def test_valid_strings_input(self):
input_str = '{"Biota": {"Animals": ["cow", "pig", "human"], "Plants": ["tree", "fern"]}}'
field = DictField("Biota",
AnonymousListField("Animals", EmbeddedScalarField()))
expected_output_data = [{
"pred":
"biota",
"obj": [
{
"pred": "biota",
"obj": "cow",
"type": "simple"
},
{
"pred": "biota",
"obj": "pig",
"type": "simple"
},
{
"pred": "biota",
"obj": "human",
"type": "simple"
},
],
"type":
"multi",
}]
input_data = json.loads(input_str)
links = field.parse(data=input_data, context={})
output_data = [link.to_dict() for link in links]
self.assertCountEqual(output_data, expected_output_data)
def test_valid_dicts_input(self):
input_str = (
'{"Biota": {"People": [{"Name": "Bob", "Age": 49}, {"Name": "Sue", "Age": 42}]}}'
)
field = DictField(
"Biota",
AnonymousListField(
"People",
EmbeddedDictField(ScalarField("Name"), ScalarField("Age"))),
)
expected_output_data = [{
"pred":
"biota",
"obj": [
{
"pred":
"biota",
"obj": [
{
"pred": "name",
"obj": "Bob",
"type": "simple"
},
{
"pred": "age",
"obj": 49,
"type": "simple"
},
],
"type":
"multi",
},
{
"pred":
"biota",
"obj": [
{
"pred": "name",
"obj": "Sue",
"type": "simple"
},
{
"pred": "age",
"obj": 42,
"type": "simple"
},
],
"type":
"multi",
},
],
"type":
"multi",
}]
input_data = json.loads(input_str)
links = field.parse(data=input_data, context={})
output_data = [link.to_dict() for link in links]
self.assertCountEqual(output_data, expected_output_data)
def test_optional(self):
input_str = '{"Biota": {"Plants": ["tree", "fern"]}}'
field = DictField(
"Biota",
AnonymousListField("Animals", EmbeddedScalarField(),
optional=True))
expected_output_data = [{"pred": "biota", "obj": [], "type": "multi"}]
input_data = json.loads(input_str)
links = field.parse(data=input_data, context={})
output_data = [link.to_dict() for link in links]
self.assertCountEqual(output_data, expected_output_data)
def test_optional(self):
input_str = '{"Biota": {"Plants": ["tree", "fern"]}}'
field = DictField(
"Biota", AnonymousListField("Animals", EmbeddedScalarField(), optional=True)
)
input_data = json.loads(input_str)
link_collection = field.parse(data=input_data, context={})
expected_link_collection = LinkCollection(
multi_links=(MultiLink(pred="biota", obj=LinkCollection()),),
)
self.assertEqual(link_collection, expected_link_collection)
def test_allow_scalar(self):
input_str = '{"Biota": {"Plants": "tree"}}'
field = DictField(
"Biota", AnonymousListField("Plants", EmbeddedScalarField(), allow_scalar=True)
)
input_data = json.loads(input_str)
link_collection = field.parse(data=input_data, context={})
expected_link_collection = LinkCollection(
multi_links=(
MultiLink(
pred="biota",
obj=LinkCollection(simple_links=(SimpleLink(pred="biota", obj="tree"),),),
),
)
)
self.assertEqual(expected_link_collection, link_collection)
def test_valid_dicts_input(self):
input_str = (
'{"Biota": {"People": [{"Name": "Bob", "Age": 49}, {"Name": "Sue", "Age": 42}]}}'
)
field = DictField(
"Biota",
AnonymousListField(
"People", EmbeddedDictField(ScalarField("Name"), ScalarField("Age"))
),
)
input_data = json.loads(input_str)
link_collection = field.parse(data=input_data, context={})
expected_link_collection = LinkCollection(
multi_links=(
MultiLink(
pred="biota",
obj=LinkCollection(
multi_links=(
MultiLink(
pred="biota",
obj=LinkCollection(
simple_links=(
SimpleLink(pred="name", obj="Bob"),
SimpleLink(pred="age", obj=49),
),
),
),
MultiLink(
pred="biota",
obj=LinkCollection(
simple_links=(
SimpleLink(pred="name", obj="Sue"),
SimpleLink(pred="age", obj=42),
),
),
),
),
),
),
)
)
self.assertEqual(link_collection, expected_link_collection)
def test_valid_strings_input(self):
input_str = '{"Biota": {"Animals": ["cow", "pig", "human"], "Plants": ["tree", "fern"]}}'
field = DictField("Biota", AnonymousListField("Animals", EmbeddedScalarField()))
input_data = json.loads(input_str)
link_collection = field.parse(data=input_data, context={})
expected_link_collection = LinkCollection(
multi_links=(
MultiLink(
pred="biota",
obj=LinkCollection(
simple_links=(
SimpleLink(pred="biota", obj="cow"),
SimpleLink(pred="biota", obj="pig"),
SimpleLink(pred="biota", obj="human"),
)
),
),
)
)
self.assertEqual(link_collection, expected_link_collection)
def test_allow_scalar(self):
input_str = '{"Biota": {"Plants": "tree"}}'
field = DictField(
"Biota",
AnonymousListField("Plants",
EmbeddedScalarField(),
allow_scalar=True))
expected_output_data = [{
"pred":
"biota",
"obj": [{
"pred": "biota",
"obj": "tree",
"type": "simple"
}],
"type":
"multi",
}]
input_data = json.loads(input_str)
links = field.parse(data=input_data, context={})
output_data = [link.to_dict() for link in links]
self.assertCountEqual(output_data, expected_output_data)
class IAMRoleResourceSpec(IAMResourceSpec):
"""Resource for IAM Roles"""
type_name = "role"
schema = Schema(
ScalarField("RoleName", "name"),
ScalarField("MaxSessionDuration"),
AnonymousListField(
"PolicyAttachments",
AnonymousEmbeddedDictField(
ResourceLinkField(
"PolicyArn",
IAMPolicyResourceSpec,
optional=True,
value_is_id=True,
alti_key="attached_policy",
)),
),
DictField(
"AssumeRolePolicyDocument",
ScalarField("Version"),
ListField(
"Statement",
EmbeddedDictField(
ScalarField("Effect"),
ScalarField("Action"),
DictField(
"Principal",
ListField("AWS",
EmbeddedScalarField(),
optional=True,
allow_scalar=True),
ListField("Federated",
EmbeddedScalarField(),
optional=True,
allow_scalar=True),
),
),
),
),
ScalarField("AssumeRolePolicyDocumentText"),
)
@classmethod
def list_from_aws(cls: Type["IAMRoleResourceSpec"], client: BaseClient,
account_id: str, region: str) -> ListFromAWSResult:
"""Return a dict of dicts of the format:
{'role_1_arn': {role_1_dict},
'role_2_arn': {role_2_dict},
...}
Where the dicts represent results from list_roles and additional info per role from
list_targets_by_role."""
roles = {}
paginator = client.get_paginator("list_roles")
for resp in paginator.paginate():
for role in resp.get("Roles", []):
role_name = role["RoleName"]
assume_role_policy_document = copy.deepcopy(
role["AssumeRolePolicyDocument"])
assume_role_policy_document_text = policy_doc_dict_to_sorted_str(
assume_role_policy_document)
role[
"AssumeRolePolicyDocumentText"] = assume_role_policy_document_text
for statement in assume_role_policy_document.get(
"Statement", []):
for obj in statement.get("Condition", {}).values():
for obj_key in obj.keys():
if obj_key.lower() == "sts:externalid":
obj[obj_key] = "REMOVED"
policies_result = get_attached_role_policies(client, role_name)
policies = policies_result
role["PolicyAttachments"] = policies
resource_arn = role["Arn"]
roles[resource_arn] = role
return ListFromAWSResult(resources=roles)
class IAMUserResourceSpec(IAMResourceSpec):
"""Resource for IAM Users"""
type_name = "user"
schema = Schema(
ScalarField("UserName", "name"),
ScalarField("UserId"),
ScalarField("CreateDate"),
ScalarField("PasswordLastUsed", optional=True),
ListField(
"AccessKeys",
EmbeddedDictField(
ScalarField("AccessKeyId"),
ScalarField("Status"),
ScalarField("CreateDate"),
AnonymousDictField("AccessKeyLastUsed",
ScalarField("LastUsedDate", optional=True)),
),
optional=True,
alti_key="access_key",
),
DictField(
"LoginProfile",
ScalarField("CreateDate"),
ScalarField("PasswordResetRequired"),
optional=True,
),
ListField(
"MfaDevices",
EmbeddedDictField(ScalarField("SerialNumber"),
ScalarField("EnableDate")),
optional=True,
),
)
@classmethod
def list_from_aws(cls: Type["IAMUserResourceSpec"], client: BaseClient,
account_id: str, region: str) -> ListFromAWSResult:
"""Return a dict of dicts of the format:
{'user_1_arn': {user_1_dict},
'user_2_arn': {user_2_dict},
...}
Where the dicts represent results from list_users and additional info per user from
list_targets_by_user."""
users = {}
paginator = client.get_paginator("list_users")
for resp in paginator.paginate():
for user in resp.get("Users", []):
resource_arn = user["Arn"]
user_name = user["UserName"]
access_keys_paginator = client.get_paginator(
"list_access_keys")
access_keys: List[Dict[str, Any]] = []
for access_keys_resp in access_keys_paginator.paginate(
UserName=user_name):
for resp_access_key in access_keys_resp[
"AccessKeyMetadata"]:
access_key = copy.deepcopy(resp_access_key)
access_key_id = access_key["AccessKeyId"]
last_used_resp = client.get_access_key_last_used(
AccessKeyId=access_key_id)
access_key["AccessKeyLastUsed"] = last_used_resp[
"AccessKeyLastUsed"]
access_keys.append(access_key)
user["AccessKeys"] = access_keys
mfa_devices_paginator = client.get_paginator(
"list_mfa_devices")
mfa_devices: List[Dict[str, Any]] = []
for mfa_devices_resp in mfa_devices_paginator.paginate(
UserName=user_name):
mfa_devices += mfa_devices_resp["MFADevices"]
user["MfaDevices"] = mfa_devices
try:
login_profile_resp = client.get_login_profile(
UserName=user_name)
user["LoginProfile"] = login_profile_resp["LoginProfile"]
except ClientError as c_e:
if "NoSuchEntity" not in str(c_e):
raise c_e
users[resource_arn] = user
return ListFromAWSResult(resources=users)
class ACMCertificateResourceSpec(ACMResourceSpec):
"""Resource for ACM Certificates"""
type_name = "certificate"
schema = Schema(
ScalarField("DomainName", optional=True),
ListField("SubjectAlternativeNames",
EmbeddedScalarField(),
optional=True),
ScalarField("Serial", optional=True),
ScalarField("Subject", optional=True),
ScalarField("Issuer", optional=True),
ScalarField("CreatedAt", optional=True),
ScalarField("IssuedAt", optional=True),
ScalarField("ImportedAt", optional=True),
ScalarField("Status", optional=True),
ScalarField("RevokedAt", optional=True),
ScalarField("RevocationReason", optional=True),
ScalarField("NotBefore", optional=True),
ScalarField("NotAfter", optional=True),
ScalarField("KeyAlgorithm", optional=True),
ScalarField("SignatureAlgorithm", optional=True),
ListField("InUseBy", EmbeddedScalarField(), optional=True),
ScalarField("FailureReason", optional=True),
ScalarField("Type", optional=True),
ListField(
"DomainValidationOptions",
EmbeddedDictField(
ScalarField("DomainName", optional=True),
ListField("ValidationEmails",
EmbeddedScalarField(),
optional=True),
ScalarField("ValidationDomain", optional=True),
ScalarField("ValidationStatus", optional=True),
DictField(
"ResourceRecord",
EmbeddedDictField(
ScalarField("Name", optional=True),
ScalarField("Type", optional=True),
ScalarField("Value", optional=True),
),
optional=True,
),
ScalarField("ValidationMethod", optional=True),
),
optional=True,
),
ListField("KeyUsages",
EmbeddedDictField(ScalarField("Name")),
optional=True),
ListField(
"ExtendedKeyUsages",
EmbeddedDictField(ScalarField("Name"),
ScalarField("OID", optional=True)),
optional=True,
),
ScalarField("RenewalEligibility", optional=True),
)
@classmethod
def list_from_aws(cls: Type["ACMCertificateResourceSpec"],
client: BaseClient, account_id: str,
region: str) -> ListFromAWSResult:
cert_arns: List[str] = []
paginator = client.get_paginator("list_certificates")
for resp in paginator.paginate(
Includes={
"keyTypes": [
"RSA_1024",
"RSA_2048",
"RSA_3072",
"RSA_4096",
"EC_prime256v1",
"EC_secp384r1",
"EC_secp521r1",
]
}):
cert_arns.extend([
cert_dict["CertificateArn"]
for cert_dict in resp.get("CertificateSummaryList", [])
])
certs: Dict[str, Dict[str, Any]] = {}
for cert_arn in cert_arns:
try:
cert_data = get_cert_data(client=client, cert_arn=cert_arn)
certs[cert_arn] = cert_data
except ClientError as c_e:
error_code = getattr(c_e, "response",
{}).get("Error", {}).get("Code", {})
if error_code not in ("ResourceNotFoundException", ):
raise c_e
return ListFromAWSResult(resources=certs)