def test_get_account_password_policy_error_connect_iam(self):
expected_error_response = copy.deepcopy(DataCommon.ERROR_RESPONSE)
expected_operation_name = copy.deepcopy(DataCommon.OPERATION_NAME)
# mock error client
with patch.object(session, 'client') as mock_method:
mock_method.side_effect = ClientError(
error_response=expected_error_response,
operation_name=expected_operation_name)
with patch.object(PmLogAdapter, 'error',
return_value=None) as mock_method_error:
with self.assertRaises(PmError) as exception:
IAMUtils.get_account_password_policy(
trace_id, session, aws_account)
# check error
actual_cause_error = exception.exception.cause_error
self.assertEqual(expected_error_response['Error'],
actual_cause_error.response['Error'])
self.assertEqual(expected_operation_name,
actual_cause_error.operation_name)
# check message log error
mock_method_error.assert_any_call("[%s] IAMクライアント作成に失敗しました。",
aws_account)
def test_get_account_password_policy_error_no_such_entity(self):
# connect client
client_connect_iam = iam_utils.client_connect()
expected_error_response = copy.deepcopy(DataCommon.ERROR_RESPONSE)
expected_operation_name = copy.deepcopy(DataCommon.OPERATION_NAME)
expected_error_response['Error']['Code'] = "NoSuchEntity"
# mock client
with patch.object(session, 'client') as mock_method_client:
mock_method_client.return_value = client_connect_iam
# mock error no such entity call API get_account_password_policy
with patch.object(client_connect_iam,
'get_account_password_policy') as mock_method:
mock_method.side_effect = ClientError(
error_response=expected_error_response,
operation_name=expected_operation_name)
with patch.object(PmLogAdapter, 'error',
return_value=None) as mock_method_error:
with self.assertRaises(PmError) as exception:
IAMUtils.get_account_password_policy(
trace_id, session, aws_account)
# check error
actual_cause_error = exception.exception.cause_error
self.assertEqual(expected_error_response['Error'],
actual_cause_error.response['Error'])
self.assertEqual(expected_operation_name,
actual_cause_error.operation_name)
# check message log error
mock_method_error.assert_any_call("[%s] アカウントパスワードポリシーが設定されていません。",
aws_account)
def get_account_password_policy(trace_id, check_history_id, organization_id,
project_id, awsaccount, session,
result_json_path):
pm_logger = common_utils.begin_logger(trace_id, __name__,
inspect.currentframe())
s3_file_name = CommonConst.PATH_CHECK_RAW.format(
check_history_id, organization_id, project_id, awsaccount,
"IBP/IAM_AccountPasswordPolicy.json")
# リソース情報取得
if (aws_common.check_exists_file_s3(trace_id, "S3_CHECK_BUCKET",
s3_file_name)) is True:
try:
account_password_policy = FileUtils.read_json(
trace_id, "S3_CHECK_BUCKET", s3_file_name)
except PmError as e:
raise common_utils.write_log_pm_error(e, pm_logger)
else:
try:
account_password_policy = IAMUtils.get_account_password_policy(
trace_id, session, awsaccount)
except PmError as e:
raise common_utils.write_log_pm_error(e, pm_logger)
# アカウントパスワードポリシー情報をS3に保存します。
try:
FileUtils.upload_json(trace_id, "S3_CHECK_BUCKET",
account_password_policy, s3_file_name)
except PmError as e:
pm_logger.error("[%s] アカウントパスワードポリシー情報のS3保存に失敗しました。", awsaccount)
raise common_utils.write_log_pm_error(e, pm_logger)
return account_password_policy
def test_get_account_password_policy_success_response_not_exists_password_policy(
self):
# connect client
client_connect_iam = iam_utils.client_connect()
expected_list_password_policy = []
# mock client
with patch.object(session, 'client') as mock_method_client:
mock_method_client.return_value = client_connect_iam
# mock API get_account_password_policy
with patch.object(client_connect_iam,
'get_account_password_policy') as mock_method:
mock_method.return_value = {}
actual_list_password_policy = IAMUtils.get_account_password_policy(
trace_id, session, aws_account)
# check response
self.assertEqual(expected_list_password_policy,
actual_list_password_policy)
# check connect client
mock_method_client.assert_any_call(service_name="iam")
def test_get_account_password_policy_success_response_exists_password_policy(
self):
# connect client
client_connect_iam = iam_utils.client_connect()
expected_list_password_policy = copy.deepcopy(
DataTestIAM.LIST_PASSWORD_POLICY)
# mock client
with patch.object(session, 'client') as mock_method_client:
mock_method_client.return_value = client_connect_iam
# mock API get_account_password_policy
with patch.object(client_connect_iam,
'get_account_password_policy') as mock_method:
mock_method.return_value = expected_list_password_policy
actual_list_password_policy = IAMUtils.get_account_password_policy(
trace_id, session, aws_account)
# check response
self.assertEqual(expected_list_password_policy['PasswordPolicy'],
actual_list_password_policy)
# check connect client
mock_method_client.assert_any_call(service_name="iam")