From 9cdca71c5af33de75ee75b91f82b4ee4ba0a3658 Mon Sep 17 00:00:00 2001
From: gruebel <anton.gruebel@gmail.com>
Date: Wed, 18 Oct 2023 15:31:13 +0200
Subject: [PATCH] adjust logic

---
 .../checks/resource/MySQLEncryptionEnabled.py | 23 ++++++++-----------
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/checkov/arm/checks/resource/MySQLEncryptionEnabled.py b/checkov/arm/checks/resource/MySQLEncryptionEnabled.py
index 364a5924de3..9f86afdf572 100644
--- a/checkov/arm/checks/resource/MySQLEncryptionEnabled.py
+++ b/checkov/arm/checks/resource/MySQLEncryptionEnabled.py
@@ -6,27 +6,24 @@
 
 
 class MySQLEncryptionEnabled(BaseResourceCheck):
-    def __init__(self):
+    def __init__(self) -> None:
         name = "Ensure that MySQL server enables infrastructure encryption"
         id = "CKV_AZURE_96"
-        supported_resources = ['Microsoft.DBforMySQL/flexibleServers']
-        categories = [CheckCategories.ENCRYPTION]
+        supported_resources = ("Microsoft.DBforMySQL/flexibleServers",)
+        categories = (CheckCategories.ENCRYPTION,)
         super().__init__(name=name, id=id, categories=categories, supported_resources=supported_resources)
 
     def scan_resource_conf(self, conf: dict[str, Any], entity_type: str) -> CheckResult:
-        if conf.get("properties") and isinstance(conf.get("properties"), dict):
-            properties = conf.get("properties")
-            self.evaluated_keys = ['properties']
-
-            if properties.get('dataencryption') and isinstance(properties.get('dataencryption'), dict):
-                dataencryption = properties.get('dataencryption')
-                self.evaluated_keys = ['properties/dataencryption']
-                if dataencryption is None:
+        properties = conf.get("properties")
+        if properties and isinstance(properties, dict):
+            self.evaluated_keys = ["properties/dataencryption"]
+            data_encryption = properties.get("dataencryption")
+            if data_encryption and isinstance(data_encryption, dict):
+                if data_encryption is None:
                     return CheckResult.FAILED
-
                 return CheckResult.PASSED
             # unparsed
-            if properties.get('dataencryption') and isinstance(properties.get('dataencryption'), str):
+            elif data_encryption and isinstance(data_encryption, str):
                 return CheckResult.UNKNOWN
             return CheckResult.FAILED
         return CheckResult.UNKNOWN