def test_failure(self):
resource_conf = {
'name': ['foo'],
'vpc_id': ['${var.vpc_id}'],
'ingress': [{
'from_port': [22],
'to_port': [22],
'protocol': ['TCP'],
'cidr_blocks': [['0.0.0.0/0']]
}, {
'from_port': [443],
'to_port': [443],
'protocol': ['TCP'],
'cidr_blocks': [['0.0.0.0/0']]
}],
'egress': [{
'from_port': [0],
'to_port': [0],
'protocol': ['-1'],
'cidr_blocks': [['0.0.0.0/0']]
}]
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)
def test_success(self):
resource_conf = {
'name': ['foo'],
'vpc_id': ['${var.vpc_id}'],
'ingress': [{
'from_port': [80],
'to_port': [80],
'protocol': ['TCP'],
'cidr_blocks': [['0.0.0.0/0']]
}, {
'from_port': [443],
'to_port': [443],
'protocol': ['TCP'],
'cidr_blocks': [['0.0.0.0/0']]
}],
'egress': [{
'from_port': [0],
'to_port': [0],
'protocol': ['-1'],
'cidr_blocks': [['0.0.0.0/0']]
}],
'tags': [{
'kubernetes.io/cluster/${var.cluster_name}': 'owned',
'kubernetes:application': '${local.name}'
}]
}
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
