def test_process_redshift(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] top.assert_component( components, "arn:aws:redshift:eu-west-1:731070500579:cluster:redshift-cluster-1", "aws.redshift.cluster", checks={ "Name": "redshift-cluster-1", "Tags.OrganizationalUnit": "Testing", "URN": [ "arn:aws:redshift:eu-west-1:731070500579:cluster:redshift-cluster-1" ], }, ) top.assert_relation( relations, "arn:aws:redshift:eu-west-1:731070500579:cluster:redshift-cluster-1", "vpc-c6d073bf", "uses-service", ) top.assert_all_checked(components, relations)
def test_process_ec2_subnets(self): self.check.run() self.assert_executed_ok() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] comp = top.assert_component( components, "subnet-9e4be5f9", "aws.subnet", checks={ "SubnetId": "subnet-9e4be5f9", "Tags.Name": "demo-deployments", "URN": ["arn:aws:ec2:{}:731070500579:subnet/{}".format("eu-west-1", "subnet-9e4be5f9")], "Name": "demo-deployments-eu-west-1a", }, ) self.assert_location_info(comp) comp = top.assert_component( components, "subnet-12345678", "aws.subnet", checks={"SubnetId": "subnet-12345678", "Name": "subnet-12345678-eu-west-1a"}, ) top.assert_relation(relations, "subnet-9e4be5f9", "vpc-6b25d10e", "uses service") top.assert_relation(relations, "subnet-12345678", "vpc-6b25d10e", "uses service") top.assert_all_checked(components, relations)
def test_process_cloudformation_stack_relations(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] stack1 = ( "arn:aws:cloudformation:eu-west-1:731070500579:stack/stackstate-topo-publisher/" + "71ea3f80-9919-11e9-a261-0a99a68566c4" ) stack2 = ( "arn:aws:cloudformation:eu-west-1:731070500579:stack/stackstate-topo-cwevents/" + "077bd960-9919-11e9-adb7-02135cc8443e" ) top.assert_component( components, stack1, "aws.cloudformation.stack", checks={"LastUpdatedTime": "2019-06-27T20:23:43.548Z", "StackName": "stackstate-topo-publisher"}, ) top.assert_component( components, stack2, "aws.cloudformation.stack", checks={"LastUpdatedTime": "2019-06-27T20:20:45.336Z", "StackName": "stackstate-topo-cwevents"}, ) top.assert_relation(relations, stack2, stack1, "has-resource") top.assert_all_checked(components, relations)
def test_process_sns(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] base_target_id = "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-sam-seed-" top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-1", base_target_id + "TopicHandler-11EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-2", base_target_id + "TopicHandler-21EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", base_target_id + "TopicHandler-31EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", base_target_id + "TopicHandler-41EWA2GN9YNLL", "uses-service", ) top.assert_relation( relations, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", "arn:aws:sqs:eu-west-1:731070500579:STS_stackpack_test", "uses-service", ) top.assert_component( components, "arn:aws:sns:eu-west-1:731070500579:my-topic-1", "aws.sns.topic", checks={ "TopicArn": "arn:aws:sns:eu-west-1:731070500579:my-topic-1", "Name": "my-topic-1", "Tags.SnsTagKey": "SnsTagValue", "CW.Dimensions": [{"Key": "TopicName", "Value": "my-topic-1"}], }, ) self.assert_location_info(topology[0]["components"][0]) top.assert_component(components, "arn:aws:sns:eu-west-1:731070500579:my-topic-2", "aws.sns.topic") top.assert_component(components, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", "aws.sns.topic") top.assert_component(components, "arn:aws:sns:eu-west-1:731070500579:my-topic-4", "aws.sns.topic") top.assert_all_checked(components, relations)
def test_process_elb(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] events = aggregator.events self.assertEqual(len(events), 2) # TODO nothing is checked on the events top.assert_component( components, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "aws.elb_classic", { "LoadBalancerName": "classic-loadbalancer-1", "Tags.stackstate-environment": "Production", "URN": [ "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1" ], }, ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "vpc-6b25d10e", "uses service", ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "sg-193aec7c", "uses service", ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "i-09388d5bfc0ab9e78", "uses service", ) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:123456789012:loadbalancer/classic-loadbalancer-1", "i-05b20853cc72c23c4", "uses service", ) top.assert_all_checked(components, relations)
def test_process_ec2_vpn_gateways(self): self.check.run() self.assert_executed_ok() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] comp = top.assert_component( components, "vgw-b8c2fccc", "aws.vpngateway", checks={ "VpnGatewayId": "vgw-b8c2fccc", }, ) self.assert_location_info(comp) top.assert_relation(relations, "vgw-b8c2fccc", "vpc-6b25d10e", "uses service") top.assert_all_checked(components, relations)
def test_process_s3(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] target_id = ( "arn:aws:lambda:eu-west-1:731070500579:" + "function:com-stackstate-prod-s-NotifyBucketEventsHandle-1W0B5NSZYJ3G1" ) top.assert_component( components, "arn:aws:s3:::stackstate.com", "aws.s3.bucket", checks={ "Name": "stackstate.com", "Tags.BucketTag": "TagValue", "BucketLocation": "eu-west-1" }, ) self.assert_location_info(topology[0]["components"][0]) top.assert_component(components, "arn:aws:s3:::binx.io", "aws.s3.bucket", checks={"Name": "binx.io"}) top.assert_component(components, "arn:aws:s3:::notags", "aws.s3.bucket", checks={ "Name": "notags", "Tags": {}, "BucketLocation": "eu-west-1" }) top.assert_relation( relations, "arn:aws:s3:::stackstate.com", target_id, "uses-service", checks={"event_type": "s3:ObjectCreated:*"}, ) top.assert_relation(relations, "arn:aws:s3:::binx.io", target_id, "uses-service", checks={"event_type": "s3:ObjectRemoved:*"}) top.assert_relation(relations, "arn:aws:s3:::notags", target_id, "uses-service", checks={"event_type": "s3:ObjectCreated:*"}) top.assert_all_checked(components, relations)
def test_process_service_discovery(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "Z08264772EZNA9MYBM2OH", "uses service", ) top.assert_relation( relations, "i-1234567890123456", "Z08264772EZNA9MYBM2OH", "uses service", ) top.assert_all_checked(components, relations)
def test_process_autoscaling(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() # TODO this needs to be fixed in go, delete_ids need to be passed topology[0]["delete_ids"] = self.check.delete_ids components = topology[0]["components"] relations = topology[0]["relations"] group_arn = ( "arn:aws:autoscaling:eu-west-1:731070500579:" + "autoScalingGroup:e1155c2b-016a-40ad-8cba-2423c349574b:" + "autoScalingGroupName/awseb-e-gwhbyckyjq-stack-AWSEBAutoScalingGroup-35ZMDUKHPCUM" ) comp = top.assert_component( components, "awseb-e-gwhbyckyjq-stack-AWSEBAutoScalingGroup-35ZMDUKHPCUM", "aws.autoscaling", checks={ "AutoScalingGroupARN": group_arn, "Name": "awseb-e-gwhbyckyjq-stack-AWSEBAutoScalingGroup-35ZMDUKHPCUM", "URN": [group_arn] }, ) self.assert_location_info(comp) top.assert_relation( relations, "arn:aws:elasticloadbalancing:eu-west-1:731070500579:loadbalancer/awseb-e-g-AWSEBLoa-1WTFTHM4EDGUX", group_arn, "uses service", ) top.assert_relation(relations, group_arn, "i-063c119ff97e71b82", "uses service") top.assert_relation(relations, group_arn, "i-0928b13f776ba8e76", "uses service") top.assert_relation(relations, group_arn, "i-0ed02eb3eab5399fb", "uses service") self.assertEqual(len(topology[0]["delete_ids"]), 3) top.assert_all_checked(components, relations)
def test_process_firehose(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] firehose_arn_prefix = "arn:aws:firehose:eu-west-1:548105126730:deliverystream/" top.assert_component( components, firehose_arn_prefix + "firehose_1", "aws.firehose.delivery-stream", checks={ "Name": "firehose_1", "DeliveryStreamARN": firehose_arn_prefix + "firehose_1", "Tags.SomeKey": "SomeValue", "CW.Dimensions": [{ "Key": "DeliveryStreamName", "Value": "firehose_1" }], }, ) top.assert_component( components, firehose_arn_prefix + "firehose_2", "aws.firehose.delivery-stream", checks={ "Name": "firehose_2", "DeliveryStreamARN": firehose_arn_prefix + "firehose_2", "CW.Dimensions": [{ "Key": "DeliveryStreamName", "Value": "firehose_2" }], }, ) top.assert_relation( relations, "arn:aws:kinesis:eu-west-1:548105126730:stream/stream_1", firehose_arn_prefix + "firehose_1", "uses-service", ) top.assert_relation(relations, firehose_arn_prefix + "firehose_1", "arn:aws:s3:::firehose-bucket_1", "uses-service") top.assert_relation(relations, firehose_arn_prefix + "firehose_2", "arn:aws:s3:::firehose-bucket_2", "uses-service") top.assert_all_checked(components, relations)
def test_process_elbv2(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] instance_a = "i-0a7182087df63a90b" instance_b = "i-0d857740370079c95" instance_c = 'i-12345678901234567' instance_d = 'i-23456789012345678' prefix = "arn:aws:elasticloadbalancing:eu-west-1:731070500579:" # LoadBalancer top.assert_component( components, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", "aws.elb-v2.application-load-balancer", ) top.assert_component( components, prefix + 'loadbalancer/app/mysecondloadbalancer/1234567890abcde0', 'aws.elb-v2.application-load-balancer') # TargetGroup top.assert_component( components, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "aws.elb-v2.target-group") top.assert_component( components, prefix + 'targetgroup/mysecondtargetgroup/1234567890abcde0', 'aws.elb-v2.target-group') # ELB Target Group Instances top.assert_component(components, "urn:aws/target-group-instance/" + instance_a, "aws.elb-v2.target-group-instance") top.assert_component(components, "urn:aws/target-group-instance/" + instance_b, "aws.elb-v2.target-group-instance") top.assert_component(components, 'urn:aws/target-group-instance/' + instance_c, 'aws.elb-v2.target-group-instance') top.assert_component(components, 'urn:aws/target-group-instance/' + instance_d, 'aws.elb-v2.target-group-instance') # LoadBalancer <-> TargetGroup top.assert_relation( relations, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "uses-service", ) top.assert_relation( relations, prefix + 'loadbalancer/app/mysecondloadbalancer/1234567890abcde0', prefix + 'targetgroup/mysecondtargetgroup/1234567890abcde0', 'uses-service') # Load Balancer A and Target Group A relationship test top.assert_relation( relations, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "urn:aws/target-group-instance/" + instance_a, "uses-service", ) top.assert_relation( relations, prefix + 'targetgroup/mysecondtargetgroup/1234567890abcde0', 'urn:aws/target-group-instance/' + instance_c, 'uses-service') # Load Balancer B and Target Group B relationship test top.assert_relation( relations, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "urn:aws/target-group-instance/" + instance_b, "uses-service") top.assert_relation( relations, prefix + 'targetgroup/mysecondtargetgroup/1234567890abcde0', 'urn:aws/target-group-instance/' + instance_d, "uses-service") # LoadBalancer <-> SecurityGroup top.assert_relation( relations, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", "sg-193aec7c", "uses-service") top.assert_relation( relations, prefix + 'loadbalancer/app/mysecondloadbalancer/1234567890abcde0', 'sg-193aec7c', 'uses-service') "uses-service" # LoadBalancer <-> Vpc top.assert_relation( relations, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", "vpc-6b25d10e", "uses-service") top.assert_relation( relations, prefix + 'loadbalancer/app/mysecondloadbalancer/1234567890abcde0', 'vpc-6b25d10e', 'uses-service') # TargetGroup <-> Vpc top.assert_relation( relations, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "vpc-6b25d10e", "uses-service") top.assert_all_checked(components, relations)
def test_process_stepfunctions(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] names = resource("json/cloudformation/names.json" ) # TODO move file to stepfunctions (=snapshot) def get_id(name, region="eu-west-1", stack="stackstate-main-account-main-region"): account = "548105126730" res = names.get(account + "|" + region + "|" + stack + "|" + name) if res: if not res["id"].startswith("arn:aws:"): arn = type_arn.get(res["type"]) if arn: return arn(region=region, account_id=account, resource_id=res["id"]) else: return "UNSUPPORTED_ARN-" + res["type"] + "-" + res[ "id"] else: return res["id"] sfn_id = get_id("StepFunctionsStateMachine") top.assert_component(components, sfn_id, "aws.stepfunction.statemachine") top.assert_component(components, get_id("StepFunctionsActivity"), "aws.stepfunction.activity") state_names = [ "Activity", "ApiMap", "ApiGateway", "FakeChoice", "FakeInput", "Finish", "NoFinish", "ParallelRun", "ECS", "SNS", "SQS", "SQSSecondaryRegion", "DynamoDB", "Lambda", "LambdaOldVersion", ] for state_name in state_names: top.assert_component(components, sfn_id + ":state/" + state_name, "aws.stepfunction.state") # starting state top.assert_relation(relations, sfn_id, sfn_id + ":state/ParallelRun", "uses service") # parallel branch 1 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/ECS", "uses service") # parallel branch 2 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/SNS", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/SNS", sfn_id + ":state/SQS", "uses service") top.assert_relation(relations, sfn_id + ":state/SQS", sfn_id + ":state/SQSSecondaryRegion", "uses service") # parallel branch 3 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/Lambda", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/Lambda", sfn_id + ":state/LambdaOldVersion", "uses service") top.assert_relation(relations, sfn_id + ":state/LambdaOldVersion", sfn_id + ":state/DynamoDB", "uses service") top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/FakeInput", "uses service") # iterator top.assert_relation(relations, sfn_id + ":state/FakeInput", sfn_id + ":state/ApiMap", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/ApiMap", sfn_id + ":state/ApiGateway", "uses service") # choice top.assert_relation(relations, sfn_id + ":state/ApiMap", sfn_id + ":state/FakeChoice", "uses service") if True: top.assert_relation(relations, sfn_id + ":state/FakeChoice", sfn_id + ":state/Finish", "uses service") top.assert_relation(relations, sfn_id + ":state/FakeChoice", sfn_id + ":state/Activity", "uses service") # last top.assert_relation(relations, sfn_id + ":state/Activity", sfn_id + ":state/NoFinish", "uses service") # 15 states top.assert_relation(relations, sfn_id + ":state/SNS", get_id("SnsTopic"), "uses service") top.assert_relation(relations, sfn_id + ":state/SQS", get_id("SqsQueue"), "uses service") top.assert_relation( relations, sfn_id + ":state/SQSSecondaryRegion", get_id("SqsQueue", stack="stackstate-main-account-secondary-region", region="us-east-1"), "uses service", ) top.assert_relation(relations, sfn_id + ":state/DynamoDB", get_id("DynamoDbTable"), "uses service") # TODO ApiGatewayV2 not yet supported (SO RELATION LEFT ALERTER) # TODO also verify if this is OK to refer to the API stage here? self.assertIn("UNSUPPORTED_ARN-AWS::ApiGatewayV2::", get_id("ApiGatewayApi") + "/test") # top.assert_relation(relations, sfn_id + ':state/ApiGateway', get_id('ApiGatewayApi') + '/test') top.assert_relation(relations, sfn_id + ":state/Lambda", get_id("LambdaFunction"), "uses service") top.assert_relation(relations, sfn_id + ":state/LambdaOldVersion", get_id("LambdaFunction"), "uses service") top.assert_relation(relations, sfn_id + ":state/ECS", get_id("EcsTaskDefinition"), "uses service") top.assert_relation(relations, sfn_id + ":state/ECS", get_id("EcsCluster"), "uses service") top.assert_relation(relations, sfn_id + ":state/Activity", get_id("StepFunctionsActivity"), "uses service") # TODO IAM not yet supported (SO RELATION LEFT ALERTER) self.assertIn("UNSUPPORTED_ARN-AWS::IAM::", get_id("StepFunctionsIamRole")) # top.assert_relation(relations, sfn_id, get_id('StepFunctionsIamRole')) self.assertEqual(len(topology[0]["relations"]), 26) top.assert_all_checked(components, relations, unchecked_relations=2)
def test_process_apigateway(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] api_arn = "arn:aws:execute-api:eu-west-1:731070500579:api_1" stage_arn_prefix = "arn:aws:execute-api:eu-west-1:731070500579:api_1/stage{}" resource_arn_prefix = "arn:aws:execute-api:eu-west-1:731070500579:api_1/stage{}/*/hello" method_arn_prefix = "arn:aws:execute-api:eu-west-1:731070500579:api_1/stage{}/{}/hello" lambda_arn_prefix = "arn:aws:lambda:eu-west-1:731070500579:function:{}" sqs_arn = "arn:aws:sqs:eu-west-1:508573134510:STS_stackpack_test" # we have 2 stages for n in range(0, 2): # each state has 1 stage + 5 methods + 1 resource + 1 integration = 8*2 = 16 components # stage comp = top.assert_component( components, stage_arn_prefix.format(n + 1), "aws.apigateway.stage", checks={ "RestApiName": "api_1", "CW.Dimensions": [ { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) if n == 0: self.assertEqual(comp["data"]["Tags"]["StageTagKey1"], "StageTagValue1") # resource top.assert_component( components, resource_arn_prefix.format(n + 1), "aws.apigateway.resource", checks={ "Path": "/hello", "CW.Dimensions": [ { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "DELETE"), "aws.apigateway.method", checks={ "HttpMethod": "DELETE", "CW.Dimensions": [ { "Key": "Method", "Value": "DELETE" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "GET"), "aws.apigateway.method", checks={ "HttpMethod": "GET", "CW.Dimensions": [ { "Key": "Method", "Value": "GET" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "PATCH"), "aws.apigateway.method", checks={ "HttpMethod": "PATCH", "CW.Dimensions": [ { "Key": "Method", "Value": "PATCH" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component( components, method_arn_prefix.format(n + 1, "POST"), "aws.apigateway.method", checks={ "HttpMethod": "POST", "CW.Dimensions": [ { "Key": "Method", "Value": "POST" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component(components, "urn:service:/84.35.236.89", "aws.apigateway.method.http.integration") top.assert_component( components, method_arn_prefix.format(n + 1, "PUT"), "aws.apigateway.method", checks={ "HttpMethod": "PUT", "CW.Dimensions": [ { "Key": "Method", "Value": "PUT" }, { "Key": "Resource", "Value": "/hello" }, { "Key": "Stage", "Value": "stage{}".format(n + 1) }, { "Key": "ApiName", "Value": "api_1" }, ], }, ) top.assert_component(components, api_arn, "aws.apigateway") # we have 2 stages relations = topology[0]["relations"] for n in range(1, 3): top.assert_relation(relations, api_arn, stage_arn_prefix.format(n), "has resource") top.assert_relation(relations, stage_arn_prefix.format(n), resource_arn_prefix.format(n), "uses service") top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "PATCH"), "uses service") top.assert_relation(relations, method_arn_prefix.format(n, "PATCH"), sqs_arn, "uses service") top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "PUT"), "uses service") top.assert_relation( relations, method_arn_prefix.format(n, "PUT"), lambda_arn_prefix.format("PutHello-1LUD3ESBOR6EY"), "uses service", ) top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "POST"), "uses service") top.assert_relation(relations, method_arn_prefix.format(n, "POST"), "urn:service:/84.35.236.89", "uses service") top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "GET"), "uses service") top.assert_relation( relations, method_arn_prefix.format(n, "GET"), lambda_arn_prefix.format("GetHello-1CZ5O92284Z69"), "uses service", ) top.assert_relation(relations, resource_arn_prefix.format(n), method_arn_prefix.format(n, "DELETE"), "uses service") top.assert_relation( relations, method_arn_prefix.format(n, "DELETE"), lambda_arn_prefix.format("DeleteHello-1LDFJCU54ZL5"), "uses service", ) top.assert_all_checked(components, relations, unchecked_components=1)
def test_process_dynamodb(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # table_1 top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1", "aws.dynamodb.table", checks={ "TableArn": "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1", "Name": "table_1", "CW.Dimensions": [{ "Key": "TableName", "Value": "table_1" }], }, ) # table_1.stream top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1/stream/2018-05-17T08:09:27.110", "aws.dynamodb.streams", checks={ "LatestStreamArn": "arn:aws:dynamodb:eu-west-1:731070500579:" + "table/table_1/stream/2018-05-17T08:09:27.110", "Name": "table_1/stream/2018-05-17T08:09:27.110", "CW.Dimensions": [ { "Key": "TableName", "Value": "table_1" }, { "Key": "StreamLabel", "Value": "2018-05-17T08:09:27.110" }, ], }, ) # table_1 <-> stream top.assert_relation( relations, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1", "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1/stream/2018-05-17T08:09:27.110", "uses-service", ) top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_2", "aws.dynamodb.table") top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_3", "aws.dynamodb.table") top.assert_component( components, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_4", "aws.dynamodb.table") top.assert_all_checked(components, relations)
def test_process_elbv2(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] instance_a = "i-0a7182087df63a90b" instance_b = "i-0d857740370079c95" prefix = "arn:aws:elasticloadbalancing:eu-west-1:731070500579:" # LoadBalancer top.assert_component( components, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", "aws.elb_v2_application") # TargetGroup top.assert_component( components, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "aws.elb_v2_target_group") # ELB Target Group Instance A top.assert_component(components, "urn:aws/target-group-instance/" + instance_a, "aws.elb_v2_target_group_instance") # ELB Target Group Instance B top.assert_component(components, "urn:aws/target-group-instance/" + instance_b, "aws.elb_v2_target_group_instance") # LoadBalancer <-> TargetGroup top.assert_relation( relations, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "uses service", ) # Load Balancer A and Target Group A relationship test top.assert_relation( relations, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "urn:aws/target-group-instance/" + instance_a, "uses service", ) # Load Balancer B and Target Group B relationship test top.assert_relation( relations, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "urn:aws/target-group-instance/" + instance_b, "uses service", ) # LoadBalancer <-> SecurityGroup top.assert_relation( relations, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", "sg-193aec7c", "uses service") # LoadBalancer <-> Vpc top.assert_relation( relations, prefix + "loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", "vpc-6b25d10e", "uses service") # TargetGroup <-> Vpc top.assert_relation( relations, prefix + "targetgroup/myfirsttargetgroup/28ddec997ec55d21", "vpc-6b25d10e", "uses service") top.assert_all_checked(components, relations)
def test_process_stepfunctions(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] names = resource("json/cloudformation/names.json" ) # TODO move file to stepfunctions (=snapshot) def get_id(name, region="eu-west-1", stack="stackstate-main-account-main-region"): account = "548105126730" res = names.get(account + "|" + region + "|" + stack + "|" + name) if res: if not res["id"].startswith("arn:aws:"): arn = type_arn.get(res["type"]) if arn: return arn(region=region, account_id=account, resource_id=res["id"]) else: return "UNSUPPORTED_ARN-" + res["type"] + "-" + res[ "id"] else: return res["id"] sfn_id = get_id("StepFunctionsStateMachine") top.assert_component(components, sfn_id, "aws.stepfunction.statemachine") top.assert_component(components, get_id("StepFunctionsActivity"), "aws.stepfunction.activity") state_names = [ "Activity", "ApiMap", "ApiGateway", "FakeChoice", "FakeInput", "Finish", "NoFinish", "ParallelRun", "ECS", "SNS", "SQS", "SQSSecondaryRegion", "DynamoDB", "Lambda", "LambdaOldVersion", ] for state_name in state_names: top.assert_component(components, sfn_id + ":state/" + state_name, "aws.stepfunction.state") # starting state top.assert_relation(relations, sfn_id, sfn_id + ":state/ParallelRun", "uses-service") # parallel branch 1 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/ECS", "uses-service") # parallel branch 2 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/SNS", "uses-service") if True: top.assert_relation(relations, sfn_id + ":state/SNS", sfn_id + ":state/SQS", "uses-service") top.assert_relation(relations, sfn_id + ":state/SQS", sfn_id + ":state/SQSSecondaryRegion", "uses-service") # parallel branch 3 top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/Lambda", "uses-service") if True: top.assert_relation(relations, sfn_id + ":state/Lambda", sfn_id + ":state/LambdaOldVersion", "uses-service") top.assert_relation(relations, sfn_id + ":state/LambdaOldVersion", sfn_id + ":state/DynamoDB", "uses-service") top.assert_relation(relations, sfn_id + ":state/ParallelRun", sfn_id + ":state/FakeInput", "uses-service") # iterator top.assert_relation(relations, sfn_id + ":state/FakeInput", sfn_id + ":state/ApiMap", "uses-service") if True: top.assert_relation(relations, sfn_id + ":state/ApiMap", sfn_id + ":state/ApiGateway", "uses-service") # choice top.assert_relation(relations, sfn_id + ":state/ApiMap", sfn_id + ":state/FakeChoice", "uses-service") if True: top.assert_relation(relations, sfn_id + ":state/FakeChoice", sfn_id + ":state/Finish", "uses-service") top.assert_relation(relations, sfn_id + ":state/FakeChoice", sfn_id + ":state/Activity", "uses-service") # last top.assert_relation(relations, sfn_id + ":state/Activity", sfn_id + ":state/NoFinish", "uses-service") # 15 states top.assert_relation(relations, sfn_id + ":state/SNS", get_id("SnsTopic"), "uses-service") top.assert_relation(relations, sfn_id + ":state/SQS", get_id("SqsQueue"), "uses-service") top.assert_relation( relations, sfn_id + ":state/SQSSecondaryRegion", get_id("SqsQueue", stack="stackstate-main-account-secondary-region", region="us-east-1"), "uses-service", ) top.assert_relation(relations, sfn_id + ":state/DynamoDB", get_id("DynamoDbTable"), "uses-service") # TODO ApiGatewayV2 not yet supported (SO RELATION LEFT ALERTER) # TODO also verify if this is OK to refer to the API stage here? self.assertIn("UNSUPPORTED_ARN-AWS::ApiGatewayV2::", get_id("ApiGatewayApi") + "/test") # top.assert_relation(relations, sfn_id + ':state/ApiGateway', get_id('ApiGatewayApi') + '/test') top.assert_relation(relations, sfn_id + ":state/Lambda", get_id("LambdaFunction"), "uses-service") top.assert_relation(relations, sfn_id + ":state/LambdaOldVersion", get_id("LambdaFunction"), "uses-service") top.assert_relation(relations, sfn_id + ":state/ECS", get_id("EcsTaskDefinition"), "uses-service") top.assert_relation(relations, sfn_id + ":state/ECS", get_id("EcsCluster"), "uses-service") top.assert_relation(relations, sfn_id + ":state/Activity", get_id("StepFunctionsActivity"), "uses-service") # TODO IAM not yet supported (SO RELATION LEFT ALERTER) self.assertIn("UNSUPPORTED_ARN-AWS::IAM::", get_id("StepFunctionsIamRole")) # top.assert_relation(relations, sfn_id, get_id('StepFunctionsIamRole')) # MyStateMachine01 that has malformed StepFunction definition my_state_machine_01 = 'arn:aws:states:eu-west-1:548105126730:stateMachine:MyStateMachine01' top.assert_component(components, my_state_machine_01, 'aws.stepfunction.statemachine') top.assert_component(components, my_state_machine_01 + ':state/SNS', 'aws.stepfunction.state') top.assert_component(components, my_state_machine_01 + ':state/SQS', 'aws.stepfunction.state') top.assert_component(components, my_state_machine_01 + ':state/SQSSecondaryRegion', 'aws.stepfunction.state') top.assert_relation(relations, my_state_machine_01, my_state_machine_01 + ':state/SNS', 'uses-service') top.assert_relation(relations, my_state_machine_01 + ':state/SNS', my_state_machine_01 + ':state/SQS', 'uses-service') top.assert_relation(relations, my_state_machine_01 + ':state/SQS', my_state_machine_01 + ':state/SQSSecondaryRegion', 'uses-service') top.assert_relation( relations, my_state_machine_01, 'arn:aws:iam::548105126730:role/service-role/StepFunctions-MyStateMachine01-role-7191ec4f', 'uses-service') top.assert_relation( relations, my_state_machine_01 + ':state/SNS', 'arn:aws:sns:eu-west-1:548105126730:' 'stackstate-main-account-main-region-SnsTopic-1WPRYH16ZAL14', 'uses-service') top.assert_relation( relations, my_state_machine_01 + ':state/SQSSecondaryRegion', 'arn:aws:sqs:us-east-1:548105126730:' 'stackstate-main-account-secondary-region-SqsQueue-TCLBC173C8R2', 'uses-service') self.assertEqual( self.check.warnings[0], 'SQS URL arn:aws:sqs:eu-west-1:ACCOUNT_NUMBER:SQS_NAME does not match expected regular ' 'expression. Expected URL format starting with `https` was encountered 1 time(s).' ) self.assertEqual(len(topology[0]["relations"]), 32) top.assert_all_checked(components, relations, unchecked_relations=2)
def test_process_flow_logs(self): self.check.run() self.assert_updated_ok() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) components = topology[0]["components"] relations = topology[0]["relations"] self.assertEqual(len(components), 2) self.assertEqual(len(relations), 1) top.assert_component( components, "local/vpc-0305206adbbda9918/10.16.133.15/10.16.5.72", "vpc.request", checks={ "Location": { "AwsAccount": "123456789012", "AwsRegion": "eu-west-1" }, "URN": ["urn:vpcip:vpc-0305206adbbda9918/10.16.133.15"], "tags": ["integration-type:aws-v2", "integration-url:123456789012"], }) top.assert_component( components, "remote/vpc-0305206adbbda9918/10.16.133.15/10.16.5.72", "vpc.request", checks={ "Location": { "AwsAccount": "123456789012", "AwsRegion": "eu-west-1" }, "URN": ["urn:vpcip:vpc-0305206adbbda9918/10.16.5.72"], "tags": ["integration-type:aws-v2", "integration-url:123456789012"], }) top.assert_relation( relations, "local/vpc-0305206adbbda9918/10.16.133.15/10.16.5.72", "remote/vpc-0305206adbbda9918/10.16.133.15/10.16.5.72", "flowlog", checks={ "local_address": "10.16.133.15", "remote_address": "10.16.5.72" }) dels = filter(lambda x: x["operation_name"] == "delete_objects", self.recorder) def get_keys(acc, lst): for obj in lst["parameters"]["Delete"]["Objects"]: acc.append(obj["Key"]) return acc dels = reduce(get_keys, dels, []) self.assertEqual( dels, [ "AWSLogs/120431062118/vpcflowlogs/eu-west-1/2021/04/01/120431062118" "_vpcflowlogs_eu-west-1_fl-0630869f236e76872_20210401T0000Z_ea4b0f55.log.gz", "AWSLogs/120431062118/vpcflowlogs/eu-west-1/2021/06/22/120431062118" "_vpcflowlogs_eu-west-1_fl-0630869f236e76872_20210622T0000Z_ea4b0f55.log.gz", ], ) metric_tags = [ 'source:local/vpc-0305206adbbda9918/10_16_133_15/10_16_5_72', 'target:remote/vpc-0305206adbbda9918/10_16_133_15/10_16_5_72' ] aggregator.assert_metric('aws.flowlog.bytes_sent', 52.0, tags=metric_tags) aggregator.assert_metric('aws.flowlog.bytes_sent_per_second', 26.0, tags=metric_tags) aggregator.assert_metric('aws.flowlog.bytes_received', 0.0, tags=metric_tags) aggregator.assert_metric('aws.flowlog.bytes_received_per_second', 0.0, tags=metric_tags)
def test_process_cloudformation(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] stacks = list( filter(lambda x: x["type"] == "aws.cloudformation.stack", components)) self.assertEqual(len(stacks), 2) # total relations should be 14 + 1 relations = list( filter( lambda x: x["type"] == "has-resource" and x["source_id"]. startswith("arn:aws:cloudformation"), topology[0]["relations"], )) source_id = relations[0]["source_id"] # assert for lambda function relation top.assert_relation( relations, source_id, "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-sam-seed-PutHello-1LUD3ESBOR6EY", "has-resource", ) # assert for kinesis stream relation top.assert_relation( relations, source_id, "arn:aws:kinesis:eu-west-1:731070500579:stream/stream_1", "has-resource") # assert for s3 bucket relation top.assert_relation(relations, source_id, "arn:aws:s3:::stackstate.com", "has-resource") # assert for api_stage relation top.assert_relation( relations, source_id, "arn:aws:execute-api:eu-west-1:731070500579:api_1", "has-resource") # assert for loadbalancer relation top.assert_relation( relations, source_id, "arn:aws:elasticloadbalancing:eu-west-1:731070500579:loadbalancer/app/myfirstloadbalancer/90dd512583d2d7e9", "has-resource", ) # assert for target group relation top.assert_relation( relations, source_id, "arn:aws:elasticloadbalancing:eu-west-1:731070500579:targetgroup/myfirsttargetgroup/28ddec997ec55d21", "has-resource", ) # assert for autoscaling group relation top.assert_relation( relations, source_id, "awseb-e-gwhbyckyjq-stack-AWSEBAutoScalingGroup-35ZMDUKHPCUM", "has-resource") # assert for elb classic loadbalancer relation top.assert_relation( relations, source_id, "arn:aws:elasticloadbalancing:eu-west-1:731070500579:loadbalancer/classic-loadbalancer-1", "has-resource", ) # assert for rds relation top.assert_relation( relations, source_id, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "has-resource") # assert for sns topic relation top.assert_relation(relations, source_id, "arn:aws:sns:eu-west-1:731070500579:my-topic-3", "has-resource") # assert for sqs queue relation top.assert_relation( relations, source_id, "arn:aws:sqs:eu-west-1:731070500579:STS_stackpack_test", "has-resource") # assert for dynamodb table relation top.assert_relation( relations, source_id, "arn:aws:dynamodb:eu-west-1:731070500579:table/table_3", "has-resource") # assert for ecs cluster relation top.assert_relation( relations, source_id, "arn:aws:ecs:eu-west-1:731070500579:cluster/StackState-ECS-Cluster", "has-resource") # assert for ec2 instance relation top.assert_relation(relations, source_id, "i-1234567890123456", "has-resource") # assert for cloudformation nested stack top.assert_relation( relations, "arn:aws:cloudformation:eu-west-1:731070500579:stack/stackstate-topo-cwevents/" + "077bd960-9919-11e9-adb7-02135cc8443e", source_id, "has-resource", ) top.assert_all_checked(components, relations, unchecked_components=143)
def test_process_ecs(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # default cluster comp = top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:cluster/default", "aws.ecs.cluster", checks={ "Name": "default", "Tags.stackstate-identifier": "sts-ecs-test", "CW.Dimensions": [{ "Key": "ClusterName", "Value": "default" }], }, ) self.assert_location_info(comp) # ECS Cluster top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:cluster/StackState-ECS-Cluster", "aws.ecs.cluster", checks={ "Name": "StackState-ECS-Cluster", "Tags.StackstateIdentifier": "camel-case-id", "CW.Dimensions": [{ "Key": "ClusterName", "Value": "StackState-ECS-Cluster" }], }, ) # service top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "aws.ecs.service", checks={ "Name": "sample-app-service", "CW.Dimensions": [ { "Key": "ClusterName", "Value": "default" }, { "Key": "ServiceName", "Value": "sample-app-service" }, ], "URN": [ "urn:service:/service-sample-app-service-sample-app", "urn:service:/service-sample-app-service-xray-daemon", ], }, ) # task top.assert_component( components, "arn:aws:ecs:eu-west-1:731070500579:task/f89e69d0-0829-48b8-a503-c7b02a62fe9f", "aws.ecs.task", checks={ "Name": "first-run-task-definition:2", "URN": [ "urn:service-instance:/service-sample-app-service-sample-app:/10.0.0.53", "urn:service-instance:/service-sample-app-service-xray-daemon:/10.0.0.54", ], }, ) # default cluster has a service top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:cluster/default", "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "has_cluster_node", ) # service has a task top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "arn:aws:ecs:eu-west-1:731070500579:task/f89e69d0-0829-48b8-a503-c7b02a62fe9f", "has_cluster_node", ) # service has a lb targetgroup top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:service/sample-app-service", "arn:aws:elasticloadbalancing:eu-west-1:731070500579:targetgroup/EC2Co-Defau-7HYSTVRX07KO/a7e4eb718fda7510", "uses service", ) # ECS cluster has an instance top.assert_relation( relations, "arn:aws:ecs:eu-west-1:731070500579:cluster/StackState-ECS-Cluster", "string", "uses_ec2_host") top.assert_all_checked(components, relations)
def test_process_ec2_instances(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] test_instance_id = "i-0f70dba7ea83d6dec" test_instance_type = "m4.xlarge" test_public_ip = "172.30.0.96" test_public_dns = "ec2-172-30-0-96.eu-west-1.compute.amazonaws.com" events = aggregator.events top.assert_component( components, test_instance_id, "aws.ec2.instance", checks={ "InstanceId": test_instance_id, "InstanceType": test_instance_type, "IsNitro": False, "Tags": { "Name": "Martijn's Stackstate", "host": test_instance_id, "instance-id": test_instance_id, "private-ip": test_public_ip, "fqdn": test_public_dns, "public-ip": test_public_ip, }, "URN": [ "urn:host:/{}".format(test_instance_id), "arn:aws:ec2:{}:731070500579:instance/{}".format( "eu-west-1", test_instance_id), "urn:vpcip:vpc-6b25d10e/{}".format(test_public_ip), "urn:host:/{}".format(test_public_dns), "urn:host:/{}".format(test_public_ip), ], }, ) top.assert_relation(relations, test_instance_id, "subnet-67d82910", "uses-service") top.assert_relation(relations, test_instance_id, "sg-41c3cc3b", "uses-service") # nitro instances top.assert_component( components, "i-1234567890123456", "aws.ec2.instance", checks={ "InstanceId": "i-1234567890123456", "InstanceType": "m6gd.medium", "IsNitro": True }, ) top.assert_relation(relations, "i-1234567890123456", "vpc-6b25d10e", "uses-service") top.assert_relation(relations, "i-1234567890123456", "sg-41c3cc3b", "uses-service") self.assertEqual(len(events), 2) self.assertEqual(events[0]["host"], test_instance_id) self.assertEqual(events[0]["tags"], ["state:stopped"]) self.assertEqual(events[1]["host"], "i-1234567890123456") self.assertEqual(events[1]["tags"], ["state:running"]) top.assert_all_checked(components, relations)
def test_process_lambda(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # Function comp = top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-sam-seed-PutHello-1LUD3ESBOR6EY", "aws.lambda", checks={ "FunctionName": "com-stackstate-prod-sam-seed-PutHello-1LUD3ESBOR6EY", "Tags.Group": "StackState" }, ) self.assert_location_info(comp) # lambda sts-xray-test-01 top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01", "aws.lambda") # Lambda sts-xray-test-01 has an alias top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01:old", "aws.lambda.alias", checks={ "Function.FunctionName": "sts-xray-test-01", "Name": "old" }, ) # sts-xray-test-01 has vpcid top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01", "vpc-c6d073bf", "uses service") # alias also has relation with vpcid top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-01:old", "vpc-c6d073bf", "uses service", ) top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-02", "aws.lambda") # Lambda sts-xray-test-02 has an alias top.assert_component( components, "arn:aws:lambda:eu-west-1:731070500579:function:sts-xray-test-02:altnm", "aws.lambda.alias", checks={ "Function.FunctionName": "sts-xray-test-02", "Name": "altnm" }, ) top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-PersonIdDynamoDBHandler-6KMIBXKKKCEZ", "arn:aws:dynamodb:eu-west-1:731070500579:table/table_1/stream/2018-05-17T08:09:27.110", "uses service", ) top.assert_relation( relations, "arn:aws:lambda:eu-west-1:731070500579:function:com-stackstate-prod-PersonCreatedKinesisHand-19T8EJADX2DE", "arn:aws:kinesis:eu-west-1:731070500579:stream/stream_1", "uses service", ) top.assert_all_checked(components, relations)
def test_process_rds(self): self.check.run() topology = [top.get_snapshot(self.check.check_id)] self.assertEqual(len(topology), 1) self.assert_executed_ok() components = topology[0]["components"] relations = topology[0]["relations"] # cluster top.assert_component( components, "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "aws.rds_cluster", checks={ "DBClusterArn": "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "Name": "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "CW.Dimensions": [{ "Key": "DBClusterIdentifier", "Value": "productiondatabasecluster" }], "Tags.testing": "test", }, ) # instance 1 top.assert_component( components, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "aws.rds_instance", ) # instance 2 top.assert_component( components, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "aws.rds_instance", checks={ "DBInstanceIdentifier": "productiondatabase-eu-west-1c", "Name": "productiondatabase-eu-west-1c", "CW.Dimensions": [{ "Key": "DBInstanceIdentifier", "Value": "productiondatabase-eu-west-1c" }], "URN": [ "urn:endpoint:/productiondatabase-eu-west-1c.cdnm1uvvpdkc.eu-west-1.rds.amazonaws.com" ], }, ) # cluster <-> instance-1 top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "has_cluster_node", ) # cluster <-> instance-2 top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:cluster:productiondatabasecluster", "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "has_cluster_node", ) # instance-1 <-> vpc top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "vpc-6b25d10e", "uses service") # instance-1 <-> security group top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase", "sg-053ecf78", "uses service") # instance-1 <-> vpc top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "vpc-6b25d10e", "uses service", ) # instance-1 <-> security group top.assert_relation( relations, "arn:aws:rds:eu-west-1:731070500579:db:productiondatabase-eu-west-1c", "sg-053ecf78", "uses service", ) top.assert_all_checked(components, relations)