Exemple #1
0
 def validate(self, rulesets):
     rulesets_to_apply = ['global'] if 'global' in rulesets else []
     if self.resource_type in rulesets:
         rulesets_to_apply.append(self.resource_type)
     for resource in rulesets_to_apply:
         ruleset = rulesets[resource]
         for key in ruleset:
             if key == 'must_contain':
                 must_contain(ruleset['must_contain'], self)
             if key == 'must_not_contain':
                 must_not_contain(ruleset['must_not_contain'], self)
             if key == 'must_equal':
                 must_equal(ruleset['must_equal'], self)
             if key == 'attributes':
                 for attribute_key in ruleset['attributes']:
                     if attribute_key == 'tags' and not self.taggable:
                         continue
                     else:
                         for rule in ruleset['attributes'][attribute_key]:
                             rule_definition = ruleset['attributes'][attribute_key][rule]
                             if rule == 'must_contain':
                                 must_contain(rule_definition, self, attribute_key)
                             elif rule == 'must_not_contain':
                                 must_not_contain(rule_definition, self, attribute_key)
                             elif rule == 'must_equal':
                                 must_equal(rule_definition, self, attribute_key)
Exemple #2
0
def test_must_equal_validator_resource_level():
    rule = {'TestValue': 'Bleep'}

    config = {'address': 'test_address', 'values': {'TestValue': 'Bloop'}}

    resource = AWSResource('TestTag', config)
    resource.resource_type = 'testresource'

    must_equal(rule, resource)
    assert (resource.violations == {
        'test_address.must_equal':
        ["[TestValue] must equal 'Bleep' but found 'Bloop'"]
    })
Exemple #3
0
def test_must_equal_validator_with_str():
    rule = 'testvalue'

    lookup_key = 'test'

    config = {'address': 'test_address', 'values': {'test': 'foo'}}
    resource = AWSResource('TestTag', config)
    resource.resource_type = 'testresource'

    must_equal(rule, resource, lookup_key)
    assert (resource.violations == {
        'test_address.must_equal':
        ["Incorrect value [test] must equal 'testvalue' but found 'foo'"]
    })
Exemple #4
0
def test_must_equal_validator_with_correct_config_returns_empty_violations():
    rule = {'TestTag': 'Bloop'}

    lookup_key = 'tags'

    config = {
        'address': 'test_address',
        'values': {
            'tags': {
                'TestTag': 'Bloop'
            }
        }
    }
    resource = AWSResource('TestTag', config)
    resource.resource_type = 'testresource'

    must_equal(rule, resource, lookup_key)
    assert (resource.violations == {})
Exemple #5
0
def test_must_equal_validator_with_dict():
    rule = {'TestTag': 'Bleep'}

    lookup_key = 'tags'

    config = {
        'address': 'test_address',
        'values': {
            'tags': {
                'TestTag': 'Bloop'
            }
        }
    }
    resource = AWSResource('TestTag', config)
    resource.resource_type = 'testresource'

    must_equal(rule, resource, lookup_key)
    assert (resource.violations == {
        'test_address.must_equal':
        ["Tags [TestTag] must equal 'Bleep' but found 'Bloop'"]
    })