Esempio n. 1
0
 def testMetricFilterAndAlarmExistForS3PolicyChanges(self):
     trailsWithoutAlarmsForS3PolicyChanges = []
     trails = self._getTrails()
     self.assertNotEqual([], trails, "No trails defined. Recommendation: 3.8")
     for trail in trails:
         if trail.cloudWatchLogGroup is None:
             trailsWithoutAlarmsForS3PolicyChanges.append(trail)
         else:
             metricFilters = LogMetricFilterSet(CloudWatchLogs().getMetricFilters(trail.cloudWatchLogGroup)['metricFilters'])
             if metricFilters.s3PolicyChangeFilterAlarmOrSubscriberNotDefined():
                 trailsWithoutAlarmsForS3PolicyChanges.append(trail)
     self.assertEqual([], trailsWithoutAlarmsForS3PolicyChanges, 'Trail(s) without alarms for S3 policy changes: %s. Recommendation: 3.8' % self._trails(trailsWithoutAlarmsForS3PolicyChanges))
Esempio n. 2
0
 def testMetricFilterAndAlarmExistForConsoleAuthFailure(self):
     trailsWithoutAlarmsForConsoleAuthFailures = []
     trails = self._getTrails()
     self.assertNotEqual([], trails, "No trails defined. Recommendation: 3.6")
     for trail in trails:
         if trail.cloudWatchLogGroup is None:
             trailsWithoutAlarmsForConsoleAuthFailures.append(trail)
         else:
             metricFilters = LogMetricFilterSet(CloudWatchLogs().getMetricFilters(trail.cloudWatchLogGroup)['metricFilters'])
             if metricFilters.consoleAuthFailureFilterAlarmOrSubscriberNotDefined():
                 trailsWithoutAlarmsForConsoleAuthFailures.append(trail)
     self.assertEqual([], trailsWithoutAlarmsForConsoleAuthFailures, 'Trail(s) without alarms for web console auth failures: %s. Recommendation: 3.6' % self._trails(trailsWithoutAlarmsForConsoleAuthFailures))
Esempio n. 3
0
 def testMetricFilterAndAlarmExistForRootLogin(self):
     trailsWithoutAlarmsForRootLogin = []
     trails = self._getTrails()
     self.assertNotEqual([], trails, "No trails defined. Recommendation: 3.3")
     for trail in trails:
         if trail.cloudWatchLogGroup is None:
             trailsWithoutAlarmsForRootLogin.append(trail)
         else:
             metricFilters = LogMetricFilterSet(CloudWatchLogs().getMetricFilters(trail.cloudWatchLogGroup)['metricFilters'])
             if metricFilters.rootLoginFilterAlarmOrSubscriberNotDefined():
                 trailsWithoutAlarmsForRootLogin.append(trail)
     self.assertEqual([], trailsWithoutAlarmsForRootLogin, 'Trail(s) without alarms for root login: %s. Recommendation: 3.3' % self._trails(trailsWithoutAlarmsForRootLogin))
Esempio n. 4
0
 def testMetricFilterAndAlarmExistForLoginWithoutMfa(self):
     trailsWithoutAlarmsForLoginWithoutMfa = []
     trails = self._getTrails()
     self.assertNotEqual([], trails, "No trails defined. Recommendation: 3.2")
     for trail in trails:
         if trail.cloudWatchLogGroup is None:
             trailsWithoutAlarmsForLoginWithoutMfa.append(trail)
         else:
             metricFilters = LogMetricFilterSet(CloudWatchLogs().getMetricFilters(trail.cloudWatchLogGroup)['metricFilters'])
             if metricFilters.loginWithoutMfaFilterAlarmOrSubscriberNotDefined():
                 trailsWithoutAlarmsForLoginWithoutMfa.append(trail)
     self.assertEqual([], trailsWithoutAlarmsForLoginWithoutMfa, 'Trail(s) without alarms for web console login without MFA: %s. Recommendation: 3.2' % self._trails(trailsWithoutAlarmsForLoginWithoutMfa))
Esempio n. 5
0
 def testMetricFilterAndAlarmExistForUnauthorizedApiCalls(self):
     trailsWithoutAlarmsForUnauthorizedApiCalls = []
     trails = self._getTrails()
     self.assertNotEqual([], trails, "No trails defined. Recommendation: 3.1")
     for trail in trails:
         if trail.cloudWatchLogGroup is None:
             trailsWithoutAlarmsForUnauthorizedApiCalls.append(trail)
         else:
             metricFilters = LogMetricFilterSet(CloudWatchLogs().getMetricFilters(trail.cloudWatchLogGroup)['metricFilters'])
             if metricFilters.unauthorizedApiCallFilterAlarmOrSubscriberNotDefined():
                 trailsWithoutAlarmsForUnauthorizedApiCalls.append(trail)
     self.assertEqual([], trailsWithoutAlarmsForUnauthorizedApiCalls, 'Trail(s) without alarms for unauthorized API calls: %s. Recommendation: 3.1' % self._trails(trailsWithoutAlarmsForUnauthorizedApiCalls))
 def testMetricFilterAndAlarmExistForNetworkGatewayChanges(self):
     trailsWithoutAlarmsForNetworkGatewayChanges = []
     trails = self._getTrails()
     self.assertNotEqual([], trails, "No trails defined.")
     for trail in trails:
         if trail.cloudWatchLogGroup is None:
             trailsWithoutAlarmsForNetworkGatewayChanges.append(trail)
         else:
             metricFilters = LogMetricFilterSet(
                 CloudWatchLogs().getMetricFilters(
                     trail.cloudWatchLogGroup)['metricFilters'])
             if metricFilters.networkGatewayChangeFilterAlarmOrSubscriberNotDefined(
             ):
                 trailsWithoutAlarmsForNetworkGatewayChanges.append(trail)
     self.assertEqual(
         [], trailsWithoutAlarmsForNetworkGatewayChanges,
         'Trail(s) without alarms for network gateway changes: %s.' %
         self._trails(trailsWithoutAlarmsForNetworkGatewayChanges))