def test_disable_retention_log_settings(self): p = self.load_policy({ 'name': 'test-azure-storage', 'resource': 'azure.storage', 'filters': [ {'type': 'value', 'key': 'name', 'op': 'glob', 'value_type': 'normalize', 'value': 'cclgstorage*'}], 'actions': [ { 'type': 'set-log-settings', 'storage-types': ['blob', 'queue', 'table'], 'retention': 0, 'log': ['read', 'write', 'delete'] } ] }, validate=True) resources = p.run() session = local_session(p.session_factory) token = StorageUtilities.get_storage_token(session) blob_settings = StorageSettingsUtilities.get_settings( BLOB_TYPE, resources[0], token=token) queue_settings = StorageSettingsUtilities.get_settings( QUEUE_TYPE, resources[0], token=token) table_settings = StorageSettingsUtilities.get_settings( TABLE_TYPE, resources[0], session=session) # assert retention policy is disabled self.assertFalse(blob_settings.logging.retention_policy.enabled) self.assertFalse(queue_settings.logging.retention_policy.enabled) self.assertFalse(table_settings.logging.retention_policy.enabled)
def test_storage_settings_update_logging_blob(self, mock_set_blob_properties): mock_storage_account = { "resourceGroup": "mock_resource_group", "name": "mock_storage_account", "properties": { "primaryEndpoints": { "blob": "https://cctstoragey6akyqpagdt3o.blob.core.windows.net/", "queue": "https://cctstoragey6akyqpagdt3o.queue.core.windows.net/", "table": "https://cctstoragey6akyqpagdt3o.table.core.windows.net/", "file": "https://cctstoragey6akyqpagdt3o.file.core.windows.net/" }, } } mock_session = MagicMock() log_settings = MagicMock() StorageSettingsUtilities.update_logging(BLOB_TYPE, mock_storage_account, log_settings, session=mock_session) mock_set_blob_properties.assert_called_once()
def test_storage_settings_get_table_settings(self, mock_get_storage_key, mock_get_table_properties): mock_storage_account = { "resourceGroup": "mock_resource_group", "name": "mock_storage_account", "properties": { "primaryEndpoints": { "blob": "https://cctstoragey6akyqpagdt3o.blob.core.windows.net/", "queue": "https://cctstoragey6akyqpagdt3o.queue.core.windows.net/", "table": "https://cctstoragey6akyqpagdt3o.table.core.windows.net/", "file": "https://cctstoragey6akyqpagdt3o.file.core.windows.net/" }, } } mock_session = MagicMock() StorageSettingsUtilities.get_settings(TABLE_TYPE, mock_storage_account, session=mock_session) mock_get_storage_key.assert_called_with('mock_resource_group', 'mock_storage_account', mock_session) mock_get_table_properties.assert_called_once()
def test_enable_log_settings(self): p = self.load_policy( { 'name': 'test-azure-storage', 'resource': 'azure.storage', 'filters': [{ 'type': 'value', 'key': 'name', 'op': 'glob', 'value_type': 'normalize', 'value': 'cclgstorage*' }], 'actions': [{ 'type': 'set-log-settings', 'storage-types': ['blob', 'queue', 'table'], 'retention': 5, 'log': ['read', 'write', 'delete'] }] }, validate=True) resources = p.run() self.sleep_in_live_mode(30) session = local_session(p.session_factory) token = StorageUtilities.get_storage_token(session) blob_settings = StorageSettingsUtilities.get_settings(BLOB_TYPE, resources[0], token=token) queue_settings = StorageSettingsUtilities.get_settings(QUEUE_TYPE, resources[0], token=token) table_settings = StorageSettingsUtilities.get_settings(TABLE_TYPE, resources[0], session=session) # assert all logging settings are enabled self.assertTrue(blob_settings.logging.delete and blob_settings.logging.read and blob_settings.logging.write) self.assertTrue(queue_settings.logging.delete and queue_settings.logging.read and queue_settings.logging.write) self.assertTrue(table_settings.logging.delete and table_settings.logging.read and table_settings.logging.write) # assert retention policy is enabled self.assertTrue(blob_settings.logging.retention_policy.enabled) self.assertTrue(queue_settings.logging.retention_policy.enabled) self.assertTrue(table_settings.logging.retention_policy.enabled) # assert retention days is set to 5 self.assertEqual(blob_settings.logging.retention_policy.days, 5) self.assertEqual(table_settings.logging.retention_policy.days, 5) self.assertEqual(queue_settings.logging.retention_policy.days, 5)
def test_storage_settings_get_blob_settings(self, mock_blob_properties_call): mock_storage_account = { "resourceGroup": "mock_resource_group", "name": "mock_storage_account" } mock_token = 'mock_token' StorageSettingsUtilities.get_settings(BLOB_TYPE, mock_storage_account, token=mock_token) mock_blob_properties_call.assert_called_once()
def test_storage_settings_get_file_settings(self, mock_get_storage_key, mock_file_properties_call): mock_storage_account = { "resourceGroup": "mock_resource_group", "name": "mock_storage_account" } mock_session = MagicMock() StorageSettingsUtilities.get_settings(FILE_TYPE, mock_storage_account, session=mock_session) mock_get_storage_key.assert_called_with( 'mock_resource_group', 'mock_storage_account', mock_session) mock_file_properties_call.assert_called_once()
def test_storage_settings_update_logging_blob(self, mock_set_blob_properties): mock_storage_account = { "resourceGroup": "mock_resource_group", "name": "mock_storage_account" } mock_token = 'mock_token' log_settings = MagicMock() StorageSettingsUtilities.update_logging( BLOB_TYPE, mock_storage_account, log_settings, token=mock_token) mock_set_blob_properties.assert_called_once()
def test_disable_log_settings(self): p = self.load_policy( { 'name': 'test-azure-storage', 'resource': 'azure.storage', 'filters': [{ 'type': 'value', 'key': 'name', 'op': 'glob', 'value_type': 'normalize', 'value': 'cclgstorage*' }], 'actions': [{ 'type': 'set-log-settings', 'storage-types': ['blob', 'queue', 'table'], 'retention': 5, 'log': ['delete'] }] }, validate=True) resources = p.run() self.sleep_in_live_mode(30) session = local_session(p.session_factory) blob_settings = StorageSettingsUtilities.get_settings(BLOB_TYPE, resources[0], session=session) queue_settings = StorageSettingsUtilities.get_settings(QUEUE_TYPE, resources[0], session=session) table_settings = StorageSettingsUtilities.get_settings(TABLE_TYPE, resources[0], session=session) # assert read and write logging settings are disabled self.assertFalse(blob_settings['analytics_logging'].read and blob_settings['analytics_logging'].write) self.assertFalse(queue_settings['analytics_logging'].read and queue_settings['analytics_logging'].write) self.assertFalse(table_settings.logging.read and table_settings.logging.write) # assert delete logging settings are enabled self.assertTrue(blob_settings['analytics_logging'].delete) self.assertTrue(queue_settings['analytics_logging'].delete) self.assertTrue(table_settings.logging.delete)
def test_storage_settings_update_logging_table(self, mock_get_storage_key, mock_set_table_properties): mock_storage_account = { "resourceGroup": "mock_resource_group", "name": "mock_storage_account" } mock_session = MagicMock() log_settings = MagicMock() StorageSettingsUtilities.update_logging( TABLE_TYPE, mock_storage_account, log_settings, session=mock_session) mock_get_storage_key.assert_called_with( 'mock_resource_group', 'mock_storage_account', mock_session) mock_set_table_properties.assert_called_once()