def test_generate_s3_events(): """CLI - Terraform S3 Events with Valid Buckets""" cluster_dict = _common.infinitedict() result = s3_events.generate_s3_events('advanced', cluster_dict, CONFIG) expected_config = { 'module': { 's3_events_unit-test-bucket_data': { 'source': 'modules/tf_stream_alert_s3_events', 'lambda_function_arn': '${module.stream_alert_advanced.lambda_arn}', 'bucket_id': 'unit-test-bucket.data', 'enable_events': True, 'lambda_role_id': '${module.stream_alert_advanced.lambda_role_id}', }, 's3_events_unit-test_cloudtrail_data': { 'source': 'modules/tf_stream_alert_s3_events', 'lambda_function_arn': '${module.stream_alert_advanced.lambda_arn}', 'bucket_id': 'unit-test.cloudtrail.data', 'enable_events': False, 'lambda_role_id': '${module.stream_alert_advanced.lambda_role_id}', } } } assert_true(result) assert_equal(cluster_dict, expected_config)
def test_generate_s3_events(): """CLI - Terraform S3 Events with Valid Bucket""" cluster_dict = _common.infinitedict() CONFIG['clusters']['advanced']['modules']['s3_events'] = { 's3_bucket_id': 'unit-test-bucket.data' } result = s3_events.generate_s3_events('advanced', cluster_dict, CONFIG) expected_config = { 'module': { 's3_events_advanced': { 'source': 'modules/tf_stream_alert_s3_events', 'lambda_function_arn': '${module.stream_alert_advanced.lambda_arn}', 'lambda_function_name': 'unit-testing_advanced_stream_alert_processor', 's3_bucket_id': 'unit-test-bucket.data', 's3_bucket_arn': 'arn:aws:s3:::unit-test-bucket.data', 'lambda_role_id': '${module.stream_alert_advanced.lambda_role_id}', 'lambda_role_arn': '${module.stream_alert_advanced.lambda_role_arn}' } } } assert_true(result) assert_equal(cluster_dict, expected_config)
def test_generate_s3_events(): """CLI - Terraform - S3 Events with Valid Buckets""" cluster_dict = common.infinitedict() result = s3_events.generate_s3_events('advanced', cluster_dict, CONFIG) expected_config = { 'module': { 's3_events_unit-testing_advanced_0': { 'source': 'modules/tf_stream_alert_s3_events', 'lambda_function_arn': '${module.stream_alert_advanced.lambda_arn}', 'bucket_id': 'unit-test-bucket.data', 'notification_id': 'advanced_0', 'enable_events': True, 'lambda_role_id': '${module.stream_alert_advanced.lambda_role_id}', 'filter_suffix': '.log', 'filter_prefix': 'AWSLogs/123456789/CloudTrail/us-east-1/' }, 's3_events_unit-testing_advanced_1': { 'source': 'modules/tf_stream_alert_s3_events', 'lambda_function_arn': '${module.stream_alert_advanced.lambda_arn}', 'bucket_id': 'unit-test.cloudtrail.data', 'enable_events': False, 'notification_id': 'advanced_1', 'lambda_role_id': '${module.stream_alert_advanced.lambda_role_id}', 'filter_suffix': '', 'filter_prefix': '' } } } assert_true(result) assert_equal(cluster_dict, expected_config)
def test_generate_s3_events_invalid_bucket(mock_logging): """CLI - Terraform - S3 Events with Missing Bucket Key""" cluster_dict = common.infinitedict() CONFIG['clusters']['advanced']['modules']['s3_events'] = [{'wrong_key': 'my-bucket!!!'}] result = s3_events.generate_s3_events('advanced', cluster_dict, CONFIG) assert_true(mock_logging.error.called) assert_false(result)
def generate_cluster(**kwargs): """Generate a StreamAlert cluster file. Keyword Args: cluster_name (str): The name of the currently generating cluster config (dict): The loaded config from the 'conf/' directory Returns: dict: generated Terraform cluster dictionary """ config = kwargs.get('config') cluster_name = kwargs.get('cluster_name') modules = config['clusters'][cluster_name]['modules'] cluster_dict = infinitedict() if not generate_stream_alert(cluster_name, cluster_dict, config): return generate_cloudwatch_metric_filters(cluster_name, cluster_dict, config) generate_cloudwatch_metric_alarms(cluster_name, cluster_dict, config) if modules.get('cloudwatch_monitoring', {}).get('enabled'): if not generate_monitoring(cluster_name, cluster_dict, config): return if modules.get('kinesis'): if not generate_kinesis_streams(cluster_name, cluster_dict, config): return outputs = config['clusters'][cluster_name].get('outputs') if outputs: if not generate_outputs(cluster_name, cluster_dict, config): return if modules.get('kinesis_events'): if not generate_kinesis_events(cluster_name, cluster_dict, config): return cloudtrail_info = modules.get('cloudtrail') if cloudtrail_info: if not generate_cloudtrail(cluster_name, cluster_dict, config): return flow_log_info = modules.get('flow_logs') if flow_log_info: if not generate_flow_logs(cluster_name, cluster_dict, config): return s3_events_info = modules.get('s3_events') if s3_events_info: if not generate_s3_events(cluster_name, cluster_dict, config): return generate_app_integrations(cluster_name, cluster_dict, config) return cluster_dict
def generate_cluster(config, cluster_name): """Generate a StreamAlert cluster file. Args: config (dict): The loaded config from the 'conf/' directory cluster_name (str): The name of the currently generating cluster Returns: dict: generated Terraform cluster dictionary """ modules = config['clusters'][cluster_name]['modules'] cluster_dict = infinitedict() generate_classifier(cluster_name, cluster_dict, config) generate_cluster_cloudwatch_metric_filters(cluster_name, cluster_dict, config) generate_cluster_cloudwatch_metric_alarms(cluster_name, cluster_dict, config) if modules.get('cloudwatch_monitoring', {}).get('enabled'): if not generate_monitoring(cluster_name, cluster_dict, config): return if modules.get('kinesis'): if not generate_kinesis_streams(cluster_name, cluster_dict, config): return outputs = config['clusters'][cluster_name].get('outputs') if outputs: if not generate_outputs(cluster_name, cluster_dict, config): return if modules.get('kinesis_events'): if not generate_kinesis_events(cluster_name, cluster_dict, config): return if modules.get('cloudtrail'): if not generate_cloudtrail(cluster_name, cluster_dict, config): return if modules.get('cloudwatch'): if not generate_cloudwatch(cluster_name, cluster_dict, config): return if modules.get('flow_logs'): if not generate_flow_logs(cluster_name, cluster_dict, config): return if modules.get('s3_events'): if not generate_s3_events(cluster_name, cluster_dict, config): return generate_apps(cluster_name, cluster_dict, config) return cluster_dict
def test_generate_s3_events_legacy(): """CLI - Terraform - S3 Events - Legacy""" cluster_dict = common.infinitedict() CONFIG['clusters']['test']['modules']['s3_events'] = { 's3_bucket_id': 'unit-test-bucket.legacy.data' } result = s3_events.generate_s3_events('test', cluster_dict, CONFIG) assert_true(result) assert_equal(CONFIG['clusters']['test']['modules']['s3_events'], [{ 'bucket_id': 'unit-test-bucket.legacy.data' }])