Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade async from 2.6.4 to 3.2.6 #42

Open
wants to merge 1 commit into
base: developr
Choose a base branch
from

Conversation

gitworkflows
Copy link
Contributor

@gitworkflows gitworkflows commented Dec 9, 2024

snyk-top-banner

Snyk has created this PR to upgrade async from 2.6.4 to 3.2.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 12 versions ahead of your current version.

  • The recommended version was released on 4 months ago.

Release notes
Package name: async from async GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Summary by Sourcery

Build:

  • Upgrade the 'async' package from version 2.6.4 to 3.2.6 in package.json.

Snyk has created this PR to upgrade async from 2.6.4 to 3.2.6.

See this package in npm:
async

See this project in Snyk:
https://app.snyk.io/org/khulnasoft-devsecops/project/f9132665-046e-4605-8fd2-e25f9bb55d35?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

coderabbitai bot commented Dec 9, 2024

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link

sourcery-ai bot commented Dec 9, 2024

Reviewer's Guide by Sourcery

This PR upgrades the async package from version 2.6.4 to 3.2.6 in the project's dependencies. This is a major version upgrade that spans 12 versions and may introduce breaking changes.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change Details Files
Updated dependency version in package.json
  • Upgraded async package from ^2.6.1 to ^3.2.6
  • Major version bump from 2.x to 3.x indicates potential breaking changes
package.json

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time. You can also use
    this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@gitworkflows
Copy link
Contributor Author

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. Here's why:

  • It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
  • We don't review packaging changes - Let us know if you'd like us to change this.

Copy link

sonarqubecloud bot commented Dec 9, 2024

Copy link

codiumai-pr-agent-free bot commented Dec 9, 2024

CI Failure Feedback 🧐

(Checks updated until commit b8a8c70)

Action: build

Failed stage: NPM Test [❌]

Failure summary:

The action failed due to multiple tests failing. Specifically:

  • The test openCIFS failed because the security group has the CIFS UDP port open to the public.
  • The test openCustomPorts failed because the security group has open ports.
  • The test openDNS failed because the security group has DNS TCP or UDP port open to the public.
  • The test openDocker failed because the security group has Docker TCP port open to the public.
  • The test openElasticsearch failed because the security group has Elasticsearch TCP port open to the
    public.
  • The test openFTP failed because the security group has FTP TCP port open to the public.
  • The test openHadoopNameNode failed because the security group has HDFSNameNodeMetadataService TCP
    port open to the public.
  • The test openHadoopNameNodeWebUI failed because the security group has NameNodeWebUI TCP port open
    to the public.
  • The test openHTTP failed because the security group has HTTP TCP port open to the public.
  • The test openHTTPS failed because the security group has HTTPS TCP port open to the public.
  • The test openInternalWeb failed because the security group has Internal Web TCP port open to the
    public.
  • The test openKibana failed because the security group has Kibana TCP port open to the public.
  • The test openLDAP failed because the security group has LDAP TCP port open to the public.
  • The test openLDAPS failed because the security group has LDAP SSL TCP port open to the public.

  • Relevant error logs:
    1:  ##[group]Operating System
    2:  Ubuntu
    ...
    
    654:  (Use `node --trace-warnings ...` to show where the warning was created)
    655:  engine
    656:  INFO: Determining API calls to make...
    657:  INFO: Found 350 API calls to make for aws plugins
    658:  INFO: Collecting metadata. This may take several minutes...
    659:  ✔ should run with no arguments (64ms)
    660:  exports
    661:  ✔ should use the proper format for each test (231ms)
    662:  [INFO][REGIONS] Could not load all regions from EC2: {"message":"Missing region in config","code":"ConfigError","time":"2024-12-09T06:12:31.704Z"}
    ...
    
    671:  ✔ should NOT traverse objects without allKeys option
    672:  ✔ should NOT travers objects in standard keywords which value is not a schema
    673:  pre and post
    674:  ✔ should traverse schema in pre-order
    675:  ✔ should traverse schema in post-order
    676:  ✔ should traverse schema in pre- and post-order at the same time
    677:  ackPrivateClusterEnabled
    678:  run
    679:  ✔ should FAIL if Cluster does not have Private Cluster enabled
    680:  ✔ should PASS if Cluster have Private Cluster enabled
    681:  ✔ should PASS if No ACK clusters found
    682:  ✔ should UNKNOWN if unable to query ACK clusters
    683:  ✔ should UNKNOWN if unable no Master_url is found for  ACK clusters
    684:  cloudMonitorEnabled
    685:  run
    686:  ✔ should FAIL if Cluster does not have Cloud Monitor Enabled
    687:  ✔ should PASS if Cluster has Cloud Monitor enabled
    688:  ✔ should PASS if No ACK clusters found
    689:  ✔ should UNKNOWN if unable to query ACK clusters
    690:  logServiceEnabled
    691:  run
    692:  ✔ should FAIL if Cluster does not have Log Service enabled
    693:  ✔ should PASS if Cluster has Log Service enabled
    694:  ✔ should PASS if No ACK clusters found
    695:  ✔ should UNKNOWN if unable to query ACK clusters
    696:  ENImultipleIPmode
    697:  run
    698:  ✔ should FAIL if Cluster does not have NetworkPolicy Terway enabled
    699:  ✔ should PASS if Cluster has NetworkPolicy Terway enabled
    700:  ✔ should PASS if No ACK clusters found
    701:  ✔ should UNKNOWN if unable to query ACK clusters
    702:  networkPolicyEnabled
    703:  run
    704:  ✔ should FAIL if Cluster does not have NetworkPolicy enabled
    705:  ✔ should PASS if Cluster has NetworkPolicy enabled
    706:  ✔ should PASS if No ACK clusters found
    707:  ✔ should UNKNOWN if unable to query ACK clusters
    708:  webDashboardDisabled
    709:  run
    710:  ✔ should FAIL if Cluster has web dashboard enabled
    711:  ✔ should PASS if Cluster does not have  web dashboard enabled
    712:  ✔ should PASS if No ACK clusters found
    713:  ✔ should UNKNOWN if unable to query ACK clusters
    714:  actiontrailBucketPrivate
    715:  run
    716:  ✔ should FAIL if ActionTrail trail Bucket ACL allows public access
    717:  ✔ should PASS if ActionTrail trail Bucket ACL allows private access
    718:  ✔ should PASS if no ActionTrail trail found
    719:  ✔ should PASS if no ActionTrail trail with OSS bucket destination found
    720:  ✔ should UNKNOWN if unable to query ActionTrail trails
    721:  ✔ should UNKNOWN if unable to query OSS bucket info
    722:  actiontrailGlobalExportLogs
    723:  run
    724:  ✔ should FAIL if ActionTrail does not have global trail to log all events
    725:  ✔ should FAIL if ActionTrail has global trail to log all events but does not export logs to OSS bucket
    726:  ✔ should PASS if ActionTrail has global trails to log all events
    727:  ✔ should UNKNOWN if unable to query ActionTrail trails
    728:  apiGroupTlsVersion
    729:  run
    730:  ✔ should PASS if API has latest TLS version
    731:  ✔ should FAIL if API does not have latest TLS version
    732:  ✔ should FAIL if API response does not have HttpsPolicy
    733:  ✔ should PASS if no api groups found
    734:  ✔ should UNKNOWN if unable to describe API groups
    735:  ✔ should not return anything if response not received
    736:  apiProtocol
    737:  run
    738:  ✔ should PASS if API has HTTPS protocol configured
    739:  ✔ should FAIL if API does not HTTPS protocol configured
    740:  ✔ should FAIL if API response does not have RequestConfig property
    741:  ✔ should PASS if no APIs are found
    742:  ✔ should UNKNOWN if unable to describe APIs
    743:  ✔ should not return anything if response not received
    744:  dataDisksEncrypted
    745:  run
    746:  ✔ should FAIL if disk is not encrypted
    747:  ✔ should FAIL if Data disk is not encrypted to target encryption level
    748:  ✔ should PASS if data disks are encrypted
    749:  ✔ should PASS if no ECS disks found
    750:  ✔ should UNKNOWN if unable to query ECS disks
    751:  openAllPortsProtocols
    752:  run
    753:  ✔ should PASS if no public open ports found
    754:  ✔ should FAIL if security group has all ports and protocols open to public
    755:  ✔ should PASS if no security groups found
    756:  ✔ should UNKNWON unable to describe security groups
    757:  openCIFS
    758:  run
    759:  ✔ should PASS if no public open ports found
    760:  ✔ should FAIL if security group has CIFS UDP 445 port open to public
    761:  ✔ should PASS if no security groups found
    762:  ✔ should UNKNWON unable to describe security groups
    763:  openCustomPorts
    764:  run
    765:  ✔ should PASS if no public open ports found
    766:  ✔ should FAIL if security group has custom ports open to public
    767:  ✔ should PASS if no security groups found
    768:  ✔ should UNKNWON unable to describe security groups
    769:  openDNS
    770:  run
    771:  ✔ should PASS if no public open ports found
    772:  ✔ should FAIL if security group has RDP TCP 53 port open to public
    773:  ✔ should PASS if no security groups found
    774:  ✔ should UNKNWON unable to describe security groups
    775:  openDocker
    776:  run
    777:  ✔ should PASS if no public open ports found
    778:  ✔ should FAIL if security group has Docker TCP 2375 port open to public
    779:  ✔ should PASS if no security groups found
    780:  ✔ should UNKNWON unable to describe security groups
    781:  openElasticsearch
    782:  run
    783:  ✔ should PASS if no public open ports found
    784:  ✔ should FAIL if security group has Elasticsearch TCP 9200 port open to public
    785:  ✔ should PASS if no security groups found
    786:  ✔ should UNKNWON unable to describe security groups
    787:  openFTP
    788:  run
    789:  ✔ should PASS if no public open ports found
    790:  ✔ should FAIL if security group has FTP TCP 20 port open to public
    791:  ✔ should PASS if no security groups found
    792:  ✔ should UNKNWON unable to describe security groups
    793:  openHadoopNameNode
    794:  run
    795:  ✔ should PASS if no public open ports found
    796:  ✔ should FAIL if security group has HDFSNameNodeMetadataService TCP 8020 port open to public
    797:  ✔ should PASS if no security groups found
    798:  ✔ should UNKNWON unable to describe security groups
    799:  openHadoopNameNodeWebUI
    800:  run
    801:  ✔ should PASS if no public open ports found
    802:  ✔ should FAIL if security group has NameNodeWebUI TCP 50070 port open to public
    803:  ✔ should PASS if no security groups found
    804:  ✔ should UNKNWON unable to describe security groups
    805:  openKibana
    806:  run
    807:  ✔ should PASS if no public open ports found
    808:  ✔ should FAIL if security group has Kibana TCP 5601 port open to public
    809:  ✔ should PASS if no security groups found
    810:  ✔ should UNKNWON unable to describe security groups
    811:  openMySQL
    812:  run
    813:  ✔ should PASS if no public open ports found
    814:  ✔ should FAIL if security group has MySQL TCP 3306 port open to public
    815:  ✔ should PASS if no security groups found
    816:  ✔ should UNKNWON unable to describe security groups
    817:  openNetBIOS
    818:  run
    819:  ✔ should PASS if no public open ports found
    820:  ✔ should FAIL if security group has NetBIOS UDP 137 port open to public
    821:  ✔ should PASS if no security groups found
    822:  ✔ should UNKNWON unable to describe security groups
    823:  openOracle
    824:  run
    825:  ✔ should PASS if no public open ports found
    826:  ✔ should FAIL if security group has Oracle TCP 1521 port open to public
    827:  ✔ should PASS if no security groups found
    828:  ✔ should UNKNWON unable to describe security groups
    829:  openOracleAutoDataWarehouse
    830:  run
    831:  ✔ should PASS if no public open ports found
    832:  ✔ should FAIL if security group has Oracle Auto Data Warehouse TCP 1522 port open to public
    833:  ✔ should PASS if no security groups found
    834:  ✔ should UNKNWON unable to describe security groups
    835:  openPostgreSQL
    836:  run
    837:  ✔ should PASS if no public open ports found
    838:  ✔ should FAIL if security group has PostgreSQL TCP 5432 port open to public
    839:  ✔ should PASS if no security groups found
    840:  ✔ should UNKNWON unable to describe security groups
    841:  openRDP
    842:  run
    843:  ✔ should PASS if no public open ports found
    844:  ✔ should FAIL if security group has RDP TCP 3389 port open to public
    845:  ✔ should PASS if no security groups found
    846:  ✔ should UNKNWON unable to describe security groups
    847:  openSalt
    848:  run
    849:  ✔ should PASS if no public open ports found
    850:  ✔ should FAIL if security group has Salt TCP 4505 port open to public
    851:  ✔ should PASS if no security groups found
    852:  ✔ should UNKNWON unable to describe security groups
    853:  openSMBoTCP
    854:  run
    855:  ✔ should PASS if no public open ports found
    856:  ✔ should FAIL if security group has SMBoTCP TCP 445 port open to public
    857:  ✔ should PASS if no security groups found
    858:  ✔ should UNKNWON unable to describe security groups
    859:  openSMTP
    860:  run
    861:  ✔ should PASS if no public open ports found
    862:  ✔ should FAIL if security group has SMTP TCP 25 port open to public
    863:  ✔ should PASS if no security groups found
    864:  ✔ should UNKNWON unable to describe security groups
    865:  openSQLServer
    866:  run
    867:  ✔ should PASS if no public open ports found
    868:  ✔ should FAIL if security group has SQL Server TCP 1433 port open to public
    869:  ✔ should PASS if no security groups found
    870:  ✔ should UNKNWON unable to describe security groups
    871:  openSSH
    872:  run
    873:  ✔ should PASS if no public open ports found
    874:  ✔ should FAIL if security group has SSH TCP 22 port open to public
    875:  ✔ should PASS if no security groups found
    876:  ✔ should UNKNWON unable to describe security groups
    877:  openTelnet
    878:  run
    879:  ✔ should PASS if no public open ports found
    880:  ✔ should FAIL if security group has Telnet TCP 23 port open to public
    881:  ✔ should PASS if no security groups found
    882:  ✔ should UNKNWON unable to describe security groups
    883:  openVNCClient
    884:  run
    885:  ✔ should PASS if no public open ports found
    886:  ✔ should FAIL if security group has VNC Client TCP 5500 port open to public
    887:  ✔ should PASS if no security groups found
    888:  ✔ should UNKNWON unable to describe security groups
    889:  openVNCServer
    890:  run
    891:  ✔ should PASS if no public open ports found
    892:  ✔ should FAIL if security group has VNC Server TCP 5900 port open to public
    893:  ✔ should PASS if no security groups found
    894:  ✔ should UNKNWON unable to describe security groups
    895:  systemDisksEncrypted
    896:  run
    897:  ✔ should PASS if System disks are encrypted
    898:  ✔ should PASS if System disks are encrypted to target encryption level
    899:  ✔ should FAIL if disk is not encrypted
    900:  ✔ should FAIL if System disk is not encrypted to target encryption level
    901:  ✔ should PASS if no ECS disks found
    902:  ✔ should UNKNOWN if unable to query ECS disks
    903:  bucketCmkEncrypted
    904:  run
    905:  ✔ should FAIL if OSS bucket is not encrypted to required encryption level
    906:  ✔ should FAIL if OSS bucket is not encrypted
    907:  ✔ should PASS if OSS bucket is encrypted to required encryption level
    908:  ✔ should PASS if no OSS buckets found
    909:  ✔ should UNKNOWN if unable to query for OSS buckets
    910:  ✔ should UNKNOWN if unable to query OSS bucket info
    911:  bucketCrossRegionReplication
    912:  run
    913:  ✔ should FAIL if bucket does not have cross region replication enabled
    914:  ✔ should FAIL if bucket info does not have cross region replication property
    915:  ✔ should PASS if bucket has cross region replication enabled
    916:  ✔ should PASS if no OSS buckets found
    917:  ✔ should UNKNOWN if unable to query for OSS buckets
    918:  ✔ should UNKNOWN if unable to query OSS bucket info
    919:  bucketLoggingEnabled
    920:  run
    921:  ✔ should FAIL if bucket does not have logging enabled
    922:  ✔ should PASS if bucket has logging enabled
    923:  ✔ should PASS if no OSS buckets found
    924:  ✔ should UNKNOWN if unable to query for OSS buckets
    925:  ✔ should UNKNOWN if unable to query OSS bucket info
    926:  bucketRequestPayment
    927:  run
    928:  ✔ should FAIL if bucket does not have pay per requester enabled
    929:  ✔ should FAIL if payer property is not returned
    930:  ✔ should PASS if bucket has pay per requester enabled
    931:  ✔ should PASS if no OSS buckets found
    932:  ✔ should UNKNOWN if unable to query for OSS buckets
    933:  ✔ should UNKNOWN if unable to query OSS bucket info
    934:  ossBucketIpRestriction
    935:  run
    936:  ✔ should PASS if OSS bucket has IP restrictions configured
    937:  ✔ should FAIL if OSS bucket does not have IP restrictions configured
    938:  ✔ should FAIL if no OSS bucket policy found
    939:  ✔ should PASS if no OSS buckets found
    940:  ✔ should UNKNOWN if unable to query for OSS buckets
    941:  ✔ should UNKNOWN if unable to query OSS bucket policy
    942:  bucketLifecycle
    943:  run
    944:  ✔ should FAIL if bucket does not have lifecycle policies
    945:  ✔ should PASS if bucket has lifecycle policies enabled
    946:  ✔ should PASS if bucket has lifecycle policies disabled
    947:  ✔ should PASS if no OSS buckets found
    948:  ✔ should UNKNOWN if unable to query for OSS buckets
    949:  ✔ should UNKNOWN if Unable to query OSS bucket lifecycle policy info
    950:  ossBucketPrivate
    951:  run
    952:  ✔ should FAIL if bucket ACL allows public-read-write access
    953:  ✔ should PASS if bucket ACL allows private access
    954:  ✔ should PASS if no OSS buckets found
    955:  ✔ should UNKNOWN if unable to query for OSS buckets
    956:  ✔ should UNKNOWN if unable to query OSS bucket info
    957:  ossBucketSecureTransport
    958:  run
    959:  ✔ should PASS if OSS bucket has secure transport enabled
    960:  ✔ should FAIL if OSS bucket does not have secure transport enabled
    961:  ✔ should FAIL if no OSS bucket policy found
    962:  ✔ should PASS if no OSS buckets found
    963:  ✔ should UNKNOWN if unable to query for OSS buckets
    964:  ✔ should UNKNOWN if unable to query OSS bucket policy
    965:  bucketTransferAcceleration
    966:  run
    967:  ✔ should FAIL if bucket does not have transfer acceleration enabled
    968:  ✔ should FAIL if bucket info does not have transfer acceleration property
    969:  ✔ should PASS if bucket has transfer acceleration enabled
    970:  ✔ should PASS if no OSS buckets found
    971:  ✔ should UNKNOWN if unable to query for OSS buckets
    972:  ✔ should UNKNOWN if unable to query OSS bucket info
    973:  ossBucketVersioning
    974:  run
    975:  ✔ should FAIL if bucket versioning is not enabled
    976:  ✔ should PASS if bucket versioning is enabled
    977:  ✔ should PASS if no OSS buckets found
    978:  ✔ should UNKNOWN if unable to query for OSS buckets
    979:  ✔ should UNKNOWN if unable to query OSS bucket info
    980:  accessKeysRotation
    981:  run
    982:  ✔ should FAIL if RAM user access keys are not rotated every 90 days or less
    983:  ✔ should PASS if RAM user access keys are not rotated every 90 days or less
    984:  ✔ should PASS if RAM user does not have any access keys
    985:  ✔ should PASS if No RAM users found
    986:  ✔ should UNKNOWN if unable to query user access keys
    987:  ✔ should UNKNOWN if unable to query RAM users
    988:  inactiveUserDisabled
    989:  run
    990:  ✔ should FAIL if RAM user is enabled on being inactive for 90 or more days
    991:  ✔ should PASS if RAM user is disabled on being inactive for 90 or more days
    992:  ✔ should PASS if RAM user last activity was before 90 days
    993:  ✔ should PASS if No RAM users found
    994:  ✔ should UNKNOWN if Unable to query login profile
    995:  ✔ should UNKNOWN if Unable to query RAM users
    996:  passwordBlockLogon
    997:  run
    998:  ✔ should FAIL if RAM password security policy does not require logon to be blocked after 5 attempts
    999:  ✔ should PASS if RAM password security policy requires logon to be blocked after 5 attempts
    1000:  ✔ should UNKNOWN if unable to query RAM password policy
    1001:  passwordExpiry
    1002:  run
    1003:  ✔ should FAIL if RAM password security policy does not require password to be expired after 90 days
    1004:  ✔ should PASS if RAM password security policy requires password to be expired after set days
    1005:  ✔ should UNKNOWN if unable to query RAM password policy
    1006:  passwordMinLength
    1007:  run
    1008:  ✔ should FAIL if RAM password security policy does not require minimum length of 14 or greater
    1009:  ✔ should PASS if RAM password security policy require minimum length of 14 or greater
    1010:  ✔ should UNKNOWN if unable to query RAM password policy
    1011:  passwordNoReuse
    1012:  run
    1013:  ✔ should FAIL if RAM password security policy does not requires to prevent reusing 5 previous passwords
    1014:  ✔ should PASS if RAM password security policy requires to prevent reusing 5 previous passwords
    1015:  ✔ should UNKNOWN if unable to query RAM password policy
    1016:  passwordRequiresLowercase
    1017:  run
    1018:  ✔ should FAIL if RAM password security policy does not require lowercase characters
    1019:  ✔ should PASS if RAM password security policy requires lowercase characters
    1020:  ✔ should UNKNOWN if unable to query RAM password policy
    1021:  passwordRequiresNumbers
    1022:  run
    1023:  ✔ should FAIL if RAM password security policy does not require numbers
    1024:  ✔ should PASS if RAM password security policy requires numbers
    1025:  ✔ should UNKNOWN if unable to query RAM password policy
    1026:  passwordRequiresSymbols
    1027:  run
    1028:  ✔ should FAIL if RAM password security policy does not require symbols
    1029:  ✔ should PASS if RAM password security policy requires symbols
    1030:  ✔ should UNKNOWN if unable to query RAM password policy
    1031:  passwordRequiresUppercase
    1032:  run
    1033:  ✔ should FAIL if RAM password security policy does not require uppercase characters
    1034:  ✔ should PASS if RAM password security policy requires uppercase characters
    1035:  ✔ should UNKNOWN if unable to query RAM password policy
    1036:  ramAdminPolicy
    1037:  run
    1038:  ✔ should FAIL if Policy provides admin (*:*) access and attachment count is greater than 0
    1039:  ✔ should PASS if Policy provides admin (*:*) access but attachment count is 0
    1040:  ✔ should PASS if Policy does not provide admin (*:*) access
    1041:  ✔ should PASS if No RAM policies found
    1042:  ✔ should UNKNOWN if Unable to query RAM policies
    1043:  ✔ should UNKNOWN if Unable to get RAM policy
    1044:  ramPolicyAttachments
    1045:  run
    1046:  ✔ should FAIL if User has policies attached
    1047:  ✔ should PASS if no policies are attached to user
    1048:  ✔ should PASS if No RAM users found
    1049:  ✔ should UNKNOWN if Unable to query RAM users
    1050:  usersMfaEnabled
    1051:  run
    1052:  ✔ should FAIL if RAM user does not have MFA device configured
    1053:  ✔ should PASS if RAM user has MFA device configured
    1054:  ✔ should PASS if No RAM users found
    1055:  ✔ should UNKNOWN if Unable to query RAM users
    1056:  rdsAuditingEnabled
    1057:  run
    1058:  ✔ should FAIL if RDS DB instance does not have sql auditing enabled
    1059:  ✔ should PASS if RDS DB instance have sql auditing enabled
    1060:  ✔ should PASS if no RDS DB instances found
    1061:  ✔ should UNKNOWN if unable to query RDS DB instances
    1062:  ✔ should UNKNOWN if unable to query DB sql auditing policy
    1063:  rdsLogConnectionEnabled
    1064:  run
    1065:  ✔ should FAIL if RDS DB instance does not have log_connections parameter enabled
    1066:  ✔ should PASS if RDS DB instance has log_connections parameter enabled
    1067:  ✔ should PASS if no RDS DB instances found
    1068:  ✔ should UNKNOWN if unable to query RDS DB instances
    1069:  ✔ should UNKNOWN if unable to query DB parameters
    1070:  rdsLogDisconnectionsEnabled
    1071:  run
    1072:  ✔ should FAIL if RDS DB instance does not have log_disconnections parameter enabled
    1073:  ✔ should PASS if RDS DB instance has log_disconnections parameter enabled
    1074:  ✔ should PASS if no RDS DB instances found
    1075:  ✔ should UNKNOWN if unable to query RDS DB instances
    1076:  ✔ should UNKNOWN if unable to query DB parameters
    1077:  rdsLogDuration
    1078:  run
    1079:  ✔ should FAIL if RDS DB instance does not have log_duration parameter enabled
    1080:  ✔ should PASS if RDS DB instance has log_duration parameter enabled
    1081:  ✔ should PASS if no RDS DB instances found
    1082:  ✔ should UNKNOWN if unable to query RDS DB instances
    1083:  ✔ should UNKNOWN if unable to query DB parameters
    1084:  rdsPublicAccess
    1085:  run
    1086:  ✔ should FAIL if RDS DB instance is publicly accessible
    1087:  ✔ should PASS if RDS DB instance is not publicly accessible
    1088:  ✔ should PASS if no RDS DB instances found
    1089:  ✔ should UNKNOWN if unable to query RDS DB instances
    1090:  ✔ should UNKNOWN if Unable to query DB IP Array List
    1091:  rdsSqlAuditRetentionPeriod
    1092:  run
    1093:  ✔ should FAIL if RDS DB instance does not have sql audit log retention greater than 180 days
    1094:  ✔ should FAIL if RDS DB instance does not have sql audit log retention greater than set days limit
    1095:  ✔ should PASS if RDS DB instance have sql audit log retention greater than 180 days
    1096:  ✔ should PASS if RDS DB instance have sql audit log retention greater than set days limit
    1097:  ✔ should PASS if no RDS DB instances found
    1098:  ✔ should UNKNOWN if unable to query RDS DB instances
    1099:  ✔ should UNKNOWN if unable to query DB sql audit log retention
    1100:  rdsSslEncryptionEnabled
    1101:  run
    1102:  ✔ should FAIL if RDS instance does not have SSL encryption enabled
    1103:  ✔ should PASS if RDS instance has SSL encryption enabled
    1104:  ✔ should PASS if no RDS DB instances found
    1105:  ✔ should UNKNOWN if unable to query RDS DB instances
    1106:  ✔ should UNKNOWN if unable to query RDS instance SSL info
    1107:  rdsTdeEnabled
    1108:  run
    1109:  ✔ should FAIL if RDS DB instance does not have TDE enabled
    1110:  ✔ should PASS if RDS DB instance have TDE enabled
    1111:  ✔ should PASS if RDS DB instance have engine type other MySQL 5.6 and SQL Server Enterprise Edition
    1112:  ✔ should PASS if no RDS DB instances found
    1113:  ✔ should UNKNOWN if unable to query RDS DB instances
    1114:  ✔ should UNKNOWN if unable to query RDS DB instance TDE
    1115:  securityAgentInstalled
    1116:  run
    1117:  ✔ should FAIL if there are unprotected assets
    1118:  ✔ should PASS if there are no unprotected assets
    1119:  ✔ should UNKNOWN if Unable to query TDS field statistics
    1120:  securityCenterEdition
    1121:  run
    1122:  ✔ should FAIL if Security Center edition is Basic or Anti-virus
    1123:  ✔ should PASS if Security Center edition is Advanced or plus
    1124:  ✔ should UNKNOWN if Unable to query Security Center version config
    1125:  securityNotificationsEnabled
    1126:  run
    1127:  ✔ should FAIL if security notifications are not enabled
    1128:  ✔ should PASS if security notifications are enabled for all alerts
    1129:  ✔ should PASS if no TDS notice config found
    1130:  ✔ should UNKNOWN if Unable to query TDS notice config
    1131:  vulnerabilityScanEnabled
    1132:  run
    1133:  ✔ should FAIL if Vulnerability scan is not enabled on all servers
    1134:  ✔ should PASS if Vulnerability scan is enabled on all servers
    1135:  ✔ should PASS if no vulnerabity config found 
    1136:  ✔ should UNKNOWN if Unable to query 
    1137:  accessAnalyzerActiveFindings
    1138:  run
    1139:  ✔ should FAIL if Amazon IAM access analyzer has active findings.
    1140:  ✔ should PASS if Amazon IAM access analyzer have no active findings.
    1141:  ✔ should PASS if no analyzers found
    1142:  ✔ should UNKNOWN if Unable to query for IAM access analyzers
    1143:  accessAnalyzerEnabled
    1144:  run
    1145:  ✔ should PASS if Access Analyzer is enabled
    1146:  ✔ should FAIL if Access Analyzer is not enabled
    1147:  ✔ should FAIL if Access Analyzer not configured
    1148:  ✔ should UNKNOWN if unable to list Access analyzer
    1149:  ✔ should not return anything if list Access Analyzers response is not found
    1150:  acmCertificateExpiry
    1151:  run
    1152:  ✔ should PASS if certificate expiration date exceeds set PASS number of days in the future
    1153:  ✔ should FAIL if certificate expiration date does not exceed set WARN number of days in the future
    1154:  ✔ should FAIL if certificate has already expired
    ...
    
    1158:  ✔ should UNKNOWN if unable to list ACM certificates
    1159:  ✔ should UNKNOWN if unable to describe ACM certificate
    1160:  acmCertificateHasTags
    1161:  run
    1162:  ✔ should give unknown result if unable to list acm certificates
    1163:  ✔ should give passing result if acm certificates not found.
    1164:  ✔ should give unknown result if unable to query resource group tagging api
    1165:  ✔ should give passing result if acm certificates have tags
    1166:  ✔ should give failing result if eks cluster does not have tags
    1167:  acmSingleDomainNameCertificate
    1168:  run
    1169:  ✔ should PASS if ACM certificate is a single domain name certificate
    1170:  ✔ should FAIL if ACM certificate is a wildcard certificate
    1171:  ✔ should PASS if No ACM certificates found
    1172:  ✔ should UNKNOWN if unable to list ACM certificates
    1173:  ✔ should UNKNOWN if unable to describe ACM certificate
    1174:  acmValidation
    1175:  run
    1176:  ✔ should PASS if ACM certificate is using DNS validations
    1177:  ✔ should FAIL if ACM certificate has failed validations
    1178:  ✔ should WARN if ACM certificate is using EMAIL validation
    1179:  ✔ should PASS if No ACM certificates found
    1180:  ✔ should UNKNOWN if unable to list ACM certificates
    1181:  ✔ should UNKNOWN if unable to describe ACM certificate
    1182:  apigatewayAuthorization
    1183:  run
    1184:  ✔ should return UNKNOWN if unable to query for API Gateway Rest APIs
    1185:  ✔ should return PASS if no API Gateway Rest APIs found
    1186:  ✔ should return FAIL if no authorizers exist for API Gateway Rest API
    1187:  ✔ should return PASS if authorizers exist for API Gateway Rest API
    1188:  ✔ should not return anything if get Rest APIs response is not found
    1189:  apigatewayCertificateRotation
    1190:  run
    1191:  ✔ should PASS if API Gateway API stages do not need client certificate rotation
    1192:  ✔ should FAIL if API Gateway API stage needs client certificate rotation
    1193:  ✔ should FAIL if API Gateway API stage client certificate has already expired
    ...
    
    1195:  ✔ should PASS if No API Gateway Rest API stages found
    1196:  ✔ should PASS if No API Gateway Rest API stage client certificate found
    1197:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1198:  ✔ should UNKNOWN if unable to get API Gateway Rest API stages
    1199:  ✔ should not return anything if get Rest APIs response is not found
    1200:  apigatewayClientCertificate
    1201:  run
    1202:  ✔ should PASS if API Gateway API use client certificate for all stages
    1203:  ✔ should FAIL if API Gateway API does not use client certificate for all stages
    1204:  ✔ should PASS if No API Gateway Rest APIs found
    1205:  ✔ should PASS if No API Gateway Rest API Stages found
    1206:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1207:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
    1208:  ✔ should not return anything if get Rest APIs response is not found
    1209:  apigatewayCloudwatchLogs
    1210:  run
    1211:  ✔ should PASS if API Gateway API has CloudWatch Logs enabled for all stages
    1212:  ✔ should FAIL if API Gateway API does not have CloudWatch Logs enabled for stages
    1213:  ✔ should PASS if No API Gateway Rest APIs found
    1214:  ✔ should PASS if No API Gateway Rest API Stages found
    1215:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1216:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
    1217:  ✔ should not return anything if get Rest APIs response is not found
    1218:  apigatewayContentEncoding
    1219:  run
    1220:  ✔ should PASS if API Gateway API stage has content encoding enabled
    1221:  ✔ should FAIL if API Gateway API stage does not have content encoding enabled
    1222:  ✔ should PASS if No API Gateway Rest APIs found
    1223:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1224:  ✔ should not return anything if get Rest APIs response is not found
    1225:  apigatewayTlsDefaultEndpoint
    1226:  run
    1227:  ✔ should PASS if No API Gateway rest APIs found
    1228:  ✔ should PASS if API Gateway is not accessible through default endpoint
    1229:  ✔ should FAIL if API Gateway is accessible through default endpoint
    1230:  ✔ should UNKNOWN if unable to query for API Gateways
    1231:  apigatewayPrivateEndpoints
    1232:  run
    1233:  ✔ should PASS if API Gateway API is only accessible through private endpoints
    1234:  ✔ should FAIL if API Gateway API is accessible through public endpoints
    1235:  ✔ should PASS if No API Gateway Rest APIs found
    1236:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1237:  ✔ should not return anything if get Rest APIs response is not found
    1238:  apigatewayResponseCaching
    1239:  run
    1240:  ✔ should PASS if Response caching is enabled for API Gateway API stage
    1241:  ✔ should FAIL if Response caching is not enabled for API Gateway API stage
    1242:  ✔ should PASS if No API Gateway Rest APIs found
    1243:  ✔ should PASS if No API Gateway Rest API Stages found
    1244:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1245:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
    1246:  ✔ should not return anything if get Rest APIs response is not found
    1247:  apigatewayTracingEnabled
    1248:  run
    1249:  ✔ should PASS if API Gateway API has tracing enabled for all stages
    1250:  ✔ should FAIL if API Gateway API does not have tracing enabled for stages
    1251:  ✔ should PASS if No API Gateway Rest APIs found
    1252:  ✔ should PASS if No API Gateway Rest API Stages found
    1253:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1254:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
    1255:  ✔ should not return anything if get Rest APIs response is not found
    1256:  apigatewayWafEnabled
    1257:  run
    1258:  ✔ should PASS if API Gateway API has WAF enabled for all stages
    1259:  ✔ should FAIL if API Gateway API does not have WAF enabled for stages
    1260:  ✔ should PASS if No API Gateway Rest APIs found
    1261:  ✔ should PASS if No API Gateway Rest API Stages found
    1262:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1263:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
    1264:  ✔ should not return anything if get Rest APIs response is not found
    1265:  apiStageLevelCacheEncryption
    1266:  run
    1267:  ✔ should PASS if API Gateway stage encrypts cache data
    1268:  ✔ should FAIL if API Gateway stage does not encrypt cache data
    ...
    
    1270:  ✔ should PASS if No API Gateway Rest APIs found
    1271:  ✔ should PASS if No API Gateway Rest API Stages found
    1272:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1273:  ✔ should UNKNOWN if unable to get API Gateway Stages
    1274:  apigatewayCustomDomainDeprecatedProtocol
    1275:  run
    1276:  ✔ should PASS if No API Gateway Custom Domains found
    1277:  ✔ should PASS if API Gateway Custom Domain is using current minimum TLS version
    1278:  ✔ should FAIL if API Gateway Custom Domain is using deprecated TLS version
    1279:  ✔ should UNKNOWN if unable to query for API Gateways
    1280:  detailedCloudWatchMetrics
    1281:  run
    1282:  ✔ should PASS if API Gateway API has detailed CloudWatch metrics enabled for all stages
    1283:  ✔ should FAIL if API Gateway API does not have detailed CloudWatch metrics enabled for stages
    1284:  ✔ should PASS if No API Gateway Rest APIs found
    1285:  ✔ should PASS if No API Gateway Rest API Stages found
    1286:  ✔ should UNKNOWN if unable to get API Gateway Rest APIs
    1287:  ✔ should UNKNOWN if unable to get API Gateway Rest API Stages
    1288:  ✔ should not return anything if get Rest APIs response is not found
    1289:  flowEncrypted
    1290:  run
    1291:  ✔ should PASS if AppFlow flow is encrypted with desired encryption level
    1292:  ✔ should FAIL if AppFlow flow is not encrypted with desired encryption level
    1293:  ✔ should PASS if no AppFlow flows found
    1294:  ✔ should UNKNOWN if unable to list AppFlow flows
    1295:  ✔ should UNKNOWN if unable to list KMS keys
    1296:  appmeshTLSRequired
    1297:  run
    1298:  ✔ should PASS if App Mesh virtual gateway listeners restrict TLS enabled connections
    1299:  ✔ should FAIL if App Mesh vitual gateway listeners does not restrict TLS enabled connections
    1300:  ✔ should PASS if no App Mesh meshes found
    1301:  ✔ should UNKNOWN if Unable to list App Mesh meshes
    1302:  ✔ should UNKNOWN if unable to list App Mesh virtual gateways
    1303:  ✔ should not return anything if list App Mesh meshes response not found
    1304:  appmeshVGAccessLogging
    1305:  run
    1306:  ✔ should PASS if access logging is enabled and configured for Amazon App Mesh virtual gateways
    1307:  ✔ should FAIL if access logging is not enabled for Amazon App Mesh virtual gateways
    1308:  ✔ should PASS if No App Meshes found
    1309:  ✔ should UNKNOWN if unable to query for App Mesh meshes
    1310:  ✔ should UNKNOWN if unable to query for App Mesh virtual gateways
    1311:  ✔ should not return anything if list App Meshes response not found
    1312:  appmeshVGHealthChecks
    1313:  run
    1314:  ✔ should PASS if health check policies are configured for Amazon App Mesh virtual gateways
    1315:  ✔ should FAIL if health check policies are not configured for Amazon App Mesh virtual gateways
    1316:  ✔ should PASS if No App Meshes found
    1317:  ✔ should UNKNOWN if unable to query for App Mesh meshes
    1318:  ✔ should UNKNOWN if unable to query for App Mesh virtual gateways
    1319:  ✔ should not return anything if list App Meshes response not found
    1320:  restrictExternalTraffic
    1321:  run
    1322:  ✔ should PASS if App Mesh mesh does not allow access to external services
    1323:  ✔ should FAIL if App Mesh mesh allows access to external services
    1324:  ✔ should PASS if no App Meshes found
    1325:  ✔ should UNKNOWN if Unable to query for App Mesh meshes
    1326:  ✔ should UNKNOWN if Unable to describe App Mesh mesh
    1327:  serviceEncrypted
    1328:  run
    1329:  ✔ should PASS if App Runner service is encrypted with desired encryption level
    1330:  ✔ should FAIL if App Runner service not encrypted with desired encryption level
    1331:  ✔ should PASS if no App Runner service found
    1332:  ✔ should UNKNOWN if unable to list Services
    1333:  ✔ should UNKNOWN if unable to list KMS keys
    1334:  workgroupEncrypted
    1335:  run
    1336:  ✔ should PASS if Athena workgroup is using encryption
    1337:  ✔ should PASS if Athena primary workgroup does not have encryption enabled but is not in use.
    1338:  ✔ should FAIL if Athena workgroup is not using encryption
    1339:  ✔ should PASS if no Athena workgroups found
    1340:  ✔ should UNKNOWN if unable to list Athena workgroups
    1341:  ✔ should UNKNOWN if unable to describe Athena workgroup
    1342:  ✔ should not return any results if list workgroups response not found
    1343:  workgroupEnforceConfiguration
    1344:  run
    1345:  ✔ should PASS if Athena workgroup is enforcing configuration options
    1346:  ✔ should PASS if Athena primary workgroup is not enforcing configuration options but is not in use
    1347:  ✔ should FAIL if Athena workgroup is not enforcing configuration options
    1348:  ✔ should PASS if no Athena workgroups found
    1349:  ✔ should UNKNOWN if unable to list Athena workgroups
    1350:  ✔ should UNKNOWN if unable to describe Athena workgroup
    1351:  ✔ should not return any results if list workgroups response not found
    1352:  auditmanagerDataEncrypted
    1353:  run
    1354:  ✔ should PASS if Audit Manager data is encrypted with desired encryption level
    1355:  ✔ should FAIL if Audit Manager data is not encrypted with desired encryption level
    1356:  ✔ should PASS if Audit Manager is not setup for the region
    1357:  ✔ should UNKNOWN if unable to get Audit Manager settings
    1358:  ✔ should UNKNOWN if unable to list KMS keys
    1359:  appTierAsgApprovedAmi
    1360:  run
    1361:  ✔ should PASS if Launch Configuration for App-Tier Auto Scaling group is using approved AMIs
    1362:  ✔ should FAIL if Launch Configuration for App-Tier Auto Scaling group is not using active AMIs
    1363:  ✔ should FAIL if Launch Configuration for App-Tier Auto Scaling group is not using any AMI
    ...
    
    1365:  ✔ should PASS if no App-Tier Auto Scaling groups found
    1366:  ✔ should PASS if no Auto Scaling groups found
    1367:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1368:  ✔ should not return anything if describe Auto Scaling groups response not found
    1369:  ✔ should not return anything if App-Tier tag key is not provided in settings
    1370:  appTierAsgCloudWatchLogs
    1371:  run
    1372:  ✔ should PASS if App-Tier Auto Scaling launch configuration is using CloudWatch Logs agent
    1373:  ✔ should FAIL if App-Tier Auto Scaling launch configuration is not using CloudWatch Logs agent
    1374:  ✔ should UNKNOWN if unable to describe launch configuration for App-Tier Auto Scaling group
    1375:  ✔ should PASS if no App-Tier Auto Scaling groups found
    1376:  ✔ should PASS if no Auto Scaling groups found
    1377:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1378:  ✔ should not return anything if no Auto Scaling groups found
    1379:  appTierIamRole
    1380:  run
    1381:  ✔ should PASS if launch configuration for App-Tier group has customer IAM role configured
    1382:  ✔ should FAIL if launch configuration for App-Tier group does not have customer IAM role configured
    ...
    
    1385:  ✔ should PASS if no App-Tier Auto Scaling groups found
    1386:  ✔ should PASS if no Auto Scaling launch configurations found
    1387:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1388:  ✔ should UNKNOWN if unable to describe Auto Scaling launch configurations
    1389:  ✔ should not return anything if no response for describe Auto Scaling groups
    1390:  asgActiveNotifications
    1391:  run
    1392:  ✔ should PASS if notification are active for auto scaling group
    1393:  ✔ should FAIL if notification are not active for auto scaling group
    1394:  ✔ should UNKNOWN if unable to describe auto scaling group found
    1395:  ✔ should not return anything if no auto scaling group found
    1396:  ✔ should FAIL if No auto scaling group notification configurations found
    1397:  asgCooldownPeriod
    1398:  run
    1399:  ✔ should PASS if Amazon Auto Scaling Groups are utilizing cool down period
    1400:  ✔ should FAIL if the cool down period setting is not properly configured for the selected Amazon ASG
    1401:  ✔ should PASS if no AutoScaling groups found
    1402:  ✔ should UNKNOWN if an error occurs while describing AutoScaling groups
    1403:  ✔ should not return anything if unable to query for AutoScaling groups
    1404:  asgMissingELB
    1405:  run
    1406:  ✔ should PASS if AutoScaling group utilizes active load balancer
    1407:  ✔ should FAIL if AutoScaling group utilizes inactive load balancer
    1408:  ✔ should FAIL if AutoScaling group does not have any ELB associated
    1409:  ✔ should PASS if AutoScaling group does not utilize a load balancer
    1410:  ✔ should UNKNOWN if unable to describe AutoScaling group found
    1411:  ✔ should not return anything if no AutoScaling group found
    1412:  asgMissingSecurityGroups
    1413:  run
    1414:  ✔ should PASS if Auto Scaling launch configuration does not reference any missing EC2 security group
    1415:  ✔ should FAIL if Auto Scaling launch configuration references missing EC2 security group(s)
    1416:  ✔ should PASS if no Auto Scaling launch configurations found
    1417:  ✔ should PASS if Auto Scaling launch configuration does not have any security groups associated
    1418:  ✔ should FAIL if no EC2 security groups found
    1419:  ✔ should UNKNOWN if unable to describe Auto Scaling launch configurations
    1420:  ✔ should not return anything if describe Auto Scaling launch configurations response not found
    1421:  asgMultiAz
    1422:  run
    1423:  ✔ should PASS if Auto Scaling group utilizes multiple availability zones
    1424:  ✔ should FAIL if Auto Scaling group utilizes one availability zone
    1425:  ✔ should PASS if no Auto Scaling groups found 
    1426:  ✔ should UNKNOWN if error describing Auto Scaling groups
    1427:  ✔ should not return anything if unable to describe Auto Scaling groups
    1428:  asgSuspendedProcesses
    1429:  run
    1430:  ✔ should PASS if AutoScaling group does not have any suspended process
    1431:  ✔ should FAIL if AutoScaling group has suspended processes
    1432:  ✔ should PASS if no AutoScaling groups found 
    1433:  ✔ should UNKNOWN if an error occurs while describing AutoScaling groups
    1434:  ✔ should not return anything if unable to query for AutoScaling groups
    1435:  asgUnusedLaunchConfiguration
    1436:  run
    1437:  ✔ should PASS if Auto Scaling launch configuration is being used
    1438:  ✔ should FAIL if Auto Scaling launch configuration is not being used
    1439:  ✔ should PASS if no Auto Scaling launch configurations found
    1440:  ✔ should UNKNOWN if Unable to query for Auto Scaling launch configurations
    1441:  elbHealthCheckActive
    1442:  run
    1443:  ✔ should PASS if Auto Scaling group does not use ELBs
    1444:  ✔ should PASS if Auto Scaling group has ELB health check active
    1445:  ✔ should PASS if Auto Scaling group does not use ELBs
    1446:  ✔ should FAIL if Auto Scaling group does not have ELB health check active
    1447:  ✔ should PASS if no Auto Scaling groups found
    1448:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1449:  ✔ should not return anything if no response found for describe Auto Scaling groups
    1450:  emptyASG
    1451:  run
    1452:  ✔ should PASS if autoscaling group contains instance(s)
    1453:  ✔ should FAIL if autoscaling group does not contain instance(s)
    1454:  ✔ should PASS if no autoscaling group data found 
    1455:  ✔ should UNKNOWN if unable to describe autoscaling group found
    1456:  ✔ should not return anything if no autoscaling group found
    1457:  sameAzElb
    1458:  run
    1459:  ✔ should PASS if load balancer is in the same Availability Zone as of AutoScaling group
    1460:  ✔ should PASS if AutoScaling does not utilizes load balancer as HealthCheckType
    1461:  ✔ should FAIL if load balancer is not in the same Availability Zone as of AutoScaling group
    1462:  ✔ should FAIL if autoscaling group utilizes an inactive load balancer
    1463:  ✔ should UNKOWN if unable to query for load balancers
    1464:  ✔ should UNKNOWN if unable to describe autoscaling groups
    1465:  ✔ should not return anything if no autoscaling group found
    1466:  webTierAsgApprovedAmi
    1467:  run
    1468:  ✔ should PASS if Launch Configuration for Web-Tier Auto Scaling group is using approved AMIs
    1469:  ✔ should FAIL if Launch Configuration for Web-Tier Auto Scaling group is not using active AMIs
    1470:  ✔ should FAIL if Launch Configuration for Web-Tier Auto Scaling group is not using any AMI
    ...
    
    1472:  ✔ should PASS if no Web-Tier Auto Scaling groups found
    1473:  ✔ should PASS if no Auto Scaling groups found
    1474:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1475:  ✔ should not return anything if describe Auto Scaling groups response not found
    1476:  ✔ should not return anything if Web-Tier tag key is provided in settings
    1477:  webTierAssociatedElb
    1478:  run
    1479:  ✔ should PASS if Web-Tier Auto Scaling group has ELB associated
    1480:  ✔ should FAIL if Web-Tier Auto Scaling group does not have ELB associated
    1481:  ✔ should PASS if no Auto Scaling groups found
    1482:  ✔ should PASS if no Web-Tier Auto Scaling groups found
    1483:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1484:  ✔ should not return anything if describe Auto Scaling groups response not found
    1485:  webTierAsgCloudWatchLogs
    1486:  run
    1487:  ✔ should PASS if Web-Tier Auto Scaling launch configuration has CloudWatch logs enabled
    1488:  ✔ should FAIL if Web-Tier Auto Scaling launch configuration does not have CloudWatch logs enabled
    1489:  ✔ should UNKNOWN if unable to describe launch configuration for Web-Tier Auto Scaling group
    1490:  ✔ should PASS if no Web-Tier Auto Scaling groups found
    1491:  ✔ should PASS if no Auto Scaling groups found
    1492:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1493:  ✔ should not return anything if no Auto Scaling groups found
    1494:  webTierIamRole
    1495:  run
    1496:  ✔ should PASS if launch configuration for Web-Tier group has customer IAM role configured
    1497:  ✔ should FAIL if launch configuration for Web-Tier group does not have customer IAM role configured
    ...
    
    1500:  ✔ should PASS if no Web-Tier Auto Scaling groups found
    1501:  ✔ should PASS if no Auto Scaling launch configurations found
    1502:  ✔ should UNKNOWN if unable to describe Auto Scaling groups
    1503:  ✔ should UNKNOWN if unable to describe Auto Scaling launch configurations
    1504:  ✔ should not return anything if no response for describe Auto Scaling groups
    1505:  backupDeletionProtection
    1506:  run
    1507:  ✔ should PASS if Backup vault has deletion protection enabled
    1508:  ✔ should FAIL if Backup vault does not have deletion protection enabled
    1509:  ✔ should FAIL if no access policy found for Backup vault
    1510:  ✔ should PASS if no Backup vault list found
    1511:  ✔ should UNKNOWN if Unable to query for Backup vault list
    1512:  ✔ should UNKNOWN if Unable to get Backup vault policy
    1513:  backupInUseForRDSSnapshots
    1514:  run
    1515:  ✔ should PASS if Backup service is in use for RDS snapshots
    1516:  ✔ should FAIL if Backup service is not in use for RDS snapshots
    1517:  ✔ should PASS if no RDS snapshots found
    1518:  ✔ should UNKNOWN if Unable to query for RDS snapshots
    1519:  backupNotificationEnabled
    1520:  run
    1521:  ✔ should PASS if Backup vault is configured to send alert notifications for failed Backup job events
    1522:  ✔ should FAIL if Backup vault is not configured to send alert notifications for failed Backup job events
    1523:  ✔ should FAIL if Backup vault does not have any notifications configured
    1524:  ✔ should PASS if no Backup vault list found
    1525:  ✔ should UNKNOWN if Unable to query for Backup vault list
    1526:  ✔ should UNKNOWN if Unable to get event notifications for selected Amazon Backup vault
    1527:  backupResourceProtection
    1528:  run
    1529:  ✔ should PASS if All desired resource types are protected by Backup service
    1530:  ✔ should FAIL if These desired resource types are not protected by Backup service
    1531:  ✔ should UNKNOWN Unable to query for Backup resource type opt in preference
    1532:  backupVaultEncrypted
    1533:  run
    1534:  ✔ should PASS if Backup Vault is encrypted with desired encryption level
    1535:  ✔ should FAIL if Backup Vault is not encrypted with desired encyption level
    1536:  ✔ should PASS if no Backup vault  found
    1537:  ✔ should UNKNOWN if unable to list Backup vault
    1538:  ✔ should UNKNOWN if unable to list KMS keys
    1539:  backupVaultHasTags
    1540:  run
    1541:  ✔ should PASS if Backup vault have tags
    1542:  ✔ should FAIL if Backup vault does not have tags
    1543:  ✔ should PASS if no Backup vault list found
    1544:  ✔ should UNKNOWN if Unable to query for Backup vault list
    1545:  ✔ should give unknown result if unable to query resource group tagging api
    1546:  backupVaultPolicies
    1547:  run
    1548:  ✔ should PASS if Backup vault does not allow  global access to the action
    1549:  ✔ should FAIL if Backup vault allow global access to the action
    1550:  ✔ should PASS if no Backup vault list found
    1551:  ✔ should UNKNOWN if Unable to query for Backup vault list
    1552:  ✔ should UNKNOWN if Unable to get Backup vault policy
    1553:  compliantLifecycleConfigured
    1554:  run
    1555:  ✔ should PASS if Backup plan has lifecycle configuration enabled
    1556:  ✔ should FAIL if Backup plan does not have lifecycle configuration enabled
    1557:  ✔ should PASS if no Backup plans found
    1558:  ✔ should UNKNOWN if Unable to list Backup plans
    1559:  customModelEncryptionEnabled
    1560:  run
    1561:  ✔ should PASS if Bedrock Custom Model is Encrypted using CMK
    1562:  ✔ should FAIL if Bedrock Custom Model is encrypted with AWS owned key
    1563:  ✔ should PASS if the desired encryption level for bedrock custom model is awskms
    1564:  ✔ should PASS if no Bedrock custom model found
    1565:  ✔ should UNKNOWN if unable to list Bedrock custom model
    1566:  customModelHasTags
    1567:  run
    1568:  ✔ should PASS if Bedrock custom model has tags
    1569:  ✔ should FAIL if Bedrock custom model doesnot have tags
    1570:  ✔ should PASS if no Bedrock custom model found
    1571:  ✔ should UNKNOWN if unable to query Bedrock custom model
    1572:  ✔ should give unknown result if unable to query resource group tagging api
    1573:  customModelInVpc
    1574:  run
    1575:  ✔ should PASS if Bedrock Custom Model has Vpc configured
    1576:  ✔ should FAIL if Bedrock Custom Model have not Vpc configured
    1577:  ✔ should PASS if no Bedrock custom model found
    1578:  ✔ should UNKNOWN if unable to list Bedrock custom model
    1579:  modelInvocationLoggingEnabled
    1580:  run
    1581:  ✔ should PASS if model invocation logging is enabled for bedrock models
    1582:  ✔ should FAIL if model invocation logging is disabled for bedrock models
    1583:  ✔ should UNKNOWN if unable to query for model invocation logging
    1584:  privateCustomModel
    1585:  run
    1586:  ✔ should PASS if Bedrock Custom Model is a private model
    1587:  ✔ should FAIL if Bedrock Custom Model have not Vpc configured
    1588:  ✔ should FAIL if Bedrock Custom Model is not a private model
    1589:  ✔ should PASS if no Bedrock custom model found
    1590:  ✔ should UNKNOWN if unable to list Bedrock custom model
    1591:  cloudformationAdminPriviliges
    1592:  run
    1593:  ✔ should PASS if CloudFormation stack does not have admin privileges
    1594:  ✔ should FAIL if CloudFormation stack has admin privileges
    ...
    
    1598:  ✔ should UNKNOWN if unable to list role policies
    1599:  ✔ should not return anything if list CloudFormation stacks response not found
    1600:  CloudFormation Deletion Policy in Use
    1601:  run
    1602:  ✔ should return unknown result if unable to list the CloudFormation stacks
    1603:  ✔ should return passing result if unable to list CloudFormation stacks information
    1604:  ✔ should return unknown result if no CloudFormation stacks found in region
    1605:  ✔ should return passing result if deletion policy is used for CloudFormation stack
    1606:  ✔ should return failing result if deletion policy is not used for CloudFormation stack
    1607:  cloudformationInUse
    1608:  run
    1609:  ✔ should PASS if Amazon CloudFormation service is currently in use
    1610:  ✔ should FAIL if Amazon CloudFormation service is not currently in use
    1611:  ✔ should UNKNOWN if Unable to query CloudFormation stacks
    1612:  driftDetection
    1613:  run
    1614:  ✔ should PASS if CloudFormation stack is not in drifted state
    1615:  ✔ should FAIL if CloudFormation stack is in drifted state
    1616:  ✔ should PASS if no CloudFormation stacks found
    1617:  ✔ should UNKNOWN if unable to list stacks
    1618:  ✔ should not return any results if list stacks response not found
    1619:  plaintextParameters
    1620:  run
    1621:  ✔ should PASS if template does not contain any potentially-sensitive parameters
    1622:  ✔ should PASS if template contains any potentially-sensitive parameters but with NoEcho enabled
    1623:  ✔ should FAIL if template contains any potentially-sensitive parameters
    1624:  ✔ should PASS if no CloudFormation stacks found
    1625:  ✔ should UNKNOWN if unable to list stacks
    1626:  ✔ should UNKNOWN if unable to describe stacks
    1627:  ✔ should UNKNOWN if no CloudFormation stack details found
    1628:  ✔ should not return any results if list stacks response is not found
    1629:  stackFailedStatus
    1630:  run
    1631:  ✔ should PASS if CloudFormation stack is not in failed state
    1632:  ✔ should PASS if CloudFormation stack is in failed state for less than the failed hours limit
    1633:  ✔ should FAIL if CloudFormation stack is in failed state for more than the failed hours limit
    1634:  ✔ should PASS if no CloudFormation stacks found
    1635:  ✔ should UNKNOWN if unable to describe stacks
    1636:  ✔ should not return any results if describe stacks response is not found
    1637:  stackNotifications
    1638:  run
    1639:  ✔ should PASS if CloudFormation stack has SNS topic associated
    1640:  ✔ should FAIL if CloudFormation stack does not have SNS topic associated
    1641:  ✔ should PASS if no CloudFormation stacks found
    1642:  ✔ should UNKNOWN if No stack details found
    1643:  ✔ should UNKNOWN if unable to list stacks
    1644:  ✔ should UNKNOWN if unable to describe stacks
    1645:  ✔ should not return any results if list stacks response is not found
    1646:  stackTerminationProtection
    1647:  run
    1648:  ✔ should PASS if CloudFormation stack has SNS topic associated
    1649:  ✔ should FAIL if CloudFormation stack does not have SNS topic associated
    ...
    
    1651:  ✔ should UNKNOWN if No stack details found
    1652:  ✔ should UNKNOWN if unable to list stacks
    1653:  ✔ should UNKNOWN if unable to describe stacks
    1654:  ✔ should not return any results if list stacks response is not found
    1655:  cloudfrontCustomOriginHttpsOnly
    1656:  run
    1657:  ✔ should PASS if CloudFront distributions is using https only
    1658:  ✔ should PASS if CloudFront distributions has no origins
    1659:  ✔ should FAIL if CloudFront Distribution is not https only
    1660:  ✔ should PASS if no CloudFront distributions found
    1661:  ✔ should UNKNOWN if unable to list distributions
    1662:  cloudfrontFieldLevelEncryption
    1663:  run
    1664:  ✔ should PASS if distribution has field level encryption enabled
    1665:  ✔ should FAIL if distribution does not have field level encryption enabled
    1666:  ✔ should PASS if no CloudFront distributions found
    1667:  ✔ should UNKNOWN if unable to list distributions
    1668:  ✔ should not return any results if list distributions response not found
    1669:  cloudfrontGeoRestriction
    1670:  run
    1671:  ✔ should PASS if CloudFront distribution is whitelisting required geographic locations
    1672:  ✔ should PASS if Geo restriction feature is enabled within CloudFront distribution
    1673:  ✔ should FAIL if geo restriction is not enabled within CloudFront distribution
    1674:  ✔ should FAIL if CloudFront distribution does not have required locations whitelisted
    1675:  ✔ should PASS if no CloudFront distributions found
    1676:  ✔ should UNKNOWN if unable to query for CloudFront distributions
    1677:  ✔ should not return any results if list distributions response not found
    1678:  cloudfrontHttpsOnly
    1679:  run
    1680:  ✔ should PASS if CloudFront distribution is set to use HTTPS only
    1681:  ✔ should PASS if CloudFront distribution is configured to redirect non-HTTPS traffic to HTTPS
    1682:  ✔ should FAIL if CloudFront distribution is not configured to use HTTPS
    1683:  ✔ should PASS if no CloudFront distributions found
    1684:  ✔ should UNKNOWN if unable to list distributions
    1685:  ✔ should not return any results if list distributions response not found
    1686:  cloudfrontInUse
    1687:  run
    1688:  ✔ should PASS if AWS CloudFront service is in use
    1689:  ✔ should FAIL if CloudFront service is not in use
    1690:  ✔ should UNKNOWN if unable to list distributions
    1691:  ✔ should not return any results if list distributions response not found
    1692:  cloudfrontLoggingEnabled
    1693:  run
    1694:  ✔ should PASS if Request logging is enabled
    1695:  ✔ should FAIL if Request logging is not enabled
    1696:  ✔ should PASS if no CloudFront distributions found
    1697:  ✔ should UNKNOWN if unable to list distributions
    1698:  ✔ should UNKNOWN if unable to get distributions
    1699:  ✔ should not return any results if list distributions response not found
    1700:  cloudfrontOriginTLSVersion
    1701:  run
    1702:  ✔ should PASS if CloudFront distributions custom origin TLS version is not deprecated
    1703:  ✔ should PASS if CloudFront distributions has no origins
    1704:  ✔ should FAIL if CloudFront Distribution custom origin TLS version is deprecated
    1705:  ✔ should PASS if no CloudFront distributions found
    1706:  ✔ should UNKNOWN if unable to list distributions
    1707:  cloudfrontTLSVersion
    1708:  run
    1709:  ✔ should PASS if CloudFront distributions TLS version is not deprecated
    1710:  ✔ should FAIL if CloudFront DistributionTLS version is deprecated
    1711:  ✔ should PASS if no CloudFront distributions found
    1712:  ✔ should UNKNOWN if unable to list distributions
    1713:  cloudfrontTLSWeakCipher
    1714:  run
    1715:  ✔ should PASS if CloudFront distributions TLS version is not weak cipher suite
    1716:  ✔ should FAIL if CloudFront Distribution TLS version is weak cipher suite
    1717:  ✔ should PASS if no CloudFront distributions found
    1718:  ✔ should UNKNOWN if unable to list distributions
    1719:  cloudfrontWafEnabled
    1720:  run
    1721:  ✔ should PASS if CloudFront distributions has WAF enabled
    1722:  ✔ should FAIL if CloudFront Distribution does not have WAF enabled
    1723:  ✔ should PASS if no CloudFront distributions found
    1724:  ✔ should UNKNOWN if unable to list distributions
    1725:  ✔ should not return any results if list distributions response not found
    1726:  compressObjectsAutomatically
    1727:  run
    1728:  ✔ should PASS if CloudFront web distribution is currently configured to compress files (objects) automatically
    1729:  ✔ should FAIL if CloudFront web distribution is currently configured to compress files (objects) automatically.
    1730:  ✔ should PASS if no CloudFront distributions found
    1731:  ✔ should UNKNOWN if unable to list distributions
    1732:  ✔ should not return any results if list distributions response not found
    1733:  enableOriginFailOver
    1734:  run
    1735:  ✔ should PASS if CloudFront distribution have origin failover enabled.
    1736:  ✔ should FAIL if CloudFront distribution does not have origin failover enabled.
    1737:  ✔ should PASS if no CloudFront distributions found
    1738:  ✔ should UNKNOWN if query for CloudFront distributions
    1739:  ✔ should not return any results if list distributions response not found
    1740:  insecureProtocols
    1741:  run
    1742:  ✔ should PASS if Distribution is not configured for SSL delivery
    1743:  ✔ should PASS if Distribution is using secure default certificate
    1744:  ✔ should FAIL if Distribution is using the insecure default CloudFront TLS certificate
    1745:  ✔ should FAIL if Distribution is using insecure SSLv3
    1746:  ✔ should FAIL if Distribution is using insecure TLSv1.0
    1747:  ✔ should FAIL if Distribution is using insecure TLSv1_2016
    1748:  ✔ should PASS if Distribution is using secure TLSv1.1_2016
    1749:  ✔ should PASS if Distribution is using secure TLSv1.2_2018
    1750:  ✔ should PASS if no CloudFront distributions found
    1751:  ✔ should UNKNOWN if unable to list distributions
    1752:  ✔ should not return any results if list distributions response not found
    1753:  publicS3Origin
    1754:  run
    1755:  ✔ should PASS if CloudFront distribution origin is not setup without an origin access identity
    1756:  ✔ should FAIL if CloudFront CloudFront distribution is using an S3 origin without an origin access identity
    1757:  ✔ should PASS if no CloudFront distributions found
    1758:  ✔ should UNKNOWN if unable to list distributions
    1759:  ✔ should not return any results if list distributions response not found
    1760:  secureOrigin
    1761:  run
    1762:  ✔ should PASS if CloudFront origin is using https-only
    1763:  ✔ should WARN if CloudFront origin is using match-viewer
    1764:  ✔ should FAIL if CloudFront origin is using http-only
    1765:  ✔ should FAIL if CloudFront origin is using SSLv3 and TLSv1 protocols
    1766:  ✔ should FAIL if CloudFront origin is using SSLv3 protocols
    1767:  ✔ should WARN if CloudFront origin is using TLSv1 protocol
    1768:  ✔ should PASS if no CloudFront distributions found
    1769:  ✔ should UNKNOWN if unable to list distributions
    1770:  ✔ should not return any results if list distributions response not found
    1771:  cloudtrailBucketAccessLogging
    1772:  run
    1773:  ✔ should PASS if bucket has S3 access logs enabled
    1774:  ✔ should WARN if bucket has S3 access logs disabled
    1775:  ✔ should FAIL if Unable to locate S3 bucket, it may have been deleted
    1776:  ✔ should PASS if no S3 bucket to check
    1777:  ✔ should UNKNOWN if unable to query for trails
    1778:  ✔ should UNKNOWN if unable to query for bucket policy
    1779:  ✔ should PASS if bucket gets whitelisted
    1780:  cloudtrailBucketDelete
    1781:  run
    1782:  ✔ should PASS if bucket has MFA delete enabled
    1783:  ✔ should WARN if bucket has MFA delete enabled
    1784:  ✔ should FAIL if Unable to locate S3 bucket, it may have been deleted
    1785:  ✔ should PASS if no S3 bucket to check
    1786:  ✔ should UNKNOWN if unable to query for trails
    1787:  ✔ should UNKNOWN if unable to query for bucket policy
    1788:  ✔ should PASS if bucket gets whitelisted
    1789:  cloudtrailBucketPrivate
    1790:  run
    1791:  ✔ should PASS if bucket does not allow global access
    1792:  ✔ should FAIL if bucket allows global access
    1793:  ✔ should FAIL if Unable to locate S3 bucket, it may have been deleted
    1794:  ✔ should PASS if no S3 bucket to check
    1795:  ✔ should UNKNOWN if unable to query for trails
    1796:  ✔ should UNKNOWN if unable to query for bucket policy
    1797:  ✔ should PASS if bucket gets whitelisted
    1798:  cloudtrailDataEvents
    1799:  run
    1800:  ✔ should PASS if CloudTrail trail has data events configured
    1801:  ✔ should FAIL if CloudTrail trail does not have data events configured
    1802:  ✔ should PASS if no CloudTrail trails found
    1803:  ✔ should UNKNOWN if unable to query trails
    1804:  ✔ should not return any results describe trail response not found
    1805:  cloudtrailDeliveryFailing
    1806:  run
    1807:  ✔ should PASS if logs for CloudTrail trail are being delivered
    1808:  ✔ should PASS if CloudTrail trail is set to pass without checking logs delivery status
    1809:  ✔ should FAIL if logs for CloudTrail trail are not being delivered
    1810:  ✔ should FAIL if CloudTrail is not enabled
    1811:  ✔ should UNKNOWN if unable to describe CloudTrail trails
    1812:  ✔ should UNKNOWN if unable to get CloudTrail trail status
    1813:  ✔ should not return anything if describe CloudTrail trails response not found
    1814:  cloudtrailEnabled
    1815:  run
    1816:  ✔ should PASS if CloudTrail is enabled and monitoring regional and global services
    1817:  ✔ should PASS if CloudTrail is configured and enabled to monitor global services
    1818:  ✔ should PASS if CloudTrail is enabled and monitoring regional services
    1819:  ✔ should FAIL if CloudTrail is configured for regional monitoring but is not logging API calls
    1820:  ✔ should FAIL if CloudTrail is configured for regional monitoring but is not logging API calls
    1821:  ✔ should FAIL if CloudTrail is not enabled
    1822:  ✔ should FAIL if CloudTrail is not configured to monitor global services
    1823:  ✔ should UNKNOWN if unable to query for trails
    1824:  cloudtrailEncryption
    1825:  run
    1826:  ✔ should PASS if CloudTrail encryption is enabled
    1827:  ✔ should FAIL if CloudTrail encryption is not enabled
    1828:  ✔ should FAIL if no CloudTrail is not enabled
    1829:  ✔ should UNKNOWN if unable to query for trails
    1830:  ✔ should not return any results if describe CloudTrail response not found
    1831:  cloudtrailFileValidation
    1832:  run
    1833:  ✔ should PASS if CloudTrail log file validation is enabled
    1834:  ✔ should FAIL if CloudTrail log file validation is not enabled
    1835:  ✔ should FAIL if no CloudTrail is not enabled
    1836:  ✔ should UNKNOWN if unable to query for trails
    1837:  ✔ should not return any results if describe CloudTrail response not found
    1838:  cloudtrailHasTags
    1839:  run
    1840:  ✔ should UNKNOWN if unable to query for trails
    1841:  ✔ should Passing result if cloud t...

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Labels
    None yet
    Projects
    None yet
    Development

    Successfully merging this pull request may close these issues.

    2 participants