def test_generate_cloudwatch_events_invalid_pattern(self, log_mock):
"""CLI - Terraform Generate CloudWatch Events, Invalid Pattern"""
self.config['clusters']['advanced']['modules']['cloudwatch_events'][
'event_pattern'] = {
'invalid': ['aws.ec2']
}
cloudwatch_events.generate_cloudwatch_events('advanced',
self.cluster_dict,
self.config)
assert_true(log_mock.called)
def test_generate_cloudwatch_events(self):
"""CLI - Terraform Generate CloudWatch Events"""
cloudwatch_events.generate_cloudwatch_events('advanced',
self.cluster_dict,
self.config)
expected = {
'cloudwatch_events_advanced': {
'source': './modules/tf_cloudwatch_events',
'prefix': 'unit-test',
'cluster': 'advanced',
'kinesis_arn': '${module.kinesis_advanced.arn}',
'event_pattern': '{"account": ["12345678910"]}',
},
}
assert_equal(expected, self.cluster_dict['module'])
def generate_cluster(config, cluster_name):
"""Generate a StreamAlert cluster file.
Args:
config (dict): The loaded config from the 'conf/' directory
cluster_name (str): The name of the currently generating cluster
Returns:
dict: generated Terraform cluster dictionary
"""
modules = config['clusters'][cluster_name]['modules']
cluster_dict = infinitedict()
generate_classifier(cluster_name, cluster_dict, config)
generate_cluster_cloudwatch_metric_filters(cluster_name, cluster_dict,
config)
generate_cluster_cloudwatch_metric_alarms(cluster_name, cluster_dict,
config)
if modules.get('cloudwatch_monitoring', {}).get('enabled'):
if not generate_monitoring(cluster_name, cluster_dict, config):
return
if modules.get('kinesis'):
if not generate_kinesis_streams(cluster_name, cluster_dict, config):
return
if modules.get('kinesis_events'):
if not generate_kinesis_events(cluster_name, cluster_dict, config):
return
if modules.get('cloudtrail'):
if not generate_cloudtrail(cluster_name, cluster_dict, config):
return
# purposely not using .get, since no extra settings are required for this module
if 'cloudwatch_events' in modules:
if not generate_cloudwatch_events(cluster_name, cluster_dict, config):
return
if modules.get('cloudwatch_logs_destination'):
if not generate_cloudwatch_destinations(cluster_name, cluster_dict,
config):
return
if modules.get('flow_logs'):
if not generate_flow_logs(cluster_name, cluster_dict, config):
return
if modules.get('s3_events'):
if not generate_s3_events(cluster_name, cluster_dict, config):
return
generate_apps(cluster_name, cluster_dict, config)
return cluster_dict
def test_generate_cloudwatch_events_cross_account(self):
"""CLI - Terraform Generate CloudWatch Events Cross Account"""
self.config['clusters']['advanced']['modules']['cloudwatch_events'][
'cross_account'] = {
'accounts': {
'123456789012': ['us-east-1'],
'234567890123': ['us-east-1']
},
'organizations': {
'o-aabbccddee': ['us-west-1']
}
}
cloudwatch_events.generate_cloudwatch_events('advanced',
self.cluster_dict,
self.config)
expected = {
'cloudwatch_events_advanced': {
'source': './modules/tf_cloudwatch_events',
'prefix': 'unit-test',
'cluster': 'advanced',
'kinesis_arn': '${module.kinesis_advanced.arn}',
'event_pattern': '{"account": ["12345678910"]}',
},
'cloudwatch_events_cross_account_advanced_us-east-1': {
'source': './modules/tf_cloudwatch_events/cross_account',
'region': 'us-east-1',
'accounts': ['123456789012', '234567890123'],
'organizations': [],
'providers': {
'aws': 'aws.us-east-1'
}
},
'cloudwatch_events_cross_account_advanced_us-west-1': {
'source': './modules/tf_cloudwatch_events/cross_account',
'region': 'us-west-1',
'accounts': [],
'organizations': ['o-aabbccddee'],
'providers': {
'aws': 'aws.us-west-1'
}
},
}
assert_equal(expected, self.cluster_dict['module'])
def test_generate_cloudwatch_events_no_pattern(self):
"""CLI - Terraform Generate CloudWatch Events, No Pattern"""
self.config['clusters']['advanced']['modules']['cloudwatch_events'][
'event_pattern'] = None
cloudwatch_events.generate_cloudwatch_events('advanced',
self.cluster_dict,
self.config)
expected = {
'cloudwatch_events_advanced': {
'source': './modules/tf_cloudwatch_events',
'prefix': 'unit-test',
'cluster': 'advanced',
'kinesis_arn': '${module.kinesis_advanced.arn}',
'event_pattern': None,
},
}
assert_equal(expected, self.cluster_dict['module'])