Closed justinvp closed 4 years ago
Something that would be nice to add is the ability for the test case to configure how the AwsGuard
library gets consumed.
For example, when writing a new PAC rule I need to do things like enable deletion protection and create an S3 bucket for logs. (Otherwise it would run afoul of other AWSGuard rules.) But that adds unnecessary complications when trying to test specific rules.
So I imagine the integration test, e.g. network_test.go
would have a list of rules it would explicitly set the enforcement level to disable
when running the test.
Assigning to myself, as it looks like this is blocking us from writing more sophisticated unit tests. (e.g. now we require enabling logs... which requires an S3 bucket... which requires that it has its own logging enabled...)
Use an alternative approach to creating a new instance of
AwsGuard
for the integration tests, rather than having this baked into the library itself.