def test_save_aws_org_method(self):
"""Test that saving to the database works."""
unit_crawler = AWSOrgUnitCrawler(self.account)
with schema_context(self.schema):
cur_count = AWSOrganizationalUnit.objects.count()
self.assertEqual(cur_count, 0)
AWSAccountAlias.objects.create(account_id="A_001",
account_alias="Root Account")
unit_crawler._build_accout_alias_map()
unit_crawler._structure_yesterday = {}
# Test that we are using a get or create so only one entry should be found.
root_ou = {"Id": "R_001", "Name": "root"}
root_account = {"Id": "A_001", "Name": "Root Account"}
unit_crawler._save_aws_org_method(root_ou, "unit_path", 0,
root_account)
unit_crawler._save_aws_org_method(root_ou, "unit_path", 0,
root_account)
with schema_context(self.schema):
cur_count = AWSOrganizationalUnit.objects.count()
self.assertEqual(cur_count, 1)
# simulate an account being moved into a big org
big_ou = {"Id": "R_001", "Name": "Big0"}
unit_crawler._save_aws_org_method(big_ou, "unit_path&big_org", 1,
root_account)
with schema_context(self.schema):
cur_count = AWSOrganizationalUnit.objects.count()
self.assertEqual(cur_count, 2)
# simulate a leaf node being added without an account_id
unit_crawler._save_aws_org_method(root_ou, "unit_path", 0)
with schema_context(self.schema):
cur_count = AWSOrganizationalUnit.objects.count()
self.assertEqual(cur_count, 3)
def test_org_unit_deleted_state(self):
"""Test that an org unit that is in a deleted state is fixed when it is found again."""
unit_crawler = AWSOrgUnitCrawler(self.account)
with schema_context(self.schema):
AWSAccountAlias.objects.create(account_id="A_001",
account_alias="Root Account")
unit_crawler._build_accout_alias_map()
unit_crawler._structure_yesterday = {}
root_ou = {"Id": "R_001", "Name": "root"}
root_account = {"Id": "A_001", "Name": "Root Account"}
unit_crawler._save_aws_org_method(root_ou, "unit_path", 0,
root_account)
# simulate an org unit getting into a deleted state and ensure that the crawler
# nullifies the deleted_timestamp
with schema_context(self.schema):
ou_to_update = AWSOrganizationalUnit.objects.filter(
org_unit_id="R_001")
ou_to_update.update(
deleted_timestamp=unit_crawler._date_accessor.today())
updated_ou = unit_crawler._save_aws_org_method(root_ou, "unit_path", 0,
root_account)
with schema_context(self.schema):
cur_count = AWSOrganizationalUnit.objects.count()
self.assertEqual(cur_count, 1)
self.assertEqual(updated_ou.deleted_timestamp, None)
def test_crawl_accounts_per_id(self, mock_session):
"""Test that the accounts are depaginated and saved to db."""
mock_session.client = MagicMock()
parent_id = "big_sub_org"
unit_crawler = AWSOrgUnitCrawler(self.account)
unit_crawler._init_session()
side_effect_list = _generate_act_for_parent_side_effect(self.schema, parent_id, 3)
unit_crawler._build_accout_alias_map()
unit_crawler._client.list_accounts_for_parent.side_effect = side_effect_list
unit_crawler._structure_yesterday = {}
prefix = f"root&{parent_id}"
ou = {"Id": parent_id, "Name": "Big Org Unit"}
unit_crawler._crawl_accounts_per_id(ou, prefix, level=1)
with schema_context(self.schema):
acts_in_db = AWSOrganizationalUnit.objects.filter(account_alias__isnull=False)
self.assertIsNotNone(acts_in_db)
self.assertEqual(acts_in_db.count(), 3)
def test_compute_org_structure_interval(self):
"""Test function that computes org structure for an interval."""
unit_crawler = AWSOrgUnitCrawler(self.account)
unit_crawler._build_accout_alias_map()
with schema_context(self.schema):
cur_count = AWSOrganizationalUnit.objects.count()
self.assertEqual(cur_count, 0)
unit_crawler._structure_yesterday = {}
# Add root node with 1 account
created_nodes = []
root = {"Id": "R_001", "Name": "root"}
root_account = {"Id": "A_001", "Name": "Root Account"}
created_nodes.append(
unit_crawler._save_aws_org_method(root, "R_001", 0, None))
created_nodes.append(
unit_crawler._save_aws_org_method(root, "R_001", 0, root_account))
# Add sub_org_unit_1 with 2 accounts
sub_org_unit_1 = {"Id": "OU_1000", "Name": "sub_org_unit_1"}
created_nodes.append(
unit_crawler._save_aws_org_method(sub_org_unit_1, "R_001&OU_1000",
1, None))
created_nodes.append(
unit_crawler._save_aws_org_method(sub_org_unit_1, "R_001&OU_1000",
1, {
"Id": "A_002",
"Name": "Sub Org Account 2"
}))
created_nodes.append(
unit_crawler._save_aws_org_method(sub_org_unit_1, "R_001&OU_1000",
1, {
"Id": "A_003",
"Name": "Sub Org Account 3"
}))
# Change created date to two_days_ago
with schema_context(self.schema):
two_days_ago = (unit_crawler._date_accessor.today() -
timedelta(2)).strftime("%Y-%m-%d")
for node in created_nodes:
node.created_timestamp = two_days_ago
node.save()
curr_count = AWSOrganizationalUnit.objects.filter(
created_timestamp__lte=two_days_ago).count()
self.assertEqual(curr_count, 5)
expected_count_2_days_ago = curr_count
# # Add sub_org_unit_2 and move sub_org_unit_1 2 accounts here
created_nodes = []
sub_org_unit_2 = {"Id": "OU_2000", "Name": "sub_org_unit_2"}
created_nodes.append(
unit_crawler._save_aws_org_method(sub_org_unit_2, "R_001&OU_2000",
1, None))
created_nodes.append(
unit_crawler._save_aws_org_method(sub_org_unit_2, "R_001&OU_2000",
1, {
"Id": "A_002",
"Name": "Sub Org Account 2"
}))
created_nodes.append(
unit_crawler._save_aws_org_method(sub_org_unit_2, "R_001&OU_2000",
1, {
"Id": "A_003",
"Name": "Sub Org Account 3"
}))
deleted_nodes = unit_crawler._delete_aws_org_unit("OU_1000")
# Test fake node delete
unit_crawler._delete_aws_org_unit("sub_org_unit_1_Fake")
with schema_context(self.schema):
yesterday = (unit_crawler._date_accessor.today() -
timedelta(1)).strftime("%Y-%m-%d")
for node in created_nodes:
node.created_timestamp = yesterday
node.save()
for node in deleted_nodes:
node.deleted_timestamp = yesterday
node.save()
curr_count = AWSOrganizationalUnit.objects.filter(
created_timestamp__lte=yesterday).count()
deleted_count = AWSOrganizationalUnit.objects.filter(
deleted_timestamp__lte=yesterday).count()
self.assertEqual(curr_count, 8)
self.assertEqual(deleted_count, 3)
expected_yesterday_count = curr_count - deleted_count
unit_crawler._delete_aws_account("A_002")
sub_org_unit_2 = {"Id": "OU_3000", "Name": "sub_org_unit_3"}
unit_crawler._save_aws_org_method(sub_org_unit_2, "R_001&OU_3000", 1,
None)
with schema_context(self.schema):
today = unit_crawler._date_accessor.today().strftime("%Y-%m-%d")
curr_count = AWSOrganizationalUnit.objects.filter(
created_timestamp__lte=today).count()
deleted_count = AWSOrganizationalUnit.objects.filter(
deleted_timestamp__lte=today).count()
self.assertEqual(curr_count, 9)
expected_today_count = curr_count - deleted_count
# 2 days ago count matches
structure_2_days_ago = unit_crawler._compute_org_structure_interval(
two_days_ago)
self.assertEqual(expected_count_2_days_ago, len(structure_2_days_ago))
# Yesterday count matches
unit_crawler._compute_org_structure_yesterday()
self.assertEqual(expected_yesterday_count,
len(unit_crawler._structure_yesterday))
# today
structure_today = unit_crawler._compute_org_structure_interval(today)
self.assertEqual(len(structure_today), expected_today_count)
