def test_initialize_default_account_id(self, get_subscription_id_mock):
options = Config.empty()
azure = Azure()
azure.initialize(options)
self.assertEqual(options['account_id'], DEFAULT_SUBSCRIPTION_ID)
session = azure.get_session_factory(options)()
session._initialize_session()
self.assertEqual(session.subscription_id, DEFAULT_SUBSCRIPTION_ID)
def test_initialize_custom_account_id(self, get_subscription_id_mock):
sample_account_id = "00000000-5106-4743-99b0-c129bfa71a47"
options = Config.empty()
options['account_id'] = sample_account_id
azure = Azure()
azure.initialize(options)
self.assertEqual(options['account_id'], sample_account_id)
session = azure.get_session_factory(options)()
session._initialize_session()
self.assertEqual(session.subscription_id, sample_account_id)
def build_options(output_dir=None, log_group=None, metrics=None):
"""
Initialize the Azure provider to apply global config across all policy executions.
"""
if not output_dir:
output_dir = tempfile.mkdtemp()
log.warning('Output directory not specified. Using directory: %s' % output_dir)
config = Config.empty(
**{
'log_group': log_group,
'metrics': metrics,
'output_dir': output_dir
}
)
return Azure().initialize(config)
def run(event, context, subscription_id=None):
# policies file should always be valid in functions so do loading naively
with open(context['config_file']) as f:
policy_config = json.load(f)
if not policy_config or not policy_config.get('policies'):
log.error('Invalid policy config')
return False
options_overrides = \
policy_config['policies'][0].get('mode', {}).get('execution-options', {})
# setup our auth file location on disk
options_overrides['authorization_file'] = context['auth_file']
# if output_dir specified use that, otherwise make a temp directory
if 'output_dir' not in options_overrides:
options_overrides['output_dir'] = get_tmp_output_dir()
# merge all our options in
options = Config.empty(**options_overrides)
if subscription_id is not None:
options['account_id'] = subscription_id
load_resources(StructureParser().get_resource_types(policy_config))
options = Azure().initialize(options)
policies = PolicyCollection.from_data(policy_config, options)
if policies:
for p in policies:
try:
p.push(event, context)
except (CloudError, AzureHttpError) as error:
log.error("Unable to process policy: %s :: %s" %
(p.name, error))
reset_session_cache()
return True