github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/iam/passwords_test.go (about) 1 package iam 2 3 import ( 4 "testing" 5 6 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 7 8 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/iam" 9 10 "github.com/khulnasoft-lab/defsec/internal/adapters/terraform/tftestutil" 11 "github.com/khulnasoft-lab/defsec/test/testutil" 12 ) 13 14 func Test_adaptPasswordPolicy(t *testing.T) { 15 tests := []struct { 16 name string 17 terraform string 18 expected iam.PasswordPolicy 19 }{ 20 { 21 name: "basic", 22 terraform: ` 23 resource "aws_iam_account_password_policy" "strict" { 24 minimum_password_length = 8 25 require_lowercase_characters = true 26 require_numbers = true 27 require_uppercase_characters = true 28 require_symbols = true 29 allow_users_to_change_password = true 30 max_password_age = 90 31 password_reuse_prevention = 3 32 } 33 `, 34 expected: iam.PasswordPolicy{ 35 Metadata: defsecTypes.NewTestMetadata(), 36 ReusePreventionCount: defsecTypes.Int(3, defsecTypes.NewTestMetadata()), 37 RequireLowercase: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()), 38 RequireUppercase: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()), 39 RequireNumbers: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()), 40 RequireSymbols: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()), 41 MaxAgeDays: defsecTypes.Int(90, defsecTypes.NewTestMetadata()), 42 MinimumLength: defsecTypes.Int(8, defsecTypes.NewTestMetadata()), 43 }, 44 }, 45 } 46 47 for _, test := range tests { 48 t.Run(test.name, func(t *testing.T) { 49 modules := tftestutil.CreateModulesFromSource(t, test.terraform, ".tf") 50 adapted := adaptPasswordPolicy(modules) 51 testutil.AssertDefsecEqual(t, test.expected, adapted) 52 }) 53 } 54 }