWS_REGION_EU_WEST_1) - organization = organizations_client.create_organization()["Organization"] + organization = organizations_client.describe_organization()["Organization"] organizations_client.tag_resource( ResourceId=AWS_ACCOUNT_NUMBER, Tags=[ diff --git a/tests/providers/aws/services/organizations/organizations_account_part_of_organizations/organizations_account_part_of_organizations_test.py b/tests/providers/aws/services/organizations/organizations_account_part_of_organizations/organizations_account_part_of_organizations_test.py index d2deed35532..2d60a81ccd8 100644 --- a/tests/providers/aws/services/organizations/organizations_account_part_of_organizations/organizations_account_part_of_organizations_test.py +++ b/tests/providers/aws/services/organizations/organizations_account_part_of_organizations/organizations_account_part_of_organizations_test.py @@ -51,7 +51,7 @@ def test_organization(self): # Create Organization conn = client("organizations") - response = conn.create_organization() + response = conn.describe_organization() org_id = response["Organization"]["Id"] with mock.patch( diff --git a/tests/providers/aws/services/organizations/organizations_delegated_administrators/organizations_delegated_administrators_test.py b/tests/providers/aws/services/organizations/organizations_delegated_administrators/organizations_delegated_administrators_test.py index 2700cdc7c59..d7a0c479fb9 100644 --- a/tests/providers/aws/services/organizations/organizations_delegated_administrators/organizations_delegated_administrators_test.py +++ b/tests/providers/aws/services/organizations/organizations_delegated_administrators/organizations_delegated_administrators_test.py @@ -45,7 +45,7 @@ def test_organization_no_delegations(self): # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() org_id = response["Organization"]["Id"] with mock.patch( @@ -80,7 +80,7 @@ def test_organization_trusted_delegated(self): # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() # Create Dummy Account account = conn.create_account( Email="test@test.com", @@ -133,7 +133,7 @@ def test_organization_untrusted_delegated(self): # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() # Create Dummy Account account = conn.create_account( Email="test@test.com", diff --git a/tests/providers/aws/services/organizations/organizations_scp_check_deny_regions/organizations_scp_check_deny_regions_test.py b/tests/providers/aws/services/organizations/organizations_scp_check_deny_regions/organizations_scp_check_deny_regions_test.py index 8289ed99c74..c575e4abfd3 100644 --- a/tests/providers/aws/services/organizations/organizations_scp_check_deny_regions/organizations_scp_check_deny_regions_test.py +++ b/tests/providers/aws/services/organizations/organizations_scp_check_deny_regions/organizations_scp_check_deny_regions_test.py @@ -64,7 +64,7 @@ def test_organization_without_scp_deny_regions(self): # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() org_id = response["Organization"]["Id"] with mock.patch( @@ -103,7 +103,7 @@ def test_organization_with_scp_deny_regions_valid(self): # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() # Create Policy response_policy = conn.create_policy( Content=scp_restrict_regions_with_deny(), @@ -149,7 +149,7 @@ def test_organization_with_scp_deny_regions_not_valid(self): # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() # Create Policy response_policy = conn.create_policy( Content=scp_restrict_regions_with_deny(), @@ -203,7 +203,7 @@ def test_organization_with_scp_deny_all_regions_valid(self): } # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() # Create Policy response_policy = conn.create_policy( Content=scp_restrict_regions_with_deny(), @@ -255,7 +255,7 @@ def test_access_denied(self): # Create Organization conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() + response = conn.describe_organization() response["Organization"]["Arn"] with mock.patch( diff --git a/tests/providers/aws/services/organizations/organizations_service_test.py b/tests/providers/aws/services/organizations/organizations_service_test.py index 8f6b56fb99e..88cc8f45bb3 100644 --- a/tests/providers/aws/services/organizations/organizations_service_test.py +++ b/tests/providers/aws/services/organizations/organizations_service_test.py @@ -22,11 +22,11 @@ def test_service(self): @mock_aws def test_describe_organization(self): - conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - response = conn.create_organization() aws_provider = set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1], create_default_organization=False + [AWS_REGION_EU_WEST_1], ) + conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) + response = conn.describe_organization() organizations = Organizations(aws_provider) assert organizations.organization.arn == response["Organization"]["Arn"] assert organizations.organization.id == response["Organization"]["Id"] @@ -39,15 +39,14 @@ def test_describe_organization(self): @mock_aws def test_list_policies(self): + aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - conn.create_organization() response = conn.create_policy( Content=scp_restrict_regions_with_deny(), Description="Test", Name="Test", Type="SERVICE_CONTROL_POLICY", ) - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) organizations = Organizations(aws_provider) for policy in organizations.policies: if policy.arn == response["Policy"]["PolicySummary"]["Arn"]: @@ -58,15 +57,14 @@ def test_list_policies(self): @mock_aws def test_describe_policy(self): + aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) conn = client("organizations", region_name=AWS_REGION_EU_WEST_1) - conn.create_organization() response = conn.create_policy( Content=scp_restrict_regions_with_deny(), Description="Test", Name="Test", Type="SERVICE_CONTROL_POLICY", ) - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) organizations = Organizations(aws_provider) policy = organizations._describe_policy( response["Policy"]["PolicySummary"]["Id"] diff --git a/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py b/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py index 4b47b5d7927..2258ff8725a 100644 --- a/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py +++ b/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py @@ -70,12 +70,15 @@ class Test_servicecatalog_portfolio_shared_within_organization_only: def test_no_portfolios(self): aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", - new=ServiceCatalog(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", + new=ServiceCatalog(aws_provider), + ), ): from prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only import ( servicecatalog_portfolio_shared_within_organization_only, @@ -90,18 +93,22 @@ def test_no_portfolios(self): def test_organizations_not_active(self): client("servicecatalog", region_name=AWS_REGION_EU_WEST_1) aws_provider = set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1], create_default_organization=False + [AWS_REGION_EU_WEST_1], ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", - new=ServiceCatalog(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.organizations_client", - new=Organizations(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", + new=ServiceCatalog(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.organizations_client", + new=Organizations(aws_provider), + ), ): from prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only import ( servicecatalog_portfolio_shared_within_organization_only, @@ -116,18 +123,20 @@ def test_organizations_not_active(self): def test_portfolio_share_account(self): client("servicecatalog", region_name=AWS_REGION_EU_WEST_1) aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) - conn = client("organizations") - conn.create_organization() - - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", - new=ServiceCatalog(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.organizations_client", - new=Organizations(aws_provider), + + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", + new=ServiceCatalog(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.organizations_client", + new=Organizations(aws_provider), + ), ): from prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only import ( servicecatalog_portfolio_shared_within_organization_only, @@ -155,17 +164,21 @@ def test_portfolio_share_organization(self): aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) conn = client("organizations") - conn.create_organization() - - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", - new=ServiceCatalog(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.organizations_client", - new=Organizations(aws_provider), + conn.describe_organization() + + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_client", + new=ServiceCatalog(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only.organizations_client", + new=Organizations(aws_provider), + ), ): from prowler.providers.aws.services.servicecatalog.servicecatalog_portfolio_shared_within_organization_only.servicecatalog_portfolio_shared_within_organization_only import ( servicecatalog_portfolio_shared_within_organization_only, From a48591ee5616233b56131bd2fc1a9aab10c1973b Mon Sep 17 00:00:00 2001 From: MrCloudSec Date: Tue, 21 Jan 2025 10:15:39 -0500 Subject: [PATCH 4/7] fix: tests --- ..._cross_zone_load_balancing_enabled_test.py | 88 +++++++----- .../elbv2_deletion_protection_test.py | 66 +++++---- .../elbv2_desync_mitigation_mode_test.py | 88 +++++++----- .../elbv2_insecure_ssl_ciphers_test.py | 66 +++++---- .../elbv2_internet_facing_test.py | 89 +++++++----- .../elbv2_listeners_underneath_test.py | 66 +++++---- .../elbv2_logging_enabled_test.py | 66 +++++---- .../elbv2_nlb_tls_termination_enabled_test.py | 66 +++++---- .../elbv2_ssl_listeners_test.py | 88 +++++++----- .../elbv2_waf_acl_attached_test.py | 133 +++++++++++------- 10 files changed, 519 insertions(+), 297 deletions(-) diff --git a/tests/providers/aws/services/elbv2/elbv2_cross_zone_load_balancing_enabled/elbv2_cross_zone_load_balancing_enabled_test.py b/tests/providers/aws/services/elbv2/elbv2_cross_zone_load_balancing_enabled/elbv2_cross_zone_load_balancing_enabled_test.py index 2c372e81f47..57eb34fbcfd 100644 --- a/tests/providers/aws/services/elbv2/elbv2_cross_zone_load_balancing_enabled/elbv2_cross_zone_load_balancing_enabled_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_cross_zone_load_balancing_enabled/elbv2_cross_zone_load_balancing_enabled_test.py @@ -17,15 +17,21 @@ class Test_elbv2_cross_zone_load_balancing_enabled: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -75,15 +81,21 @@ def test_elbv2_alb(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled import ( @@ -132,15 +144,21 @@ def test_elbv2_without_cross_zone_load_balancing_enabled(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled import ( @@ -196,15 +214,21 @@ def test_elbv2_with_cross_zone_load_balancing_enabled(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_cross_zone_load_balancing_enabled.elbv2_cross_zone_load_balancing_enabled import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_deletion_protection/elbv2_deletion_protection_test.py b/tests/providers/aws/services/elbv2/elbv2_deletion_protection/elbv2_deletion_protection_test.py index f7b34547a8b..402eaab9ea5 100644 --- a/tests/providers/aws/services/elbv2/elbv2_deletion_protection/elbv2_deletion_protection_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_deletion_protection/elbv2_deletion_protection_test.py @@ -17,15 +17,21 @@ class Test_elbv2_deletion_protection: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -75,15 +81,21 @@ def test_elbv2_without_deletion_protection(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection import ( @@ -138,15 +150,21 @@ def test_elbv2_with_deletion_protection(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_deletion_protection.elbv2_deletion_protection import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_desync_mitigation_mode/elbv2_desync_mitigation_mode_test.py b/tests/providers/aws/services/elbv2/elbv2_desync_mitigation_mode/elbv2_desync_mitigation_mode_test.py index c2188c495b6..3f9a015c93f 100644 --- a/tests/providers/aws/services/elbv2/elbv2_desync_mitigation_mode/elbv2_desync_mitigation_mode_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_desync_mitigation_mode/elbv2_desync_mitigation_mode_test.py @@ -17,15 +17,21 @@ class Test_elbv2_desync_mitigation_mode: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -79,15 +85,21 @@ def test_elbv2_without_desync_mitigation_mode_and_not_dropping_headers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode import ( @@ -147,15 +159,21 @@ def test_elbv2_without_desync_mitigation_mode_but_dropping_headers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode import ( @@ -210,15 +228,21 @@ def test_elbv2_with_desync_mitigation_mode(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_desync_mitigation_mode.elbv2_desync_mitigation_mode import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_insecure_ssl_ciphers/elbv2_insecure_ssl_ciphers_test.py b/tests/providers/aws/services/elbv2/elbv2_insecure_ssl_ciphers/elbv2_insecure_ssl_ciphers_test.py index 11087f0b3e1..b4bf699c70c 100644 --- a/tests/providers/aws/services/elbv2/elbv2_insecure_ssl_ciphers/elbv2_insecure_ssl_ciphers_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_insecure_ssl_ciphers/elbv2_insecure_ssl_ciphers_test.py @@ -17,15 +17,21 @@ class Test_elbv2_insecure_ssl_ciphers: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -92,15 +98,21 @@ def test_elbv2_listener_with_secure_policy(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers import ( @@ -171,15 +183,21 @@ def test_elbv2_with_HTTPS_listener(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_insecure_ssl_ciphers.elbv2_insecure_ssl_ciphers import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_internet_facing/elbv2_internet_facing_test.py b/tests/providers/aws/services/elbv2/elbv2_internet_facing/elbv2_internet_facing_test.py index b2aab88eb44..50fb92fb4f8 100644 --- a/tests/providers/aws/services/elbv2/elbv2_internet_facing/elbv2_internet_facing_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_internet_facing/elbv2_internet_facing_test.py @@ -17,15 +17,21 @@ class Test_elbv2_internet_facing: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -68,15 +74,21 @@ def test_elbv2_private(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing import ( @@ -123,15 +135,21 @@ def test_elbv2_internet_facing(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing import ( @@ -196,17 +214,20 @@ def test_elbv2_public_sg(self): [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", - new=ELBv2(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.ec2_client", - new=EC2(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.elbv2_client", + new=ELBv2(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing.ec2_client", + new=EC2(aws_provider), + ), ): - from prowler.providers.aws.services.elbv2.elbv2_internet_facing.elbv2_internet_facing import ( elbv2_internet_facing, ) diff --git a/tests/providers/aws/services/elbv2/elbv2_listeners_underneath/elbv2_listeners_underneath_test.py b/tests/providers/aws/services/elbv2/elbv2_listeners_underneath/elbv2_listeners_underneath_test.py index ebec903cc3d..55e5dbb0a30 100644 --- a/tests/providers/aws/services/elbv2/elbv2_listeners_underneath/elbv2_listeners_underneath_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_listeners_underneath/elbv2_listeners_underneath_test.py @@ -17,15 +17,21 @@ class Test_elbv2_listeners_underneath: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -68,15 +74,21 @@ def test_elbv2_without_listeners(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath import ( @@ -145,15 +157,21 @@ def test_elbv2_with_listeners(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_listeners_underneath.elbv2_listeners_underneath import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_logging_enabled/elbv2_logging_enabled_test.py b/tests/providers/aws/services/elbv2/elbv2_logging_enabled/elbv2_logging_enabled_test.py index 48a7c69a8f7..1177923c190 100644 --- a/tests/providers/aws/services/elbv2/elbv2_logging_enabled/elbv2_logging_enabled_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_logging_enabled/elbv2_logging_enabled_test.py @@ -17,15 +17,21 @@ class Test_elbv2_logging_enabled: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -78,15 +84,21 @@ def test_elbv2_without_logging_enabled(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled import ( @@ -144,15 +156,21 @@ def test_elbv2_with_logging_enabled(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_logging_enabled.elbv2_logging_enabled import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_nlb_tls_termination_enabled/elbv2_nlb_tls_termination_enabled_test.py b/tests/providers/aws/services/elbv2/elbv2_nlb_tls_termination_enabled/elbv2_nlb_tls_termination_enabled_test.py index d861765666e..99fdf23d2f0 100644 --- a/tests/providers/aws/services/elbv2/elbv2_nlb_tls_termination_enabled/elbv2_nlb_tls_termination_enabled_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_nlb_tls_termination_enabled/elbv2_nlb_tls_termination_enabled_test.py @@ -17,15 +17,21 @@ class Test_elbv2_nlb_listener_security: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -91,15 +97,21 @@ def test_elbv2_without_tls_listener(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled import ( @@ -171,15 +183,21 @@ def test_elbv2_with_tls_listener(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_nlb_tls_termination_enabled.elbv2_nlb_tls_termination_enabled import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_ssl_listeners/elbv2_ssl_listeners_test.py b/tests/providers/aws/services/elbv2/elbv2_ssl_listeners/elbv2_ssl_listeners_test.py index 7315542743e..d7c57a5def9 100644 --- a/tests/providers/aws/services/elbv2/elbv2_ssl_listeners/elbv2_ssl_listeners_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_ssl_listeners/elbv2_ssl_listeners_test.py @@ -17,15 +17,21 @@ class Test_elbv2_ssl_listeners: def test_elb_no_balancers(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -90,15 +96,21 @@ def test_elbv2_with_HTTP_listener(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners import ( @@ -168,15 +180,21 @@ def test_elbv2_with_HTTPS_listener(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners import ( @@ -238,15 +256,21 @@ def test_elbv2_with_HTTPS_redirection(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elbv2.elbv2_ssl_listeners.elbv2_ssl_listeners import ( diff --git a/tests/providers/aws/services/elbv2/elbv2_waf_acl_attached/elbv2_waf_acl_attached_test.py b/tests/providers/aws/services/elbv2/elbv2_waf_acl_attached/elbv2_waf_acl_attached_test.py index 260e6899b25..effb7dc9fb7 100644 --- a/tests/providers/aws/services/elbv2/elbv2_waf_acl_attached/elbv2_waf_acl_attached_test.py +++ b/tests/providers/aws/services/elbv2/elbv2_waf_acl_attached/elbv2_waf_acl_attached_test.py @@ -41,25 +41,39 @@ def test_elb_no_balancers(self): from prowler.providers.aws.services.waf.waf_service import WAFRegional from prowler.providers.aws.services.wafv2.wafv2_service import WAFv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client", - new=WAFv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client", + new=WAFv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafregional_client", - new=WAFRegional( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafregional_client", + new=WAFRegional( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -114,25 +128,39 @@ def test_elbv2_without_WAF(self): from prowler.providers.aws.services.waf.waf_service import WAFRegional from prowler.providers.aws.services.wafv2.wafv2_service import WAFv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client", - new=WAFv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client", + new=WAFv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafregional_client", - new=WAFRegional( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafregional_client", + new=WAFRegional( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -196,27 +224,38 @@ def test_elbv2_with_WAF(self): from prowler.providers.aws.services.waf.waf_service import WAFRegional from prowler.providers.aws.services.wafv2.wafv2_service import WAFv2 - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] - ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client", - new=ELBv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client", - new=WAFv2( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), - ) as service_client: + mock.patch( + "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafv2_client", + new=WAFv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), + ) as service_client, + ): with mock.patch( "prowler.providers.aws.services.elbv2.elbv2_waf_acl_attached.elbv2_waf_acl_attached.wafregional_client", new=WAFRegional( set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, ) ), ): From 8d01eca49944446c69728d3b8672177f3bb82c39 Mon Sep 17 00:00:00 2001 From: MrCloudSec Date: Tue, 21 Jan 2025 11:18:25 -0500 Subject: [PATCH 5/7] fix: tests --- .../services/opensearch/opensearch_service.py | 1 - .../providers/aws/services/rds/rds_service.py | 21 +- ...rations_cloudtrail_logging_enabled_test.py | 120 +++++---- .../awslambda/awslambda_service_test.py | 2 +- .../ecs_service_no_assign_public_ip_test.py | 81 ++++-- .../ecs_task_sets_no_assign_public_ip_test.py | 81 ++++-- .../elb_desync_mitigation_mode_test.py | 88 ++++--- .../elb_insecure_ssl_ciphers_test.py | 66 +++-- .../elb_internet_facing_test.py | 66 +++-- .../elb_logging_enabled_test.py | 66 +++-- .../elb_ssl_listeners_test.py | 66 +++-- .../emr_cluster_publicly_accesible_test.py | 125 +++++---- ...policy_allows_privilege_escalation_test.py | 241 +++++++++++------- ...oot_credentials_management_enabled_test.py | 52 ++-- ...d_sensitive_data_discovery_enabled_test.py | 60 +++-- .../macie_is_enabled/macie_is_enabled_test.py | 150 +++++++---- ...ance_minor_version_upgrade_enabled_test.py | 8 +- .../rds_instance_no_public_access_test.py | 43 ++-- ...io_shared_within_organization_only_test.py | 2 +- ...otection_in_associated_elastic_ips_test.py | 104 +++++--- ...otection_in_classic_load_balancers_test.py | 104 +++++--- ..._in_internet_facing_load_balancers_test.py | 130 ++++++---- .../stepfunctions_service_test.py | 8 +- 23 files changed, 1069 insertions(+), 616 deletions(-) diff --git a/prowler/providers/aws/services/opensearch/opensearch_service.py b/prowler/providers/aws/services/opensearch/opensearch_service.py index 72bf36b29d7..a11b71f58f1 100644 --- a/prowler/providers/aws/services/opensearch/opensearch_service.py +++ b/prowler/providers/aws/services/opensearch/opensearch_service.py @@ -10,7 +10,6 @@ class OpenSearchService(AWSService): def __init__(self, provider): - # Call AWSService's __init__ super().__init__("opensearch", provider) self.opensearch_domains = {} self.__threading_call__(self._list_domain_names) diff --git a/prowler/providers/aws/services/rds/rds_service.py b/prowler/providers/aws/services/rds/rds_service.py index 819d15660b0..320b997bba2 100644 --- a/prowler/providers/aws/services/rds/rds_service.py +++ b/prowler/providers/aws/services/rds/rds_service.py @@ -121,14 +121,19 @@ def _describe_db_parameters(self, regional_client): for instance in self.db_instances.values(): if instance.region == regional_client.region: for parameter_group in instance.parameter_groups: - describe_db_parameters_paginator = ( - regional_client.get_paginator("describe_db_parameters") - ) - for page in describe_db_parameters_paginator.paginate( - DBParameterGroupName=parameter_group - ): - for parameter in page["Parameters"]: - instance.parameters.append(parameter) + try: + describe_db_parameters_paginator = ( + regional_client.get_paginator("describe_db_parameters") + ) + for page in describe_db_parameters_paginator.paginate( + DBParameterGroupName=parameter_group + ): + for parameter in page["Parameters"]: + instance.parameters.append(parameter) + except Exception as error: + logger.error( + f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" + ) except Exception as error: logger.error( diff --git a/tests/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled_test.py b/tests/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled_test.py index 8558cbb4db3..c6e1ba997d3 100644 --- a/tests/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled_test.py +++ b/tests/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled_test.py @@ -36,15 +36,21 @@ def test_no_functions(self): Cloudtrail, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", - new=lambda_client, - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", - new=Cloudtrail(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", + new=lambda_client, + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", + new=Cloudtrail( + set_mocked_aws_provider(create_default_organization=False) + ), + ), ): # Test Check from prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled import ( @@ -89,15 +95,21 @@ def test_lambda_not_recorded_by_cloudtrail(self): Cloudtrail, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", - new=lambda_client, - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", - new=Cloudtrail(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", + new=lambda_client, + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", + new=Cloudtrail( + set_mocked_aws_provider(create_default_organization=False) + ), + ), ): # Test Check from prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled import ( @@ -163,15 +175,21 @@ def test_lambda_recorded_by_cloudtrail_classic_event_selector(self): Cloudtrail, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", - new=lambda_client, - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", - new=Cloudtrail(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", + new=lambda_client, + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", + new=Cloudtrail( + set_mocked_aws_provider(create_default_organization=False) + ), + ), ): # Test Check from prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled import ( @@ -240,15 +258,21 @@ def test_lambda_recorded_by_cloudtrail_advanced_event_selector(self): Cloudtrail, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", - new=lambda_client, - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", - new=Cloudtrail(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", + new=lambda_client, + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", + new=Cloudtrail( + set_mocked_aws_provider(create_default_organization=False) + ), + ), ): # Test Check from prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled import ( @@ -314,15 +338,21 @@ def test_all_lambdas_recorded_by_cloudtrail(self): Cloudtrail, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", - new=lambda_client, - ), mock.patch( - "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", - new=Cloudtrail(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_client", + new=lambda_client, + ), + mock.patch( + "prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.cloudtrail_client", + new=Cloudtrail( + set_mocked_aws_provider(create_default_organization=False) + ), + ), ): # Test Check from prowler.providers.aws.services.awslambda.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.awslambda_function_invoke_api_operations_cloudtrail_logging_enabled import ( diff --git a/tests/providers/aws/services/awslambda/awslambda_service_test.py b/tests/providers/aws/services/awslambda/awslambda_service_test.py index f3247f044fb..412c944d8b1 100644 --- a/tests/providers/aws/services/awslambda/awslambda_service_test.py +++ b/tests/providers/aws/services/awslambda/awslambda_service_test.py @@ -241,7 +241,7 @@ def test_list_functions(self): for function, function_code in awslambda._get_function_code(): if function.arn == lambda_arn_1 or function.arn == lambda_arn_2: assert search( - f"s3://awslambda-{function.region}-tasks.s3-{function.region}.amazonaws.com", + f"https://awslambda-{function.region}-tasks.s3.{function.region}.amazonaws.com", function_code.location, ) assert function_code diff --git a/tests/providers/aws/services/ecs/ecs_service_no_assign_public_ip/ecs_service_no_assign_public_ip_test.py b/tests/providers/aws/services/ecs/ecs_service_no_assign_public_ip/ecs_service_no_assign_public_ip_test.py index 38753ffeae5..0fd0bb6672e 100644 --- a/tests/providers/aws/services/ecs/ecs_service_no_assign_public_ip/ecs_service_no_assign_public_ip_test.py +++ b/tests/providers/aws/services/ecs/ecs_service_no_assign_public_ip/ecs_service_no_assign_public_ip_test.py @@ -76,12 +76,15 @@ def test_no_services(self): mocked_aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) - with patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=mocked_aws_provider, - ), patch( - "prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip.ecs_client", - new=ECS(mocked_aws_provider), + with ( + patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=mocked_aws_provider, + ), + patch( + "prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip.ecs_client", + new=ECS(mocked_aws_provider), + ), ): from prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip import ( ecs_service_no_assign_public_ip, @@ -94,6 +97,20 @@ def test_no_services(self): @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @mock_aws def test_service_with_no_public_ip(self): + ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) + vpc = ec2_client.create_vpc(CidrBlock="10.0.0.0/16") + vpc_id = vpc["Vpc"]["VpcId"] + subnet = ec2_client.create_subnet( + VpcId=vpc_id, + CidrBlock="10.0.1.0/24", + AvailabilityZone=f"{AWS_REGION_US_EAST_1}a", + )["Subnet"]["SubnetId"] + sg = ec2_client.create_security_group( + GroupName="alb-sg", + Description="Security group for ALB", + VpcId=vpc_id, + ) + sg_id = sg["GroupId"] ecs_client = client("ecs", region_name=AWS_REGION_US_EAST_1) ecs_client.create_cluster(clusterName="sample-cluster") @@ -105,8 +122,8 @@ def test_service_with_no_public_ip(self): launchType="FARGATE", networkConfiguration={ "awsvpcConfiguration": { - "subnets": ["subnet-123456"], - "securityGroups": ["sg-123456"], + "subnets": [subnet], + "securityGroups": [sg_id], "assignPublicIp": "DISABLED", } }, @@ -116,12 +133,15 @@ def test_service_with_no_public_ip(self): mocked_aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) - with patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=mocked_aws_provider, - ), patch( - "prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip.ecs_client", - new=ECS(mocked_aws_provider), + with ( + patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=mocked_aws_provider, + ), + patch( + "prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip.ecs_client", + new=ECS(mocked_aws_provider), + ), ): from prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip import ( ecs_service_no_assign_public_ip, @@ -143,6 +163,20 @@ def test_service_with_no_public_ip(self): @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) @mock_aws def test_task_definition_no_host_network_mode(self): + ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) + vpc = ec2_client.create_vpc(CidrBlock="10.0.0.0/16") + vpc_id = vpc["Vpc"]["VpcId"] + subnet = ec2_client.create_subnet( + VpcId=vpc_id, + CidrBlock="10.0.1.0/24", + AvailabilityZone=f"{AWS_REGION_US_EAST_1}a", + )["Subnet"]["SubnetId"] + sg = ec2_client.create_security_group( + GroupName="alb-sg", + Description="Security group for ALB", + VpcId=vpc_id, + ) + sg_id = sg["GroupId"] ecs_client = client("ecs", region_name=AWS_REGION_US_EAST_1) ecs_client.create_cluster(clusterName="sample-cluster") @@ -154,8 +188,8 @@ def test_task_definition_no_host_network_mode(self): launchType="FARGATE", networkConfiguration={ "awsvpcConfiguration": { - "subnets": ["subnet-123456"], - "securityGroups": ["sg-123456"], + "subnets": [subnet], + "securityGroups": [sg_id], "assignPublicIp": "ENABLED", } }, @@ -165,12 +199,15 @@ def test_task_definition_no_host_network_mode(self): mocked_aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) - with patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=mocked_aws_provider, - ), patch( - "prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip.ecs_client", - new=ECS(mocked_aws_provider), + with ( + patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=mocked_aws_provider, + ), + patch( + "prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip.ecs_client", + new=ECS(mocked_aws_provider), + ), ): from prowler.providers.aws.services.ecs.ecs_service_no_assign_public_ip.ecs_service_no_assign_public_ip import ( ecs_service_no_assign_public_ip, diff --git a/tests/providers/aws/services/ecs/ecs_task_sets_no_assign_public_ip/ecs_task_sets_no_assign_public_ip_test.py b/tests/providers/aws/services/ecs/ecs_task_sets_no_assign_public_ip/ecs_task_sets_no_assign_public_ip_test.py index de2f9777668..c904d802316 100644 --- a/tests/providers/aws/services/ecs/ecs_task_sets_no_assign_public_ip/ecs_task_sets_no_assign_public_ip_test.py +++ b/tests/providers/aws/services/ecs/ecs_task_sets_no_assign_public_ip/ecs_task_sets_no_assign_public_ip_test.py @@ -109,12 +109,15 @@ def test_no_services(self): mocked_aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) - with patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=mocked_aws_provider, - ), patch( - "prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip.ecs_client", - new=ECS(mocked_aws_provider), + with ( + patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=mocked_aws_provider, + ), + patch( + "prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip.ecs_client", + new=ECS(mocked_aws_provider), + ), ): from prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip import ( ecs_task_set_no_assign_public_ip, @@ -127,6 +130,20 @@ def test_no_services(self): @mock_aws @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) def test_task_set_with_no_public_ip(self): + ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) + vpc = ec2_client.create_vpc(CidrBlock="10.0.0.0/16") + vpc_id = vpc["Vpc"]["VpcId"] + subnet = ec2_client.create_subnet( + VpcId=vpc_id, + CidrBlock="10.0.1.0/24", + AvailabilityZone=f"{AWS_REGION_US_EAST_1}a", + )["Subnet"]["SubnetId"] + sg = ec2_client.create_security_group( + GroupName="alb-sg", + Description="Security group for ALB", + VpcId=vpc_id, + ) + sg_id = sg["GroupId"] ecs_client = client("ecs", region_name=AWS_REGION_US_EAST_1) ecs_client.create_cluster(clusterName="sample-cluster") @@ -138,8 +155,8 @@ def test_task_set_with_no_public_ip(self): launchType="FARGATE", networkConfiguration={ "awsvpcConfiguration": { - "subnets": ["subnet-123456"], - "securityGroups": ["sg-123456"], + "subnets": [subnet], + "securityGroups": [sg_id], "assignPublicIp": "DISABLED", } }, @@ -149,12 +166,15 @@ def test_task_set_with_no_public_ip(self): mocked_aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) - with patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=mocked_aws_provider, - ), patch( - "prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip.ecs_client", - new=ECS(mocked_aws_provider), + with ( + patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=mocked_aws_provider, + ), + patch( + "prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip.ecs_client", + new=ECS(mocked_aws_provider), + ), ): from prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip import ( ecs_task_set_no_assign_public_ip, @@ -179,6 +199,20 @@ def test_task_set_with_no_public_ip(self): @mock_aws @patch("botocore.client.BaseClient._make_api_call", new=mock_make_api_call) def test_task_set_public_ip(self): + ec2_client = client("ec2", region_name=AWS_REGION_US_EAST_1) + vpc = ec2_client.create_vpc(CidrBlock="10.0.0.0/16") + vpc_id = vpc["Vpc"]["VpcId"] + subnet = ec2_client.create_subnet( + VpcId=vpc_id, + CidrBlock="10.0.1.0/24", + AvailabilityZone=f"{AWS_REGION_US_EAST_1}a", + )["Subnet"]["SubnetId"] + sg = ec2_client.create_security_group( + GroupName="alb-sg", + Description="Security group for ALB", + VpcId=vpc_id, + ) + sg_id = sg["GroupId"] ecs_client = client("ecs", region_name=AWS_REGION_US_EAST_1) ecs_client.create_cluster(clusterName="sample-cluster") @@ -190,8 +224,8 @@ def test_task_set_public_ip(self): launchType="FARGATE", networkConfiguration={ "awsvpcConfiguration": { - "subnets": ["subnet-123456"], - "securityGroups": ["sg-123456"], + "subnets": [subnet], + "securityGroups": [sg_id], "assignPublicIp": "DISABLED", } }, @@ -201,12 +235,15 @@ def test_task_set_public_ip(self): mocked_aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) - with patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=mocked_aws_provider, - ), patch( - "prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip.ecs_client", - new=ECS(mocked_aws_provider), + with ( + patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=mocked_aws_provider, + ), + patch( + "prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip.ecs_client", + new=ECS(mocked_aws_provider), + ), ): from prowler.providers.aws.services.ecs.ecs_task_set_no_assign_public_ip.ecs_task_set_no_assign_public_ip import ( ecs_task_set_no_assign_public_ip, diff --git a/tests/providers/aws/services/elb/elb_desync_mitigation_mode/elb_desync_mitigation_mode_test.py b/tests/providers/aws/services/elb/elb_desync_mitigation_mode/elb_desync_mitigation_mode_test.py index 500bdc0dcb7..ecaf0db57be 100644 --- a/tests/providers/aws/services/elb/elb_desync_mitigation_mode/elb_desync_mitigation_mode_test.py +++ b/tests/providers/aws/services/elb/elb_desync_mitigation_mode/elb_desync_mitigation_mode_test.py @@ -85,15 +85,21 @@ class Test_elb_desync_mitigation_mode: def test_elb_no_balancers(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -129,15 +135,21 @@ def test_elb_with_monitor_desync_mode(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode import ( @@ -184,15 +196,21 @@ def test_elb_with_defensive_desync_mode(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode import ( @@ -239,15 +257,21 @@ def test_elb_with_strictest_desync_mode(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_desync_mitigation_mode.elb_desync_mitigation_mode import ( diff --git a/tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py b/tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py index 46a836c0e41..8cfbc8028da 100644 --- a/tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py +++ b/tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py @@ -19,15 +19,21 @@ class Test_elb_insecure_ssl_ciphers: def test_elb_no_balancers(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -69,15 +75,21 @@ def test_elb_listener_with_secure_policy(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers import ( @@ -120,15 +132,21 @@ def test_elb_with_HTTPS_listener(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_insecure_ssl_ciphers.elb_insecure_ssl_ciphers import ( diff --git a/tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py b/tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py index c4fd2ad2879..69cf7cd0fd9 100644 --- a/tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py +++ b/tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py @@ -22,15 +22,21 @@ class Test_elb_request_smugling: def test_elb_no_balancers(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -65,15 +71,21 @@ def test_elb_private(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing import ( @@ -113,15 +125,21 @@ def test_elb_with_deletion_protection(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_internet_facing.elb_internet_facing import ( diff --git a/tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py b/tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py index c69f674f3d2..8ef4a736a66 100644 --- a/tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py +++ b/tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py @@ -22,15 +22,21 @@ class Test_elb_logging_enabled: def test_elb_no_balancers(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -65,15 +71,21 @@ def test_elb_without_access_log(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled import ( @@ -128,15 +140,21 @@ def test_elb_with_deletion_protection(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_logging_enabled.elb_logging_enabled import ( diff --git a/tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py b/tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py index 9ed86e5ad31..c07969a45f4 100644 --- a/tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py +++ b/tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py @@ -22,15 +22,21 @@ class Test_elb_ssl_listeners: def test_elb_no_balancers(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): # Test Check @@ -65,15 +71,21 @@ def test_elb_with_HTTP_listener(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners import ( @@ -111,15 +123,21 @@ def test_elb_with_HTTPS_listener(self): ) from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1] + ), ), - ), mock.patch( - "prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client", - new=ELB( - set_mocked_aws_provider([AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1]) + mock.patch( + "prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1, AWS_REGION_US_EAST_1], + create_default_organization=False, + ) + ), ), ): from prowler.providers.aws.services.elb.elb_ssl_listeners.elb_ssl_listeners import ( diff --git a/tests/providers/aws/services/emr/emr_cluster_publicly_accesible/emr_cluster_publicly_accesible_test.py b/tests/providers/aws/services/emr/emr_cluster_publicly_accesible/emr_cluster_publicly_accesible_test.py index 4d9e203721d..3b721b4e624 100644 --- a/tests/providers/aws/services/emr/emr_cluster_publicly_accesible/emr_cluster_publicly_accesible_test.py +++ b/tests/providers/aws/services/emr/emr_cluster_publicly_accesible/emr_cluster_publicly_accesible_test.py @@ -20,12 +20,15 @@ def test_no_clusters(self): # EC2 Client ec2_client = mock.MagicMock - with mock.patch( - "prowler.providers.aws.services.emr.emr_service.EMR", - new=emr_client, - ), mock.patch( - "prowler.providers.aws.services.ec2.ec2_service.EC2", - new=ec2_client, + with ( + mock.patch( + "prowler.providers.aws.services.emr.emr_service.EMR", + new=emr_client, + ), + mock.patch( + "prowler.providers.aws.services.ec2.ec2_service.EC2", + new=ec2_client, + ), ): # Test Check from prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible import ( @@ -77,15 +80,19 @@ def test_clusters_master_public_sg(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.emr.emr_service.EMR", - new=emr_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", - new=EC2(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.aws.services.emr.emr_service.EMR", + new=emr_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", + new=EC2(set_mocked_aws_provider(create_default_organization=False)), + ), ): # Test Check from prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible import ( @@ -143,15 +150,19 @@ def test_clusters_master_private_sg(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.emr.emr_service.EMR", - new=emr_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", - new=EC2(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.aws.services.emr.emr_service.EMR", + new=emr_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", + new=EC2(set_mocked_aws_provider(create_default_organization=False)), + ), ): # Test Check from prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible import ( @@ -226,15 +237,19 @@ def test_clusters_master_private_slave_public_sg(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.emr.emr_service.EMR", - new=emr_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", - new=EC2(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.aws.services.emr.emr_service.EMR", + new=emr_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", + new=EC2(set_mocked_aws_provider(create_default_organization=False)), + ), ): # Test Check from prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible import ( @@ -312,15 +327,19 @@ def test_clusters_master_public_slave_private_two_sg(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.emr.emr_service.EMR", - new=emr_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", - new=EC2(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.aws.services.emr.emr_service.EMR", + new=emr_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", + new=EC2(set_mocked_aws_provider(create_default_organization=False)), + ), ): # Test Check from prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible import ( @@ -395,15 +414,19 @@ def test_clusters_master_private_slave_public_sg_none_additional_sgs(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.emr.emr_service.EMR", - new=emr_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider(), - ), mock.patch( - "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", - new=EC2(set_mocked_aws_provider()), + with ( + mock.patch( + "prowler.providers.aws.services.emr.emr_service.EMR", + new=emr_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider(), + ), + mock.patch( + "prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible.ec2_client", + new=EC2(set_mocked_aws_provider(create_default_organization=False)), + ), ): # Test Check from prowler.providers.aws.services.emr.emr_cluster_publicly_accesible.emr_cluster_publicly_accesible import ( diff --git a/tests/providers/aws/services/iam/iam_inline_policy_allows_privilege_escalation/iam_inline_policy_allows_privilege_escalation_test.py b/tests/providers/aws/services/iam/iam_inline_policy_allows_privilege_escalation/iam_inline_policy_allows_privilege_escalation_test.py index fe32dc63c8c..2463dbd34f2 100644 --- a/tests/providers/aws/services/iam/iam_inline_policy_allows_privilege_escalation/iam_inline_policy_allows_privilege_escalation_test.py +++ b/tests/providers/aws/services/iam/iam_inline_policy_allows_privilege_escalation/iam_inline_policy_allows_privilege_escalation_test.py @@ -88,12 +88,15 @@ def test_iam_inline_role_policy_not_allows_privilege_escalation(self): aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -144,12 +147,15 @@ def test_iam_inline_user_policy_not_allows_privilege_escalation_glue_GetDevEndpo aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -210,12 +216,15 @@ def test_iam_inline_group_policy_not_allows_privilege_escalation_dynamodb_PutIte aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -273,12 +282,15 @@ def test_iam_inline_role_policy_allows_privilege_escalation_iam_all_and_ec2_RunI aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -332,12 +344,15 @@ def test_iam_inline_policy_allows_privilege_escalation_iam_PassRole( aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -409,12 +424,15 @@ def test_iam_inline_policy_allows_privilege_escalation_two_combinations( aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -475,12 +493,15 @@ def test_iam_inline_policy_allows_privilege_escalation_iam_PassRole_and_other_ac aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -535,12 +556,15 @@ def test_iam_inline_policy_allows_privilege_escalation_policies_combination( from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -632,12 +656,15 @@ def test_iam_inline_policy_allows_privilege_escalation_two_policies_one_good_one from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -742,12 +769,15 @@ def test_iam_inline_policy_allows_privilege_escalation_two_bad_policies( from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -831,12 +861,15 @@ def test_iam_inline_policy_allows_privilege_escalation_over_permissive_policy( from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -895,12 +928,15 @@ def test_iam_inline_policy_allows_privilege_escalation_administrator_policy( from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -961,12 +997,15 @@ def test_iam_inline_policy_allows_privilege_escalation_iam_put( from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -1022,12 +1061,15 @@ def test_iam_inline_policy_allows_privilege_escalation_iam_wildcard( from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -1089,12 +1131,15 @@ def test_iam_policy_not_allows_privilege_escalation_custom_policy( from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( @@ -1144,15 +1189,17 @@ def test_iam_policy_random_not_action(self): PolicyDocument=dumps(policy_document), ) - aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1]) from prowler.providers.aws.services.iam.iam_service import IAM - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", - new=IAM(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation.iam_client", + new=IAM(aws_provider), + ), ): from prowler.providers.aws.services.iam.iam_inline_policy_allows_privilege_escalation.iam_inline_policy_allows_privilege_escalation import ( iam_inline_policy_allows_privilege_escalation, diff --git a/tests/providers/aws/services/iam/iam_root_credentials_management_enabled/iam_root_credentials_management_enabled_test.py b/tests/providers/aws/services/iam/iam_root_credentials_management_enabled/iam_root_credentials_management_enabled_test.py index e930e9a2db1..d9164ea3b12 100644 --- a/tests/providers/aws/services/iam/iam_root_credentials_management_enabled/iam_root_credentials_management_enabled_test.py +++ b/tests/providers/aws/services/iam/iam_root_credentials_management_enabled/iam_root_credentials_management_enabled_test.py @@ -1,7 +1,6 @@ from unittest import mock import botocore -from boto3 import client from moto import mock_aws from tests.providers.aws.utils import ( @@ -49,12 +48,15 @@ def test_no_organization(self): "prowler.providers.common.provider.Provider.get_global_provider", return_value=aws_provider, ): - with mock.patch( - "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.iam_client", - new=IAM(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.organizations_client", - new=Organizations(aws_provider), + with ( + mock.patch( + "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.iam_client", + new=IAM(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.organizations_client", + new=Organizations(aws_provider), + ), ): from prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled import ( iam_root_credentials_management_enabled, @@ -70,9 +72,6 @@ def test_no_organization(self): ) @mock_aws def test__root_credentials_management_enabled(self): - # Create Organization - conn = client("organizations") - conn.create_organization() from prowler.providers.aws.services.iam.iam_service import IAM from prowler.providers.aws.services.organizations.organizations_service import ( Organizations, @@ -84,12 +83,15 @@ def test__root_credentials_management_enabled(self): "prowler.providers.common.provider.Provider.get_global_provider", return_value=aws_provider, ): - with mock.patch( - "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.iam_client", - new=IAM(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.organizations_client", - new=Organizations(aws_provider), + with ( + mock.patch( + "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.iam_client", + new=IAM(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.organizations_client", + new=Organizations(aws_provider), + ), ): from prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled import ( iam_root_credentials_management_enabled, @@ -114,9 +116,6 @@ def test__root_credentials_management_enabled(self): ) @mock_aws def test__root_credentials_management_disabled(self): - # Create Organization - conn = client("organizations") - conn.create_organization() from prowler.providers.aws.services.iam.iam_service import IAM from prowler.providers.aws.services.organizations.organizations_service import ( Organizations, @@ -128,12 +127,15 @@ def test__root_credentials_management_disabled(self): "prowler.providers.common.provider.Provider.get_global_provider", return_value=aws_provider, ): - with mock.patch( - "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.iam_client", - new=IAM(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.organizations_client", - new=Organizations(aws_provider), + with ( + mock.patch( + "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.iam_client", + new=IAM(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled.organizations_client", + new=Organizations(aws_provider), + ), ): from prowler.providers.aws.services.iam.iam_root_credentials_management_enabled.iam_root_credentials_management_enabled import ( iam_root_credentials_management_enabled, diff --git a/tests/providers/aws/services/macie/macie_automated_sensitive_data_discovery_enabled/macie_automated_sensitive_data_discovery_enabled_test.py b/tests/providers/aws/services/macie/macie_automated_sensitive_data_discovery_enabled/macie_automated_sensitive_data_discovery_enabled_test.py index 6b779bfd817..d196c39242b 100644 --- a/tests/providers/aws/services/macie/macie_automated_sensitive_data_discovery_enabled/macie_automated_sensitive_data_discovery_enabled_test.py +++ b/tests/providers/aws/services/macie/macie_automated_sensitive_data_discovery_enabled/macie_automated_sensitive_data_discovery_enabled_test.py @@ -13,7 +13,6 @@ class Test_macie_automated_sensitive_data_discovery_enabled: @mock_aws def test_macie_disabled(self): - macie_client = mock.MagicMock macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) macie_client.audited_account = AWS_ACCOUNT_NUMBER @@ -31,14 +30,19 @@ def test_macie_disabled(self): macie_client._get_session_arn_template = mock.MagicMock( return_value=macie_client.session_arn_template ) - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled.macie_client", - new=macie_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled.macie_client", + new=macie_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled import ( @@ -52,7 +56,6 @@ def test_macie_disabled(self): @mock_aws def test_macie_enabled_automated_discovery_disabled(self): - macie_client = mock.MagicMock macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) macie_client.audited_account = AWS_ACCOUNT_NUMBER @@ -70,14 +73,19 @@ def test_macie_enabled_automated_discovery_disabled(self): macie_client._get_session_arn_template = mock.MagicMock( return_value=macie_client.session_arn_template ) - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled.macie_client", - new=macie_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled.macie_client", + new=macie_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled import ( @@ -101,7 +109,6 @@ def test_macie_enabled_automated_discovery_disabled(self): @mock_aws def test_macie_enabled_automated_discovery_enabled(self): - macie_client = mock.MagicMock macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) macie_client.audited_account = AWS_ACCOUNT_NUMBER @@ -119,14 +126,19 @@ def test_macie_enabled_automated_discovery_enabled(self): macie_client._get_session_arn_template = mock.MagicMock( return_value=macie_client.session_arn_template ) - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled.macie_client", - new=macie_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled.macie_client", + new=macie_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_automated_sensitive_data_discovery_enabled.macie_automated_sensitive_data_discovery_enabled import ( diff --git a/tests/providers/aws/services/macie/macie_is_enabled/macie_is_enabled_test.py b/tests/providers/aws/services/macie/macie_is_enabled/macie_is_enabled_test.py index df47e18163a..bf0339391ac 100644 --- a/tests/providers/aws/services/macie/macie_is_enabled/macie_is_enabled_test.py +++ b/tests/providers/aws/services/macie/macie_is_enabled/macie_is_enabled_test.py @@ -20,7 +20,9 @@ def test_macie_disabled(self): s3_client.regions_with_buckets = [] macie_client = mock.MagicMock - macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + macie_client.provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) macie_client.audited_account = AWS_ACCOUNT_NUMBER macie_client.audited_account_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" macie_client.audited_partition = "aws" @@ -35,17 +37,23 @@ def test_macie_disabled(self): macie_client._get_session_arn_template = mock.MagicMock( return_value=macie_client.session_arn_template ) - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", - new=macie_client, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", - new=s3_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", + new=macie_client, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", + new=s3_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled import ( @@ -72,7 +80,9 @@ def test_macie_enabled(self): s3_client.regions_with_buckets = [] macie_client = mock.MagicMock - macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + macie_client.provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) macie_client.audited_account = AWS_ACCOUNT_NUMBER macie_client.audited_account_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" macie_client.audited_partition = "aws" @@ -87,17 +97,23 @@ def test_macie_enabled(self): macie_client._get_session_arn_template = mock.MagicMock( return_value=macie_client.session_arn_template ) - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", - new=macie_client, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", - new=s3_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", + new=macie_client, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", + new=s3_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled import ( @@ -124,7 +140,9 @@ def test_macie_suspended_ignored(self): s3_client.regions_with_buckets = [] macie_client = mock.MagicMock - macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + macie_client.provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) macie_client.audited_account = AWS_ACCOUNT_NUMBER macie_client.audited_account_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" macie_client.audited_partition = "aws" @@ -140,18 +158,24 @@ def test_macie_suspended_ignored(self): ) ] - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) macie_client.provider._scan_unused_services = False - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", - new=macie_client, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", - new=s3_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", + new=macie_client, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", + new=s3_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled import ( @@ -177,7 +201,9 @@ def test_macie_suspended_ignored_with_buckets(self): ] macie_client = mock.MagicMock - macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + macie_client.provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) macie_client.audited_account = AWS_ACCOUNT_NUMBER macie_client.audited_account_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" macie_client.audited_partition = "aws" @@ -193,17 +219,23 @@ def test_macie_suspended_ignored_with_buckets(self): return_value=macie_client.session_arn_template ) macie_client.provider._scan_unused_services = False - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", - new=macie_client, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", - new=s3_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", + new=macie_client, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", + new=s3_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled import ( @@ -230,7 +262,9 @@ def test_macie_suspended(self): s3_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) macie_client = mock.MagicMock - macie_client.provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + macie_client.provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) macie_client.audited_account = AWS_ACCOUNT_NUMBER macie_client.audited_account_arn = f"arn:aws:iam::{AWS_ACCOUNT_NUMBER}:root" macie_client.audited_partition = "aws" @@ -241,20 +275,26 @@ def test_macie_suspended(self): region="eu-west-1", ) ] - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) macie_client.session_arn_template = f"arn:{macie_client.audited_partition}:macie:{macie_client.region}:{macie_client.audited_account}:session" macie_client._get_session_arn_template = mock.MagicMock( return_value=macie_client.session_arn_template ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", - new=macie_client, - ), mock.patch( - "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", - new=s3_client, + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.macie_client", + new=macie_client, + ), + mock.patch( + "prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled.s3_client", + new=s3_client, + ), ): # Test Check from prowler.providers.aws.services.macie.macie_is_enabled.macie_is_enabled import ( diff --git a/tests/providers/aws/services/rds/rds_instance_minor_version_upgrade_enabled/rds_instance_minor_version_upgrade_enabled_test.py b/tests/providers/aws/services/rds/rds_instance_minor_version_upgrade_enabled/rds_instance_minor_version_upgrade_enabled_test.py index 12664a3fe01..12324e2f8b2 100644 --- a/tests/providers/aws/services/rds/rds_instance_minor_version_upgrade_enabled/rds_instance_minor_version_upgrade_enabled_test.py +++ b/tests/providers/aws/services/rds/rds_instance_minor_version_upgrade_enabled/rds_instance_minor_version_upgrade_enabled_test.py @@ -63,6 +63,7 @@ def test_rds_instance_no_auto_upgrade(self): Engine="postgres", DBName="staging-postgres", DBInstanceClass="db.m1.small", + AutoMinorVersionUpgrade=False, ) from prowler.providers.aws.services.rds.rds_service import RDS @@ -76,12 +77,17 @@ def test_rds_instance_no_auto_upgrade(self): with mock.patch( "prowler.providers.aws.services.rds.rds_instance_minor_version_upgrade_enabled.rds_instance_minor_version_upgrade_enabled.rds_client", new=RDS(aws_provider), - ): + ) as rds_client: # Test Check from prowler.providers.aws.services.rds.rds_instance_minor_version_upgrade_enabled.rds_instance_minor_version_upgrade_enabled import ( rds_instance_minor_version_upgrade_enabled, ) + # Moto does not support the AutoMinorVersionUpgrade parameter + rds_client.db_instances[ + next(iter(rds_client.db_instances)) + ].auto_minor_version_upgrade = False + check = rds_instance_minor_version_upgrade_enabled() result = check.execute() diff --git a/tests/providers/aws/services/rds/rds_instance_no_public_access/rds_instance_no_public_access_test.py b/tests/providers/aws/services/rds/rds_instance_no_public_access/rds_instance_no_public_access_test.py index 46b64e6a9d0..e111e70ddb4 100644 --- a/tests/providers/aws/services/rds/rds_instance_no_public_access/rds_instance_no_public_access_test.py +++ b/tests/providers/aws/services/rds/rds_instance_no_public_access/rds_instance_no_public_access_test.py @@ -122,12 +122,16 @@ def test_rds_instance_public(self): with mock.patch( "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client", new=RDS(aws_provider), - ): + ) as rds_client: # Test Check from prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access import ( rds_instance_no_public_access, ) + # Moto create db instance with a default VPC security group + rds_client.db_instances[ + next(iter(rds_client.db_instances)) + ].security_groups = [] check = rds_instance_no_public_access() result = check.execute() @@ -185,12 +189,15 @@ def test_rds_instance_public_with_public_sg_in_private_subnet(self): "prowler.providers.common.provider.Provider.get_global_provider", return_value=aws_provider, ): - with mock.patch( - "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client", - new=RDS(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.ec2_client", - new=EC2(aws_provider), + with ( + mock.patch( + "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client", + new=RDS(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.ec2_client", + new=EC2(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access import ( @@ -351,15 +358,19 @@ def test_rds_instance_public_with_public_subnet(self): "prowler.providers.common.provider.Provider.get_global_provider", return_value=aws_provider, ): - with mock.patch( - "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client", - new=RDS(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.ec2_client", - new=EC2(aws_provider), - ), mock.patch( - "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.vpc_client", - new=VPC(aws_provider), + with ( + mock.patch( + "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client", + new=RDS(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.ec2_client", + new=EC2(aws_provider), + ), + mock.patch( + "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.vpc_client", + new=VPC(aws_provider), + ), ): # Test Check from prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access import ( diff --git a/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py b/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py index 2258ff8725a..43962f2c5b3 100644 --- a/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py +++ b/tests/providers/aws/services/servicecatalog/servicecatalog_portfolio_shared_within_organization_only/servicecatalog_portfolio_shared_within_organization_only_test.py @@ -93,7 +93,7 @@ def test_no_portfolios(self): def test_organizations_not_active(self): client("servicecatalog", region_name=AWS_REGION_EU_WEST_1) aws_provider = set_mocked_aws_provider( - [AWS_REGION_EU_WEST_1], + [AWS_REGION_EU_WEST_1], create_default_organization=False ) with ( diff --git a/tests/providers/aws/services/shield/shield_advanced_protection_in_associated_elastic_ips/shield_advanced_protection_in_associated_elastic_ips_test.py b/tests/providers/aws/services/shield/shield_advanced_protection_in_associated_elastic_ips/shield_advanced_protection_in_associated_elastic_ips_test.py index c07249f8d29..61c3027c9d7 100644 --- a/tests/providers/aws/services/shield/shield_advanced_protection_in_associated_elastic_ips/shield_advanced_protection_in_associated_elastic_ips_test.py +++ b/tests/providers/aws/services/shield/shield_advanced_protection_in_associated_elastic_ips/shield_advanced_protection_in_associated_elastic_ips_test.py @@ -35,15 +35,23 @@ def test_no_shield_not_active(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", - new=EC2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", + new=EC2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips import ( @@ -80,15 +88,23 @@ def test_shield_enabled_ip_protected(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", - new=EC2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", + new=EC2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips import ( @@ -124,15 +140,23 @@ def test_shield_enabled_ip_not_protected(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", - new=EC2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", + new=EC2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips import ( @@ -168,15 +192,23 @@ def test_shield_disabled_ip_not_protected(self): from prowler.providers.aws.services.ec2.ec2_service import EC2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", - new=EC2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips.ec2_client", + new=EC2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_associated_elastic_ips.shield_advanced_protection_in_associated_elastic_ips import ( diff --git a/tests/providers/aws/services/shield/shield_advanced_protection_in_classic_load_balancers/shield_advanced_protection_in_classic_load_balancers_test.py b/tests/providers/aws/services/shield/shield_advanced_protection_in_classic_load_balancers/shield_advanced_protection_in_classic_load_balancers_test.py index 7c34373cb2a..28736371858 100644 --- a/tests/providers/aws/services/shield/shield_advanced_protection_in_classic_load_balancers/shield_advanced_protection_in_classic_load_balancers_test.py +++ b/tests/providers/aws/services/shield/shield_advanced_protection_in_classic_load_balancers/shield_advanced_protection_in_classic_load_balancers_test.py @@ -20,15 +20,23 @@ def test_no_shield_not_active(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", - new=ELB(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers import ( @@ -79,15 +87,23 @@ def test_shield_enabled_elb_protected(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", - new=ELB(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers import ( @@ -137,15 +153,23 @@ def test_shield_enabled_elb_not_protected(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", - new=ELB(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers import ( @@ -195,15 +219,23 @@ def test_shield_disabled_elb_not_protected(self): from prowler.providers.aws.services.elb.elb_service import ELB - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", - new=ELB(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers.elb_client", + new=ELB( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_classic_load_balancers.shield_advanced_protection_in_classic_load_balancers import ( diff --git a/tests/providers/aws/services/shield/shield_advanced_protection_in_internet_facing_load_balancers/shield_advanced_protection_in_internet_facing_load_balancers_test.py b/tests/providers/aws/services/shield/shield_advanced_protection_in_internet_facing_load_balancers/shield_advanced_protection_in_internet_facing_load_balancers_test.py index 71106dac7dd..8318a45f637 100644 --- a/tests/providers/aws/services/shield/shield_advanced_protection_in_internet_facing_load_balancers/shield_advanced_protection_in_internet_facing_load_balancers_test.py +++ b/tests/providers/aws/services/shield/shield_advanced_protection_in_internet_facing_load_balancers/shield_advanced_protection_in_internet_facing_load_balancers_test.py @@ -31,15 +31,23 @@ def test_no_shield_not_active(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", - new=ELBv2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers import ( @@ -98,15 +106,23 @@ def test_shield_enabled_elbv2_internet_facing_protected(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", - new=ELBv2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers import ( @@ -173,15 +189,23 @@ def test_shield_enabled_elbv2_internal_protected(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", - new=ELBv2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers import ( @@ -231,15 +255,23 @@ def test_shield_enabled_elbv2_internet_facing_not_protected(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", - new=ELBv2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers import ( @@ -297,15 +329,23 @@ def test_shield_disabled_elbv2_internet_facing_not_protected(self): from prowler.providers.aws.services.elbv2.elbv2_service import ELBv2 - with mock.patch( - "prowler.providers.aws.services.shield.shield_service.Shield", - new=shield_client, - ), mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), - ), mock.patch( - "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", - new=ELBv2(set_mocked_aws_provider([AWS_REGION_EU_WEST_1])), + with ( + mock.patch( + "prowler.providers.aws.services.shield.shield_service.Shield", + new=shield_client, + ), + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=set_mocked_aws_provider([AWS_REGION_EU_WEST_1]), + ), + mock.patch( + "prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers.elbv2_client", + new=ELBv2( + set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) + ), + ), ): # Test Check from prowler.providers.aws.services.shield.shield_advanced_protection_in_internet_facing_load_balancers.shield_advanced_protection_in_internet_facing_load_balancers import ( diff --git a/tests/providers/aws/services/stepfunctions/stepfunctions_service_test.py b/tests/providers/aws/services/stepfunctions/stepfunctions_service_test.py index 3f9567ce0dc..01dd7b79de0 100644 --- a/tests/providers/aws/services/stepfunctions/stepfunctions_service_test.py +++ b/tests/providers/aws/services/stepfunctions/stepfunctions_service_test.py @@ -184,7 +184,9 @@ def test_error_handling(self): ] for error_code, operation in error_scenarios: - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) def mock_make_api_call(self, operation_name, kwarg): if operation_name == operation: @@ -250,7 +252,9 @@ def test_error_handling_generic(self): ] for error_code, operation in error_scenarios: - aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1]) + aws_provider = set_mocked_aws_provider( + [AWS_REGION_EU_WEST_1], create_default_organization=False + ) def mock_make_api_call(self, operation_name, kwarg): if operation_name == operation: From caa7de01184e359f020ff972215cb7965abd4ebf Mon Sep 17 00:00:00 2001 From: MrCloudSec Date: Tue, 21 Jan 2025 11:33:49 -0500 Subject: [PATCH 6/7] fix: tests --- .../services/opensearch/opensearch_service.py | 66 ++++----- ...ce_domains_not_publicly_accessible_test.py | 131 +++++++++--------- .../opensearch/opensearch_service_test.py | 61 +++----- 3 files changed, 111 insertions(+), 147 deletions(-) diff --git a/prowler/providers/aws/services/opensearch/opensearch_service.py b/prowler/providers/aws/services/opensearch/opensearch_service.py index a11b71f58f1..6e7cf2619e5 100644 --- a/prowler/providers/aws/services/opensearch/opensearch_service.py +++ b/prowler/providers/aws/services/opensearch/opensearch_service.py @@ -13,9 +13,6 @@ def __init__(self, provider): super().__init__("opensearch", provider) self.opensearch_domains = {} self.__threading_call__(self._list_domain_names) - self.__threading_call__( - self._describe_domain_config, self.opensearch_domains.values() - ) self.__threading_call__(self._describe_domain, self.opensearch_domains.values()) self.__threading_call__(self._list_tags, self.opensearch_domains.values()) @@ -38,43 +35,6 @@ def _list_domain_names(self, regional_client): f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" ) - def _describe_domain_config(self, domain): - logger.info("OpenSearch - describing domain configurations...") - try: - regional_client = self.regional_clients[domain.region] - describe_domain = regional_client.describe_domain_config( - DomainName=domain.name - ) - for logging_key in [ - "SEARCH_SLOW_LOGS", - "INDEX_SLOW_LOGS", - "AUDIT_LOGS", - ]: - if logging_key in describe_domain["DomainConfig"].get( - "LogPublishingOptions", {} - ).get("Options", {}): - domain.logging.append( - PublishingLoggingOption( - name=logging_key, - enabled=describe_domain["DomainConfig"][ - "LogPublishingOptions" - ]["Options"][logging_key]["Enabled"], - ) - ) - try: - domain.access_policy = loads( - describe_domain["DomainConfig"]["AccessPolicies"]["Options"] - ) - except JSONDecodeError as error: - logger.warning( - f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" - ) - - except Exception as error: - logger.error( - f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" - ) - def _describe_domain(self, domain): logger.info("OpenSearch - describing domain configurations...") try: @@ -129,6 +89,32 @@ def _describe_domain(self, domain): domain.dedicated_master_count = cluster_config.get( "DedicatedMasterCount", 0 ) + for logging_key in [ + "SEARCH_SLOW_LOGS", + "INDEX_SLOW_LOGS", + "AUDIT_LOGS", + ]: + if logging_key in describe_domain["DomainStatus"].get( + "LogPublishingOptions", {} + ): + domain.logging.append( + PublishingLoggingOption( + name=logging_key, + enabled=describe_domain["DomainStatus"][ + "LogPublishingOptions" + ][logging_key]["Enabled"], + ) + ) + try: + if describe_domain["DomainStatus"].get("AccessPolicies"): + domain.access_policy = loads( + describe_domain["DomainStatus"]["AccessPolicies"] + ) + except JSONDecodeError as error: + logger.warning( + f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" + ) + except Exception as error: logger.error( f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" diff --git a/tests/providers/aws/services/opensearch/opensearch_service_domains_not_publicly_accessible/opensearch_service_domains_not_publicly_accessible_test.py b/tests/providers/aws/services/opensearch/opensearch_service_domains_not_publicly_accessible/opensearch_service_domains_not_publicly_accessible_test.py index 7b82286fb39..cdbb87c1a83 100644 --- a/tests/providers/aws/services/opensearch/opensearch_service_domains_not_publicly_accessible/opensearch_service_domains_not_publicly_accessible_test.py +++ b/tests/providers/aws/services/opensearch/opensearch_service_domains_not_publicly_accessible/opensearch_service_domains_not_publicly_accessible_test.py @@ -84,12 +84,15 @@ def test_no_domains(self): OpenSearchService, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", - new=OpenSearchService(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", + new=OpenSearchService(aws_provider), + ), ): from prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible import ( opensearch_service_domains_not_publicly_accessible, @@ -102,13 +105,9 @@ def test_no_domains(self): @mock_aws def test_policy_data_restricted(self): opensearch_client = client("opensearch", region_name=AWS_REGION_US_WEST_2) - domain_arn = opensearch_client.create_domain(DomainName=domain_name)[ - "DomainStatus" - ]["ARN"] - opensearch_client.update_domain_config( - DomainName=domain_name, - AccessPolicies=str(policy_data_restricted), - ) + domain_arn = opensearch_client.create_domain( + DomainName=domain_name, AccessPolicies=str(policy_data_restricted) + )["DomainStatus"]["ARN"] aws_provider = set_mocked_aws_provider([AWS_REGION_US_WEST_2]) @@ -116,12 +115,15 @@ def test_policy_data_restricted(self): OpenSearchService, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", - new=OpenSearchService(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", + new=OpenSearchService(aws_provider), + ), ): from prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible import ( opensearch_service_domains_not_publicly_accessible, @@ -143,13 +145,9 @@ def test_policy_data_restricted(self): @mock_aws def test_policy_data_not_restricted_with_principal_AWS(self): opensearch_client = client("opensearch", region_name=AWS_REGION_US_WEST_2) - domain_arn = opensearch_client.create_domain(DomainName=domain_name)[ - "DomainStatus" - ]["ARN"] - opensearch_client.update_domain_config( - DomainName=domain_name, - AccessPolicies=dumps(policy_data_not_restricted), - ) + domain_arn = opensearch_client.create_domain( + DomainName=domain_name, AccessPolicies=dumps(policy_data_not_restricted) + )["DomainStatus"]["ARN"] aws_provider = set_mocked_aws_provider([AWS_REGION_US_WEST_2]) @@ -157,12 +155,15 @@ def test_policy_data_not_restricted_with_principal_AWS(self): OpenSearchService, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", - new=OpenSearchService(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", + new=OpenSearchService(aws_provider), + ), ): from prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible import ( opensearch_service_domains_not_publicly_accessible, @@ -184,13 +185,10 @@ def test_policy_data_not_restricted_with_principal_AWS(self): @mock_aws def test_policy_data_not_restricted_with_principal_no_AWS(self): opensearch_client = client("opensearch", region_name=AWS_REGION_US_WEST_2) - domain_arn = opensearch_client.create_domain(DomainName=domain_name)[ - "DomainStatus" - ]["ARN"] - opensearch_client.update_domain_config( + domain_arn = opensearch_client.create_domain( DomainName=domain_name, AccessPolicies=dumps(policy_data_not_restricted_principal), - ) + )["DomainStatus"]["ARN"] aws_provider = set_mocked_aws_provider([AWS_REGION_US_WEST_2]) @@ -198,12 +196,15 @@ def test_policy_data_not_restricted_with_principal_no_AWS(self): OpenSearchService, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", - new=OpenSearchService(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", + new=OpenSearchService(aws_provider), + ), ): from prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible import ( opensearch_service_domains_not_publicly_accessible, @@ -225,13 +226,10 @@ def test_policy_data_not_restricted_with_principal_no_AWS(self): @mock_aws def test_policy_data_not_restricted_ip_full(self): opensearch_client = client("opensearch", region_name=AWS_REGION_US_WEST_2) - domain_arn = opensearch_client.create_domain(DomainName=domain_name)[ - "DomainStatus" - ]["ARN"] - opensearch_client.update_domain_config( + domain_arn = opensearch_client.create_domain( DomainName=domain_name, AccessPolicies=dumps(policy_data_source_ip_full), - ) + )["DomainStatus"]["ARN"] aws_provider = set_mocked_aws_provider([AWS_REGION_US_WEST_2]) @@ -239,12 +237,15 @@ def test_policy_data_not_restricted_ip_full(self): OpenSearchService, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", - new=OpenSearchService(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", + new=OpenSearchService(aws_provider), + ), ): from prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible import ( opensearch_service_domains_not_publicly_accessible, @@ -266,13 +267,10 @@ def test_policy_data_not_restricted_ip_full(self): @mock_aws def test_policy_data_not_restricted_whole_internet(self): opensearch_client = client("opensearch", region_name=AWS_REGION_US_WEST_2) - domain_arn = opensearch_client.create_domain(DomainName=domain_name)[ - "DomainStatus" - ]["ARN"] - opensearch_client.update_domain_config( + domain_arn = opensearch_client.create_domain( DomainName=domain_name, AccessPolicies=dumps(policy_data_source_whole_internet), - ) + )["DomainStatus"]["ARN"] aws_provider = set_mocked_aws_provider([AWS_REGION_US_WEST_2]) @@ -280,12 +278,15 @@ def test_policy_data_not_restricted_whole_internet(self): OpenSearchService, ) - with mock.patch( - "prowler.providers.common.provider.Provider.get_global_provider", - return_value=aws_provider, - ), mock.patch( - "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", - new=OpenSearchService(aws_provider), + with ( + mock.patch( + "prowler.providers.common.provider.Provider.get_global_provider", + return_value=aws_provider, + ), + mock.patch( + "prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible.opensearch_client", + new=OpenSearchService(aws_provider), + ), ): from prowler.providers.aws.services.opensearch.opensearch_service_domains_not_publicly_accessible.opensearch_service_domains_not_publicly_accessible import ( opensearch_service_domains_not_publicly_accessible, diff --git a/tests/providers/aws/services/opensearch/opensearch_service_test.py b/tests/providers/aws/services/opensearch/opensearch_service_test.py index 9f186851e78..43489e988c1 100644 --- a/tests/providers/aws/services/opensearch/opensearch_service_test.py +++ b/tests/providers/aws/services/opensearch/opensearch_service_test.py @@ -42,21 +42,6 @@ def mock_make_api_call(self, operation_name, kwarg): }, ] } - if operation_name == "DescribeDomainConfig": - return { - "DomainConfig": { - "AccessPolicies": { - "Options": policy_json, - }, - "LogPublishingOptions": { - "Options": { - "SEARCH_SLOW_LOGS": {"Enabled": True}, - "INDEX_SLOW_LOGS": {"Enabled": True}, - "AUDIT_LOGS": {"Enabled": True}, - }, - }, - } - } if operation_name == "DescribeDomain": return { "DomainStatus": { @@ -79,12 +64,6 @@ def mock_make_api_call(self, operation_name, kwarg): "EncryptionAtRestOptions": {"Enabled": True}, "NodeToNodeEncryptionOptions": {"Enabled": True}, "AdvancedOptions": {"string": "string"}, - "LogPublishingOptions": { - "string": { - "CloudWatchLogsLogGroupArn": "string", - "Enabled": True | False, - } - }, "ServiceSoftwareOptions": {"UpdateAvailable": True}, "DomainEndpointOptions": {"EnforceHTTPS": True}, "AdvancedSecurityOptions": { @@ -92,6 +71,12 @@ def mock_make_api_call(self, operation_name, kwarg): "InternalUserDatabaseEnabled": True, "SAMLOptions": {"Enabled": True}, }, + "AccessPolicies": policy_json, + "LogPublishingOptions": { + "SEARCH_SLOW_LOGS": {"Enabled": True}, + "INDEX_SLOW_LOGS": {"Enabled": True}, + "AUDIT_LOGS": {"Enabled": True}, + }, } } if operation_name == "ListTags": @@ -144,27 +129,6 @@ def test_list_domain_names(self): assert opensearch.opensearch_domains[domain_arn].name == test_domain_name assert opensearch.opensearch_domains[domain_arn].region == AWS_REGION_EU_WEST_1 - # Test OpenSearchService describe domain config - def test_describe_domain_config(self): - aws_provider = set_mocked_aws_provider([]) - opensearch = OpenSearchService(aws_provider) - assert len(opensearch.opensearch_domains) == 1 - assert opensearch.opensearch_domains[domain_arn].name == test_domain_name - assert opensearch.opensearch_domains[domain_arn].region == AWS_REGION_EU_WEST_1 - assert opensearch.opensearch_domains[domain_arn].access_policy - assert ( - opensearch.opensearch_domains[domain_arn].logging[0].name - == "SEARCH_SLOW_LOGS" - ) - assert opensearch.opensearch_domains[domain_arn].logging[0].enabled - assert ( - opensearch.opensearch_domains[domain_arn].logging[1].name - == "INDEX_SLOW_LOGS" - ) - assert opensearch.opensearch_domains[domain_arn].logging[1].enabled - assert opensearch.opensearch_domains[domain_arn].logging[2].name == "AUDIT_LOGS" - assert opensearch.opensearch_domains[domain_arn].logging[2].enabled - # Test OpenSearchService describe domain @mock_aws def test_describe_domain(self): @@ -193,6 +157,19 @@ def test_describe_domain(self): assert opensearch.opensearch_domains[domain_arn].zone_awareness_enabled assert opensearch.opensearch_domains[domain_arn].dedicated_master_enabled assert opensearch.opensearch_domains[domain_arn].dedicated_master_count == 1 + assert opensearch.opensearch_domains[domain_arn].access_policy + assert ( + opensearch.opensearch_domains[domain_arn].logging[0].name + == "SEARCH_SLOW_LOGS" + ) + assert opensearch.opensearch_domains[domain_arn].logging[0].enabled + assert ( + opensearch.opensearch_domains[domain_arn].logging[1].name + == "INDEX_SLOW_LOGS" + ) + assert opensearch.opensearch_domains[domain_arn].logging[1].enabled + assert opensearch.opensearch_domains[domain_arn].logging[2].name == "AUDIT_LOGS" + assert opensearch.opensearch_domains[domain_arn].logging[2].enabled assert opensearch.opensearch_domains[domain_arn].tags == [ {"Key": "test", "Value": "test"}, ] From b0c3cff434cbe6e760ad847eb9e0f7418fd5aec0 Mon Sep 17 00:00:00 2001 From: MrCloudSec Date: Tue, 21 Jan 2025 13:00:39 -0500 Subject: [PATCH 7/7] fix: tests --- tests/providers/aws/aws_provider_test.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/providers/aws/aws_provider_test.py b/tests/providers/aws/aws_provider_test.py index 4e864982dc1..36ffcfe5db1 100644 --- a/tests/providers/aws/aws_provider_test.py +++ b/tests/providers/aws/aws_provider_test.py @@ -327,7 +327,7 @@ def test_aws_provider_with_session_credentials(self): @mock_aws def test_aws_provider_organizations_delegated_administrator(self): organizations_client = client("organizations", region_name=AWS_REGION_EU_WEST_1) - organization = organizations_client.describe_organization()["Organization"] + organization = organizations_client.create_organization()["Organization"] organizations_client.tag_resource( ResourceId=AWS_ACCOUNT_NUMBER, Tags=[ @@ -404,7 +404,7 @@ def test_aws_provider_organizations_with_role(self): PolicyArn=policy["Arn"], ) organizations_client = client("organizations", region_name=AWS_REGION_EU_WEST_1) - organization = organizations_client.describe_organization()["Organization"] + organization = organizations_client.create_organization()["Organization"] organizations_client.tag_resource( ResourceId=AWS_ACCOUNT_NUMBER, Tags=[