diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/__init__.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access.metadata.json b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access.metadata.json similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access.metadata.json index 87493e9bd0..f8250bdd6b 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_admin_portals_role_limited_access", + "CheckID": "entra_capolicy_admin_portals_role_limited_access", "CheckTitle": "Ensure that only administrative roles have access to Microsoft Admin Portals", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access.py similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access.py index 0b0b08aaac..5b833f893f 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access.py +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access.py @@ -7,7 +7,7 @@ ) -class entra_admin_portals_role_limited_access(Check): +class entra_capolicy_admin_portals_role_limited_access(Check): """Check if Conditional Access policies deny access to the Microsoft 365 admin center for users with limited access roles. This check ensures that Conditional Access policies are in place to deny access to the Microsoft 365 admin center for users with limited access roles. diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/__init__.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled.metadata.json b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled.metadata.json similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled.metadata.json index c7dd5caa40..91fd5a307a 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_admin_users_sign_in_frequency_enabled", + "CheckID": "entra_capolicy_admin_users_sign_in_frequency_enabled", "CheckTitle": "Ensure Sign-in frequency periodic reauthentication is enabled and properly configured.", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled.py similarity index 98% rename from prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled.py index 38558fc0f3..dfe83a5e68 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled.py +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled.py @@ -8,7 +8,7 @@ ) -class entra_admin_users_sign_in_frequency_enabled(Check): +class entra_capolicy_admin_users_sign_in_frequency_enabled(Check): """Check if Conditional Access policies enforce sign-in frequency for admin users.""" def execute(self) -> list[CheckReportMicrosoft365]: diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/__init__.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles.metadata.json b/prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled.metadata.json similarity index 96% rename from prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled.metadata.json index 942e1a3c97..2f5f3f3ab0 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_admin_mfa_enabled_for_administrative_roles", + "CheckID": "entra_capolicy_administrative_roles_have_mfa_enabled", "CheckTitle": "Ensure multifactor authentication is enabled for all users in administrative roles.", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled.py similarity index 98% rename from prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled.py index d69276f135..2d57445a26 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles.py +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled.py @@ -9,7 +9,7 @@ ) -class entra_admin_mfa_enabled_for_administrative_roles(Check): +class entra_capolicy_administrative_roles_have_mfa_enabled(Check): """ Ensure multifactor authentication is enabled for all users in administrative roles. diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/__init__.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/entra_policy_ensure_default_user_cannot_create_tenants.metadata.json b/prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants.metadata.json similarity index 95% rename from prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/entra_policy_ensure_default_user_cannot_create_tenants.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants.metadata.json index 12a0da5cf9..915e32be08 100644 --- a/prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/entra_policy_ensure_default_user_cannot_create_tenants.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_policy_ensure_default_user_cannot_create_tenants", + "CheckID": "entra_capolicy_ensure_default_user_cannot_create_tenants", "CheckTitle": "Ensure that 'Restrict non-admin users from creating tenants' is set to 'Yes'", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/entra_policy_ensure_default_user_cannot_create_tenants.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants.py similarity index 96% rename from prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/entra_policy_ensure_default_user_cannot_create_tenants.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants.py index de2c2112eb..7151e49ec3 100644 --- a/prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/entra_policy_ensure_default_user_cannot_create_tenants.py +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants.py @@ -4,7 +4,7 @@ from prowler.providers.microsoft365.services.entra.entra_client import entra_client -class entra_policy_ensure_default_user_cannot_create_tenants(Check): +class entra_capolicy_ensure_default_user_cannot_create_tenants(Check): """Check if default users are restricted from creating tenants. This check verifies whether the authorization policy prevents non-admin users diff --git a/prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/__init__.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled.metadata.json b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled.metadata.json similarity index 96% rename from prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled.metadata.json index 039071202c..20ee96b083 100644 --- a/prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_identity_protection_sign_in_risk_enabled", + "CheckID": "entra_capolicy_identity_protection_sign_in_risk_enabled", "CheckTitle": "Ensure that Identity Protection sign-in risk policies are enabled", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled.py similarity index 98% rename from prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled.py index 29b33cdc3e..bd28bfaaf0 100644 --- a/prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled.py +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled.py @@ -8,7 +8,7 @@ ) -class entra_identity_protection_sign_in_risk_enabled(Check): +class entra_capolicy_identity_protection_sign_in_risk_enabled(Check): """Check if at least one Conditional Access policy is a Identity Protection sign-in risk policy. This check ensures that at least one Conditional Access policy is a Identity Protection sign-in risk policy. diff --git a/prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/__init__.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled.metadata.json b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled.metadata.json similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled.metadata.json index 04f94276b9..243d65ab61 100644 --- a/prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_identity_protection_user_risk_enabled", + "CheckID": "entra_capolicy_identity_protection_user_risk_enabled", "CheckTitle": "Ensure that Identity Protection user risk policies are enabled", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled.py similarity index 98% rename from prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled.py index f6cb547474..9ce342ca55 100644 --- a/prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled.py +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled.py @@ -8,7 +8,7 @@ ) -class entra_identity_protection_user_risk_enabled(Check): +class entra_capolicy_identity_protection_user_risk_enabled(Check): """Check if at least one Conditional Access policy is a Identity Protection user risk policy. This check ensures that at least one Conditional Access policy is a Identity Protection user risk policy. diff --git a/prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/__init__.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication.metadata.json b/prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication.metadata.json similarity index 96% rename from prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication.metadata.json index abaf961476..928e2edfcc 100644 --- a/prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_managed_device_required_for_authentication", + "CheckID": "entra_capolicy_managed_device_required_for_authentication", "CheckTitle": "Ensure that only managed devices are required for authentication", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication.py b/prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication.py similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication.py rename to prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication.py index 08ba22de9a..1c0f4603a6 100644 --- a/prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication.py +++ b/prowler/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication.py @@ -7,7 +7,7 @@ ) -class entra_managed_device_required_for_authentication(Check): +class entra_capolicy_managed_device_required_for_authentication(Check): """Check if Conditional Access policies deny access to the Microsoft 365 This check ensures that Conditional Access policies are in place to enforce managed device requirement for authentication. diff --git a/prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/__init__.py b/prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created.metadata.json b/prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created.metadata.json similarity index 96% rename from prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created.metadata.json index 55c2916196..394447096d 100644 --- a/prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_dynamic_group_for_guests_created", + "CheckID": "entra_dynamicgroup_for_guests_created", "CheckTitle": "Ensure a dynamic group for guest users is created.", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created.py b/prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created.py similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created.py rename to prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created.py index 9bd70f624c..9945d8ab5f 100644 --- a/prowler/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created.py +++ b/prowler/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created.py @@ -4,7 +4,7 @@ from prowler.providers.microsoft365.services.entra.entra_client import entra_client -class entra_dynamic_group_for_guests_created(Check): +class entra_dynamicgroup_for_guests_created(Check): """ Check if a dynamic group for guest users is created in Microsoft Entra. diff --git a/prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/__init__.py b/prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled.metadata.json b/prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled.metadata.json similarity index 92% rename from prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled.metadata.json index a70b98501a..b74cca47e9 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled.metadata.json @@ -1,13 +1,13 @@ { "Provider": "microsoft365", - "CheckID": "entra_admin_consent_workflow_enabled", + "CheckID": "entra_enterpriseapp_admin_consent_workflow_enabled", "CheckTitle": "Ensure the admin consent workflow is enabled.", "CheckType": [], "ServiceName": "entra", "SubServiceName": "", "ResourceIdTemplate": "", "Severity": "high", - "ResourceType": "Organization Settings", + "ResourceType": "Enterprise Applications Settings", "Description": "Ensure that the admin consent workflow is enabled in Microsoft Entra to allow users to request admin approval for applications requiring consent.", "Risk": "If the admin consent workflow is not enabled, users may be blocked from accessing applications that require admin consent, leading to potential work disruptions or unauthorized workarounds.", "RelatedUrl": "https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-admin-consent-workflow", diff --git a/prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled.py b/prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled.py similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled.py rename to prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled.py index 24bcbe9c47..3bf345cdda 100644 --- a/prowler/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled.py +++ b/prowler/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled.py @@ -4,7 +4,7 @@ from prowler.providers.microsoft365.services.entra.entra_client import entra_client -class entra_admin_consent_workflow_enabled(Check): +class entra_enterpriseapp_admin_consent_workflow_enabled(Check): """ Ensure the admin consent workflow is enabled in Microsoft Entra. diff --git a/prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/__init__.py b/prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled.metadata.json b/prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled.metadata.json similarity index 96% rename from prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled.metadata.json index 9966b06066..0a1a3989db 100644 --- a/prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled.metadata.json @@ -1,6 +1,6 @@ { "Provider": "microsoft365", - "CheckID": "entra_password_hash_sync_enabled", + "CheckID": "entra_organization_password_hash_sync_enabled", "CheckTitle": "Ensure that password hash sync is enabled for hybrid deployments.", "CheckType": [], "ServiceName": "entra", diff --git a/prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled.py b/prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled.py similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled.py rename to prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled.py index 57d4868fc3..a5bd69f40d 100644 --- a/prowler/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled.py +++ b/prowler/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled.py @@ -4,7 +4,7 @@ from prowler.providers.microsoft365.services.entra.entra_client import entra_client -class entra_password_hash_sync_enabled(Check): +class entra_organization_password_hash_sync_enabled(Check): """ Check if password hash synchronization is enabled for hybrid Microsoft Entra deployments. diff --git a/prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/__init__.py b/prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/__init__.py similarity index 100% rename from prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/__init__.py rename to prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/__init__.py diff --git a/prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed.metadata.json b/prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed.metadata.json similarity index 85% rename from prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed.metadata.json rename to prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed.metadata.json index 59676ee664..9fb7a29fdd 100644 --- a/prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed.metadata.json +++ b/prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed.metadata.json @@ -1,13 +1,13 @@ { "Provider": "microsoft365", - "CheckID": "entra_thirdparty_integrated_apps_not_allowed", + "CheckID": "entra_user_thirdparty_integrated_apps_not_allowed", "CheckTitle": "Ensure third party integrated applications are not allowed", "CheckType": [], "ServiceName": "entra", "SubServiceName": "", "ResourceIdTemplate": "", "Severity": "high", - "ResourceType": "User settings", + "ResourceType": "Users settings", "Description": "Require administrators or appropriately delegated users to register third-party applications.", "Risk": "It is recommended to only allow an administrator to register custom-developed applications. This ensures that the application undergoes a formal security review and approval process prior to exposing Azure Active Directory data. Certain users like developers or other high-request users may also be delegated permissions to prevent them from waiting on an administrative user. Your organization should review your policies and decide your needs.", "RelatedUrl": "https://learn.microsoft.com/en-us/entra/identity-platform/how-applications-are-added#who-has-permission-to-add-applications-to-my-microsoft-entra-instance", @@ -15,7 +15,7 @@ "Code": { "CLI": "", "NativeIaC": "", - "Other": "1. From Entra select the Portal Menu 2. Select Azure Active Directory 3. Select Users 4. Select User settings 5. Ensure that Users can register applications is set to No", + "Other": "1. Navigate to Microsoft Entra admin center https://entra.microsoft.com/. 2. Click to expand Identity > Users select Users settings. 3. Set Users can register applications to No. 4. Click Save.", "Terraform": "" }, "Recommendation": { diff --git a/prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed.py b/prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed.py similarity index 97% rename from prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed.py rename to prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed.py index 36ce95286c..afdc76e7d2 100644 --- a/prowler/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed.py +++ b/prowler/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed.py @@ -4,7 +4,7 @@ from prowler.providers.microsoft365.services.entra.entra_client import entra_client -class entra_thirdparty_integrated_apps_not_allowed(Check): +class entra_user_thirdparty_integrated_apps_not_allowed(Check): """Check if third-party integrated apps are not allowed for non-admin users in Entra. This check verifies that non-admin users are not allowed to create third-party apps. diff --git a/tests/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access_test.py b/tests/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access_test.py similarity index 88% rename from tests/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access_test.py rename to tests/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access_test.py index 506d4908ae..8d8fa42be2 100644 --- a/tests/providers/microsoft365/services/entra/entra_admin_portals_role_limited_access/entra_admin_portals_role_limited_access_test.py +++ b/tests/providers/microsoft365/services/entra/entra_capolicy_admin_portals_role_limited_access/entra_capolicy_admin_portals_role_limited_access_test.py @@ -20,7 +20,7 @@ ) -class Test_entra_admin_portals_role_limited_access: +class Test_entra_capolicy_admin_portals_role_limited_access: def test_entra_no_conditional_access_policies(self): entra_client = mock.MagicMock entra_client.audited_tenant = "audited_tenant" @@ -31,17 +31,17 @@ def test_entra_no_conditional_access_policies(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access import ( - entra_admin_portals_role_limited_access, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access import ( + entra_capolicy_admin_portals_role_limited_access, ) entra_client.conditional_access_policies = {} - check = entra_admin_portals_role_limited_access() + check = entra_capolicy_admin_portals_role_limited_access() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -66,12 +66,12 @@ def test_entra_admin_center_limited_access_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access import ( - entra_admin_portals_role_limited_access, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access import ( + entra_capolicy_admin_portals_role_limited_access, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -112,7 +112,7 @@ def test_entra_admin_center_limited_access_disabled(self): ) } - check = entra_admin_portals_role_limited_access() + check = entra_capolicy_admin_portals_role_limited_access() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -138,12 +138,12 @@ def test_entra_admin_center_limited_access_enabled_for_reporting(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access import ( - entra_admin_portals_role_limited_access, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access import ( + entra_capolicy_admin_portals_role_limited_access, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -186,7 +186,7 @@ def test_entra_admin_center_limited_access_enabled_for_reporting(self): ) } - check = entra_admin_portals_role_limited_access() + check = entra_capolicy_admin_portals_role_limited_access() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -215,12 +215,12 @@ def test_entra_admin_center_limited_access_enabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_portals_role_limited_access.entra_admin_portals_role_limited_access import ( - entra_admin_portals_role_limited_access, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_portals_role_limited_access.entra_capolicy_admin_portals_role_limited_access import ( + entra_capolicy_admin_portals_role_limited_access, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -263,7 +263,7 @@ def test_entra_admin_center_limited_access_enabled(self): ) } - check = entra_admin_portals_role_limited_access() + check = entra_capolicy_admin_portals_role_limited_access() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" diff --git a/tests/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled_test.py b/tests/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled_test.py similarity index 90% rename from tests/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled_test.py rename to tests/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled_test.py index b3458c217d..572963017d 100644 --- a/tests/providers/microsoft365/services/entra/entra_admin_users_sign_in_frequency_enabled/entra_admin_users_sign_in_frequency_enabled_test.py +++ b/tests/providers/microsoft365/services/entra/entra_capolicy_admin_users_sign_in_frequency_enabled/entra_capolicy_admin_users_sign_in_frequency_enabled_test.py @@ -20,7 +20,7 @@ ) -class Test_entra_admin_users_sign_in_frequency_enabled: +class Test_entra_capolicy_admin_users_sign_in_frequency_enabled: def test_entra_no_conditional_access_policies(self): entra_client = mock.MagicMock entra_client.audited_tenant = "audited_tenant" @@ -31,18 +31,18 @@ def test_entra_no_conditional_access_policies(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled import ( - entra_admin_users_sign_in_frequency_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled import ( + entra_capolicy_admin_users_sign_in_frequency_enabled, ) entra_client.conditional_access_policies = {} entra_client.audit_config = {"sign_in_frequency": 4} - check = entra_admin_users_sign_in_frequency_enabled() + check = entra_capolicy_admin_users_sign_in_frequency_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -68,12 +68,12 @@ def test_entra_sign_in_frequency_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled import ( - entra_admin_users_sign_in_frequency_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled import ( + entra_capolicy_admin_users_sign_in_frequency_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -114,7 +114,7 @@ def test_entra_sign_in_frequency_disabled(self): ) } - check = entra_admin_users_sign_in_frequency_enabled() + check = entra_capolicy_admin_users_sign_in_frequency_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -141,12 +141,12 @@ def test_entra_sign_in_frequency_enabled_every_time(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled import ( - entra_admin_users_sign_in_frequency_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled import ( + entra_capolicy_admin_users_sign_in_frequency_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -204,7 +204,7 @@ def test_entra_sign_in_frequency_enabled_every_time(self): ) } - check = entra_admin_users_sign_in_frequency_enabled() + check = entra_capolicy_admin_users_sign_in_frequency_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" @@ -235,12 +235,12 @@ def test_entra_sign_in_frequency_enabled_bad_frequency(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled import ( - entra_admin_users_sign_in_frequency_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled import ( + entra_capolicy_admin_users_sign_in_frequency_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -300,7 +300,7 @@ def test_entra_sign_in_frequency_enabled_bad_frequency(self): ) } - check = entra_admin_users_sign_in_frequency_enabled() + check = entra_capolicy_admin_users_sign_in_frequency_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -330,12 +330,12 @@ def test_entra_sign_in_frequency_enabled_for_reporting(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled import ( - entra_admin_users_sign_in_frequency_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled import ( + entra_capolicy_admin_users_sign_in_frequency_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -393,7 +393,7 @@ def test_entra_sign_in_frequency_enabled_for_reporting(self): ) } - check = entra_admin_users_sign_in_frequency_enabled() + check = entra_capolicy_admin_users_sign_in_frequency_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -423,12 +423,12 @@ def test_entra_sign_in_frequency_enabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled import ( - entra_admin_users_sign_in_frequency_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled import ( + entra_capolicy_admin_users_sign_in_frequency_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -486,7 +486,7 @@ def test_entra_sign_in_frequency_enabled(self): ) } - check = entra_admin_users_sign_in_frequency_enabled() + check = entra_capolicy_admin_users_sign_in_frequency_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" @@ -517,12 +517,12 @@ def test_entra_sign_in_frequency_enabled_in_days(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_users_sign_in_frequency_enabled.entra_admin_users_sign_in_frequency_enabled import ( - entra_admin_users_sign_in_frequency_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_admin_users_sign_in_frequency_enabled.entra_capolicy_admin_users_sign_in_frequency_enabled import ( + entra_capolicy_admin_users_sign_in_frequency_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -582,7 +582,7 @@ def test_entra_sign_in_frequency_enabled_in_days(self): ) } - check = entra_admin_users_sign_in_frequency_enabled() + check = entra_capolicy_admin_users_sign_in_frequency_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" diff --git a/tests/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles_test.py b/tests/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled_test.py similarity index 89% rename from tests/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles_test.py rename to tests/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled_test.py index ed30be2c7a..c437099372 100644 --- a/tests/providers/microsoft365/services/entra/entra_admin_mfa_enabled_for_administrative_roles/entra_admin_mfa_enabled_for_administrative_roles_test.py +++ b/tests/providers/microsoft365/services/entra/entra_capolicy_administrative_roles_have_mfa_enabled/entra_capolicy_administrative_roles_have_mfa_enabled_test.py @@ -21,7 +21,7 @@ ) -class Test_entra_admin_mfa_enabled_for_administrative_roles: +class Test_entra_capolicy_administrative_roles_have_mfa_enabled: def test_no_conditional_access_policies(self): """No conditional access policies configured: expected FAIL.""" entra_client = mock.MagicMock @@ -34,17 +34,17 @@ def test_no_conditional_access_policies(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles import ( - entra_admin_mfa_enabled_for_administrative_roles, + from prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled import ( + entra_capolicy_administrative_roles_have_mfa_enabled, ) entra_client.conditional_access_policies = {} - check = entra_admin_mfa_enabled_for_administrative_roles() + check = entra_capolicy_administrative_roles_have_mfa_enabled() result = check.execute() assert len(result) == 1 @@ -70,12 +70,12 @@ def test_policy_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles import ( - entra_admin_mfa_enabled_for_administrative_roles, + from prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled import ( + entra_capolicy_administrative_roles_have_mfa_enabled, ) entra_client.conditional_access_policies = { @@ -114,7 +114,7 @@ def test_policy_disabled(self): ) } - check = entra_admin_mfa_enabled_for_administrative_roles() + check = entra_capolicy_administrative_roles_have_mfa_enabled() result = check.execute() assert len(result) == 1 @@ -144,12 +144,12 @@ def test_policy_missing_admin_roles(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles import ( - entra_admin_mfa_enabled_for_administrative_roles, + from prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled import ( + entra_capolicy_administrative_roles_have_mfa_enabled, ) entra_client.conditional_access_policies = { @@ -188,7 +188,7 @@ def test_policy_missing_admin_roles(self): ) } - check = entra_admin_mfa_enabled_for_administrative_roles() + check = entra_capolicy_administrative_roles_have_mfa_enabled() result = check.execute() assert len(result) == 1 @@ -218,12 +218,12 @@ def test_policy_missing_application_all(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles import ( - entra_admin_mfa_enabled_for_administrative_roles, + from prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled import ( + entra_capolicy_administrative_roles_have_mfa_enabled, ) entra_client.conditional_access_policies = { @@ -263,7 +263,7 @@ def test_policy_missing_application_all(self): ) } - check = entra_admin_mfa_enabled_for_administrative_roles() + check = entra_capolicy_administrative_roles_have_mfa_enabled() result = check.execute() assert len(result) == 1 @@ -298,12 +298,12 @@ def test_policy_valid(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles import ( - entra_admin_mfa_enabled_for_administrative_roles, + from prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled import ( + entra_capolicy_administrative_roles_have_mfa_enabled, ) entra_client.conditional_access_policies = { @@ -342,7 +342,7 @@ def test_policy_valid(self): ) } - check = entra_admin_mfa_enabled_for_administrative_roles() + check = entra_capolicy_administrative_roles_have_mfa_enabled() result = check.execute() assert len(result) == 1 @@ -375,12 +375,12 @@ def test_policy_valid_through_roles(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles import ( - entra_admin_mfa_enabled_for_administrative_roles, + from prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled import ( + entra_capolicy_administrative_roles_have_mfa_enabled, ) entra_client.conditional_access_policies = { @@ -435,7 +435,7 @@ def test_policy_valid_through_roles(self): ) } - check = entra_admin_mfa_enabled_for_administrative_roles() + check = entra_capolicy_administrative_roles_have_mfa_enabled() result = check.execute() assert len(result) == 1 @@ -468,12 +468,12 @@ def test_policy_valid_one_missing_role(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_mfa_enabled_for_administrative_roles.entra_admin_mfa_enabled_for_administrative_roles import ( - entra_admin_mfa_enabled_for_administrative_roles, + from prowler.providers.microsoft365.services.entra.entra_capolicy_administrative_roles_have_mfa_enabled.entra_capolicy_administrative_roles_have_mfa_enabled import ( + entra_capolicy_administrative_roles_have_mfa_enabled, ) entra_client.conditional_access_policies = { @@ -527,7 +527,7 @@ def test_policy_valid_one_missing_role(self): ) } - check = entra_admin_mfa_enabled_for_administrative_roles() + check = entra_capolicy_administrative_roles_have_mfa_enabled() result = check.execute() assert len(result) == 1 diff --git a/tests/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/microsoft365_entra_policy_ensure_default_user_cannot_create_tenants_test.py b/tests/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants_test.py similarity index 76% rename from tests/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/microsoft365_entra_policy_ensure_default_user_cannot_create_tenants_test.py rename to tests/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants_test.py index 5c615b1da0..64089858f9 100644 --- a/tests/providers/microsoft365/services/entra/entra_policy_ensure_default_user_cannot_create_tenants/microsoft365_entra_policy_ensure_default_user_cannot_create_tenants_test.py +++ b/tests/providers/microsoft365/services/entra/entra_capolicy_ensure_default_user_cannot_create_tenants/entra_capolicy_ensure_default_user_cannot_create_tenants_test.py @@ -10,7 +10,7 @@ ) -class Test_entra_policy_ensure_default_user_cannot_create_tenants: +class Test_entra_capolicy_ensure_default_user_cannot_create_tenants: def test_entra_empty_tenant(self): entra_client = mock.MagicMock entra_client.authorization_policy = {} @@ -21,15 +21,15 @@ def test_entra_empty_tenant(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_policy_ensure_default_user_cannot_create_tenants.entra_policy_ensure_default_user_cannot_create_tenants.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_policy_ensure_default_user_cannot_create_tenants.entra_policy_ensure_default_user_cannot_create_tenants import ( - entra_policy_ensure_default_user_cannot_create_tenants, + from prowler.providers.microsoft365.services.entra.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_capolicy_ensure_default_user_cannot_create_tenants import ( + entra_capolicy_ensure_default_user_cannot_create_tenants, ) - check = entra_policy_ensure_default_user_cannot_create_tenants() + check = entra_capolicy_ensure_default_user_cannot_create_tenants() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -52,12 +52,12 @@ def test_entra_default_user_role_permissions_allowed_to_create_tenants(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_policy_ensure_default_user_cannot_create_tenants.entra_policy_ensure_default_user_cannot_create_tenants.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_policy_ensure_default_user_cannot_create_tenants.entra_policy_ensure_default_user_cannot_create_tenants import ( - entra_policy_ensure_default_user_cannot_create_tenants, + from prowler.providers.microsoft365.services.entra.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_capolicy_ensure_default_user_cannot_create_tenants import ( + entra_capolicy_ensure_default_user_cannot_create_tenants, ) entra_client.authorization_policy = AuthorizationPolicy( @@ -69,7 +69,7 @@ def test_entra_default_user_role_permissions_allowed_to_create_tenants(self): ), ) - check = entra_policy_ensure_default_user_cannot_create_tenants() + check = entra_capolicy_ensure_default_user_cannot_create_tenants() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -92,12 +92,12 @@ def test_entra_default_user_role_permissions_not_allowed_to_create_tenants(self) return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_policy_ensure_default_user_cannot_create_tenants.entra_policy_ensure_default_user_cannot_create_tenants.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_policy_ensure_default_user_cannot_create_tenants.entra_policy_ensure_default_user_cannot_create_tenants import ( - entra_policy_ensure_default_user_cannot_create_tenants, + from prowler.providers.microsoft365.services.entra.entra_capolicy_ensure_default_user_cannot_create_tenants.entra_capolicy_ensure_default_user_cannot_create_tenants import ( + entra_capolicy_ensure_default_user_cannot_create_tenants, ) entra_client.authorization_policy = AuthorizationPolicy( @@ -109,7 +109,7 @@ def test_entra_default_user_role_permissions_not_allowed_to_create_tenants(self) ), ) - check = entra_policy_ensure_default_user_cannot_create_tenants() + check = entra_capolicy_ensure_default_user_cannot_create_tenants() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" diff --git a/tests/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled_test.py b/tests/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled_test.py similarity index 86% rename from tests/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled_test.py rename to tests/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled_test.py index fd6ff82a91..cf1a99191b 100644 --- a/tests/providers/microsoft365/services/entra/entra_identity_protection_sign_in_risk_enabled/entra_identity_protection_sign_in_risk_enabled_test.py +++ b/tests/providers/microsoft365/services/entra/entra_capolicy_identity_protection_sign_in_risk_enabled/entra_capolicy_identity_protection_sign_in_risk_enabled_test.py @@ -21,7 +21,7 @@ ) -class Test_entra_identity_protection_sign_in_risk_enabled: +class Test_entra_capolicy_identity_protection_sign_in_risk_enabled: def test_entra_no_conditional_access_policies(self): entra_client = mock.MagicMock entra_client.audited_tenant = "audited_tenant" @@ -32,17 +32,17 @@ def test_entra_no_conditional_access_policies(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled import ( - entra_identity_protection_sign_in_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled import ( + entra_capolicy_identity_protection_sign_in_risk_enabled, ) entra_client.conditional_access_policies = {} - check = entra_identity_protection_sign_in_risk_enabled() + check = entra_capolicy_identity_protection_sign_in_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -55,7 +55,7 @@ def test_entra_no_conditional_access_policies(self): assert result[0].resource_id == "conditionalAccessPolicies" assert result[0].location == "global" - def test_entra_identity_protection_user_risk_policy_disabled(self): + def test_entra_identity_protection_sign_in_risk_policy_disabled(self): id = str(uuid4()) entra_client = mock.MagicMock entra_client.audited_tenant = "audited_tenant" @@ -67,12 +67,12 @@ def test_entra_identity_protection_user_risk_policy_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled import ( - entra_identity_protection_sign_in_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled import ( + entra_capolicy_identity_protection_sign_in_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -115,7 +115,7 @@ def test_entra_identity_protection_user_risk_policy_disabled(self): ) } - check = entra_identity_protection_sign_in_risk_enabled() + check = entra_capolicy_identity_protection_sign_in_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -128,7 +128,9 @@ def test_entra_identity_protection_user_risk_policy_disabled(self): assert result[0].resource_id == "conditionalAccessPolicies" assert result[0].location == "global" - def test_entra_identity_protection_user_risk_policy_enabled_not_enough_risk(self): + def test_entra_identity_protection_sign_in_risk_policy_enabled_not_enough_risk( + self, + ): id = str(uuid4()) display_name = "Test" entra_client = mock.MagicMock @@ -141,12 +143,12 @@ def test_entra_identity_protection_user_risk_policy_enabled_not_enough_risk(self return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled import ( - entra_identity_protection_sign_in_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled import ( + entra_capolicy_identity_protection_sign_in_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -194,7 +196,7 @@ def test_entra_identity_protection_user_risk_policy_enabled_not_enough_risk(self ) } - check = entra_identity_protection_sign_in_risk_enabled() + check = entra_capolicy_identity_protection_sign_in_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -210,7 +212,7 @@ def test_entra_identity_protection_user_risk_policy_enabled_not_enough_risk(self assert result[0].resource_id == id assert result[0].location == "global" - def test_entra_identity_protection_user_risk_policy_enabled_for_reporting(self): + def test_entra_identity_protection_sign_in_risk_policy_enabled_for_reporting(self): id = str(uuid4()) display_name = "Test" entra_client = mock.MagicMock @@ -223,12 +225,12 @@ def test_entra_identity_protection_user_risk_policy_enabled_for_reporting(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled import ( - entra_identity_protection_sign_in_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled import ( + entra_capolicy_identity_protection_sign_in_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -276,7 +278,7 @@ def test_entra_identity_protection_user_risk_policy_enabled_for_reporting(self): ) } - check = entra_identity_protection_sign_in_risk_enabled() + check = entra_capolicy_identity_protection_sign_in_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -292,7 +294,7 @@ def test_entra_identity_protection_user_risk_policy_enabled_for_reporting(self): assert result[0].resource_id == id assert result[0].location == "global" - def test_entra_identity_protection_user_risk_policy_enabled(self): + def test_entra_identity_protection_sign_in_risk_policy_enabled(self): id = str(uuid4()) display_name = "Test" entra_client = mock.MagicMock @@ -305,12 +307,12 @@ def test_entra_identity_protection_user_risk_policy_enabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_sign_in_risk_enabled.entra_identity_protection_sign_in_risk_enabled import ( - entra_identity_protection_sign_in_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_sign_in_risk_enabled.entra_capolicy_identity_protection_sign_in_risk_enabled import ( + entra_capolicy_identity_protection_sign_in_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -358,7 +360,7 @@ def test_entra_identity_protection_user_risk_policy_enabled(self): ) } - check = entra_identity_protection_sign_in_risk_enabled() + check = entra_capolicy_identity_protection_sign_in_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" diff --git a/tests/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled_test.py b/tests/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled_test.py similarity index 88% rename from tests/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled_test.py rename to tests/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled_test.py index e1f7626701..225db2d9c7 100644 --- a/tests/providers/microsoft365/services/entra/entra_identity_protection_user_risk_enabled/entra_identity_protection_user_risk_enabled_test.py +++ b/tests/providers/microsoft365/services/entra/entra_capolicy_identity_protection_user_risk_enabled/entra_capolicy_identity_protection_user_risk_enabled_test.py @@ -21,7 +21,7 @@ ) -class Test_entra_identity_protection_user_risk_enabled: +class Test_entra_capolicy_identity_protection_user_risk_enabled: def test_entra_no_conditional_access_policies(self): entra_client = mock.MagicMock entra_client.audited_tenant = "audited_tenant" @@ -32,17 +32,17 @@ def test_entra_no_conditional_access_policies(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled import ( - entra_identity_protection_user_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled import ( + entra_capolicy_identity_protection_user_risk_enabled, ) entra_client.conditional_access_policies = {} - check = entra_identity_protection_user_risk_enabled() + check = entra_capolicy_identity_protection_user_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -67,12 +67,12 @@ def test_entra_identity_protection_user_risk_policy_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled import ( - entra_identity_protection_user_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled import ( + entra_capolicy_identity_protection_user_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -114,7 +114,7 @@ def test_entra_identity_protection_user_risk_policy_disabled(self): ) } - check = entra_identity_protection_user_risk_enabled() + check = entra_capolicy_identity_protection_user_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -140,12 +140,12 @@ def test_entra_identity_protection_user_risk_policy_enabled_not_enough_risk(self return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled import ( - entra_identity_protection_user_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled import ( + entra_capolicy_identity_protection_user_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -192,7 +192,7 @@ def test_entra_identity_protection_user_risk_policy_enabled_not_enough_risk(self ) } - check = entra_identity_protection_user_risk_enabled() + check = entra_capolicy_identity_protection_user_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -221,12 +221,12 @@ def test_entra_identity_protection_user_risk_policy_enabled_for_reporting(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled import ( - entra_identity_protection_user_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled import ( + entra_capolicy_identity_protection_user_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -273,7 +273,7 @@ def test_entra_identity_protection_user_risk_policy_enabled_for_reporting(self): ) } - check = entra_identity_protection_user_risk_enabled() + check = entra_capolicy_identity_protection_user_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -302,12 +302,12 @@ def test_entra_identity_protection_user_risk_policy_enabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_identity_protection_user_risk_enabled.entra_identity_protection_user_risk_enabled import ( - entra_identity_protection_user_risk_enabled, + from prowler.providers.microsoft365.services.entra.entra_capolicy_identity_protection_user_risk_enabled.entra_capolicy_identity_protection_user_risk_enabled import ( + entra_capolicy_identity_protection_user_risk_enabled, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -354,7 +354,7 @@ def test_entra_identity_protection_user_risk_policy_enabled(self): ) } - check = entra_identity_protection_user_risk_enabled() + check = entra_capolicy_identity_protection_user_risk_enabled() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" diff --git a/tests/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication_test.py b/tests/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication_test.py similarity index 86% rename from tests/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication_test.py rename to tests/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication_test.py index 18fa79199b..98b07c011e 100644 --- a/tests/providers/microsoft365/services/entra/entra_managed_device_required_for_authentication/entra_managed_device_required_for_authentication_test.py +++ b/tests/providers/microsoft365/services/entra/entra_capolicy_managed_device_required_for_authentication/entra_capolicy_managed_device_required_for_authentication_test.py @@ -20,7 +20,7 @@ ) -class Test_entra_managed_device_required_for_authentication: +class Test_entra_capolicy_managed_device_required_for_authentication: def test_entra_no_conditional_access_policies(self): entra_client = mock.MagicMock entra_client.audited_tenant = "audited_tenant" @@ -31,17 +31,17 @@ def test_entra_no_conditional_access_policies(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication import ( - entra_managed_device_required_for_authentication, + from prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication import ( + entra_capolicy_managed_device_required_for_authentication, ) entra_client.conditional_access_policies = {} - check = entra_managed_device_required_for_authentication() + check = entra_capolicy_managed_device_required_for_authentication() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -66,12 +66,12 @@ def test_entra_managed_device_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication import ( - entra_managed_device_required_for_authentication, + from prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication import ( + entra_capolicy_managed_device_required_for_authentication, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -112,7 +112,7 @@ def test_entra_managed_device_disabled(self): ) } - check = entra_managed_device_required_for_authentication() + check = entra_capolicy_managed_device_required_for_authentication() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -138,12 +138,12 @@ def test_entra_managed_device_enabled_for_reporting(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication import ( - entra_managed_device_required_for_authentication, + from prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication import ( + entra_capolicy_managed_device_required_for_authentication, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -189,7 +189,7 @@ def test_entra_managed_device_enabled_for_reporting(self): ) } - check = entra_managed_device_required_for_authentication() + check = entra_capolicy_managed_device_required_for_authentication() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -219,12 +219,12 @@ def test_entra_managed_device_enabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication.entra_client", + "prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_managed_device_required_for_authentication.entra_managed_device_required_for_authentication import ( - entra_managed_device_required_for_authentication, + from prowler.providers.microsoft365.services.entra.entra_capolicy_managed_device_required_for_authentication.entra_capolicy_managed_device_required_for_authentication import ( + entra_capolicy_managed_device_required_for_authentication, ) from prowler.providers.microsoft365.services.entra.entra_service import ( ConditionalAccessPolicy, @@ -270,7 +270,7 @@ def test_entra_managed_device_enabled(self): ) } - check = entra_managed_device_required_for_authentication() + check = entra_capolicy_managed_device_required_for_authentication() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" diff --git a/tests/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created_test.py b/tests/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created_test.py similarity index 80% rename from tests/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created_test.py rename to tests/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created_test.py index 4069310f4a..12a25eaa08 100644 --- a/tests/providers/microsoft365/services/entra/entra_dynamic_group_for_guests_created/entra_dynamic_group_for_guests_created_test.py +++ b/tests/providers/microsoft365/services/entra/entra_dynamicgroup_for_guests_created/entra_dynamicgroup_for_guests_created_test.py @@ -6,7 +6,7 @@ ) -class Test_entra_dynamic_group_for_guests_created: +class Test_entra_dynamicgroup_for_guests_created: def test_no_groups(self): """ Test when no groups exist: @@ -21,15 +21,15 @@ def test_no_groups(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_dynamic_group_for_guests_created.entra_dynamic_group_for_guests_created.entra_client", + "prowler.providers.microsoft365.services.entra.entra_dynamicgroup_for_guests_created.entra_dynamicgroup_for_guests_created.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_dynamic_group_for_guests_created.entra_dynamic_group_for_guests_created import ( - entra_dynamic_group_for_guests_created, + from prowler.providers.microsoft365.services.entra.entra_dynamicgroup_for_guests_created.entra_dynamicgroup_for_guests_created import ( + entra_dynamicgroup_for_guests_created, ) - check = entra_dynamic_group_for_guests_created() + check = entra_dynamicgroup_for_guests_created() result = check.execute() assert len(result) == 0 @@ -46,7 +46,7 @@ def test_group_not_dynamic(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_dynamic_group_for_guests_created.entra_dynamic_group_for_guests_created.entra_client", + "prowler.providers.microsoft365.services.entra.entra_dynamicgroup_for_guests_created.entra_dynamicgroup_for_guests_created.entra_client", new=entra_client, ), ): @@ -59,11 +59,11 @@ def test_group_not_dynamic(self): ) ] - from prowler.providers.microsoft365.services.entra.entra_dynamic_group_for_guests_created.entra_dynamic_group_for_guests_created import ( - entra_dynamic_group_for_guests_created, + from prowler.providers.microsoft365.services.entra.entra_dynamicgroup_for_guests_created.entra_dynamicgroup_for_guests_created import ( + entra_dynamicgroup_for_guests_created, ) - check = entra_dynamic_group_for_guests_created() + check = entra_dynamicgroup_for_guests_created() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL" @@ -88,7 +88,7 @@ def test_dynamic_group_with_proper_membership_rule(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_dynamic_group_for_guests_created.entra_dynamic_group_for_guests_created.entra_client", + "prowler.providers.microsoft365.services.entra.entra_dynamicgroup_for_guests_created.entra_dynamicgroup_for_guests_created.entra_client", new=entra_client, ), ): @@ -101,11 +101,11 @@ def test_dynamic_group_with_proper_membership_rule(self): ) ] - from prowler.providers.microsoft365.services.entra.entra_dynamic_group_for_guests_created.entra_dynamic_group_for_guests_created import ( - entra_dynamic_group_for_guests_created, + from prowler.providers.microsoft365.services.entra.entra_dynamicgroup_for_guests_created.entra_dynamicgroup_for_guests_created import ( + entra_dynamicgroup_for_guests_created, ) - check = entra_dynamic_group_for_guests_created() + check = entra_dynamicgroup_for_guests_created() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" diff --git a/tests/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled_test.py b/tests/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled_test.py similarity index 79% rename from tests/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled_test.py rename to tests/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled_test.py index 9a72389813..d4a1e594be 100644 --- a/tests/providers/microsoft365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled_test.py +++ b/tests/providers/microsoft365/services/entra/entra_enterpriseapp_admin_consent_workflow_enabled/entra_enterpriseapp_admin_consent_workflow_enabled_test.py @@ -9,7 +9,7 @@ ) -class Test_entra_admin_consent_workflow_enabled: +class Test_entra_enterpriseapp_admin_consent_workflow_enabled: def test_admin_consent_enabled(self): """ Test when admin_consent_enabled is True: @@ -23,12 +23,12 @@ def test_admin_consent_enabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled import ( - entra_admin_consent_workflow_enabled, + from prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled import ( + entra_enterpriseapp_admin_consent_workflow_enabled, ) entra_client.admin_consent_policy = AdminConsentPolicy( @@ -39,7 +39,7 @@ def test_admin_consent_enabled(self): ) entra_client.tenant_domain = DOMAIN - check = entra_admin_consent_workflow_enabled() + check = entra_enterpriseapp_admin_consent_workflow_enabled() result = check.execute() assert len(result) == 1 @@ -65,12 +65,12 @@ def test_admin_consent_enabled_without_notifications(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled import ( - entra_admin_consent_workflow_enabled, + from prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled import ( + entra_enterpriseapp_admin_consent_workflow_enabled, ) entra_client.admin_consent_policy = AdminConsentPolicy( @@ -81,7 +81,7 @@ def test_admin_consent_enabled_without_notifications(self): ) entra_client.tenant_domain = DOMAIN - check = entra_admin_consent_workflow_enabled() + check = entra_enterpriseapp_admin_consent_workflow_enabled() result = check.execute() assert len(result) == 1 @@ -107,12 +107,12 @@ def test_admin_consent_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled import ( - entra_admin_consent_workflow_enabled, + from prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled import ( + entra_enterpriseapp_admin_consent_workflow_enabled, ) entra_client.admin_consent_policy = AdminConsentPolicy( @@ -123,7 +123,7 @@ def test_admin_consent_disabled(self): ) entra_client.tenant_domain = DOMAIN - check = entra_admin_consent_workflow_enabled() + check = entra_enterpriseapp_admin_consent_workflow_enabled() result = check.execute() assert len(result) == 1 @@ -151,15 +151,15 @@ def test_no_policy(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_admin_consent_workflow_enabled.entra_admin_consent_workflow_enabled import ( - entra_admin_consent_workflow_enabled, + from prowler.providers.microsoft365.services.entra.entra_enterpriseapp_admin_consent_workflow_enabled.entra_enterpriseapp_admin_consent_workflow_enabled import ( + entra_enterpriseapp_admin_consent_workflow_enabled, ) - check = entra_admin_consent_workflow_enabled() + check = entra_enterpriseapp_admin_consent_workflow_enabled() result = check.execute() assert len(result) == 0 diff --git a/tests/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled_test.py b/tests/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled_test.py similarity index 78% rename from tests/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled_test.py rename to tests/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled_test.py index bc9e5b3008..c0934ee116 100644 --- a/tests/providers/microsoft365/services/entra/entra_password_hash_sync_enabled/entra_password_hash_sync_enabled_test.py +++ b/tests/providers/microsoft365/services/entra/entra_organization_password_hash_sync_enabled/entra_organization_password_hash_sync_enabled_test.py @@ -6,7 +6,7 @@ ) -class Test_entra_password_hash_sync_enabled: +class Test_entra_organization_password_hash_sync_enabled: def test_password_hash_sync_enabled(self): entra_client = mock.MagicMock() @@ -16,12 +16,12 @@ def test_password_hash_sync_enabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled import ( - entra_password_hash_sync_enabled, + from prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled import ( + entra_organization_password_hash_sync_enabled, ) org = Organization( @@ -31,7 +31,7 @@ def test_password_hash_sync_enabled(self): ) entra_client.organizations = [org] - check = entra_password_hash_sync_enabled() + check = entra_organization_password_hash_sync_enabled() result = check.execute() assert len(result) == 1 @@ -54,12 +54,12 @@ def test_password_hash_sync_disabled(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled import ( - entra_password_hash_sync_enabled, + from prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled import ( + entra_organization_password_hash_sync_enabled, ) org1 = Organization( @@ -74,7 +74,7 @@ def test_password_hash_sync_disabled(self): ) entra_client.organizations = [org1, org2] - check = entra_password_hash_sync_enabled() + check = entra_organization_password_hash_sync_enabled() result = check.execute() assert len(result) == 2 @@ -106,12 +106,12 @@ def test_password_hash_sync_disabled_two_org(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled import ( - entra_password_hash_sync_enabled, + from prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled import ( + entra_organization_password_hash_sync_enabled, ) org = Organization( @@ -121,7 +121,7 @@ def test_password_hash_sync_disabled_two_org(self): ) entra_client.organizations = [org] - check = entra_password_hash_sync_enabled() + check = entra_organization_password_hash_sync_enabled() result = check.execute() assert len(result) == 1 @@ -145,15 +145,15 @@ def test_empty_organization(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled.entra_client", + "prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_password_hash_sync_enabled.entra_password_hash_sync_enabled import ( - entra_password_hash_sync_enabled, + from prowler.providers.microsoft365.services.entra.entra_organization_password_hash_sync_enabled.entra_organization_password_hash_sync_enabled import ( + entra_organization_password_hash_sync_enabled, ) - check = entra_password_hash_sync_enabled() + check = entra_organization_password_hash_sync_enabled() result = check.execute() assert len(result) == 0 diff --git a/tests/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed_test.py b/tests/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed_test.py similarity index 78% rename from tests/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed_test.py rename to tests/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed_test.py index 9d0d112b6a..68dd97e6c6 100644 --- a/tests/providers/microsoft365/services/entra/entra_thirdparty_integrated_apps_not_allowed/entra_thirdparty_integrated_apps_not_allowed_test.py +++ b/tests/providers/microsoft365/services/entra/entra_user_thirdparty_integrated_apps_not_allowed/entra_user_thirdparty_integrated_apps_not_allowed_test.py @@ -10,7 +10,7 @@ ) -class Test_entra_thirdparty_integrated_apps_not_allowed: +class Test_entra_user_thirdparty_integrated_apps_not_allowed: def test_entra_no_authorization_policy(self): entra_client = mock.MagicMock entra_client.audited_tenant = "audited_tenant" @@ -21,17 +21,17 @@ def test_entra_no_authorization_policy(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_thirdparty_integrated_apps_not_allowed.entra_thirdparty_integrated_apps_not_allowed.entra_client", + "prowler.providers.microsoft365.services.entra.entra_user_thirdparty_integrated_apps_not_allowed.entra_user_thirdparty_integrated_apps_not_allowed.entra_client", new=entra_client, ), ): - from prowler.providers.microsoft365.services.entra.entra_thirdparty_integrated_apps_not_allowed.entra_thirdparty_integrated_apps_not_allowed import ( - entra_thirdparty_integrated_apps_not_allowed, + from prowler.providers.microsoft365.services.entra.entra_user_thirdparty_integrated_apps_not_allowed.entra_user_thirdparty_integrated_apps_not_allowed import ( + entra_user_thirdparty_integrated_apps_not_allowed, ) entra_client.authorization_policy = None - check = entra_thirdparty_integrated_apps_not_allowed() + check = entra_user_thirdparty_integrated_apps_not_allowed() result = check.execute() assert len(result) == 0 @@ -47,15 +47,15 @@ def test_entra_default_user_role_permissions_not_allowed_to_create_apps(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_thirdparty_integrated_apps_not_allowed.entra_thirdparty_integrated_apps_not_allowed.entra_client", + "prowler.providers.microsoft365.services.entra.entra_user_thirdparty_integrated_apps_not_allowed.entra_user_thirdparty_integrated_apps_not_allowed.entra_client", new=entra_client, ), ): from prowler.providers.microsoft365.services.entra.entra_service import ( AuthorizationPolicy, ) - from prowler.providers.microsoft365.services.entra.entra_thirdparty_integrated_apps_not_allowed.entra_thirdparty_integrated_apps_not_allowed import ( - entra_thirdparty_integrated_apps_not_allowed, + from prowler.providers.microsoft365.services.entra.entra_user_thirdparty_integrated_apps_not_allowed.entra_user_thirdparty_integrated_apps_not_allowed import ( + entra_user_thirdparty_integrated_apps_not_allowed, ) role_permissions = DefaultUserRolePermissions(allowed_to_create_apps=False) @@ -66,7 +66,7 @@ def test_entra_default_user_role_permissions_not_allowed_to_create_apps(self): default_user_role_permissions=role_permissions, ) - check = entra_thirdparty_integrated_apps_not_allowed() + check = entra_user_thirdparty_integrated_apps_not_allowed() result = check.execute() assert len(result) == 1 assert result[0].status == "PASS" @@ -91,15 +91,15 @@ def test_entra_default_user_role_permissions_allowed_to_create_apps(self): return_value=set_mocked_microsoft365_provider(), ), mock.patch( - "prowler.providers.microsoft365.services.entra.entra_thirdparty_integrated_apps_not_allowed.entra_thirdparty_integrated_apps_not_allowed.entra_client", + "prowler.providers.microsoft365.services.entra.entra_user_thirdparty_integrated_apps_not_allowed.entra_user_thirdparty_integrated_apps_not_allowed.entra_client", new=entra_client, ), ): from prowler.providers.microsoft365.services.entra.entra_service import ( AuthorizationPolicy, ) - from prowler.providers.microsoft365.services.entra.entra_thirdparty_integrated_apps_not_allowed.entra_thirdparty_integrated_apps_not_allowed import ( - entra_thirdparty_integrated_apps_not_allowed, + from prowler.providers.microsoft365.services.entra.entra_user_thirdparty_integrated_apps_not_allowed.entra_user_thirdparty_integrated_apps_not_allowed import ( + entra_user_thirdparty_integrated_apps_not_allowed, ) role_permissions = DefaultUserRolePermissions(allowed_to_create_apps=True) @@ -110,7 +110,7 @@ def test_entra_default_user_role_permissions_allowed_to_create_apps(self): default_user_role_permissions=role_permissions, ) - check = entra_thirdparty_integrated_apps_not_allowed() + check = entra_user_thirdparty_integrated_apps_not_allowed() result = check.execute() assert len(result) == 1 assert result[0].status == "FAIL"