def get_function(session_factory, role, buckets=None):
from c7n.mu import (LambdaFunction, custodian_archive, BucketNotification)
config = dict(name='c7n-s3-encrypt',
handler='s3crypt.process_key_event',
memory_size=256,
timeout=15,
role=role,
runtime="python2.7",
description='Custodian S3 Key Encrypt')
if buckets:
config['events'] = [
BucketNotification({}, session_factory, b) for b in buckets
]
archive = custodian_archive()
archive.create()
src = __file__
if src.endswith('.pyc'):
src = src[:-1]
archive.add_file(src, 's3crypt.py')
archive.add_contents('config.json', json.dumps({}))
archive.close()
return LambdaFunction(config, archive)
def test_custodian_archive_creates_a_custodian_archive(self):
archive = custodian_archive()
self.addCleanup(archive.remove)
archive.close()
filenames = archive.get_filenames()
self.assertTrue("c7n/__init__.py" in filenames)
self.assertTrue("pkg_resources/__init__.py" in filenames)
def get_function(session_factory,
role,
buckets=None,
account_id=None,
tags=None):
from c7n.mu import (LambdaFunction, custodian_archive,
BucketLambdaNotification)
config = dict(name='c7n-s3-encrypt',
handler='s3crypt.process_event',
memory_size=256,
timeout=30,
role=role,
tags=tags or {},
runtime="python2.7",
description='Custodian S3 Key Encrypt')
if buckets:
config['events'] = [
BucketLambdaNotification({'account_s3': account_id},
session_factory, b) for b in buckets
]
archive = custodian_archive()
archive.add_py_file(__file__)
archive.add_contents('config.json', json.dumps({}))
archive.close()
return LambdaFunction(config, archive)
def get_function(session_factory, role, buckets=None, account_id=None):
from c7n.mu import (
LambdaFunction, custodian_archive, BucketNotification)
config = dict(
name='c7n-s3-encrypt',
handler='s3crypt.process_key_event',
memory_size=256,
timeout=15,
role=role,
runtime="python2.7",
description='Custodian S3 Key Encrypt')
if buckets:
config['events'] = [
BucketNotification({'account_s3': account_id}, session_factory, b)
for b in buckets]
archive = custodian_archive()
archive.create()
src = __file__
if src.endswith('.pyc'):
src = src[:-1]
archive.add_file(src, 's3crypt.py')
archive.add_contents('config.json', json.dumps({}))
archive.close()
return LambdaFunction(config, archive)
def test_custodian_archive_creates_a_custodian_archive(self):
archive = custodian_archive()
self.addCleanup(archive.remove)
archive.close()
filenames = archive.get_filenames()
self.assertTrue("c7n/__init__.py" in filenames)
self.assertTrue("pkg_resources/__init__.py" in filenames)
def get_function(session_factory, role, via_sns, buckets=None, account_id=None):
from c7n.mu import (
LambdaFunction, custodian_archive, BucketLambdaNotification)
config = dict(
name='c7n-s3-encrypt',
handler='s3crypt.process_' + 'sns_event' if via_sns else 'key_event',
memory_size=256,
timeout=30,
role=role,
runtime="python2.7",
description='Custodian S3 Key Encrypt')
if buckets:
config['events'] = [
BucketLambdaNotification({'account_s3': account_id},
session_factory, b)
for b in buckets]
archive = custodian_archive()
archive.add_py_file(__file__)
archive.add_contents('config.json', json.dumps({}))
archive.close()
return LambdaFunction(config, archive)
def test_archive_bytes(self):
self.archive = custodian_archive()
self.archive.create()
self.addCleanup(self.archive.remove)
self.archive.close()
io = StringIO.StringIO(self.archive.get_bytes())
reader = zipfile.ZipFile(io, mode='r')
fileset = [n.filename for n in reader.filelist]
self.assertTrue('c7n/__init__.py' in fileset)
def test_archive_bytes(self):
self.archive = custodian_archive()
self.archive.create()
self.addCleanup(self.archive.remove)
self.archive.close()
io = StringIO.StringIO(self.archive.get_bytes())
reader = zipfile.ZipFile(io, mode='r')
fileset = [n.filename for n in reader.filelist]
self.assertTrue('c7n/__init__.py' in fileset)
def test_archive_permissions(self):
# files should all be readable
self.archive = custodian_archive("*.pyc")
self.archive.create()
self.addCleanup(self.archive.remove)
self.archive.close()
readable = 0444 << 16L
with open(self.archive.path) as fh:
reader = zipfile.ZipFile(fh, mode='r')
for i in reader.infolist():
self.assertGreaterEqual(i.external_attr, readable)
def test_archive_permissions(self):
# files should all be readable
self.archive = custodian_archive("*.pyc")
self.archive.create()
self.addCleanup(self.archive.remove)
self.archive.close()
readable = 0444 << 16L
with open(self.archive.path) as fh:
reader = zipfile.ZipFile(fh, mode='r')
for i in reader.infolist():
self.assertGreaterEqual(i.external_attr, readable)
def test_archive_skip(self):
self.archive = custodian_archive("*.pyc")
self.archive.create()
self.addCleanup(self.archive.remove)
self.archive.close()
with open(self.archive.path) as fh:
reader = zipfile.ZipFile(fh, mode='r')
fileset = [n.filename for n in reader.filelist]
for i in ['c7n/__init__.pyc',
'c7n/resources/s3.pyc',
'boto3/__init__.py']:
self.assertFalse(i in fileset)
def test_archive_skip(self):
self.archive = custodian_archive("*.pyc")
self.archive.create()
self.addCleanup(self.archive.remove)
self.archive.close()
with open(self.archive.path) as fh:
reader = zipfile.ZipFile(fh, mode='r')
fileset = [n.filename for n in reader.filelist]
for i in ['c7n/__init__.pyc',
'c7n/resources/s3.pyc',
'boto3/__init__.py']:
self.assertFalse(i in fileset)
def get_function(session_factory, name, role, events):
from c7n.mu import (LambdaFunction, custodian_archive)
config = dict(name=name,
handler='helloworld.main',
runtime='python2.7',
memory_size=512,
timeout=15,
role=role,
description='Hello World',
events=events)
archive = custodian_archive()
archive.add_py_file(__file__)
archive.close()
return LambdaFunction(config, archive)