fix(terraform): Changed a couple of checks from negative to positive check, behavior is the same (#6063)

bo156 · web-flow · commit b1b5a4516229 · 2024-03-04T09:58:00.000+02:00
Changed a couple of checks from negative to positive check
diff --git a/checkov/terraform/checks/resource/azure/StorageAccountDisablePublicAccess.py b/checkov/terraform/checks/resource/azure/StorageAccountDisablePublicAccess.py
@@ -2,11 +2,11 @@
 
 from typing import Any
 
-from checkov.common.models.enums import CheckCategories, CheckResult
-from checkov.terraform.checks.resource.base_resource_negative_value_check import BaseResourceNegativeValueCheck
+from checkov.common.models.enums import CheckCategories
+from checkov.terraform.checks.resource.base_resource_value_check import BaseResourceValueCheck
 
 
-class StorageAccountDisablePublicAccess(BaseResourceNegativeValueCheck):
+class StorageAccountDisablePublicAccess(BaseResourceValueCheck):
     def __init__(self) -> None:
         name = "Ensure that Storage accounts disallow public access"
         id = "CKV_AZURE_59"
@@ -17,14 +17,13 @@ def __init__(self) -> None:
             id=id,
             categories=categories,
             supported_resources=supported_resources,
-            missing_attribute_result=CheckResult.FAILED,
         )
 
     def get_inspected_key(self) -> str:
         return "public_network_access_enabled"
 
-    def get_forbidden_values(self) -> list[Any]:
-        return [True]
+    def get_expected_values(self) -> list[Any]:
+        return [False]
 
 
 check = StorageAccountDisablePublicAccess()
diff --git a/checkov/terraform/checks/resource/azure/StorageBlobRestrictPublicAccess.py b/checkov/terraform/checks/resource/azure/StorageBlobRestrictPublicAccess.py
@@ -2,11 +2,11 @@
 
 from typing import Any
 
-from checkov.common.models.enums import CheckCategories, CheckResult
-from checkov.terraform.checks.resource.base_resource_negative_value_check import BaseResourceNegativeValueCheck
+from checkov.common.models.enums import CheckCategories
+from checkov.terraform.checks.resource.base_resource_value_check import BaseResourceValueCheck
 
 
-class StorageBlobRestrictPublicAccess(BaseResourceNegativeValueCheck):
+class StorageBlobRestrictPublicAccess(BaseResourceValueCheck):
     def __init__(self) -> None:
         name = "Ensure that Storage blobs restrict public access"
         id = "CKV_AZURE_190"
@@ -17,14 +17,13 @@ def __init__(self) -> None:
             id=id,
             categories=categories,
             supported_resources=supported_resources,
-            missing_attribute_result=CheckResult.FAILED,
         )
 
     def get_inspected_key(self) -> str:
         return "allow_nested_items_to_be_public"
 
-    def get_forbidden_values(self) -> list[Any]:
-        return [True]
+    def get_expected_values(self) -> list[Any]:
+        return [False]
 
 
 check = StorageBlobRestrictPublicAccess()
