From a1f8c6a7bbe8b6475b8ca5b590e3fcaeeaca9d67 Mon Sep 17 00:00:00 2001 From: Astr1k Date: Tue, 23 Jan 2024 10:08:07 +0000 Subject: [PATCH] upd: updated policies 272, 283, 310, 461, 497, 508 --- policies/ecc-aws-272-elasticache_latest_version.yml | 5 +++-- policies/ecc-aws-283-elasticsearch_latest_version.yml | 2 +- policies/ecc-aws-310-dms_latest_version.yml | 2 +- ...ecc-aws-461-lambda_latest_runtime_environment_version.yml | 2 +- .../ecc-aws-497-eks_cluster_oldest_supported_version.yml | 2 +- policies/ecc-aws-508-mwaa_latest_version.yml | 2 +- .../red/elasticache.tf | 4 ++-- .../green/elasticsearch.tf | 2 +- terraform/ecc-aws-310-dms_latest_version/green/dms.tf | 2 +- terraform/ecc-aws-310-dms_latest_version/red/dms.tf | 2 +- .../green/lambda.tf | 2 +- .../placebo-green/elasticache.DescribeCacheClusters_1.json | 4 ++-- .../placebo-red/elasticache.DescribeCacheClusters_1.json | 2 +- .../red_policy_test.py | 2 +- .../placebo-green/es.DescribeElasticsearchDomains_1.json | 2 +- .../placebo-green/dms.DescribeReplicationInstances_1.json | 2 +- .../placebo-red/dms.DescribeReplicationInstances_1.json | 2 +- tests/ecc-aws-310-dms_latest_version/red_policy_test.py | 2 +- .../placebo-green/lambda.ListFunctions_1.json | 2 +- .../placebo-green/eks.DescribeCluster_1.json | 2 +- .../placebo-green/airflow.GetEnvironment_1.json | 2 +- 21 files changed, 25 insertions(+), 24 deletions(-) diff --git a/policies/ecc-aws-272-elasticache_latest_version.yml b/policies/ecc-aws-272-elasticache_latest_version.yml index f4ffbb31d..6dccef979 100644 --- a/policies/ecc-aws-272-elasticache_latest_version.yml +++ b/policies/ecc-aws-272-elasticache_latest_version.yml @@ -20,7 +20,8 @@ policies: value: memcached - type: value key: EngineVersion - value: "1.6.17" + op: regex + value: '1.6.*' - and: - type: value key: Engine @@ -28,4 +29,4 @@ policies: - type: value key: EngineVersion op: regex - value: '7.0.*' + value: '7.1.*' \ No newline at end of file diff --git a/policies/ecc-aws-283-elasticsearch_latest_version.yml b/policies/ecc-aws-283-elasticsearch_latest_version.yml index eac3796f0..d931553b2 100644 --- a/policies/ecc-aws-283-elasticsearch_latest_version.yml +++ b/policies/ecc-aws-283-elasticsearch_latest_version.yml @@ -15,4 +15,4 @@ policies: - not: - type: value key: ElasticsearchVersion - value: 'OpenSearch_2.9' + value: 'OpenSearch_2.11' diff --git a/policies/ecc-aws-310-dms_latest_version.yml b/policies/ecc-aws-310-dms_latest_version.yml index b04c315d3..7086aa49b 100644 --- a/policies/ecc-aws-310-dms_latest_version.yml +++ b/policies/ecc-aws-310-dms_latest_version.yml @@ -15,4 +15,4 @@ policies: - not: - type: value key: EngineVersion - value: '3.5.1' + value: '3.5.2' diff --git a/policies/ecc-aws-461-lambda_latest_runtime_environment_version.yml b/policies/ecc-aws-461-lambda_latest_runtime_environment_version.yml index 6121f8faa..faebdc242 100644 --- a/policies/ecc-aws-461-lambda_latest_runtime_environment_version.yml +++ b/policies/ecc-aws-461-lambda_latest_runtime_environment_version.yml @@ -19,4 +19,4 @@ policies: - type: value key: Runtime op: regex - value: '(nodejs18.x|python3.11|java17|dotnetcore3.1|dotnet6|go1.x|ruby3.2)' + value: '(nodejs20.x|python3.12|java21|dotnetcore3.1|dotnet6|go1.x|ruby3.2)' diff --git a/policies/ecc-aws-497-eks_cluster_oldest_supported_version.yml b/policies/ecc-aws-497-eks_cluster_oldest_supported_version.yml index bf2a65c55..6e7bc9b2c 100644 --- a/policies/ecc-aws-497-eks_cluster_oldest_supported_version.yml +++ b/policies/ecc-aws-497-eks_cluster_oldest_supported_version.yml @@ -14,5 +14,5 @@ policies: filters: - type: value key: version - value: "1.21" + value: "1.23" op: lt diff --git a/policies/ecc-aws-508-mwaa_latest_version.yml b/policies/ecc-aws-508-mwaa_latest_version.yml index 61461417d..37189af32 100644 --- a/policies/ecc-aws-508-mwaa_latest_version.yml +++ b/policies/ecc-aws-508-mwaa_latest_version.yml @@ -15,4 +15,4 @@ policies: - not: - type: value key: AirflowVersion - value: '2.6.3' + value: '2.7.2' diff --git a/terraform/ecc-aws-272-elasticache_latest_version/red/elasticache.tf b/terraform/ecc-aws-272-elasticache_latest_version/red/elasticache.tf index 40d528e5c..6931ad2b5 100644 --- a/terraform/ecc-aws-272-elasticache_latest_version/red/elasticache.tf +++ b/terraform/ecc-aws-272-elasticache_latest_version/red/elasticache.tf @@ -1,7 +1,7 @@ resource "aws_elasticache_cluster" "redis" { cluster_id = "c7n-272-elasticache-redis-cluster-red" engine = "redis" - engine_version = "5.0.6" + engine_version = "7.0" node_type = "cache.t2.micro" num_cache_nodes = 1 port = 6379 @@ -14,4 +14,4 @@ resource "aws_elasticache_cluster" "memcached" { node_type = "cache.t2.micro" num_cache_nodes = 1 port = 11211 -} +} \ No newline at end of file diff --git a/terraform/ecc-aws-283-elasticsearch_latest_version/green/elasticsearch.tf b/terraform/ecc-aws-283-elasticsearch_latest_version/green/elasticsearch.tf index de4b21ecd..1ed68e2a5 100644 --- a/terraform/ecc-aws-283-elasticsearch_latest_version/green/elasticsearch.tf +++ b/terraform/ecc-aws-283-elasticsearch_latest_version/green/elasticsearch.tf @@ -1,6 +1,6 @@ resource "aws_elasticsearch_domain" "this" { domain_name = "elasticsearch-283-green" - elasticsearch_version = "OpenSearch_2.9" + elasticsearch_version = "OpenSearch_2.11" ebs_options { ebs_enabled = true diff --git a/terraform/ecc-aws-310-dms_latest_version/green/dms.tf b/terraform/ecc-aws-310-dms_latest_version/green/dms.tf index d26116694..c6a0b7b08 100644 --- a/terraform/ecc-aws-310-dms_latest_version/green/dms.tf +++ b/terraform/ecc-aws-310-dms_latest_version/green/dms.tf @@ -4,7 +4,7 @@ resource "aws_dms_replication_instance" "this" { publicly_accessible = false replication_instance_class = "dms.t2.micro" replication_instance_id = "dms-replication-instance-310-green" - engine_version = "3.5.1" + engine_version = "3.5.2" depends_on = [ null_resource.this ] diff --git a/terraform/ecc-aws-310-dms_latest_version/red/dms.tf b/terraform/ecc-aws-310-dms_latest_version/red/dms.tf index c8273bc00..bc55f1f5d 100644 --- a/terraform/ecc-aws-310-dms_latest_version/red/dms.tf +++ b/terraform/ecc-aws-310-dms_latest_version/red/dms.tf @@ -3,7 +3,7 @@ resource "aws_dms_replication_instance" "this" { apply_immediately = true availability_zone = "us-east-1c" publicly_accessible = false - engine_version = "3.4.2" + engine_version = "3.5.1" replication_instance_class = "dms.t2.micro" replication_instance_id = "dms-replication-instance-310-red" diff --git a/terraform/ecc-aws-461-lambda_latest_runtime_environment_version/green/lambda.tf b/terraform/ecc-aws-461-lambda_latest_runtime_environment_version/green/lambda.tf index 5618a6714..d928b33ae 100644 --- a/terraform/ecc-aws-461-lambda_latest_runtime_environment_version/green/lambda.tf +++ b/terraform/ecc-aws-461-lambda_latest_runtime_environment_version/green/lambda.tf @@ -47,5 +47,5 @@ resource "aws_lambda_function" "this" { function_name = "461_lambda_green" role = aws_iam_role.this.arn handler = "func.py" - runtime = "python3.11" + runtime = "python3.12" } diff --git a/tests/ecc-aws-272-elasticache_latest_version/placebo-green/elasticache.DescribeCacheClusters_1.json b/tests/ecc-aws-272-elasticache_latest_version/placebo-green/elasticache.DescribeCacheClusters_1.json index 28e93d05c..d7216a961 100644 --- a/tests/ecc-aws-272-elasticache_latest_version/placebo-green/elasticache.DescribeCacheClusters_1.json +++ b/tests/ecc-aws-272-elasticache_latest_version/placebo-green/elasticache.DescribeCacheClusters_1.json @@ -11,7 +11,7 @@ "ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:", "CacheNodeType": "cache.t2.micro", "Engine": "memcached", - "EngineVersion": "1.6.17", + "EngineVersion": "1.6.22", "CacheClusterStatus": "available", "NumCacheNodes": 1, "PreferredAvailabilityZone": "us-east-1a", @@ -47,7 +47,7 @@ "ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:", "CacheNodeType": "cache.t2.micro", "Engine": "redis", - "EngineVersion": "7.0.7", + "EngineVersion": "7.1.0", "CacheClusterStatus": "available", "NumCacheNodes": 1, "PreferredAvailabilityZone": "us-east-1f", diff --git a/tests/ecc-aws-272-elasticache_latest_version/placebo-red/elasticache.DescribeCacheClusters_1.json b/tests/ecc-aws-272-elasticache_latest_version/placebo-red/elasticache.DescribeCacheClusters_1.json index 526691e98..6dd081fd1 100644 --- a/tests/ecc-aws-272-elasticache_latest_version/placebo-red/elasticache.DescribeCacheClusters_1.json +++ b/tests/ecc-aws-272-elasticache_latest_version/placebo-red/elasticache.DescribeCacheClusters_1.json @@ -47,7 +47,7 @@ "ClientDownloadLandingPage": "https://console.aws.amazon.com/elasticache/home#client-download:", "CacheNodeType": "cache.t2.micro", "Engine": "redis", - "EngineVersion": "5.0.6", + "EngineVersion": "7.0.7", "CacheClusterStatus": "available", "NumCacheNodes": 1, "PreferredAvailabilityZone": "us-east-1f", diff --git a/tests/ecc-aws-272-elasticache_latest_version/red_policy_test.py b/tests/ecc-aws-272-elasticache_latest_version/red_policy_test.py index 362579145..432045dc5 100644 --- a/tests/ecc-aws-272-elasticache_latest_version/red_policy_test.py +++ b/tests/ecc-aws-272-elasticache_latest_version/red_policy_test.py @@ -3,4 +3,4 @@ class PolicyTest(object): def test_resources(self, base_test, resources): base_test.assertEqual(len(resources), 2) base_test.assertIn(resources[0]['Engine'], ("redis", "memcached")) - base_test.assertIn(resources[0]['EngineVersion'], ("5.0.6", "1.5.16")) \ No newline at end of file + base_test.assertIn(resources[0]['EngineVersion'], ("7.0.7", "1.5.16")) \ No newline at end of file diff --git a/tests/ecc-aws-283-elasticsearch_latest_version/placebo-green/es.DescribeElasticsearchDomains_1.json b/tests/ecc-aws-283-elasticsearch_latest_version/placebo-green/es.DescribeElasticsearchDomains_1.json index 22de4cd2a..b2ad701ef 100644 --- a/tests/ecc-aws-283-elasticsearch_latest_version/placebo-green/es.DescribeElasticsearchDomains_1.json +++ b/tests/ecc-aws-283-elasticsearch_latest_version/placebo-green/es.DescribeElasticsearchDomains_1.json @@ -12,7 +12,7 @@ "Endpoint": "search-elasticsearch-283-green-sqrl5fumngl6zniiccpgcym4py.us-east-1.es.amazonaws.com", "Processing": false, "UpgradeProcessing": false, - "ElasticsearchVersion": "OpenSearch_2.9", + "ElasticsearchVersion": "OpenSearch_2.11", "ElasticsearchClusterConfig": { "InstanceType": "m4.large.elasticsearch", "InstanceCount": 1, diff --git a/tests/ecc-aws-310-dms_latest_version/placebo-green/dms.DescribeReplicationInstances_1.json b/tests/ecc-aws-310-dms_latest_version/placebo-green/dms.DescribeReplicationInstances_1.json index 0515cd81f..fbd9d2763 100644 --- a/tests/ecc-aws-310-dms_latest_version/placebo-green/dms.DescribeReplicationInstances_1.json +++ b/tests/ecc-aws-310-dms_latest_version/placebo-green/dms.DescribeReplicationInstances_1.json @@ -77,7 +77,7 @@ "PreferredMaintenanceWindow": "sat:13:07-sat:13:37", "PendingModifiedValues": {}, "MultiAZ": false, - "EngineVersion": "3.5.1", + "EngineVersion": "3.5.2", "AutoMinorVersionUpgrade": false, "KmsKeyId": "arn:aws:kms:us-east-1:111111111111:key/e56f2d19-2ba5-4c25-829a-44ad8f133131", "ReplicationInstanceArn": "arn:aws:dms:us-east-1:111111111111:rep:UM3S7JB7K5M7NGHUWRC3JIOIG3IS2Y2O2R24FYA", diff --git a/tests/ecc-aws-310-dms_latest_version/placebo-red/dms.DescribeReplicationInstances_1.json b/tests/ecc-aws-310-dms_latest_version/placebo-red/dms.DescribeReplicationInstances_1.json index 215944dc2..fba7f357c 100644 --- a/tests/ecc-aws-310-dms_latest_version/placebo-red/dms.DescribeReplicationInstances_1.json +++ b/tests/ecc-aws-310-dms_latest_version/placebo-red/dms.DescribeReplicationInstances_1.json @@ -77,7 +77,7 @@ "PreferredMaintenanceWindow": "fri:10:42-fri:11:12", "PendingModifiedValues": {}, "MultiAZ": false, - "EngineVersion": "3.4.2", + "EngineVersion": "3.5.1", "AutoMinorVersionUpgrade": false, "KmsKeyId": "arn:aws:kms:us-east-1:111111111111:key/e56f2d19-2ba5-4c25-829a-44ad8f133131", "ReplicationInstanceArn": "arn:aws:dms:us-east-1:111111111111:rep:K66KNPLYAMBNS3VGY5D5IPEZB7TRIKBOFHREJSQ", diff --git a/tests/ecc-aws-310-dms_latest_version/red_policy_test.py b/tests/ecc-aws-310-dms_latest_version/red_policy_test.py index 0fcf3dd25..fe0ec2427 100644 --- a/tests/ecc-aws-310-dms_latest_version/red_policy_test.py +++ b/tests/ecc-aws-310-dms_latest_version/red_policy_test.py @@ -2,4 +2,4 @@ class PolicyTest(object): def test_resources(self, base_test, resources): base_test.assertEqual(len(resources), 1) - base_test.assertEqual(resources[0]['EngineVersion'], '3.4.2') \ No newline at end of file + base_test.assertEqual(resources[0]['EngineVersion'], '3.5.1') \ No newline at end of file diff --git a/tests/ecc-aws-461-lambda_latest_runtime_environment_version/placebo-green/lambda.ListFunctions_1.json b/tests/ecc-aws-461-lambda_latest_runtime_environment_version/placebo-green/lambda.ListFunctions_1.json index 10fab1c54..6ad914ccd 100644 --- a/tests/ecc-aws-461-lambda_latest_runtime_environment_version/placebo-green/lambda.ListFunctions_1.json +++ b/tests/ecc-aws-461-lambda_latest_runtime_environment_version/placebo-green/lambda.ListFunctions_1.json @@ -6,7 +6,7 @@ { "FunctionName": "461_lambda_green", "FunctionArn": "arn:aws:lambda:us-east-1:111111111111:function:461_lambda_green", - "Runtime": "python3.11", + "Runtime": "python3.12", "Role": "arn:aws:iam::111111111111:role/461_role_green", "Handler": "func.py", "CodeSize": 299, diff --git a/tests/ecc-aws-497-eks_cluster_oldest_supported_version/placebo-green/eks.DescribeCluster_1.json b/tests/ecc-aws-497-eks_cluster_oldest_supported_version/placebo-green/eks.DescribeCluster_1.json index 15087464f..d8f19f7a9 100644 --- a/tests/ecc-aws-497-eks_cluster_oldest_supported_version/placebo-green/eks.DescribeCluster_1.json +++ b/tests/ecc-aws-497-eks_cluster_oldest_supported_version/placebo-green/eks.DescribeCluster_1.json @@ -15,7 +15,7 @@ "second": 28, "microsecond": 144000 }, - "version": "1.23", + "version": "1.28", "endpoint": "https://FB018462E830092FF71292F940D1E94B.gr7.us-east-1.eks.amazonaws.com", "roleArn": "arn:aws:iam::111111111111:role/eks-497-cluster-green", "resourcesVpcConfig": { diff --git a/tests/ecc-aws-508-mwaa_latest_version/placebo-green/airflow.GetEnvironment_1.json b/tests/ecc-aws-508-mwaa_latest_version/placebo-green/airflow.GetEnvironment_1.json index bc9c5602e..7f95a7da9 100644 --- a/tests/ecc-aws-508-mwaa_latest_version/placebo-green/airflow.GetEnvironment_1.json +++ b/tests/ecc-aws-508-mwaa_latest_version/placebo-green/airflow.GetEnvironment_1.json @@ -7,7 +7,7 @@ "core.default_task_retries": "16", "core.parallelism": "1" }, - "AirflowVersion": "2.6.3", + "AirflowVersion": "2.7.2", "Arn": "arn:aws:airflow:us-east-1:111111111111:environment/mwaa_508_green", "CreatedAt": { "__class__": "datetime",