Here are the examples of the python api trailscraper.cloudtrail.Record taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.
32 Examples
3
View Complete Implementation : cloudtrail_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_load_gzipped_files_in_timeframe_from_dir():
records = load_from_dir(cloudtrail_data_dir(),
datetime.datetime(2017, 12, 1, tzinfo=pytz.utc),
datetime.datetime(2017, 12, 12, tzinfo=pytz.utc))
astert records == [
Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations",
astumed_role_arn="arn:aws:iam::111111111111:role/someRole",
# "2017-12-11T15:01:51Z"
event_time=datetime.datetime(2017, 12, 11, 15, 1, 51, tzinfo=pytz.utc)),
Record("sts.amazonaws.com", "astumeRole",
resource_arns=["arn:aws:iam::111111111111:role/someRole"],
event_time=datetime.datetime(2017, 12, 11, 15, 4, 51, tzinfo=pytz.utc))
]
3
View Complete Implementation : cloudtrail_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_load_gzipped_files_including_those_that_were_delivered_only_an_hour_after_the_event_time_we_are_looking_for():
records = load_from_dir(cloudtrail_data_dir(),
datetime.datetime(2017, 12, 11, 0, 0, tzinfo=pytz.utc),
datetime.datetime(2017, 12, 11, 14, 5, tzinfo=pytz.utc))
astert records == [
Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations",
astumed_role_arn="arn:aws:iam::111111111111:role/someRole",
# "2017-12-11T15:01:51Z"
event_time=datetime.datetime(2017, 12, 11, 15, 1, 51, tzinfo=pytz.utc)),
Record("sts.amazonaws.com", "astumeRole",
resource_arns=["arn:aws:iam::111111111111:role/someRole"],
event_time=datetime.datetime(2017, 12, 11, 15, 4, 51, tzinfo=pytz.utc))
]
3
View Complete Implementation : cloudtrail_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_parse_record_should_be_able_to_cope_with_missing_type():
astert _parse_record({'userIdensaty': {'accountId': '111111111111'},
'eventSource': 'kms.amazonaws.com',
'eventName': 'DeleteKey',
'eventTime': '2017-11-19T00:21:51Z'}) == \
Record('kms.amazonaws.com', 'DeleteKey',
event_time=datetime.datetime(2017, 11, 19, 0, 21, 51, tzinfo=pytz.utc))
3
View Complete Implementation : cloudtrail_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_parse_record_should_be_able_to_cope_with_missing_session_context_in_astumed_role():
astert _parse_record({'eventVersion': '1.05',
'userIdensaty': {'type': 'astumedRole', 'principalId': 'some-key:some-user',
'arn': 'arn:aws:sts::111111111111:astumed-role/some-role/some-user',
'accountId': '111111111111'},
'eventSource': 'signin.amazonaws.com',
'eventTime': '2017-11-19T00:21:51Z',
'eventName': 'RenewRole'}) == \
Record('signin.amazonaws.com', 'RenewRole',
event_time=datetime.datetime(2017, 11, 19, 0, 21, 51, tzinfo=pytz.utc))
3
View Complete Implementation : cloudtrail_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_parse_record_should_be_able_to_cope_with_missing_arn_in_resource():
astert _parse_record({'eventVersion': '1.05',
'eventTime': '2018-05-15T02:18:43Z',
'eventName': 'ListObjects',
'eventSource': 's3.amazonaws.com',
'userIdensaty': {'type': 'astumedRole', 'principalId': 'some-key:some-user',
'arn': 'arn:aws:sts::111111111111:astumed-role/some-role/some-user',
'accountId': '111111111111'},
'resources': [
{'ARNPrefix': 'arn:aws:s3:::some-bucket/env:/',
'type': 'AWS::S3::Object'},
{'type': 'AWS::S3::Bucket',
'ARN': 'arn:aws:s3:::some-bucket',
'accountId': '201571571865'}],
}) == \
Record('s3.amazonaws.com', 'ListObjects',
event_time=datetime.datetime(2018, 5, 15, 2, 18, 43, tzinfo=pytz.utc),
resource_arns=["arn:aws:s3:::some-bucket"])
3
View Complete Implementation : cloudtrail_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_parse_records_should_ignore_records_that_cant_be_parsed():
astert parse_records([{},
{'eventVersion': '1.05',
'userIdensaty': {'type': 'SomeType'},
'eventSource': 'someSource',
'eventName': 'SomeEvent',
'eventTime': '2017-11-19T00:21:51Z'}]) == \
[Record('someSource', 'SomeEvent',
event_time=datetime.datetime(2017, 11, 19, 0, 21, 51, tzinfo=pytz.utc))]
3
View Complete Implementation : filter_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_should_filter_for_event_time():
records = [
Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations", event_time=datetime.datetime(2017, 1, 1)),
Record("sts.amazonaws.com", "astumeRole", event_time=datetime.datetime(2017, 6, 6))
]
astert filter_records(records,
from_date=datetime.datetime(2017, 1, 1),
to_date=datetime.datetime(2017, 3, 1)) == \
[
Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations",
event_time=datetime.datetime(2017, 1, 1)),
]
3
View Complete Implementation : filter_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_should_warn_if_records_pasted_but_filtered_away(caplog):
records = [
Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations", event_time=datetime.datetime(2017, 1, 1)),
Record("sts.amazonaws.com", "astumeRole", event_time=datetime.datetime(2017, 6, 6))
]
astert filter_records(records,
from_date=datetime.datetime(2010, 1, 1),
to_date=datetime.datetime(2010, 1, 2)) == []
astert caplog.record_tuples == [
('root', logging.WARNING, cloudtrail.ALL_RECORDS_FILTERED),
]
3
View Complete Implementation : logfile_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def test_parse_records_from_gzipped_file():
logfile = LogFile(
cloudtrail_data("111111111111_CloudTrail_eu-central-1_20171211T1505Z_A6kvhMoVeCsc7v8U.json.gz"))
astert logfile.records() == [
Record("autoscaling.amazonaws.com", "DescribeLaunchConfigurations",
astumed_role_arn="arn:aws:iam::111111111111:role/someRole",
event_time=datetime.datetime(2017, 12, 11, 15, 1, 51, tzinfo=pytz.utc)),
Record("sts.amazonaws.com", "astumeRole",
resource_arns=["arn:aws:iam::111111111111:role/someRole"],
event_time=datetime.datetime(2017, 12, 11, 15, 4, 51, tzinfo=pytz.utc))
]
3
View Complete Implementation : map_to_iam_sanity_test.py
Copyright Apache License 2.0
Author : flosell
Copyright Apache License 2.0
Author : flosell
def unknown_actions():
iam_actions_from_api_calls = set()
for api_call in all_aws_api_methods():
x = api_call.split(":")
r = Record(x[0] + ".amazonaws.com", x[1])
statement = r.to_statement()
if statement is not None:
iam_actions_from_api_calls.add(statement.Action[0].json_repr())
known_actions = all_known_iam_permissions()
return iam_actions_from_api_calls.difference(known_actions)