def connect_aws_mock():
db_utils.resource_connect()
db_utils.client_connect()
cognito_idp_utils.client_connect()
ses_utils.client_connect()
sns_utils.client_connect()
sts_utils.client_connect()
iam_utils.client_connect()
s3_utils.client_connect()
ec2_utils.resource_connect()
ec2_utils.client_connect()
s3_utils.client_connect()
s3_utils.resource_connect()
step_functions_utils.client_connect()
def test_describe_flow_log_error(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
with patch.object(PmLogAdapter, 'error',
return_value=None) as mock_error:
with patch.object(ec2_client, 'describe_flow_logs') as mock_method:
mock_method.side_effect = ClientError(
{
'Error': {
'Code': data_client_error['service_error_code'],
'Message': data_client_error['service_message']
}
}, 'EXCEPTION')
with self.assertRaises(PmError) as exception:
# Call function test
ec2_utils.describe_flow_logs(trace_id, aws_account,
ec2_client, region_name)
cause_error = exception.exception.cause_error.response['Error']
# Check result
self.assertEqual(data_client_error['service_error_code'],
cause_error['Code'])
self.assertEqual(data_client_error['service_message'],
cause_error['Message'])
mock_error.assert_any_call("[%s/%s] VPCフローログ情報の取得に失敗しました。",
aws_account, region_name)
def test_describe_instances_not_exist(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
# Call function test
actual_instances = ec2_utils.describe_instances(
trace_id, aws_account, ec2_client, region_name)
# Check result
self.assertListEqual([], actual_instances)
def test_describe_vpcs_empty(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
with patch.object(ec2_client, 'describe_vpcs') as mock_method:
mock_method.return_value = {}
actual_describe_vpcs = ec2_utils.describe_vpcs(
trace_id, aws_account, ec2_client, region_name)
self.assertListEqual([], actual_describe_vpcs)
def test_describe_volumes_not_exist(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
# Call function test
with patch.object(ec2_client, 'describe_volumes') as mock_obj:
mock_obj.return_value = {}
actual_volumes = ec2_utils.describe_volumes(
trace_id, aws_account, ec2_client, region_name)
# Check result
self.assertEqual([], actual_volumes)
def test_describe_vpcs_suscess(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
# Call function test
expect_list_vpc = ec2_client.describe_vpcs()['Vpcs']
actual_describe_vpcs = ec2_utils.describe_vpcs(trace_id, aws_account,
ec2_client, region_name)
# Check result
self.assertListEqual(expect_list_vpc, actual_describe_vpcs)
def test_describe_security_groups_not_exist(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
with patch.object(ec2_client,
'describe_security_groups') as mock_method:
mock_method.return_value = {}
# Call function test
actual_security_groups = ec2_utils.describe_security_groups(
trace_id, aws_account, ec2_client, region_name)
# Check result
self.assertListEqual([], actual_security_groups)
def test_describe_not_exist_flow_logs(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
except_result = copy.deepcopy(
DataTestEC2.DATA_DESCRIBE_FLOW_LOGS_EMPTY)
with patch.object(ec2_client, 'describe_flow_logs') as mock_obj:
mock_obj.return_value = except_result
# Call function test
actual_instances = ec2_utils.describe_flow_logs(
trace_id, aws_account, ec2_client, region_name)
# Check result
self.assertListEqual([], actual_instances)
def test_describe_instances_exist_next_token(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
with patch.object(ec2_client, 'describe_instances') as mock_obj:
mock_obj.side_effect = ec2_utils_mock.side_effect_describe_instances
# Call function test
actual_instances = ec2_utils.describe_instances(
trace_id, aws_account, ec2_client, region_name)
# Check result
expect_resual = copy.deepcopy(
DataTestEC2.DATA_CHECK_ALL_DESCRIBE_INSTANCES['Reservations'])
self.assertListEqual(expect_resual, actual_instances)
def test_describe_flow_log_exist_next_token(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
with patch.object(ec2_client, 'describe_flow_logs') as mock_obj:
mock_obj.side_effect = ec2_utils_mock.side_effect_describe_flow_log
# Call function test
actual_instances = ec2_utils.describe_flow_logs(
trace_id, aws_account, ec2_client, region_name)
# Check result
except_result = copy.deepcopy(
DataTestEC2.DATA_CHECK_ALL_DESCRIBE_FLOW_LOGS['FlowLogs'])
self.assertListEqual(except_result, actual_instances)
def test_describe_security_groups_exist_next_token(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
with patch.object(ec2_client, 'describe_security_groups') as mock_obj:
mock_obj.side_effect = ec2_utils_mock.side_effect_describe_security_groups
# Call function test
actual_security_groups = ec2_utils.describe_security_groups(
trace_id, aws_account, ec2_client, region_name)
# Check result
expect_data = copy.deepcopy(
DataTestEC2.
DATA_CHECK_ALL_DESCRIBE_SECURITY_GROUPS['SecurityGroups'])
self.assertListEqual(expect_data, actual_security_groups)
def test_describe_instances_success(self):
# create data mock
ec2_resource_connect = ec2_utils_mock.resource_connect()
ec2_client = ec2_utils_mock.client_connect()
ec2_resource_connect.create_instances(ImageId='',
MinCount=1,
MaxCount=1)
expect_response = ec2_client.describe_instances()
# Call function test
actual_instances = ec2_utils.describe_instances(
trace_id, aws_account, ec2_client, region_name)
# Check result
self.assertListEqual(expect_response['Reservations'], actual_instances)
def test_describe_security_groups_success(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
group_name_test = "group_name_test"
ec2_client.create_security_group(GroupName=group_name_test,
Description='description_test')
expect_describe = ec2_client.describe_security_groups()
# Call function test
actual_security_groups = ec2_utils.describe_security_groups(
trace_id, aws_account, ec2_client, region_name)
# Check result
self.assertListEqual(expect_describe['SecurityGroups'],
actual_security_groups)
def setUp(self):
super().setUp()
global session
global ec2_client_connect
global excluded_resources
# truncate old data in the table
if db_utils.check_table_exist(Tables.PM_EXCLUSION_RESOURCES):
db_utils.delete_table(Tables.PM_EXCLUSION_RESOURCES)
# create pm_userAttribute table
mock_pm_exclusionResources.create_table()
# create record query
# create resource for check code item 1.21
data_pm_exclusion_resources[
'ExclusionResourceID'] = "aa4fee9c-790f-478d-9f5d-7aeef688d541"
data_pm_exclusion_resources['CheckItemCode'] = check_item_code
data_pm_exclusion_resources['RegionName'] = region
data_pm_exclusion_resources['ResourceType'] = resource_type
data_pm_exclusion_resources['ResourceName'] = resource_name_test
data_pm_exclusion_resources['OrganizationID'] = organization_id
data_pm_exclusion_resources['ProjectID'] = project_id
data_pm_exclusion_resources['AWSAccount'] = aws_account
data_pm_exclusion_resources['AccountRefineCode'] = account_refine_code
data_pm_exclusion_resources[
'CheckItemRefineCode'] = check_item_refine_code
mock_pm_exclusionResources.create(data_pm_exclusion_resources)
# create resource for check code item other
data_pm_exclusion_resources[
'ExclusionResourceID'] = "aa4fee9c-790f-478d-9f5d-7aeef688d542"
data_pm_exclusion_resources['CheckItemCode'] = "CHECK_CIS12_ITEM_OTHER"
mock_pm_exclusionResources.create(data_pm_exclusion_resources)
# get data excluded resource
excluded_resources = mock_pm_exclusionResources.query_account_refine_index(
trace_id, account_refine_code)
if not session:
session = sts_utils.create_session()
if not ec2_client_connect:
ec2_client_connect = ec2_utils.client_connect()
def test_get_regions_error(self):
# create data mock
expected_error_response = copy.deepcopy(DataCommon.ERROR_RESPONSE)
expected_operation_name = copy.deepcopy(DataCommon.OPERATION_NAME)
ec2_client_connect = ec2_utils_mock.client_connect()
with patch.object(ec2_client_connect,
'describe_regions') as mock_method:
mock_method.side_effect = ClientError(
error_response=expected_error_response,
operation_name=expected_operation_name)
with self.assertRaises(PmError) as exception:
# Call function test
aws_common.get_regions(trace_id)
# check error
actual_cause_error = exception.exception.cause_error
self.assertEqual(expected_error_response['Error'],
actual_cause_error.response['Error'])
self.assertEqual(expected_operation_name,
actual_cause_error.operation_name)
def side_effect_client(service_name,
region_name=None,
endpoint_url=None,
aws_access_key_id=None,
aws_secret_access_key=None):
if service_name == "cognito-idp":
return cognito_idp_utils.client_connect()
if service_name == "dynamodb":
return db_utils.resource_connect()
if service_name == "ses":
return ses_utils.client_connect()
if service_name == "sts":
return sts_utils.client_connect()
if service_name == "iam":
return iam_utils.client_connect()
if service_name == "s3":
return s3_utils.client_connect()
if service_name == "ec2":
return ec2_utils.client_connect()
if service_name == "s3":
return s3_utils.client_connect()
if service_name == "stepfunctions":
return step_functions_utils.client_connect()
def test_describe_volumes_suscess(self):
# create data mock
ec2_client = ec2_utils_mock.client_connect()
ec2_client.create_volume(
AvailabilityZone=volum_test['AvailabilityZone'],
Encrypted=volum_test['Encrypted'],
Size=volum_test['Size'],
TagSpecifications=volum_test['TagSpecifications'])
# Call function test
actual_volumes = ec2_utils.describe_volumes(trace_id, aws_account,
ec2_client, region_name)
# Check result
self.assertEqual(1, len(actual_volumes))
self.assertEqual(volum_test['Encrypted'],
actual_volumes[0]['Encrypted'])
self.assertEqual(volum_test['Size'], actual_volumes[0]['Size'])
self.assertDictEqual(
volum_test['TagSpecifications'][0]['Tags'][0],
actual_volumes[0]['Tags'][0],
)
