Skip to content

Commit

Permalink
fix(elb): add resource ARN to checks (prowler-cloud#2906)
Browse files Browse the repository at this point in the history
  • Loading branch information
@MrCloudSec @jfagoagas
MrCloudSec authored and jfagoagas committed Oct 18, 2023
1 parent 076517b commit f2415bf
Show file tree
Hide file tree
Showing 8 changed files with 24 additions and 0 deletions.
1 change: 1 addition & 0 deletions prowler/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ def execute(self):
report = Check_Report_AWS(self.metadata())
report.region = lb.region
report.resource_id = lb.name
report.resource_arn = lb.arn
report.resource_tags = lb.tags
report.status = "PASS"
report.status_extended = (
Expand Down
1 change: 1 addition & 0 deletions prowler/providers/aws/services/elb/elb_internet_facing/elb_internet_facing.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ def execute(self):
report = Check_Report_AWS(self.metadata())
report.region = lb.region
report.resource_id = lb.name
report.resource_arn = lb.arn
report.resource_tags = lb.tags
report.status = "PASS"
report.status_extended = f"ELB {lb.name} is not internet facing."
Expand Down
1 change: 1 addition & 0 deletions prowler/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ def execute(self):
report = Check_Report_AWS(self.metadata())
report.region = lb.region
report.resource_id = lb.name
report.resource_arn = lb.arn
report.resource_tags = lb.tags
report.status = "FAIL"
report.status_extended = (
Expand Down
1 change: 1 addition & 0 deletions prowler/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ def execute(self):
report = Check_Report_AWS(self.metadata())
report.region = lb.region
report.resource_id = lb.name
report.resource_arn = lb.arn
report.resource_tags = lb.tags
report.status = "PASS"
report.status_extended = f"ELB {lb.name} has HTTPS listeners only."
Expand Down
5 changes: 5 additions & 0 deletions tests/providers/aws/services/elb/elb_insecure_ssl_ciphers/elb_insecure_ssl_ciphers_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@

AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
elb_arn = (
f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
)


class Test_elb_insecure_ssl_ciphers:
Expand Down Expand Up @@ -115,6 +118,7 @@ def test_elb_listener_with_secure_policy(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn

@mock_ec2
@mock_elb
Expand Down Expand Up @@ -160,3 +164,4 @@ def test_elb_with_HTTPS_listener(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn
5 changes: 5 additions & 0 deletions tests/providers/aws/services/elb/elb_internet_facing/elb_internet_facing_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@

AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
elb_arn = (
f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
)


class Test_elb_request_smugling:
Expand Down Expand Up @@ -108,6 +111,7 @@ def test_elb_private(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn

@mock_ec2
@mock_elb
Expand Down Expand Up @@ -153,3 +157,4 @@ def test_elb_with_deletion_protection(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn
5 changes: 5 additions & 0 deletions tests/providers/aws/services/elb/elb_logging_enabled/elb_logging_enabled_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@

AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
elb_arn = (
f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
)


class Test_elb_logging_enabled:
Expand Down Expand Up @@ -108,6 +111,7 @@ def test_elb_without_access_log(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn

@mock_ec2
@mock_elb
Expand Down Expand Up @@ -165,3 +169,4 @@ def test_elb_with_deletion_protection(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn
5 changes: 5 additions & 0 deletions tests/providers/aws/services/elb/elb_ssl_listeners/elb_ssl_listeners_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@

AWS_REGION = "eu-west-1"
AWS_ACCOUNT_NUMBER = "123456789012"
elb_arn = (
f"arn:aws:elasticloadbalancing:{AWS_REGION}:{AWS_ACCOUNT_NUMBER}:loadbalancer/my-lb"
)


class Test_elb_ssl_listeners:
Expand Down Expand Up @@ -108,6 +111,7 @@ def test_elb_with_HTTP_listener(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn

@mock_ec2
@mock_elb
Expand Down Expand Up @@ -151,3 +155,4 @@ def test_elb_with_HTTPS_listener(self):
result[0].status_extended,
)
assert result[0].resource_id == "my-lb"
assert result[0].resource_arn == elb_arn

0 comments on commit f2415bf

Please sign in to comment.