2022-03-15 19:51:03 +00:00
|
|
|
import pytest
|
|
|
|
from botocore.exceptions import ClientError
|
|
|
|
|
2022-10-04 16:28:30 +00:00
|
|
|
from . import fixture_ec2, fixture_efs # noqa # pylint: disable=unused-import
|
2022-03-15 19:51:03 +00:00
|
|
|
|
|
|
|
|
2022-10-04 16:28:30 +00:00
|
|
|
@pytest.fixture(scope="function", name="file_system")
|
|
|
|
def fixture_file_system(efs):
|
2022-03-15 19:51:03 +00:00
|
|
|
create_fs_resp = efs.create_file_system(CreationToken="foobarbaz")
|
|
|
|
create_fs_resp.pop("ResponseMetadata")
|
|
|
|
yield create_fs_resp
|
|
|
|
|
|
|
|
|
2022-10-04 16:28:30 +00:00
|
|
|
@pytest.fixture(scope="function", name="subnet")
|
|
|
|
def fixture_subnet(ec2):
|
2022-03-15 19:51:03 +00:00
|
|
|
desc_sn_resp = ec2.describe_subnets()
|
|
|
|
subnet = desc_sn_resp["Subnets"][0]
|
|
|
|
yield subnet
|
|
|
|
|
|
|
|
|
|
|
|
def test_describe_mount_target_security_groups__unknown(efs):
|
|
|
|
with pytest.raises(ClientError) as exc_info:
|
|
|
|
efs.describe_mount_target_security_groups(MountTargetId="mt-asdf1234asdf")
|
|
|
|
err = exc_info.value.response["Error"]
|
2023-07-05 22:47:50 +00:00
|
|
|
assert err["Code"] == "MountTargetNotFound"
|
|
|
|
assert err["Message"] == "Mount target 'mt-asdf1234asdf' does not exist."
|
2022-03-15 19:51:03 +00:00
|
|
|
|
|
|
|
|
|
|
|
def test_describe_mount_target_security_groups(efs, ec2, file_system, subnet):
|
|
|
|
subnet_id = subnet["SubnetId"]
|
|
|
|
file_system_id = file_system["FileSystemId"]
|
|
|
|
|
|
|
|
desc_sg_resp = ec2.describe_security_groups()
|
|
|
|
security_group_id = desc_sg_resp["SecurityGroups"][0]["GroupId"]
|
|
|
|
|
|
|
|
# Create Mount Target
|
|
|
|
sample_input = {
|
|
|
|
"FileSystemId": file_system_id,
|
|
|
|
"SubnetId": subnet_id,
|
|
|
|
"SecurityGroups": [security_group_id],
|
|
|
|
}
|
|
|
|
create_mt_resp = efs.create_mount_target(**sample_input)
|
|
|
|
mount_target_id = create_mt_resp["MountTargetId"]
|
|
|
|
|
|
|
|
# Describe it's Security Groups
|
|
|
|
resp = efs.describe_mount_target_security_groups(MountTargetId=mount_target_id)
|
2023-07-05 22:47:50 +00:00
|
|
|
assert resp["SecurityGroups"] == [security_group_id]
|
2022-03-15 19:51:03 +00:00
|
|
|
|
|
|
|
|
|
|
|
def test_modify_mount_target_security_groups__unknown(efs):
|
|
|
|
with pytest.raises(ClientError) as exc_info:
|
|
|
|
efs.modify_mount_target_security_groups(
|
|
|
|
MountTargetId="mt-asdf1234asdf", SecurityGroups=[]
|
|
|
|
)
|
|
|
|
err = exc_info.value.response["Error"]
|
2023-07-05 22:47:50 +00:00
|
|
|
assert err["Code"] == "MountTargetNotFound"
|
|
|
|
assert err["Message"] == "Mount target 'mt-asdf1234asdf' does not exist."
|
2022-03-15 19:51:03 +00:00
|
|
|
|
|
|
|
|
|
|
|
def test_modify_mount_target_security_groups(efs, ec2, file_system, subnet):
|
|
|
|
subnet_id = subnet["SubnetId"]
|
|
|
|
file_system_id = file_system["FileSystemId"]
|
|
|
|
|
|
|
|
desc_sg_resp = ec2.describe_security_groups()["SecurityGroups"]
|
|
|
|
security_group_id = desc_sg_resp[0]["GroupId"]
|
|
|
|
|
|
|
|
# Create Mount Target
|
|
|
|
sample_input = {
|
|
|
|
"FileSystemId": file_system_id,
|
|
|
|
"SubnetId": subnet_id,
|
|
|
|
"SecurityGroups": [security_group_id],
|
|
|
|
}
|
|
|
|
create_mt_resp = efs.create_mount_target(**sample_input)
|
|
|
|
mount_target_id = create_mt_resp["MountTargetId"]
|
|
|
|
network_interface_id = create_mt_resp["NetworkInterfaceId"]
|
|
|
|
|
|
|
|
# Create alternative security groups
|
|
|
|
sg_id_2 = ec2.create_security_group(
|
|
|
|
VpcId=subnet["VpcId"], GroupName="sg-2", Description="SG-2"
|
|
|
|
)["GroupId"]
|
|
|
|
sg_id_3 = ec2.create_security_group(
|
|
|
|
VpcId=subnet["VpcId"], GroupName="sg-3", Description="SG-3"
|
|
|
|
)["GroupId"]
|
|
|
|
|
|
|
|
# Modify it's Security Groups
|
|
|
|
efs.modify_mount_target_security_groups(
|
|
|
|
MountTargetId=mount_target_id, SecurityGroups=[sg_id_2, sg_id_3]
|
|
|
|
)
|
|
|
|
|
|
|
|
# Describe it's Security Groups
|
|
|
|
resp = efs.describe_mount_target_security_groups(MountTargetId=mount_target_id)
|
2023-07-05 22:47:50 +00:00
|
|
|
assert resp["SecurityGroups"] == [sg_id_2, sg_id_3]
|
2022-03-15 19:51:03 +00:00
|
|
|
|
|
|
|
# Verify EC2 reflects this change
|
|
|
|
resp = ec2.describe_network_interfaces(NetworkInterfaceIds=[network_interface_id])
|
|
|
|
network_interface = resp["NetworkInterfaces"][0]
|
2023-07-05 22:47:50 +00:00
|
|
|
assert len(network_interface["Groups"]) == 2
|
|
|
|
assert set([sg["GroupId"] for sg in network_interface["Groups"]]) == {
|
|
|
|
sg_id_2,
|
|
|
|
sg_id_3,
|
|
|
|
}
|