CCC-Complete 0.1

Test results for this specific product, vendor, and version combination

Vendor	FINOS
Product	CCC-Complete
Version	0.1

Download Raw Results

Download the original OCSF or HTML result files used to generate this page

File Name	Download
aws-vpc-cfi-1775557775-vpc-cn03-allowed-requester-01	OCSF HTML
aws-vpc-cfi-1775557775-vpc-cn03-allowed-requester-02	OCSF HTML
aws-vpc-cfi-1775557775-vpc-cn03-disallowed-requester-01	OCSF HTML
aws-vpc-cfi-1775557775-vpc-cn03-disallowed-requester-02	OCSF HTML
aws-vpc-cfi-1775557775-vpc-cn03-non-allowlisted-requester-01	OCSF HTML
aws-vpc-cfi-1775557775-vpc	OCSF HTML
aws-vpc-combined	OCSF
aws-vpc-prowler	OCSF
aws-vpc-summary	HTML

Test Summary

Aggregate summary of all tests for this configuration result

Resources In Configuration	6
Count of Tests	24
Passing Tests	24
Failing Tests	0
Catalogs Tested	CCC.VPC

Control Catalog Summary

Summary of test results grouped by control catalog and resource

Control Catalog	Resources	Total Tests	Passing	Failing	Tested Requirements	Missing Requirements	Unused Core Requirements
CCC.VPC	vpc-00ceb92e81affe79...vpc-027ef85c88b9d68c...vpc-03e0763d329ec1a5...vpc-0b622dcd5eee1a98...vpc-0c697ba86026b9c5...vpc-0f691db8cf3afae0...	24	24	0	CCC.VPC.CN03.AR01	CCC.VPC.CN01.AR01 CCC.VPC.CN02.AR01 CCC.VPC.CN04.AR01	None

Test Mapping Summary

Summary of test mappings showing how event codes map to test requirements

Control Catalog	Test Requirement	Mapped Tests (Event Code \| Total \| Passing \| Failing)
CCC.VPC	CCC.VPC.CN03.AR01 When a VPC peering connection is requested, the service MUST prevent connections from VPCs that are not explicitly allowed.	`Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC` 12120 `Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed` 12120

Resource Summary

Summary of all resources mentioned in OCSF results

Resource Name	Resource Type	Control Catalogs	Total Tests	Passing
vpc-00ceb92e81affe793	vpc	CCC.VPC	4	4
vpc-027ef85c88b9d68c2	vpc	CCC.VPC	4	4
vpc-03e0763d329ec1a53	vpc	CCC.VPC	4	4
vpc-0b622dcd5eee1a986	vpc	CCC.VPC	4	4
vpc-0c697ba86026b9c59	vpc	CCC.VPC	4	4
vpc-0f691db8cf3afae09	vpc	CCC.VPC	4	4

Test Results

OCSF test results filtered for entries with CCC compliance mappings

Status	Finding	Resource Name	Resource Type	Message	Test Requirements
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0c697ba86026b9c59	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0c697ba86026b9c59	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0b622dcd5eee1a986	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0b622dcd5eee1a986	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-03e0763d329ec1a53	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-03e0763d329ec1a53	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-00ceb92e81affe793	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-00ceb92e81affe793	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0f691db8cf3afae09	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0f691db8cf3afae09	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-027ef85c88b9d68c2	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-027ef85c88b9d68c2	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0c697ba86026b9c59	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0c697ba86026b9c59	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0b622dcd5eee1a986	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0b622dcd5eee1a986	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-03e0763d329ec1a53	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-03e0763d329ec1a53	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-00ceb92e81affe793	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-00ceb92e81affe793	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-0f691db8cf3afae09	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-0f691db8cf3afae09	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ I call "{vpcService}" with "ValidateDisallowListEnforcement" using argument "{ReceiverVpcId}" ✓ I attach "{result.Summary}" to the test output as "Disallow-list Enforcement Summary" ✓ I attach "{result.Results}" to the test output as "Disallow-list Enforcement" ✓ "{result.ListDefined}" is true ✓ "{result.TestedCount}" should be greater than "0" ✓ "{result.AllCorrect}" is true ✓ "{result.ViolationCount}" is "0"	vpc-027ef85c88b9d68c2	vpc	Enforcement proof (dry-run): all disallowed requesters are denied against in-scope receiver VPC	CCC.VPC.CN03.AR01
PASS	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed ✓ a cloud api for "{Instance}" in "api" ✓ I call "{api}" with "GetServiceAPI" using argument "vpc" ✓ I refer to "{result}" as "vpcService" ✓ I load environment variable "CN03_RECEIVER_VPC_ID" as "ReceiverVpcId" ✓ I load environment variable "CN03_NON_ALLOWLISTED_REQUESTER_VPC_ID" as "NonAllowlistedRequesterVpcId" ✓ I load environment variable "CN03_PEER_TRIAL_MATRIX_FILE" as "PeerTrialMatrixFile" ✓ "{ReceiverVpcId}" is not nil ✓ "{NonAllowlistedRequesterVpcId}" is not nil ✓ I call "{vpcService}" with "EvaluatePeerAgainstAllowList" using argument "{NonAllowlistedRequesterVpcId}" ✓ "{result.AllowedListDefined}" is true ✓ "{result.Allowed}" is false ✓ I call "{vpcService}" with "AttemptVpcPeeringDryRun" using arguments "{NonAllowlistedRequesterVpcId}" and "{ReceiverVpcId}" ✓ "{result.DryRunAllowed}" is false ✓ "{result.AllowListDefined}" is true ✓ "{result.RequesterInAllowList}" is false ✓ "{result.GuardrailExpectation}" is "deny" ✓ "{result.GuardrailMismatch}" is false ✓ "{result.ExitCode}" should be greater than "0" ✓ "{result.Reason}" contains "guardrail aligned" ✓ "{result.ConflictType}" is ""	vpc-027ef85c88b9d68c2	vpc	Enforcement proof (dry-run): non-allowlisted requester is denied even when not explicitly listed as disallowed	CCC.VPC.CN03.AR01