Esempi in Python per PrivilegeEscalationRule

Linguaggio di programmazione: Python

Spazio dei nomi/nome del pacchetto: cfripper.rules.privilege_escalation

Classe/tipologia: PrivilegeEscalationRule

Esempi su hotexamples.com: 6

PrivilegeEscalationRule in Python: 6 esempi trovati. Questi sono i migliori esempi reali in Python per cfripper.rules.privilege_escalation.PrivilegeEscalationRule, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Metodi utilizzati di frequente

Mostra Nascondi

invoke(7)

PrivilegeEscalationRule(6)

Metodi utilizzati di frequente

invoke (7)

PrivilegeEscalationRule (6)

Esempio n. 1

Mostra file

def test_rule_supports_filter_config(privilege_escalation_role_cf,
                                     default_allow_all_config):
    rule = PrivilegeEscalationRule(default_allow_all_config)
    result = rule.invoke(privilege_escalation_role_cf)

    assert result.valid
    assert compare_lists_of_failures(result.failures, [])

Esempio n. 2

Mostra file

def test_valid_privilege_escalation_on_s3_bucket_policy(
        valid_privilege_escalation_on_s3_bucket_policy):
    rule = PrivilegeEscalationRule(None)
    result = rule.invoke(valid_privilege_escalation_on_s3_bucket_policy)

    assert result.valid
    assert compare_lists_of_failures(result.failures, [])

Esempio n. 3

Mostra file

def test_valid_role_inline_policy(valid_role_inline_policy):
    rule = PrivilegeEscalationRule(None)
    result = rule.invoke(valid_role_inline_policy)

    assert not result.valid
    assert len(result.failed_rules) == 1
    assert len(result.failed_monitored_rules) == 0
    assert result.failed_rules[0].rule == "PrivilegeEscalationRule"
    assert result.failed_rules[0].reason == "PolicyA has blacklisted IAM action iam:createpolicy"

Esempio n. 4

Mostra file

def test_privilege_escalation_using_role(privilege_escalation_role_cf):
    rule = PrivilegeEscalationRule(None)
    result = rule.invoke(privilege_escalation_role_cf)

    assert not result.valid
    assert len(result.failed_rules) == 1
    assert len(result.failed_monitored_rules) == 0
    assert result.failed_rules[0].rule == "PrivilegeEscalationRule"
    assert (
        result.failed_rules[0].reason ==
        "PrivilegeInjectorRole has blacklisted IAM actions: ['iam:UpdateAssumeRolePolicy']"
    )

Esempio n. 5

Mostra file

def test_privilege_escalation_using_role(privilege_escalation_role_cf):
    rule = PrivilegeEscalationRule(None)
    result = rule.invoke(privilege_escalation_role_cf)

    assert not result.valid
    assert compare_lists_of_failures(
        result.failures,
        [
            Failure(
                granularity=RuleGranularity.ACTION,
                reason=
                "PrivilegeInjectorRole has blacklisted IAM actions: ['iam:UpdateAssumeRolePolicy']",
                risk_value=RuleRisk.HIGH,
                rule="PrivilegeEscalationRule",
                rule_mode=RuleMode.BLOCKING,
                actions={"iam:UpdateAssumeRolePolicy"},
                resource_ids={"PrivilegeInjectorRole"},
            )
        ],
    )

Esempio n. 6

Mostra file

def test_valid_role_inline_policy(valid_role_inline_policy):
    rule = PrivilegeEscalationRule(None)
    result = rule.invoke(valid_role_inline_policy)

    assert not result.valid
    assert compare_lists_of_failures(
        result.failures,
        [
            Failure(
                granularity=RuleGranularity.ACTION,
                reason=
                "PolicyA has blacklisted IAM actions: ['iam:AddUserToGroup', 'iam:CreatePolicy']",
                risk_value=RuleRisk.HIGH,
                rule="PrivilegeEscalationRule",
                rule_mode=RuleMode.BLOCKING,
                actions={"iam:AddUserToGroup", "iam:CreatePolicy"},
                resource_ids={"PolicyA"},
            )
        ],
    )