def test_copy_unencrypted_snapshot_other_region(self):
test_method = inspect.stack()[0][3]
self.cleanup_leftover_source_snapshots(test_method)
destination_ec2 = Ec2(region=remote_region())
remote_snapshot_copy_id = None
try:
self.logger.test("Creating source snapshot")
source_snapshot_unencrypted = self.ec2.create_snapshot(self.volume_unencrypted, tags={
"Name": "Ec2CopySnapshot_{}".format(test_method),
"copied-tag": "copied-value",
"not-copied-tag": "not-copied-value",
tasklist_tagname(TESTED_ACTION): test_method
}, description="Snapshot for testing Ec2CopySnapshot : {}".format(test_method))
self.snapshots.append(source_snapshot_unencrypted["SnapshotId"])
parameters = {
copy_snapshot.PARAM_DESTINATION_REGION: remote_region(),
copy_snapshot.PARAM_ACCOUNTS_VOLUME_CREATE_PERMISSIONS: ["123456789012"],
copy_snapshot.PARAM_COPIED_SNAPSHOT_TAGS: "copied-tag",
copy_snapshot.PARAM_SNAPSHOT_DESCRIPTION: "{{{}}}".format(copy_snapshot.TAG_PLACEHOLDER_SOURCE_DESCRIPTION),
copy_snapshot.PARAM_SNAPSHOT_TAGS: testing.tags.common_placeholder_tags(
test_delete=False,
placeholders=[
copy_snapshot.TAG_PLACEHOLDER_SOURCE_REGION,
copy_snapshot.TAG_PLACEHOLDER_SOURCE_SNAPSHOT_ID,
copy_snapshot.TAG_PLACEHOLDER_SOURCE_VOLUME,
copy_snapshot.TAG_PLACEHOLDER_OWNER_ACCOUNT]),
copy_snapshot.PARAM_SOURCE_TAGS: testing.tags.common_placeholder_tags([
copy_snapshot.TAG_PLACEHOLDER_COPIED_SNAPSHOT_ID,
copy_snapshot.TAG_PLACEHOLDER_COPIED_REGION
])
}
self.logger.test("Running task")
self.task_runner.run(parameters,
task_name=test_method,
complete_check_polling_interval=10)
self.assertTrue(self.task_runner.success(), "Task executed successfully")
remote_snapshot_copy_id = self.task_runner.results[0].result["copy-snapshot-id"]
self.logger.test("[X] Task completed")
self.logger.test("Checking snapshot copy")
snapshot_copy = destination_ec2.get_snapshot(remote_snapshot_copy_id)
self.assertIsNotNone(snapshot_copy, "Snapshot created in destination region")
self.check_copy_snapshot(remote_snapshot_copy_id, source_snapshot_unencrypted, remote_region())
self.check_source_snapshot(source_snapshot_unencrypted["SnapshotId"],
remote_snapshot_copy_id, test_method,
remote_region())
finally:
if remote_snapshot_copy_id is not None:
destination_ec2.delete_snapshots([remote_snapshot_copy_id])
def test_copy_snapshot_encrypt_with_custom_key_other_region(self):
destination_ec2 = Ec2(region=remote_region())
self.logger.test("Creating stack in destination region with custom encryption key")
remote_stack = get_resource_stack(TESTED_ACTION, create_resource_stack_func=self.create_remote_resource_stack,
use_existing=KEEP_AND_USE_EXISTING_RESOURCES_STACK, region_name=remote_region())
remote_snapshot_copy_id = None
try:
remote_custom_key_arn = remote_stack.stack_outputs["EncryptionKeyArn"]
test_method = inspect.stack()[0][3]
self.cleanup_leftover_source_snapshots(test_method)
self.logger.test("Creating source snapshot")
source_snapshot_unencrypted = self.ec2.create_snapshot(self.volume_unencrypted, tags={
"Name": "Ec2CopySnapshot_{}".format(test_method),
tasklist_tagname(TESTED_ACTION): test_method
}, description="Snapshot for testing Ec2CopySnapshot : {}".format(test_method))
assert (source_snapshot_unencrypted is not None)
self.snapshots.append(source_snapshot_unencrypted["SnapshotId"])
parameters = {
copy_snapshot.PARAM_DESTINATION_REGION: remote_region(),
copy_snapshot.PARAM_ENCRYPTED: True,
copy_snapshot.PARAM_KMS_KEY_ID: remote_custom_key_arn
}
self.snapshots.append(source_snapshot_unencrypted["SnapshotId"])
self.logger.test("Running task")
self.task_runner.run(parameters,
task_name=test_method,
complete_check_polling_interval=10)
self.assertTrue(self.task_runner.success(), "Task executed successfully")
remote_snapshot_copy_id = self.task_runner.results[0].result["copy-snapshot-id"]
self.logger.test("[X] Task completed")
self.logger.test("Checking snapshot copy")
snapshot_copy = destination_ec2.get_snapshot(remote_snapshot_copy_id)
self.assertIsNotNone(snapshot_copy, "Snapshot created in destination region")
self.assertTrue(snapshot_copy["Encrypted"], "Snapshot is encrypted")
self.assertEqual(snapshot_copy["KmsKeyId"], remote_custom_key_arn, "Custom encryption key is used")
self.logger.test("[X] Snapshot created and encrypted")
finally:
if not KEEP_AND_USE_EXISTING_RESOURCES_STACK and remote_stack is not None:
remote_stack.delete_stack(600)
if remote_snapshot_copy_id is not None:
destination_ec2.delete_snapshots([remote_snapshot_copy_id])
def create_remote_resource_stack(cls, resource_stack_name):
try:
cls.logger.test("Creating test remote resources stack {}", resource_stack_name)
role = cls.task_runner.action_stack.stack_resources[testing.OPS_AUTOMATOR_ROLE_NAME]["PhysicalResourceId"]
resource_stack = Stack(resource_stack_name, region=remote_region())
resource_stack.create_stack(template_file=template_path(__file__, TEST_REMOTE_RESOURCES_TEMPLATE),
iam_capability=True,
params={"TaskRole": role})
return resource_stack
except Exception as ex:
cls.logger.test("Error creating stack {}, {}", resource_stack_name, ex)
return None