def test_handler_just_resource_owner(context, cfn_event,
list_buckets_response):
context.mock_ct.describe_trails.return_value = {'trailList': []}
context.mock_cur.describe_report_definitions.return_value = {
'ReportDefinitions': []
}
context.mock_orgs.describe_organization.return_value = {'Organization': {}}
context.mock_s3.list_buckets.return_value = list_buckets_response
ret = app.handler(cfn_event, None)
assert ret is None
assert context.mock_cfnresponse_send.call_count == 1
((_, _, status, output, _),
kwargs) = context.mock_cfnresponse_send.call_args
assert status == cfnresponse.SUCCESS
assert output == {
'AuditCloudTrailBucketPrefix': None,
'AuditCloudTrailBucketName': None,
'RemoteCloudTrailBucket': True,
'CloudTrailSNSTopicArn': None,
'CloudTrailTrailArn': None,
'VisibleCloudTrailArns': None,
'IsOrganizationTrail': None,
'IsAuditAccount': False,
'IsCloudTrailOwnerAccount': False,
'IsResourceOwnerAccount': True,
'IsMasterPayerAccount': False,
'IsOrganizationMasterAccount': False,
'MasterPayerBillingBucketName': None,
'MasterPayerBillingBucketPath': None,
}
def test_handler_non_master_payer_remote(
context, cfn_event, describe_trails_response_local,
list_buckets_response, describe_report_definitions_response_remote,
describe_organizations_remote):
context.mock_ct.describe_trails.return_value = describe_trails_response_local
context.mock_cur.describe_report_definitions.return_value = describe_report_definitions_response_remote
context.mock_orgs.describe_organization.return_value = describe_organizations_remote
context.mock_s3.list_buckets.return_value = list_buckets_response
ret = app.handler(cfn_event, None)
assert ret is None
assert context.mock_cfnresponse_send.call_count == 1
((_, _, status, output, _),
kwargs) = context.mock_cfnresponse_send.call_args
assert status == cfnresponse.SUCCESS
assert output == {
'AuditCloudTrailBucketPrefix': 'trails',
'AuditCloudTrailBucketName': LOCAL_BUCKET_NAME,
'RemoteCloudTrailBucket': False,
'CloudTrailSNSTopicArn': LOCAL_TOPIC_ARN,
'CloudTrailTrailArn': LOCAL_TRAIL_ARN,
'VisibleCloudTrailArns': LOCAL_TRAIL_ARN,
'IsOrganizationTrail': False,
'IsAuditAccount': True,
'IsCloudTrailOwnerAccount': True,
'IsResourceOwnerAccount': True,
'IsMasterPayerAccount': False,
'IsOrganizationMasterAccount': False,
'MasterPayerBillingBucketName': REMOTE_BUCKET_NAME,
'MasterPayerBillingBucketPath': 'reports/valid-local-report',
}
def test_app(self):
from src import app
self.assertRaises(ValueError, app.handler, None, None)
event = {"body": "{\"operation\": \"UNKNOWN_OPERATION\"} "}
handler_response = app.handler(event, None)
self.assertEqual(handler_response[Constants.RESPONSE_STATUS_CODE], 400,
'HTTP Status code not 400')
def test_handler_exception(context):
ret = app.handler({}, None)
assert ret is None
assert context.mock_cfnresponse_send.call_count == 1
((_, _, status, output, _),
kwargs) = context.mock_cfnresponse_send.call_args
assert status == cfnresponse.SUCCESS
assert output == app.DEFAULT_OUTPUT
def test_app(self):
from src import app
self.assertRaises(ValueError, app.handler, None, None)
event = {"body": "{}"}
handler_response = app.handler(event, None)
self.assertEqual(handler_response[Constants.RESPONSE_STATUS_CODE],
http.HTTPStatus.BAD_REQUEST,
'HTTP Status code not 400')
def test_handler_only_connected(context, cfn_event):
context.mock_ct.describe_trails.return_value = {'trailList': []}
context.mock_cur.describe_report_definitions.return_value = {
'ReportDefinitions': []
}
context.mock_s3.list_buckets.return_value = {'Buckets': []}
ret = app.handler(cfn_event, None)
assert ret is None
assert context.mock_cfnresponse_send.call_count == 1
((_, _, status, output, _),
kwargs) = context.mock_cfnresponse_send.call_args
assert status == cfnresponse.SUCCESS
assert output == assoc_in(app.DEFAULT_OUTPUT, ['IsResourceOwnerAccount'],
True)
def test_handler_no_cfn_coeffects(context, cfn_event):
response = Response(200)
context.mock_requests_post.return_value = response
ret = app.handler(cfn_event, None)
assert ret is None
assert context.mock_cfnresponse_send.call_count == 1
assert context.mock_requests_post.call_count == 1
((_, _, status, output, _), _) = context.mock_cfnresponse_send.call_args
expected = {
'version': '1',
'message_source': 'cfn',
'message_type': 'account-link-provisioned',
'data': {
'discovery': {
'audit_cloudtrail_bucket_name': None,
'audit_cloudtrail_bucket_prefix': None,
'cloudtrail_sns_topic_arn': None,
'cloudtrail_trail_arn': None,
'is_audit_account': False,
'is_cloudtrail_owner_account': False,
'is_master_payer_account': False,
'is_organization_trail': None,
'is_organization_master_account': False,
'is_resource_owner_account': False,
'master_payer_billing_bucket_name': None,
'master_payer_billing_bucket_path': None,
'remote_cloudtrail_bucket': True,
'visible_cloudtrail_arns': None,
},
'metadata': {
'cloud_region': 'str',
'cz_account_name': 'str',
'cloud_account_id': 'str',
'reactor_callback_url': 'str',
'external_id': 'str',
'reactor_id': 'str',
},
'links': {
'audit': {
'role_arn': None
},
'legacy': {
'role_arn': None
},
'master_payer': {
'role_arn': None
},
'resource_owner': {
'role_arn': None
},
'cloudtrail_owner': {
'sqs_queue_arn': None,
'sqs_queue_policy_name': None,
},
}
}
}
assert status == cfnresponse.SUCCESS
assert output == expected
(_, kwargs) = context.mock_requests_post.call_args
assert 'json' in kwargs
assert kwargs['json'] == expected
def test_handler(self):
# given
event = self._get_s3_event()
# when
handler(event, None)
