fix(alibabacloud): implement ram_password_policy_number and fix cs weekly check loading (#11683)

This commit is contained in:
Daniel Barranquero
2026-06-24 12:37:45 +02:00
committed by GitHub
parent dc228e8b36
commit 36be63af07
4 changed files with 109 additions and 0 deletions
+8
View File
@@ -2,6 +2,14 @@
All notable changes to the **Prowler SDK** are documented in this file.
## [5.31.1] (Prowler UNRELEASED)
### 🐞 Fixed
- Alibaba Cloud `ram_password_policy_number` and `cs_kubernetes_cluster_check_weekly` checks not being loaded due to missing implementation and package files [(#11683)](https://github.com/prowler-cloud/prowler/pull/11683)
---
## [5.31.0] (Prowler v5.31.0)
### 🚀 Added
@@ -0,0 +1,34 @@
from prowler.lib.check.models import Check, CheckReportAlibabaCloud
from prowler.providers.alibabacloud.services.ram.ram_client import ram_client
class ram_password_policy_number(Check):
"""Check if RAM password policy requires at least one number."""
def execute(self) -> list[CheckReportAlibabaCloud]:
findings = []
if ram_client.password_policy:
report = CheckReportAlibabaCloud(
metadata=self.metadata(), resource=ram_client.password_policy
)
report.region = ram_client.region
report.resource_id = f"{ram_client.audited_account}-password-policy"
report.resource_arn = (
f"acs:ram::{ram_client.audited_account}:password-policy"
)
if ram_client.password_policy.require_numbers:
report.status = "PASS"
report.status_extended = (
"RAM password policy requires at least one number."
)
else:
report.status = "FAIL"
report.status_extended = (
"RAM password policy does not require at least one number."
)
findings.append(report)
return findings
@@ -0,0 +1,67 @@
from unittest import mock
from tests.providers.alibabacloud.alibabacloud_fixtures import (
set_mocked_alibabacloud_provider,
)
class TestRamPasswordPolicyNumber:
def test_numbers_not_required_fails(self):
ram_client = mock.MagicMock()
ram_client.audited_account = "1234567890"
ram_client.region = "cn-hangzhou"
with (
mock.patch(
"prowler.providers.common.provider.Provider.get_global_provider",
return_value=set_mocked_alibabacloud_provider(),
),
mock.patch(
"prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number.ram_client",
new=ram_client,
),
):
from prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number import (
ram_password_policy_number,
)
from prowler.providers.alibabacloud.services.ram.ram_service import (
PasswordPolicy,
)
ram_client.password_policy = PasswordPolicy(require_numbers=False)
check = ram_password_policy_number()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"
def test_numbers_required_passes(self):
ram_client = mock.MagicMock()
ram_client.audited_account = "1234567890"
ram_client.region = "cn-hangzhou"
with (
mock.patch(
"prowler.providers.common.provider.Provider.get_global_provider",
return_value=set_mocked_alibabacloud_provider(),
),
mock.patch(
"prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number.ram_client",
new=ram_client,
),
):
from prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number import (
ram_password_policy_number,
)
from prowler.providers.alibabacloud.services.ram.ram_service import (
PasswordPolicy,
)
ram_client.password_policy = PasswordPolicy(require_numbers=True)
check = ram_password_policy_number()
result = check.execute()
assert len(result) == 1
assert result[0].status == "PASS"