gcp.compute package

Submodules

gcp.compute.helpers module

gcp.compute.helpers.does_firewall_open_all_ports_to_any(firewall)[source]

Returns True if firewall has a rule to open all ports to any source. Excludes ICMP.

>>> does_firewall_open_all_ports_to_any({})
False
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['1', '2', '300']}]})
False
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['0-65535']}]})
True
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['0-65535']}]})
True
>>> does_firewall_open_all_ports_to_any({'sourceRanges': ['10.0.0.5/32'], 'allowed': [{'ports': ['0-65535']}]})
True
gcp.compute.helpers.does_firewall_open_all_ports_to_all(firewall)[source]

Returns True if firewall has a rule to open all ports to all. Excludes ICMP.

>>> does_firewall_open_all_ports_to_all({})
False
>>> does_firewall_open_all_ports_to_all({'sourceRanges': ['1.1.1.1/1']})
False
>>> does_firewall_open_all_ports_to_all({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['0-65535']}]})
False
>>> does_firewall_open_all_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['0-65535']}]})
True
gcp.compute.helpers.does_firewall_open_any_ports_to_all(firewall, allowed_ports=None)[source]

Returns True if firewall has a rule to open any ports (except 80/443) to all. Excludes ICMP.

>>> does_firewall_open_any_ports_to_all({})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['1.1.1.1/1']})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['0-65535']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['0-65535']}]})
True
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['1.1.1.1/1'], 'allowed': [{'ports': ['123']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['123']}]})
True
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['80']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['443']}]})
False
>>> does_firewall_open_any_ports_to_all({'sourceRanges': ['0.0.0.0/0'], 'allowed': [{'ports': ['22', '80', '443']}]})
True
gcp.compute.helpers.firewall_id(firewall)[source]

A getter fn for test ids for Firewalls

gcp.compute.resources module

gcp.compute.resources.firewalls()[source]
gcp.compute.resources.networks()[source]
gcp.compute.resources.instances()[source]
gcp.compute.resources.clusters()[source]
gcp.compute.resources.networks_with_instances()[source]
gcp.compute.resources.in_use_firewalls()[source]

gcp.compute.test_firewall_opens_all_ports_to_all module

gcp.compute.test_firewall_opens_all_ports_to_any module

gcp.compute.test_firewall_opens_any_ports_to_all module

gcp.compute.test_gke_version_up_to_date module

gcp.compute.test_only_allowed_gke_versions module

Module contents