def test_process_ec2_subnets(self): self.check.run() self.assert_executed_ok() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] comp = top.assert_component( components, "subnet-9e4be5f9", "aws.subnet", checks={ "SubnetId": "subnet-9e4be5f9", "Tags.Name": "demo-deployments", "URN": ["arn:aws:ec2:{}:731070500579:subnet/{}".format("eu-west-1", "subnet-9e4be5f9")], "Name": "demo-deployments-eu-west-1a", }, ) self.assert_location_info(comp) comp = top.assert_component( components, "subnet-12345678", "aws.subnet", checks={"SubnetId": "subnet-12345678", "Name": "subnet-12345678-eu-west-1a"}, ) top.assert_relation(relations, "subnet-9e4be5f9", "vpc-6b25d10e", "uses service") top.assert_relation(relations, "subnet-12345678", "vpc-6b25d10e", "uses service") top.assert_all_checked(components, relations)
def test_process_ec2_security_groups_order_has_no_influence_on_hash(self): self.check.run() self.assert_executed_ok() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] if sys.version_info.major == 3: version_to_check = self.first_security_group_version_py3 else: version_to_check = self.first_security_group_version_py2 top.assert_component( components, self.first_sg_group_id, "aws.security-group", checks={ "URN": ["arn:aws:ec2:{}:731070500579:security-group/{}".format("eu-west-1", self.first_sg_group_id)], "Version": version_to_check, "Name": "network-ALBSecurityGroupPublic-1DNVWX102724V", }, ) top.assert_all_checked(components, relations, unchecked_components=48, unchecked_relations=49)
def test_process_firehose(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] firehose_arn_prefix = "arn:aws:firehose:eu-west-1:548105126730:deliverystream/" top.assert_component( components, firehose_arn_prefix + "firehose_1", "aws.firehose.delivery-stream", checks={ "Name": "firehose_1", "DeliveryStreamARN": firehose_arn_prefix + "firehose_1", "Tags.SomeKey": "SomeValue", "CW.Dimensions": [{ "Key": "DeliveryStreamName", "Value": "firehose_1" }], }, ) top.assert_component( components, firehose_arn_prefix + "firehose_2", "aws.firehose.delivery-stream", checks={ "Name": "firehose_2", "DeliveryStreamARN": firehose_arn_prefix + "firehose_2", "CW.Dimensions": [{ "Key": "DeliveryStreamName", "Value": "firehose_2" }], }, ) top.assert_relation( relations, "arn:aws:kinesis:eu-west-1:548105126730:stream/stream_1", firehose_arn_prefix + "firehose_1", "uses-service", ) top.assert_relation(relations, firehose_arn_prefix + "firehose_1", "arn:aws:s3:::firehose-bucket_1", "uses-service") top.assert_relation(relations, firehose_arn_prefix + "firehose_2", "arn:aws:s3:::firehose-bucket_2", "uses-service") top.assert_all_checked(components, relations)
def test_process_ecs_create_service(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() self.assertGreater(len(topology[0]["components"]), 0) top.assert_component( topology[0]["components"], "arn:aws:ecs:eu-west-1:731070500579:cluster/default", "aws.ecs.cluster")
def test_process_ec2_state_stopping(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] top.assert_component( components, "i-1234567890123456", "aws.ec2", checks={"InstanceId": "i-1234567890123456"}, )
def test_process_elb(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] events = aggregator.events self.assertEqual(len(events), 2) # TODO nothing is checked on the events top.assert_component( components, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "aws.elb_classic", { "LoadBalancerName": "classic-loadbalancer-1", "Tags.stackstate-environment": "Production", "URN": [ "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1" ], }, ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "vpc-6b25d10e", "uses service", ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "sg-193aec7c", "uses service", ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "i-09388d5bfc0ab9e78", "uses service", ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "i-05b20853cc72c23c4", "uses service", ) top.assert_all_checked(components, relations)
def test_process_ec2_stop_instances(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] self.assertEqual(len(topology[0]["components"]), 1) top.assert_component( components, "i-0f70dba7ea83d6dec", "aws.ec2", checks={"InstanceId": "i-0f70dba7ea83d6dec", "State": {"Code": 80, "Name": "stopped"}}, )
def test_process_ec2_start_instances(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] self.assertEqual(len(topology[0]["components"]), 1) top.assert_component( components, "i-1234567890123456", "aws.ec2", checks={"InstanceId": "i-1234567890123456", "State": {"Code": 16, "Name": "running"}}, )
def test_process_ec2_modify_instance_attributes(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] self.assertEqual(len(topology[0]["components"]), 1) top.assert_component( components, "i-1234567890123456", "aws.ec2", checks={"InstanceId": "i-1234567890123456", "InstanceType": "m6gd.medium"}, )
def test_process_ec2_run_instances(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] self.assertEqual(len(components), 1) top.assert_component( components, "i-0f70dba7ea83d6dec", "aws.ec2", checks={"InstanceId": "i-0f70dba7ea83d6dec", "LaunchTime": "2018-04-16T08:01:08+00:00"}, )
def test_process_elbv2_create_target_group(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() self.assertEqual(len(topology[0]["components"]), 3) components = topology[0]["components"] top.assert_component( components, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:targetgroup/" + "elvin-AlbEc-PYQ8ZCZDRD5E/6e2b19e842496efb", "aws.elb_v2_target_group", )
def test_process_kinesis(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] base_stream_arn = "arn:aws:kinesis:eu-west-1:731070500579:stream/" top.assert_component( components, base_stream_arn + "stream_1", "aws.kinesis.data-stream", checks={ "Name": "stream_1", "StreamDescriptionSummary.StreamARN": "arn:aws:kinesis:eu-west-1:731070500579:stream/stream_1", "Tags.TestKey": "TestValue", }, ) top.assert_component( components, base_stream_arn + "stream_2", "aws.kinesis.data-stream", checks={"Name": "stream_2"} ) top.assert_component( components, base_stream_arn + "stream_3", "aws.kinesis.data-stream", checks={"Name": "stream_3"} ) top.assert_component( components, base_stream_arn + "stream_4", "aws.kinesis.data-stream", checks={"Name": "stream_4"} ) top.assert_all_checked(components, relations)
def test_process_sns(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] base_target_id = "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-sam-seed-" top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-1", base_target_id + "TopicHandler-11EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-2", base_target_id + "TopicHandler-21EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", base_target_id + "TopicHandler-31EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", base_target_id + "TopicHandler-41EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", "arn:aws:sqs:eu-west-1:731070500579:STS_stackpack_test", "uses-service", ) top.assert_component( components, "arn:aws:sns:eu-west-1:731070500579:my-topic-1", "aws.sns.topic", checks={ "TopicArn": "arn:aws:sns:eu-west-1:731070500579:my-topic-1", "Name": "my-topic-1", "Tags.SnsTagKey": "SnsTagValue", "CW.Dimensions": [{"Key": "TopicName", "Value": "my-topic-1"}], }, ) self.assert_location_info(topology[0]["components"][0]) top.assert_component(components, "arn:aws:sns:eu-west-1:731070500579:my-topic-2", "aws.sns.topic") top.assert_component(components, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", "aws.sns.topic") top.assert_component(components, "arn:aws:sns:eu-west-1:731070500579:my-topic-4", "aws.sns.topic") top.assert_all_checked(components, relations)
def test_process_ec2_state_stopping(self): with patch( "stackstate_checks.aws_topology.AwsTopologyCheck.must_run_full", return_value=False): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_updated_ok() components = topology[0]["components"] top.assert_component( components, "i-1234567890123456", "aws.ec2.instance", checks={"InstanceId": "i-1234567890123456"}, )
def test_process_ec2_terminate_instances(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] self.assertEqual(len(topology[0]["components"]), 1) top.assert_component( components, "i-0f70dba7ea83d6dec", "aws.ec2", checks={ "InstanceId": "i-0f70dba7ea83d6dec", "StateTransitionReason": "User initiated (2018-04-16 19:07:25 GMT)", }, )
def test_process_sqs(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] component = top.assert_component( components, "arn:aws:sqs:eu-west-1:731070500579:STS_stackpack_test", "aws.sqs", checks={ "Tags.a": "b", "Name": "STS_stackpack_test", "URN": [ "https://sqs.eu-west-1.amazonaws.com/731070500579/STS_stackpack_test" ], "CW.Dimensions": [{ "Key": "QueueName", "Value": "STS_stackpack_test" }], }, ) self.assert_location_info(component) top.assert_all_checked(components, relations)
def test_process_ec2_vpcs(self): self.check.run() self.assert_executed_ok() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] comp = top.assert_component( components, "vpc-6b25d10e", "aws.ec2.vpc", checks={ "VpcId": "vpc-6b25d10e", "Name": "vpc-6b25d10e", "URN": [ "arn:aws:ec2:{}:731070500579:vpc/{}".format( "eu-west-1", "vpc-6b25d10e") ], }, ) self.assert_location_info(comp) comp = top.assert_component( components, "vpc-12345678", "aws.ec2.vpc", checks={ "VpcId": "vpc-12345678", "Name": "default", }, ) comp = top.assert_component( components, "vpc-87654321", "aws.ec2.vpc", checks={ "VpcId": "vpc-87654321", "Name": "MyVpc", }, ) top.assert_all_checked(components, relations)
def test_process_elbv2_create_target_group(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_updated_ok() self.assertEqual(len(topology[0]["components"]), 4) components = topology[0]["components"] top.assert_component( components, "arn:aws:elasticloadbalancing:eu-west-1:731070500579:targetgroup/myfirsttargetgroup/28ddec997ec55d21", "aws.elb-v2.target-group", ) self.assertEqual( "arn:aws:elasticloadbalancing:eu-west-1:731070500579:" + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", topology[0]["components"][0]["id"], )
def test_process_route53_domain(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] top.assert_component( components, "stackstate.com", "aws.route53.domain", checks={ "URN": ["arn:aws:route53::731070500579:domain/stackstate.com"], "Tags.Route53DomainTagKey": "Route53DomainTagValue", "DomainName": "stackstate.com", }, ) self.assert_location_info(topology[0]["components"][0]) top.assert_all_checked(components, relations)
def test_process_cloudformation_stack_relations(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] stack1 = ( "arn:aws:cloudformation:eu-west-1:731070500579:stack/stackstate-topo-publisher/" + "71ea3f80-9919-11e9-a261-0a99a68566c4") stack2 = ( "arn:aws:cloudformation:eu-west-1:731070500579:stack/stackstate-topo-cwevents/" + "077bd960-9919-11e9-adb7-02135cc8443e") top.assert_component( components, stack1, "aws.cloudformation", checks={ "LastUpdatedTime": "2019-06-27T20:23:43.548Z", "StackName": "stackstate-topo-publisher" }, ) top.assert_component( components, stack2, "aws.cloudformation", checks={ "LastUpdatedTime": "2019-06-27T20:20:45.336Z", "StackName": "stackstate-topo-cwevents" }, ) top.assert_relation(relations, stack2, stack1, "has resource") top.assert_all_checked(components, relations)
def test_process_s3(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] target_id = ( "arn:aws:lambda:eu-west-1:731070500579:" + "function:com-stackstate-prod-s-NotifyBucketEventsHandle-1W0B5NSZYJ3G1" ) top.assert_component( components, "arn:aws:s3:::stackstate.com", "aws.s3.bucket", checks={ "Name": "stackstate.com", "Tags.BucketTag": "TagValue", "BucketLocation": "eu-west-1" }, ) self.assert_location_info(topology[0]["components"][0]) top.assert_component(components, "arn:aws:s3:::binx.io", "aws.s3.bucket", checks={"Name": "binx.io"}) top.assert_component(components, "arn:aws:s3:::notags", "aws.s3.bucket", checks={ "Name": "notags", "Tags": {}, "BucketLocation": "eu-west-1" }) top.assert_relation( relations, "arn:aws:s3:::stackstate.com", target_id, "uses-service", checks={"event_type": "s3:ObjectCreated:*"}, ) top.assert_relation(relations, "arn:aws:s3:::binx.io", target_id, "uses-service", checks={"event_type": "s3:ObjectRemoved:*"}) top.assert_relation(relations, "arn:aws:s3:::notags", target_id, "uses-service", checks={"event_type": "s3:ObjectCreated:*"}) top.assert_all_checked(components, relations)
def test_process_route53_hostedzone(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] top.assert_component( components, "Z4OKCQBA0VS63", "aws.route53.hostedzone", checks={ "Name": "serverless.nl", "URN": ["arn:aws:route53:::hostedzone/Z4OKCQBA0VS63"], "Tags.ResourceTagKey": "ResourceTagValue", "HostedZone.Name": "serverless.nl.", }, ) self.assert_location_info(topology[0]["components"][0]) top.assert_all_checked(components, relations)
def test_process_autoscaling(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() # TODO this needs to be fixed in go, delete_ids need to be passed topology[0]["delete_ids"] = self.check.delete_ids components = topology[0]["components"] relations = topology[0]["relations"] group_arn = ( "arn:aws:autoscaling:eu-west-1:731070500579:" + "autoScalingGroup:e1155c2b-016a-40ad-8cba-2423c349574b:" + "autoScalingGroupName/awseb-e-gwhbyckyjq-stack-AWSEBAutoScalingGroup-35ZMDUKHPCUM" ) comp = top.assert_component( components, "awseb-e-gwhbyckyjq-stack-AWSEBAutoScalingGroup-35ZMDUKHPCUM", "aws.autoscaling", checks={ "AutoScalingGroupARN": group_arn, "Name": "awseb-e-gwhbyckyjq-stack-AWSEBAutoScalingGroup-35ZMDUKHPCUM", "URN": [group_arn] }, ) self.assert_location_info(comp) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:731070500579:loadbalancer/awseb-e-g-AWSEBLoa-1WTFTHM4EDGUX", group_arn, "uses service", ) top.assert_relation(relations, group_arn, "i-063c119ff97e71b82", "uses service") top.assert_relation(relations, group_arn, "i-0928b13f776ba8e76", "uses service") top.assert_relation(relations, group_arn, "i-0ed02eb3eab5399fb", "uses service") self.assertEqual(len(topology[0]["delete_ids"]), 3) top.assert_all_checked(components, relations)
def test_process_ec2_vpn_gateways(self): self.check.run() self.assert_executed_ok() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] comp = top.assert_component( components, "vgw-b8c2fccc", "aws.vpngateway", checks={ "VpnGatewayId": "vgw-b8c2fccc", }, ) self.assert_location_info(comp) top.assert_relation(relations, "vgw-b8c2fccc", "vpc-6b25d10e", "uses service") top.assert_all_checked(components, relations)
def test_process_lambda(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # Function comp = top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-sam-seed-PutHello-1LUD3ESBOR6EY", "aws.lambda", checks={ "FunctionName": "com-stackstate-prod-sam-seed-PutHello-1LUD3ESBOR6EY", "Tags.Group": "StackState" }, ) self.assert_location_info(comp) # lambda sts-xray-test-01 top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01", "aws.lambda") # Lambda sts-xray-test-01 has an alias top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01:old", "aws.lambda.alias", checks={ "Function.FunctionName": "sts-xray-test-01", "Name": "old" }, ) # sts-xray-test-01 has vpcid top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01", "vpc-c6d073bf", "uses service") # alias also has relation with vpcid top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01:old", "vpc-c6d073bf", "uses service", ) top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-02", "aws.lambda") # Lambda sts-xray-test-02 has an alias top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-02:altnm", "aws.lambda.alias", checks={ "Function.FunctionName": "sts-xray-test-02", "Name": "altnm" }, ) top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-PersonIdDynamoDBHandler-6KMIBXKKKCEZ", "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1/stream/2018-05-17T08:09:27.110", "uses service", ) top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-PersonCreatedKinesisHand-19T8EJADX2DE", "arn:aws:kinesis:eu-west-1:731070500579:stream/stream_1", "uses service", ) top.assert_all_checked(components, relations)
def test_process_ecs(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # default cluster comp = top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:cluster/default", "aws.ecs.cluster", checks={ "Name": "default", "Tags.stackstate-identifier": "sts-ecs-test", "CW.Dimensions": [{ "Key": "ClusterName", "Value": "default" }], }, ) self.assert_location_info(comp) # ECS Cluster top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:cluster/StackState-ECS-Cluster", "aws.ecs.cluster", checks={ "Name": "StackState-ECS-Cluster", "Tags.StackstateIdentifier": "camel-case-id", "CW.Dimensions": [{ "Key": "ClusterName", "Value": "StackState-ECS-Cluster" }], }, ) # service top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "aws.ecs.service", checks={ "Name": "sample-app-service", "CW.Dimensions": [ { "Key": "ClusterName", "Value": "default" }, { "Key": "ServiceName", "Value": "sample-app-service" }, ], "URN": [ "urn:service:/service-sample-app-service-sample-app", "urn:service:/service-sample-app-service-xray-daemon", ], }, ) # task top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:task/f89e69d0-0829-48b8-a503-c7b02a62fe9f", "aws.ecs.task", checks={ "Name": "first-run-task-definition:2", "URN": [ "urn:service-instance:/service-sample-app-service-sample-app:/10.0.0.53", "urn:service-instance:/service-sample-app-service-xray-daemon:/10.0.0.54", ], }, ) # default cluster has a service top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:cluster/default", "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "has_cluster_node", ) # service has a task top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "arn:aws:ecs:eu-west-1:731070500579:task/f89e69d0-0829-48b8-a503-c7b02a62fe9f", "has_cluster_node", ) # service has a lb targetgroup top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "arn:aws:elasticloadbalancing:eu-west-1:731070500579:targetgroup/EC2Co-Defau-7HYSTVRX07KO/a7e4eb718fda7510", "uses service", ) # ECS cluster has an instance top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:cluster/StackState-ECS-Cluster", "string", "uses_ec2_host") top.assert_all_checked(components, relations)
def test_process_dynamodb(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # table_1 top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1", "aws.dynamodb.table", checks={ "TableArn": "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1", "Name": "table_1", "CW.Dimensions": [{ "Key": "TableName", "Value": "table_1" }], }, ) # table_1.stream top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1/stream/2018-05-17T08:09:27.110", "aws.dynamodb.streams", checks={ "LatestStreamArn": "arn:aws:dynamodb:eu-west-1:731070500579:" + "table/table_1/stream/2018-05-17T08:09:27.110", "Name": "table_1/stream/2018-05-17T08:09:27.110", "CW.Dimensions": [ { "Key": "TableName", "Value": "table_1" }, { "Key": "StreamLabel", "Value": "2018-05-17T08:09:27.110" }, ], }, ) # table_1 <-> stream top.assert_relation( relations, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1", "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1/stream/2018-05-17T08:09:27.110", "uses-service", ) top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_2", "aws.dynamodb.table") top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_3", "aws.dynamodb.table") top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_4", "aws.dynamodb.table") top.assert_all_checked(components, relations)
def test_process_stepfunctions(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] names = resource("json/cloudformation/names.json" ) # TODO move file to stepfunctions (=snapshot) def get_id(name, region="eu-west-1", stack="stackstate-main-account-main-region"): account = "548105126730" res = names.get(account + "|" + region + "|" + stack + "|" + name) if res: if not res["id"].startswith("arn:aws:"): arn = type_arn.get(res["type"]) if arn: return arn(region=region, account_id=account, resource_id=res["id"]) else: return "UNSUPPORTED_ARN-" + res["type"] + "-" + res[ "id"] else: return res["id"] sfn_id = get_id("StepFunctionsStateMachine") top.assert_component(components, sfn_id, "aws.stepfunction.statemachine") top.assert_component(components, get_id("StepFunctionsActivity"), "aws.stepfunction.activity") state_names = [ "Activity", "ApiMap", "ApiGateway", "FakeChoice", "FakeInput", "Finish", "NoFinish", "ParallelRun", "ECS", "SNS", "SQS", "SQSSecondaryRegion", "DynamoDB", "Lambda", "LambdaOldVersion", ] for state_name in state_names: top.assert_component(components, sfn_id + ":state/" + state_name, "aws.stepfunction.state") # starting state top.assert_relation(relations, sfn_id, sfn_id + ":state/ParallelRun", "uses service") # parallel branch 1 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/ECS", "uses service") # parallel branch 2 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/SNS", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/SNS", sfn_id + ":state/SQS", "uses service") top.assert_relation(relations, sfn_id + ":state/SQS", sfn_id + ":state/SQSSecondaryRegion", "uses service") # parallel branch 3 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/Lambda", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/Lambda", sfn_id + ":state/LambdaOldVersion", "uses service") top.assert_relation(relations, sfn_id + ":state/LambdaOldVersion", sfn_id + ":state/DynamoDB", "uses service") top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/FakeInput", "uses service") # iterator top.assert_relation(relations, sfn_id + ":state/FakeInput", sfn_id + ":state/ApiMap", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/ApiMap", sfn_id + ":state/ApiGateway", "uses service") # choice top.assert_relation(relations, sfn_id + ":state/ApiMap", sfn_id + ":state/FakeChoice", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/FakeChoice", sfn_id + ":state/Finish", "uses service") top.assert_relation(relations, sfn_id + ":state/FakeChoice", sfn_id + ":state/Activity", "uses service") # last top.assert_relation(relations, sfn_id + ":state/Activity", sfn_id + ":state/NoFinish", "uses service") # 15 states top.assert_relation(relations, sfn_id + ":state/SNS", get_id("SnsTopic"), "uses service") top.assert_relation(relations, sfn_id + ":state/SQS", get_id("SqsQueue"), "uses service") top.assert_relation( relations, sfn_id + ":state/SQSSecondaryRegion", get_id("SqsQueue", stack="stackstate-main-account-secondary-region", region="us-east-1"), "uses service", ) top.assert_relation(relations, sfn_id + ":state/DynamoDB", get_id("DynamoDbTable"), "uses service") # TODO ApiGatewayV2 not yet supported (SO RELATION LEFT ALERTER) # TODO also verify if this is OK to refer to the API stage here? self.assertIn("UNSUPPORTED_ARN-AWS::ApiGatewayV2::", get_id("ApiGatewayApi") + "/test") # top.assert_relation(relations, sfn_id + ':state/ApiGateway', get_id('ApiGatewayApi') + '/test') top.assert_relation(relations, sfn_id + ":state/Lambda", get_id("LambdaFunction"), "uses service") top.assert_relation(relations, sfn_id + ":state/LambdaOldVersion", get_id("LambdaFunction"), "uses service") top.assert_relation(relations, sfn_id + ":state/ECS", get_id("EcsTaskDefinition"), "uses service") top.assert_relation(relations, sfn_id + ":state/ECS", get_id("EcsCluster"), "uses service") top.assert_relation(relations, sfn_id + ":state/Activity", get_id("StepFunctionsActivity"), "uses service") # TODO IAM not yet supported (SO RELATION LEFT ALERTER) self.assertIn("UNSUPPORTED_ARN-AWS::IAM::", get_id("StepFunctionsIamRole")) # top.assert_relation(relations, sfn_id, get_id('StepFunctionsIamRole')) self.assertEqual(len(topology[0]["relations"]), 26) top.assert_all_checked(components, relations, unchecked_relations=2)
def test_process_apigateway(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] api_arn = "arn:aws:execute-api:eu-west-1:731070500579:api_1" stage_arn_prefix = "arn:aws:execute-api:eu-west-1:731070500579:api_1/stage{}" resource_arn_prefix = "arn:aws:execute-api:eu-west-1:731070500579:api_1/stage{}/*/hello" method_arn_prefix = "arn:aws:execute-api:eu-west-1:731070500579:api_1/stage{}/{}/hello" lambda_arn_prefix = "arn:aws:lambda:eu-west-1:731070500579:function:{}" sqs_arn = "arn:aws:sqs:eu-west-1:508573134510:STS_stackpack_test" # we have 2 stages for n in range(0, 2): # each state has 1 stage + 5 methods + 1 resource + 1 integration = 8*2 = 16 components # stage comp = top.assert_component( components, stage_arn_prefix.format(n + 1), "aws.apigateway.stage", checks={ "RestApiName": "api_1", "CW.Dimensions": [ { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) if n == 0: self.assertEqual(comp["data"]["Tags"]["StageTagKey1"], "StageTagValue1") # resource top.assert_component( components, resource_arn_prefix.format(n + 1), "aws.apigateway.resource", checks={ "Path": "/hello", "CW.Dimensions": [ { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "DELETE"), "aws.apigateway.method", checks={ "HttpMethod": "DELETE", "CW.Dimensions": [ { "Key": "Method", "Value": "DELETE" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "GET"), "aws.apigateway.method", checks={ "HttpMethod": "GET", "CW.Dimensions": [ { "Key": "Method", "Value": "GET" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "PATCH"), "aws.apigateway.method", checks={ "HttpMethod": "PATCH", "CW.Dimensions": [ { "Key": "Method", "Value": "PATCH" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "POST"), "aws.apigateway.method", checks={ "HttpMethod": "POST", "CW.Dimensions": [ { "Key": "Method", "Value": "POST" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component(components, "urn:service:/84.35.236.89", "aws.apigateway.method.http.integration") top.assert_component( components, method_arn_prefix.format(n + 1, "PUT"), "aws.apigateway.method", checks={ "HttpMethod": "PUT", "CW.Dimensions": [ { "Key": "Method", "Value": "PUT" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component(components, api_arn, "aws.apigateway") # we have 2 stages relations = topology[0]["relations"] for n in range(1, 3): top.assert_relation(relations, api_arn, stage_arn_prefix.format(n), "has resource") top.assert_relation(relations, stage_arn_prefix.format(n), resource_arn_prefix.format(n), "uses service") top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "PATCH"), "uses service") top.assert_relation(relations, method_arn_prefix.format(n, "PATCH"), sqs_arn, "uses service") top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "PUT"), "uses service") top.assert_relation( relations, method_arn_prefix.format(n, "PUT"), lambda_arn_prefix.format("PutHello-1LUD3ESBOR6EY"), "uses service", ) top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "POST"), "uses service") top.assert_relation(relations, method_arn_prefix.format(n, "POST"), "urn:service:/84.35.236.89", "uses service") top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "GET"), "uses service") top.assert_relation( relations, method_arn_prefix.format(n, "GET"), lambda_arn_prefix.format("GetHello-1CZ5O92284Z69"), "uses service", ) top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "DELETE"), "uses service") top.assert_relation( relations, method_arn_prefix.format(n, "DELETE"), lambda_arn_prefix.format("DeleteHello-1LDFJCU54ZL5"), "uses service", ) top.assert_all_checked(components, relations, unchecked_components=1)
def test_process_rds(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # cluster top.assert_component( components, "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "aws.rds_cluster", checks={ "DBClusterArn": "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "Name": "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "CW.Dimensions": [{ "Key": "DBClusterIdentifier", "Value": "productiondatabasecluster" }], "Tags.testing": "test", }, ) # instance 1 top.assert_component( components, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "aws.rds_instance", ) # instance 2 top.assert_component( components, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "aws.rds_instance", checks={ "DBInstanceIdentifier": "productiondatabase-eu-west-1c", "Name": "productiondatabase-eu-west-1c", "CW.Dimensions": [{ "Key": "DBInstanceIdentifier", "Value": "productiondatabase-eu-west-1c" }], "URN": [ "urn:endpoint:/productiondatabase-eu-west-1c.cdnm1uvvpdkc.eu-west-1.rds.amazonaws.com" ], }, ) # cluster <-> instance-1 top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "has_cluster_node", ) # cluster <-> instance-2 top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "has_cluster_node", ) # instance-1 <-> vpc top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "vpc-6b25d10e", "uses service") # instance-1 <-> security group top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "sg-053ecf78", "uses service") # instance-1 <-> vpc top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "vpc-6b25d10e", "uses service", ) # instance-1 <-> security group top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "sg-053ecf78", "uses service", ) top.assert_all_checked(components, relations)