moto/tests/test_ec2/test_flow_logs_cloudformation.py

import boto3

import json
import sure  # noqa # pylint: disable=unused-import

from moto import mock_cloudformation, mock_ec2, mock_s3
from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID
from tests import EXAMPLE_AMI_ID
from uuid import uuid4


@mock_cloudformation
@mock_ec2
@mock_s3
def test_flow_logs_by_cloudformation():
    s3 = boto3.resource("s3", region_name="us-west-1")
    client = boto3.client("ec2", region_name="us-west-1")
    cf_client = boto3.client("cloudformation", "us-west-1")

    vpc = client.create_vpc(CidrBlock="10.0.0.0/16")["Vpc"]

    bucket_name = str(uuid4())
    bucket = s3.create_bucket(
        Bucket=bucket_name,
        CreateBucketConfiguration={"LocationConstraint": "us-west-1"},
    )

    flow_log_template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Description": "Template for VPC Flow Logs creation.",
        "Resources": {
            "TestFlowLogs": {
                "Type": "AWS::EC2::FlowLog",
                "Properties": {
                    "ResourceType": "VPC",
                    "ResourceId": vpc["VpcId"],
                    "TrafficType": "ALL",
                    "LogDestinationType": "s3",
                    "LogDestination": "arn:aws:s3:::" + bucket.name,
                    "MaxAggregationInterval": "60",
                    "Tags": [{"Key": "foo", "Value": "bar"}],
                },
            }
        },
    }
    flow_log_template_json = json.dumps(flow_log_template)

    stack_name = str(uuid4())
    cf_client.create_stack(StackName=stack_name, TemplateBody=flow_log_template_json)

    flow_logs = client.describe_flow_logs(
        Filters=[{"Name": "resource-id", "Values": [vpc["VpcId"]]}]
    )["FlowLogs"]
    flow_logs.should.have.length_of(1)
    flow_logs[0]["ResourceId"].should.equal(vpc["VpcId"])
    flow_logs[0]["LogDestination"].should.equal("arn:aws:s3:::" + bucket.name)
    flow_logs[0]["MaxAggregationInterval"].should.equal(60)


@mock_ec2
@mock_cloudformation
def test_cloudformation():
    dummy_template_json = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {
            "InstanceProfile": {
                "Type": "AWS::IAM::InstanceProfile",
                "Properties": {"Path": "/", "Roles": []},
            },
            "Ec2Instance": {
                "Type": "AWS::EC2::Instance",
                "Properties": {
                    "IamInstanceProfile": {"Ref": "InstanceProfile"},
                    "KeyName": "mykey1",
                    "ImageId": EXAMPLE_AMI_ID,
                },
            },
        },
    }

    client = boto3.client("ec2", region_name="us-east-1")
    cf_conn = boto3.client("cloudformation", region_name="us-east-1")
    stack_name = str(uuid4())
    cf_conn.create_stack(
        StackName=stack_name, TemplateBody=json.dumps(dummy_template_json)
    )

    resources = cf_conn.list_stack_resources(StackName=stack_name)[
        "StackResourceSummaries"
    ]
    iam_id = resources[0]["PhysicalResourceId"]
    iam_ip_arn = f"arn:aws:iam::{ACCOUNT_ID}:instance-profile/{iam_id}"

    all_assocs = client.describe_iam_instance_profile_associations()[
        "IamInstanceProfileAssociations"
    ]
    our_assoc = [a for a in all_assocs if a["IamInstanceProfile"]["Arn"] == iam_ip_arn]
    our_assoc[0]["IamInstanceProfile"]["Arn"].should.contain(stack_name)
    our_assoc_id = our_assoc[0]["AssociationId"]

    cf_conn.delete_stack(StackName=stack_name)
    associations = client.describe_iam_instance_profile_associations()[
        "IamInstanceProfileAssociations"
    ]
    [a["AssociationId"] for a in associations].shouldnt.contain(our_assoc_id)
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00			`import boto3`

			`import json`
Techdebt: Enable pylint rules (#4432) 2021-10-18 19:44:29 +00:00			`import sure # noqa # pylint: disable=unused-import`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00
			`from moto import mock_cloudformation, mock_ec2, mock_s3`
MultiAccount support (#5192) 2022-08-13 09:49:43 +00:00			`from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00			`from tests import EXAMPLE_AMI_ID`
Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`from uuid import uuid4`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00

			`@mock_cloudformation`
			`@mock_ec2`
			`@mock_s3`
			`def test_flow_logs_by_cloudformation():`
			`s3 = boto3.resource("s3", region_name="us-west-1")`
			`client = boto3.client("ec2", region_name="us-west-1")`
			`cf_client = boto3.client("cloudformation", "us-west-1")`

			`vpc = client.create_vpc(CidrBlock="10.0.0.0/16")["Vpc"]`

Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`bucket_name = str(uuid4())`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00			`bucket = s3.create_bucket(`
Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`Bucket=bucket_name,`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00			`CreateBucketConfiguration={"LocationConstraint": "us-west-1"},`
			`)`

			`flow_log_template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Description": "Template for VPC Flow Logs creation.",`
			`"Resources": {`
			`"TestFlowLogs": {`
			`"Type": "AWS::EC2::FlowLog",`
			`"Properties": {`
			`"ResourceType": "VPC",`
			`"ResourceId": vpc["VpcId"],`
			`"TrafficType": "ALL",`
			`"LogDestinationType": "s3",`
			`"LogDestination": "arn:aws:s3:::" + bucket.name,`
			`"MaxAggregationInterval": "60",`
			`"Tags": [{"Key": "foo", "Value": "bar"}],`
			`},`
			`}`
			`},`
			`}`
			`flow_log_template_json = json.dumps(flow_log_template)`
Techdebt: Enable pylint rules (#4432) 2021-10-18 19:44:29 +00:00
Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`stack_name = str(uuid4())`
Techdebt: Enable pylint rules (#4432) 2021-10-18 19:44:29 +00:00			`cf_client.create_stack(StackName=stack_name, TemplateBody=flow_log_template_json)`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00
Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`flow_logs = client.describe_flow_logs(`
			`Filters=[{"Name": "resource-id", "Values": [vpc["VpcId"]]}]`
			`)["FlowLogs"]`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00			`flow_logs.should.have.length_of(1)`
			`flow_logs[0]["ResourceId"].should.equal(vpc["VpcId"])`
			`flow_logs[0]["LogDestination"].should.equal("arn:aws:s3:::" + bucket.name)`
			`flow_logs[0]["MaxAggregationInterval"].should.equal(60)`


			`@mock_ec2`
			`@mock_cloudformation`
			`def test_cloudformation():`
			`dummy_template_json = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Resources": {`
			`"InstanceProfile": {`
			`"Type": "AWS::IAM::InstanceProfile",`
			`"Properties": {"Path": "/", "Roles": []},`
			`},`
			`"Ec2Instance": {`
			`"Type": "AWS::EC2::Instance",`
			`"Properties": {`
			`"IamInstanceProfile": {"Ref": "InstanceProfile"},`
			`"KeyName": "mykey1",`
			`"ImageId": EXAMPLE_AMI_ID,`
			`},`
			`},`
			`},`
			`}`

			`client = boto3.client("ec2", region_name="us-east-1")`
			`cf_conn = boto3.client("cloudformation", region_name="us-east-1")`
Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`stack_name = str(uuid4())`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00			`cf_conn.create_stack(`
Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`StackName=stack_name, TemplateBody=json.dumps(dummy_template_json)`
Update integration test to use Pytest (#3703) * Refactor int test to use pytest * Add comments to int test script 2021-02-17 15:06:31 +00:00			`)`

Parallelize tests - Part 1 (#4368) 2021-10-05 17:11:07 +00:00			`resources = cf_conn.list_stack_resources(StackName=stack_name)[`
			`"StackResourceSummaries"`
			`]`
			`iam_id = resources[0]["PhysicalResourceId"]`
			`iam_ip_arn = f"arn:aws:iam::{ACCOUNT_ID}:instance-profile/{iam_id}"`

			`all_assocs = client.describe_iam_instance_profile_associations()[`
			`"IamInstanceProfileAssociations"`
			`]`
			`our_assoc = [a for a in all_assocs if a["IamInstanceProfile"]["Arn"] == iam_ip_arn]`
			`our_assoc[0]["IamInstanceProfile"]["Arn"].should.contain(stack_name)`
			`our_assoc_id = our_assoc[0]["AssociationId"]`

			`cf_conn.delete_stack(StackName=stack_name)`
			`associations = client.describe_iam_instance_profile_associations()[`
			`"IamInstanceProfileAssociations"`
			`]`
			`[a["AssociationId"] for a in associations].shouldnt.contain(our_assoc_id)`