CCC-Complete 0.1

Test results for this specific product, vendor, and version combination

Vendor	FINOS
Product	CCC-Complete
Version	0.1

Download Raw Results

Download the original OCSF or HTML result files used to generate this page

File Name	Download
aws-vpc-cfi-1775706869-vpc-cn03-allowed-requester-01	OCSF HTML
aws-vpc-cfi-1775706869-vpc-cn03-allowed-requester-02	OCSF HTML
aws-vpc-cfi-1775706869-vpc-cn03-disallowed-requester-01	OCSF HTML
aws-vpc-cfi-1775706869-vpc-cn03-disallowed-requester-02	OCSF HTML
aws-vpc-cfi-1775706869-vpc-cn03-non-allowlisted-requester-01	OCSF HTML
aws-vpc-cfi-1775706869-vpc	OCSF HTML
aws-vpc-combined	OCSF
aws-vpc-prowler	OCSF
aws-vpc-summary	HTML

Test Summary

Aggregate summary of all tests for this configuration result

Resources In Configuration	6
Count of Tests	24
Passing Tests	24
Failing Tests	0
Catalogs Tested	CCC.VPC

Control Catalog Summary

Summary of test results grouped by control catalog and resource

Control Catalog	Resources	Total Tests	Passing	Failing	Tested Requirements	Missing Requirements	Unused Core Requirements
CCC.VPC	vpc-01f543721b8193a2...vpc-02ff4e20289c915b...vpc-071bf2e1e2416f26...vpc-0a6158c0cf30fae3...vpc-0bbce9271c5d2398...vpc-0d617b955f0a4466...	24	24	0	CCC.VPC.CN03.AR01	CCC.VPC.CN01.AR01 CCC.VPC.CN02.AR01 CCC.VPC.CN04.AR01	None

Test Mapping Summary

Summary of test mappings showing how event codes map to test requirements

Control Catalog	Test Requirement	Mapped Tests (Event Code \| Total \| Passing \| Failing)
CCC.VPC	CCC.VPC.CN03.AR01 When a VPC peering connection is requested, the service MUST prevent connections from VPCs that are not explicitly allowed.	`Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC` 12120 `Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed` 12120

Resource Summary

Summary of all resources mentioned in OCSF results

Resource Name	Resource Type	Control Catalogs	Total Tests	Passing
vpc-01f543721b8193a2c	vpc	CCC.VPC	4	4
vpc-02ff4e20289c915b9	vpc	CCC.VPC	4	4
vpc-071bf2e1e2416f266	vpc	CCC.VPC	4	4
vpc-0a6158c0cf30fae39	vpc	CCC.VPC	4	4
vpc-0bbce9271c5d23986	vpc	CCC.VPC	4	4
vpc-0d617b955f0a44661	vpc	CCC.VPC	4	4

Test Results

OCSF test results filtered for entries with CCC compliance mappings

Status	Finding	Resource Name	Resource Type	Message	Test Requirements
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0bbce9271c5d23986	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0bbce9271c5d23986	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-01f543721b8193a2c	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-01f543721b8193a2c	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-02ff4e20289c915b9	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-02ff4e20289c915b9	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0d617b955f0a44661	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0d617b955f0a44661	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0a6158c0cf30fae39	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0a6158c0cf30fae39	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-071bf2e1e2416f266	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-071bf2e1e2416f266	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0bbce9271c5d23986	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0bbce9271c5d23986	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-01f543721b8193a2c	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-01f543721b8193a2c	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-02ff4e20289c915b9	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-02ff4e20289c915b9	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0d617b955f0a44661	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0d617b955f0a44661	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0a6158c0cf30fae39	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0a6158c0cf30fae39	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-071bf2e1e2416f266	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-071bf2e1e2416f266	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01