def passed_hardfailure_detector()

in application-load-balancer-copy-utility/copy_classic_load_balancer.py [0:0]

• 54 lines of code
• 25 McCabe index (conditional complexity)

def passed_hardfailure_detector(elb_data):
    if debug:
        print("Checking hard failure detector")
    # if there are any errors below we will change this to True, else continue
    error = None

    # 1. Verify source load balancer does not have TCP or SSL listeners
    for listener in elb_data['LoadBalancerDescriptions'][0]['ListenerDescriptions']:
        if (listener['Listener']['Protocol'] == "TCP") or listener['Listener']['Protocol'] == "SSL":
            print("TCP and SSL listeners are not supported on Application Load Balancer.")
            error = True

    # 2. Verify source load balancer is not in EC2-Classic, 3. Verify source
    # load balancer has at least two enabled subnets
    if 'VPCId' in elb_data['LoadBalancerDescriptions'][0]:
        if len(elb_data['LoadBalancerDescriptions'][0]['Subnets']) >= 2:
            pass
        else:
            print("Error: The Classic load balancer has 1 enabled subnet.\
 A minimum of 2 subnets is required for an Application Load Balancer.")
            error = True
    else:
        print("Error: The Classic load balancer is in EC2-Classic instead of a VPC.\
 A VPC is required for an Application Load Balancer.")
        error = True

    # 4. Verify source load balancer does not use TCP or SSL health checks
    if ('TCP' in elb_data['LoadBalancerDescriptions'][0]['HealthCheck']['Target']) or (
            'SSL' in elb_data['LoadBalancerDescriptions'][0]['HealthCheck']['Target']):
        print("Error: The Classic load balancer uses TCP or SSL health checks.\
 HTTP or HTTPS health checks are required for an Application Load Balancer.")
        error = True

    # 5. Verify unique backend ports is less than 50
    if len(elb_data['LoadBalancerDescriptions'][0]['ListenerDescriptions']) >= 50:
        backend_ports = []
        for listener in elb_data['LoadBalancerDescriptions'][0]['ListenerDescriptions']:
            if listener['Listener']['InstancePort'] not in backend_ports:
                backend_ports.append(listener['Listener']['InstancePort'])
        if len(backend_ports) >= 50:
            print("Error: The number of unique backend "
                  "ports exceeds 50. The default limit for target groups is 50.")
            error = True

        # 6 Verify that the number of listeners is less than the default
    if len(elb_data['LoadBalancerDescriptions'][0]['ListenerDescriptions']) >= 10:
        print("Error: The number of listeners exceeds "
              "the default limit for an Application Load Balancer.")

        # 7. If Application-Controlled sticky policies are present
    for elb_listener in elb_data['LoadBalancerDescriptions'][0]['ListenerDescriptions']:
        if len(elb_listener['PolicyNames']) > 0:
            if 'AppCookieStickinessPolicy' in elb_listener['PolicyNames'][0]:
                print("Error: The Classic load balancer "
                      "has Application-Controlled stickiness policy."
                      "Application-Controlled stickiness policy is not supported "
                      "on Application Load Balancer.")
                error = True

        # 8. Check for backend authentication on HTTPS backend ports
    if len(elb_data['LoadBalancerDescriptions'][0]['Policies']['OtherPolicies']) > 0:
        for policy in elb_data['LoadBalancerDescriptions'][0]['Policies']['OtherPolicies']:
            if 'BackendAuthenticationPolicy' in policy:
                print("Error: The Classic load balancer has Backend HTTPS authentication.\
 Backend HTTPS authentication is not supported on Application Load Balancer.")
                error = True

    if error:
        return False
    else:
        return True