moto/tests/test_firehose/test_firehose_encryption.py

import boto3
import pytest

from botocore.exceptions import ClientError
from moto import mock_firehose
from uuid import uuid4
from .test_firehose import sample_s3_dest_config


@mock_firehose
def test_firehose_without_encryption():
    client = boto3.client("firehose", region_name="us-east-2")
    name = str(uuid4())[0:6]
    client.create_delivery_stream(
        DeliveryStreamName=name,
        ExtendedS3DestinationConfiguration=sample_s3_dest_config(),
    )

    resp = client.describe_delivery_stream(DeliveryStreamName=name)[
        "DeliveryStreamDescription"
    ]
    resp.shouldnt.have.key("DeliveryStreamEncryptionConfiguration")

    client.start_delivery_stream_encryption(
        DeliveryStreamName=name,
        DeliveryStreamEncryptionConfigurationInput={"KeyType": "AWS_OWNED_CMK"},
    )

    stream = client.describe_delivery_stream(DeliveryStreamName=name)[
        "DeliveryStreamDescription"
    ]
    stream.should.have.key("DeliveryStreamEncryptionConfiguration").equals(
        {
            "KeyType": "AWS_OWNED_CMK",
            "Status": "ENABLED",
        }
    )


@mock_firehose
def test_firehose_with_encryption():
    client = boto3.client("firehose", region_name="us-east-2")
    name = str(uuid4())[0:6]
    client.create_delivery_stream(
        DeliveryStreamName=name,
        ExtendedS3DestinationConfiguration=sample_s3_dest_config(),
        DeliveryStreamEncryptionConfigurationInput={"KeyType": "AWS_OWNED_CMK"},
    )

    stream = client.describe_delivery_stream(DeliveryStreamName=name)[
        "DeliveryStreamDescription"
    ]
    stream.should.have.key("DeliveryStreamEncryptionConfiguration").equals(
        {"KeyType": "AWS_OWNED_CMK"}
    )

    client.stop_delivery_stream_encryption(DeliveryStreamName=name)

    stream = client.describe_delivery_stream(DeliveryStreamName=name)[
        "DeliveryStreamDescription"
    ]
    stream.should.have.key("DeliveryStreamEncryptionConfiguration").should.have.key(
        "Status"
    ).equals("DISABLED")


@mock_firehose
def test_start_encryption_on_unknown_stream():
    client = boto3.client("firehose", region_name="us-east-2")

    with pytest.raises(ClientError) as exc:
        client.start_delivery_stream_encryption(
            DeliveryStreamName="?",
            DeliveryStreamEncryptionConfigurationInput={"KeyType": "AWS_OWNED_CMK"},
        )
    err = exc.value.response["Error"]
    err["Code"].should.equal("ResourceNotFoundException")
    err["Message"].should.equal("Firehose ? under account 123456789012 not found.")


@mock_firehose
def test_stop_encryption_on_unknown_stream():
    client = boto3.client("firehose", region_name="us-east-2")

    with pytest.raises(ClientError) as exc:
        client.stop_delivery_stream_encryption(DeliveryStreamName="?")
    err = exc.value.response["Error"]
    err["Code"].should.equal("ResourceNotFoundException")
    err["Message"].should.equal("Firehose ? under account 123456789012 not found.")
Firehose Improvements (#6028) 2023-03-07 22:08:55 -01:00			`import boto3`
			`import pytest`

			`from botocore.exceptions import ClientError`
			`from moto import mock_firehose`
			`from uuid import uuid4`
			`from .test_firehose import sample_s3_dest_config`


			`@mock_firehose`
			`def test_firehose_without_encryption():`
			`client = boto3.client("firehose", region_name="us-east-2")`
			`name = str(uuid4())[0:6]`
			`client.create_delivery_stream(`
			`DeliveryStreamName=name,`
			`ExtendedS3DestinationConfiguration=sample_s3_dest_config(),`
			`)`

			`resp = client.describe_delivery_stream(DeliveryStreamName=name)[`
			`"DeliveryStreamDescription"`
			`]`
			`resp.shouldnt.have.key("DeliveryStreamEncryptionConfiguration")`

			`client.start_delivery_stream_encryption(`
			`DeliveryStreamName=name,`
			`DeliveryStreamEncryptionConfigurationInput={"KeyType": "AWS_OWNED_CMK"},`
			`)`

			`stream = client.describe_delivery_stream(DeliveryStreamName=name)[`
			`"DeliveryStreamDescription"`
			`]`
			`stream.should.have.key("DeliveryStreamEncryptionConfiguration").equals(`
			`{`
			`"KeyType": "AWS_OWNED_CMK",`
			`"Status": "ENABLED",`
			`}`
			`)`


			`@mock_firehose`
			`def test_firehose_with_encryption():`
			`client = boto3.client("firehose", region_name="us-east-2")`
			`name = str(uuid4())[0:6]`
			`client.create_delivery_stream(`
			`DeliveryStreamName=name,`
			`ExtendedS3DestinationConfiguration=sample_s3_dest_config(),`
			`DeliveryStreamEncryptionConfigurationInput={"KeyType": "AWS_OWNED_CMK"},`
			`)`

			`stream = client.describe_delivery_stream(DeliveryStreamName=name)[`
			`"DeliveryStreamDescription"`
			`]`
			`stream.should.have.key("DeliveryStreamEncryptionConfiguration").equals(`
			`{"KeyType": "AWS_OWNED_CMK"}`
			`)`

			`client.stop_delivery_stream_encryption(DeliveryStreamName=name)`

			`stream = client.describe_delivery_stream(DeliveryStreamName=name)[`
			`"DeliveryStreamDescription"`
			`]`
			`stream.should.have.key("DeliveryStreamEncryptionConfiguration").should.have.key(`
			`"Status"`
			`).equals("DISABLED")`


			`@mock_firehose`
			`def test_start_encryption_on_unknown_stream():`
			`client = boto3.client("firehose", region_name="us-east-2")`

			`with pytest.raises(ClientError) as exc:`
			`client.start_delivery_stream_encryption(`
			`DeliveryStreamName="?",`
			`DeliveryStreamEncryptionConfigurationInput={"KeyType": "AWS_OWNED_CMK"},`
			`)`
			`err = exc.value.response["Error"]`
			`err["Code"].should.equal("ResourceNotFoundException")`
			`err["Message"].should.equal("Firehose ? under account 123456789012 not found.")`


			`@mock_firehose`
			`def test_stop_encryption_on_unknown_stream():`
			`client = boto3.client("firehose", region_name="us-east-2")`

			`with pytest.raises(ClientError) as exc:`
			`client.stop_delivery_stream_encryption(DeliveryStreamName="?")`
			`err = exc.value.response["Error"]`
			`err["Code"].should.equal("ResourceNotFoundException")`
			`err["Message"].should.equal("Firehose ? under account 123456789012 not found.")`