Python create_handlerの例、smartaws.ec2.security_group.create_handler Pythonの例

コード例 #1

0

ファイルを表示

ファイル: test_security_group.py プロジェクト: yannlambret/smartaws

    def test_create_security_group(self):
        vpc_ctx = {
            'name': 'vpc01',
            'cidr_block': '10.0.10.0/24'
        }

        sg_ctx = {
            'name': 'sg01a',
            'description': 'Test security group sg01a',
            'vpc': 'vpc01'
        }

        tags = [
            {
                'Key': 'Name',
                'Value': 'sg01a'
            }
        ]

        vpc_filters = [{'Name': 'tag:Name', 'Values': ['vpc01']}]
        sg_filters = [{'Name': 'tag:Name', 'Values': ['sg01a']}]

        def _add_wrapper(base_classes, **kwargs):
            base_classes.insert(0, ec2_sg.SecurityGroupWrapper)

        with mock_ec2():
            event = 'creating-resource-class.ec2.SecurityGroup'
            session = Session(**self.credentials)
            session.events.register(event, _add_wrapper)
            ec2 = session.resource('ec2')

            # Create the VPC
            h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
            h.create_resource()

            vpcs = list(ec2.vpcs.filter(Filters=vpc_filters))
            vpc = vpcs[0]

            # Create the security group
            h = ec2_sg.create_handler(sg_ctx, self.credentials)
            h.create_resource()

            security_groups = list(ec2.security_groups.filter(Filters=sg_filters))
            sg = security_groups[0]

            self.assertEqual(len(security_groups), 1)
            self.assertEqual(sg.name, 'sg01a')
            # Security groups have a dedicated attribute for their name
            self.assertEqual(sg.name, sg.group_name)
            self.assertEqual(sg.vpc_id, vpc.id)
            self.assertCountEqual(sg.tags, tags)

コード例 #2

0

ファイルを表示

ファイル: test_security_group.py プロジェクト: yannlambret/smartaws

    def test_delete_security_group(self):
        vpc_ctx = {
            'name': 'vpc01',
            'cidr_block': '10.0.10.0/24'
        }

        sg_ctx = {
            'name': 'sg01a',
            'description': 'Test security group sg01a',
            'vpc': 'vpc01'
        }

        filters = [{'Name': 'tag:Name', 'Values': ['sg01a']}]

        def _add_wrapper(base_classes, **kwargs):
            base_classes.insert(0, ec2_sg.SecurityGroupWrapper)

        with mock_ec2():
            event = 'creating-resource-class.ec2.SecurityGroup'
            session = Session(**self.credentials)
            session.events.register(event, _add_wrapper)
            ec2 = session.resource('ec2')

            # Create the VPC
            h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
            h.create_resource()

            # Create the security group
            h = ec2_sg.create_handler(sg_ctx, self.credentials)
            h.create_resource()

            security_groups = list(ec2.security_groups.filter(Filters=filters))

            self.assertEqual(len(security_groups), 1)

            # We clear the resource cache to simulate a new
            # program execution with the 'delete' option
            base.BaseHandler._cache.clear()

            # Delete the security group
            h.delete_resource()

            security_groups = list(ec2.security_groups.filter(Filters=filters))

            self.assertEqual(len(security_groups), 0)

コード例 #3

0

ファイルを表示

ファイル: test_security_group.py プロジェクト: yannlambret/smartaws

    def test_update_security_group(self):
        vpc_ctx = {
            'name': 'vpc01',
            'cidr_block': '10.0.10.0/24'
        }

        sg_ctx1 = {
            'name': 'sg01b',
            'description': 'Test security group sg01b',
            'vpc': 'vpc01',
            'tags': {
                'stack': 'Test',
                'owner': 'Team A'
            }
        }

        sg_ctx2 = {
            'name': 'sg01b',
            'description': 'Test security group sg01b',
            'vpc': 'vpc01',
            'tags': {
                'stack': 'Production',
                'platform': 'app01'
            }
        }

        tags1 = [
            {
                'Key': 'Name',
                'Value': 'sg01b'
            },
            {
                'Key': 'Stack',
                'Value': 'Test'
            },
            {
                'Key': 'Owner',
                'Value': 'Team A'
            }
        ]

        tags2 = [
            {
                'Key': 'Name',
                'Value': 'sg01b'
            },
            {
                'Key': 'Stack',
                'Value': 'Production'
            },
            {
                'Key': 'Platform',
                'Value': 'app01'
            }
        ]

        sg_filters = [{'Name': 'tag:Name', 'Values': ['sg01b']}]

        def _add_wrapper(base_classes, **kwargs):
            base_classes.insert(0, ec2_sg.SecurityGroupWrapper)

        with mock_ec2():
            event = 'creating-resource-class.ec2.SecurityGroup'
            session = Session(**self.credentials)
            session.events.register(event, _add_wrapper)
            ec2 = session.resource('ec2')

            # Create the VPC
            h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
            h.create_resource()

            # Create the security group
            h = ec2_sg.create_handler(sg_ctx1, self.credentials)
            h.create_resource()

            security_groups = list(ec2.security_groups.filter(Filters=sg_filters))
            sg = security_groups[0]
            sg_id = sg.id

            self.assertEqual(len(security_groups), 1)
            self.assertCountEqual(sg.tags, tags1)

            # We clear the resource cache to simulate a new
            # program execution with the 'update' option
            base.BaseHandler._cache.clear()

            # Update the security group
            h = ec2_sg.create_handler(sg_ctx2, self.credentials)
            h.update_resource()

            security_groups = list(ec2.security_groups.filter(Filters=sg_filters))
            sg = security_groups[0]

            self.assertEqual(len(security_groups), 1)
            self.assertEqual(sg.id, sg_id)
            self.assertCountEqual(sg.tags, tags2)

コード例 #4

0

ファイルを表示

ファイル: test_security_group.py プロジェクト: yannlambret/smartaws

    def test_revoke_egress_rule(self):
        vpc_ctx = {
            'name': 'vpc01',
            'cidr_block': '10.0.10.0/24'
        }

        sg_ctx1 = {
            'name': 'sg01a',
            'description': 'Test security group sg01a',
            'vpc': 'vpc01',
            'egress': [
                {
                    'ip_protocol': '-1',
                    'from_port': -1,
                    'to_port': -1,
                    'destinations': [
                        '0.0.0.0/0'
                    ]
                }
            ]
        }

        sg_ctx2 = {
            'name': 'sg01a',
            'description': 'Test security group sg01a',
            'vpc': 'vpc01'
        }

        ip_permission = {
            'IpProtocol': '-1',
            'FromPort': -1,
            'ToPort': -1,
            'IpRanges': [
                {
                    'CidrIp': '0.0.0.0/0'
                }
            ],
            'UserIdGroupPairs': []
        }

        rule = ec2_sg.RuleWrapper(ip_permission, flow='destination')

        filters = [{'Name': 'tag:Name', 'Values': ['sg01a']}]

        def _add_wrapper(base_classes, **kwargs):
            base_classes.insert(0, ec2_sg.SecurityGroupWrapper)

        with mock_ec2():
            event = 'creating-resource-class.ec2.SecurityGroup'
            session = Session(**self.credentials)
            session.events.register(event, _add_wrapper)
            ec2 = session.resource('ec2')

            # Create the VPC
            h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
            h.create_resource()

            # Create the security group
            h = ec2_sg.create_handler(sg_ctx1, self.credentials)
            h.create_resource()

            security_groups = list(ec2.security_groups.filter(Filters=filters))
            sg = security_groups[0]

            self.assertEqual(len(security_groups), 1)
            self.assertEqual(len(sg.egress_rules), 1)
            self.assertIn(rule, sg.egress_rules)

            # We clear the resource cache to simulate a new
            # program execution with the 'update' option
            base.BaseHandler._cache.clear()

            # Update the security group
            h = ec2_sg.create_handler(sg_ctx2, self.credentials)
            h.update_resource()

            security_groups = list(ec2.security_groups.filter(Filters=filters))
            sg = security_groups[0]

            self.assertEqual(len(security_groups), 1)
            self.assertEqual(len(sg.egress_rules), 0)

コード例 #5

0

ファイルを表示

ファイル: test_security_group.py プロジェクト: yannlambret/smartaws

    def test_authorize_egress_rule_for_sg(self):
        vpc_ctx = {
            'name': 'vpc01',
            'cidr_block': '10.0.10.0/24'
        }

        sg_ctx1 = {
            'name': 'sg01b',
            'description': 'Test security group sg01b',
            'vpc': 'vpc01'
        }

        sg_ctx2 = {
            'name': 'sg01a',
            'description': 'Test security group sg01a',
            'vpc': 'vpc01',
            'egress': [
                {
                    'ip_protocol': 'tcp',
                    'from_port': 11211,
                    'to_port': 11211,
                    'destinations': [
                        'sg01b'
                    ]
                }
            ]
        }

        filters1 = [{'Name': 'tag:Name', 'Values': ['sg01b']}]
        filters2 = [{'Name': 'tag:Name', 'Values': ['sg01a']}]

        def _add_wrapper(base_classes, **kwargs):
            base_classes.insert(0, ec2_sg.SecurityGroupWrapper)

        with mock_ec2():
            event = 'creating-resource-class.ec2.SecurityGroup'
            session = Session(**self.credentials)
            session.events.register(event, _add_wrapper)
            ec2 = session.resource('ec2')

            # Create the VPC
            h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
            h.create_resource()

            # Create the security groups
            h = ec2_sg.create_handler(sg_ctx1, self.credentials)
            h.create_resource()
            h = ec2_sg.create_handler(sg_ctx2, self.credentials)
            h.create_resource()

            security_groups = list(ec2.security_groups.filter(Filters=filters1))
            sg01b = security_groups[0]

            self.assertEqual(len(security_groups), 1)

            security_groups = list(ec2.security_groups.filter(Filters=filters2))
            sg01a = security_groups[0]

            self.assertEqual(len(security_groups), 1)

            ip_permission = {
                'IpProtocol': 'tcp',
                'FromPort': 11211,
                'ToPort': 11211,
                'IpRanges': [],
                'UserIdGroupPairs': [
                    {
                        'GroupId': sg01b.id,
                        'UserId': sg01b.owner_id
                    }
                ]
            }

            rule = ec2_sg.RuleWrapper(ip_permission, flow='destination')

            self.assertEqual(len(sg01a.egress_rules), 1)
            self.assertIn(rule, sg01a.egress_rules)

コード例 #6

0

ファイルを表示

ファイル: test_security_group.py プロジェクト: yannlambret/smartaws

    def test_authorize_ingress_rule(self):
        vpc_ctx = {
            'name': 'vpc01',
            'cidr_block': '10.0.10.0/24'
        }

        sg_ctx = {
            'name': 'sg01a',
            'description': 'Test security group sg01a',
            'vpc': 'vpc01',
            'ingress': [
                {
                    'ip_protocol': 'tcp',
                    'from_port': 22,
                    'to_port': 22,
                    'sources': [
                        '192.0.2.10/32'
                    ]
                }
            ]
        }

        ip_permission = {
            'IpProtocol': 'tcp',
            'FromPort': 22,
            'ToPort': 22,
            'IpRanges': [
                {
                    'CidrIp': '192.0.2.10/32'
                }
            ],
            'UserIdGroupPairs': []
        }

        rule = ec2_sg.RuleWrapper(ip_permission, flow='source')

        filters = [{'Name': 'tag:Name', 'Values': ['sg01a']}]

        def _add_wrapper(base_classes, **kwargs):
            base_classes.insert(0, ec2_sg.SecurityGroupWrapper)

        with mock_ec2():
            event = 'creating-resource-class.ec2.SecurityGroup'
            session = Session(**self.credentials)
            session.events.register(event, _add_wrapper)
            ec2 = session.resource('ec2')

            # Create the VPC
            h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
            h.create_resource()

            # Create the security group
            h = ec2_sg.create_handler(sg_ctx, self.credentials)
            h.create_resource()

            security_groups = list(ec2.security_groups.filter(Filters=filters))
            sg = security_groups[0]

            self.assertEqual(len(security_groups), 1)
            self.assertEqual(len(sg.ingress_rules), 1)
            self.assertIn(rule, sg.ingress_rules)