Can I simulate an S3 bucket going down when it is accessible to root user?
I'm trying to test new network monitoring code for an application that runs on a Debian appliance. I am currently tasked with ensuring that an SNMP trap is thrown when external network shares (such as S3 buckets) are mounted with FUSE and the connection is broken.
The problem is that to make the share inaccessible, I would apparently have to make files unwritable (or block every possible S3-related IP with iptables) and I cannot block write access if the bucket is meant to be read from and written to by the root user, and is monitored by the root user.
Is there some way to make this program, running as root, think the bucket went down?
P.S. I cannot make these buckets using chattr because, afaik, S3 doesn't support the concept of attributes like immutability.
Solution 1:
There are so many ways to simulate something going down. You've already said one which is to use iptables block rules.
Another really simple way - unplug the network router so that your monitoring software can still see the host, but the host can't talk to S3 (or anything else for that matter). To me, this is the simplest but may in some cases not be appropriate.
Another option is to edit the hosts file on the server, and add some dummy IP's for the S3 hostnames so that they resolve to the wrong place. i.e. use an IP that's unassigned to anything. Therefore all S3 requests from host will attempt to go there but won't be able to. When you're done, just delete the IP's out of the hosts file and everything will come back to life without a restart.
Solution 2:
Why not just check for the existence of a specific file in the S3 bucket. If it's not there, throw your SNMP trap.
Creating/deleting this file will make it very simple to verify that your script is working properly.