def test_traverse_array(self): result = jget.Jget(test_json).at("configuration").at("routes").get() #expect a list lenght two. self.assertTrue(type(result) == type([])) self.assertTrue(len(result) == 2) self.assertTrue('gatewayId' in result[0]) self.assertTrue('gatewayId' in result[1])
def test_flatten(self): result = jget.Jget(test_json).at("configuration").at( "tags").flatten().at("Criticality").get() #expect top level json to be a dictionary print(result) self.assertTrue(type(result) == type("")) self.assertTrue(result == "Investigation")
def test_get_gateways(self): result = jget.Jget(test_json).at("configuration").at("routes").all( "gatewayId").get() self.assertTrue(len(result) == 2) self.assertTrue(type(result) == type([])) self.assertTrue('local' in result) self.assertTrue('igw-a5f227c1' in result)
def evaluate_compliance(event, configuration_item, valid_rule_parameters): """Form the evaluation(s) to be return to Config Rules a string -- either COMPLIANT, NON_COMPLIANT or NOT_APPLICABLE Arguments event -- the event variable given in the lambda handler configuration_item -- the configurationItem dictionary in the invokingEvent valid_rule_parameters -- the output of the evaluate_parameters() representing validated parameters of the Config Rule Scenario: Subnet does not possess a route table Return NOT_APPLICABLE Scenario: Subnet does not have a route table containing an internet Gateway Return NOT_APPLICABLE Scenario: Subnet has a route table that has an internet Gateway, but subnet flows are not logged Return NON_COMPLIANT Scenario: Subnet has a route table that has an internet Gateway, and subnet flows are logged. Return COMPLIANT """ ############################### # Add your custom logic here. # ############################### # does route table have an assocation with this subnet? # - no? continue # - yes call checks import pdb; pdb.set_trace route_table = configration_item gateways = jget.Jget(route_table).all("routes").all("gateway").get() gateways = [g[:4] for g in event["routes"]["gateway"]] if "igw-" not in in gateways return NOT_APPLICABLE #get subnets and VPC that have an external route. relationships = jget.Jget(route_table).all("relationships").all("resourceId").get() # Check that a flow log exists. for r in relationships: if "sub-" in r : pass elif "vpc-" in r: pass return 'NOT_APPLICABLE'
def test_top_level(self): result = jget.Jget(test_json).at("configuration").get() #expect top level json to be a dictionary self.assertTrue(type(result) == type({})) self.assertTrue('routes' in result)
def test_get_at_errors(self): result = jget.Jget(test_json).at("configuration").at("XXXroutes").all( "gatewayId").get() self.assertTrue(type(result) == type(None))
def test_get_array_errors(self): #expect empty list. result = jget.Jget(test_json).at("configuration").at("routes").all( "XXXgatewayId").get() self.assertTrue(type(result) == type([]))