-
Notifications
You must be signed in to change notification settings - Fork 307
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #6975 from Checkmarx/kics-748-fix-severitycheck-tests
fix(tests): severity check tests
- Loading branch information
Showing
606 changed files
with
3,695 additions
and
3,701 deletions.
There are no files selected for viewing
6 changes: 3 additions & 3 deletions
6
assets/queries/ansible/aws/alb_listening_on_http/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "ALB Listening on HTTP", | ||
"severity": "HIGH", | ||
"severity": "MEDIUM", | ||
"line": 11 | ||
}, | ||
{ | ||
"queryName": "ALB Listening on HTTP", | ||
"severity": "HIGH", | ||
"severity": "MEDIUM", | ||
"line": 29 | ||
} | ||
] | ||
] |
22 changes: 11 additions & 11 deletions
22
assets/queries/ansible/aws/ami_not_encrypted/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "AMI Not Encrypted", | ||
"severity": "HIGH", | ||
"line": 6 | ||
}, | ||
{ | ||
"queryName": "AMI Not Encrypted", | ||
"severity": "HIGH", | ||
"line": 13 | ||
} | ||
] | ||
{ | ||
"queryName": "AMI Not Encrypted", | ||
"severity": "MEDIUM", | ||
"line": 6 | ||
}, | ||
{ | ||
"queryName": "AMI Not Encrypted", | ||
"severity": "MEDIUM", | ||
"line": 13 | ||
} | ||
] |
22 changes: 11 additions & 11 deletions
22
assets/queries/ansible/aws/api_gateway_xray_disabled/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "API Gateway X-Ray Disabled", | ||
"severity": "MEDIUM", | ||
"line": 8 | ||
}, | ||
{ | ||
"queryName": "API Gateway X-Ray Disabled", | ||
"severity": "MEDIUM", | ||
"line": 12 | ||
} | ||
] | ||
{ | ||
"queryName": "API Gateway X-Ray Disabled", | ||
"severity": "LOW", | ||
"line": 8 | ||
}, | ||
{ | ||
"queryName": "API Gateway X-Ray Disabled", | ||
"severity": "LOW", | ||
"line": 12 | ||
} | ||
] |
8 changes: 4 additions & 4 deletions
8
assets/queries/ansible/aws/authentication_without_mfa/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,17 @@ | ||
[ | ||
{ | ||
"queryName": "Authentication Without MFA", | ||
"severity": "HIGH", | ||
"severity": "LOW", | ||
"line": 2 | ||
}, | ||
{ | ||
"queryName": "Authentication Without MFA", | ||
"severity": "HIGH", | ||
"severity": "LOW", | ||
"line": 9 | ||
}, | ||
{ | ||
"queryName": "Authentication Without MFA", | ||
"severity": "HIGH", | ||
"severity": "LOW", | ||
"line": 9 | ||
} | ||
] | ||
] |
6 changes: 3 additions & 3 deletions
6
...le/aws/aws_password_policy_with_unchangeable_passwords/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "AWS Password Policy With Unchangeable Passwords", | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 9 | ||
}, | ||
{ | ||
"queryName": "AWS Password Policy With Unchangeable Passwords", | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 21 | ||
} | ||
] | ||
] |
6 changes: 3 additions & 3 deletions
6
...ries/ansible/aws/ca_certificate_identifier_is_outdated/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "CA Certificate Identifier Is Outdated", | ||
"severity": "HIGH", | ||
"severity": "MEDIUM", | ||
"line": 10 | ||
}, | ||
{ | ||
"queryName": "CA Certificate Identifier Is Outdated", | ||
"severity": "HIGH", | ||
"severity": "MEDIUM", | ||
"line": 12 | ||
} | ||
] | ||
] |
8 changes: 4 additions & 4 deletions
8
...nsible/aws/cloudfront_without_minimum_protocol_tls_1.2/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,17 @@ | ||
[ | ||
{ | ||
"queryName": "CloudFront Without Minimum Protocol TLS 1.2", | ||
"severity": "HIGH", | ||
"severity": "MEDIUM", | ||
"line": 18 | ||
}, | ||
{ | ||
"queryName": "CloudFront Without Minimum Protocol TLS 1.2", | ||
"severity": "HIGH", | ||
"severity": "MEDIUM", | ||
"line": 37 | ||
}, | ||
{ | ||
"line": 40, | ||
"queryName": "CloudFront Without Minimum Protocol TLS 1.2", | ||
"severity": "HIGH" | ||
"severity": "MEDIUM" | ||
} | ||
] | ||
] |
12 changes: 6 additions & 6 deletions
12
assets/queries/ansible/aws/cloudfront_without_waf/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
[ | ||
{ | ||
"queryName": "CloudFront Without WAF", | ||
"severity": "LOW", | ||
"line": 2 | ||
} | ||
] | ||
{ | ||
"queryName": "CloudFront Without WAF", | ||
"severity": "MEDIUM", | ||
"line": 2 | ||
} | ||
] |
12 changes: 6 additions & 6 deletions
12
assets/queries/ansible/aws/cloudtrail_logging_disabled/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
[ | ||
{ | ||
"queryName": "CloudTrail Logging Disabled", | ||
"severity": "HIGH", | ||
"line": 5 | ||
} | ||
] | ||
{ | ||
"queryName": "CloudTrail Logging Disabled", | ||
"severity": "MEDIUM", | ||
"line": 5 | ||
} | ||
] |
12 changes: 6 additions & 6 deletions
12
...s/queries/ansible/aws/cloudtrail_multi_region_disabled/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
[ | ||
{ | ||
"queryName": "CloudTrail Multi Region Disabled", | ||
"severity": "MEDIUM", | ||
"line": 7 | ||
} | ||
] | ||
{ | ||
"queryName": "CloudTrail Multi Region Disabled", | ||
"severity": "LOW", | ||
"line": 7 | ||
} | ||
] |
10 changes: 5 additions & 5 deletions
10
.../ansible/aws/cloudtrail_not_integrated_with_cloudwatch/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,22 +1,22 @@ | ||
[ | ||
{ | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 2, | ||
"queryName": "CloudTrail Not Integrated With CloudWatch" | ||
}, | ||
{ | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 2, | ||
"queryName": "CloudTrail Not Integrated With CloudWatch" | ||
}, | ||
{ | ||
"queryName": "CloudTrail Not Integrated With CloudWatch", | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 14 | ||
}, | ||
{ | ||
"queryName": "CloudTrail Not Integrated With CloudWatch", | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 27 | ||
} | ||
] | ||
] |
22 changes: 11 additions & 11 deletions
22
...ueries/ansible/aws/cloudtrail_sns_topic_name_undefined/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "CloudTrail SNS Topic Name Undefined", | ||
"severity": "MEDIUM", | ||
"line": 2 | ||
}, | ||
{ | ||
"queryName": "CloudTrail SNS Topic Name Undefined", | ||
"severity": "MEDIUM", | ||
"line": 15 | ||
} | ||
] | ||
{ | ||
"queryName": "CloudTrail SNS Topic Name Undefined", | ||
"severity": "INFO", | ||
"line": 2 | ||
}, | ||
{ | ||
"queryName": "CloudTrail SNS Topic Name Undefined", | ||
"severity": "INFO", | ||
"line": 15 | ||
} | ||
] |
6 changes: 3 additions & 3 deletions
6
...ible/aws/cloudwatch_without_retention_period_specified/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "CloudWatch Without Retention Period Specified", | ||
"severity": "MEDIUM", | ||
"severity": "INFO", | ||
"line": 2 | ||
}, | ||
{ | ||
"queryName": "CloudWatch Without Retention Period Specified", | ||
"severity": "MEDIUM", | ||
"severity": "INFO", | ||
"line": 7 | ||
} | ||
] | ||
] |
6 changes: 3 additions & 3 deletions
6
assets/queries/ansible/aws/cmk_rotation_disabled/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,14 @@ | ||
[ | ||
{ | ||
"queryName": "CMK Rotation Disabled", | ||
"severity": "HIGH", | ||
"severity": "LOW", | ||
"line": 2, | ||
"fileName": "positive1.yaml" | ||
}, | ||
{ | ||
"queryName": "CMK Rotation Disabled", | ||
"severity": "HIGH", | ||
"severity": "LOW", | ||
"line": 7, | ||
"fileName": "positive2.yaml" | ||
} | ||
] | ||
] |
6 changes: 3 additions & 3 deletions
6
...onfig_configuration_aggregator_to_all_regions_disabled/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "Configuration Aggregator to All Regions Disabled", | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 10 | ||
}, | ||
{ | ||
"queryName": "Configuration Aggregator to All Regions Disabled", | ||
"severity": "MEDIUM", | ||
"severity": "LOW", | ||
"line": 24 | ||
} | ||
] | ||
] |
4 changes: 2 additions & 2 deletions
4
...ible/aws/config_rule_for_encrypted_volumes_is_disabled/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
[ | ||
{ | ||
"queryName": "Config Rule For Encrypted Volumes Disabled", | ||
"severity": "MEDIUM", | ||
"severity": "HIGH", | ||
"line": 2 | ||
} | ||
] | ||
] |
38 changes: 19 additions & 19 deletions
38
...ount_iam_assume_role_policy_without_external_id_or_mfa/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,20 @@ | ||
[ | ||
{ | ||
"queryName": "Cross-Account IAM Assume Role Policy Without ExternalId or MFA", | ||
"severity": "MEDIUM", | ||
"line": 4, | ||
"fileName": "positive1.yaml" | ||
}, | ||
{ | ||
"queryName": "Cross-Account IAM Assume Role Policy Without ExternalId or MFA", | ||
"severity": "MEDIUM", | ||
"line": 4, | ||
"fileName": "positive2.yaml" | ||
}, | ||
{ | ||
"queryName": "Cross-Account IAM Assume Role Policy Without ExternalId or MFA", | ||
"severity": "MEDIUM", | ||
"line": 4, | ||
"fileName": "positive3.yaml" | ||
} | ||
] | ||
{ | ||
"queryName": "Cross-Account IAM Assume Role Policy Without ExternalId or MFA", | ||
"severity": "HIGH", | ||
"line": 4, | ||
"fileName": "positive1.yaml" | ||
}, | ||
{ | ||
"queryName": "Cross-Account IAM Assume Role Policy Without ExternalId or MFA", | ||
"severity": "HIGH", | ||
"line": 4, | ||
"fileName": "positive2.yaml" | ||
}, | ||
{ | ||
"queryName": "Cross-Account IAM Assume Role Policy Without ExternalId or MFA", | ||
"severity": "HIGH", | ||
"line": 4, | ||
"fileName": "positive3.yaml" | ||
} | ||
] |
6 changes: 3 additions & 3 deletions
6
...ueries/ansible/aws/db_security_group_with_public_scope/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,12 @@ | ||
[ | ||
{ | ||
"queryName": "DB Security Group With Public Scope", | ||
"severity": "HIGH", | ||
"severity": "CRITICAL", | ||
"line": 22 | ||
}, | ||
{ | ||
"queryName": "DB Security Group With Public Scope", | ||
"severity": "HIGH", | ||
"severity": "CRITICAL", | ||
"line": 53 | ||
} | ||
] | ||
] |
10 changes: 5 additions & 5 deletions
10
assets/queries/ansible/aws/ebs_volume_encryption_disabled/test/positive_expected_result.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,22 +1,22 @@ | ||
[ | ||
{ | ||
"queryName": "EBS Volume Encryption Disabled", | ||
"severity": "MEDIUM", | ||
"severity": "HIGH", | ||
"line": 5 | ||
}, | ||
{ | ||
"queryName": "EBS Volume Encryption Disabled", | ||
"severity": "MEDIUM", | ||
"severity": "HIGH", | ||
"line": 12 | ||
}, | ||
{ | ||
"queryName": "EBS Volume Encryption Disabled", | ||
"severity": "MEDIUM", | ||
"severity": "HIGH", | ||
"line": 19 | ||
}, | ||
{ | ||
"queryName": "EBS Volume Encryption Disabled", | ||
"severity": "MEDIUM", | ||
"severity": "HIGH", | ||
"line": 24 | ||
} | ||
] | ||
] |
Oops, something went wrong.