def create(self, validated_data): """Create an AwsAccount.""" arn = validated_data['account_arn'] aws_account_id = aws.extract_account_id_from_arn(arn) account = AwsAccount(account_arn=arn, aws_account_id=aws_account_id) session = aws.get_session(arn) if aws.verify_account_access(session): instances_data = aws.get_running_instances(session) with transaction.atomic(): account.save() create_initial_aws_instance_events(account, instances_data) else: raise serializers.ValidationError( _('AwsAccount verification failed. ARN Info Not Stored')) return account
def test_get_session(self): """Assert get_session returns session object.""" mock_arn = helper.generate_dummy_arn() mock_account_id = extract_account_id_from_arn(mock_arn) mock_role = helper.generate_dummy_role() with patch.object(aws.boto3, 'client') as mock_client: mock_assume_role = mock_client.return_value.assume_role mock_assume_role.return_value = mock_role session = aws.get_session(mock_arn) creds = session.get_credentials().get_frozen_credentials() mock_client.assert_called_with('sts') mock_assume_role.assert_called_with( Policy=json.dumps(aws.cloudigrade_policy), RoleArn=mock_arn, RoleSessionName=f'cloudigrade-{mock_account_id}') self.assertEqual(creds[0], mock_role['Credentials']['AccessKeyId']) self.assertEqual(creds[1], mock_role['Credentials']['SecretAccessKey']) self.assertEqual(creds[2], mock_role['Credentials']['SessionToken'])
def generate_aws_account(arn=None, aws_account_id=None): """ Generate an AwsAccount for testing. Any optional arguments not provided will be randomly generated. Args: arn (str): Optional ARN. aws_account_id (decimal.Decimal): Optional AWS account ID. Returns: AwsAccount: The created AwsAccount. """ if arn is None: arn = helper.generate_dummy_arn(aws_account_id) if aws_account_id is None: aws_account_id = aws.extract_account_id_from_arn(arn) return AwsAccount.objects.create( account_arn=arn, aws_account_id=aws_account_id, )
def test_error_extract_account_id_from_invalid_arn(self): """Assert error in account ID extraction from a badly-formed ARN.""" mock_arn = faker.Faker().text() with self.assertRaises(Exception): # TODO more specific exceptions aws.extract_account_id_from_arn(mock_arn)
def test_extract_account_id_from_arn(self): """Assert successful account ID extraction from a well-formed ARN.""" mock_account_id = helper.generate_dummy_aws_account_id() mock_arn = helper.generate_dummy_arn(mock_account_id) extracted_account_id = aws.extract_account_id_from_arn(mock_arn) self.assertEqual(mock_account_id, extracted_account_id)
def test_generate_dummy_arn_random_account_id(self): """Assert generation of an ARN without a specified account ID.""" arn = helper.generate_dummy_arn() account_id = aws.extract_account_id_from_arn(arn) self.assertIn(str(account_id), arn)