def test_trusted_role(self):
role = Role(arn=test_role_object['arn'],
name=test_role_object['name'],
last_used=test_role_object['last_used'],
created_at=test_role_object['created_at'])
trusted_role = Role(arn="arn", name="Namef")
role.trusted_roles.append(trusted_role)
assert role.trusted_roles[0].arn == "arn"
def test_add_to_account(self):
role_1 = Role(name="role_1", arn="arn_role_1")
role_2 = Role(name="role_2", arn="arn_role_2")
print(role_2)
self.account.roles.append(role_1)
assert len(self.account.roles) == 1
assert self.account.roles[0] == role_1
self.account.roles.append(role_2)
assert len(self.account.roles) == 2
def _get_roles_from_aws_roles(self, aws_roles):
for aws_role in aws_roles:
role = Role.find_or_create(aws_role['Arn'])
managed_aws_policies_for_role = self._get_aws_policies_for_role(aws_role['RoleName'])
policies = self._get_policies_for_aws_managed_policies(managed_aws_policies_for_role)
self._fill_role(role, aws_role, policies)
yield role
def test_trusted_services(self):
role = Role(arn=test_role_object['arn'],
name=test_role_object['name'],
last_used=test_role_object['last_used'],
created_at=test_role_object['created_at'])
service = Service(name="s3")
role.trusted_services.append(service)
assert role.trusted_services[0].name == "s3"
def test_trusted_account(self):
role = Role(arn=test_role_object['arn'],
name=test_role_object['name'],
last_used=test_role_object['last_used'],
created_at=test_role_object['created_at'])
acc = Account(uuid="123123123", name="Namef")
role.trusted_accounts.append(acc)
assert role.trusted_accounts[0].name == "Namef"
def _add_trusted_role(self, trust_policy, role):
roles = trust_policy.get_trusted_principal_arns('role')
role.trusted_roles.clear()
for assuming_role in roles:
trusted_role = Role.find_or_create(assuming_role.arn, foreign=True)
if trusted_role.foreign:
trusted_role.account = Account.find_or_create(assuming_role.account_number, foreign=True)
trusted_role.job_uuid = self.job_uuid
role.trusted_roles.append(trusted_role)
def test_trusted_user(self):
role = Role(arn=test_role_object['arn'],
name=test_role_object['name'],
last_used=test_role_object['last_used'],
created_at=test_role_object['created_at'])
user = User(name="trusted_user", arn="arn_trusted")
user2 = User(name="trusted_user2", arn="arn_trusted2")
role.trusted_users.append(user)
role.trusted_users.append(user2)
assert role.trusted_users[0] == user
assert role.trusted_users[1] == user2
def test_find_or_create(self, mock_db_query):
account_new = Role(arn='arn')
mock_db_query.return_value.filter_by.return_value.first.return_value = account_new
account = Account.find_or_create("arn")
assert account.arn == account_new.arn
assert account == account_new
def test_find_or_create(self, mock_db_query):
role_new = Role(arn='arn')
mock_db_query.return_value.filter_by.return_value.first.return_value = role_new
role = Role.find_or_create("arn")
assert role.arn == role_new.arn
assert role == role_new
def setUp(self):
self.role = Role(arn=test_role_object['arn'],
name=test_role_object['name'],
last_used=test_role_object['last_used'],
created_at=test_role_object['created_at'])