fix(db_event): Handle other events (#6757)

Co-authored-by: Pepe Fagoaga <[email protected]>
prowler-cloud · Jan 30, 2025 · cb22af2 · cb22af2
1 parent a534b94
commit cb22af2
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 0 deletions.
diff --git a/.../rds/rds_instance_critical_event_subscription/rds_instance_critical_event_subscription.py b/.../rds/rds_instance_critical_event_subscription/rds_instance_critical_event_subscription.py
@@ -54,6 +54,9 @@ def execute(self):
                     }:
                         report.status = "FAIL"
                         report.status_extended = "RDS instance event category of maintenance is not subscribed."
+                    else:
+                        report.status = "FAIL"
+                        report.status_extended = "RDS instance event categories of maintenance, configuration change, and failure are not subscribed."
                 findings.append(report)
 
         return findings
diff --git a/...rds_instance_critical_event_subscription/rds_instance_critical_event_subscription_test.py b/...rds_instance_critical_event_subscription/rds_instance_critical_event_subscription_test.py
@@ -483,3 +483,52 @@ def test_rds_instance_event_failure_and_maintenance(self):
                     == f"arn:aws:rds:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:es:TestSub"
                 )
                 assert result[0].resource_tags == []
+
+    @mock_aws
+    def test_rds_instance_event_invalid(self):
+        conn = client("rds", region_name=AWS_REGION_US_EAST_1)
+        conn.create_db_parameter_group(
+            DBParameterGroupName="test",
+            DBParameterGroupFamily="default.aurora-postgresql14",
+            Description="test parameter group",
+        )
+        conn.create_event_subscription(
+            SubscriptionName="TestSub",
+            SnsTopicArn=f"arn:aws:sns:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:test",
+            SourceType="db-instance",
+            EventCategories=["invalid"],
+            Enabled=True,
+        )
+        from prowler.providers.aws.services.rds.rds_service import RDS
+
+        aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1])
+
+        with mock.patch(
+            "prowler.providers.common.provider.Provider.get_global_provider",
+            return_value=aws_provider,
+        ):
+            with mock.patch(
+                "prowler.providers.aws.services.rds.rds_instance_critical_event_subscription.rds_instance_critical_event_subscription.rds_client",
+                new=RDS(aws_provider),
+            ):
+                # Test Check
+                from prowler.providers.aws.services.rds.rds_instance_critical_event_subscription.rds_instance_critical_event_subscription import (
+                    rds_instance_critical_event_subscription,
+                )
+
+                check = rds_instance_critical_event_subscription()
+                result = check.execute()
+
+                assert len(result) == 1
+                assert result[0].status == "FAIL"
+                assert (
+                    result[0].status_extended
+                    == "RDS instance event categories of maintenance, configuration change, and failure are not subscribed."
+                )
+                assert result[0].resource_id == "TestSub"
+                assert result[0].region == AWS_REGION_US_EAST_1
+                assert (
+                    result[0].resource_arn
+                    == f"arn:aws:rds:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:es:TestSub"
+                )
+                assert result[0].resource_tags == []