Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

feat(ec2): add new fixer ec2_ebs_public_snapshot_fixer #5825

Merged
merged 10 commits into from
Nov 21, 2024
Merged

feat(ec2): add new fixer ec2_ebs_public_snapshot_fixer #5825

merged 10 commits into from
Nov 21, 2024

Conversation

danibarranqueroo
Copy link
Member

@danibarranqueroo danibarranqueroo commented Nov 19, 2024
edited
Loading

Context

Develop a fixer that reconfigures EBS snapshots to restrict public accessibility, ensuring they are only accessible within authorized AWS accounts or specific VPCs. This will protect sensitive data from being exposed to the public, securing critical information stored within the EBS snapshots.

For the unit tests, I've tried to use moto but it didn't work as expected, I've also tried to mock volumes as it's done in the unit tests of the check ec2_ebs_public_snapshot, but this created lots of snapshot so it was not easy to handle, so finally I decided to use Botocore.

Also, an additional consideration is that I didn't realized that I commited the changes from this PR on this branch, so those changes are here to, that's why I need the reviewer to go to the other PR first.

Description

Added new fixer ec2_ebs_public_snapshot_fixer with its unit tests.

Checklist

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@danibarranqueroo danibarranqueroo requested review from a team as code owners November 19, 2024 11:09
@github-actions github-actions bot added the provider/aws Issues/PRs related with the AWS provider label Nov 19, 2024
@codecov Codecov
Copy link

codecov bot commented Nov 19, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.89%. Comparing base (09ea6ba) to head (06bf2e1).
Report is 4 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #5825      +/-   ##
==========================================
+ Coverage   89.87%   89.89%   +0.01%     
==========================================
  Files        1137     1138       +1     
  Lines       35462    35472      +10     
==========================================
+ Hits        31871    31887      +16     
+ Misses       3591     3585       -6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚨 Try these New Features:

@MrCloudSec MrCloudSec merged commit 00054b5 into master Nov 21, 2024
11 checks passed
@MrCloudSec MrCloudSec deleted the PRWLR-5299-set-ebs-snapshots-as-not-public branch November 21, 2024 16:40
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@MrCloudSec MrCloudSec MrCloudSec approved these changes

Assignees
No one assigned
Labels
provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@danibarranqueroo @MrCloudSec