Python scan_resource_conf Examples

Example #1

 def test_failure(self):
     resource_conf = {
         'load_balancer_arn': ['${aws_lb.examplea.arn}'],
         'port': ['443'],
         'protocol': ['HTTPS'],
         'ssl_policy': ["ELBSecurityPolicy-2016-08"],
         'default_action': [{
             'type': ['forward'],
             'target_group_arn': ['${aws_lb_target_group.examplea.arn}']
         }]
     }
     scan_result = check.scan_resource_conf(conf=resource_conf)
     self.assertEqual(CheckResult.FAILED, scan_result)

Example #2

File: test_AppLoadBalancerTLS12.py Project: xB-2048/checkov

 def test_nlb_tls_success(self):
     resource_conf = {
         'load_balancer_arn': ['${aws_lb.example.arn}'],
         'port': ['443'],
         'protocol': ['TLS'],
         'ssl_policy': ["ELBSecurityPolicy-FS-1-2-Res-2019-08"],
         'default_action': [{
             'type': ['forward'],
             'target_group_arn': ['${aws_lb_target_group.example.arn}']
         }]
     }
     scan_result = check.scan_resource_conf(conf=resource_conf)
     self.assertEqual(CheckResult.PASSED, scan_result)

Example #3

 def test_redirect(self):
     hcl_res = hcl2.loads("""
         resource "aws_lb_listener" "http" {
           load_balancer_arn = aws_lb.public.arn
           port              = "80"
           protocol          = "HTTP" 
         
           default_action {
             redirect {
               port        = "443"
               protocol    = "HTTPS"
               status_code = "HTTP_301"
             }
             type = "redirect"
           }
         }
         """)
     resource_conf = hcl_res['resource'][0]['aws_lb_listener']['http']
     scan_result = check.scan_resource_conf(conf=resource_conf)
     self.assertEqual(CheckResult.PASSED, scan_result)