#!/usr/bin/env python
from tests.compat import mock, unittest
from tests.unit import AWSMockServiceTestCase
from boto.ec2.connection import EC2Connection
from boto.ec2.securitygroup import SecurityGroup
DESCRIBE_SECURITY_GROUP = br"""
59dbff89-35bd-4eac-99ed-be587EXAMPLE
-
111122223333
sg-1a2b3c4d
WebServers
Web Servers
-
tcp
80
80
-
0.0.0.0/0
-
111122223333
sg-2a2b3c4d
RangedPortsBySource
Group A
-
tcp
6000
7000
-
111122223333
sg-3a2b3c4d
Group B
"""
DESCRIBE_INSTANCES = br"""
c6132c74-b524-4884-87f5-0f4bde4a9760
-
r-72ef4a0a
184906166255
-
i-instance
ami-1624987f
16
running
mykeypair
0
m1.small
2012-12-14T23:48:37.000Z
us-east-1d
default
aki-88aa75e1
disabled
subnet-0dc60667
vpc-id
10.0.0.67
true
-
sg-1a2b3c4d
WebServerSG
x86_64
ebs
/dev/sda1
-
/dev/sda1
vol-id
attached
2012-12-14T23:48:43.000Z
true
paravirtual
foo
-
Name
xen
-
eni-id
subnet-id
vpc-id
Primary network interface
ownerid
in-use
10.0.0.67
true
-
sg-id
WebServerSG
eni-attach-id
0
attached
2012-12-14T23:48:37.000Z
true
-
10.0.0.67
true
-
10.0.0.54
false
-
10.0.0.55
false
false
"""
class TestDescribeSecurityGroups(AWSMockServiceTestCase):
connection_class = EC2Connection
def test_get_instances(self):
self.set_http_response(status_code=200, body=DESCRIBE_SECURITY_GROUP)
groups = self.service_connection.get_all_security_groups()
self.set_http_response(status_code=200, body=DESCRIBE_INSTANCES)
instances = groups[0].instances()
self.assertEqual(1, len(instances))
self.assertEqual(groups[0].id, instances[0].groups[0].id)
class SecurityGroupTest(unittest.TestCase):
def test_add_rule(self):
sg = SecurityGroup()
self.assertEqual(len(sg.rules), 0)
# Regression: ``dry_run`` was being passed (but unhandled) before.
sg.add_rule(
ip_protocol='http',
from_port='80',
to_port='8080',
src_group_name='groupy',
src_group_owner_id='12345',
cidr_ip='10.0.0.1',
src_group_group_id='54321',
dry_run=False
)
self.assertEqual(len(sg.rules), 1)
def test_remove_rule_on_empty_group(self):
# Remove a rule from a group with no rules
sg = SecurityGroup()
with self.assertRaises(ValueError):
sg.remove_rule('ip', 80, 80, None, None, None, None)