Skip to content

test(query): tests and typo fix for ELBv2_LB_Access_Log_Disabled--terraform/aws#7673

Closed
cx-andre-pereira wants to merge 81 commits into
masterfrom
test(query)_ELBv2_LB_Acess_Log_Disabled
Closed

test(query): tests and typo fix for ELBv2_LB_Access_Log_Disabled--terraform/aws#7673
cx-andre-pereira wants to merge 81 commits into
masterfrom
test(query)_ELBv2_LB_Acess_Log_Disabled

Conversation

@cx-andre-pereira

@cx-andre-pereira cx-andre-pereira commented Aug 25, 2025

Copy link
Copy Markdown
Contributor

Reason for Proposed Changes

  • The implementation of the ELBv2_LB_Access_Log_Disabled - #7594 query was merged with a single test for the legacy naming "aws_alb" for the "aws_lb" resource.
  • Additionally there was a typo on lines 38 57 and 58 were "enable" should be "enabled" referencing the field of the same name.

Proposed Changes

I submit this contribution under the Apache-2.0 license.

cx-andre-pereira and others added 30 commits August 13, 2025 16:16
@cx-andre-pereira
fix(query): fn for remote desktop port open to internet--terraform/aws
2359dd0
@cx-andre-pereira
fix expected results
ae196dc
@cx-andre-pereira
typo cleanup
7fc034b
@cx-andre-pereira
Merge branch 'master' of https://github.com/Checkmarx/kics into AST-1…
f7dda09 
…09541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
initial changes
ecb0826
@cx-andre-pereira
support for generic security group
6d262f4
@cx-andre-pereira
fix negative tests
06158e9
@cx-andre-pereira
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
3b75a22 
…_Internet--terraform/aws
@cx-andre-pereira
some changes
71f7571
@cx-andre-pereira
Merge branch 'master' of https://github.com/Checkmarx/kics into AST-1…
c34f4a7 
…09541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
'all' protocol support
260e0c3
@cx-andre-pereira
Merge branch 'AST-109541--FN-Remote_Desktop_Port_Open_To_Internet--te…
78d8048 
…rraform/aws' of https://github.com/Checkmarx/kics into AST-109541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
a42b55a 
…_Internet--terraform/aws
@cx-artur-ribeiro
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
f402647 
…_Internet--terraform/aws
@cx-artur-ribeiro
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
1e4ca51 
…_Internet--terraform/aws
@cx-andre-pereira
Merge branch 'master' of https://github.com/Checkmarx/kics into AST-1…
be15c4f 
…09542--FN-Sensitive_Port_Is_Exposed_To_Entire_Network--terraform/aws
@cx-andre-pereira
Merge branch 'master' of https://github.com/Checkmarx/kics into AST-1…
dd52de9 
…09541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
Merge branch 'AST-109542--FN-Sensitive_Port_Is_Exposed_To_Entire_Netw…
879aeb1 
…ork--terraform/aws' into AST-109541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
Merge branch 'AST-109541--FN-Remote_Desktop_Port_Open_To_Internet--te…
8a9a479 
…rraform/aws' of https://github.com/Checkmarx/kics into AST-109541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-artur-ribeiro
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
2248c56 
…_Internet--terraform/aws
@cx-andre-pereira
senstive port exposed positive tests and expected resuts
9be511f
@cx-andre-pereira
sensitive port negative tests
58867a2
@cx-andre-pereira
Merge branch 'AST-109541--FN-Remote_Desktop_Port_Open_To_Internet--te…
6c429d5 
…rraform/aws' of https://github.com/Checkmarx/kics into AST-109541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
typo fix
63fc782
@cx-andre-pereira
vpc ingress rules for unrestricted sec group index
ce7124e
@cx-andre-pereira
implemented vpc security ingress rule and generic rule on security gr…
ebaa7b7 
…oup with unrestrticted access to ssh
@cx-andre-pereira
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
3f51fee 
…_Internet--terraform/aws
@cx-andre-pereira
added security group rules and ingres rules to senistive port is expo…
e25d983 
…sed to small public network
@cx-andre-pereira
fixed accidentale negative test change
ee41905
@cx-andre-pereira
small test fix
c8a9383
@cx-andre-pereira
added 'security group' module support for sec group without descripti…
7aef934 
…on and security group rules without description wich will flag for the module not having description or its egress or ingress with cidr blocks rules not having descriptions, added searchLine to securty group without description
@cx-andre-pereira
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
d2dbfff 
…_Internet--terraform/aws
@cx-andre-pereira
module support for sql analysis services port 2383 is publicly access…
513c0d1 
…ible and type fix for 2 queries 'TCP' should be lowercase
@cx-andre-pereira
module support for unknown port exposed to internet
e276ab4
@cx-andre-pereira
improved module support for unrestricted security group ingress, now …
2cebe85 
…supports both ingress cidr blocks and ipv6 plus ingress with cidr blocks ipv4 and ipv6
@cx-andre-pereira
Merge branch 'master' of https://github.com/Checkmarx/kics into AST-1…
44d4ff9 
…09541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
standardized unrestricted security group ingress tests, fixed module …
102238f 
…support and made it one CxPolicy
@cx-andre-pereira
new test on positive3 and newline cleanup
e20cbeb
@cx-andre-pereira
tests changes
ba12538
@cx-andre-pereira
Merge branch 'master' of https://github.com/Checkmarx/kics into AST-1…
b07d3c4 
…09541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
ipv6 support for modules for http port open and new tests
5bb7027
@cx-andre-pereira
standardized testing for 'port x' open queries and added ipv6 module …
b790686 
…support with new tests
@cx-andre-pereira
fix tests
64990a9
@cx-andre-pereira
added support for ipv6 cidr blocks in modules to security group rules…
11e095f 
… without descripition and tests
@cx-andre-pereira
ipv6 support for modules for unknown port exposed to internet and tests
69be694
@cx-andre-pereira
Merge branch 'master' of https://github.com/Checkmarx/kics into AST-1…
25ce160 
…09541--FN-Remote_Desktop_Port_Open_To_Internet--terraform/aws
@cx-andre-pereira
added module ipv6 support for sensitive_port_is_exposed_to_x queries
9c64c60
@cx-andre-pereira
standardizing tests/ queries 1
2731180
@cx-andre-pereira
support for wide private ipv6 networks and small public ipv6 networks…
07f3ee6 
…, fix query sensitive port is exposed to wide private network
@cx-andre-pereira
Merge branch 'master' into AST-109541--FN-Remote_Desktop_Port_Open_To…
a69c280 
…_Internet--terraform/aws
@cx-andre-pereira
x port publicly accessible/open to internet type queries tests standa…
4062117 
…rdized
@cx-andre-pereira
final adjustments for 'without description' queries
7a44cdd
@cx-andre-pereira
expected results fix and security_group_rules_without_description / u…
79e32ea 
…nrestricted_security_group_ingress final changes
@cx-andre-pereira
new tests and typo fix
b6dc026
@github-actions github-actions Bot added query New query feature terraform Terraform query aws PR related with AWS Cloud labels Aug 25, 2025
@github-actions

github-actions Bot commented Aug 25, 2025

Copy link
Copy Markdown
Contributor

kics-logo

KICS version: v2.1.11

Category Results
CRITICAL CRITICAL 0
HIGH HIGH 0
MEDIUM MEDIUM 0
LOW LOW 0
INFO INFO 0
TRACE TRACE 0
TOTAL TOTAL 0
Metric Values
Files scanned placeholder 1
Files parsed placeholder 1
Files failed to scan placeholder 0
Total executed queries placeholder 47
Queries failed to execute placeholder 0
Execution time placeholder 0

@cx-andre-pereira cx-andre-pereira deleted the test(query)_ELBv2_LB_Acess_Log_Disabled branch August 25, 2025 16:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

aws PR related with AWS Cloud query New query feature terraform Terraform query

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cx-andre-pereira @cx-artur-ribeiro