gcp.compute package¶

Submodules¶

gcp.compute.helpers module¶

gcp.compute.helpers.does_firewall_open_all_ports_to_any(firewall)[source]¶

Returns True if firewall has a rule to open all ports to any source. Excludes ICMP.

>>> does_firewall_open_all_ports_to_any({})
False
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['1', '2', '300']}]})
False
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['0-65535']}]})
True
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['0-65535']}]})
True
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['10.0.0.5/32'], 'allowed': [{'ports': ['0-65535']}]})
True

gcp.compute.helpers.does_firewall_open_all_ports_to_all(firewall)[source]¶

Returns True if firewall has a rule to open all ports to all. Excludes ICMP.

>>> does_firewall_open_all_ports_to_all({})
False
>>> does_firewall_open_all_ports_to_all({'sourceRanges': ['1.1.1.1/1']})
False
>>> does_firewall_open_all_ports_to_all({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['0-65535']}]})
False
>>> does_firewall_open_all_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['0-65535']}]})
True

gcp.compute.helpers.does_firewall_open_any_ports_to_all(firewall, allowed_ports=None)[source]¶

Returns True if firewall has a rule to open any ports (except 80/443) to all. Excludes ICMP.

>>> does_firewall_open_any_ports_to_all({})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['1.1.1.1/1']})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['0-65535']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['0-65535']}]})
True
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['123']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['123']}]})
True
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['80']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['443']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['22', '80', '443']}]})
True

gcp.compute.helpers.firewall_id(firewall)[source]¶: A getter fn for test ids for Firewalls

gcp.compute.resources module¶

gcp.compute.resources.firewalls()[source]¶

gcp.compute.resources.networks()[source]¶

gcp.compute.resources.instances()[source]¶

gcp.compute.resources.clusters()[source]¶

gcp.compute.resources.networks_with_instances()[source]¶

gcp.compute.resources.in_use_firewalls()[source]¶

gcp.compute package¶

Submodules¶

gcp.compute.helpers module¶

gcp.compute.resources module¶

gcp.compute.test_firewall_opens_all_ports_to_all module¶

gcp.compute.test_firewall_opens_all_ports_to_any module¶

gcp.compute.test_firewall_opens_any_ports_to_all module¶

gcp.compute.test_gke_version_up_to_date module¶

gcp.compute.test_only_allowed_gke_versions module¶

Module contents¶

Contents

Navigation