def test_gets_trail_by_arn(self): cloudtrail_client = Mock() cloudtrail_client.describe_trails.return_value = {'trailList': [ {'TrailARN': 'a', 'Foo': 'Baz'}, {'TrailARN': 'b', 'Foo': 'Bar'} ]} result = utils.get_trail_by_arn(cloudtrail_client, 'b') self.assertEqual('Bar', result['Foo'])
def create_digest_traverser(cloudtrail_client, s3_client_provider, trail_arn, trail_source_region=None, on_invalid=None, on_gap=None, on_missing=None, bucket=None, prefix=None): """Creates a CloudTrail DigestTraverser and its object graph. :type cloudtrail_client: botocore.client.CloudTrail :param cloudtrail_client: Client used to connect to CloudTrail :type s3_client_provider: S3ClientProvider :param s3_client_provider: Used to create Amazon S3 client per/region. :param trail_arn: CloudTrail trail ARN :param trail_source_region: The scanned region of a trail. :param on_invalid: Callback that is invoked when validating a digest fails. :param on_gap: Callback that is invoked when a digest has no link to the previous digest, but there are more digests to validate. This can happen when a trail is disabled for a period of time. :param on_missing: Callback that is invoked when a digest file has been deleted from Amazon S3 but is supposed to be present. :param bucket: Amazon S3 bucket of the trail if it is different than the bucket that is currently associated with the trail. :param prefix: bucket: Key prefix prepended to each digest and log placed in the Amazon S3 bucket if it is different than the prefix that is currently associated with the trail. ``on_gap``, ``on_invalid``, and ``on_missing`` callbacks are invoked with the following named arguments: - ``bucket`: The next S3 bucket. - ``next_key``: (optional) Next digest key that was found in the bucket. - ``next_end_date``: (optional) End date of the next found digest. - ``last_key``: The last digest key that was found. - ``last_start_date``: (optional) Start date of last found digest. - ``message``: (optional) Message string about the notification. """ assert_cloudtrail_arn_is_valid(trail_arn) account_id = get_account_id_from_arn(trail_arn) if bucket is None: # Determine the bucket and prefix based on the trail arn. trail_info = get_trail_by_arn(cloudtrail_client, trail_arn) LOG.debug('Loaded trail info: %s', trail_info) bucket = trail_info['S3BucketName'] prefix = trail_info.get('S3KeyPrefix', None) # Determine the region from the ARN (e.g., arn:aws:cloudtrail:REGION:...) trail_region = trail_arn.split(':')[3] # Determine the name from the ARN (the last part after "/") trail_name = trail_arn.split('/')[-1] digest_provider = DigestProvider( account_id=account_id, trail_name=trail_name, s3_client_provider=s3_client_provider, trail_source_region=trail_source_region, trail_home_region=trail_region) return DigestTraverser( digest_provider=digest_provider, starting_bucket=bucket, starting_prefix=prefix, on_invalid=on_invalid, on_gap=on_gap, on_missing=on_missing, public_key_provider=PublicKeyProvider(cloudtrail_client))