diff --git a/checkov/terraform/checks/resource/azure/StorageAccountEnablesSecureTransfer.py b/checkov/terraform/checks/resource/azure/StorageAccountEnablesSecureTransfer.py deleted file mode 100644 index f662c815b15..00000000000 --- a/checkov/terraform/checks/resource/azure/StorageAccountEnablesSecureTransfer.py +++ /dev/null @@ -1,18 +0,0 @@ -from checkov.common.models.enums import CheckCategories, CheckResult -from checkov.terraform.checks.resource.base_resource_value_check import BaseResourceValueCheck - - -class StorageAccountEnablesSecureTransfer(BaseResourceValueCheck): - def __init__(self): - name = "Ensure that storage account enables secure transfer" - id = "CKV_AZURE_60" - supported_resources = ['azurerm_storage_account'] - categories = [CheckCategories.NETWORKING] - super().__init__(name=name, id=id, categories=categories, supported_resources=supported_resources, - missing_block_result=CheckResult.PASSED) - - def get_inspected_key(self): - return "enable_https_traffic_only" - - -check = StorageAccountEnablesSecureTransfer() diff --git a/tests/terraform/checks/resource/azure/test_StorageAccountEnablesSecureTransfer.py b/tests/terraform/checks/resource/azure/test_StorageAccountEnablesSecureTransfer.py deleted file mode 100644 index cfb2bb6a9cb..00000000000 --- a/tests/terraform/checks/resource/azure/test_StorageAccountEnablesSecureTransfer.py +++ /dev/null @@ -1,67 +0,0 @@ -import unittest - -import hcl2 - -from checkov.terraform.checks.resource.azure.StorageAccountEnablesSecureTransfer import check -from checkov.common.models.enums import CheckResult - - -class TestStorageAccountEnablesSecureTransfer(unittest.TestCase): - - def test_failure(self): - hcl_res = hcl2.loads(""" - resource "azurerm_storage_account" "example" { - name = "storageaccountname" - resource_group_name = azurerm_resource_group.example.name - location = azurerm_resource_group.example.location - account_tier = "Standard" - account_replication_type = "GRS" - enable_https_traffic_only = false - - tags = { - environment = "staging" - } - } - """) - resource_conf = hcl_res['resource'][0]['azurerm_storage_account']['example'] - scan_result = check.scan_resource_conf(conf=resource_conf) - self.assertEqual(CheckResult.FAILED, scan_result) - - def test_success_1(self): - hcl_res = hcl2.loads(""" - resource "azurerm_storage_account" "example" { - name = "storageaccountname" - resource_group_name = azurerm_resource_group.example.name - location = azurerm_resource_group.example.location - account_tier = "Standard" - account_replication_type = "GRS" - enable_https_traffic_only = true - - tags = { - environment = "staging" - } - } - """) - resource_conf = hcl_res['resource'][0]['azurerm_storage_account']['example'] - scan_result = check.scan_resource_conf(conf=resource_conf) - self.assertEqual(CheckResult.PASSED, scan_result) - - def test_success_2(self): - hcl_res = hcl2.loads(""" - resource "azurerm_storage_account" "example" { - name = "storageaccountname" - resource_group_name = azurerm_resource_group.example.name - location = azurerm_resource_group.example.location - account_tier = "Standard" - account_replication_type = "GRS" - tags = { - environment = "staging" - } - } - """) - resource_conf = hcl_res['resource'][0]['azurerm_storage_account']['example'] - scan_result = check.scan_resource_conf(conf=resource_conf) - self.assertEqual(CheckResult.PASSED, scan_result) - -if __name__ == '__main__': - unittest.main() diff --git a/tests/terraform/runner/test_runner.py b/tests/terraform/runner/test_runner.py index fb5447374f7..15130f302b1 100644 --- a/tests/terraform/runner/test_runner.py +++ b/tests/terraform/runner/test_runner.py @@ -313,6 +313,8 @@ def test_no_missing_ids(self): continue # this rule has been merged into a v2 graph implementation -> CKV_AZURE_24 if f'CKV_AZURE_{i}' == 'CKV_AZURE_51': continue # https://github.com/bridgecrewio/checkov/pull/983 + if f"CKV_AZURE_{i}" == "CKV_AZURE_60": + continue # duplicate of CKV_AZURE_3 if f"CKV_AZURE_{i}" == "CKV_AZURE_90": continue # duplicate of CKV_AZURE_53