def test_lambda_has_subnets(self, mock_execute): data = { "aws": { "lambda": { "functionConfiguration": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "functionName": "func1", "functionArn": "arn:aws:func1", "vpcConfig": { "subnetIds": [{ "subnetIds": "subnetIds1" }, { "subnetIds": "subnetIds2" }] } }] } } } } mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
def test_lambda_handler_ok(s3_put_object_event, mocker): tinify_api_service_mock = mocker.patch( 'services.tinify_api_service.TinifyApiService.compress_and_resize') tinify_api_service_mock.return_value = True result = lambda_handler(s3_put_object_event, '') assert result is True
def test_lambda_handler(caplog): """ test Lambda handler, including logging """ caplog.set_level(logging.INFO) response = app.lambda_handler({"beer": 1}, None) assert response == {"body": "Hello world!", "statusCode": 200} assert 'Received : {"beer": 1}' in caplog.text
def test_lambda_handler(apigw_event, mocker): ret = app.lambda_handler(apigw_event, "") data = json.loads(ret["body"]) assert ret["statusCode"] == 200 assert "message" in ret["body"] assert data["message"] == "hello world"
def test_filter_subnets(self, mock_client): mock_client.return_value = self.data results = app.lambda_handler(self.event, None) self.assertEqual(len(results), 2) ids = {s["subnetId"] for s in results} self.assertSetEqual(ids, {"subnet-1", "subnet-3"}) mock_client.assert_called_once()
def test_app_lambda_handler(): event = {'queryStringParameters': {'name': 'testname'}} context = {} expected = {'body': '{"message": "Hello testname"}', 'statusCode': 200} assert lambda_handler(event, context) == expected
def test_rollup_data(self, mock_execute): query_data = dotty() query_data['org.employees.nodes.0' + '.applicationOwnerships.nodes.0' + '.application.deployments.nodes'] = self.deploy_nodes mock_execute.return_value = query_data.to_dict() event = self.base_event.copy() event['params']['employee'] = 'manager' results = app.lambda_handler(event, None) self.assertEqual(results, self.expected_results)
def test_build(self, call_webhook_mock): event_type = "passed" response = lambda_handler(self.get_eventbridge_event(event_type), "") response_data = json.loads(response["body"]) self.assertEqual(response["statusCode"], 200) self.assertIn("message", response_data) self.assertEqual(response_data["message"], "Pipeline alert sent.") self.assertEqual(call_webhook_mock.call_count, 1)
def test_failure_rate(self, mock_execute): query_data = dotty() query_data['cicd.deployments.nodes'] = self.deploy_nodes mock_execute.return_value = query_data.to_dict() results = app.lambda_handler(self.base_event, None) self.assertAlmostEqual(results["Change Failure Rate"], 5 / 7) self.assertAlmostEqual(results["Change Failure Rate Change"], -2 / 7) self.assertEqual(results["Mean Time between Failures"], 144000000) self.assertAlmostEqual(results["Mean Time between Failures Change"], -1 / 6)
def test_missing_tags(self, mock_execute): data = { "aws": { "ec2": { "volume": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "volumeId": "volumeId", "tags": [{ "key": "tag1", "value": "1" }], "state": "in-use", "instance": { "tags": [{ "key": "tag1", "value": "1" }, { "key": "tag2", "value": "2" }] } }, { "farosAccountId": "accountId", "farosRegionId": "farosId", "volumeId": "volumeId", "tags": [], "state": "in-use", "instance": { "tags": [{ "key": "tag1", "value": "1" }, { "key": "tag2", "value": "2" }] } }] } } } } mock_execute.return_value = data result = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertEqual(len(result), 2) for r in result: self.assertTrue(r["volume"]) self.assertTrue(r["missingKeys"]) self.assertEqual(result[0]["missingKeys"], ["tag2"]) missing_keys = set(result[1]["missingKeys"]) self.assertEqual(missing_keys, {"tag1", "tag2"})
def test_group_no_policies(self, mock_execute): data = {"aws": {"iam": {"groupDetail": {"data": [ { "groupId": "groupId1", "groupName": "testUserGroup", "groupPolicyList": [] } ]}}}} mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
def test_execute_saved_query(self, mock_execute, mock_get): mock_get.return_value.status_code = 200 mock_get.return_value.json.return_value = { "query": { "doc": "graphql_query" } } mock_execute.return_value = {"result": "1"} result = app.lambda_handler(self.event, None) mock_get.assert_called_once() mock_execute.assert_called_once() self.assertTrue(result) self.assertEqual(result, {"result": "1"})
def test_rollup_data(self, mock_execute): query_data = dotty() query_data['org.employees.nodes.0' + '.applicationOwnerships.nodes.0' + '.application.deployments.nodes'] = self.deploy_nodes mock_execute.return_value = query_data.to_dict() event = self.base_event.copy() event['params']['employee'] = 'manager' results = app.lambda_handler(event, None) self.assertAlmostEqual(results["Change Failure Rate"], 5 / 7) self.assertAlmostEqual(results["Change Failure Rate Change"], -2 / 7) self.assertEqual(results["Mean Time between Failures"], 144000000) self.assertAlmostEqual(results["Mean Time between Failures Change"], -1 / 6)
def test_redirect_create(self): request = apigw_post("redirects", body={"url": "https://google.com"}) res = app.lambda_handler(request, "") assert res.get("statusCode") == 200 redirect_id = json.loads(res.get("body", "{}")).get("redirect_id", None) self.redirect_ids.append(redirect_id) assert redirect_id is not None redirect_entry = Redirect(app.REDIRECTS_TABLE, redirect_id) assert redirect_entry.exists()
def test_missing_tags(self, mocked_execute): data = {"aws": {"ec2": {"instance": {"data": [ { "farosAccountId": "accountId", "farosRegionId": "farosId", "instanceId": "instanceId1", "tags": [{"key": "tag1", "value": "1"}], } ]}}}} mocked_execute.return_value = data result = app.lambda_handler(self.event, None) mocked_execute.assert_called_once() self.assertEqual(len(result), 1)
def test_execute_saved_query_with_data_path(self, mock_execute, mock_get): mock_get.return_value.status_code = 200 mock_get.return_value.json.return_value = { "query": { "doc": "graphql_query", "dataPath": "$.result[*].name" } } mock_execute.return_value = {"result": [{"name": "1"}, {"name": "3"}]} result = app.lambda_handler(self.event, None) mock_get.assert_called_once() mock_execute.assert_called_once() self.assertTrue(result) self.assertEqual(result, ["1", "3"])
def test_handle_no_instance(self, mock_client): data = {"aws": {"ec2": {"volume": {"data": [ { "farosAccountId": "farosAccountId", "farosRegionId": "farosRegionId", "volumeId": "vol-1", "state": "in-use", "instance": None } ]}}}} mock_client.return_value = data results = app.lambda_handler(self.event, None) self.assertFalse(results) mock_client.assert_called_once()
def test_gets_exposed_vpcs(self, mock_execute): exposed = { "Version": "2008-10-17", "Statement": [{ "Effect": "Allow", "Principal": "*", "Action": "*", "Resource": "*" }] } secure = { "Version": "2008-10-17", "Statement": [{ "Effect": "Allow", "Principal": "test_arn", "Action": "*", "Resource": "*" }] } data = { "aws": { "ec2": { "vpcEndpoint": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "vpcId": "vpcId", "policyDocument": json.dumps(exposed) }, { "farosAccountId": "accountId", "farosRegionId": "farosId", "vpcId": "vpcId2", "policyDocument": json.dumps(secure) }] } } } } mock_execute.return_value = data result = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertEqual(len(result), 1) self.assertEqual(result[0]["vpcId"], "vpcId")
def test_user_no_policies(self, mock_execute): data = {"aws": {"iam": {"userDetail": {"data": [ { "farosAccountId": "accountId", "farosRegionId": "farosId", "userId": "HephaestusId", "userName": "******", "attachedManagedPolicies": [], "groups": {"data": []} } ]}}}} mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertEqual(len(results), 1) missing = frozenset(results[0]["missingPolicies"]) self.assertSetEqual(missing, self.policy_set)
def test_policy_on_user_and_group(self, mock_execute): policyArn = "arn:aws:iam::aws:policy/AmazonEC2FullAccess" data = { "aws": { "iam": { "userDetail": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "userId": "HephaestusId", "userName": "******", "attachedManagedPolicies": [{ "policyArn": policyArn, "policyName": "AmazonEC2FullAccess" }], "groups": { "data": [{ "groupName": "S3Admins", "attachedManagedPolicies": [{ "policyArn": policyArn, }] }] } }] } } } } mock_execute.return_value = data result = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertEqual(len(result), 1) self.assertEqual(result[0]["userId"], "HephaestusId") self.assertEqual(len(result[0]["sources"]["inGroups"]), 1) in_groups = set(result[0]["sources"]["inGroups"]) self.assertSetEqual(in_groups, {"S3Admins"}) self.assertTrue(result[0]["sources"]["onUser"])
def test_group_policy_no_action(self, mock_execute): policy = '{"Statement":[{"Effect":"Allow","Resource":"*"}]}' data = {"aws": {"iam": {"groupDetail": {"data": [ { "groupId": "groupId1", "groupName": "testUserGroup", "groupPolicyList": [ { "policyName": "PowerUserAccess", "policyDocument": policy } ] } ]}}}} mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
def test_get_old_instances(self, mocked_execute): new_instance = (self.now - timedelta(hours=5)).strftime(DATE_FORMAT) old_instance = (self.now - timedelta(days=3)).strftime(DATE_FORMAT) old_instance2 = (self.now - timedelta(days=10)).strftime(DATE_FORMAT) data = { "aws": { "ec2": { "instance": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "instanceId": "instanceId4", "launchTime": old_instance, "state": { "name": "running" } }, { "farosAccountId": "accountId", "farosRegionId": "farosId", "instanceId": "instanceId2", "launchTime": old_instance2, "state": { "name": "running" } }, { "farosAccountId": "accountId", "farosRegionId": "farosId", "instanceId": "instanceId3", "launchTime": new_instance, "state": { "name": "running" } }] } } } } mocked_execute.return_value = data result = app.lambda_handler(self.event, None) mocked_execute.assert_called_once() self.assertEqual(len(result), 2) old = {i["instanceId"] for i in result} self.assertSetEqual(old, {"instanceId2", "instanceId4"})
def test_role_policy_allow_not_full_star(self, mock_execute): policy = quote('{"Statement":[{"Effect":"Allow",' '"Action":"iamPassRole","Resource":"*"}]}') data = {"aws": {"iam": {"groupDetail": {"data": [ { "groupId": "groupId1", "groupName": "testUserGroup", "groupPolicyList": [ { "policyName": "AdministratorAccess", "policyDocument": policy } ] } ]}}}} mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
def test_has_all_policies_on_user(self, mock_execute): data = {"aws": {"iam": {"userDetail": {"data": [ { "farosAccountId": "accountId", "farosRegionId": "farosId", "userId": "HephaestusId", "userName": "******", "attachedManagedPolicies": [ {"policyArn": "AmazonECSFullAccess"}, {"policyArn": "AmazonEC2FullAccess"} ], "groups": {"data": []} } ]}}}} mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
def test_different_policy_attached(self, mock_execute): data = { "aws": { "iam": { "userDetail": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "userId": "HephaestusId", "userName": "******", "attachedManagedPolicies": [{ "policyArn": "arn:aws:iam::aws:policy/ECS_FullAccess", "policyName": "ECS_FullAccess" }], "groups": { "data": [{ "groupId": "groupId", "groupName": "S3Admins", "attachedManagedPolicies": [{ "policyArn": '''policy/S3FullAccess''', "policyName": "AmazonS3FullAccess" }] }] } }] } } } } mock_execute.return_value = data result = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(result)
def test_user_no_mfa(self, mock_execute): data = { "aws": { "iam": { "userDetail": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "userId": "HephaestusId", "userName": "******", "mfaDevices": { "data": [] } }, { "farosAccountId": "accountId", "farosRegionId": "farosId", "userId": "HephaestusId2", "userName": "******", "mfaDevices": { "data": [] } }, { "farosAccountId": "accountId", "farosRegionId": "farosId", "userId": "dolos", "userName": "******", "mfaDevices": { "data": [{ "serialNumber": "828238" }] } }] } } } } mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertEqual(len(results), 2) users = {u["userId"] for u in results} self.assertSetEqual(users, {"HephaestusId", "HephaestusId2"})
def test_block_has_at_least_one_enabled(self, mock_execute): data = { "aws": { "s3": { "bucket": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "name": "bucket1", "policyStatus": { "isPublic": False }, "publicAccessBlock": { "blockPublicAcls": True, "blockPublicPolicy": False, "ignorePublicAcls": True, "restrictPublicBuckets": True } }, { "farosAccountId": "accountId", "farosRegionId": "farosId", "name": "bucket2", "policyStatus": { "isPublic": False }, "publicAccessBlock": { "blockPublicAcls": True, "blockPublicPolicy": True, "ignorePublicAcls": False, "restrictPublicBuckets": True } }] } } } } mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.called_once() self.assertEqual(len(results), 2) public = {b["name"] for b in results} self.assertSetEqual(public, {"bucket1", "bucket2"})
def test_pr_has_recent_activity(self, mock_execute): data = { "github": { "pullRequest": { "data": [{ "number": 67, "title": "pr title", "state": "open", "repo_name": "poseidon", "created_at": self.date.strftime(DATE_FORMAT), "user_login": "******", }] } } } mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
def test_closed_pr(self, mock_execute): data = { "github": { "pullRequest": { "data": [{ "number": 67, "title": "pr title", "state": "closed", "repo_name": "poseidon", "created_at": "2020-06-18T22:45:01Z", "user_login": "******", }] } } } mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
def test_no_policy_list(self, mock_execute): data = { "aws": { "iam": { "roleDetail": { "data": [{ "farosAccountId": "accountId", "farosRegionId": "farosId", "roleId": "roleId", "roleName": "AWSServiceRoleForTrustedAdvisor", "rolePolicyList": [] }] } } } } mock_execute.return_value = data results = app.lambda_handler(self.event, None) mock_execute.assert_called_once() self.assertFalse(results)
"session": { "sessionId": "SessionId.1", "application": { "applicationId": "amzn1.echo-sdk-ams.app.1234" }, "user": { "userId": "amzn1.ask.account.ABC" }, "new": True }, "request": { "type": "IntentRequest", "requestId": "EdwRequestId.123", "timestamp": "2016-05-12T03:45:57Z", "intent": { "name": "PlayIntent", "slots": { "Source": { "name": "Source", "value": "favorites" } } }, "locale": "en-US" }, "version": "1.0" } app.lambda_handler(test_play_favorites, None)