def testCreateDiskCopy3(self, mock_list_instances, mock_list_disk, mock_list_subscription_ids, mock_credentials, mock_resource_group): """Test that a disk copy is correctly created. The first call should raise a RuntimeError in GetInstance as we are querying a non-existent instance. The second call should raise a RuntimeError in GetDisk as we are querying a non-existent disk.""" mock_list_instances.return_value = {} mock_list_disk.return_value = {} mock_list_subscription_ids.return_value = ['fake-subscription-id'] mock_credentials.return_value = ('fake-subscription-id', mock.Mock()) mock_resource_group.return_value = 'fake-resource-group' with self.assertRaises(RuntimeError) as error: forensics.CreateDiskCopy(FAKE_ACCOUNT.default_resource_group_name, instance_name='non-existent-vm-name', region='fake-region') self.assertEqual( 'Cannot copy disk "None": Instance non-existent-vm-name was not found ' 'in subscription fake-subscription-id', str(error.exception)) with self.assertRaises(RuntimeError) as error: forensics.CreateDiskCopy(FAKE_ACCOUNT.default_resource_group_name, disk_name='non-existent-disk-name', region='fake-region') self.assertEqual( 'Cannot copy disk "non-existent-disk-name": Disk non-existent-disk-name' ' was not found in subscription fake-subscription-id', str(error.exception))
def testCreateDiskCopy2(self, mock_create_disk, mock_get_instance, mock_get_boot_disk, mock_get_disk, mock_snapshot, mock_snapshot_delete, mock_list_subscription_ids, mock_credentials, mock_resource_group): """Test that a disk copy is correctly created. CreateDiskCopy(zone, disk_name='fake-disk-name', region='fake-region'). This should grab the disk 'fake-disk-name'.""" mock_create_disk.return_value.done.return_value = True mock_create_disk.return_value.result.return_value = MOCK_DISK_COPY mock_get_instance.return_value = FAKE_INSTANCE mock_get_disk.return_value = FAKE_DISK mock_snapshot.return_value = FAKE_SNAPSHOT mock_snapshot_delete.return_value = None mock_list_subscription_ids.return_value = ['fake-subscription-id'] mock_credentials.return_value = ('fake-subscription-id', mock.Mock()) mock_resource_group.return_value = 'fake-resource-group' disk_copy = forensics.CreateDiskCopy( FAKE_ACCOUNT.default_resource_group_name, disk_name=FAKE_DISK.name, region='fake-region') mock_get_instance.assert_not_called() mock_get_boot_disk.assert_not_called() mock_get_disk.assert_called_once() mock_get_disk.assert_called_with('fake-disk-name') self.assertIsInstance(disk_copy, compute.AZDisk) self.assertEqual('fake_snapshot_name_f4c186ac_copy', disk_copy.name)
def testStartVm(self): """End to end test on Azure. Test creating an analysis VM and attaching a copied disk to it. """ disk_copy = forensics.CreateDiskCopy( self.resource_group_name, disk_name=self.disk_to_copy) self._StoreDiskForCleanup(disk_copy) # Create and start the analysis VM and attach the disk self.analysis_vm, _ = forensics.StartAnalysisVm( self.resource_group_name, self.analysis_vm_name, 50, self.ssh_public_key, attach_disks=[disk_copy.name] ) # The forensic instance should be live in the analysis Azure account and # the disk should be attached instance = self.az.compute.compute_client.virtual_machines.get( self.resource_group_name, self.analysis_vm.name) self.assertEqual(instance.name, self.analysis_vm.name) self.assertIn(disk_copy.name, self.analysis_vm.ListDisks()) self._StoreDiskForCleanup(self.analysis_vm.GetBootDisk())
def testDiskCopyToOtherZone(self): """End to end test on Azure. Test copying a specific disk to a different Azure region. """ if not (self.disk_to_copy and self.dst_region): return disk_copy = forensics.CreateDiskCopy( self.resource_group_name, disk_name=self.disk_to_copy, region=self.dst_region) # The disk should be present in Azure and be in self.dst_region remote_disk = self.az.compute.compute_client.disks.get( disk_copy.resource_group_name, disk_copy.name) self.assertIsNotNone(remote_disk) self.assertEqual(disk_copy.name, remote_disk.name) self.assertEqual(self.dst_region, remote_disk.location) # Since we make a copy of the same disk but in a different region in next # test, we need to delete the copy we just created as Azure does not # permit same-name disks in different regions. operation = self.az.compute.compute_client.disks.delete( disk_copy.resource_group_name, disk_copy.name) operation.wait()
def testDiskCopyToOtherZone(self): """End to end test on Azure. Test copying a specific disk to a different Azure region. """ if not (self.disk_to_copy and self.dst_region): return disk_copy = forensics.CreateDiskCopy(self.resource_group_name, disk_name=self.disk_to_copy, region=self.dst_region) # The disk should be present in Azure and be in self.dst_region remote_disk = self.az.compute.compute_client.disks.get( disk_copy.resource_group_name, disk_copy.name) self.assertIsNotNone(remote_disk) self.assertEqual(disk_copy.name, remote_disk.name) self.assertEqual(self.dst_region, remote_disk.location) # Since we make a copy of the same disk but in a different region in next # test, we need to delete the copy we just created as Azure does not # permit same-name disks in different regions. operation = self.az.compute.compute_client.disks.begin_delete( disk_copy.resource_group_name, disk_copy.name) # Delete operation takes some time to propagate within Azure, which in # some cases causes the next test to fail. Therefore we have to wait for # completion. while not operation.done(): sleep(5)
def CreateDiskCopy(args: 'argparse.Namespace') -> None: """Create an Azure disk copy. Args: args (argparse.Namespace): Arguments from ArgumentParser. """ logger.info('Starting disk copy...') disk_copy = forensics.CreateDiskCopy(args.default_resource_group_name, instance_name=args.instance_name, disk_name=args.disk_name, disk_type=args.disk_type, region=args.region, src_profile=args.src_profile, dst_profile=args.dst_profile) logger.info('Done! Disk {0:s} successfully created.'.format(disk_copy.name))
def testBootDiskCopy(self): """End to end test on Azure. Test copying the boot disk of an instance. """ disk_copy = forensics.CreateDiskCopy( self.resource_group_name, instance_name=self.instance_to_analyse # disk_name=None by default, boot disk of instance will be copied ) # The disk should be present in Azure remote_disk = self.az.compute.compute_client.disks.get( disk_copy.resource_group_name, disk_copy.name) self.assertIsNotNone(remote_disk) self.assertEqual(disk_copy.name, remote_disk.name) self._StoreDiskForCleanup(disk_copy)
def Process(self): """Copies a disk to the analysis account.""" for disk in self._FindDisksToCopy(): self.logger.info('Disk copy of {0:s} started...'.format(disk.name)) new_disk = az_forensics.CreateDiskCopy( self.analysis_resource_group_name, disk_name=disk.name, region=self.analysis_region, src_profile=self.remote_profile_name, dst_profile=self.analysis_profile_name) self.logger.info('Disk {0:s} successfully copied to {1:s}'.format( disk.name, new_disk.name)) self.analysis_vm.AttachDisk(new_disk) container = containers.ForensicsVM(name=self.analysis_vm.name, evidence_disk=new_disk, platform='azure') self.state.StoreContainer(container)
def testDiskCopyToOtherZone(self): """End to end test on Azure. Test copying a specific disk to a different Azure region. """ if not (self.disk_to_copy and self.dst_region): return disk_copy = forensics.CreateDiskCopy(self.resource_group_name, disk_name=self.disk_to_copy, region=self.dst_region) # The disk should be present in Azure and be in self.dst_region remote_disk = self.az.compute_client.disks.get( disk_copy.resource_group_name, disk_copy.name) self.assertIsNotNone(remote_disk) self.assertEqual(disk_copy.name, remote_disk.name) self.assertEqual(self.dst_region, remote_disk.location) self._StoreDiskForCleanup(disk_copy)