###
# ELASTICSEARCH_LOGS_TO_CLOUDWATCH tests
###
---
- name: Empty, SKIP
  input: {}
  expectations:
    rules:
      ELASTICSEARCH_LOGS_TO_CLOUDWATCH: SKIP

- name: Scenario a) No resources, SKIP
  input:
    Resources: {}
  expectations:
    rules:
      ELASTICSEARCH_LOGS_TO_CLOUDWATCH: SKIP

- name: Scenario b) Elasticsearch with LogPublishingOptions Objects with Enabled set to false but rule suppressed, SKIP
  input:
    Resources:
      ElasticsearchDomain:
        Type: AWS::Elasticsearch::Domain
        Metadata:
          guard:
            SuppressedRules:
              - "ELASTICSEARCH_LOGS_TO_CLOUDWATCH"
        Properties: {}
  expectations:
    rules:
      ELASTICSEARCH_LOGS_TO_CLOUDWATCH: SKIP

- name: Scenario c) Elasticsearch with LogPublishingOptions Objects missing, FAIL
  input:
    Resources:
      ElasticsearchDomain:
        Type: AWS::Elasticsearch::Domain
        Properties: {}
  expectations:
    rules:
      ELASTICSEARCH_LOGS_TO_CLOUDWATCH: FAIL

- name: Scenario c) Elasticsearch with LogPublishingOptions Objects with Enabled set to false, FAIL
  input:
    Resources:
      ElasticsearchDomain:
        Type: AWS::Elasticsearch::Domain
        Properties:
          LogPublishingOptions:
            ES_APPLICATION_LOGS:
                CloudWatchLogsLogGroupArn: 'arn:aws:logs:us-east-1:123456789012:log-group:/aws/opensearchservice/domains/es-application-logs'
                Enabled: false
  expectations:
    rules:
      ELASTICSEARCH_LOGS_TO_CLOUDWATCH: FAIL

- name: Scenario d) Elasticsearch with LogPublishingOptions Objects with Enabled set to true, PASS
  input:
    Resources:
      ElasticsearchDomain:
        Type: AWS::Elasticsearch::Domain
        Properties:
          LogPublishingOptions:
            ES_APPLICATION_LOGS:
                CloudWatchLogsLogGroupArn: 'arn:aws:logs:us-east-1:123456789012:log-group:/aws/opensearchservice/domains/es-application-logs'
                Enabled: true
            SEARCH_SLOW_LOGS:
                CloudWatchLogsLogGroupArn: 'arn:aws:logs:us-east-1:123456789012:log-group:/aws/opensearchservice/domains/es-slow-logs'
                Enabled: true
            INDEX_SLOW_LOGS:
                CloudWatchLogsLogGroupArn: 'arn:aws:logs:us-east-1:123456789012:log-group:/aws/opensearchservice/domains/es-index-slow-logs'
                Enabled: true
  expectations:
    rules:
      ELASTICSEARCH_LOGS_TO_CLOUDWATCH: PASS

- name: Scenario d) Elasticsearch with LogPublishingOptions Objects with Enabled set to true and another set to false, PASS
  input:
    Resources:
      ElasticsearchDomain:
        Type: AWS::Elasticsearch::Domain
        Properties:
          LogPublishingOptions:
            ES_APPLICATION_LOGS:
                CloudWatchLogsLogGroupArn: 'arn:aws:logs:us-east-1:123456789012:log-group:/aws/opensearchservice/domains/es-application-logs'
                Enabled: true
            SEARCH_SLOW_LOGS:
                CloudWatchLogsLogGroupArn: 'arn:aws:logs:us-east-1:123456789012:log-group:/aws/opensearchservice/domains/es-slow-logs'
                Enabled: false
            INDEX_SLOW_LOGS:
                CloudWatchLogsLogGroupArn: 'arn:aws:logs:us-east-1:123456789012:log-group:/aws/opensearchservice/domains/es-index-slow-logs'
                Enabled: false
  expectations:
    rules:
      ELASTICSEARCH_LOGS_TO_CLOUDWATCH: PASS