Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_failure(self):
resource_conf = {
"minimum_password_length": [15],
"require_lowercase_characters": [True],
"require_numbers": [True],
"require_uppercase_characters": [True],
"require_symbols": [True],
"allow_users_to_change_password": [True],
"max_password_age": [89],
"password_reuse_prevention": [4]
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)
def test_failure_on_missing_property(self):
resource_conf = {
"minimum_password_length": [15],
"require_lowercase_characters": [True],
"require_numbers": [True],
"require_uppercase_characters": [True],
"require_symbols": [True],
"allow_users_to_change_password": [True],
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)
def test_failure_s3_accesslogs(self):
resource_conf = {"region": ["us-west-2"],
"bucket": ["my_bucket"],
"acl": ["public-read"],
"force_destroy": [True],
"tags": [{"Name": "my-bucket"}]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)
def test_success(self):
resource_conf = {
"description": "KMS key 1",
"deletion_window_in_days": 10,
"enable_key_rotation": True
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
def test_success(self):
resource_conf = {"region": ["us-west-2"],
"bucket": ["my_bucket"],
"force_destroy": [True],
"tags": [{"Name": "my-bucket"}]
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
def test_success(self):
resource_conf = {
"minimum_password_length": [8],
"require_lowercase_characters": [True],
"require_numbers": [True],
"require_uppercase_characters": [True],
"require_symbols": [True],
"allow_users_to_change_password": [True],
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
def test_success(self):
resource_conf = {'cluster': [''], 'management': [{'auto_upgrade': [True]}]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
def test_success(self):
resource_conf = {'name': ['nonprod-ssl-policy'], 'profile': ['MODERN'], 'min_tls_version': ['TLS_1_2']}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
resource_conf = {"region": ["us-west-2"],
"bucket": ["my_bucket"],
"acl": ["public-read"],
"force_destroy": [True],
"tags": [{"Name": "my-bucket"}],
"logging": [{"target_bucket": "logging-bucket",
"target_prefix": "log/"
}],
"server_side_encryption_configuration": [
{"rule": [{"apply_server_side_encryption_by_default": [{
"kms_master_key_id": "foo",
"sse_algorithm": "aws:kms"
}]}]}]
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
def test_success(self):
resource_conf = {'name': ['my-gke-cluster'], 'location': ['us-central1'], 'remove_default_node_pool': [True],
'initial_node_count': [1], 'master_auth': [
{'username': [''], 'password': [''],
'client_certificate_config': [{'issue_client_certificate': [False]}]}]}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)