def main(): """main command-line entrypoint; calls parse_args, sets up logging, and either lists steps or instantiates a CustodianRunner and calls run().""" args = parse_args(sys.argv[1:]) # set logging level if args.verbose > 1: set_log_debug(logger) elif args.verbose == 1: set_log_info(logger) if args.ACTION == 'list': for x in CustodianRunner.ordered_step_classes: print(x.name) raise SystemExit(0) if args.ACTION == 'accounts': accts = ManheimConfig.list_accounts(args.config) for acctname in sorted(accts.keys()): print("%s (%s)" % (acctname, accts[acctname])) raise SystemExit(0) cr = CustodianRunner(args.ACCT_NAME, args.config) if args.assume_role: assume_role(cr.config) cr.run( args.ACTION, args.regions, step_names=args.steps, skip_steps=args.skip )
def test_no_role_arn(self): m_sts = Mock() m_sts.assume_role.return_value = { 'Credentials': { 'AccessKeyId': 'AKID', 'SecretAccessKey': 'SKey', 'SessionToken': 'SToken', 'Expiration': datetime(2018, 10, 8, 12, 13, 14) }, 'AssumedRoleUser': { 'AssumedRoleId': 'ARid', 'Arn': 'UserARN' }, 'PackedPolicySize': 123 } m_sess = Mock() m_sess.client.return_value = m_sts with patch('%s.logger' % pbm, autospec=True) as mock_logger: with patch.dict(os.environ, {}, clear=True): with patch('%s.boto3.session.Session' % pbm) as mock_boto: mock_boto.return_value = m_sess assume_role(self.m_conf) assert os.environ == {} assert mock_boto.mock_calls == [] assert mock_logger.mock_calls == [ call.debug('No assume_role configuration; not assuming a role.') ]
def test_success_all_options(self): m_sts = Mock() m_sts.assume_role.return_value = { 'Credentials': { 'AccessKeyId': 'AKID', 'SecretAccessKey': 'SKey', 'SessionToken': 'SToken', 'Expiration': datetime(2018, 10, 8, 12, 13, 14) }, 'AssumedRoleUser': { 'AssumedRoleId': 'ARid', 'Arn': 'UserARN' }, 'PackedPolicySize': 123 } m_sess = Mock() m_sess.client.return_value = m_sts type(self.m_conf).assume_role = PropertyMock(return_value={ 'role_arn': 'assumeRoleArn', 'external_id': 'eID', 'duration_seconds': '1234' }) with patch('%s.logger' % pbm, autospec=True) as mock_logger: with patch.dict(os.environ, {}, clear=True): with patch('%s.boto3.session.Session' % pbm) as mock_boto: mock_boto.return_value = m_sess assume_role(self.m_conf) assert os.environ == { 'AWS_ACCESS_KEY_ID': 'AKID', 'AWS_SECRET_ACCESS_KEY': 'SKey', 'AWS_SESSION_TOKEN': 'SToken' } expected_args = { 'RoleArn': 'assumeRoleArn', 'RoleSessionName': 'manheim-c7n-tools_aName', 'ExternalId': 'eID', 'DurationSeconds': 1234 } assert mock_boto.mock_calls == [ call(region_name='us-east-1'), call().client('sts'), call().client().assume_role(**expected_args) ] assert mock_logger.mock_calls == [ call.info( 'Calling sts:AssumeRole via boto3 with arguments: %s', expected_args ), call.info( 'Exported AssumeRole credentials; AccessKeyId %s expires at ' '%s; AssumedRoleUser ARN: %s', 'AKID', datetime(2018, 10, 8, 12, 13, 14), 'UserARN' ) ]
def main(): args = parse_args(sys.argv[1:]) # set logging level if args.verbose > 1: set_log_debug(logger) elif args.verbose == 1: set_log_info(logger) conf = ManheimConfig.from_file(args.config, args.ACCOUNT_NAME) if args.assume_role: assume_role(conf) CustodianErrorReporter(conf, args.REGION_NAME).run()