github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/rds/enable_iam_auth_test.rego

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/rds/enable_iam_auth_test.rego (about)

     1  package builtin.aws.rds.aws0176
     2  
     3  test_detects_when_disabled {
     4  	r := deny with input as {"aws": {"rds": {"instances": [{
     5  		"engine": {"value": "postgres"},
     6  		"iamauthenabled": {"value": false},
     7  	}]}}}
     8  	count(r) == 1
     9  }
    10  
    11  test_when_enabled {
    12  	r := deny with input as {"aws": {"rds": {"instances": [{
    13  		"engine": {"value": "postgres"},
    14  		"iamauthenabled": {"value": true},
    15  	}]}}}
    16  	count(r) == 0
    17  }
    18  
    19  test_when_not_applicable {
    20  	r := deny with input as {"aws": {"rds": {"instances": [{
    21  		"engine": {"value": "aurora"},
    22  		"iamauthenabled": {"value": false},
    23  	}]}}}
    24  	count(r) == 0
    25  }