def test_kinesis_streams_with_trusted_account():
"""CLI - Terraform Generate Kinesis Streams with trusted account"""
cluster_dict = _common.infinitedict()
result = kinesis_streams.generate_kinesis_streams('trusted', cluster_dict,
CONFIG)
expected_result = {
'module': {
'kinesis_trusted': {
'source': 'modules/tf_stream_alert_kinesis_streams',
'account_id': '12345678910',
'shard_level_metrics': [],
'region': 'us-west-1',
'prefix': 'unit-testing',
'cluster_name': 'trusted',
'stream_name': 'unit-testing_trusted_stream_alert_kinesis',
'shards': 1,
'retention': 24,
'create_user': True,
'trusted_accounts': ['98765432100']
}
}
}
assert_true(result)
assert_equal(cluster_dict, expected_result)
def test_kinesis_streams():
"""CLI - Terraform Generate Kinesis Streams"""
cluster_dict = _common.infinitedict()
result = kinesis_streams.generate_kinesis_streams('advanced', cluster_dict,
CONFIG)
expected_result = {
'module': {
'kinesis_advanced': {
'source': 'modules/tf_stream_alert_kinesis_streams',
'account_id': '12345678910',
'shard_level_metrics': ["IncomingBytes"],
'region': 'us-west-1',
'prefix': 'unit-testing',
'cluster_name': 'advanced',
'stream_name': 'unit-testing_advanced_stream_alert_kinesis',
'shards': 1,
'retention': 24,
'create_user': True
}
}
}
assert_true(result)
assert_equal(cluster_dict, expected_result)
def generate_cluster(**kwargs):
"""Generate a StreamAlert cluster file.
Keyword Args:
cluster_name (str): The name of the currently generating cluster
config (dict): The loaded config from the 'conf/' directory
Returns:
dict: generated Terraform cluster dictionary
"""
config = kwargs.get('config')
cluster_name = kwargs.get('cluster_name')
modules = config['clusters'][cluster_name]['modules']
cluster_dict = infinitedict()
if not generate_stream_alert(cluster_name, cluster_dict, config):
return
generate_cloudwatch_metric_filters(cluster_name, cluster_dict, config)
generate_cloudwatch_metric_alarms(cluster_name, cluster_dict, config)
if modules.get('cloudwatch_monitoring', {}).get('enabled'):
if not generate_monitoring(cluster_name, cluster_dict, config):
return
if modules.get('kinesis'):
if not generate_kinesis_streams(cluster_name, cluster_dict, config):
return
outputs = config['clusters'][cluster_name].get('outputs')
if outputs:
if not generate_outputs(cluster_name, cluster_dict, config):
return
if modules.get('kinesis_events'):
if not generate_kinesis_events(cluster_name, cluster_dict, config):
return
cloudtrail_info = modules.get('cloudtrail')
if cloudtrail_info:
if not generate_cloudtrail(cluster_name, cluster_dict, config):
return
flow_log_info = modules.get('flow_logs')
if flow_log_info:
if not generate_flow_logs(cluster_name, cluster_dict, config):
return
s3_events_info = modules.get('s3_events')
if s3_events_info:
if not generate_s3_events(cluster_name, cluster_dict, config):
return
generate_app_integrations(cluster_name, cluster_dict, config)
return cluster_dict
def generate_cluster(config, cluster_name):
"""Generate a StreamAlert cluster file.
Args:
config (dict): The loaded config from the 'conf/' directory
cluster_name (str): The name of the currently generating cluster
Returns:
dict: generated Terraform cluster dictionary
"""
modules = config['clusters'][cluster_name]['modules']
cluster_dict = infinitedict()
generate_classifier(cluster_name, cluster_dict, config)
generate_cluster_cloudwatch_metric_filters(cluster_name, cluster_dict,
config)
generate_cluster_cloudwatch_metric_alarms(cluster_name, cluster_dict,
config)
if modules.get('cloudwatch_monitoring', {}).get('enabled'):
if not generate_monitoring(cluster_name, cluster_dict, config):
return
if modules.get('kinesis'):
if not generate_kinesis_streams(cluster_name, cluster_dict, config):
return
outputs = config['clusters'][cluster_name].get('outputs')
if outputs:
if not generate_outputs(cluster_name, cluster_dict, config):
return
if modules.get('kinesis_events'):
if not generate_kinesis_events(cluster_name, cluster_dict, config):
return
if modules.get('cloudtrail'):
if not generate_cloudtrail(cluster_name, cluster_dict, config):
return
if modules.get('cloudwatch'):
if not generate_cloudwatch(cluster_name, cluster_dict, config):
return
if modules.get('flow_logs'):
if not generate_flow_logs(cluster_name, cluster_dict, config):
return
if modules.get('s3_events'):
if not generate_s3_events(cluster_name, cluster_dict, config):
return
generate_apps(cluster_name, cluster_dict, config)
return cluster_dict
