def test_check_logging(self):
from security_monkey.auditors.elb import ELBAuditor
auditor = ELBAuditor(accounts=["012345678910"])
from security_monkey.cloudaux_watcher import CloudAuxChangeItem
item = CloudAuxChangeItem(index='elb', account='TEST_ACCOUNT', name='MyELB',
arn=ARN_PREFIX + ":elasticloadbalancing:" + AWS_DEFAULT_REGION + ":012345678910:loadbalancer/MyELB", config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 0)
elb = dict(INTERNET_ELB)
elb['Attributes']['AccessLog']['Enabled'] = False
item = CloudAuxChangeItem(index='elb', account='TEST_ACCOUNT', name='MyELB',
arn=ARN_PREFIX + ":elasticloadbalancing:" + AWS_DEFAULT_REGION + ":012345678910:loadbalancer/MyELB", config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 1)
self.assertEqual(item.audit_issues[0].issue, 'Recommendation')
self.assertEqual(item.audit_issues[0].notes, 'Enable access logs')
del elb['Attributes']['AccessLog']
item = CloudAuxChangeItem(index='elb', account='TEST_ACCOUNT', name='MyELB',
arn=ARN_PREFIX + ":elasticloadbalancing:" + AWS_DEFAULT_REGION + ":012345678910:loadbalancer/MyELB", config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 1)
self.assertEqual(item.audit_issues[0].issue, 'Recommendation')
self.assertEqual(item.audit_issues[0].notes, 'Enable access logs')
def test_check_logging(self):
from security_monkey.auditors.elb import ELBAuditor
auditor = ELBAuditor(accounts=["012345678910"])
from security_monkey.cloudaux_watcher import CloudAuxChangeItem
item = CloudAuxChangeItem(
index='elb',
account='TEST_ACCOUNT',
name='MyELB',
arn=
"arn:aws:elasticloadbalancing:us-east-1:012345678910:loadbalancer/MyELB",
config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 0)
elb = dict(INTERNET_ELB)
elb['Attributes']['AccessLog']['Enabled'] = False
item = CloudAuxChangeItem(
index='elb',
account='TEST_ACCOUNT',
name='MyELB',
arn=
"arn:aws:elasticloadbalancing:us-east-1:012345678910:loadbalancer/MyELB",
config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 1)
self.assertEqual(item.audit_issues[0].issue,
'ELB is not configured for logging.')
del elb['Attributes']['AccessLog']
item = CloudAuxChangeItem(
index='elb',
account='TEST_ACCOUNT',
name='MyELB',
arn=
"arn:aws:elasticloadbalancing:us-east-1:012345678910:loadbalancer/MyELB",
config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 1)
self.assertEqual(item.audit_issues[0].issue,
'ELB is not configured for logging.')
def test_check_logging(self):
from security_monkey.auditors.elb import ELBAuditor
auditor = ELBAuditor(accounts=["012345678910"])
from security_monkey.cloudaux_watcher import CloudAuxChangeItem
item = CloudAuxChangeItem(index='elb',
account='TEST_ACCOUNT',
name='MyELB',
arn=ARN_PREFIX + ":elasticloadbalancing:" +
AWS_DEFAULT_REGION +
":012345678910:loadbalancer/MyELB",
config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 0)
elb = dict(INTERNET_ELB)
elb['Attributes']['AccessLog']['Enabled'] = False
item = CloudAuxChangeItem(index='elb',
account='TEST_ACCOUNT',
name='MyELB',
arn=ARN_PREFIX + ":elasticloadbalancing:" +
AWS_DEFAULT_REGION +
":012345678910:loadbalancer/MyELB",
config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 1)
self.assertEqual(item.audit_issues[0].issue, 'Recommendation')
self.assertEqual(item.audit_issues[0].notes, 'Enable access logs')
del elb['Attributes']['AccessLog']
item = CloudAuxChangeItem(index='elb',
account='TEST_ACCOUNT',
name='MyELB',
arn=ARN_PREFIX + ":elasticloadbalancing:" +
AWS_DEFAULT_REGION +
":012345678910:loadbalancer/MyELB",
config=INTERNET_ELB)
auditor.check_logging(item)
self.assertEqual(len(item.audit_issues), 1)
self.assertEqual(item.audit_issues[0].issue, 'Recommendation')
self.assertEqual(item.audit_issues[0].notes, 'Enable access logs')