def test_invalid_security_group_cidripv6(invalid_security_group_cidripv6): rule = SecurityGroupOpenToWorldRule(None) result = rule.invoke(invalid_security_group_cidripv6) assert not result.valid assert result.failed_rules[0].rule == "SecurityGroupOpenToWorldRule" assert result.failed_rules[0].reason == "Port 22 open to the world in security group 'SecurityGroup'"
def test_valid_security_group_port443(valid_security_group_port443): rule = SecurityGroupOpenToWorldRule(None) result = rule.invoke(valid_security_group_port443) assert result.valid assert len(result.failed_rules) == 0 assert len(result.failed_monitored_rules) == 0
def test_security_group_type_slash0(security_group_type_slash0): rule = SecurityGroupOpenToWorldRule(None) result = rule.invoke(security_group_type_slash0) assert not result.valid assert result.failed_rules[0].rule == "SecurityGroupOpenToWorldRule" assert result.failed_rules[0].reason == "Port 22 open to the world in security group 'SecurityGroup'"
def test_invalid_security_group_multiple_statements(invalid_security_group_multiple_statements): rule = SecurityGroupOpenToWorldRule(None) result = rule.invoke(invalid_security_group_multiple_statements) assert not result.valid assert result.failed_rules[0].rule == "SecurityGroupOpenToWorldRule" assert result.failed_rules[0].reason == "Port 9090 open to the world in security group 'SecurityGroup'"
def test_valid_security_group_port80(valid_security_group_port80): result = Result() rule = SecurityGroupOpenToWorldRule(None, result) rule.invoke(valid_security_group_port80) assert result.valid assert len(result.failed_rules) == 0 assert len(result.failed_monitored_rules) == 0
def test_invalid_security_group_range(invalid_security_group_range): result = Result() rule = SecurityGroupOpenToWorldRule(None, result) rule.invoke(invalid_security_group_range) assert not result.valid assert result.failed_rules[0].rule == "SecurityGroupOpenToWorldRule" assert result.failed_rules[ 0].reason == "Port 0 open to the world in security group 'SecurityGroup'"