def test_create_logstream():
applogger = LogHandler('mystream')
stubber = Stubber(applogger._log_client)
stubber.add_response('create_log_stream', {}, {
'logGroupName': 'SO0111-SHARR',
'logStreamName': 'MYSTREAM-' + str(date.today())
})
stubber.activate()
assert applogger.log_group == 'SO0111-SHARR'
applogger.add_message('A door is ajar')
def test_init_custom():
os.environ['SOLUTION_LOGGROUP'] = 'MY-LOG-GROUP'
applogger = LogHandler('mystream')
assert applogger.log_group == 'MY-LOG-GROUP'
# put back the original value
del os.environ['SOLUTION_LOGGROUP']
def test_add_message():
applogger = LogHandler('mystream')
stubber = Stubber(applogger._log_client)
stubber.add_response(
'create_log_stream',
{},
)
stubber.add_response(
'put_log_events',
{
'nextSequenceToken': 'string',
'rejectedLogEventsInfo': {
'tooNewLogEventStartIndex': 123,
'tooOldLogEventEndIndex': 123,
'expiredLogEventEndIndex': 123
}
},
{
'logGroupName': 'SO0111-SHARR',
'logStreamName': 'MYSTREAM-' + str(date.today()),
'logEvents': ANY,
'sequenceToken': '0'
}
)
stubber.activate()
assert applogger.log_group == 'SO0111-SHARR'
applogger.add_message('A door is ajar')
assert len(applogger._buffer) == 1
assert applogger._buffer_size == 40
applogger.flush()
def test_notify(mocker):
test_file = open(test_data + 'CIS_1-6.json')
event = json.loads(test_file.read())
test_file.close()
finding = findings.Finding(event['detail']['findings'][0])
logger = Logger(loglevel='info')
logger_obj = mocker.patch('lib.logger.Logger.info', return_value=None)
applogger = LogHandler('pytest')
mocker.patch('lib.applogger.LogHandler.add_message', return_value='')
# mocker.patch('lib.sechub_findings.Finding.resolve', return_value='')
mocker.patch('lib.sechub_findings.Finding.update_text', return_value='')
AWS = AWSClient('aws', 'us-east-1')
mocker.patch('lib.awsapi_helpers.AWSClient.postit', return_value='')
test_message = {
'Note': '',
'State': 'INFO',
'Account': '111111111111',
'Remediation': 'Remediate all the things',
'AffectedObject': 'An AWS Thingy',
'metrics_data': {
'status': 'RESOLVED'
}
}
findings.notify(finding,
test_message,
logger,
cwlogs=applogger,
sechub=True,
sns=AWS)
logger_obj.assert_called_once_with(
'INFO: "Remediate all the things" , Account Id: 111111111111, Resource: An AWS Thingy'
)
# assert logger_mock('message', mocker.ANY)
test_message = {}
findings.notify(finding,
test_message,
logger,
cwlogs=applogger,
sechub=True,
sns=AWS)
logger_obj.assert_called_with(
'INFO: error - missing note, Account Id: error, Resource: error')
from lib.awsapi_helpers import AWSClient, BotoSession
from lib.applogger import LogHandler
from lib.metrics import Metrics
#------------------------------
# Remediation-Specific
#------------------------------
LAMBDA_ROLE = 'SO0111_CIS1314_memberRole' # role to use for cross-account
REMEDIATION = 'Deactivate unused keys over 90 days old'
AFFECTED_OBJECT = 'Access Key'
#------------------------------
# initialise loggers
LOG_LEVEL = os.getenv('log_level', 'info')
LOGGER = Logger(loglevel=LOG_LEVEL)
APPLOGGER = LogHandler(os.path.basename(
__file__[:-3])) # application logger for CW Logs
# Get AWS region from Lambda environment. If not present then we're not
# running under lambda, so defaulting to us-east-1
AWS_REGION = os.getenv('AWS_DEFAULT_REGION', 'us-east-1')
AWS_PARTITION = os.getenv('AWS_PARTITION', 'aws')
# Append region name to LAMBDA_ROLE
LAMBDA_ROLE += '_' + AWS_REGION
BOTO_CONFIG = Config(retries={'max_attempts': 10}, region_name=AWS_REGION)
AWS = AWSClient(AWS_PARTITION, AWS_REGION)
#------------------------------------------------------------------------------
# HANDLER
#------------------------------------------------------------------------------
from lib.applogger import LogHandler
from lib.metrics import Metrics
#------------------------------
# Remediation-Specific
#------------------------------
LAMBDA_ROLE = 'SO0111_CIS15111_memberRole'
REMEDIATION = 'Set IAM Password Policy'
AFFECTED_OBJECT = 'IAM Password Policy'
#------------------------------
PLAYBOOK = os.path.basename(__file__[:-3])
# initialise LOGGERs
LOG_LEVEL = os.getenv('log_level', 'info')
LOGGER = Logger(loglevel=LOG_LEVEL)
APPLOGGER = LogHandler(PLAYBOOK) # application LOGGER for CW Logs
# Get AWS region from Lambda environment. If not present then we're not
# running under lambda, so defaulting to us-east-1
AWS_REGION = os.getenv('AWS_DEFAULT_REGION', 'us-east-1')
AWS_PARTITION = os.getenv('AWS_PARTITION', 'aws')
# Append region name to LAMBDA_ROLE
LAMBDA_ROLE += '_' + AWS_REGION
BOTO_CONFIG = Config(
retries={
'max_attempts': 10
},
region_name=AWS_REGION
)
def test_init_default():
applogger = LogHandler('mystream')
assert applogger.log_group == 'SO0111-SHARR'
