Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

EC2: allow creation multiple flow logs on same resource id (#6374)

Browse Source
This commit is contained in:
Lyderic Dutillieux 2023-06-07 17:44:24 +02:00 committed by GitHub
parent 710391eb9a
commit d20da03225
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 97 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
moto/ec2/models/flow_logs.py
View File

@ -253,11 +253,8 @@ class FlowLogsBackend:
all_flow_logs = self.describe_flow_logs()
if any(
fl.resource_id == resource_id
and (
fl.log_group_name == log_group_name
or fl.log_destination == log_destination
)
(fl.resource_id, fl.log_group_name, fl.log_destination)
== (resource_id, log_group_name, log_destination)
for fl in all_flow_logs
):
raise FlowLogAlreadyExists()

95
tests/test_ec2/test_flow_logs.py
View File

@ -68,6 +68,56 @@ def test_create_flow_logs_s3():
flow_log["MaxAggregationInterval"].should.equal(600)
@mock_s3
@mock_ec2
def test_create_multiple_flow_logs_s3():
s3 = boto3.resource("s3", region_name="us-west-1")
client = boto3.client("ec2", region_name="us-west-1")
vpc = client.create_vpc(CidrBlock="10.0.0.0/16")["Vpc"]
bucket_name_1 = str(uuid4())
bucket_1 = s3.create_bucket(
Bucket=bucket_name_1,
CreateBucketConfiguration={"LocationConstraint": "us-west-1"},
)
bucket_name_2 = str(uuid4())
bucket_2 = s3.create_bucket(
Bucket=bucket_name_2,
CreateBucketConfiguration={"LocationConstraint": "us-west-1"},
)
response = client.create_flow_logs(
ResourceType="VPC",
ResourceIds=[vpc["VpcId"]],
TrafficType="ALL",
LogDestinationType="s3",
LogDestination="arn:aws:s3:::" + bucket_1.name,
)["FlowLogIds"]
response.should.have.length_of(1)
response = client.create_flow_logs(
ResourceType="VPC",
ResourceIds=[vpc["VpcId"]],
TrafficType="ALL",
LogDestinationType="s3",
LogDestination="arn:aws:s3:::" + bucket_2.name,
)["FlowLogIds"]
response.should.have.length_of(1)
flow_logs = client.describe_flow_logs(
Filters=[{"Name": "resource-id", "Values": [vpc["VpcId"]]}]
)["FlowLogs"]
flow_logs.should.have.length_of(2)
flow_log_1 = flow_logs[0]
flow_log_2 = flow_logs[1]
flow_log_1["ResourceId"].should.equal(flow_log_2["ResourceId"])
flow_log_1["FlowLogId"].shouldnt.equal(flow_log_2["FlowLogId"])
flow_log_1["LogDestination"].shouldnt.equal(flow_log_2["LogDestination"])
@mock_logs
@mock_ec2
def test_create_flow_logs_cloud_watch():
@ -127,6 +177,51 @@ def test_create_flow_logs_cloud_watch():
flow_log["MaxAggregationInterval"].should.equal(600)
@mock_logs
@mock_ec2
def test_create_multiple_flow_logs_cloud_watch():
client = boto3.client("ec2", region_name="us-west-1")
logs_client = boto3.client("logs", region_name="us-west-1")
vpc = client.create_vpc(CidrBlock="10.0.0.0/16")["Vpc"]
lg_name_1 = str(uuid4())
lg_name_2 = str(uuid4())
logs_client.create_log_group(logGroupName=lg_name_1)
logs_client.create_log_group(logGroupName=lg_name_2)
response = client.create_flow_logs(
ResourceType="VPC",
ResourceIds=[vpc["VpcId"]],
TrafficType="ALL",
LogDestinationType="cloud-watch-logs",
LogGroupName=lg_name_1,
DeliverLogsPermissionArn="arn:aws:iam::" + ACCOUNT_ID + ":role/test-role",
)["FlowLogIds"]
response.should.have.length_of(1)
response = client.create_flow_logs(
ResourceType="VPC",
ResourceIds=[vpc["VpcId"]],
TrafficType="ALL",
LogDestinationType="cloud-watch-logs",
LogGroupName=lg_name_2,
DeliverLogsPermissionArn="arn:aws:iam::" + ACCOUNT_ID + ":role/test-role",
)["FlowLogIds"]
response.should.have.length_of(1)
flow_logs = client.describe_flow_logs(
Filters=[{"Name": "resource-id", "Values": [vpc["VpcId"]]}]
)["FlowLogs"]
flow_logs.should.have.length_of(2)
flow_log_1 = flow_logs[0]
flow_log_2 = flow_logs[1]
flow_log_1["ResourceId"].should.equal(flow_log_2["ResourceId"])
flow_log_1["FlowLogId"].shouldnt.equal(flow_log_2["FlowLogId"])
flow_log_1["LogGroupName"].shouldnt.equal(flow_log_2["LogGroupName"])
@mock_s3
@mock_ec2
def test_create_flow_log_create():