CCC-Complete 0.1

Test results for this specific product, vendor, and version combination

Vendor	FINOS
Product	CCC-Complete
Version	0.1

Download Raw Results

Download the original OCSF or HTML result files used to generate this page

File Name	Download
aws-vpc-cfi-1776043305-vpc-cn03-allowed-requester-01	OCSF HTML
aws-vpc-cfi-1776043305-vpc-cn03-allowed-requester-02	OCSF HTML
aws-vpc-cfi-1776043305-vpc-cn03-disallowed-requester-01	OCSF HTML
aws-vpc-cfi-1776043305-vpc-cn03-disallowed-requester-02	OCSF HTML
aws-vpc-cfi-1776043305-vpc-cn03-non-allowlisted-requester-01	OCSF HTML
aws-vpc-cfi-1776043305-vpc	OCSF HTML
aws-vpc-combined	OCSF
aws-vpc-prowler	OCSF
aws-vpc-summary	HTML

Test Summary

Aggregate summary of all tests for this configuration result

Resources In Configuration	6
Count of Tests	24
Passing Tests	24
Failing Tests	0
Catalogs Tested	CCC.VPC

Control Catalog Summary

Summary of test results grouped by control catalog and resource

Control Catalog	Resources	Total Tests	Passing	Failing	Tested Requirements	Missing Requirements	Unused Core Requirements
CCC.VPC	vpc-02b2cf8649cae372...vpc-0351e15653a529b6...vpc-05f4e0d1e4eccf07...vpc-076ba48bcbf64862...vpc-09f36d618737b4da...vpc-0fd941576fc1de4a...	24	24	0	CCC.VPC.CN03.AR01	CCC.VPC.CN01.AR01 CCC.VPC.CN02.AR01 CCC.VPC.CN04.AR01	None

Test Mapping Summary

Summary of test mappings showing how event codes map to test requirements

Control Catalog	Test Requirement	Mapped Tests (Event Code \| Total \| Passing \| Failing)
CCC.VPC	CCC.VPC.CN03.AR01 When a VPC peering connection is requested, the service MUST prevent connections from VPCs that are not explicitly allowed.	`Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC` 12120 `Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed` 12120

Resource Summary

Summary of all resources mentioned in OCSF results

Resource Name	Resource Type	Control Catalogs	Total Tests	Passing
vpc-02b2cf8649cae372a	vpc	CCC.VPC	4	4
vpc-0351e15653a529b6c	vpc	CCC.VPC	4	4
vpc-05f4e0d1e4eccf07f	vpc	CCC.VPC	4	4
vpc-076ba48bcbf648628	vpc	CCC.VPC	4	4
vpc-09f36d618737b4da7	vpc	CCC.VPC	4	4
vpc-0fd941576fc1de4a0	vpc	CCC.VPC	4	4

Test Results

OCSF test results filtered for entries with CCC compliance mappings

Status	Finding	Resource Name	Resource Type	Message	Test Requirements
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-02b2cf8649cae372a	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-02b2cf8649cae372a	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-09f36d618737b4da7	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-09f36d618737b4da7	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0351e15653a529b6c	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0351e15653a529b6c	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0fd941576fc1de4a0	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0fd941576fc1de4a0	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-076ba48bcbf648628	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-076ba48bcbf648628	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-05f4e0d1e4eccf07f	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-05f4e0d1e4eccf07f	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-02b2cf8649cae372a	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-02b2cf8649cae372a	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-09f36d618737b4da7	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-09f36d618737b4da7	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0351e15653a529b6c	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0351e15653a529b6c	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0fd941576fc1de4a0	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0fd941576fc1de4a0	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-076ba48bcbf648628	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-076ba48bcbf648628	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-05f4e0d1e4eccf07f	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-05f4e0d1e4eccf07f	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01