def test_get_all_accounts(s3_bucket_name):
from swag_client.swag import get_all_accounts
from swag_client.backend import SWAGManager
from swag_client.util import parse_swag_config_options
swag_opts = {
'swag.type': 's3',
'swag.bucket_name': s3_bucket_name,
'swag.schema_version': 1,
'swag.cache_expires': 0
}
swagv1 = SWAGManager(**parse_swag_config_options(swag_opts))
account = {
"bastion": "test2.net",
"metadata": {
"s3_name": "testaccounts3",
"cloudtrail_index": "cloudtrail_testaccount[yyyymm]",
"cloudtrail_kibana_url":
"http://testaccount.cloudtrail.dashboard.net",
"email": "*****@*****.**",
"account_number": "012345678910"
},
"schema_version": 1,
"owners": ["*****@*****.**"],
"ours": True,
"description": "LOL, Test account",
"cmc_required": False,
"email": "*****@*****.**",
"tags": ["testing"],
"id": "aws-012345678910",
"name": "testaccount",
"type": "aws",
"alias": [
"test",
]
}
swagv1.create(account)
data = get_all_accounts(s3_bucket_name)
assert len(data['accounts']) == 1
data = get_all_accounts(s3_bucket_name, **{'owners': ['*****@*****.**']})
assert len(data['accounts']) == 1
data = get_all_accounts(s3_bucket_name, bastion="test2.net")
assert len(data['accounts']) == 1
def _prep_accounts(account_names):
"""
Convert CLI provided account names into list of accounts from SWAG.
Considers account aliases as well as account names.
Returns a list of account numbers
"""
matching_accounts = list()
account_names = account_names.split(',')
account_names = {name.lower().strip() for name in account_names}
# create a new copy of the account_names list so we can remove accounts as needed
for account in list(account_names):
if re.match('\d{12}', account):
account_names.remove(account)
matching_accounts.append(account)
if not account_names:
return matching_accounts
accounts = {}
try:
current_app.logger.info('getting bucket {}'.format(
current_app.config.get('SWAG_BUCKET')))
swag_filter = current_app.config.get('SWAG_FILTER') or {'ours': True}
accounts = get_all_accounts(
bucket=current_app.config.get('SWAG_BUCKET'),
**swag_filter).get('accounts')
except (KeyError, InvalidSWAGDataException, Exception) as e:
current_app.logger.error(
'Account names passed but SWAG not configured or unavailable: {}'.
format(e))
if 'all' in account_names:
return [
account['metadata'].get('account_number', None)
for account in accounts
]
lookup = {account['name']: Bunch(account) for account in accounts}
for account in accounts:
for alias in account['alias']:
lookup[alias] = Bunch(account)
for name in account_names:
if name not in lookup:
current_app.logger.warn('Could not find an account named %s' %
name)
continue
account_number = lookup[name]['metadata'].get('account_number', None)
if account_number:
matching_accounts.append(account_number)
return matching_accounts
def test_get_all_accounts(swag_bucket):
data = get_all_accounts(SWAG_BUCKET,
region=SWAG_BUCKET_REGION,
json_path=ACCOUNTS_FILE_PATH)
assert len(data["accounts"]) == 2
with pytest.raises(InvalidSWAGDataException):
get_all_accounts(SWAG_BUCKET,
region=SWAG_BUCKET_REGION,
json_path=BAD_ACCOUNTS_FILE_PATH)
data = get_all_accounts(SWAG_BUCKET,
region=SWAG_BUCKET_REGION,
json_path=ACCOUNTS_FILE_PATH,
**{'owners': ["*****@*****.**"]})
assert len(data["accounts"]) == 1
data = get_all_accounts(SWAG_BUCKET,
region=SWAG_BUCKET_REGION,
json_path=ACCOUNTS_FILE_PATH,
bastion="test2.net")
assert len(data["accounts"]) == 1
data = get_all_accounts(SWAG_BUCKET,
region=SWAG_BUCKET_REGION,
json_path=ACCOUNTS_FILE_PATH,
**{'metadata': {
"s3_name": "testaccount2"
}})
assert len(data["accounts"]) == 1
def swag_data(swag_bucket):
return get_all_accounts(SWAG_BUCKET, SWAG_BUCKET_REGION,
ACCOUNTS_FILE_PATH)