2019-06-11 22:24:35 +00:00
|
|
|
require "helper"
|
|
|
|
require "inspec/resource"
|
|
|
|
require "resources/aws/aws_flow_log"
|
2018-06-07 18:41:46 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
require "resource_support/aws"
|
|
|
|
require "resources/aws/aws_flow_log"
|
2019-05-21 00:19:38 +00:00
|
|
|
|
2018-06-07 18:41:46 +00:00
|
|
|
class EmptyAwsFlowLog < Minitest::Test
|
|
|
|
def setup
|
|
|
|
AwsFlowLog::BackendFactory.select(MockAwsFlowLog::Empty)
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_rejects_empty_params
|
|
|
|
assert_raises(ArgumentError) { AwsFlowLog.new }
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_search_hit_via_scalar_fails
|
2019-06-11 22:24:35 +00:00
|
|
|
refute AwsFlowLog.new(flow_log_id: "fl-abcd1234").exists?
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_rejects_unrecognized_params
|
|
|
|
assert_raises(ArgumentError) { AwsFlowLog.new(shoe_size: 9) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
class BasicAwsFlowLog < Minitest::Test
|
|
|
|
def setup
|
|
|
|
AwsFlowLog::BackendFactory.select(MockAwsFlowLog::Basic)
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_search_hit
|
2019-06-11 22:24:35 +00:00
|
|
|
assert AwsFlowLog.new(flow_log_id: "fl-abcd1111").exists?
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_to_s
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "AWS Flow Log fl-abcd1234",
|
|
|
|
AwsFlowLog.new(flow_log_id: "fl-abcd1234").to_s
|
|
|
|
assert_equal "AWS Flow Log fl-abcd3333",
|
|
|
|
AwsFlowLog.new(subnet_id: "subnet-abcd3333").to_s
|
|
|
|
assert_equal "AWS Flow Log fl-abcd1111",
|
|
|
|
AwsFlowLog.new(vpc_id: "vpc-abcd1111").to_s
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_flow_log_id
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "fl-abcd1111", AwsFlowLog.new(flow_log_id: "fl-abcd1111").flow_log_id
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_log_group_name
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "inspec-abcd1111", AwsFlowLog.new(flow_log_id: "fl-abcd1111").log_group_name
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_resource_id
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "vpc-abcd1111", AwsFlowLog.new(flow_log_id: "fl-abcd1111").resource_id
|
|
|
|
assert_equal "eni-abcd2222", AwsFlowLog.new(flow_log_id: "fl-abcd2222").resource_id
|
|
|
|
assert_equal "subnet-abcd3333", AwsFlowLog.new(flow_log_id: "fl-abcd3333").resource_id
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_resource_type
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "vpc", AwsFlowLog.new(flow_log_id: "fl-abcd1111").resource_type
|
|
|
|
assert_equal "eni", AwsFlowLog.new(flow_log_id: "fl-abcd2222").resource_type
|
|
|
|
assert_equal "subnet", AwsFlowLog.new(flow_log_id: "fl-abcd3333").resource_type
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_search_miss
|
2019-06-11 22:24:35 +00:00
|
|
|
flowlog = AwsFlowLog.new(flow_log_id: "fl-12341234")
|
2018-06-07 18:41:46 +00:00
|
|
|
refute flowlog.exists?
|
|
|
|
assert_nil flowlog.log_group_name
|
|
|
|
assert_nil flowlog.resource_id
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "AWS Flow Log fl-12341234", flowlog.to_s
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_search_subnet_miss
|
2019-06-11 22:24:35 +00:00
|
|
|
flowlog = AwsFlowLog.new(subnet_id: "subnet-12341234")
|
2018-06-07 18:41:46 +00:00
|
|
|
refute flowlog.exists?
|
|
|
|
assert_nil flowlog.log_group_name
|
|
|
|
assert_nil flowlog.resource_id
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "AWS Flow Log subnet-12341234", flowlog.to_s
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_search_vpc_miss
|
2019-06-11 22:24:35 +00:00
|
|
|
flowlog = AwsFlowLog.new(vpc_id: "vpc-12341234")
|
2018-06-07 18:41:46 +00:00
|
|
|
refute flowlog.exists?
|
|
|
|
assert_nil flowlog.log_group_name
|
|
|
|
assert_nil flowlog.resource_id
|
2019-06-11 22:24:35 +00:00
|
|
|
assert_equal "AWS Flow Log vpc-12341234", flowlog.to_s
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_attached_to?
|
2019-06-11 22:24:35 +00:00
|
|
|
assert AwsFlowLog.new(flow_log_id: "fl-abcd1111").attached_to_vpc?
|
|
|
|
assert AwsFlowLog.new(flow_log_id: "fl-abcd2222").attached_to_eni?
|
|
|
|
assert AwsFlowLog.new(flow_log_id: "fl-abcd3333").attached_to_subnet?
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
module MockAwsFlowLog
|
|
|
|
class Empty < AwsBackendBase
|
|
|
|
def describe_flow_logs(query)
|
|
|
|
Aws::EC2::Types::DescribeFlowLogsResult.new(
|
|
|
|
flow_logs: [])
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
class Basic < AwsBackendBase
|
|
|
|
def describe_flow_logs(query)
|
|
|
|
resp = Aws::EC2::Types::DescribeFlowLogsResult.new(
|
|
|
|
flow_logs: [
|
|
|
|
Aws::EC2::Types::FlowLog.new(
|
2019-06-11 22:24:35 +00:00
|
|
|
flow_log_id: "fl-abcd1111",
|
|
|
|
log_group_name: "inspec-abcd1111",
|
|
|
|
resource_id: "vpc-abcd1111"
|
2018-06-07 18:41:46 +00:00
|
|
|
),
|
|
|
|
Aws::EC2::Types::FlowLog.new(
|
2019-06-11 22:24:35 +00:00
|
|
|
flow_log_id: "fl-abcd2222",
|
|
|
|
log_group_name: "inspec-abcd2222",
|
|
|
|
resource_id: "eni-abcd2222"
|
2018-06-07 18:41:46 +00:00
|
|
|
),
|
|
|
|
Aws::EC2::Types::FlowLog.new(
|
2019-06-11 22:24:35 +00:00
|
|
|
flow_log_id: "fl-abcd3333",
|
|
|
|
log_group_name: "inspec-abcd3333",
|
|
|
|
resource_id: "subnet-abcd3333"
|
2018-06-07 18:41:46 +00:00
|
|
|
)
|
|
|
|
]
|
|
|
|
)
|
|
|
|
|
|
|
|
selected = resp[:flow_logs].select do |fl|
|
|
|
|
query[:filter].all? do |filter|
|
2019-06-11 22:24:35 +00:00
|
|
|
filter[:values].include?(fl[filter[:name].tr("-", "_")])
|
2018-06-07 18:41:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
OpenStruct.new({ flow_logs: selected })
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|