adding test case for cloudwatchlogforwarder

Author: sourabh

terratest/aws/cloudwatchlogsforwarder/TestWithDefaultValues.json

@@ -0,0 +1,93 @@
+{
+  "random_string": {
+    "lower": true
+  },
+  "aws_sqs_queue": {
+    "name": "SumoCWDeadLetterQueue-{RandomString}"
+  },
+  "aws_cloudwatch_log_group": {
+    "name": "SumoCWLogGroup-{RandomString}",
+    "retention_in_days": 7
+  },
+  "aws_cloudwatch_metric_alarm": {
+    "actions_enabled": true,
+    "alarm_actions": [
+      "arn:aws:sns:{Region}:{AccountId}:SumoCWEmailSNSTopic-{RandomString}"
+    ],
+    "alarm_description": "Notify via email if number of messages in DeadLetterQueue exceeds threshold",
+    "alarm_name": "SumoCWSpilloverAlarm-{RandomString}",
+    "comparison_operator": "GreaterThanThreshold",
+    "dimensions": {
+      "QueueName": "SumoCWDeadLetterQueue-{RandomString}"
+    },
+    "evaluation_periods": 1,
+    "metric_name": "ApproximateNumberOfMessagesVisible",
+    "namespace": "AWS/SQS",
+    "period": 3600,
+    "statistic": "Sum",
+    "threshold": 100000
+  },
+  "aws_cw_lambda_function": {
+    "dead_letter_config": [
+      {
+        "target_arn": "arn:aws:sqs:{Region}:{AccountId}:SumoCWDeadLetterQueue-{RandomString}"
+      }
+    ],
+    "environment": [
+      {
+        "variables": {
+          "INCLUDE_LOG_INFO": "true",
+          "LOG_FORMAT": "Others",
+          "LOG_STREAM_PREFIX": "",
+          "SUMO_ENDPOINT": "{URL}"
+        }
+      }
+    ],
+    "function_name": "SumoCWLogsLambda-{RandomString}",
+    "handler": "cloudwatchlogs_lambda.handler",
+    "s3_bucket": "appdevzipfiles-{Region}",
+    "s3_key": "cloudwatchlogs-with-dlq.zip"
+  },
+  "aws_iam_role": [
+    {
+      "name": "SumoCWLambdaExecutionRole-{RandomString}",
+      "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"lambda.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}"
+    }
+  ],
+  "aws_serverlessapplicationrepository_cloudformation_stack": [
+    {
+      "auto_enable_logs_subscription": {
+        "name": "Auto-Enable-Logs-Subscription-{RandomString}",
+        "application_id": "arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-loggroup-connector",
+        "capabilities": [
+          "CAPABILITY_IAM",
+          "CAPABILITY_RESOURCE_POLICY"
+        ],
+        "parameters": {
+          "DestinationArnValue": "arn:aws:lambda:{Region}:{AccountId}:function:SumoCWLogsLambda-{RandomString}",
+          "LogGroupPattern": "lambda",
+          "UseExistingLogs": "true"
+        },
+        "semantic_version": "1.0.5"
+      }
+    }
+  ],
+  "aws_sns_topic": {
+    "name": "SumoCWEmailSNSTopic-{RandomString}",
+    "policy": "{\"Version\":\"2008-10-17\",\"Id\":\"__default_policy_ID\",\"Statement\":[{\"Sid\":\"__default_statement_ID\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"*\"},\"Action\":[\"SNS:GetTopicAttributes\",\"SNS:SetTopicAttributes\",\"SNS:AddPermission\",\"SNS:RemovePermission\",\"SNS:DeleteTopic\",\"SNS:Subscribe\",\"SNS:ListSubscriptionsByTopic\",\"SNS:Publish\",\"SNS:Receive\"],\"Resource\":\"arn:aws:sns:{Region}:{AccountId}:SumoCWEmailSNSTopic-{RandomString}\",\"Condition\":{\"StringEquals\":{\"AWS:SourceOwner\":\"{AccountId}\"}}}]}"
+  },
+  "sumologic_collector": [
+    {
+      "collector": {
+        "description": "This collector is created using Sumo Logic terraform AWS CloudWatch Logs forwarder to collect AWS cloudwatch logs.",
+        "name": "SumoLogic CloudWatch Logs Collector {RandomString}"
+      }
+    }
+  ],
+  "sumologic_source": {
+    "category": "Labs/aws/cloudwatch",
+    "content_type": "",
+    "description": "This source is created using Sumo Logic terraform AWS CloudWatch Logs forwarder to collect AWS cloudwatch logs.",
+    "name": "CloudWatch Logs Source"
+  }
+}

terratest/aws/cloudwatchlogsforwarder/cloudwatchlogsforwarder_test.go

@@ -0,0 +1,71 @@
+package cloudwatchlogsforwarder
+
+import (
+	"os"
+	"testing"
+	"time"
+
+	"github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations/tree/master/terratest/common"
+	"github.com/gruntwork-io/terratest/modules/aws"
+	"github.com/gruntwork-io/terratest/modules/terraform"
+	test_structure "github.com/gruntwork-io/terratest/modules/test-structure"
+)
+
+var COLLECTOR_ID = os.Getenv("COLLECTOR_ID")
+var LOOK_UP_MAP = map[string]string{"aws_cw_lambda_function": "aws_lambda_function"}
+
+func SetUpTest(t *testing.T, vars map[string]interface{}, awsregion string) (*terraform.Options, *terraform.ResourceCount) {
+	envVars := map[string]string{
+		"AWS_DEFAULT_REGION":    awsregion,
+		"SUMOLOGIC_ACCESSID":    common.SumologicAccessID,
+		"SUMOLOGIC_ACCESSKEY":   common.SumologicAccessKey,
+		"SUMOLOGIC_ENVIRONMENT": common.SumologicEnvironment,
+	}
+
+	terraformOptions, resourceCount := common.ApplyTerraformWithVars(t, vars, envVars)
+
+	return terraformOptions, resourceCount
+}
+
+func UpdateTerraform(t *testing.T, vars map[string]interface{}, options *terraform.Options) *terraform.ResourceCount {
+	options.Vars = vars
+	out := terraform.Apply(t, options)
+	return terraform.GetResourceCount(t, out)
+}
+
+func TestWithDefaultValues(t *testing.T) {
+	t.Parallel()
+	aws_region := "us-east-1"
+	vars := map[string]interface{}{
+		"create_collector":              true,
+		"auto_enable_logs_subscription": "Both",
+	}
+
+	options, count := SetUpTest(t, vars, aws_region)
+
+	// Assert count of Expected resources.
+	test_structure.RunTestStage(t, "AssertCount", func() {
+		common.AssertResourceCounts(t, count, 23, 0, 0)
+	})
+
+	assertResource := common.GetAssertResource(t, options.EnvVars)
+	outputs := common.FetchAllOutputs(t, options)
+	replacementMap := map[string]interface{}{
+		"AccountId":     aws.GetAccountId(t),
+		"Region":        aws_region,
+		"SumoAccountId": common.SumoAccountId,
+		"Deployment":    common.SumologicEnvironment,
+		"OrgId":         common.SumologicOrganizationId,
+		"RandomString":  outputs["random_string"].(map[string]interface{})["id"].(string),
+		"URL":           outputs["sumologic_source"].(map[string]interface{})["url"].(string),
+	}
+	// Assert if the outputs are actually created in AWS and Sumo Logic.
+	// This also checks if your expectation are matched with the outputs, so provide an JSON with expected outputs.
+	expectedOutputs := common.ReadJsonFile("TestWithDefaultValues.json", replacementMap)
+	test_structure.RunTestStage(t, "AssertOutputs", func() {
+		common.AssertOutputsWithLookup(t, options, expectedOutputs, LOOK_UP_MAP)
+	})
+
+	// Assert if the logs are sent to Sumo Logic.
+	assertResource.CheckLogsForPastSixtyMinutes("_sourceid="+outputs["sumologic_source"].(map[string]interface{})["id"].(string), 5, 2*time.Minute)
+}

terratest/common/assertaws.go

@@ -7,11 +7,14 @@ import (
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/cloudformation"
 	"github.com/aws/aws-sdk-go/service/cloudtrail"
+	"github.com/aws/aws-sdk-go/service/cloudwatch"
 	"github.com/aws/aws-sdk-go/service/cloudwatchlogs"
 	"github.com/aws/aws-sdk-go/service/firehose"
 	"github.com/aws/aws-sdk-go/service/iam"
+	"github.com/aws/aws-sdk-go/service/lambda"
 	"github.com/aws/aws-sdk-go/service/s3"
 	"github.com/aws/aws-sdk-go/service/sns"
+	"github.com/aws/aws-sdk-go/service/sqs"
 	"github.com/gruntwork-io/terratest/modules/aws"
 	"github.com/stretchr/testify/assert"
 )
@@ -145,3 +148,49 @@ func (a *ResourcesAssert) AWS_KINESIS_FIREHOSE_DELIVERY_STREAM(value interface{}
 		assert.NoErrorf(a.t, err, "AWS KINESIS FIREHOSE STREAM :- Error Message %v", err)
 	}
 }
+
+func (a *ResourcesAssert) AWS_SQS_QUEUE(value interface{}) {
+	fmt.Println("******** Asserting AWS SQS QUEUE ********")
+	queue_names := getKeyValuesFromData(value, "name")
+
+	sqs_client := aws.NewSqsClient(a.t, a.AwsRegion)
+
+	for _, element := range queue_names {
+		output, err := sqs_client.ListQueues(&sqs.ListQueuesInput{
+			QueueNamePrefix: &element,
+		})
+		assert.NoErrorf(a.t, err, "AWS SQS :- Error Message %v", err)
+		assert.Greater(a.t, len(output.QueueUrls), 0, "No SQS found with the name ."+element)
+	}
+}
+
+func (a *ResourcesAssert) AWS_LAMBDA_FUNCTION(value interface{}) {
+	fmt.Println("******** Asserting AWS LAMBDA FUNCTION ********")
+	fucntion_names := getKeyValuesFromData(value, "function_name")
+
+	mySession := session.Must(session.NewSession())
+	svc := lambda.New(mySession, aws_sdk.NewConfig().WithRegion(a.AwsRegion))
+
+	for _, element := range fucntion_names {
+		_, err := svc.GetFunction(&lambda.GetFunctionInput{
+			FunctionName: &element,
+		})
+		assert.NoErrorf(a.t, err, "AWS Lambda :- Error Message %v", err)
+	}
+}
+
+func (a *ResourcesAssert) AWS_CLOUDWATCH_METRIC_ALARM(value interface{}) {
+	fmt.Println("******** Asserting AWS CLOUDWATCH METRIC ALARM ********")
+	alarm_names := getKeyValuesFromData(value, "alarm_name")
+
+	mySession := session.Must(session.NewSession())
+	svc := cloudwatch.New(mySession, aws_sdk.NewConfig().WithRegion(a.AwsRegion))
+
+	for _, element := range alarm_names {
+		output, err := svc.DescribeAlarms(&cloudwatch.DescribeAlarmsInput{
+			AlarmNamePrefix: &element,
+		})
+		assert.NoErrorf(a.t, err, "AWS CLOUDWATCH ALARM :- Error Message %v", err)
+		assert.Greater(a.t, len(output.MetricAlarms), 0, "No CloudWatch Alarm found with the name ."+element)
+	}
+}