def test_generate_cloudwatch_monitoring_custom_sns(): """CLI - Terraform Generate Cloudwatch Monitoring with Existing SNS Topic""" # Test a custom SNS topic name CONFIG['global']['infrastructure']['monitoring'][ 'create_sns_topic'] = False CONFIG['global']['infrastructure']['monitoring']\ ['sns_topic_name'] = 'unit_test_monitoring' cluster_dict = _common.infinitedict() result = monitoring.generate_monitoring('test', cluster_dict, CONFIG) expected_cloudwatch_tf_custom = { 'source': 'modules/tf_stream_alert_monitoring', 'sns_topic_arn': 'arn:aws:sns:us-west-1:12345678910:unit_test_monitoring', 'lambda_functions': [ 'unit-testing_test_streamalert_rule_processor', 'unit-testing_test_streamalert_alert_processor' ], 'kinesis_stream': 'unit-testing_test_stream_alert_kinesis' } assert_true(result) assert_equal(cluster_dict['module']['cloudwatch_monitoring_test'], expected_cloudwatch_tf_custom)
def test_generate_cloudwatch_monitoring_no_kinesis(): """CLI - Terraform Generate Cloudwatch Monitoring - Kinesis Disabled""" cluster_dict = _common.infinitedict() CONFIG['clusters']['test']['modules']['cloudwatch_monitoring'][ 'kinesis_alarms_enabled'] = False CONFIG['clusters']['test']['modules']['cloudwatch_monitoring'][ 'lambda_alarms_enabled'] = True result = monitoring.generate_monitoring('test', cluster_dict, CONFIG) # Test a the default SNS topic option expected_cloudwatch_tf = { 'source': 'modules/tf_stream_alert_monitoring', 'sns_topic_arn': 'arn:aws:sns:us-west-1:12345678910:stream_alert_monitoring', 'lambda_functions': [ 'unit-testing_test_streamalert_rule_processor', 'unit-testing_test_streamalert_alert_processor' ], 'lambda_alarms_enabled': True, 'kinesis_alarms_enabled': False } assert_true(result) assert_equal(cluster_dict['module']['cloudwatch_monitoring_test'], expected_cloudwatch_tf)
def test_generate_cloudwatch_monitoring_with_settings(): """CLI - Terraform Generate Cloudwatch Monitoring with Custom Settings""" cluster_dict = _common.infinitedict() result = monitoring.generate_monitoring('advanced', cluster_dict, CONFIG) # Test the default SNS topic option expected_cloudwatch_tf = { 'source': 'modules/tf_stream_alert_monitoring', 'sns_topic_arn': 'arn:aws:sns:us-west-1:12345678910:stream_alert_monitoring', 'lambda_functions': [ 'unit-testing_advanced_streamalert_rule_processor', 'unit-testing_advanced_streamalert_alert_processor' ], 'kinesis_stream': 'unit-testing_advanced_stream_alert_kinesis', 'lambda_alarms_enabled': True, 'kinesis_alarms_enabled': True, 'kinesis_iterator_age_error_threshold': '3000000' } assert_true(result) assert_equal(cluster_dict['module']['cloudwatch_monitoring_advanced'], expected_cloudwatch_tf)
def test_generate_cloudwatch_monitoring_disabled(): """CLI - Terraform Generate Cloudwatch Monitoring Disabled""" cluster_dict = common.infinitedict() cluster = 'trusted' result = monitoring.generate_monitoring(cluster, cluster_dict, CONFIG) assert_true(result) assert_true('cloudwatch_monitoring_{}'.format(cluster) not in cluster_dict['module'])
def generate_cluster(**kwargs): """Generate a StreamAlert cluster file. Keyword Args: cluster_name (str): The name of the currently generating cluster config (dict): The loaded config from the 'conf/' directory Returns: dict: generated Terraform cluster dictionary """ config = kwargs.get('config') cluster_name = kwargs.get('cluster_name') modules = config['clusters'][cluster_name]['modules'] cluster_dict = infinitedict() if not generate_stream_alert(cluster_name, cluster_dict, config): return generate_cloudwatch_metric_filters(cluster_name, cluster_dict, config) generate_cloudwatch_metric_alarms(cluster_name, cluster_dict, config) if modules.get('cloudwatch_monitoring', {}).get('enabled'): if not generate_monitoring(cluster_name, cluster_dict, config): return if modules.get('kinesis'): if not generate_kinesis_streams(cluster_name, cluster_dict, config): return outputs = config['clusters'][cluster_name].get('outputs') if outputs: if not generate_outputs(cluster_name, cluster_dict, config): return if modules.get('kinesis_events'): if not generate_kinesis_events(cluster_name, cluster_dict, config): return cloudtrail_info = modules.get('cloudtrail') if cloudtrail_info: if not generate_cloudtrail(cluster_name, cluster_dict, config): return flow_log_info = modules.get('flow_logs') if flow_log_info: if not generate_flow_logs(cluster_name, cluster_dict, config): return s3_events_info = modules.get('s3_events') if s3_events_info: if not generate_s3_events(cluster_name, cluster_dict, config): return generate_app_integrations(cluster_name, cluster_dict, config) return cluster_dict
def generate_cluster(config, cluster_name): """Generate a StreamAlert cluster file. Args: config (dict): The loaded config from the 'conf/' directory cluster_name (str): The name of the currently generating cluster Returns: dict: generated Terraform cluster dictionary """ modules = config['clusters'][cluster_name]['modules'] cluster_dict = infinitedict() generate_classifier(cluster_name, cluster_dict, config) generate_cluster_cloudwatch_metric_filters(cluster_name, cluster_dict, config) generate_cluster_cloudwatch_metric_alarms(cluster_name, cluster_dict, config) if modules.get('cloudwatch_monitoring', {}).get('enabled'): if not generate_monitoring(cluster_name, cluster_dict, config): return if modules.get('kinesis'): if not generate_kinesis_streams(cluster_name, cluster_dict, config): return outputs = config['clusters'][cluster_name].get('outputs') if outputs: if not generate_outputs(cluster_name, cluster_dict, config): return if modules.get('kinesis_events'): if not generate_kinesis_events(cluster_name, cluster_dict, config): return if modules.get('cloudtrail'): if not generate_cloudtrail(cluster_name, cluster_dict, config): return if modules.get('cloudwatch'): if not generate_cloudwatch(cluster_name, cluster_dict, config): return if modules.get('flow_logs'): if not generate_flow_logs(cluster_name, cluster_dict, config): return if modules.get('s3_events'): if not generate_s3_events(cluster_name, cluster_dict, config): return generate_apps(cluster_name, cluster_dict, config) return cluster_dict
def test_generate_cloudwatch_monitoring_invalid_config(mock_logging): """CLI - Terraform Generate Cloudwatch Monitoring with Invalid Config""" CONFIG['global']['infrastructure'] = {} cluster_dict = _common.infinitedict() result = monitoring.generate_monitoring('test', cluster_dict, CONFIG) assert_true(mock_logging.error.called) assert_false(result)
def test_generate_cloudwatch_monitoring(): """CLI - Terraform Generate Cloudwatch Monitoring""" cluster_dict = common.infinitedict() result = monitoring.generate_monitoring('test', cluster_dict, CONFIG) # Test the default SNS topic option expected_cloudwatch_tf = { 'source': 'modules/tf_stream_alert_monitoring', 'sns_topic_arn': 'arn:aws:sns:us-west-1:12345678910:stream_alert_monitoring', 'lambda_functions': ['unit-testing_test_streamalert_classifier'], 'kinesis_stream': 'unit-testing_test_stream_alert_kinesis', 'lambda_alarms_enabled': True, 'kinesis_alarms_enabled': True } assert_true(result) assert_equal( cluster_dict['module']['cloudwatch_monitoring_test'], expected_cloudwatch_tf)