[INFO] fetching crate cfn-guard 3.0.2...
[INFO] testing cfn-guard-3.0.2 against master#ff2c56344c764af598ad33027e9c7a48881808ef for pr-118825
[INFO] extracting crate cfn-guard 3.0.2 into /workspace/builds/worker-7-tc1/source
[INFO] validating manifest of crates.io crate cfn-guard 3.0.2 on toolchain ff2c56344c764af598ad33027e9c7a48881808ef
[INFO] running `Command { std: CARGO_HOME="/workspace/cargo-home" RUSTUP_HOME="/workspace/rustup-home" "/workspace/cargo-home/bin/cargo" "+ff2c56344c764af598ad33027e9c7a48881808ef" "metadata" "--manifest-path" "Cargo.toml" "--no-deps", kill_on_drop: false }`
[INFO] started tweaking crates.io crate cfn-guard 3.0.2
[INFO] finished tweaking crates.io crate cfn-guard 3.0.2
[INFO] tweaked toml for crates.io crate cfn-guard 3.0.2 written to /workspace/builds/worker-7-tc1/source/Cargo.toml
[INFO] crate crates.io crate cfn-guard 3.0.2 already has a lockfile, it will not be regenerated
[INFO] running `Command { std: CARGO_HOME="/workspace/cargo-home" RUSTUP_HOME="/workspace/rustup-home" "/workspace/cargo-home/bin/cargo" "+ff2c56344c764af598ad33027e9c7a48881808ef" "fetch" "--manifest-path" "Cargo.toml", kill_on_drop: false }`
[INFO] [stderr]     Updating crates.io index
[INFO] [stderr]  Downloading crates ...
[INFO] [stderr]   Downloaded urlencoding v2.1.2
[INFO] [stderr]   Downloaded futures-io v0.3.26
[INFO] [stderr]   Downloaded futures-core v0.3.26
[INFO] [stderr]   Downloaded rstest v0.15.0
[INFO] [stderr]   Downloaded futures-executor v0.3.26
[INFO] [stderr]   Downloaded nom_locate v2.1.0
[INFO] [stderr]   Downloaded io-lifetimes v1.0.5
[INFO] [stderr]   Downloaded futures-channel v0.3.26
[INFO] [stderr]   Downloaded ryu v1.0.12
[INFO] [stderr]   Downloaded grep-searcher v0.1.11
[INFO] [stderr]   Downloaded rustix v0.36.8
[INFO] [stderr]   Downloaded futures-util v0.3.26
[INFO] [stderr]   Downloaded clap_complete v4.1.2
[INFO] [stderr]   Downloaded regex v1.7.1
[INFO] [stderr]   Downloaded nom v5.1.2
[INFO] [stderr]   Downloaded string-builder v0.2.0
[INFO] [stderr]   Downloaded is-terminal v0.4.4
[INFO] [stderr]   Downloaded bstr v1.2.0
[INFO] [stderr]   Downloaded memmap2 v0.5.8
[INFO] [stderr]   Downloaded unsafe-libyaml v0.2.5
[INFO] [stderr]   Downloaded serde_yaml v0.9.17
[INFO] [stderr]   Downloaded futures-sink v0.3.26
[INFO] [stderr]   Downloaded futures-task v0.3.26
[INFO] [stderr]   Downloaded semver v1.0.16
[INFO] [stderr]   Downloaded itoa v1.0.5
[INFO] [stderr]   Downloaded futures v0.3.26
[INFO] [stderr]   Downloaded clap_lex v0.3.2
[INFO] [stderr]   Downloaded enumflags2_derive v0.7.7
[INFO] [stderr]   Downloaded bytecount v0.6.3
[INFO] [stderr]   Downloaded rstest_macros v0.14.0
[INFO] [stderr]   Downloaded futures-macro v0.3.26
[INFO] [stderr]   Downloaded itertools v0.4.19
[INFO] [stderr]   Downloaded utf8parse v0.2.0
[INFO] [stderr]   Downloaded encoding_rs_io v0.1.7
[INFO] [stderr]   Downloaded enumflags2 v0.7.7
[INFO] [stderr]   Downloaded fancy-regex v0.11.0
[INFO] [stderr]   Downloaded grep-matcher v0.1.6
[INFO] [stderr]   Downloaded serde_json v1.0.93
[INFO] [stderr]   Downloaded grep-regex v0.1.11
[INFO] [stderr]   Downloaded clap v4.1.6
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc1/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc1/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+ff2c56344c764af598ad33027e9c7a48881808ef" "metadata" "--no-deps" "--format-version=1", kill_on_drop: false }`
[INFO] [stdout] 2c2056b88fa38ec4b5a73ca70902c0c22f12a878ca9cedcf926fe4bbd9d7f8be
[INFO] running `Command { std: "docker" "start" "-a" "2c2056b88fa38ec4b5a73ca70902c0c22f12a878ca9cedcf926fe4bbd9d7f8be", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "inspect" "2c2056b88fa38ec4b5a73ca70902c0c22f12a878ca9cedcf926fe4bbd9d7f8be", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "2c2056b88fa38ec4b5a73ca70902c0c22f12a878ca9cedcf926fe4bbd9d7f8be", kill_on_drop: false }`
[INFO] [stdout] 2c2056b88fa38ec4b5a73ca70902c0c22f12a878ca9cedcf926fe4bbd9d7f8be
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc1/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc1/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=forbid" "-e" "RUSTDOCFLAGS=--cap-lints=forbid" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+ff2c56344c764af598ad33027e9c7a48881808ef" "build" "--frozen" "--message-format=json", kill_on_drop: false }`
[INFO] [stdout] e66135ffa585333e23e93dca94a77666718742cae0535c3b0f0a7679f1a9100c
[INFO] running `Command { std: "docker" "start" "-a" "e66135ffa585333e23e93dca94a77666718742cae0535c3b0f0a7679f1a9100c", kill_on_drop: false }`
[INFO] [stderr]    Compiling proc-macro2 v1.0.60
[INFO] [stderr]    Compiling quote v1.0.28
[INFO] [stderr]    Compiling unicode-ident v1.0.6
[INFO] [stderr]    Compiling memchr v2.5.0
[INFO] [stderr]    Compiling syn v1.0.107
[INFO] [stderr]    Compiling autocfg v1.1.0
[INFO] [stderr]    Compiling libc v0.2.139
[INFO] [stderr]    Compiling cfg-if v1.0.0
[INFO] [stderr]    Compiling bitflags v1.3.2
[INFO] [stderr]    Compiling semver v1.0.16
[INFO] [stderr]    Compiling futures-core v0.3.26
[INFO] [stderr]    Compiling io-lifetimes v1.0.5
[INFO] [stderr]    Compiling futures-task v0.3.26
[INFO] [stderr]    Compiling serde_derive v1.0.152
[INFO] [stderr]    Compiling futures-channel v0.3.26
[INFO] [stderr]    Compiling ryu v1.0.12
[INFO] [stderr]    Compiling futures-util v0.3.26
[INFO] [stderr]    Compiling arrayvec v0.5.2
[INFO] [stderr]    Compiling futures-sink v0.3.26
[INFO] [stderr]    Compiling rustix v0.36.8
[INFO] [stderr]    Compiling serde v1.0.152
[INFO] [stderr]    Compiling linux-raw-sys v0.1.4
[INFO] [stderr]    Compiling version_check v0.9.4
[INFO] [stderr]    Compiling pin-project-lite v0.2.9
[INFO] [stderr]    Compiling regex-syntax v0.6.28
[INFO] [stderr]    Compiling slab v0.4.7
[INFO] [stderr]    Compiling indexmap v1.9.2
[INFO] [stderr]    Compiling futures-io v0.3.26
[INFO] [stderr]    Compiling once_cell v1.17.0
[INFO] [stderr]    Compiling rustc_version v0.4.0
[INFO] [stderr]    Compiling pin-utils v0.1.0
[INFO] [stderr]    Compiling lexical-core v0.7.6
[INFO] [stderr]    Compiling log v0.4.17
[INFO] [stderr]    Compiling nom v5.1.2
[INFO] [stderr]    Compiling static_assertions v1.1.0
[INFO] [stderr]    Compiling regex-automata v0.1.10
[INFO] [stderr]    Compiling os_str_bytes v6.4.1
[INFO] [stderr]    Compiling hashbrown v0.12.3
[INFO] [stderr]    Compiling encoding_rs v0.8.32
[INFO] [stderr]    Compiling lazy_static v1.4.0
[INFO] [stderr]    Compiling aho-corasick v0.7.20
[INFO] [stderr]    Compiling grep-matcher v0.1.6
[INFO] [stderr]    Compiling utf8parse v0.2.0
[INFO] [stderr]    Compiling bstr v1.2.0
[INFO] [stderr]    Compiling clap_lex v0.3.2
[INFO] [stderr]    Compiling bit-vec v0.6.3
[INFO] [stderr]    Compiling rstest_macros v0.14.0
[INFO] [stderr]    Compiling strsim v0.10.0
[INFO] [stderr]    Compiling termcolor v1.2.0
[INFO] [stderr]    Compiling serde_json v1.0.93
[INFO] [stderr]    Compiling thiserror v1.0.38
[INFO] [stderr]    Compiling syn v2.0.18
[INFO] [stderr]    Compiling itoa v1.0.5
[INFO] [stderr]    Compiling bytecount v0.6.3
[INFO] [stderr]    Compiling vte_generate_state_changes v0.1.1
[INFO] [stderr]    Compiling memmap2 v0.5.8
[INFO] [stderr]    Compiling atty v0.2.14
[INFO] [stderr]    Compiling bit-set v0.5.3
[INFO] [stderr]    Compiling thread_local v1.1.4
[INFO] [stderr]    Compiling unicode-segmentation v1.10.1
[INFO] [stderr]    Compiling futures-timer v3.0.2
[INFO] [stderr]    Compiling same-file v1.0.6
[INFO] [stderr]    Compiling unsafe-libyaml v0.2.5
[INFO] [stderr]    Compiling colored v2.0.0
[INFO] [stderr]    Compiling walkdir v2.3.2
[INFO] [stderr]    Compiling itertools v0.4.19
[INFO] [stderr]    Compiling vte v0.10.1
[INFO] [stderr]    Compiling string-builder v0.2.0
[INFO] [stderr]    Compiling heck v0.3.3
[INFO] [stderr]    Compiling indoc v1.0.9
[INFO] [stderr]    Compiling urlencoding v2.1.2
[INFO] [stderr]    Compiling encoding_rs_io v0.1.7
[INFO] [stderr]    Compiling regex v1.7.1
[INFO] [stderr]    Compiling is-terminal v0.4.4
[INFO] [stderr]    Compiling clap v4.1.6
[INFO] [stderr]    Compiling grep-searcher v0.1.11
[INFO] [stderr]    Compiling strip-ansi-escapes v0.1.1
[INFO] [stderr]    Compiling fancy-regex v0.11.0
[INFO] [stderr]    Compiling Inflector v0.11.4
[INFO] [stderr]    Compiling grep-regex v0.1.11
[INFO] [stderr]    Compiling nom_locate v2.1.0
[INFO] [stderr]    Compiling clap_complete v4.1.2
[INFO] [stderr]    Compiling enumflags2_derive v0.7.7
[INFO] [stderr]    Compiling enumflags2 v0.7.7
[INFO] [stderr]    Compiling futures-macro v0.3.26
[INFO] [stderr]    Compiling thiserror-impl v1.0.38
[INFO] [stderr]    Compiling futures-executor v0.3.26
[INFO] [stderr]    Compiling futures v0.3.26
[INFO] [stderr]    Compiling rstest v0.15.0
[INFO] [stderr]    Compiling serde_yaml v0.9.17
[INFO] [stderr]    Compiling cfn-guard v3.0.2 (/opt/rustwide/workdir)
[INFO] [stderr]     Finished dev [unoptimized + debuginfo] target(s) in 33.41s
[INFO] [stderr] warning: the following packages contain code that will be rejected by a future version of Rust: nom v5.1.2
[INFO] [stderr] note: to see what the problems were, use the option `--future-incompat-report`, or run `cargo report future-incompatibilities --id 1`
[INFO] running `Command { std: "docker" "inspect" "e66135ffa585333e23e93dca94a77666718742cae0535c3b0f0a7679f1a9100c", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "e66135ffa585333e23e93dca94a77666718742cae0535c3b0f0a7679f1a9100c", kill_on_drop: false }`
[INFO] [stdout] e66135ffa585333e23e93dca94a77666718742cae0535c3b0f0a7679f1a9100c
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc1/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc1/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=forbid" "-e" "RUSTDOCFLAGS=--cap-lints=forbid" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+ff2c56344c764af598ad33027e9c7a48881808ef" "test" "--frozen" "--no-run" "--message-format=json", kill_on_drop: false }`
[INFO] [stdout] baff916b9389f5bdbfee9b5cb0d17dbd10f80322e4c99b18ca637db9d673355e
[INFO] running `Command { std: "docker" "start" "-a" "baff916b9389f5bdbfee9b5cb0d17dbd10f80322e4c99b18ca637db9d673355e", kill_on_drop: false }`
[INFO] [stderr]    Compiling cfn-guard v3.0.2 (/opt/rustwide/workdir)
[INFO] [stderr] error: could not compile `cfn-guard` (bin "cfn-guard" test)
[INFO] [stderr] 
[INFO] [stderr] Caused by:
[INFO] [stderr]   process didn't exit successfully: `/opt/rustwide/rustup-home/toolchains/ff2c56344c764af598ad33027e9c7a48881808ef/bin/rustc --crate-name cfn_guard --edition=2018 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --emit=dep-info,link -C embed-bitcode=no -C debuginfo=2 --test -C metadata=c776af06526a2471 -C extra-filename=-c776af06526a2471 --out-dir /opt/rustwide/target/debug/deps -L dependency=/opt/rustwide/target/debug/deps --extern inflector=/opt/rustwide/target/debug/deps/libinflector-05e2ef36c4749312.rlib --extern cfn_guard=/opt/rustwide/target/debug/deps/libcfn_guard-3b4f8d653465d72d.rlib --extern clap=/opt/rustwide/target/debug/deps/libclap-4ee892cf9803526d.rlib --extern clap_complete=/opt/rustwide/target/debug/deps/libclap_complete-194d1bfe3737e7c0.rlib --extern colored=/opt/rustwide/target/debug/deps/libcolored-7a43f22981aadefa.rlib --extern enumflags2=/opt/rustwide/target/debug/deps/libenumflags2-15a99a1920189a5d.rlib --extern enumflags2_derive=/opt/rustwide/target/debug/deps/libenumflags2_derive-3df24e26f6d49520.so --extern fancy_regex=/opt/rustwide/target/debug/deps/libfancy_regex-c18de931c5211f27.rlib --extern grep_matcher=/opt/rustwide/target/debug/deps/libgrep_matcher-c0e68919236ce466.rlib --extern grep_regex=/opt/rustwide/target/debug/deps/libgrep_regex-59546790c124cd89.rlib --extern grep_searcher=/opt/rustwide/target/debug/deps/libgrep_searcher-ece5d050122162ab.rlib --extern heck=/opt/rustwide/target/debug/deps/libheck-dafdcca320c539b0.rlib --extern indexmap=/opt/rustwide/target/debug/deps/libindexmap-bf3286afc7a651ae.rlib --extern indoc=/opt/rustwide/target/debug/deps/libindoc-bd32fb28b777f682.so --extern itertools=/opt/rustwide/target/debug/deps/libitertools-02571f5ec8e313d1.rlib --extern lazy_static=/opt/rustwide/target/debug/deps/liblazy_static-b82c15677deef9e2.rlib --extern nom=/opt/rustwide/target/debug/deps/libnom-8dd37d170f32f5d0.rlib --extern nom_locate=/opt/rustwide/target/debug/deps/libnom_locate-0977e7beb5f6dce9.rlib --extern rstest=/opt/rustwide/target/debug/deps/librstest-e3a972a8c41a3a84.rlib --extern serde=/opt/rustwide/target/debug/deps/libserde-9e3e04477a4e6dd5.rlib --extern serde_json=/opt/rustwide/target/debug/deps/libserde_json-45f7850208bf2e20.rlib --extern serde_yaml=/opt/rustwide/target/debug/deps/libserde_yaml-7da3928e8adf5224.rlib --extern string_builder=/opt/rustwide/target/debug/deps/libstring_builder-e2f970cd8511cc3b.rlib --extern strip_ansi_escapes=/opt/rustwide/target/debug/deps/libstrip_ansi_escapes-9c5410fcc0a7633e.rlib --extern thiserror=/opt/rustwide/target/debug/deps/libthiserror-cdac139e852e5d73.rlib --extern unsafe_libyaml=/opt/rustwide/target/debug/deps/libunsafe_libyaml-ebc145f3b38f2037.rlib --extern urlencoding=/opt/rustwide/target/debug/deps/liburlencoding-0f42764d94cee4a2.rlib --extern walkdir=/opt/rustwide/target/debug/deps/libwalkdir-deebb8807ff2dc0b.rlib --cap-lints=forbid` (signal: 9, SIGKILL: kill)
[INFO] [stderr] warning: build failed, waiting for other jobs to finish...
[INFO] [stderr] error: could not compile `cfn-guard` (lib test)
[INFO] [stderr] 
[INFO] [stderr] Caused by:
[INFO] [stderr]   process didn't exit successfully: `/opt/rustwide/rustup-home/toolchains/ff2c56344c764af598ad33027e9c7a48881808ef/bin/rustc --crate-name cfn_guard --edition=2018 src/lib.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --emit=dep-info,link -C embed-bitcode=no -C debuginfo=2 --test -C metadata=eee14fd79e86f822 -C extra-filename=-eee14fd79e86f822 --out-dir /opt/rustwide/target/debug/deps -L dependency=/opt/rustwide/target/debug/deps --extern inflector=/opt/rustwide/target/debug/deps/libinflector-05e2ef36c4749312.rlib --extern clap=/opt/rustwide/target/debug/deps/libclap-4ee892cf9803526d.rlib --extern clap_complete=/opt/rustwide/target/debug/deps/libclap_complete-194d1bfe3737e7c0.rlib --extern colored=/opt/rustwide/target/debug/deps/libcolored-7a43f22981aadefa.rlib --extern enumflags2=/opt/rustwide/target/debug/deps/libenumflags2-15a99a1920189a5d.rlib --extern enumflags2_derive=/opt/rustwide/target/debug/deps/libenumflags2_derive-3df24e26f6d49520.so --extern fancy_regex=/opt/rustwide/target/debug/deps/libfancy_regex-c18de931c5211f27.rlib --extern grep_matcher=/opt/rustwide/target/debug/deps/libgrep_matcher-c0e68919236ce466.rlib --extern grep_regex=/opt/rustwide/target/debug/deps/libgrep_regex-59546790c124cd89.rlib --extern grep_searcher=/opt/rustwide/target/debug/deps/libgrep_searcher-ece5d050122162ab.rlib --extern heck=/opt/rustwide/target/debug/deps/libheck-dafdcca320c539b0.rlib --extern indexmap=/opt/rustwide/target/debug/deps/libindexmap-bf3286afc7a651ae.rlib --extern indoc=/opt/rustwide/target/debug/deps/libindoc-bd32fb28b777f682.so --extern itertools=/opt/rustwide/target/debug/deps/libitertools-02571f5ec8e313d1.rlib --extern lazy_static=/opt/rustwide/target/debug/deps/liblazy_static-b82c15677deef9e2.rlib --extern nom=/opt/rustwide/target/debug/deps/libnom-8dd37d170f32f5d0.rlib --extern nom_locate=/opt/rustwide/target/debug/deps/libnom_locate-0977e7beb5f6dce9.rlib --extern rstest=/opt/rustwide/target/debug/deps/librstest-e3a972a8c41a3a84.rlib --extern serde=/opt/rustwide/target/debug/deps/libserde-9e3e04477a4e6dd5.rlib --extern serde_json=/opt/rustwide/target/debug/deps/libserde_json-45f7850208bf2e20.rlib --extern serde_yaml=/opt/rustwide/target/debug/deps/libserde_yaml-7da3928e8adf5224.rlib --extern string_builder=/opt/rustwide/target/debug/deps/libstring_builder-e2f970cd8511cc3b.rlib --extern strip_ansi_escapes=/opt/rustwide/target/debug/deps/libstrip_ansi_escapes-9c5410fcc0a7633e.rlib --extern thiserror=/opt/rustwide/target/debug/deps/libthiserror-cdac139e852e5d73.rlib --extern unsafe_libyaml=/opt/rustwide/target/debug/deps/libunsafe_libyaml-ebc145f3b38f2037.rlib --extern urlencoding=/opt/rustwide/target/debug/deps/liburlencoding-0f42764d94cee4a2.rlib --extern walkdir=/opt/rustwide/target/debug/deps/libwalkdir-deebb8807ff2dc0b.rlib --cap-lints=forbid` (signal: 9, SIGKILL: kill)
[INFO] running `Command { std: "docker" "inspect" "baff916b9389f5bdbfee9b5cb0d17dbd10f80322e4c99b18ca637db9d673355e", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "baff916b9389f5bdbfee9b5cb0d17dbd10f80322e4c99b18ca637db9d673355e", kill_on_drop: false }`
[INFO] [stdout] baff916b9389f5bdbfee9b5cb0d17dbd10f80322e4c99b18ca637db9d673355e
[INFO] testing cfn-guard-3.0.2 against try#5e4273472e1b2f223618a9b3def795f6224f241d for pr-118825
[INFO] extracting crate cfn-guard 3.0.2 into /workspace/builds/worker-7-tc2/source
[INFO] validating manifest of crates.io crate cfn-guard 3.0.2 on toolchain 5e4273472e1b2f223618a9b3def795f6224f241d
[INFO] running `Command { std: CARGO_HOME="/workspace/cargo-home" RUSTUP_HOME="/workspace/rustup-home" "/workspace/cargo-home/bin/cargo" "+5e4273472e1b2f223618a9b3def795f6224f241d" "metadata" "--manifest-path" "Cargo.toml" "--no-deps", kill_on_drop: false }`
[INFO] started tweaking crates.io crate cfn-guard 3.0.2
[INFO] finished tweaking crates.io crate cfn-guard 3.0.2
[INFO] tweaked toml for crates.io crate cfn-guard 3.0.2 written to /workspace/builds/worker-7-tc2/source/Cargo.toml
[INFO] crate crates.io crate cfn-guard 3.0.2 already has a lockfile, it will not be regenerated
[INFO] running `Command { std: CARGO_HOME="/workspace/cargo-home" RUSTUP_HOME="/workspace/rustup-home" "/workspace/cargo-home/bin/cargo" "+5e4273472e1b2f223618a9b3def795f6224f241d" "fetch" "--manifest-path" "Cargo.toml", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+5e4273472e1b2f223618a9b3def795f6224f241d" "metadata" "--no-deps" "--format-version=1", kill_on_drop: false }`
[INFO] [stdout] 7f17734b3bb75aae82fd4b19c4c912fd9ae10739ea6bc64713835c9588b81979
[INFO] running `Command { std: "docker" "start" "-a" "7f17734b3bb75aae82fd4b19c4c912fd9ae10739ea6bc64713835c9588b81979", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "inspect" "7f17734b3bb75aae82fd4b19c4c912fd9ae10739ea6bc64713835c9588b81979", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "7f17734b3bb75aae82fd4b19c4c912fd9ae10739ea6bc64713835c9588b81979", kill_on_drop: false }`
[INFO] [stdout] 7f17734b3bb75aae82fd4b19c4c912fd9ae10739ea6bc64713835c9588b81979
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=forbid" "-e" "RUSTDOCFLAGS=--cap-lints=forbid" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+5e4273472e1b2f223618a9b3def795f6224f241d" "build" "--frozen" "--message-format=json", kill_on_drop: false }`
[INFO] [stdout] e781d9323d22443728b2ecb08bd66baca9c74425c397b65d74133657df85490a
[INFO] running `Command { std: "docker" "start" "-a" "e781d9323d22443728b2ecb08bd66baca9c74425c397b65d74133657df85490a", kill_on_drop: false }`
[INFO] [stderr]    Compiling proc-macro2 v1.0.60
[INFO] [stderr]    Compiling unicode-ident v1.0.6
[INFO] [stderr]    Compiling quote v1.0.28
[INFO] [stderr]    Compiling memchr v2.5.0
[INFO] [stderr]    Compiling syn v1.0.107
[INFO] [stderr]    Compiling autocfg v1.1.0
[INFO] [stderr]    Compiling libc v0.2.139
[INFO] [stderr]    Compiling cfg-if v1.0.0
[INFO] [stderr]    Compiling bitflags v1.3.2
[INFO] [stderr]    Compiling semver v1.0.16
[INFO] [stderr]    Compiling futures-core v0.3.26
[INFO] [stderr]    Compiling futures-task v0.3.26
[INFO] [stderr]    Compiling futures-channel v0.3.26
[INFO] [stderr]    Compiling io-lifetimes v1.0.5
[INFO] [stderr]    Compiling serde_derive v1.0.152
[INFO] [stderr]    Compiling serde v1.0.152
[INFO] [stderr]    Compiling rustix v0.36.8
[INFO] [stderr]    Compiling futures-util v0.3.26
[INFO] [stderr]    Compiling futures-sink v0.3.26
[INFO] [stderr]    Compiling ryu v1.0.12
[INFO] [stderr]    Compiling arrayvec v0.5.2
[INFO] [stderr]    Compiling lexical-core v0.7.6
[INFO] [stderr]    Compiling linux-raw-sys v0.1.4
[INFO] [stderr]    Compiling once_cell v1.17.0
[INFO] [stderr]    Compiling pin-utils v0.1.0
[INFO] [stderr]    Compiling futures-io v0.3.26
[INFO] [stderr]    Compiling slab v0.4.7
[INFO] [stderr]    Compiling indexmap v1.9.2
[INFO] [stderr]    Compiling log v0.4.17
[INFO] [stderr]    Compiling regex-syntax v0.6.28
[INFO] [stderr]    Compiling version_check v0.9.4
[INFO] [stderr]    Compiling pin-project-lite v0.2.9
[INFO] [stderr]    Compiling static_assertions v1.1.0
[INFO] [stderr]    Compiling regex-automata v0.1.10
[INFO] [stderr]    Compiling hashbrown v0.12.3
[INFO] [stderr]    Compiling os_str_bytes v6.4.1
[INFO] [stderr]    Compiling encoding_rs v0.8.32
[INFO] [stderr]    Compiling lazy_static v1.4.0
[INFO] [stderr]    Compiling rustc_version v0.4.0
[INFO] [stderr]    Compiling termcolor v1.2.0
[INFO] [stderr]    Compiling thiserror v1.0.38
[INFO] [stderr]    Compiling aho-corasick v0.7.20
[INFO] [stderr]    Compiling nom v5.1.2
[INFO] [stderr]    Compiling bstr v1.2.0
[INFO] [stderr]    Compiling rstest_macros v0.14.0
[INFO] [stderr]    Compiling grep-matcher v0.1.6
[INFO] [stderr]    Compiling clap_lex v0.3.2
[INFO] [stderr]    Compiling syn v2.0.18
[INFO] [stderr]    Compiling itoa v1.0.5
[INFO] [stderr]    Compiling strsim v0.10.0
[INFO] [stderr]    Compiling bytecount v0.6.3
[INFO] [stderr]    Compiling serde_json v1.0.93
[INFO] [stderr]    Compiling vte_generate_state_changes v0.1.1
[INFO] [stderr]    Compiling utf8parse v0.2.0
[INFO] [stderr]    Compiling bit-vec v0.6.3
[INFO] [stderr]    Compiling thread_local v1.1.4
[INFO] [stderr]    Compiling same-file v1.0.6
[INFO] [stderr]    Compiling unsafe-libyaml v0.2.5
[INFO] [stderr]    Compiling futures-timer v3.0.2
[INFO] [stderr]    Compiling bit-set v0.5.3
[INFO] [stderr]    Compiling unicode-segmentation v1.10.1
[INFO] [stderr]    Compiling walkdir v2.3.2
[INFO] [stderr]    Compiling string-builder v0.2.0
[INFO] [stderr]    Compiling urlencoding v2.1.2
[INFO] [stderr]    Compiling indoc v1.0.9
[INFO] [stderr]    Compiling vte v0.10.1
[INFO] [stderr]    Compiling itertools v0.4.19
[INFO] [stderr]    Compiling encoding_rs_io v0.1.7
[INFO] [stderr]    Compiling atty v0.2.14
[INFO] [stderr]    Compiling memmap2 v0.5.8
[INFO] [stderr]    Compiling colored v2.0.0
[INFO] [stderr]    Compiling heck v0.3.3
[INFO] [stderr]    Compiling grep-searcher v0.1.11
[INFO] [stderr]    Compiling regex v1.7.1
[INFO] [stderr]    Compiling strip-ansi-escapes v0.1.1
[INFO] [stderr]    Compiling is-terminal v0.4.4
[INFO] [stderr]    Compiling clap v4.1.6
[INFO] [stderr]    Compiling Inflector v0.11.4
[INFO] [stderr]    Compiling fancy-regex v0.11.0
[INFO] [stderr]    Compiling grep-regex v0.1.11
[INFO] [stderr]    Compiling nom_locate v2.1.0
[INFO] [stderr]    Compiling enumflags2_derive v0.7.7
[INFO] [stderr]    Compiling enumflags2 v0.7.7
[INFO] [stderr]    Compiling clap_complete v4.1.2
[INFO] [stderr]    Compiling futures-macro v0.3.26
[INFO] [stderr]    Compiling thiserror-impl v1.0.38
[INFO] [stderr]    Compiling futures-executor v0.3.26
[INFO] [stderr]    Compiling futures v0.3.26
[INFO] [stderr]    Compiling rstest v0.15.0
[INFO] [stderr]    Compiling serde_yaml v0.9.17
[INFO] [stderr]    Compiling cfn-guard v3.0.2 (/opt/rustwide/workdir)
[INFO] [stderr]     Finished dev [unoptimized + debuginfo] target(s) in 26.22s
[INFO] [stderr] warning: the following packages contain code that will be rejected by a future version of Rust: nom v5.1.2
[INFO] [stderr] note: to see what the problems were, use the option `--future-incompat-report`, or run `cargo report future-incompatibilities --id 1`
[INFO] running `Command { std: "docker" "inspect" "e781d9323d22443728b2ecb08bd66baca9c74425c397b65d74133657df85490a", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "e781d9323d22443728b2ecb08bd66baca9c74425c397b65d74133657df85490a", kill_on_drop: false }`
[INFO] [stdout] e781d9323d22443728b2ecb08bd66baca9c74425c397b65d74133657df85490a
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=forbid" "-e" "RUSTDOCFLAGS=--cap-lints=forbid" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+5e4273472e1b2f223618a9b3def795f6224f241d" "test" "--frozen" "--no-run" "--message-format=json", kill_on_drop: false }`
[INFO] [stdout] f5c532fe4f263168d9c6738f9038ef288366c1462a19e19f6e46f7b4dc480a5c
[INFO] running `Command { std: "docker" "start" "-a" "f5c532fe4f263168d9c6738f9038ef288366c1462a19e19f6e46f7b4dc480a5c", kill_on_drop: false }`
[INFO] [stderr]    Compiling cfn-guard v3.0.2 (/opt/rustwide/workdir)
[INFO] [stderr]     Finished test [unoptimized + debuginfo] target(s) in 7.78s
[INFO] [stderr] warning: the following packages contain code that will be rejected by a future version of Rust: nom v5.1.2
[INFO] [stderr] note: to see what the problems were, use the option `--future-incompat-report`, or run `cargo report future-incompatibilities --id 1`
[INFO] running `Command { std: "docker" "inspect" "f5c532fe4f263168d9c6738f9038ef288366c1462a19e19f6e46f7b4dc480a5c", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "f5c532fe4f263168d9c6738f9038ef288366c1462a19e19f6e46f7b4dc480a5c", kill_on_drop: false }`
[INFO] [stdout] f5c532fe4f263168d9c6738f9038ef288366c1462a19e19f6e46f7b4dc480a5c
[INFO] running `Command { std: "docker" "create" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/target:/opt/rustwide/target:rw,Z" "-v" "/var/lib/crater-agent-workspace/builds/worker-7-tc2/source:/opt/rustwide/workdir:ro,Z" "-v" "/var/lib/crater-agent-workspace/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/var/lib/crater-agent-workspace/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "CARGO_INCREMENTAL=0" "-e" "RUST_BACKTRACE=full" "-e" "RUSTFLAGS=--cap-lints=forbid" "-e" "RUSTDOCFLAGS=--cap-lints=forbid" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "1610612736" "--user" "0:0" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+5e4273472e1b2f223618a9b3def795f6224f241d" "test" "--frozen", kill_on_drop: false }`
[INFO] [stdout] 7428df6e54bdd9840fe4f99d314375eb1f0b1d979e784b3bdaeda52ee5407ecd
[INFO] running `Command { std: "docker" "start" "-a" "7428df6e54bdd9840fe4f99d314375eb1f0b1d979e784b3bdaeda52ee5407ecd", kill_on_drop: false }`
[INFO] [stderr]     Finished test [unoptimized + debuginfo] target(s) in 0.08s
[INFO] [stderr] warning: the following packages contain code that will be rejected by a future version of Rust: nom v5.1.2
[INFO] [stderr] note: to see what the problems were, use the option `--future-incompat-report`, or run `cargo report future-incompatibilities --id 1`
[INFO] [stderr]      Running unittests src/lib.rs (/opt/rustwide/target/debug/deps/cfn_guard-eee14fd79e86f822)
[INFO] [stdout] 
[INFO] [stdout] running 253 tests
[INFO] [stdout] test commands::validate::validate_tests::test_supported_extensions ... ok
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_success ... ok
[INFO] [stdout] test commands::rulegen::rulegen_tests::test_rulegen_no_properties ... ok
[INFO] [stdout] test commands::rulegen::rulegen_tests::test_rulegen ... ok
[INFO] [stdout] test rules::eval::eval_tests::binary_comparisons_gt_ge ... ok
[INFO] [stdout] test rules::eval::eval_tests::binary_comparisons_lt_le ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_eq_compare_mixed_comparable ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_eq_compare ... ok
[INFO] [stdout] test commands::aws_meta_appender::aws_meta_appender_tests::append_cdk_metadata_test ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_not_comparable ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_eq_compare_mixed_single_plus_array_form_correct_exec ... ok
[INFO] [stdout] test rules::eval::eval_tests::is_bool ... ok
[INFO] [stdout] test rules::eval::eval_tests::block_guard_pass ... ok
[INFO] [stdout] test rules::eval::eval_tests::ensure_all_list_value_access_on_empty_fails ... ok
[INFO] [stdout] test rules::eval::eval_tests::is_int ... ok
[INFO] [stdout] test rules::eval::eval_tests::match_lhs_with_rhs_single_element_pass ... ok
[INFO] [stdout] test rules::eval::eval_tests::filter_based_with_join_pass_use_cases ... ok
[INFO] [stdout] test rules::eval::eval_tests::query_empty_and_non_empty ... ok
[INFO] [stdout] test rules::eval::eval_tests::rule_clause_tests ... ok
[INFO] [stdout] test rules::eval::eval_tests::status_combinator ... ok
[INFO] [stdout] test rules::eval::eval_tests::filter_based_join_clauses_failures_and_skips ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_all_unary_functions ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_compare_rulegen ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_field_type_array_or_single ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_for_in_and_not_in ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_guard_10_compatibility_and_diff ... ok
[INFO] [stdout] test rules::eval::eval_tests::query_cross_joins ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_api_gateway ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_1 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_api_gateway_cleaner_model ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_2 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_3 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_4 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_5 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_7 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_6 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_8 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_multiple_valued_clause_reporting ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_rule_with_range_test_and_this ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_map_keys_function ... ok
[INFO] [stdout] test rules::eval::eval_tests::block_evaluation_fail ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_searcher ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_string_in_comparison ... ignored
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_empty_input - should panic ... ok
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_malformed_string - should panic ... ok
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_unrecognized_property - should panic ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_1 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_3 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_2 ... ok
[INFO] [stdout] `- File(, Status=FAIL)[Context=File(rules=1)]
[INFO] [stdout]    `- Rule(iam_checks, Status=FAIL)[Context=iam_checks]
[INFO] [stdout]       |- WhenConditionalBlock(Status = FAIL)[Context=RuleClause]
[INFO] [stdout]       |  |- WhenCondition(Status = PASS)[Context=RuleClause/When]
[INFO] [stdout]       |  |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Resources EXISTS  ]
[INFO] [stdout]       |  |     `- GuardClauseValueCheck(Status=PASS)[Context= Resources EXISTS  ]
[INFO] [stdout]       |  `- GuardValueBlockCheck(Status = FAIL)[Context=BlockGuardClause#Location[file:, line:12, column:13]]
[INFO] [stdout]       |     |- Filter/ConjunctionsBlock(Status=PASS)[Context=Filter/Map#1]
[INFO] [stdout]       |     |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Type EQUALS  "/IAM::Role/"]
[INFO] [stdout]       |     |     `- GuardClauseValueCheck(Status=PASS)[Context= Type EQUALS  "/IAM::Role/"]
[INFO] [stdout]       |     `- Rule(check_iam_statements, Status=FAIL)[Context=check_iam_statements]
[INFO] [stdout]       |        `- GuardValueBlockCheck(Status = FAIL)[Context=BlockGuardClause#Location[file:, line:3, column:9]]
[INFO] [stdout]       |           `- WhenConditionalBlock(Status = FAIL)[Context=GuardConditionClause]
[INFO] [stdout]       |              |- WhenCondition(Status = PASS)[Context=GuardConditionClause/When]
[INFO] [stdout]       |              |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Effect EQUALS  "Allow"]
[INFO] [stdout]       |              |     `- GuardClauseValueCheck(Status=PASS)[Context= Effect EQUALS  "Allow"]
[INFO] [stdout]       |              `- GuardClauseBlock(Status = FAIL)[Context=GuardAccessClause#block Action not EQUALS  "*"]
[INFO] [stdout]       |                 `- GuardClauseBinaryCheck(Status=FAIL, Comparison=not EQUALS, from=(resolved, Path=/Resources/iamRole/Properties/AssumeRolePolicyDocument/Statement/0/Action[L:0,C:0] Value="*"), to=(resolved, Path=[L:0,C:0] Value="*"))[Context= Action not EQUALS  "*"]
[INFO] [stdout]       `- WhenConditionalBlock(Status = SKIP)[Context=RuleClause]
[INFO] [stdout]          `- WhenCondition(Status = FAIL)[Context=RuleClause/When]
[INFO] [stdout]             `- GuardClauseBlock(Status = FAIL)[Context=GuardAccessClause#block resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout]                `- GuardClauseBinaryCheck(Status=FAIL, Comparison= EQUALS, from=(unresolved, Path=[L:0,C:0] Value={"Resources":{"iamRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Action":"*","Principal":"*","Resource":"*","Effect":"Allow"}]}}}}}), to=)[Context= resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_4 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_5 ... ok
[INFO] [stdout] test rules::eval::eval_tests::block_evaluation ... ok
[INFO] [stdout] test rules::eval::eval_tests::using_resource_names_for_assessment ... ok
[INFO] [stdout] test rules::eval::eval_tests::testing_iam_role_prov_serve ... ok
[INFO] [stdout] test rules::eval::eval_tests::rules_file_tests_the_unituitive_all_clause_that_skips ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_inner_when_skipped ... ok
[INFO] [stdout] test rules::eval::eval_tests::cross_rule_clause_when_checks ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_eq_queries ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_eq_literal ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_eq_query_to_scalar_literal_ok ... ok
[INFO] [stdout] test rules::eval::eval_tests::double_projection_tests ... ok
[INFO] [stdout] test rules::eval::eval_tests::variable_projections ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_list_literal_to_query_ok ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_query_to_query_not_ok ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_query_to_query_ok ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_query_to_scalar_in_string_not_ok ... ok
[INFO] [stdout] `- File(, Status=PASS)[Context=File(rules=1)]
[INFO] [stdout]    `- Rule(iam_checks, Status=PASS)[Context=iam_checks]
[INFO] [stdout]       |- WhenConditionalBlock(Status = SKIP)[Context=RuleClause]
[INFO] [stdout]       |  `- WhenCondition(Status = FAIL)[Context=RuleClause/When]
[INFO] [stdout]       |     `- GuardClauseBlock(Status = FAIL)[Context=GuardAccessClause#block Resources EXISTS  ]
[INFO] [stdout]       |        `- GuardClauseUnaryCheck(Status=FAIL, Comparison= EXISTS, Value-At=(unresolved, Path=[L:0,C:0] Value={"version":1.2,"resourceType":"AWS::IAM::Role","configuration":{"assumeRolePolicyDocument":{"Statement":[test rules::eval::operators::operators_tests::test_operator_in_query_to_scalar_ok ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_rules_with_some_clauses ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_literal_list_in_query_ok ... ok
[INFO] [stdout] {test rules::eval::operators::operators_tests::test_operator_in_query_to_scalar_in_string_ok ... ok
[INFO] [stdout] "Action":"sts:AssumeRole","Principal":"*","Resource":"*","Effect":"Allow"}]}}}))[Context= Resources EXISTS  ]
[INFO] [stdout]       `- WhenConditionalBlock(Status = PASS)[Context=RuleClause]
[INFO] [stdout]          |- WhenCondition(Status = PASS)[Context=RuleClause/When]
[INFO] [stdout]          |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout]          |     `- GuardClauseValueCheck(Status=PASS)[Context= resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout]          `- Rule(check_iam_statements, Status=PASS)[Context=check_iam_statements]
[INFO] [stdout]             `- GuardValueBlockCheck(Status = PASS)[Context=BlockGuardClause#Location[file:, line:3, column:9]]
[INFO] [stdout]                `- WhenConditionalBlock(Status = PASS)[Context=GuardConditionClause]
[INFO] [stdout]                   |- WhenCondition(Status = PASS)[Context=GuardConditionClause/When]
[INFO] [stdout]                   |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Effect EQUALS  "Allow"]
[INFO] [stdout]                   |     `- GuardClauseValueCheck(Status=PASS)[Context= Effect EQUALS  "Allow"]
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_scalar_literal_to_query_ok ... ok
[INFO] [stdout]                   `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Action not EQUALS  "*"]
[INFO] [stdout]                      `- GuardClauseValueCheck(Status=PASS)[Context= Action not EQUALS  "*"]
[INFO] [stdout] test rules::eval::eval_tests::ensure_all_map_values_access_on_empty_fails ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_scalar_literal_to_query_ok_with_unresolved ... ok
[INFO] [stdout] test rules::eval::eval_tests::parameterized_evaluations ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::no_query_return_root ... ok
[INFO] [stdout] test rules::eval::eval_tests::variable_projections_failures ... ok
[INFO] [stdout] test rules::eval::eval_tests::testing_sg_rules_pro_serve ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::empty_value_return_unresolved ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_mixed_results ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_s3_bucket_pro_serv ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_return_results ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_with_missing_list_property ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_with_empty_list_property ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_eq_vs_in_from_queries ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_support_for_atleast_one_match_clause ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::ecs_iam_role_relationship_assetions ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::test_with_converter ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::extraction_test ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::map_filter_keys ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_iam_statement_clauses ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_lists ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::block_evaluation_fail ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::block_evaluation ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_loop_all ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::double_projection_tests ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_field_type_array_or_single ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rules_not_in_tests ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rule_clause_when_check ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::guard_access_clause_test_all_up ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_rulegen ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_for_not_in ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_guard_10_compatibility_and_diff ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_loop_atleast_one_eq ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_api_gateway ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_rule_with_range_test ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::guard_access_clause_tests ... ok
[INFO] [stdout] test rules::eval::eval_tests::rule_test_type_blocks ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_multiple_valued_clause_reporting ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_in_comparison_operator_for_list_of_lists ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_multiple_valued_clause_reporting_var_access ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_inner_when_skipped ... ok
[INFO] [stdout] test rules::functions::collections::collections_tests::test_count_function ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_boolean ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_iam_subselections ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_rules_with_some_clauses ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::testing_iam_role_prov_serve ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rule_clause_tests ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_s3_bucket_pro_serv ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::testing_sg_rules_pro_serve ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_float ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_char ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_map_keys_function ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_support_for_atleast_one_match_clause ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::test_handle_null ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader2 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader3 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader8 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader4 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader6 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader5 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader_with_alias ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader7 ... ok
[INFO] [stdout] test rules::functions::strings::strings_tests::test_substring ... ok
[INFO] [stdout] test rules::functions::strings::strings_tests::test_json_parse ... ok
[INFO] [stdout] test rules::parser::parser_tests::does_this_work ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_string ... ok
[INFO] [stdout] test rules::parser::parser_tests::is_list_check_parser_bug ... ok
[INFO] [stdout] test rules::parser::parser_tests::it_support_test ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_int ... ok
[INFO] [stdout] test rules::parser::parser_tests::block_parse_test ... ok
[INFO] [stdout] test rules::eval::eval_tests::rules_file_tests_simpler_correct_form_using_newer_constructs ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_single_param_function_with_multiple_arguments ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_single_param_function_with_one_argument ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_parse_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::parse_list_of_map ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameters_guard_clause ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameters_guard_clause_multiple ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_block ... ok
[INFO] [stdout] test rules::parser::parser_tests::rule_parameters_parse_test ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::embedded_when_clause_redshift_use_case_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::paramterized_clause_errors ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_1 ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rules_file_tests ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_3 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_5 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_4 ... ok
[INFO] [stdout] test rules::parser::parser_tests::parse_rule_block_with_mixed_assignment ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_6 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_7 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_broken_lists ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_access ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_clause_in_when_condition ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_9 ... ok
[INFO] [stdout] test rules::parser::parser_tests::parse_regex_tests ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_embedded_string_parsing ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_clause_failures ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_block_in_block_properties ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_get_rule_name ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_builtin_function_call_expr ... ok
[INFO] [stdout] test rules::parser::parser_tests::some_clause_parse ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_clauses ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_block_properties ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_int_parse ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_dotted_access ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_8 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_int_parse_pos ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_map_key_part ... ok
[INFO] [stdout] test rules::parser::parser_tests::select_any_one_from_list_clauses ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_bool ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_other_operations ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_1 ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_iam_statement_clauses ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::test_handle_function_call ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_lists_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_regex_inner_when_regex_is_not_valid ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_map_success_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float_error ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_assignment_with_function_call2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_assignment_with_function_call ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_3 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_4 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_string_from_scalar ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_scalar ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_incorrect_block_in_block_properties ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_string_rest ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_string ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_value_when_strings_are_randomly_generated ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_keys_keyword ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_range_type_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_range_type_failures ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_map_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_value_with_comments ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rule_clauses ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_type_name ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_value_cmp ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_try_from_access ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_var_name ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_var_name_access ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_01 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_try_from_rule_block ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rule_block_clause ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rules_file_default_rules ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rules_file ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_02 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_white_space_with_comments ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_predicate_clause_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_03 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_04 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_05 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_06 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_07 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_08 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_09 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_variable_capture_syntax ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_type_block ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_10 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_11 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_12 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_complex_predicate_clauses ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::merge_values_test ... ok
[INFO] [stdout] test rules::values::values_tests::test_convert_from_to_value ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rule_block ... ok
[INFO] [stdout] test rules::values::values_tests::test_parse_string_with_colon ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::path_value_equivalent ... ok
[INFO] [stdout] test rules::values::values_tests::test_convert_into_json ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::it_support_evaluation_tests ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::some_filter_tests ... ok
[INFO] [stdout] test rules::parser::parser_tests::when_inside_when_parse_test ... ok
[INFO] [stdout] test utils::tests::read_cursor_test ... ok
[INFO] [stdout] test rules::values::values_tests::test_yaml_json_mapping ... ok
[INFO] [stdout] test rules::path_value::traversal::traversal_tests::test_absolute_pointer_traversal ... ok
[INFO] [stdout] test rules::values::values_tests::test_yaml_json_mapping_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_regex_inner_when_regex_is_valid ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::map_keys_filter_test ... ok
[INFO] [stdout] test rules::functions::strings::strings_tests::test_regex_replace ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::path_value_queries ... ok
[INFO] [stdout] test rules::values::values_tests::test_query_on_value ... ok
[INFO] [stdout] test rules::values::values_tests::test_type_block_with_var_query_evaluation ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_regex ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_clause_success ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 252 passed; 0 failed; 1 ignored; 0 measured; 0 filtered out; finished in 0.15s
[INFO] [stdout] 
[INFO] [stderr]      Running unittests src/main.rs (/opt/rustwide/target/debug/deps/cfn_guard-c776af06526a2471)
[INFO] [stdout] 
[INFO] [stdout] running 253 tests
[INFO] [stdout] test commands::validate::validate_tests::test_supported_extensions ... ok
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_success ... ok
[INFO] [stdout] test commands::rulegen::rulegen_tests::test_rulegen_no_properties ... ok
[INFO] [stdout] test commands::rulegen::rulegen_tests::test_rulegen ... ok
[INFO] [stdout] test rules::eval::eval_tests::binary_comparisons_gt_ge ... ok
[INFO] [stdout] test rules::eval::eval_tests::binary_comparisons_lt_le ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_not_comparable ... ok
[INFO] [stdout] test commands::aws_meta_appender::aws_meta_appender_tests::append_cdk_metadata_test ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_eq_compare_mixed_single_plus_array_form_correct_exec ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_eq_compare ... ok
[INFO] [stdout] test rules::eval::eval_tests::each_lhs_value_eq_compare_mixed_comparable ... ok
[INFO] [stdout] test rules::eval::eval_tests::is_bool ... ok
[INFO] [stdout] test rules::eval::eval_tests::ensure_all_list_value_access_on_empty_fails ... ok
[INFO] [stdout] test rules::eval::eval_tests::match_lhs_with_rhs_single_element_pass ... ok
[INFO] [stdout] test rules::eval::eval_tests::is_int ... ok
[INFO] [stdout] test rules::eval::eval_tests::block_guard_pass ... ok
[INFO] [stdout] test rules::eval::eval_tests::filter_based_with_join_pass_use_cases ... ok
[INFO] [stdout] test rules::eval::eval_tests::rule_clause_tests ... ok
[INFO] [stdout] test rules::eval::eval_tests::status_combinator ... ok
[INFO] [stdout] test rules::eval::eval_tests::query_empty_and_non_empty ... ok
[INFO] [stdout] test rules::eval::eval_tests::filter_based_join_clauses_failures_and_skips ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_all_unary_functions ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_compare_rulegen ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_field_type_array_or_single ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_for_in_and_not_in ... ok
[INFO] [stdout] test rules::eval::eval_tests::query_cross_joins ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_guard_10_compatibility_and_diff ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_1 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_api_gateway ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_api_gateway_cleaner_model ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_2 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_3 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_5 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_4 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_6 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_7 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_in_comparison_operator_for_list_of_lists::case_8 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_multiple_valued_clause_reporting ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_rule_with_range_test_and_this ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_map_keys_function ... ok
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_malformed_string - should panic ... ok
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_empty_input - should panic ... ok
[INFO] [stdout] test rules::eval::eval_tests::block_evaluation ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_string_in_comparison ... ignored
[INFO] [stdout] test commands::validate::validate_tests::test_deserialize_payload_unrecognized_property - should panic ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_1 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_searcher ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_2 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_4 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_3 ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_type_conversions::case_5 ... ok
[INFO] [stdout] test rules::eval::eval_tests::using_resource_names_for_assessment ... ok
[INFO] [stdout] test rules::eval::eval_tests::testing_iam_role_prov_serve ... ok
[INFO] [stdout] test rules::eval::eval_tests::cross_rule_clause_when_checks ... ok
[INFO] [stdout] test rules::eval::eval_tests::double_projection_tests ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_eq_queries ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_eq_query_to_scalar_literal_ok ... ok
[INFO] [stdout] test rules::eval::eval_tests::variable_projections ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_list_literal_to_query_ok ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_eq_literal ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_literal_list_in_query_ok ... ok
[INFO] [stdout] test rules::eval::eval_tests::variable_projections_failures ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_query_to_query_not_ok ... ok
[INFO] [stdout] `- File(, Status=FAIL)[Context=File(rules=1)]
[INFO] [stdout]    `- Rule(iam_checks, Status=FAIL)[Context=iam_checks]
[INFO] [stdout]       |- WhenConditionalBlock(Status = FAIL)[Context=RuleClause]
[INFO] [stdout]       |  |- WhenCondition(Status = PASS)[Context=RuleClause/When]
[INFO] [stdout]       |  |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Resources EXISTS  ]
[INFO] [stdout]       |  |     `- GuardClauseValueCheck(Status=PASS)[Context= Resources EXISTS  ]
[INFO] [stdout]       |  `- GuardValueBlockCheck(Status = FAIL)[Context=BlockGuardClause#Location[file:, line:12, column:13]]
[INFO] [stdout]       |     |- Filter/ConjunctionsBlock(Status=PASS)[Context=Filter/Map#1]
[INFO] [stdout]       |     |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Type EQUALS  "/IAM::Role/"]
[INFO] [stdout]       |     |     `- GuardClauseValueCheck(Status=PASS)[Context= Type EQUALS  "/IAM::Role/"]
[INFO] [stdout]       |     `- Rule(check_iam_statements, Status=FAIL)[Context=check_iam_statements]
[INFO] [stdout]       |        `- GuardValueBlockCheck(Status = FAIL)[Context=BlockGuardClause#Location[file:, line:3, column:9]]
[INFO] [stdout]       |           `- WhenConditionalBlock(Status = FAIL)[Context=GuardConditionClause]
[INFO] [stdout]       |              |- WhenCondition(Status = PASS)[Context=GuardConditionClause/When]
[INFO] [stdout]       |              |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Effect EQUALS  "Allow"]
[INFO] [stdout]       |              |     `- GuardClauseValueCheck(Status=PASS)[Context= Effect EQUALS  "Allow"]
[INFO] [stdout]       |              `- GuardClauseBlock(Status = FAIL)[Context=GuardAccessClause#block Action not EQUALS  "*"]
[INFO] [stdout]       |                 `- GuardClauseBinaryCheck(Status=FAIL, Comparison=not EQUALS, from=(resolved, Path=/Resources/iamRole/Properties/AssumeRolePolicyDocument/Statement/0/Action[L:0,C:0] Value="*"), to=(resolved, Path=[L:0,C:0] Value="*"))[Context= Action not EQUALS  "*"]
[INFO] [stdout]       `- WhenConditionalBlock(Status = SKIP)[Context=RuleClause]
[INFO] [stdout]          `- WhenCondition(Status = FAIL)[Context=RuleClause/When]
[INFO] [stdout]             `- GuardClauseBlock(Status = FAIL)[Context=GuardAccessClause#block resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout]                `- GuardClauseBinaryCheck(Status=FAIL, Comparison= EQUALS, from=(unresolved, Path=[L:0,C:0] Value=test rules::eval::operators::operators_tests::test_operator_in_query_to_query_ok ... ok
[INFO] [stdout] {"Resources":test rules::eval::operators::operators_tests::test_operator_in_query_to_scalar_in_string_not_ok ... ok
[INFO] [stdout] {"iamRole":test rules::eval::operators::operators_tests::test_operator_eq_vs_in_from_queries ... ok
[INFO] [stdout] {"Type":"AWS::IAM::Role","Properties":test rules::eval::operators::operators_tests::test_operator_in_query_to_scalar_in_string_ok ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_inner_when_skipped ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_rules_with_some_clauses ... ok
[INFO] [stdout] {test rules::eval::operators::operators_tests::test_operator_in_query_to_scalar_ok ... ok
[INFO] [stdout] "AssumeRolePolicyDocument":test rules::eval::eval_tests::block_evaluation_fail ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_scalar_literal_to_query_ok ... ok
[INFO] [stdout] test rules::eval::operators::operators_tests::test_operator_in_scalar_literal_to_query_ok_with_unresolved ... ok
[INFO] [stdout] {"Statement":[{"Action":"*","Principal":"*","Resource":"*","Effect":"Allow"}]}}}}}), to=)[Context= resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout] test rules::eval::eval_tests::ensure_all_map_values_access_on_empty_fails ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::no_query_return_root ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_with_empty_list_property ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_iam_statement_clauses ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_return_results ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::test_with_converter ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_support_for_atleast_one_match_clause ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_with_missing_list_property ... ok
[INFO] [stdout] test rules::eval::eval_tests::testing_sg_rules_pro_serve ... ok
[INFO] [stdout] test rules::eval::eval_tests::test_s3_bucket_pro_serv ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::non_empty_value_mixed_results ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::empty_value_return_unresolved ... ok
[INFO] [stdout] test rules::eval::eval_tests::rules_file_tests_the_unituitive_all_clause_that_skips ... ok
[INFO] [stdout] `- File(, Status=PASS)[Context=File(rules=1)]
[INFO] [stdout]    `- Rule(iam_checks, Status=PASS)[Context=iam_checks]
[INFO] [stdout]       |- WhenConditionalBlock(Status = test rules::eval_context::eval_context_tests::extraction_test ... SKIP)[Context=RuleClause]ok
[INFO] [stdout] 
[INFO] [stdout]       |  `- WhenCondition(Status = FAIL)[Context=RuleClause/When]
[INFO] [stdout]       |     `- GuardClauseBlock(Status = FAIL)[Context=GuardAccessClause#block Resources EXISTS  ]
[INFO] [stdout]       |        `- GuardClauseUnaryCheck(Status=FAIL, Comparison= EXISTS, Value-At=(unresolved, Path=[L:0,C:0] Value=test rules::evaluate::evaluate_tests::ecs_iam_role_relationship_assetions ... ok{
[INFO] [stdout] "version":1.2,"resourceType":"AWS::IAM::Role","configuration":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Principal":"*","Resource":"*","Effect":"Allow"}]}}}))[Context= Resources EXISTS  ]
[INFO] [stdout]       `- WhenConditionalBlock(Status = PASS)[Context=RuleClause]
[INFO] [stdout]          |- WhenCondition(Status = PASS)[Context=RuleClause/When]
[INFO] [stdout]          |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout]          |     `- GuardClauseValueCheck(Status=PASS)[Context= resourceType EQUALS  "/IAM::Role/"]
[INFO] [stdout]          `- Rule(check_iam_statements, Status=PASS)[Context=check_iam_statements]
[INFO] [stdout]             `- GuardValueBlockCheck(Status = PASS)[Context=BlockGuardClause#Location[file:, line:3, column:9]]
[INFO] [stdout]                `- WhenConditionalBlock(Status = PASS)[Context=GuardConditionClause]
[INFO] [stdout]                   |- WhenCondition(Status = PASS)[Context=GuardConditionClause/When]
[INFO] [stdout]                   |  `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Effect EQUALS  "Allow"]
[INFO] [stdout]                   |     `- GuardClauseValueCheck(Status=PASS)[Context= Effect EQUALS  "Allow"]
[INFO] [stdout]                   `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Action not EQUALS  "*"]
[INFO] [stdout]                      `- GuardClauseValueCheck(Status=PASS)[Context= Action not EQUALS  "*"]
[INFO] [stdout] test rules::eval_context::eval_context_tests::map_filter_keys ... ok
[INFO] [stdout] test rules::eval::eval_tests::parameterized_evaluations ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_lists ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::block_evaluation ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rules_not_in_tests ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::block_evaluation_fail ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_field_type_array_or_single ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_loop_all ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_for_not_in ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::double_projection_tests ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rule_clause_when_check ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_rulegen ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_guard_10_compatibility_and_diff ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::guard_access_clause_test_all_up ... ok
[INFO] [stdout] test rules::eval::eval_tests::rule_test_type_blocks ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_compare_loop_atleast_one_eq ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_inner_when_skipped ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::guard_access_clause_tests ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_rule_with_range_test ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_multiple_valued_clause_reporting_var_access ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_multiple_valued_clause_reporting ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_api_gateway ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_rules_with_some_clauses ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_in_comparison_operator_for_list_of_lists ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_iam_subselections ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_map_keys_function ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_support_for_atleast_one_match_clause ... ok
[INFO] [stdout] test rules::functions::collections::collections_tests::test_count_function ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::testing_iam_role_prov_serve ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_boolean ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::testing_sg_rules_pro_serve ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::test_handle_null ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_s3_bucket_pro_serv ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader2 ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_float ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_int ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_string ... ok
[INFO] [stdout] test rules::functions::strings::strings_tests::test_json_parse ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rule_clause_tests ... ok
[INFO] [stdout] test rules::functions::converters::converters_test::test_parse_char ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader3 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader4 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader5 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader7 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader_with_alias ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader8 ... ok
[INFO] [stdout] test rules::libyaml::loader::loader_tests::yaml_loader6 ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_single_param_function_with_one_argument ... ok
[INFO] [stdout] test rules::functions::strings::strings_tests::test_substring ... ok
[INFO] [stdout] test rules::parser::parser_tests::does_this_work ... ok
[INFO] [stdout] test rules::parser::parser_tests::block_parse_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_single_param_function_with_multiple_arguments ... ok
[INFO] [stdout] test rules::parser::parser_tests::it_support_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_parse_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_rule_block ... ok
[INFO] [stdout] test rules::parser::parser_tests::is_list_check_parser_bug ... ok
[INFO] [stdout] test rules::parser::parser_tests::paramterized_clause_errors ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::embedded_when_clause_redshift_use_case_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::rule_parameters_parse_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_1 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::parse_list_of_map ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::rules_file_tests ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameters_guard_clause ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_3 ... ok
[INFO] [stdout] test rules::eval::eval_tests::rules_file_tests_simpler_correct_form_using_newer_constructs ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_4 ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameterized_clause_in_when_condition ... ok
[INFO] [stdout] test rules::parser::parser_tests::parameters_guard_clause_multiple ... ok
[INFO] [stdout] test rules::parser::parser_tests::parse_regex_tests ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_6 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_7 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_5 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_access ... ok
[INFO] [stdout] test rules::parser::parser_tests::parse_rule_block_with_mixed_assignment ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_broken_lists ... ok
[INFO] [stdout] test rules::evaluate::evaluate_tests::test_iam_statement_clauses ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_block_properties ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_9 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_block_in_block_properties ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_get_rule_name ... ok
[INFO] [stdout] test rules::parser::parser_tests::select_any_one_from_list_clauses ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_embedded_string_parsing ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_clause_failures ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_int_parse ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_int_parse_pos ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_builtin_function_call_expr ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_dotted_access ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_map_key_part ... ok
[INFO] [stdout] test rules::parser::parser_tests::some_clause_parse ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_assignments::case_8 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_clauses ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_other_operations ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_lists_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_incorrect_block_in_block_properties ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_1 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_map_success_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_bool ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_assignment_with_function_call ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_regex_inner_when_regex_is_not_valid ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_3 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float::case_4 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_string ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_float_error ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_string_rest ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_assignment_with_function_call2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_value_when_strings_are_randomly_generated ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_scalar ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_string_from_scalar ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_map_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_range_type_failures ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_keys_keyword ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rule_clauses ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_range_type_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_value_with_comments ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_value_cmp ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_try_from_access ... ok
[INFO] [stdout] test rules::eval_context::eval_context_tests::test_handle_function_call ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_try_from_rule_block ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_type_name ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_var_name ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rules_file ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rules_file_default_rules ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_var_name_access ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_03 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_white_space_with_comments ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_01 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_02 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_predicate_clause_success ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_04 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rule_block_clause ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_type_block ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_11 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_05 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_10 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_09 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_08 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_06 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_07 ... ok
[INFO] [stdout] test rules::parser::parser_tests::unary_parse::case_12 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_variable_capture_syntax ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_rule_block ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::path_value_equivalent ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::merge_values_test ... ok
[INFO] [stdout] test rules::values::values_tests::test_convert_into_json ... ok
[INFO] [stdout] test rules::values::values_tests::test_convert_from_to_value ... ok
[INFO] [stdout] test rules::values::values_tests::test_parse_string_with_colon ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::it_support_evaluation_tests ... ok
[INFO] [stdout] test rules::path_value::traversal::traversal_tests::test_absolute_pointer_traversal ... ok
[INFO] [stdout] test rules::parser::parser_tests::when_inside_when_parse_test ... ok
[INFO] [stdout] test utils::tests::read_cursor_test ... ok
[INFO] [stdout] test rules::values::values_tests::test_yaml_json_mapping ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::some_filter_tests ... ok
[INFO] [stdout] test rules::values::values_tests::test_yaml_json_mapping_2 ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_complex_predicate_clauses ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::map_keys_filter_test ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_regex_inner_when_regex_is_valid ... ok
[INFO] [stdout] test rules::path_value::path_value_tests::path_value_queries ... ok
[INFO] [stdout] test rules::functions::strings::strings_tests::test_regex_replace ... ok
[INFO] [stdout] test rules::values::values_tests::test_query_on_value ... ok
[INFO] [stdout] test rules::values::values_tests::test_type_block_with_var_query_evaluation ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_parse_regex ... ok
[INFO] [stdout] test rules::parser::parser_tests::test_clause_success ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 252 passed; 0 failed; 1 ignored; 0 measured; 0 filtered out; finished in 0.15s
[INFO] [stdout] 
[INFO] [stderr]      Running tests/functional.rs (/opt/rustwide/target/debug/deps/functional-85e47446cbeefea7)
[INFO] [stdout] 
[INFO] [stdout] running 1 test
[INFO] [stdout] test functional_tests::test_run_check ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 1 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.02s
[INFO] [stdout] 
[INFO] [stderr]      Running tests/parse_tree.rs (/opt/rustwide/target/debug/deps/parse_tree-13844921d7f47d72)
[INFO] [stdout] 
[INFO] [stdout] running 9 tests
[INFO] [stdout] test parse_tree_tests::test_yaml_output_with_expected_failures::case_2 ... ok
[INFO] [stdout] test parse_tree_tests::test_yaml_output_with_expected_failures::case_1 ... ok
[INFO] [stdout] test parse_tree_tests::test_yaml_output_compare_buffer_to_file::case_2 ... ok
[INFO] [stdout] test parse_tree_tests::test_yaml_output::case_3 ... ok
[INFO] [stdout] test parse_tree_tests::test_yaml_output::case_1 ... ok
[INFO] [stdout] test parse_tree_tests::test_json_output ... ok
[INFO] [stdout] test parse_tree_tests::test_yaml_output::case_2 ... ok
[INFO] [stdout] test parse_tree_tests::test_yaml_output_compare_buffer_to_file::case_3 ... ok
[INFO] [stdout] test parse_tree_tests::test_yaml_output_compare_buffer_to_file::case_1 ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 9 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.02s
[INFO] [stdout] 
[INFO] [stderr]      Running tests/rulegen.rs (/opt/rustwide/target/debug/deps/rulegen-a14e86b48a1e4e93)
[INFO] [stdout] 
[INFO] [stdout] running 2 tests
[INFO] [stdout] test rulegen_tests::test_rulegen_from_template::case_1 ... ok
[INFO] [stdout] test rulegen_tests::test_rulegen_from_template::case_2 ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 2 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.03s
[INFO] [stdout] 
[INFO] [stderr]      Running tests/test_command.rs (/opt/rustwide/target/debug/deps/test_command-ab331647fe935ba6)
[INFO] [stdout] 
[INFO] [stdout] running 10 tests
[INFO] [stdout] test test_command_tests::test_parse_error_when_file_dne ... ok
[INFO] [stdout] test test_command_tests::test_parse_error_when_guard_rule_has_syntax_error ... ok
[INFO] [stdout] test test_command_tests::test_with_function_expr ... ok
[INFO] [stdout] test test_command_tests::test_with_failure ... ok
[INFO] [stdout] test test_command_tests::test_data_file::case_1 ... ok
[INFO] [stdout] test test_command_tests::test_data_file_verbose ... ok
[INFO] [stdout] test test_command_tests::test_data_file_with_shorthand_reference::case_2 ... ok
[INFO] [stdout] test test_command_tests::test_data_file_with_shorthand_reference::case_1 ... ok
[INFO] [stdout] test test_command_tests::test_data_file::case_2 ... ok
[INFO] [stdout] test test_command_tests::test_with_rules_dir_verbose ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 10 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.06s
[INFO] [stdout] 
[INFO] [stderr]      Running tests/utils.rs (/opt/rustwide/target/debug/deps/utils-84f90d8c8fc49d50)
[INFO] [stdout] 
[INFO] [stdout] running 0 tests
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 0 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s
[INFO] [stdout] 
[INFO] [stderr]      Running tests/validate.rs (/opt/rustwide/target/debug/deps/validate-8a9669255055f3e2)
[INFO] [stdout] 
[INFO] [stdout] running 63 tests
[INFO] [stderr] Error occurred The path `/opt/rustwide/workdir/resources/validate/input-parameters-dir/blank-template.yaml` does not exist
[INFO] [stderr] Error occurred The path `/opt/rustwide/workdir/resources/validate/input-parameters-dir/malformed-template.yaml` does not exist
[INFO] [stderr] Error occurred The path `/opt/rustwide/workdir/resources/validate/input-parameters-dir/blank-template.yaml` does not exist
[INFO] [stdout] test validate_tests::test_combinations_of_rules_data_and_input_params_files::case_5 ... ok
[INFO] [stdout] test validate_tests::test_combinations_of_rules_data_and_input_params_files::case_6 ... ok
[INFO] [stdout] test validate_tests::test_combinations_of_rules_data_and_input_params_files::case_4 ... ok
[INFO] [stdout] test validate_tests::test_combinations_of_rules_data_and_input_params_files::case_2 ... ok
[INFO] [stdout] test validate_tests::test_combinations_of_rules_data_and_input_params_files::case_3 ... ok
[INFO] [stdout] test validate_tests::test_payload_verbose_yaml_compliant ... ok
[INFO] [stdout] test validate_tests::test_different_combinations_of_rules_and_data::case_1 ... ok
[INFO] [stdout] test validate_tests::test_different_combinations_of_rules_and_data::case_2 ... ok
[INFO] [stdout] test validate_tests::test_rules_with_data_from_stdin_yaml ... ok
[INFO] [stdout] test validate_tests::test_rules_with_data_from_stdin_yaml_verbose ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file::case_2 ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_compliant ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file::case_3 ... ok
[INFO] [stderr] Error occurred There was no variable or value object to resolve. Error = `Could not resolve variable by name s3_buckets_server_side_encryption_2 across scopes`
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_01 ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_03 ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_04 ... ok
[INFO] [stderr] Error occurred Parser Error when parsing `Error encountered while parsing data file: malformed-template.yaml, data beginning with 
[INFO] [stderr] # ---
[INFO] [stderr] # AWSTemplateFormatVersion: 2010-09-09
[INFO] [stderr] # Description: CloudFormation - Malformed Template
[INFO] [stderr] 
[INFO] [stderr] Res
[INFO] [stderr]  ...`
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_05 ... ok
[INFO] [stderr] Error occurred Parser Error when parsing `Unable to parse a template from data file: blank-template.yaml is empty`
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_07 ... ok
[INFO] [stderr] Error occurred Parser Error when parsing `Unable to parse a template from data file: blank-template.yaml is empty`
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_08 ... s3-server-side-encryption-template-non-compliant-2.yamlok
[INFO] [stdout]  Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled_2.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2    FAIL
[INFO] [stdout] ---
[INFO] [stderr] Error occurred The path `/opt/rustwide/workdir/resources/validate/dne.yaml` does not exist
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_server_side_encryption_enabled_2.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_09 ...   okRule = 
[INFO] [stdout] S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2 {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption_2[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption #2.
[INFO] [stdout]           Fix: Set the S3 Bucket property #2 BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_06 ... ok
[INFO] [stderr] Error occurred Parser Error when parsing `Unable to parse a template from data file: blank.yaml is empty`
[INFO] [stderr] Error occurred The path `/opt/rustwide/workdir/resources/validate/dne.guard` does not exist
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_11 ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_10 ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_12 ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_13 ... ok
[INFO] [stdout] nested_crash.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled_2.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_verbose::case_1 ... ok
[INFO] [stdout] Evaluating data nested_crash.yaml against rules s3_bucket_server_side_encryption_enabled_2.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2 {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption_2[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         ComparisonError {
[INFO] [stdout]           Message          {
[INFO] [stdout]             Violation: S3 Bucket must enable server-side encryption #2.
[INFO] [stdout]             Fix: Set the S3 Bucket property #2 BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]           }
[INFO] [stdout]           Error            = Check was not compliant as property [/Resources/MyBucket/Properties/BucketEncryption/ServerSideEncryptionConfiguration/0/ServerSideEncryptionByDefault/SSEAlgorithm[L:16,C:28]] was not present in [(resolved, Path=[L:0,C:0] Value=["aws:kms","AES256"])]
[INFO] [stdout]         }
[INFO] [stdout]           PropertyPath    = /Resources/MyBucket/Properties/BucketEncryption/ServerSideEncryptionConfiguration/0/ServerSideEncryptionByDefault/SSEAlgorithm[L:16,C:28]
[INFO] [stdout]           Operator        = IN
[INFO] [stdout]           Value           = {}
[INFO] [stdout]           ComparedWith    = [["aws:kms","AES256"]]
[INFO] [stdout]           Code:
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]                17.              SSEAlgorithm: { { CRASH } }
[INFO] [stdout]                18.      VersioningConfiguration:
[INFO] [stdout]                19.        Status: Enabled
[INFO] [stdout] 
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_14 ... ok
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_verbose::case_3 ... ok
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_04 ... ok
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guardadvanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] /default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] db_resource.yamlEvaluation of rules advanced_regex_negative_lookbehind_rule.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [advanced_regex_negative_lookbehind_rule.guard/default] is compliant for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout]  Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] db_param_port_rule.guard/DB_METADATA_EXISTS    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_verbose::case_4 ... ok
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluation of rules advanced_regex_negative_lookbehind_rule.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [advanced_regex_negative_lookbehind_rule.guard/default] is compliant for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluating data db_resource.yaml against rules db_param_port_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluation of rules advanced_regex_negative_lookbehind_rule.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [advanced_regex_negative_lookbehind_rule.guard/default] is compliant for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_combinations_of_rules_data_and_input_params_files::case_1 ... ok
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status =           FAILPropertyPath = 
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data Number of non-compliant resources advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] 1--
[INFO] [stdout] 
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Evaluating data Resource = s3-public-read-prohibited-template-non-compliant.yamlMyBucket against rules  {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout] s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type     Rule =  Rule = S3_BUCKET_PUBLIC_READ_PROHIBITEDS3_BUCKET_LOGGING_ENABLED  {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]            MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]   =           Code:
[INFO] [stdout] AWS::S3::Bucket
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13            ,C:6   10.        BlockPublicAcls: true]
[INFO] [stdout] 
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]           test validate_tests::test_single_data_file_single_rules_file::case_1 ... MissingProperty =         } {
[INFO] [stdout] ok
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout] 
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] advanced_regex_negative_lookbehind_non_compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluation of rules advanced_regex_negative_lookbehind_rule.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Property [/NotAwsAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["AKIAIOSFODNN7EXAMPLE"] did match expected value ["/(?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9])/"]. Error Message []
[INFO] [stdout] Property [/NotSecretAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"] did match expected value ["/(?<![A-Za-z0-9\\/+=])[A-Za-z0-9\\/+=]{40}(?![A-Za-z0-9\\/+=])/"]. Error Message []
[INFO] [stdout] --
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] advanced_regex_negative_lookbehind_non_compliant.yaml--
[INFO] [stdout]  Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluation of rules advanced_regex_negative_lookbehind_rule.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Property [/NotAwsAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["AKIAIOSFODNN7EXAMPLE"] did match expected value ["/(?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9])/"]. Error Message []
[INFO] [stdout] Property [/NotSecretAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"] did match expected value ["/(?<![A-Za-z0-9\\/+=])[A-Za-z0-9\\/+=]{40}(?![A-Za-z0-9\\/+=])/"]. Error Message []
[INFO] [stdout] --
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]             ---
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout]         }advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] /default      } 
[INFO] [stdout]    FAIL
[INFO] [stdout] ---
[INFO] [stdout]    11.      #   BlockPublicPolicy: true      Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] 
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]                       Reason =    12.      #   IgnorePublicAcls: trueCould not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout] test validate_tests::test_structured_output_with_show_summary::case_1 ... ok
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] advanced_regex_negative_lookbehind_non_compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluation of rules advanced_regex_negative_lookbehind_rule.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout] Property [/NotAwsAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["AKIAIOSFODNN7EXAMPLE"] did match expected value ["/(?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9])/"]. Error Message []            
[INFO] [stdout] 
[INFO] [stdout] Property [/NotSecretAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"] did match expected value ["/(?<![A-Za-z0-9\\/+=])[A-Za-z0-9\\/+=]{40}(?![A-Za-z0-9\\/+=])/"]. Error Message []
[INFO] [stdout]    14.      BucketEncryption:
[INFO] [stdout] --
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status =             FAIL   15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout] 
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:          
[INFO] [stdout] PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]                   }MissingProperty = 
[INFO] [stdout]       }PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout] Evaluation of rules advanced_regex_negative_lookbehind_rule.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout]       --
[INFO] [stdout] Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] Rule [advanced_regex_negative_lookbehind_rule.guard/default] is compliant for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] 
[INFO] [stdout] FAILED rules
[INFO] [stdout] Evaluating data advanced_regex_negative_lookbehind_rule.guards3-public-read-prohibited-template-non-compliant.yaml/ against rules defaultadvanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout]     FAIL
[INFO] [stdout] ---
[INFO] [stdout] --
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml           Status = MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = FAILCould not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout] 
[INFO] [stdout]           Code:
[INFO] [stdout] FAILED rules
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED                   12.      #   IgnorePublicAcls: true
[INFO] [stdout] FAIL
[INFO] [stdout]             ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yamlNumber of non-compliant resources 0
[INFO] [stdout]  Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout]    13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml             Status =    15.        ServerSideEncryptionConfiguration:
[INFO] [stdout] FAIL
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]         Message {
[INFO] [stdout]           FAILED rulesViolation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout] 
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard        /}
[INFO] [stdout] default            RequiredPropertyError {
[INFO] [stdout] FAIL
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties---
[INFO] [stdout] [L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] }
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_structured_output_payload ... ok
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout] Number of non-compliant resources 0
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_status::case_02 ... ok
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL  
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Type      = AWS::S3::Bucket
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]                       Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]     8.    Properties:
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]                10.        BlockPublicAcls: true          
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules test validate_tests::test_rules_with_data_from_stdin_fail ... ok
[INFO] [stdout] s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] MissingProperty = --
[INFO] [stdout] LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout] advanced_regex_negative_lookbehind_non_compliant.yaml Status =         }
[INFO] [stdout] FAIL
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_server_side_encryption_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      =       }AWS::S3::Bucket
[INFO] [stdout] 
[INFO] [stdout]     }
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED  } {
[INFO] [stdout] 
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] FAILED rules    ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption.
[INFO] [stdout]           Fix: Set the S3 Bucket property BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout] Evaluation of rules s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout] --
[INFO] [stdout]                16.        Status: EnabledRule [
[INFO] [stdout] S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout]         }
[INFO] [stdout] --
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout]     ALL {
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      Check =    %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS    {
[INFO] [stdout]            RequiredPropertyError {
[INFO] [stdout] = AWS::S3::Bucket
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]     ALL {
[INFO] [stdout]           Code:
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout] 
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                            14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]    13.      #   RestrictPublicBuckets: true      }
[INFO] [stdout]       Check = test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_05 ...  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout] 
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout] ok
[INFO] [stdout]         Evaluating data s3-server-side-encryption-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]                     Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout] test validate_tests::test_single_data_file_single_rules_file_verbose::case_2 ...         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] oks3-server-side-encryption-template-non-compliant-2.yaml
[INFO] [stdout] Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]          Status =   FAILFix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           
[INFO] [stdout] FAILED rulesEvaluating data s3-server-side-encryption-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] 
[INFO] [stdout] Number of non-compliant resources test validate_tests::test_structured_output_with_show_summary::case_2 ...         s3_bucket_server_side_encryption_enabled_2.guard1          PropertyPath = MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout] /Resources/MyBucket/Properties[          Reason = L:8Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6],C:
[INFO] [stdout] ok          Code:
[INFO] [stdout] 6
[INFO] [stdout] }
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard/default          RequiredPropertyError {
[INFO] [stdout] ]  FAIL
[INFO] [stdout] ---
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout] 
[INFO] [stdout]                     MissingProperty = MissingProperty = LoggingConfigurationLoggingConfiguration
[INFO] [stdout] 
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:   11.      #   BlockPublicPolicy: true
[INFO] [stdout] /S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2    FAIL
[INFO] [stdout] ---
[INFO] [stdout]         }
[INFO] [stdout] Evaluation of rules advanced_regex_negative_lookbehind_rule.guard against data       }advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] 
[INFO] [stdout] 
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath =             /Resources/MyBucket/Properties   12.      #   IgnorePublicAcls: true[
[INFO] [stdout]           Reason =                13.      #   RestrictPublicBuckets: trueCould not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout] --
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout] Property [/NotAwsAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["AKIAIOSFODNN7EXAMPLE"] did match expected value ["/(?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9])/"]. Error Message []L:            13
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules             s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason =    16.          - ServerSideEncryptionByDefault:Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13   11.        BlockPublicPolicy: true,C:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] 
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout] 
[INFO] [stdout]           Code:
[INFO] [stdout] Property [/NotSecretAccessKey] in data [advanced_regex_negative_lookbehind_non_compliant.yaml] is not compliant with [advanced_regex_negative_lookbehind_rule.guard/default] because provided value ["wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"] did match expected value ["/(?<![A-Za-z0-9\\/+=])[A-Za-z0-9\\/+=]{40}(?![A-Za-z0-9\\/+=])/"]. Error Message []                6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] 
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout] 6      Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] ,C:          PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]             Evaluating data    13.      #   RestrictPublicBuckets: trues3-server-side-encryption-template-non-compliant.yaml
[INFO] [stdout]  against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]             test validate_tests::test_structured_output ...    14.      BucketEncryption:        Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout] 
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_server_side_encryption_enabled_2.guard
[INFO] [stdout]             Number of non-compliant resources 1
[INFO] [stdout]    15.        ServerSideEncryptionConfiguration:
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout] ]
[INFO] [stdout]   okType 
[INFO] [stdout] 6        }
[INFO] [stdout] --
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                 12.      #   IgnorePublicAcls: true
[INFO] [stdout] ]                  
[INFO] [stdout]              
[INFO] [stdout]    =       }
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls    7.    Type: AWS::S3::Bucket
[INFO] [stdout] MessageAWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2 {
[INFO] [stdout]               ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption_2[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout] Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]         Message {
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout] Reason =                14.      BucketEncryption:
[INFO] [stdout] Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6] {
[INFO] [stdout]                     Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] 
[INFO] [stdout]           Code:
[INFO] [stdout]                             6.  MyBucket:
[INFO] [stdout]    15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]             Code:
[INFO] [stdout]     8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]         }                    
[INFO] [stdout]     }s3-public-read-prohibited-template-non-compliant.yaml      } Status = 
[INFO] [stdout]    14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout] 
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] }
[INFO] [stdout] FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout]         }advanced_regex_negative_lookbehind_rule.guard/default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] 
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]       }               12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout] Evaluation of rules         }
[INFO] [stdout]       }
[INFO] [stdout] s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout]   Violation: S3 Bucket must enable server-side encryption #2.
[INFO] [stdout]           Fix: Set the S3 Bucket property #2 BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] 
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout] Evaluating data                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yamltest validate_tests::test_validate_with_failing_count_and_compare_output ... FAILED rulesok against rules 
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard
[INFO] [stdout]           Number of non-compliant resources 0
[INFO] [stdout] 
[INFO] [stdout] PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]                       MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout] 
[INFO] [stdout]          13.        RestrictPublicBuckets: true
[INFO] [stdout] Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]                        13.      #   RestrictPublicBuckets: true
[INFO] [stdout]           PropertyPath = Message            /Resources/MyBucket/Properties[   14.      BucketEncryption:L:
[INFO] [stdout]  {
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                 }  s3_bucket_logging_enabled.guardViolation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout] /13S3_BUCKET_LOGGING_ENABLED             ,C:   16.        Status: Enabled 6]
[INFO] [stdout]       }        }      }
[INFO] [stdout] 
[INFO] [stdout] 
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]         }
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]             }RequiredPropertyError {
[INFO] [stdout] 
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]   }          
[INFO] [stdout] Code:
[INFO] [stdout] 
[INFO] [stdout]                11.      #   BlockPublicPolicy: true      }
[INFO] [stdout] }
[INFO] [stdout]           Code:
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout] 
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]                     }
[INFO] [stdout] 
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]     7.    Type: AWS::S3::Bucket
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                             8.    Properties:   15.        ServerSideEncryptionConfiguration:
[INFO] [stdout] 
[INFO] [stdout]                             9.      PublicAccessBlockConfiguration:   16.          - ServerSideEncryptionByDefault:
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml      }    }
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }  }
[INFO] [stdout] }
[INFO] [stdout] 
[INFO] [stdout] }
[INFO] [stdout] 
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout] 
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_07 ... s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout]     }
[INFO] [stdout] ok  }
[INFO] [stdout] FAILED rules
[INFO] [stdout]              Evaluation of rules s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout]    16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]          }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout] FAIL
[INFO] [stdout] }
[INFO] [stdout] s3_bucket_logging_enabled.guard/
[INFO] [stdout]  Status = FAIL
[INFO] [stdout] S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] FAILED rules
[INFO] [stdout]   }
[INFO] [stdout] advanced_regex_negative_lookbehind_rule.guard---
[INFO] [stdout] }
[INFO] [stdout] /default    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout] Evaluating data   s3-server-side-encryption-template-non-compliant-2.yamlType against rules  advanced_regex_negative_lookbehind_rule.guard 
[INFO] [stdout]  Number of non-compliant resources    = AWS::S3::Bucket0
[INFO] [stdout] 
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_2 ... ok
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_01 ... Resource = MyBucket {
[INFO] [stdout]   okType
[INFO] [stdout]       = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_06 ... ok
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_02 ... ok
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] s3-public-read-prohibited-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_validate_with_failing_join_and_compare_output ... ok
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [FAILED rulesadvanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] 
[INFO] [stdout] --
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_5 ... --
[INFO] [stdout] okRule [
[INFO] [stdout] S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_3 ... ok
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] test validate_tests::test_structured_output_yaml ... ok
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout] test validate_tests::test_with_payload_flag_fail ... ok
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_logging_enabled.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_LOGGING_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] test validate_tests::test_with_payload_flag ... ok
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout] --
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout]           PropertyPath = --
[INFO] [stdout] /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL            
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout]    11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]             test validate_tests::test_validate_with_fn_expr_success::case_4 ...    14.      BucketEncryption:ok
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_6 ... ok
[INFO] [stdout] 
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_logging_enabled.guard/S3_BUCKET_LOGGING_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout] Evaluating data                14.      BucketEncryption:
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_logging_enabled.guard
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_LOGGING_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_bucket_logging_enabled[*].Properties.LoggingConfiguration EXISTS   {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Logging needs to be configured to enable logging.
[INFO] [stdout]           Fix: Set the S3 Bucket property LoggingConfiguration to start logging into S3 bucket.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           MissingProperty = LoggingConfiguration
[INFO] [stdout]           Reason = Could not find key LoggingConfiguration inside struct at path /Resources/MyBucket/Properties[L:8,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                 6.  MyBucket:
[INFO] [stdout]                 7.    Type: AWS::S3::Bucket
[INFO] [stdout]                 8.    Properties:
[INFO] [stdout]                 9.      PublicAccessBlockConfiguration:
[INFO] [stdout]                10.        BlockPublicAcls: true
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_server_side_encryption_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption.
[INFO] [stdout]           Fix: Set the S3 Bucket property BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_8 ...         }ok
[INFO] [stdout] 
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_server_side_encryption_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption.
[INFO] [stdout]           Fix: Set the S3 Bucket property BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_public_read_prohibited.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_7 ... ok
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_server_side_encryption_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption.
[INFO] [stdout]           Fix: Set the S3 Bucket property BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_03 ... ok
[INFO] [stdout] Evaluation of rules Evaluation of rules s3_bucket_server_side_encryption_enabled_2.guards3_bucket_public_read_prohibited.guard against data  against data advanced_regex_negative_lookbehind_compliant.yamladvanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] Evaluation of rules --
[INFO] [stdout] Rule [s3_bucket_server_side_encryption_enabled.guard against data S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_PUBLIC_READ_PROHIBITED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] 
[INFO] [stdout] --
[INFO] [stdout] Rule [--
[INFO] [stdout] S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] ] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled_2.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2    FAIL
[INFO] [stdout] ---
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_server_side_encryption_enabled_2.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2 {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption_2[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption #2.
[INFO] [stdout]           Fix: Set the S3 Bucket property #2 BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout] s3-public-read-prohibited-template-non-compliant.yaml          MissingProperty =  Status = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout] FAIL          Reason = 
[INFO] [stdout] Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))FAILED rules
[INFO] [stdout] s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED    FAIL
[INFO] [stdout] 
[INFO] [stdout]           Code:
[INFO] [stdout] ---
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_server_side_encryption_enabled.guard            
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]    15.      VersioningConfiguration:
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption.
[INFO] [stdout]           Fix: Set the S3 Bucket property BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]                        16.        Status: Enabled}
[INFO] [stdout] 
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]         }
[INFO] [stdout]           PropertyPath =       }
[INFO] [stdout] /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]     }
[INFO] [stdout]             }
[INFO] [stdout] MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout] }
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled_2.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluating data s3-public-read-prohibited-template-non-compliant.yaml against rules s3_bucket_public_read_prohibited.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_PUBLIC_READ_PROHIBITED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS   {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_08 ...                13.      #   RestrictPublicBuckets: trueok
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6
[INFO] [stdout] ]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.BlockPublicPolicy
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS  true {
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.IgnorePublicAcls
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]       Check =  %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS  true {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket Public Write Access controls need to be restricted.
[INFO] [stdout]           Fix: Set S3 Bucket PublicAccessBlockConfiguration properties for BlockPublicAcls, BlockPublicPolicy, IgnorePublicAcls, RestrictPublicBuckets parameters to true.
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           MissingProperty = PublicAccessBlockConfiguration.RestrictPublicBuckets
[INFO] [stdout]           Reason = Could not find key PublicAccessBlockConfiguration inside struct at path /Resources/MyBucket/Properties[L:13,C:6]
[INFO] [stdout]           Code:
[INFO] [stdout]                11.      #   BlockPublicPolicy: true
[INFO] [stdout]                12.      #   IgnorePublicAcls: true
[INFO] [stdout]                13.      #   RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.        ServerSideEncryptionConfiguration:
[INFO] [stdout]                16.          - ServerSideEncryptionByDefault:
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled_2.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] test validate_tests::test_validate_with_failing_complex_rule ... ok
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled_2.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_server_side_encryption_enabled_2.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2 {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption_2[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption #2.
[INFO] [stdout]           Fix: Set the S3 Bucket property #2 BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled_2.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled.guard against data advanced_regex_negative_lookbehind_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled_2.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_server_side_encryption_enabled_2.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED_2 {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption_2[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption #2.
[INFO] [stdout]           Fix: Set the S3 Bucket property #2 BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_1 ... ok
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_10 ... ok
[INFO] [stdout] s3-server-side-encryption-template-non-compliant.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant.yaml against rules s3_bucket_server_side_encryption_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption.
[INFO] [stdout]           Fix: Set the S3 Bucket property BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] Evaluation of rules s3_bucket_server_side_encryption_enabled.guard against data advanced_regex_negative_lookbehind_non_compliant.yaml
[INFO] [stdout] --
[INFO] [stdout] Rule [S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED] is not applicable for template [advanced_regex_negative_lookbehind_non_compliant.yaml]
[INFO] [stdout] --
[INFO] [stdout] s3-server-side-encryption-template-non-compliant-2.yaml Status = FAIL
[INFO] [stdout] FAILED rules
[INFO] [stdout] s3_bucket_server_side_encryption_enabled.guard/S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED    FAIL
[INFO] [stdout] ---
[INFO] [stdout] Evaluating data s3-server-side-encryption-template-non-compliant-2.yaml against rules s3_bucket_server_side_encryption_enabled.guard
[INFO] [stdout] Number of non-compliant resources 1
[INFO] [stdout] Resource = MyBucket {
[INFO] [stdout]   Type      = AWS::S3::Bucket
[INFO] [stdout]   Rule = S3_BUCKET_SERVER_SIDE_ENCRYPTION_ENABLED {
[INFO] [stdout]     ALL {
[INFO] [stdout]       Check =  %s3_buckets_server_side_encryption[*].Properties.BucketEncryption.ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm IN  ["aws:kms","AES256"] {
[INFO] [stdout]         Message {
[INFO] [stdout]           Violation: S3 Bucket must enable server-side encryption.
[INFO] [stdout]           Fix: Set the S3 Bucket property BucketEncryption.ServerSideEncryptionConfiguration.ServerSideEncryptionByDefault.SSEAlgorithm to either "aws:kms" or "AES256"
[INFO] [stdout]         }
[INFO] [stdout]         RequiredPropertyError {
[INFO] [stdout]           PropertyPath = /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23]
[INFO] [stdout]           MissingProperty = ServerSideEncryptionConfiguration[*].ServerSideEncryptionByDefault.SSEAlgorithm
[INFO] [stdout]           Reason = Attempting to retrieve from key ServerSideEncryptionConfiguration but type is not an struct type at path /Resources/MyBucket/Properties/BucketEncryption[L:13,C:23], Type = String, Value = String((Path("/Resources/MyBucket/Properties/BucketEncryption", Location { line: 13, col: 23 }), ""))
[INFO] [stdout]           Code:
[INFO] [stdout]                11.        BlockPublicPolicy: true
[INFO] [stdout]                12.        IgnorePublicAcls: true
[INFO] [stdout]                13.        RestrictPublicBuckets: true
[INFO] [stdout]                14.      BucketEncryption:
[INFO] [stdout]                15.      VersioningConfiguration:
[INFO] [stdout]                16.        Status: Enabled
[INFO] [stdout]         }
[INFO] [stdout]       }
[INFO] [stdout]     }
[INFO] [stdout]   }
[INFO] [stdout] }
[INFO] [stdout] test validate_tests::test_combinations_of_rules_and_data_non_compliant::case_09 ... ok
[INFO] [stdout] test validate_tests::test_validate_with_fn_expr_success::case_9 ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 63 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.09s
[INFO] [stdout] 
[INFO] [stderr]    Doc-tests cfn_guard
[INFO] [stdout] 
[INFO] [stdout] running 1 test
[INFO] [stdout] test src/commands/validate/cfn.rs - commands::validate::cfn::get_resource_name (line 430) ... ok
[INFO] [stdout] 
[INFO] [stdout] test result: ok. 1 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.13s
[INFO] [stdout] 
[INFO] running `Command { std: "docker" "inspect" "7428df6e54bdd9840fe4f99d314375eb1f0b1d979e784b3bdaeda52ee5407ecd", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "7428df6e54bdd9840fe4f99d314375eb1f0b1d979e784b3bdaeda52ee5407ecd", kill_on_drop: false }`
[INFO] [stdout] 7428df6e54bdd9840fe4f99d314375eb1f0b1d979e784b3bdaeda52ee5407ecd