def test_check_internet_accessible_ingress(self):
auditor = SecurityGroupAuditor(accounts=['TEST_ACCOUNT'])
auditor.prep_for_audit()
item = SecurityGroupItem(region=AWS_DEFAULT_REGION, account='TEST_ACCOUNT', name='INTERNET_SG_INGRESS',
config=INTERNET_SG_INGRESS)
auditor.check_internet_accessible_ingress(item)
self.assertEquals(len(item.audit_issues), 1)
self.assertEquals(item.audit_issues[0].score, 0)
def test_check_securitygroup_ec2_rfc1918(self):
auditor = SecurityGroupAuditor(accounts=['TEST_ACCOUNT'])
auditor.prep_for_audit()
item = SecurityGroupItem(region=AWS_DEFAULT_REGION, account='TEST_ACCOUNT', name='INTERNAL_SG',
config=INTERNAL_SG)
auditor.check_securitygroup_ec2_rfc1918(item)
self.assertEquals(len(item.audit_issues), 1)
self.assertEquals(item.audit_issues[0].score, 0)
def test_check_securitygroup_ec2_rfc1918(self):
auditor = SecurityGroupAuditor(accounts=['TEST_ACCOUNT'])
auditor.prep_for_audit()
item = SecurityGroupItem(region=AWS_DEFAULT_REGION,
account='TEST_ACCOUNT',
name='INTERNAL_SG',
config=INTERNAL_SG)
auditor.check_securitygroup_ec2_rfc1918(item)
self.assertEquals(len(item.audit_issues), 1)
self.assertEquals(item.audit_issues[0].score, 0)
def test_check_internet_accessible_egress(self):
auditor = SecurityGroupAuditor(accounts=['TEST_ACCOUNT'])
auditor.prep_for_audit()
item = SecurityGroupItem(region=AWS_DEFAULT_REGION,
account='TEST_ACCOUNT',
name='INTERNET_SG_EGRESS',
config=INTERNET_SG_EGRESS)
auditor.check_internet_accessible_egress(item)
self.assertEquals(len(item.audit_issues), 1)
self.assertEquals(item.audit_issues[0].score, 0)
