def test_load_gzipped_files_including_those_that_were_delivered_only_an_hour_after_the_event_time_we_are_looking_for(): records = load_from_dir(cloudtrail_data_dir(), datetime.datetime(2017, 12, 11, 0, 0, tzinfo=pytz.utc), datetime.datetime(2017, 12, 11, 14, 5, tzinfo=pytz.utc)) assert records == [ Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations", assumed_role_arn="arn:aws:iam::111111111111:role/someRole", # "2017-12-11T15:01:51Z" event_time=datetime.datetime(2017, 12, 11, 15, 1, 51, tzinfo=pytz.utc)), Record("sts.amazonaws.com", "AssumeRole", resource_arns=["arn:aws:iam::111111111111:role/someRole"], event_time=datetime.datetime(2017, 12, 11, 15, 4, 51, tzinfo=pytz.utc)) ]
def test_load_gzipped_files_in_timeframe_from_dir(): records = load_from_dir(cloudtrail_data_dir(), datetime.datetime(2017, 12, 1, tzinfo=pytz.utc), datetime.datetime(2017, 12, 12, tzinfo=pytz.utc)) assert records == [ Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations", assumed_role_arn="arn:aws:iam::111111111111:role/someRole", # "2017-12-11T15:01:51Z" event_time=datetime.datetime(2017, 12, 11, 15, 1, 51, tzinfo=pytz.utc)), Record("sts.amazonaws.com", "AssumeRole", resource_arns=["arn:aws:iam::111111111111:role/someRole"], event_time=datetime.datetime(2017, 12, 11, 15, 4, 51, tzinfo=pytz.utc)) ]
def select(log_dir, filter_assumed_role_arn, use_cloudtrail_api, from_s, to_s): """Finds all CloudTrail records matching the given filters and prints them.""" log_dir = os.path.expanduser(log_dir) from_date = time_utils.parse_human_readable_time(from_s) to_date = time_utils.parse_human_readable_time(to_s) if use_cloudtrail_api: records = load_from_api(from_date, to_date) else: records = load_from_dir(log_dir, from_date, to_date) filtered_records = filter_records(records, filter_assumed_role_arn, from_date, to_date) filtered_records_as_json = [record.raw_source for record in filtered_records] click.echo(json.dumps({"Records": filtered_records_as_json}))
def test_load_no_gzipped_files_outsite_timeframe_from_dir(): records = load_from_dir(cloudtrail_data_dir(), datetime.datetime(2016, 12, 1, tzinfo=pytz.utc), datetime.datetime(2016, 12, 12, tzinfo=pytz.utc)) assert records == []