Beispiel #1
0
def prompt_vpc_config(vpc_prop: VPC_Props, region: str) -> None:
    """
    The VPC configuration is stored in the account using tags, per the properties supported in VPCTagConfig
    """
    current_config = VPCTagConfig(vpc_prop.tags)
    desc = f'enabled to `{current_config.target}` with enrollment mode `{current_config.enrollment}`' if current_config.enabled else 'disabled'
    change_config = 'y' in input(
        f'Modify VPC config for {vpc_prop.vpc_id}:{vpc_prop.name} (currently {desc})? (n) '
    ).lower()
    if not change_config:
        return
    if current_config.enabled and 'y' in input(
            f"Disable Traffic Mirroring for this VPC? (n) ").lower():
        mirror_target_arn = None
    else:
        mirror_target_arn = find_mirror_target(region=region,
                                               vpc_id=vpc_prop.vpc_id)
    new_config = VPCTagConfig(vpc_prop.tags)
    new_config.target = mirror_target_arn
    auto_mode_default = 'y' if current_config.auto_enrollment else ''
    resp = input(f"Enrollment Mode: "
                 f"Y for {VPCTagConfig.V_ENROLLMENT_AUTO} mode, "
                 f"N for {VPCTagConfig.V_ENROLLMENT_WHITELIST} mode. "
                 f"(Currently {current_config.enrollment}) "
                 f"Mirror all instances by default? ({auto_mode_default}) "
                 ).lower() or auto_mode_default
    auto_mode = 'y' in resp
    new_config.enrollment = VPCTagConfig.V_ENROLLMENT_AUTO if auto_mode else VPCTagConfig.V_ENROLLMENT_WHITELIST
    Ec2ApiClient.set_vpc_config(region=region,
                                vpc_id=vpc_prop.vpc_id,
                                config=new_config)
    logging.info(
        f'VPC Traffic Mirroring Target updated to {mirror_target_arn} in {new_config.enrollment} Enrollment Mode'
    )
Beispiel #2
0
 def test_enrollment_set_none(self):
     config = VPCTagConfig()
     config.enrollment = None
     config.target = None
     self.assertEqual(2, len(config.get_aws_tags()))
     for tag in config.get_aws_tags():
         self.assertEqual(1, len(tag))
Beispiel #3
0
 def test_enrollment_set(self):
     config = VPCTagConfig()
     config.enrollment = config.V_ENROLLMENT_WHITELIST
     self.assertEqual(config.V_ENROLLMENT_WHITELIST, config.enrollment)
     config.target = 'arn:aws:foo/bar'
     self.assertEqual(2, len(config.get_aws_tags()))
     for tag in config.get_aws_tags():
         self.assertEqual(2, len(tag))
Beispiel #4
0
 def test_enrollment_value_error(self):
     config = VPCTagConfig()
     with self.assertRaises(ValueError) as e:
         config.enrollment = 'cheese'