Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade minimatch from 3.1.2 to 10.0.1 #39

Open
wants to merge 1 commit into
base: developr
Choose a base branch
from
Open

[Snyk] Upgrade minimatch from 3.1.2 to 10.0.1 #39

wants to merge 1 commit into from

Conversation

gitworkflows
Copy link
Contributor

@gitworkflows gitworkflows commented Dec 9, 2024
edited by sourcery-ai bot
Loading

snyk-top-banner

Snyk has created this PR to upgrade minimatch from 3.1.2 to 10.0.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 62 versions ahead of your current version.

  • The recommended version was released on 5 months ago.

Release notes
Package name: minimatch
  • 10.0.1 - 2024-07-08

    10.0.1

  • 10.0.0 - 2024-07-08

    10.0.0

  • 9.0.5 - 2024-06-25

    9.0.5

  • 9.0.4 - 2024-03-28

    9.0.4

  • 9.0.3 - 2023-07-06

    9.0.3

  • 9.0.2 - 2023-06-23

    9.0.2

  • 9.0.1 - 2023-05-20

    9.0.1

  • 9.0.0 - 2023-04-09

    9.0.0

  • 8.0.4 - 2023-04-09

    8.0.4

  • 8.0.3 - 2023-04-03
  • 8.0.2 - 2023-04-02
  • 8.0.1 - 2023-04-02
  • 8.0.0 - 2023-04-02
  • 7.4.6 - 2023-04-09

    7.4.6

  • 7.4.5 - 2023-04-03
  • 7.4.4 - 2023-04-01
  • 7.4.3 - 2023-03-22
  • 7.4.2 - 2023-03-01
  • 7.4.1 - 2023-03-01
  • 7.4.0 - 2023-03-01
  • 7.3.0 - 2023-02-27
  • 7.2.0 - 2023-02-26
  • 7.1.4 - 2023-02-26
  • 7.1.3 - 2023-02-25
  • 7.1.2 - 2023-02-24
  • 7.1.1 - 2023-02-24
  • 7.1.0 - 2023-02-22
  • 7.0.1 - 2023-02-22
  • 7.0.0 - 2023-02-20
  • 6.2.0 - 2023-02-13
  • 6.1.10 - 2023-02-13
  • 6.1.9 - 2023-02-13
  • 6.1.8 - 2023-02-11
  • 6.1.7 - 2023-02-11
  • 6.1.6 - 2023-01-22
  • 6.1.5 - 2023-01-17
  • 6.1.4 - 2023-01-17
  • 6.1.3 - 2023-01-17
  • 6.1.2 - 2023-01-17
  • 6.1.1 - 2023-01-17
  • 6.1.0 - 2023-01-17
  • 6.0.4 - 2023-01-16
  • 6.0.3 - 2023-01-15
  • 6.0.2 - 2023-01-15
  • 6.0.1 - 2023-01-15
  • 6.0.0 - 2023-01-14
  • 5.1.6 - 2023-01-17
  • 5.1.5 - 2023-01-17
  • 5.1.4 - 2023-01-14
  • 5.1.3 - 2023-01-14
  • 5.1.2 - 2022-12-20
  • 5.1.1 - 2022-11-29
  • 5.1.0 - 2022-05-16
  • 5.0.1 - 2022-02-24
  • 5.0.0 - 2022-02-15
  • 4.2.3 - 2023-01-17
  • 4.2.2 - 2023-01-17
  • 4.2.1 - 2022-02-15
  • 4.2.0 - 2022-02-15
  • 4.1.1 - 2022-02-13
  • 4.1.0 - 2022-02-13
  • 4.0.0 - 2022-02-13
  • 3.1.2 - 2022-02-15
from minimatch GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Summary by Sourcery

Build:

  • Upgrade minimatch dependency from version 3.1.2 to 10.0.1 in package.json.

@snyk-bot
feat: upgrade minimatch from 3.1.2 to 10.0.1
18a6b7b 
Snyk has created this PR to upgrade minimatch from 3.1.2 to 10.0.1.

See this package in npm:
minimatch

See this project in Snyk:
https://app.snyk.io/org/khulnasoft-devsecops/project/f9132665-046e-4605-8fd2-e25f9bb55d35?utm_source=github&utm_medium=referral&page=upgrade-pr
@sourcery-ai Sourcery AI
Copy link

sourcery-ai bot commented Dec 9, 2024
edited
Loading

Reviewer's Guide by Sourcery

This PR upgrades the minimatch dependency from version 3.1.2 to 10.0.1. This is a major version upgrade spanning 62 versions that may introduce breaking changes. The upgrade is implemented through a simple version bump in the package.json file.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change Details Files
Updated minimatch dependency version constraint in package.json
  • Changed version constraint from ^3.0.4 to ^10.0.1
  • This is a major version upgrade that spans 62 versions
  • The change may introduce breaking changes due to the significant version jump
 package.json
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time. You can also use
    this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Dec 9, 2024

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

sourcery-ai[bot]
sourcery-ai bot reviewed Dec 9, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. Here's why:

  • It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
  • We don't review packaging changes - Let us know if you'd like us to change this.

@gitworkflows
Copy link
Contributor Author

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

@codiumai-pr-agent-free CodiumAI PR-Agent (Free)
Copy link

codiumai-pr-agent-free bot commented Dec 9, 2024
edited
Loading

CI Failure Feedback 🧐

(Checks updated until commit 18a6b7b)

Action: build

Failed stage: NPM Test [❌]

Failed test name: [INFO][REGIONS] Could not load all regions from EC2

Failure summary:

The action failed due to a configuration error related to AWS EC2 regions:

  • The log contains an error message indicating a "ConfigError" due to a "Missing region in config"
    when attempting to load regions from EC2.
  • This error suggests that the configuration for AWS EC2 is incomplete or incorrect, specifically
    lacking a specified region.

    • Relevant error logs: 
    1:  ##[group]Operating System
2:  Ubuntu
...

656:  (Use `node --trace-warnings ...` to show where the warning was created)
657:  engine
658:  INFO: Determining API calls to make...
659:  INFO: Found 350 API calls to make for aws plugins
660:  INFO: Collecting metadata. This may take several minutes...
661:  ✔ should run with no arguments (58ms)
662:  exports
663:  ✔ should use the proper format for each test (295ms)
664:  [INFO][REGIONS] Could not load all regions from EC2: {"message":"Missing region in config","code":"ConfigError","time":"2024-12-09T06:11:28.543Z"}
...

673:  ✔ should NOT traverse objects without allKeys option
674:  ✔ should NOT travers objects in standard keywords which value is not a schema
675:  pre and post
676:  ✔ should traverse schema in pre-order
677:  ✔ should traverse schema in post-order
678:  ✔ should traverse schema in pre- and post-order at the same time
679:  ackPrivateClusterEnabled
680:  run
681:  ✔ should FAIL if Cluster does not have Private Cluster enabled
682:  ✔ should PASS if Cluster have Private Cluster enabled
683:  ✔ should PASS if No ACK clusters found
684:  ✔ should UNKNOWN if unable to query ACK clusters
685:  ✔ should UNKNOWN if unable no Master_url is found for  ACK clusters
686:  cloudMonitorEnabled
687:  run
688:  ✔ should FAIL if Cluster does not have Cloud Monitor Enabled
689:  ✔ should PASS if Cluster has Cloud Monitor enabled
690:  ✔ should PASS if No ACK clusters found
691:  ✔ should UNKNOWN if unable to query ACK clusters
692:  logServiceEnabled
693:  run
694:  ✔ should FAIL if Cluster does not have Log Service enabled
695:  ✔ should PASS if Cluster has Log Service enabled
696:  ✔ should PASS if No ACK clusters found
697:  ✔ should UNKNOWN if unable to query ACK clusters
698:  ENImultipleIPmode
699:  run
700:  ✔ should FAIL if Cluster does not have NetworkPolicy Terway enabled
701:  ✔ should PASS if Cluster has NetworkPolicy Terway enabled
702:  ✔ should PASS if No ACK clusters found
703:  ✔ should UNKNOWN if unable to query ACK clusters
704:  networkPolicyEnabled
705:  run
706:  ✔ should FAIL if Cluster does not have NetworkPolicy enabled
707:  ✔ should PASS if Cluster has NetworkPolicy enabled
708:  ✔ should PASS if No ACK clusters found
709:  ✔ should UNKNOWN if unable to query ACK clusters
710:  webDashboardDisabled
711:  run
712:  ✔ should FAIL if Cluster has web dashboard enabled
713:  ✔ should PASS if Cluster does not have  web dashboard enabled
714:  ✔ should PASS if No ACK clusters found
715:  ✔ should UNKNOWN if unable to query ACK clusters
716:  actiontrailBucketPrivate
717:  run
718:  ✔ should FAIL if ActionTrail trail Bucket ACL allows public access
719:  ✔ should PASS if ActionTrail trail Bucket ACL allows private access
720:  ✔ should PASS if no ActionTrail trail found
721:  ✔ should PASS if no ActionTrail trail with OSS bucket destination found
722:  ✔ should UNKNOWN if unable to query ActionTrail trails
723:  ✔ should UNKNOWN if unable to query OSS bucket info
724:  actiontrailGlobalExportLogs
725:  run
726:  ✔ should FAIL if ActionTrail does not have global trail to log all events
727:  ✔ should FAIL if ActionTrail has global trail to log all events but does not export logs to OSS bucket
728:  ✔ should PASS if ActionTrail has global trails to log all events
729:  ✔ should UNKNOWN if unable to query ActionTrail trails
730:  apiGroupTlsVersion
731:  run
732:  ✔ should PASS if API has latest TLS version
733:  ✔ should FAIL if API does not have latest TLS version
734:  ✔ should FAIL if API response does not have HttpsPolicy
735:  ✔ should PASS if no api groups found
736:  ✔ should UNKNOWN if unable to describe API groups
737:  ✔ should not return anything if response not received
738:  apiProtocol
739:  run
740:  ✔ should PASS if API has HTTPS protocol configured
741:  ✔ should FAIL if API does not HTTPS protocol configured
742:  ✔ should FAIL if API response does not have RequestConfig property
743:  ✔ should PASS if no APIs are found
744:  ✔ should UNKNOWN if unable to describe APIs
745:  ✔ should not return anything if response not received
746:  dataDisksEncrypted
747:  run
748:  ✔ should FAIL if disk is not encrypted
749:  ✔ should FAIL if Data disk is not encrypted to target encryption level
750:  ✔ should PASS if data disks are encrypted
751:  ✔ should PASS if no ECS disks found
752:  ✔ should UNKNOWN if unable to query ECS disks
753:  openAllPortsProtocols
754:  run
755:  ✔ should PASS if no public open ports found
756:  ✔ should FAIL if security group has all ports and protocols open to public
757:  ✔ should PASS if no security groups found
758:  ✔ should UNKNWON unable to describe security groups
759:  openCIFS
760:  run
761:  ✔ should PASS if no public open ports found
762:  ✔ should FAIL if security group has CIFS UDP 445 port open to public
763:  ✔ should PASS if no security groups found
764:  ✔ should UNKNWON unable to describe security groups
765:  openCustomPorts
766:  run
767:  ✔ should PASS if no public open ports found
768:  ✔ should FAIL if security group has custom ports open to public
769:  ✔ should PASS if no security groups found
770:  ✔ should UNKNWON unable to describe security groups
771:  openDNS
772:  run
773:  ✔ should PASS if no public open ports found
774:  ✔ should FAIL if security group has RDP TCP 53 port open to public
775:  ✔ should PASS if no security groups found
776:  ✔ should UNKNWON unable to describe security groups
777:  openDocker
778:  run
779:  ✔ should PASS if no public open ports found
780:  ✔ should FAIL if security group has Docker TCP 2375 port open to public
781:  ✔ should PASS if no security groups found
782:  ✔ should UNKNWON unable to describe security groups
783:  openElasticsearch
784:  run
785:  ✔ should PASS if no public open ports found
786:  ✔ should FAIL if security group has Elasticsearch TCP 9200 port open to public
787:  ✔ should PASS if no security groups found
788:  ✔ should UNKNWON unable to describe security groups
789:  openFTP
790:  run
791:  ✔ should PASS if no public open ports found
792:  ✔ should FAIL if security group has FTP TCP 20 port open to public
793:  ✔ should PASS if no security groups found
794:  ✔ should UNKNWON unable to describe security groups
795:  openHadoopNameNode
796:  run
797:  ✔ should PASS if no public open ports found
798:  ✔ should FAIL if security group has HDFSNameNodeMetadataService TCP 8020 port open to public
799:  ✔ should PASS if no security groups found
800:  ✔ should UNKNWON unable to describe security groups
801:  openHadoopNameNodeWebUI
802:  run
803:  ✔ should PASS if no public open ports found
804:  ✔ should FAIL if security group has NameNodeWebUI TCP 50070 port open to public
805:  ✔ should PASS if no security groups found
806:  ✔ should UNKNWON unable to describe security groups
807:  openKibana
808:  run
809:  ✔ should PASS if no public open ports found
810:  ✔ should FAIL if security group has Kibana TCP 5601 port open to public
811:  ✔ should PASS if no security groups found
812:  ✔ should UNKNWON unable to describe security groups
813:  openMySQL
814:  run
815:  ✔ should PASS if no public open ports found
816:  ✔ should FAIL if security group has MySQL TCP 3306 port open to public
817:  ✔ should PASS if no security groups found
818:  ✔ should UNKNWON unable to describe security groups
819:  openNetBIOS
820:  run
821:  ✔ should PASS if no public open ports found
822:  ✔ should FAIL if security group has NetBIOS UDP 137 port open to public
823:  ✔ should PASS if no security groups found
824:  ✔ should UNKNWON unable to describe security groups
825:  openOracle
826:  run
827:  ✔ should PASS if no public open ports found
828:  ✔ should FAIL if security group has Oracle TCP 1521 port open to public
829:  ✔ should PASS if no security groups found
830:  ✔ should UNKNWON unable to describe security groups
831:  openOracleAutoDataWarehouse
832:  run
833:  ✔ should PASS if no public open ports found
834:  ✔ should FAIL if security group has Oracle Auto Data Warehouse TCP 1522 port open to public
835:  ✔ should PASS if no security groups found
836:  ✔ should UNKNWON unable to describe security groups
837:  openPostgreSQL
838:  run
839:  ✔ should PASS if no public open ports found
840:  ✔ should FAIL if security group has PostgreSQL TCP 5432 port open to public
841:  ✔ should PASS if no security groups found
842:  ✔ should UNKNWON unable to describe security groups
843:  openRDP
844:  run
845:  ✔ should PASS if no public open ports found
846:  ✔ should FAIL if security group has RDP TCP 3389 port open to public
847:  ✔ should PASS if no security groups found
848:  ✔ should UNKNWON unable to describe security groups
849:  openSalt
850:  run
851:  ✔ should PASS if no public open ports found
852:  ✔ should FAIL if security group has Salt TCP 4505 port open to public
853:  ✔ should PASS if no security groups found
854:  ✔ should UNKNWON unable to describe security groups
855:  openSMBoTCP
856:  run
857:  ✔ should PASS if no public open ports found
858:  ✔ should FAIL if security group has SMBoTCP TCP 445 port open to public
859:  ✔ should PASS if no security groups found
860:  ✔ should UNKNWON unable to describe security groups
861:  openSMTP
862:  run
863:  ✔ should PASS if no public open ports found
864:  ✔ should FAIL if security group has SMTP TCP 25 port open to public
865:  ✔ should PASS if no security groups found
866:  ✔ should UNKNWON unable to describe security groups
867:  openSQLServer
868:  run
869:  ✔ should PASS if no public open ports found
870:  ✔ should FAIL if security group has SQL Server TCP 1433 port open to public
871:  ✔ should PASS if no security groups found
872:  ✔ should UNKNWON unable to describe security groups
873:  openSSH
874:  run
875:  ✔ should PASS if no public open ports found
876:  ✔ should FAIL if security group has SSH TCP 22 port open to public
877:  ✔ should PASS if no security groups found
878:  ✔ should UNKNWON unable to describe security groups
879:  openTelnet
880:  run
881:  ✔ should PASS if no public open ports found
882:  ✔ should FAIL if security group has Telnet TCP 23 port open to public
883:  ✔ should PASS if no security groups found
884:  ✔ should UNKNWON unable to describe security groups
885:  openVNCClient
886:  run
887:  ✔ should PASS if no public open ports found
888:  ✔ should FAIL if security group has VNC Client TCP 5500 port open to public
889:  ✔ should PASS if no security groups found
890:  ✔ should UNKNWON unable to describe security groups
891:  openVNCServer
892:  run
893:  ✔ should PASS if no public open ports found
894:  ✔ should FAIL if security group has VNC Server TCP 5900 port open to public
895:  ✔ should PASS if no security groups found
896:  ✔ should UNKNWON unable to describe security groups
897:  systemDisksEncrypted
898:  run
899:  ✔ should PASS if System disks are encrypted
900:  ✔ should PASS if System disks are encrypted to target encryption level
901:  ✔ should FAIL if disk is not encrypted
902:  ✔ should FAIL if System disk is not encrypted to target encryption level
903:  ✔ should PASS if no ECS disks found
904:  ✔ should UNKNOWN if unable to query ECS disks
905:  bucketCmkEncrypted
906:  run
907:  ✔ should FAIL if OSS bucket is not encrypted to required encryption level
908:  ✔ should FAIL if OSS bucket is not encrypted
909:  ✔ should PASS if OSS bucket is encrypted to required encryption level
910:  ✔ should PASS if no OSS buckets found
911:  ✔ should UNKNOWN if unable to query for OSS buckets
912:  ✔ should UNKNOWN if unable to query OSS bucket info
913:  bucketCrossRegionReplication
914:  run
915:  ✔ should FAIL if bucket does not have cross region replication enabled
916:  ✔ should FAIL if bucket info does not have cross region replication property
917:  ✔ should PASS if bucket has cross region replication enabled
918:  ✔ should PASS if no OSS buckets found
919:  ✔ should UNKNOWN if unable to query for OSS buckets
920:  ✔ should UNKNOWN if unable to query OSS bucket info
921:  bucketLoggingEnabled
922:  run
923:  ✔ should FAIL if bucket does not have logging enabled
924:  ✔ should PASS if bucket has logging enabled
925:  ✔ should PASS if no OSS buckets found
926:  ✔ should UNKNOWN if unable to query for OSS buckets
927:  ✔ should UNKNOWN if unable to query OSS bucket info
928:  bucketRequestPayment
929:  run
930:  ✔ should FAIL if bucket does not have pay per requester enabled
931:  ✔ should FAIL if payer property is not returned
932:  ✔ should PASS if bucket has pay per requester enabled
933:  ✔ should PASS if no OSS buckets found
934:  ✔ should UNKNOWN if unable to query for OSS buckets
935:  ✔ should UNKNOWN if unable to query OSS bucket info
936:  ossBucketIpRestriction
937:  run
938:  ✔ should PASS if OSS bucket has IP restrictions configured
939:  ✔ should FAIL if OSS bucket does not have IP restrictions configured
940:  ✔ should FAIL if no OSS bucket policy found
941:  ✔ should PASS if no OSS buckets found
942:  ✔ should UNKNOWN if unable to query for OSS buckets
943:  ✔ should UNKNOWN if unable to query OSS bucket policy
944:  bucketLifecycle
945:  run
946:  ✔ should FAIL if bucket does not have lifecycle policies
947:  ✔ should PASS if bucket has lifecycle policies enabled
948:  ✔ should PASS if bucket has lifecycle policies disabled
949:  ✔ should PASS if no OSS buckets found
950:  ✔ should UNKNOWN if unable to query for OSS buckets
951:  ✔ should UNKNOWN if Unable to query OSS bucket lifecycle policy info
952:  ossBucketPrivate
953:  run
954:  ✔ should FAIL if bucket ACL allows public-read-write access
955:  ✔ should PASS if bucket ACL allows private access
956:  ✔ should PASS if no OSS buckets found
957:  ✔ should UNKNOWN if unable to query for OSS buckets
958:  ✔ should UNKNOWN if unable to query OSS bucket info
959:  ossBucketSecureTransport
960:  run
961:  ✔ should PASS if OSS bucket has secure transport enabled
962:  ✔ should FAIL if OSS bucket does not have secure transport enabled
963:  ✔ should FAIL if no OSS bucket policy found
964:  ✔ should PASS if no OSS buckets found
965:  ✔ should UNKNOWN if unable to query for OSS buckets
966:  ✔ should UNKNOWN if unable to query OSS bucket policy
967:  bucketTransferAcceleration
968:  run
969:  ✔ should FAIL if bucket does not have transfer acceleration enabled
970:  ✔ should FAIL if bucket info does not have transfer acceleration property
971:  ✔ should PASS if bucket has transfer acceleration enabled
972:  ✔ should PASS if no OSS buckets found
973:  ✔ should UNKNOWN if unable to query for OSS buckets
974:  ✔ should UNKNOWN if unable to query OSS bucket info
975:  ossBucketVersioning
976:  run
977:  ✔ should FAIL if bucket versioning is not enabled
978:  ✔ should PASS if bucket versioning is enabled
979:  ✔ should PASS if no OSS buckets found
980:  ✔ should UNKNOWN if unable to query for OSS buckets
981:  ✔ should UNKNOWN if unable to query OSS bucket info
982:  accessKeysRotation
983:  run
984:  ✔ should FAIL if RAM user access keys are not rotated every 90 days or less
985:  ✔ should PASS if RAM user access keys are not rotated every 90 days or less
986:  ✔ should PASS if RAM user does not have any access keys
987:  ✔ should PASS if No RAM users found
988:  ✔ should UNKNOWN if unable to query user access keys
989:  ✔ should UNKNOWN if unable to query RAM users
990:  inactiveUserDisabled
991:  run
992:  ✔ should FAIL if RAM user is enabled on being inactive for 90 or more days
993:  ✔ should PASS if RAM user is disabled on being inactive for 90 or more days
994:  ✔ should PASS if RAM user last activity was before 90 days
995:  ✔ should PASS if No RAM users found
996:  ✔ should UNKNOWN if Unable to query login profile
997:  ✔ should UNKNOWN if Unable to query RAM users
998:  passwordBlockLogon
999:  run
1000:  ✔ should FAIL if RAM password security policy does not require logon to be blocked after 5 attempts
1001:  ✔ should PASS if RAM password security policy requires logon to be blocked after 5 attempts
1002:  ✔ should UNKNOWN if unable to query RAM password policy
1003:  passwordExpiry
1004:  run
1005:  ✔ should FAIL if RAM password security policy does not require password to be expired after 90 days
1006:  ✔ should PASS if RAM password security policy requires password to be expired after set days
1007:  ✔ should UNKNOWN if unable to query RAM password policy
1008:  passwordMinLength
1009:  run
1010:  ✔ should FAIL if RAM password security policy does not require minimum length of 14 or greater
1011:  ✔ should PASS if RAM password security policy require minimum length of 14 or greater
1012:  ✔ should UNKNOWN if unable to query RAM password policy
1013:  passwordNoReuse
1014:  run
1015:  ✔ should FAIL if RAM password security policy does not requires to prevent reusing 5 previous passwords
1016:  ✔ should PASS if RAM password security policy requires to prevent reusing 5 previous passwords
1017:  ✔ should UNKNOWN if unable to query RAM password policy
1018:  passwordRequiresLowercase
1019:  run
1020:  ✔ should FAIL if RAM password security policy does not require lowercase characters
1021:  ✔ should PASS if RAM password security policy requires lowercase characters
1022:  ✔ should UNKNOWN if unable to query RAM password policy
1023:  passwordRequiresNumbers
1024:  run
1025:  ✔ should FAIL if RAM password security policy does not require numbers
1026:  ✔ should PASS if RAM password security policy requires numbers
1027:  ✔ should UNKNOWN if unable to query RAM password policy
1028:  passwordRequiresSymbols
1029:  run
1030:  ✔ should FAIL if RAM password security policy does not require symbols
1031:  ✔ should PASS if RAM password security policy requires symbols
1032:  ✔ should UNKNOWN if unable to query RAM password policy
1033:  passwordRequiresUppercase
1034:  run
1035:  ✔ should FAIL if RAM password security policy does not require uppercase characters
1036:  ✔ should PASS if RAM password security policy requires uppercase characters
1037:  ✔ should UNKNOWN if unable to query RAM password policy
1038:  ramAdminPolicy
1039:  run
1040:  ✔ should FAIL if Policy provides admin (*:*) access and attachment count is greater than 0
1041:  ✔ should PASS if Policy provides admin (*:*) access but attachment count is 0
1042:  ✔ should PASS if Policy does not provide admin (*:*) access
1043:  ✔ should PASS if No RAM policies found
1044:  ✔ should UNKNOWN if Unable to query RAM policies
1045:  ✔ should UNKNOWN if Unable to get RAM policy
1046:  ramPolicyAttachments
1047:  run
1048:  ✔ should FAIL if User has policies attached
1049:  ✔ should PASS if no policies are attached to user
1050:  ✔ should PASS if No RAM users found
1051:  ✔ should UNKNOWN if Unable to query RAM users
1052:  usersMfaEnabled
1053:  run
1054:  ✔ should FAIL if RAM user does not have MFA device configured
1055:  ✔ should PASS if RAM user has MFA device configured
1056:  ✔ should PASS if No RAM users found
1057:  ✔ should UNKNOWN if Unable to query RAM users
1058:  rdsAuditingEnabled
1059:  run
1060:  ✔ should FAIL if RDS DB instance does not have sql auditing enabled
1061:  ✔ should PASS if RDS DB instance have sql auditing enabled
1062:  ✔ should PASS if no RDS DB instances found
1063:  ✔ should UNKNOWN if unable to query RDS DB instances
1064:  ✔ should UNKNOWN if unable to query DB sql auditing policy
1065:  rdsLogConnectionEnabled
1066:  run
1067:  ✔ should FAIL if RDS DB instance does not have log_connections parameter enabled
1068:  ✔ should PASS if RDS DB instance has log_connections parameter enabled
1069:  ✔ should PASS if no RDS DB instances found
1070:  ✔ should UNKNOWN if unable to query RDS DB instances
1071:  ✔ should UNKNOWN if unable to query DB parameters
1072:  rdsLogDisconnectionsEnabled
1073:  run
1074:  ✔ should FAIL if RDS DB instance does not have log_disconnections parameter enabled
1075:  ✔ should PASS if RDS DB instance has log_disconnections parameter enabled
1076:  ✔ should PASS if no RDS DB instances found
1077:  ✔ should UNKNOWN if unable to query RDS DB instances
1078:  ✔ should UNKNOWN if unable to query DB parameters
1079:  rdsLogDuration
1080:  run
1081:  ✔ should FAIL if RDS DB instance does not have log_duration parameter enabled
1082:  ✔ should PASS if RDS DB instance has log_duration parameter enabled
1083:  ✔ should PASS if no RDS DB instances found
1084:  ✔ should UNKNOWN if unable to query RDS DB instances
1085:  ✔ should UNKNOWN if unable to query DB parameters
1086:  rdsPublicAccess
1087:  run
1088:  ✔ should FAIL if RDS DB instance is publicly accessible
1089:  ✔ should PASS if RDS DB instance is not publicly accessible
1090:  ✔ should PASS if no RDS DB instances found
1091:  ✔ should UNKNOWN if unable to query RDS DB instances
1092:  ✔ should UNKNOWN if Unable to query DB IP Array List
1093:  rdsSqlAuditRetentionPeriod
1094:  run
1095:  ✔ should FAIL if RDS DB instance does not have sql audit log retention greater than 180 days
1096:  ✔ should FAIL if RDS DB instance does not have sql audit log retention greater than set days limit
1097:  ✔ should PASS if RDS DB instance have sql audit log retention greater than 180 days
1098:  ✔ should PASS if RDS DB instance have sql audit log retention greater than set days limit
1099:  ✔ should PASS if no RDS DB instances found
1100:  ✔ should UNKNOWN if unable to query RDS DB instances
1101:  ✔ should UNKNOWN if unable to query DB sql audit log retention
1102:  rdsSslEncryptionEnabled
1103:  run
1104:  ✔ should FAIL if RDS instance does not have SSL encryption enabled
1105:  ✔ should PASS if RDS instance has SSL encryption enabled
1106:  ✔ should PASS if no RDS DB instances found
1107:  ✔ should UNKNOWN if unable to query RDS DB instances
1108:  ✔ should UNKNOWN if unable to query RDS instance SSL info
1109:  rdsTdeEnabled
1110:  run
1111:  ✔ should FAIL if RDS DB instance does not have TDE enabled
1112:  ✔ should PASS if RDS DB instance have TDE enabled
1113:  ✔ should PASS if RDS DB instance have engine type other MySQL 5.6 and SQL Server Enterprise Edition
1114:  ✔ should PASS if no RDS DB instances found
1115:  ✔ should UNKNOWN if unable to query RDS DB instances
1116:  ✔ should UNKNOWN if unable to query RDS DB instance TDE
1117:  securityAgentInstalled
1118:  run
1119:  ✔ should FAIL if there are unprotected assets
1120:  ✔ should PASS if there are no unprotected assets
1121:  ✔ should UNKNOWN if Unable to query TDS field statistics
1122:  securityCenterEdition
1123:  run
1124:  ✔ should FAIL if Security Center edition is Basic or Anti-virus
1125:  ✔ should PASS if Security Center edition is Advanced or plus
1126:  ✔ should UNKNOWN if Unable to query Security Center version config
1127:  securityNotificationsEnabled
1128:  run
1129:  ✔ should FAIL if security notifications are not enabled
1130:  ✔ should PASS if security notifications are enabled for all alerts
1131:  ✔ should PASS if no TDS notice config found
1132:  ✔ should UNKNOWN if Unable to query TDS notice config
1133:  vulnerabilityScanEnabled
1134:  run
1135:  ✔ should FAIL if Vulnerability scan is not enabled on all servers
1136:  ✔ should PASS if Vulnerability scan is enabled on all servers
1137:  ✔ should PASS if no vulnerabity config found 
1138:  ✔ should UNKNOWN if Unable to query 
1139:  accessAnalyzerActiveFindings
1140:  run
1141:  ✔ should FAIL if Amazon IAM access analyzer has active findings.
1142:  ✔ should PASS if Amazon IAM access analyzer have no active findings.
1143:  ✔ should PASS if no analyzers found
1144:  ✔ should UNKNOWN if Unable to query for IAM access analyzers
1145:  accessAnalyzerEnabled
1146:  run
1147:  ✔ should PASS if Access Analyzer is enabled
1148:  ✔ should FAIL if Access Analyzer is not enabled
1149:  ✔ should FAIL if Access Analyzer not configured
1150:  ✔ should UNKNOWN if unable to list Access analyzer
1151:  ✔ should not return anything if list Access Analyzers response is not found
1152:  acmCertificateExpiry
1153:  run
1154:  ✔ should PASS if certificate expiration date exceeds set PASS number of days in the future
1155:  ✔ should FAIL if certificate expiration date does not exceed set WARN number of days in the future
1156:  ✔ should FAIL if certificate has already expired
...

1160:  ✔ should UNKNOWN if unable to list ACM certificates
1161:  ✔ should UNKNOWN if unable to describe ACM certificate
1162:  acmCertificateHasTags
1163:  run
1164:  ✔ should give unknown result if unable to list acm certificates
1165:  ✔ should give passing result if acm certificates not found.
1166:  ✔ should give unknown result if unable to query resource group tagging api
1167:  ✔ should give passing result if acm certificates have tags
1168:  ✔ should give failing result if eks cluster does not have tags
1169:  acmSingleDomainNameCertificate
1170:  run
1171:  ✔ should PASS if ACM certificate is a single domain name certificate
1172:  ✔ should FAIL if ACM certificate is a wildcard certificate
1173:  ✔ should PASS if No ACM certificates found
1174:  ✔ should UNKNOWN if unable to list ACM certificates
1175:  ✔ should UNKNOWN if unable to describe ACM certificate
1176:  acmValidation
1177:  run
1178:  ✔ should PASS if ACM certificate is using DNS validations
1179:  ✔ should FAIL if ACM certificate has failed validations
1180:  ✔ should WARN if ACM certificate is using EMAIL validation
1181:  ✔ should PASS if No ACM certificates found
1182:  ✔ should UNKNOWN if unable to list ACM certificates
1183:  ✔ should UNKNOWN if unable to describe ACM certificate
1184:  apigatewayAuthorization
1185:  run
1186:  ✔ should return UNKNOWN if unable to query for API Gateway Rest APIs
1187:  ✔ should return PASS if no API Gateway Rest APIs found
1188:  ✔ should return FAIL if no authorizers exist for API Gateway Rest API
1189:  ✔ should return PASS if authorizers exist for API Gateway Rest API
1190:  ✔ should not return anything if get Rest APIs response is not found
1191:  apigatewayCertificateRotation
1192:  run
1193:  ✔ should PASS if API Gateway API stages do not need client certificate rotation
1194:  ✔ should FAIL if API Gateway API stage needs client certificate rotation
1195:  ✔ should FAIL if API Gateway API stage client certificate has already expired
...

1197:  ✔ should PASS if No API Gateway Rest API stages found
1198:  ✔ should PASS if No API Gateway Rest API stage client certificate found
1199:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1200:  ✔ should UNKNOWN if unable to get API Gateway Rest API stages
1201:  ✔ should not return anything if get Rest APIs response is not found
1202:  apigatewayClientCertificate
1203:  run
1204:  ✔ should PASS if API Gateway API use client certificate for all stages
1205:  ✔ should FAIL if API Gateway API does not use client certificate for all stages
1206:  ✔ should PASS if No API Gateway Rest APIs found
1207:  ✔ should PASS if No API Gateway Rest API Stages found
1208:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1209:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
1210:  ✔ should not return anything if get Rest APIs response is not found
1211:  apigatewayCloudwatchLogs
1212:  run
1213:  ✔ should PASS if API Gateway API has CloudWatch Logs enabled for all stages
1214:  ✔ should FAIL if API Gateway API does not have CloudWatch Logs enabled for stages
1215:  ✔ should PASS if No API Gateway Rest APIs found
1216:  ✔ should PASS if No API Gateway Rest API Stages found
1217:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1218:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
1219:  ✔ should not return anything if get Rest APIs response is not found
1220:  apigatewayContentEncoding
1221:  run
1222:  ✔ should PASS if API Gateway API stage has content encoding enabled
1223:  ✔ should FAIL if API Gateway API stage does not have content encoding enabled
1224:  ✔ should PASS if No API Gateway Rest APIs found
1225:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1226:  ✔ should not return anything if get Rest APIs response is not found
1227:  apigatewayTlsDefaultEndpoint
1228:  run
1229:  ✔ should PASS if No API Gateway rest APIs found
1230:  ✔ should PASS if API Gateway is not accessible through default endpoint
1231:  ✔ should FAIL if API Gateway is accessible through default endpoint
1232:  ✔ should UNKNOWN if unable to query for API Gateways
1233:  apigatewayPrivateEndpoints
1234:  run
1235:  ✔ should PASS if API Gateway API is only accessible through private endpoints
1236:  ✔ should FAIL if API Gateway API is accessible through public endpoints
1237:  ✔ should PASS if No API Gateway Rest APIs found
1238:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1239:  ✔ should not return anything if get Rest APIs response is not found
1240:  apigatewayResponseCaching
1241:  run
1242:  ✔ should PASS if Response caching is enabled for API Gateway API stage
1243:  ✔ should FAIL if Response caching is not enabled for API Gateway API stage
1244:  ✔ should PASS if No API Gateway Rest APIs found
1245:  ✔ should PASS if No API Gateway Rest API Stages found
1246:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1247:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
1248:  ✔ should not return anything if get Rest APIs response is not found
1249:  apigatewayTracingEnabled
1250:  run
1251:  ✔ should PASS if API Gateway API has tracing enabled for all stages
1252:  ✔ should FAIL if API Gateway API does not have tracing enabled for stages
1253:  ✔ should PASS if No API Gateway Rest APIs found
1254:  ✔ should PASS if No API Gateway Rest API Stages found
1255:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1256:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
1257:  ✔ should not return anything if get Rest APIs response is not found
1258:  apigatewayWafEnabled
1259:  run
1260:  ✔ should PASS if API Gateway API has WAF enabled for all stages
1261:  ✔ should FAIL if API Gateway API does not have WAF enabled for stages
1262:  ✔ should PASS if No API Gateway Rest APIs found
1263:  ✔ should PASS if No API Gateway Rest API Stages found
1264:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1265:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
1266:  ✔ should not return anything if get Rest APIs response is not found
1267:  apiStageLevelCacheEncryption
1268:  run
1269:  ✔ should PASS if API Gateway stage encrypts cache data
1270:  ✔ should FAIL if API Gateway stage does not encrypt cache data
...

1272:  ✔ should PASS if No API Gateway Rest APIs found
1273:  ✔ should PASS if No API Gateway Rest API Stages found
1274:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1275:  ✔ should UNKNOWN if unable to get API Gateway Stages
1276:  apigatewayCustomDomainDeprecatedProtocol
1277:  run
1278:  ✔ should PASS if No API Gateway Custom Domains found
1279:  ✔ should PASS if API Gateway Custom Domain is using current minimum TLS version
1280:  ✔ should FAIL if API Gateway Custom Domain is using deprecated TLS version
1281:  ✔ should UNKNOWN if unable to query for API Gateways
1282:  detailedCloudWatchMetrics
1283:  run
1284:  ✔ should PASS if API Gateway API has detailed CloudWatch metrics enabled for all stages
1285:  ✔ should FAIL if API Gateway API does not have detailed CloudWatch metrics enabled for stages
1286:  ✔ should PASS if No API Gateway Rest APIs found
1287:  ✔ should PASS if No API Gateway Rest API Stages found
1288:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
1289:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
1290:  ✔ should not return anything if get Rest APIs response is not found
1291:  flowEncrypted
1292:  run
1293:  ✔ should PASS if AppFlow flow is encrypted with desired encryption level
1294:  ✔ should FAIL if AppFlow flow is not encrypted with desired encryption level
1295:  ✔ should PASS if no AppFlow flows found
1296:  ✔ should UNKNOWN if unable to list AppFlow flows
1297:  ✔ should UNKNOWN if unable to list KMS keys
1298:  appmeshTLSRequired
1299:  run
1300:  ✔ should PASS if App Mesh virtual gateway listeners restrict TLS enabled connections
1301:  ✔ should FAIL if App Mesh vitual gateway listeners does not restrict TLS enabled connections
1302:  ✔ should PASS if no App Mesh meshes found
1303:  ✔ should UNKNOWN if Unable to list App Mesh meshes
1304:  ✔ should UNKNOWN if unable to list App Mesh virtual gateways
1305:  ✔ should not return anything if list App Mesh meshes response not found
1306:  appmeshVGAccessLogging
1307:  run
1308:  ✔ should PASS if access logging is enabled and configured for Amazon App Mesh virtual gateways
1309:  ✔ should FAIL if access logging is not enabled for Amazon App Mesh virtual gateways
1310:  ✔ should PASS if No App Meshes found
1311:  ✔ should UNKNOWN if unable to query for App Mesh meshes
1312:  ✔ should UNKNOWN if unable to query for App Mesh virtual gateways
1313:  ✔ should not return anything if list App Meshes response not found
1314:  appmeshVGHealthChecks
1315:  run
1316:  ✔ should PASS if health check policies are configured for Amazon App Mesh virtual gateways
1317:  ✔ should FAIL if health check policies are not configured for Amazon App Mesh virtual gateways
1318:  ✔ should PASS if No App Meshes found
1319:  ✔ should UNKNOWN if unable to query for App Mesh meshes
1320:  ✔ should UNKNOWN if unable to query for App Mesh virtual gateways
1321:  ✔ should not return anything if list App Meshes response not found
1322:  restrictExternalTraffic
1323:  run
1324:  ✔ should PASS if App Mesh mesh does not allow access to external services
1325:  ✔ should FAIL if App Mesh mesh allows access to external services
1326:  ✔ should PASS if no App Meshes found
1327:  ✔ should UNKNOWN if Unable to query for App Mesh meshes
1328:  ✔ should UNKNOWN if Unable to describe App Mesh mesh
1329:  serviceEncrypted
1330:  run
1331:  ✔ should PASS if App Runner service is encrypted with desired encryption level
1332:  ✔ should FAIL if App Runner service not encrypted with desired encryption level
1333:  ✔ should PASS if no App Runner service found
1334:  ✔ should UNKNOWN if unable to list Services
1335:  ✔ should UNKNOWN if unable to list KMS keys
1336:  workgroupEncrypted
1337:  run
1338:  ✔ should PASS if Athena workgroup is using encryption
1339:  ✔ should PASS if Athena primary workgroup does not have encryption enabled but is not in use.
1340:  ✔ should FAIL if Athena workgroup is not using encryption
1341:  ✔ should PASS if no Athena workgroups found
1342:  ✔ should UNKNOWN if unable to list Athena workgroups
1343:  ✔ should UNKNOWN if unable to describe Athena workgroup
1344:  ✔ should not return any results if list workgroups response not found
1345:  workgroupEnforceConfiguration
1346:  run
1347:  ✔ should PASS if Athena workgroup is enforcing configuration options
1348:  ✔ should PASS if Athena primary workgroup is not enforcing configuration options but is not in use
1349:  ✔ should FAIL if Athena workgroup is not enforcing configuration options
1350:  ✔ should PASS if no Athena workgroups found
1351:  ✔ should UNKNOWN if unable to list Athena workgroups
1352:  ✔ should UNKNOWN if unable to describe Athena workgroup
1353:  ✔ should not return any results if list workgroups response not found
1354:  auditmanagerDataEncrypted
1355:  run
1356:  ✔ should PASS if Audit Manager data is encrypted with desired encryption level
1357:  ✔ should FAIL if Audit Manager data is not encrypted with desired encryption level
1358:  ✔ should PASS if Audit Manager is not setup for the region
1359:  ✔ should UNKNOWN if unable to get Audit Manager settings
1360:  ✔ should UNKNOWN if unable to list KMS keys
1361:  appTierAsgApprovedAmi
1362:  run
1363:  ✔ should PASS if Launch Configuration for App-Tier Auto Scaling group is using approved AMIs
1364:  ✔ should FAIL if Launch Configuration for App-Tier Auto Scaling group is not using active AMIs
1365:  ✔ should FAIL if Launch Configuration for App-Tier Auto Scaling group is not using any AMI
...

1367:  ✔ should PASS if no App-Tier Auto Scaling groups found
1368:  ✔ should PASS if no Auto Scaling groups found
1369:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1370:  ✔ should not return anything if describe Auto Scaling groups response not found
1371:  ✔ should not return anything if App-Tier tag key is not provided in settings
1372:  appTierAsgCloudWatchLogs
1373:  run
1374:  ✔ should PASS if App-Tier Auto Scaling launch configuration is using CloudWatch Logs agent
1375:  ✔ should FAIL if App-Tier Auto Scaling launch configuration is not using CloudWatch Logs agent
1376:  ✔ should UNKNOWN if unable to describe launch configuration for App-Tier Auto Scaling group
1377:  ✔ should PASS if no App-Tier Auto Scaling groups found
1378:  ✔ should PASS if no Auto Scaling groups found
1379:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1380:  ✔ should not return anything if no Auto Scaling groups found
1381:  appTierIamRole
1382:  run
1383:  ✔ should PASS if launch configuration for App-Tier group has customer IAM role configured
1384:  ✔ should FAIL if launch configuration for App-Tier group does not have customer IAM role configured
...

1387:  ✔ should PASS if no App-Tier Auto Scaling groups found
1388:  ✔ should PASS if no Auto Scaling launch configurations found
1389:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1390:  ✔ should UNKNOWN if unable to describe Auto Scaling launch configurations
1391:  ✔ should not return anything if no response for describe Auto Scaling groups
1392:  asgActiveNotifications
1393:  run
1394:  ✔ should PASS if notification are active for auto scaling group
1395:  ✔ should FAIL if notification are not active for auto scaling group
1396:  ✔ should UNKNOWN if unable to describe auto scaling group found
1397:  ✔ should not return anything if no auto scaling group found
1398:  ✔ should FAIL if No auto scaling group notification configurations found
1399:  asgCooldownPeriod
1400:  run
1401:  ✔ should PASS if Amazon Auto Scaling Groups are utilizing cool down period
1402:  ✔ should FAIL if the cool down period setting is not properly configured for the selected Amazon ASG
1403:  ✔ should PASS if no AutoScaling groups found
1404:  ✔ should UNKNOWN if an error occurs while describing AutoScaling groups
1405:  ✔ should not return anything if unable to query for AutoScaling groups
1406:  asgMissingELB
1407:  run
1408:  ✔ should PASS if AutoScaling group utilizes active load balancer
1409:  ✔ should FAIL if AutoScaling group utilizes inactive load balancer
1410:  ✔ should FAIL if AutoScaling group does not have any ELB associated
1411:  ✔ should PASS if AutoScaling group does not utilize a load balancer
1412:  ✔ should UNKNOWN if unable to describe AutoScaling group found
1413:  ✔ should not return anything if no AutoScaling group found
1414:  asgMissingSecurityGroups
1415:  run
1416:  ✔ should PASS if Auto Scaling launch configuration does not reference any missing EC2 security group
1417:  ✔ should FAIL if Auto Scaling launch configuration references missing EC2 security group(s)
1418:  ✔ should PASS if no Auto Scaling launch configurations found
1419:  ✔ should PASS if Auto Scaling launch configuration does not have any security groups associated
1420:  ✔ should FAIL if no EC2 security groups found
1421:  ✔ should UNKNOWN if unable to describe Auto Scaling launch configurations
1422:  ✔ should not return anything if describe Auto Scaling launch configurations response not found
1423:  asgMultiAz
1424:  run
1425:  ✔ should PASS if Auto Scaling group utilizes multiple availability zones
1426:  ✔ should FAIL if Auto Scaling group utilizes one availability zone
1427:  ✔ should PASS if no Auto Scaling groups found 
1428:  ✔ should UNKNOWN if error describing Auto Scaling groups
1429:  ✔ should not return anything if unable to describe Auto Scaling groups
1430:  asgSuspendedProcesses
1431:  run
1432:  ✔ should PASS if AutoScaling group does not have any suspended process
1433:  ✔ should FAIL if AutoScaling group has suspended processes
1434:  ✔ should PASS if no AutoScaling groups found 
1435:  ✔ should UNKNOWN if an error occurs while describing AutoScaling groups
1436:  ✔ should not return anything if unable to query for AutoScaling groups
1437:  asgUnusedLaunchConfiguration
1438:  run
1439:  ✔ should PASS if Auto Scaling launch configuration is being used
1440:  ✔ should FAIL if Auto Scaling launch configuration is not being used
1441:  ✔ should PASS if no Auto Scaling launch configurations found
1442:  ✔ should UNKNOWN if Unable to query for Auto Scaling launch configurations
1443:  elbHealthCheckActive
1444:  run
1445:  ✔ should PASS if Auto Scaling group does not use ELBs
1446:  ✔ should PASS if Auto Scaling group has ELB health check active
1447:  ✔ should PASS if Auto Scaling group does not use ELBs
1448:  ✔ should FAIL if Auto Scaling group does not have ELB health check active
1449:  ✔ should PASS if no Auto Scaling groups found
1450:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1451:  ✔ should not return anything if no response found for describe Auto Scaling groups
1452:  emptyASG
1453:  run
1454:  ✔ should PASS if autoscaling group contains instance(s)
1455:  ✔ should FAIL if autoscaling group does not contain instance(s)
1456:  ✔ should PASS if no autoscaling group data found 
1457:  ✔ should UNKNOWN if unable to describe autoscaling group found
1458:  ✔ should not return anything if no autoscaling group found
1459:  sameAzElb
1460:  run
1461:  ✔ should PASS if load balancer is in the same Availability Zone as of AutoScaling group
1462:  ✔ should PASS if AutoScaling does not utilizes load balancer as HealthCheckType
1463:  ✔ should FAIL if load balancer is not in the same Availability Zone as of AutoScaling group
1464:  ✔ should FAIL if autoscaling group utilizes an inactive load balancer
1465:  ✔ should UNKOWN if unable to query for load balancers
1466:  ✔ should UNKNOWN if unable to describe autoscaling groups
1467:  ✔ should not return anything if no autoscaling group found
1468:  webTierAsgApprovedAmi
1469:  run
1470:  ✔ should PASS if Launch Configuration for Web-Tier Auto Scaling group is using approved AMIs
1471:  ✔ should FAIL if Launch Configuration for Web-Tier Auto Scaling group is not using active AMIs
1472:  ✔ should FAIL if Launch Configuration for Web-Tier Auto Scaling group is not using any AMI
...

1474:  ✔ should PASS if no Web-Tier Auto Scaling groups found
1475:  ✔ should PASS if no Auto Scaling groups found
1476:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1477:  ✔ should not return anything if describe Auto Scaling groups response not found
1478:  ✔ should not return anything if Web-Tier tag key is provided in settings
1479:  webTierAssociatedElb
1480:  run
1481:  ✔ should PASS if Web-Tier Auto Scaling group has ELB associated
1482:  ✔ should FAIL if Web-Tier Auto Scaling group does not have ELB associated
1483:  ✔ should PASS if no Auto Scaling groups found
1484:  ✔ should PASS if no Web-Tier Auto Scaling groups found
1485:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1486:  ✔ should not return anything if describe Auto Scaling groups response not found
1487:  webTierAsgCloudWatchLogs
1488:  run
1489:  ✔ should PASS if Web-Tier Auto Scaling launch configuration has CloudWatch logs enabled
1490:  ✔ should FAIL if Web-Tier Auto Scaling launch configuration does not have CloudWatch logs enabled
1491:  ✔ should UNKNOWN if unable to describe launch configuration for Web-Tier Auto Scaling group
1492:  ✔ should PASS if no Web-Tier Auto Scaling groups found
1493:  ✔ should PASS if no Auto Scaling groups found
1494:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1495:  ✔ should not return anything if no Auto Scaling groups found
1496:  webTierIamRole
1497:  run
1498:  ✔ should PASS if launch configuration for Web-Tier group has customer IAM role configured
1499:  ✔ should FAIL if launch configuration for Web-Tier group does not have customer IAM role configured
...

1502:  ✔ should PASS if no Web-Tier Auto Scaling groups found
1503:  ✔ should PASS if no Auto Scaling launch configurations found
1504:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
1505:  ✔ should UNKNOWN if unable to describe Auto Scaling launch configurations
1506:  ✔ should not return anything if no response for describe Auto Scaling groups
1507:  backupDeletionProtection
1508:  run
1509:  ✔ should PASS if Backup vault has deletion protection enabled
1510:  ✔ should FAIL if Backup vault does not have deletion protection enabled
1511:  ✔ should FAIL if no access policy found for Backup vault
1512:  ✔ should PASS if no Backup vault list found
1513:  ✔ should UNKNOWN if Unable to query for Backup vault list
1514:  ✔ should UNKNOWN if Unable to get Backup vault policy
1515:  backupInUseForRDSSnapshots
1516:  run
1517:  ✔ should PASS if Backup service is in use for RDS snapshots
1518:  ✔ should FAIL if Backup service is not in use for RDS snapshots
1519:  ✔ should PASS if no RDS snapshots found
1520:  ✔ should UNKNOWN if Unable to query for RDS snapshots
1521:  backupNotificationEnabled
1522:  run
1523:  ✔ should PASS if Backup vault is configured to send alert notifications for failed Backup job events
1524:  ✔ should FAIL if Backup vault is not configured to send alert notifications for failed Backup job events
1525:  ✔ should FAIL if Backup vault does not have any notifications configured
1526:  ✔ should PASS if no Backup vault list found
1527:  ✔ should UNKNOWN if Unable to query for Backup vault list
1528:  ✔ should UNKNOWN if Unable to get event notifications for selected Amazon Backup vault
1529:  backupResourceProtection
1530:  run
1531:  ✔ should PASS if All desired resource types are protected by Backup service
1532:  ✔ should FAIL if These desired resource types are not protected by Backup service
1533:  ✔ should UNKNOWN Unable to query for Backup resource type opt in preference
1534:  backupVaultEncrypted
1535:  run
1536:  ✔ should PASS if Backup Vault is encrypted with desired encryption level
1537:  ✔ should FAIL if Backup Vault is not encrypted with desired encyption level
1538:  ✔ should PASS if no Backup vault  found
1539:  ✔ should UNKNOWN if unable to list Backup vault
1540:  ✔ should UNKNOWN if unable to list KMS keys
1541:  backupVaultHasTags
1542:  run
1543:  ✔ should PASS if Backup vault have tags
1544:  ✔ should FAIL if Backup vault does not have tags
1545:  ✔ should PASS if no Backup vault list found
1546:  ✔ should UNKNOWN if Unable to query for Backup vault list
1547:  ✔ should give unknown result if unable to query resource group tagging api
1548:  backupVaultPolicies
1549:  run
1550:  ✔ should PASS if Backup vault does not allow  global access to the action
1551:  ✔ should FAIL if Backup vault allow global access to the action
1552:  ✔ should PASS if no Backup vault list found
1553:  ✔ should UNKNOWN if Unable to query for Backup vault list
1554:  ✔ should UNKNOWN if Unable to get Backup vault policy
1555:  compliantLifecycleConfigured
1556:  run
1557:  ✔ should PASS if Backup plan has lifecycle configuration enabled
1558:  ✔ should FAIL if Backup plan does not have lifecycle configuration enabled
1559:  ✔ should PASS if no Backup plans found
1560:  ✔ should UNKNOWN if Unable to list Backup plans
1561:  customModelEncryptionEnabled
1562:  run
1563:  ✔ should PASS if Bedrock Custom Model is Encrypted using CMK
1564:  ✔ should FAIL if Bedrock Custom Model is encrypted with AWS owned key
1565:  ✔ should PASS if the desired encryption level for bedrock custom model is awskms
1566:  ✔ should PASS if no Bedrock custom model found
1567:  ✔ should UNKNOWN if unable to list Bedrock custom model
1568:  customModelHasTags
1569:  run
1570:  ✔ should PASS if Bedrock custom model has tags
1571:  ✔ should FAIL if Bedrock custom model doesnot have tags
1572:  ✔ should PASS if no Bedrock custom model found
1573:  ✔ should UNKNOWN if unable to query Bedrock custom model
1574:  ✔ should give unknown result if unable to query resource group tagging api
1575:  customModelInVpc
1576:  run
1577:  ✔ should PASS if Bedrock Custom Model has Vpc configured
1578:  ✔ should FAIL if Bedrock Custom Model have not Vpc configured
1579:  ✔ should PASS if no Bedrock custom model found
1580:  ✔ should UNKNOWN if unable to list Bedrock custom model
1581:  modelInvocationLoggingEnabled
1582:  run
1583:  ✔ should PASS if model invocation logging is enabled for bedrock models
1584:  ✔ should FAIL if model invocation logging is disabled for bedrock models
1585:  ✔ should UNKNOWN if unable to query for model invocation logging
1586:  privateCustomModel
1587:  run
1588:  ✔ should PASS if Bedrock Custom Model is a private model
1589:  ✔ should FAIL if Bedrock Custom Model have not Vpc configured
1590:  ✔ should FAIL if Bedrock Custom Model is not a private model
1591:  ✔ should PASS if no Bedrock custom model found
1592:  ✔ should UNKNOWN if unable to list Bedrock custom model
1593:  cloudformationAdminPriviliges
1594:  run
1595:  ✔ should PASS if CloudFormation stack does not have admin privileges
1596:  ✔ should FAIL if CloudFormation stack has admin privileges
...

1600:  ✔ should UNKNOWN if unable to list role policies
1601:  ✔ should not return anything if list CloudFormation stacks response not found
1602:  CloudFormation Deletion Policy in Use
1603:  run
1604:  ✔ should return unknown result if unable to list the CloudFormation stacks
1605:  ✔ should return passing result if unable to list CloudFormation stacks information
1606:  ✔ should return unknown result if no CloudFormation stacks found in region
1607:  ✔ should return passing result if deletion policy is used for CloudFormation stack
1608:  ✔ should return failing result if deletion policy is not used for CloudFormation stack
1609:  cloudformationInUse
1610:  run
1611:  ✔ should PASS if Amazon CloudFormation service is currently in use
1612:  ✔ should FAIL if Amazon CloudFormation service is not currently in use
1613:  ✔ should UNKNOWN if Unable to query CloudFormation stacks
1614:  driftDetection
1615:  run
1616:  ✔ should PASS if CloudFormation stack is not in drifted state
1617:  ✔ should FAIL if CloudFormation stack is in drifted state
1618:  ✔ should PASS if no CloudFormation stacks found
1619:  ✔ should UNKNOWN if unable to list stacks
1620:  ✔ should not return any results if list stacks response not found
1621:  plaintextParameters
1622:  run
1623:  ✔ should PASS if template does not contain any potentially-sensitive parameters
1624:  ✔ should PASS if template contains any potentially-sensitive parameters but with NoEcho enabled
1625:  ✔ should FAIL if template contains any potentially-sensitive parameters
1626:  ✔ should PASS if no CloudFormation stacks found
1627:  ✔ should UNKNOWN if unable to list stacks
1628:  ✔ should UNKNOWN if unable to describe stacks
1629:  ✔ should UNKNOWN if no CloudFormation stack details found
1630:  ✔ should not return any results if list stacks response is not found
1631:  stackFailedStatus
1632:  run
1633:  ✔ should PASS if CloudFormation stack is not in failed state
1634:  ✔ should PASS if CloudFormation stack is in failed state for less than the failed hours limit
1635:  ✔ should FAIL if CloudFormation stack is in failed state for more than the failed hours limit
1636:  ✔ should PASS if no CloudFormation stacks found
1637:  ✔ should UNKNOWN if unable to describe stacks
1638:  ✔ should not return any results if describe stacks response is not found
1639:  stackNotifications
1640:  run
1641:  ✔ should PASS if CloudFormation stack has SNS topic associated
1642:  ✔ should FAIL if CloudFormation stack does not have SNS topic associated
1643:  ✔ should PASS if no CloudFormation stacks found
1644:  ✔ should UNKNOWN if No stack details found
1645:  ✔ should UNKNOWN if unable to list stacks
1646:  ✔ should UNKNOWN if unable to describe stacks
1647:  ✔ should not return any results if list stacks response is not found
1648:  stackTerminationProtection
1649:  run
1650:  ✔ should PASS if CloudFormation stack has SNS topic associated
1651:  ✔ should FAIL if CloudFormation stack does not have SNS topic associated
...

1653:  ✔ should UNKNOWN if No stack details found
1654:  ✔ should UNKNOWN if unable to list stacks
1655:  ✔ should UNKNOWN if unable to describe stacks
1656:  ✔ should not return any results if list stacks response is not found
1657:  cloudfrontCustomOriginHttpsOnly
1658:  run
1659:  ✔ should PASS if CloudFront distributions is using https only
1660:  ✔ should PASS if CloudFront distributions has no origins
1661:  ✔ should FAIL if CloudFront Distribution is not https only
1662:  ✔ should PASS if no CloudFront distributions found
1663:  ✔ should UNKNOWN if unable to list distributions
1664:  cloudfrontFieldLevelEncryption
1665:  run
1666:  ✔ should PASS if distribution has field level encryption enabled
1667:  ✔ should FAIL if distribution does not have field level encryption enabled
1668:  ✔ should PASS if no CloudFront distributions found
1669:  ✔ should UNKNOWN if unable to list distributions
1670:  ✔ should not return any results if list distributions response not found
1671:  cloudfrontGeoRestriction
1672:  run
1673:  ✔ should PASS if CloudFront distribution is whitelisting required geographic locations
1674:  ✔ should PASS if Geo restriction feature is enabled within CloudFront distribution
1675:  ✔ should FAIL if geo restriction is not enabled within CloudFront distribution
1676:  ✔ should FAIL if CloudFront distribution does not have required locations whitelisted
1677:  ✔ should PASS if no CloudFront distributions found
1678:  ✔ should UNKNOWN if unable to query for CloudFront distributions
1679:  ✔ should not return any results if list distributions response not found
1680:  cloudfrontHttpsOnly
1681:  run
1682:  ✔ should PASS if CloudFront distribution is set to use HTTPS only
1683:  ✔ should PASS if CloudFront distribution is configured to redirect non-HTTPS traffic to HTTPS
1684:  ✔ should FAIL if CloudFront distribution is not configured to use HTTPS
1685:  ✔ should PASS if no CloudFront distributions found
1686:  ✔ should UNKNOWN if unable to list distributions
1687:  ✔ should not return any results if list distributions response not found
1688:  cloudfrontInUse
1689:  run
1690:  ✔ should PASS if AWS CloudFront service is in use
1691:  ✔ should FAIL if CloudFront service is not in use
1692:  ✔ should UNKNOWN if unable to list distributions
1693:  ✔ should not return any results if list distributions response not found
1694:  cloudfrontLoggingEnabled
1695:  run
1696:  ✔ should PASS if Request logging is enabled
1697:  ✔ should FAIL if Request logging is not enabled
1698:  ✔ should PASS if no CloudFront distributions found
1699:  ✔ should UNKNOWN if unable to list distributions
1700:  ✔ should UNKNOWN if unable to get distributions
1701:  ✔ should not return any results if list distributions response not found
1702:  cloudfrontOriginTLSVersion
1703:  run
1704:  ✔ should PASS if CloudFront distributions custom origin TLS version is not deprecated
1705:  ✔ should PASS if CloudFront distributions has no origins
1706:  ✔ should FAIL if CloudFront Distribution custom origin TLS version is deprecated
1707:  ✔ should PASS if no CloudFront distributions found
1708:  ✔ should UNKNOWN if unable to list distributions
1709:  cloudfrontTLSVersion
1710:  run
1711:  ✔ should PASS if CloudFront distributions TLS version is not deprecated
1712:  ✔ should FAIL if CloudFront DistributionTLS version is deprecated
1713:  ✔ should PASS if no CloudFront distributions found
1714:  ✔ should UNKNOWN if unable to list distributions
1715:  cloudfrontTLSWeakCipher
1716:  run
1717:  ✔ should PASS if CloudFront distributions TLS version is not weak cipher suite
1718:  ✔ should FAIL if CloudFront Distribution TLS version is weak cipher suite
1719:  ✔ should PASS if no CloudFront distributions found
1720:  ✔ should UNKNOWN if unable to list distributions
1721:  cloudfrontWafEnabled
1722:  run
1723:  ✔ should PASS if CloudFront distributions has WAF enabled
1724:  ✔ should FAIL if CloudFront Distribution does not have WAF enabled
1725:  ✔ should PASS if no CloudFront distributions found
1726:  ✔ should UNKNOWN if unable to list distributions
1727:  ✔ should not return any results if list distributions response not found
1728:  compressObjectsAutomatically
1729:  run
1730:  ✔ should PASS if CloudFront web distribution is currently configured to compress files (objects) automatically
1731:  ✔ should FAIL if CloudFront web distribution is currently configured to compress files (objects) automatically.
1732:  ✔ should PASS if no CloudFront distributions found
1733:  ✔ should UNKNOWN if unable to list distributions
1734:  ✔ should not return any results if list distributions response not found
1735:  enableOriginFailOver
1736:  run
1737:  ✔ should PASS if CloudFront distribution have origin failover enabled.
1738:  ✔ should FAIL if CloudFront distribution does not have origin failover enabled.
1739:  ✔ should PASS if no CloudFront distributions found
1740:  ✔ should UNKNOWN if query for CloudFront distributions
1741:  ✔ should not return any results if list distributions response not found
1742:  insecureProtocols
1743:  run
1744:  ✔ should PASS if Distribution is not configured for SSL delivery
1745:  ✔ should PASS if Distribution is using secure default certificate
1746:  ✔ should FAIL if Distribution is using the insecure default CloudFront TLS certificate
1747:  ✔ should FAIL if Distribution is using insecure SSLv3
1748:  ✔ should FAIL if Distribution is using insecure TLSv1.0
1749:  ✔ should FAIL if Distribution is using insecure TLSv1_2016
1750:  ✔ should PASS if Distribution is using secure TLSv1.1_2016
1751:  ✔ should PASS if Distribution is using secure TLSv1.2_2018
1752:  ✔ should PASS if no CloudFront distributions found
1753:  ✔ should UNKNOWN if unable to list distributions
1754:  ✔ should not return any results if list distributions response not found
1755:  publicS3Origin
1756:  run
1757:  ✔ should PASS if CloudFront distribution origin is not setup without an origin access identity
1758:  ✔ should FAIL if CloudFront CloudFront distribution is using an S3 origin without an origin access identity
1759:  ✔ should PASS if no CloudFront distributions found
1760:  ✔ should UNKNOWN if unable to list distributions
1761:  ✔ should not return any results if list distributions response not found
1762:  secureOrigin
1763:  run
1764:  ✔ should PASS if CloudFront origin is using https-only
1765:  ✔ should WARN if CloudFront origin is using match-viewer
1766:  ✔ should FAIL if CloudFront origin is using http-only
1767:  ✔ should FAIL if CloudFront origin is using SSLv3 and TLSv1 protocols
1768:  ✔ should FAIL if CloudFront origin is using SSLv3 protocols
1769:  ✔ should WARN if CloudFront origin is using TLSv1 protocol
1770:  ✔ should PASS if no CloudFront distributions found
1771:  ✔ should UNKNOWN if unable to list distributions
1772:  ✔ should not return any results if list distributions response not found
1773:  cloudtrailBucketAccessLogging
1774:  run
1775:  ✔ should PASS if bucket has S3 access logs enabled
1776:  ✔ should WARN if bucket has S3 access logs disabled
1777:  ✔ should FAIL if Unable to locate S3 bucket, it may have been deleted
1778:  ✔ should PASS if no S3 bucket to check
1779:  ✔ should UNKNOWN if unable to query for trails
1780:  ✔ should UNKNOWN if unable to query for bucket policy
1781:  ✔ should PASS if bucket gets whitelisted
1782:  cloudtrailBucketDelete
1783:  run
1784:  ✔ should PASS if bucket has MFA delete enabled
1785:  ✔ should WARN if bucket has MFA delete enabled
1786:  ✔ should FAIL if Unable to locate S3 bucket, it may have been deleted
1787:  ✔ should PASS if no S3 bucket to check
1788:  ✔ should UNKNOWN if unable to query for trails
1789:  ✔ should UNKNOWN if unable to query for bucket policy
1790:  ✔ should PASS if bucket gets whitelisted
1791:  cloudtrailBucketPrivate
1792:  run
1793:  ✔ should PASS if bucket does not allow global access
1794:  ✔ should FAIL if bucket allows global access
1795:  ✔ should FAIL if Unable to locate S3 bucket, it may have been deleted
1796:  ✔ should PASS if no S3 bucket to check
1797:  ✔ should UNKNOWN if unable to query for trails
1798:  ✔ should UNKNOWN if unable to query for bucket policy
1799:  ✔ should PASS if bucket gets whitelisted
1800:  cloudtrailDataEvents
1801:  run
1802:  ✔ should PASS if CloudTrail trail has data events configured
1803:  ✔ should FAIL if CloudTrail trail does not have data events configured
1804:  ✔ should PASS if no CloudTrail trails found
1805:  ✔ should UNKNOWN if unable to query trails
1806:  ✔ should not return any results describe trail response not found
1807:  cloudtrailDeliveryFailing
1808:  run
1809:  ✔ should PASS if logs for CloudTrail trail are being delivered
1810:  ✔ should PASS if CloudTrail trail is set to pass without checking logs delivery status
1811:  ✔ should FAIL if logs for CloudTrail trail are not being delivered
1812:  ✔ should FAIL if CloudTrail is not enabled
1813:  ✔ should UNKNOWN if unable to describe CloudTrail trails
1814:  ✔ should UNKNOWN if unable to get CloudTrail trail status
1815:  ✔ should not return anything if describe CloudTrail trails response not found
1816:  cloudtrailEnabled
1817:  run
1818:  ✔ should PASS if CloudTrail is enabled and monitoring regional and global services
1819:  ✔ should PASS if CloudTrail is configured and enabled to monitor global services
1820:  ✔ should PASS if CloudTrail is enabled and monitoring regional services
1821:  ✔ should FAIL if CloudTrail is configured for regional monitoring but is not logging API calls
1822:  ✔ should FAIL if CloudTrail is configured for regional monitoring but is not logging API calls
1823:  ✔ should FAIL if CloudTrail is not enabled
1824:  ✔ should FAIL if CloudTrail is not configured to monitor global services
1825:  ✔ should UNKNOWN if unable to query for trails
1826:  cloudtrailEncryption
1827:  run
1828:  ✔ should PASS if CloudTrail encryption is enabled
1829:  ✔ should FAIL if CloudTrail encryption is not enabled
1830:  ✔ should FAIL if no CloudTrail is not enabled
1831:  ✔ should UNKNOWN if unable to query for trails
1832:  ✔ should not return any results if describe CloudTrail response not found
1833:  cloudtrailFileValidation
1834:  run
1835:  ✔ should PASS if CloudTrail log file validation is enabled
1836:  ✔ should FAIL if CloudTrail log file validation is not enabled
1837:  ✔ should FAIL if no CloudTrail is not enabled
1838:  ✔ should UNKNOWN if unable to query for trails
1839:  ✔ should not return any results if describe CloudTrail response not found
1840:  cloudtrailHasTags
1841:  run
1842:  ✔ should UNKNOWN if unable to query for trails
1843:  ✔ should Passing result if cloud trail is not enabled
1844:  ✔ should Unknown result if unable to query listTags
1845:  ✔ should Failing result if trails have no tags
1846:  ✔ should Passing result if trails have tags
1847:  cloudtrailManagementEvents
1848:  run
1849:  ✔ should PASS if CloudTrail trail is configured to log management events
1850:  ✔ should FAIL if CloudTrail trail is not configured to log management events
1851:  ✔ should FAIL if CloudTrail is not enabled
1852:  ✔ should UNKNOWN if unable to query for trails
1853:  ✔ should UNKNOWN if unable to query for event selectors
1854:  ✔ should not return any results describe trails response not found
1855:  cloudtrailNotificationsEnabled
1856:  run
1857:  ✔ should PASS if CloudTrail trail is using active SNS topic
1858:  ✔ should FAIL if CloudTrail trail has no SNS topic attached
1859:  ✔ should PASS if no trail found
1860:  ✔ should UNKNOWN if unable to query for CloudTrail trails
1861:  ✔ should UNKNOWN if unable to list SNS topics
1862:  ✔ should UNKNOWN if unable to query for SNS topic attributes
1863:  cloudtrailObjectLock
1864:  run
1865:  ✔ should PASS if object lock is enabled for s3 bucket
1866:  ✔ should FAIL if object lock configuration does not exist for s3 bucket
1867:  ✔ should FAIL if CloudTrail is not enabled
1868:  ✔ s...

    @sonarqubecloud SonarQubeCloud
    Copy link

    sonarqubecloud bot commented Dec 9, 2024

    Quality Gate Passed Quality Gate passed

    Issues
    0 New issues
    0 Accepted issues

    Measures
    0 Security Hotspots
    0.0% Coverage on New Code
    0.0% Duplication on New Code

    See analysis details on SonarQube Cloud

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers

    @sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

    Assignees
    No one assigned
    Labels
    None yet
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.
    2 participants
    @gitworkflows @snyk-bot