mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-04 19:21:51 +00:00
fix(alibabacloud): implement ram_password_policy_number and fix cs weekly check loading (#11683)
This commit is contained in:
committed by
GitHub
parent
dc228e8b36
commit
36be63af07
@@ -2,6 +2,14 @@
|
||||
|
||||
All notable changes to the **Prowler SDK** are documented in this file.
|
||||
|
||||
## [5.31.1] (Prowler UNRELEASED)
|
||||
|
||||
### 🐞 Fixed
|
||||
|
||||
- Alibaba Cloud `ram_password_policy_number` and `cs_kubernetes_cluster_check_weekly` checks not being loaded due to missing implementation and package files [(#11683)](https://github.com/prowler-cloud/prowler/pull/11683)
|
||||
|
||||
---
|
||||
|
||||
## [5.31.0] (Prowler v5.31.0)
|
||||
|
||||
### 🚀 Added
|
||||
|
||||
+34
@@ -0,0 +1,34 @@
|
||||
from prowler.lib.check.models import Check, CheckReportAlibabaCloud
|
||||
from prowler.providers.alibabacloud.services.ram.ram_client import ram_client
|
||||
|
||||
|
||||
class ram_password_policy_number(Check):
|
||||
"""Check if RAM password policy requires at least one number."""
|
||||
|
||||
def execute(self) -> list[CheckReportAlibabaCloud]:
|
||||
findings = []
|
||||
|
||||
if ram_client.password_policy:
|
||||
report = CheckReportAlibabaCloud(
|
||||
metadata=self.metadata(), resource=ram_client.password_policy
|
||||
)
|
||||
report.region = ram_client.region
|
||||
report.resource_id = f"{ram_client.audited_account}-password-policy"
|
||||
report.resource_arn = (
|
||||
f"acs:ram::{ram_client.audited_account}:password-policy"
|
||||
)
|
||||
|
||||
if ram_client.password_policy.require_numbers:
|
||||
report.status = "PASS"
|
||||
report.status_extended = (
|
||||
"RAM password policy requires at least one number."
|
||||
)
|
||||
else:
|
||||
report.status = "FAIL"
|
||||
report.status_extended = (
|
||||
"RAM password policy does not require at least one number."
|
||||
)
|
||||
|
||||
findings.append(report)
|
||||
|
||||
return findings
|
||||
+67
@@ -0,0 +1,67 @@
|
||||
from unittest import mock
|
||||
|
||||
from tests.providers.alibabacloud.alibabacloud_fixtures import (
|
||||
set_mocked_alibabacloud_provider,
|
||||
)
|
||||
|
||||
|
||||
class TestRamPasswordPolicyNumber:
|
||||
def test_numbers_not_required_fails(self):
|
||||
ram_client = mock.MagicMock()
|
||||
ram_client.audited_account = "1234567890"
|
||||
ram_client.region = "cn-hangzhou"
|
||||
|
||||
with (
|
||||
mock.patch(
|
||||
"prowler.providers.common.provider.Provider.get_global_provider",
|
||||
return_value=set_mocked_alibabacloud_provider(),
|
||||
),
|
||||
mock.patch(
|
||||
"prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number.ram_client",
|
||||
new=ram_client,
|
||||
),
|
||||
):
|
||||
from prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number import (
|
||||
ram_password_policy_number,
|
||||
)
|
||||
from prowler.providers.alibabacloud.services.ram.ram_service import (
|
||||
PasswordPolicy,
|
||||
)
|
||||
|
||||
ram_client.password_policy = PasswordPolicy(require_numbers=False)
|
||||
|
||||
check = ram_password_policy_number()
|
||||
result = check.execute()
|
||||
|
||||
assert len(result) == 1
|
||||
assert result[0].status == "FAIL"
|
||||
|
||||
def test_numbers_required_passes(self):
|
||||
ram_client = mock.MagicMock()
|
||||
ram_client.audited_account = "1234567890"
|
||||
ram_client.region = "cn-hangzhou"
|
||||
|
||||
with (
|
||||
mock.patch(
|
||||
"prowler.providers.common.provider.Provider.get_global_provider",
|
||||
return_value=set_mocked_alibabacloud_provider(),
|
||||
),
|
||||
mock.patch(
|
||||
"prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number.ram_client",
|
||||
new=ram_client,
|
||||
),
|
||||
):
|
||||
from prowler.providers.alibabacloud.services.ram.ram_password_policy_number.ram_password_policy_number import (
|
||||
ram_password_policy_number,
|
||||
)
|
||||
from prowler.providers.alibabacloud.services.ram.ram_service import (
|
||||
PasswordPolicy,
|
||||
)
|
||||
|
||||
ram_client.password_policy = PasswordPolicy(require_numbers=True)
|
||||
|
||||
check = ram_password_policy_number()
|
||||
result = check.execute()
|
||||
|
||||
assert len(result) == 1
|
||||
assert result[0].status == "PASS"
|
||||
Reference in New Issue
Block a user