moto/tests/test_iot/test_iot.py

import boto3
import pytest
from botocore.exceptions import ClientError

from moto import mock_aws
from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID


@mock_aws
def test_endpoints():
    region_name = "ap-northeast-1"
    client = boto3.client("iot", region_name=region_name)

    # iot:Data
    endpoint = client.describe_endpoint(endpointType="iot:Data")
    assert "ats" not in endpoint["endpointAddress"]
    assert f"iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]

    # iot:Data-ATS
    endpoint = client.describe_endpoint(endpointType="iot:Data-ATS")
    assert f"ats.iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]

    # iot:Data-ATS
    endpoint = client.describe_endpoint(endpointType="iot:CredentialProvider")
    assert f"credentials.iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]

    # iot:Data-ATS
    endpoint = client.describe_endpoint(endpointType="iot:Jobs")
    assert f"jobs.iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]

    # raise InvalidRequestException
    with pytest.raises(ClientError) as exc:
        client.describe_endpoint(endpointType="iot:Abc")
    err = exc.value.response["Error"]
    assert err["Code"] == "InvalidRequestException"


@mock_aws
def test_principal_policy():
    client = boto3.client("iot", region_name="ap-northeast-1")
    policy_name = "my-policy"
    doc = "{}"
    client.create_policy(policyName=policy_name, policyDocument=doc)
    cert = client.create_keys_and_certificate(setAsActive=True)
    cert_arn = cert["certificateArn"]

    client.attach_policy(policyName=policy_name, target=cert_arn)

    res = client.list_principal_policies(principal=cert_arn)
    assert len(res["policies"]) == 1
    for policy in res["policies"]:
        assert policy["policyName"] is not None
        assert policy["policyArn"] is not None

    # do nothing if policy have already attached to certificate
    client.attach_policy(policyName=policy_name, target=cert_arn)

    res = client.list_principal_policies(principal=cert_arn)
    assert len(res["policies"]) == 1
    for policy in res["policies"]:
        assert policy["policyName"] is not None
        assert policy["policyArn"] is not None

    res = client.list_policy_principals(policyName=policy_name)
    assert len(res["principals"]) == 1
    assert res["principals"][0].startswith(
        f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:cert/"
    )

    client.detach_policy(policyName=policy_name, target=cert_arn)
    res = client.list_principal_policies(principal=cert_arn)
    assert len(res["policies"]) == 0
    res = client.list_policy_principals(policyName=policy_name)
    assert len(res["principals"]) == 0
    with pytest.raises(ClientError) as e:
        client.detach_policy(policyName=policy_name, target=cert_arn)
    assert e.value.response["Error"]["Code"] == "ResourceNotFoundException"


@mock_aws
def test_principal_policy_deprecated():
    client = boto3.client("iot", region_name="ap-northeast-1")
    policy_name = "my-policy"
    doc = "{}"
    client.create_policy(policyName=policy_name, policyDocument=doc)
    cert = client.create_keys_and_certificate(setAsActive=True)
    cert_arn = cert["certificateArn"]

    client.attach_principal_policy(policyName=policy_name, principal=cert_arn)

    res = client.list_principal_policies(principal=cert_arn)
    assert len(res["policies"]) == 1
    assert res["policies"][0]["policyName"] == "my-policy"
    assert (
        res["policies"][0]["policyArn"]
        == f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:policy/my-policy"
    )

    res = client.list_policy_principals(policyName=policy_name)
    assert len(res["principals"]) == 1
    assert res["principals"][0].startswith(
        f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:cert/"
    )

    client.detach_principal_policy(policyName=policy_name, principal=cert_arn)
    res = client.list_principal_policies(principal=cert_arn)
    assert len(res["policies"]) == 0
    res = client.list_policy_principals(policyName=policy_name)
    assert len(res["principals"]) == 0


@mock_aws
def test_principal_thing():
    client = boto3.client("iot", region_name="ap-northeast-1")
    thing_name = "my-thing"
    client.create_thing(thingName=thing_name)
    cert = client.create_keys_and_certificate(setAsActive=True)
    cert_arn = cert["certificateArn"]

    client.attach_thing_principal(thingName=thing_name, principal=cert_arn)

    res = client.list_principal_things(principal=cert_arn)
    assert len(res["things"]) == 1
    assert res["things"][0] == thing_name
    res = client.list_thing_principals(thingName=thing_name)
    assert len(res["principals"]) == 1
    assert res["principals"][0].startswith(
        f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:cert/"
    )

    client.detach_thing_principal(thingName=thing_name, principal=cert_arn)
    res = client.list_principal_things(principal=cert_arn)
    assert len(res["things"]) == 0
    res = client.list_thing_principals(thingName=thing_name)
    assert len(res["principals"]) == 0

    with pytest.raises(ClientError) as e:
        client.list_thing_principals(thingName="xxx")

    assert e.value.response["Error"]["Code"] == "ResourceNotFoundException"
    assert (
        e.value.response["Error"]["Message"]
        == "Failed to list principals for thing xxx because the thing does not exist in your account"
    )
Merged iot 2019-05-28 08:56:49 +02:00			`import boto3`
Admin: sorting imports with ruff (#7075) 2023-11-30 07:55:51 -08:00			`import pytest`
			`from botocore.exceptions import ClientError`
Merged iot 2019-05-28 08:56:49 +02:00
Introduce mock_aws() (#7194) 2024-01-07 12:03:33 +00:00			`from moto import mock_aws`
MultiAccount support (#5192) 2022-08-13 09:49:43 +00:00			`from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID`
Merged iot 2019-05-28 08:56:49 +02:00
fix linting errors 2019-12-23 09:01:53 +01:00
Introduce mock_aws() (#7194) 2024-01-07 12:03:33 +00:00			`@mock_aws`
Add describe_endpoint and register_certificate_without_ca in iot_mock module with unittest (#3279) Co-authored-by: Zhi Li <zhi_li@trendmicro.com> 2020-09-04 04:11:17 -04:00			`def test_endpoints():`
			`region_name = "ap-northeast-1"`
			`client = boto3.client("iot", region_name=region_name)`

			`# iot:Data`
			`endpoint = client.describe_endpoint(endpointType="iot:Data")`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert "ats" not in endpoint["endpointAddress"]`
			`assert f"iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]`
Add describe_endpoint and register_certificate_without_ca in iot_mock module with unittest (#3279) Co-authored-by: Zhi Li <zhi_li@trendmicro.com> 2020-09-04 04:11:17 -04:00
			`# iot:Data-ATS`
			`endpoint = client.describe_endpoint(endpointType="iot:Data-ATS")`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert f"ats.iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]`
Add describe_endpoint and register_certificate_without_ca in iot_mock module with unittest (#3279) Co-authored-by: Zhi Li <zhi_li@trendmicro.com> 2020-09-04 04:11:17 -04:00
			`# iot:Data-ATS`
			`endpoint = client.describe_endpoint(endpointType="iot:CredentialProvider")`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert f"credentials.iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]`
Add describe_endpoint and register_certificate_without_ca in iot_mock module with unittest (#3279) Co-authored-by: Zhi Li <zhi_li@trendmicro.com> 2020-09-04 04:11:17 -04:00
			`# iot:Data-ATS`
			`endpoint = client.describe_endpoint(endpointType="iot:Jobs")`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert f"jobs.iot.{region_name}.amazonaws.com" in endpoint["endpointAddress"]`
Add describe_endpoint and register_certificate_without_ca in iot_mock module with unittest (#3279) Co-authored-by: Zhi Li <zhi_li@trendmicro.com> 2020-09-04 04:11:17 -04:00
			`# raise InvalidRequestException`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`with pytest.raises(ClientError) as exc:`
Add describe_endpoint and register_certificate_without_ca in iot_mock module with unittest (#3279) Co-authored-by: Zhi Li <zhi_li@trendmicro.com> 2020-09-04 04:11:17 -04:00			`client.describe_endpoint(endpointType="iot:Abc")`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`err = exc.value.response["Error"]`
			`assert err["Code"] == "InvalidRequestException"`
Add describe_endpoint and register_certificate_without_ca in iot_mock module with unittest (#3279) Co-authored-by: Zhi Li <zhi_li@trendmicro.com> 2020-09-04 04:11:17 -04:00

Introduce mock_aws() (#7194) 2024-01-07 12:03:33 +00:00			`@mock_aws`
Merged iot 2019-05-28 08:56:49 +02:00			`def test_principal_policy():`
Add support for IoT attach_policy 2018-10-25 20:34:53 +09:00			`client = boto3.client("iot", region_name="ap-northeast-1")`
			`policy_name = "my-policy"`
			`doc = "{}"`
Merged iot 2019-05-28 08:56:49 +02:00			`client.create_policy(policyName=policy_name, policyDocument=doc)`
			`cert = client.create_keys_and_certificate(setAsActive=True)`
Add support for IoT attach_policy 2018-10-25 20:34:53 +09:00			`cert_arn = cert["certificateArn"]`
Merged iot 2019-05-28 08:56:49 +02:00
			`client.attach_policy(policyName=policy_name, target=cert_arn)`

			`res = client.list_principal_policies(principal=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["policies"]) == 1`
add test case for IoT attach_policy do nothing if policy have already attached to certificate 2018-10-28 17:13:17 +09:00			`for policy in res["policies"]:`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert policy["policyName"] is not None`
			`assert policy["policyArn"] is not None`
Merged iot 2019-05-28 08:56:49 +02:00
			`# do nothing if policy have already attached to certificate`
			`client.attach_policy(policyName=policy_name, target=cert_arn)`

			`res = client.list_principal_policies(principal=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["policies"]) == 1`
Add support for IoT attach_policy 2018-10-25 20:34:53 +09:00			`for policy in res["policies"]:`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert policy["policyName"] is not None`
			`assert policy["policyArn"] is not None`
Merged iot 2019-05-28 08:56:49 +02:00
			`res = client.list_policy_principals(policyName=policy_name)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["principals"]) == 1`
			`assert res["principals"][0].startswith(`
			`f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:cert/"`
			`)`
Merged iot 2019-05-28 08:56:49 +02:00
			`client.detach_policy(policyName=policy_name, target=cert_arn)`
			`res = client.list_principal_policies(principal=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["policies"]) == 0`
Merged iot 2019-05-28 08:56:49 +02:00			`res = client.list_policy_principals(policyName=policy_name)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["principals"]) == 0`
Port test suite from nose to pytest. This just eliminates all errors on the tests collection. Elimination of failures is left to the next commit. 2020-10-06 07:54:49 +02:00			`with pytest.raises(ClientError) as e:`
Merged iot 2019-05-28 08:56:49 +02:00			`client.detach_policy(policyName=policy_name, target=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert e.value.response["Error"]["Code"] == "ResourceNotFoundException"`
Merged iot 2019-05-28 08:56:49 +02:00

Introduce mock_aws() (#7194) 2024-01-07 12:03:33 +00:00			`@mock_aws`
Merged iot 2019-05-28 08:56:49 +02:00			`def test_principal_policy_deprecated():`
Support iot and iot-data (#1303) * append appropriate urls when scaffolding * make dispatch for rest-api * fix dispatch for rest-json * fix moto/core/response to obtain path and body parameters * small fixes * remove unused import * fix get_int_param * Add features of things and thing-types * fix scaffold * basic crud of cert * support basic CRUD of policy * refactor * fix formatting of scaffold * support principal_pocicy * support thing_principal * update readme * escape service to handle service w/ hyphen like iot-data * escape service w/ hyphen * fix regexp to extract region from url * escape service * Implement basic iota-data feature * iot-data shadow delta * update readme * remove unused import * remove comment * fix syntax * specify region when creating boto3 client for test * use uuid for seed of generating cert id * specify region_name to iotdata client in test * specify region to boto3 client in moto response * excude iot and iotdata tests on server mode * fix handling of thingTypeName in describe-thing * test if server is up for iot 2017-11-10 18:44:02 +09:00			`client = boto3.client("iot", region_name="ap-northeast-1")`
			`policy_name = "my-policy"`
			`doc = "{}"`
Admin - enable more Pylint rules (#5037) 2022-04-18 20:44:56 +00:00			`client.create_policy(policyName=policy_name, policyDocument=doc)`
Merged iot 2019-05-28 08:56:49 +02:00			`cert = client.create_keys_and_certificate(setAsActive=True)`
Support iot and iot-data (#1303) * append appropriate urls when scaffolding * make dispatch for rest-api * fix dispatch for rest-json * fix moto/core/response to obtain path and body parameters * small fixes * remove unused import * fix get_int_param * Add features of things and thing-types * fix scaffold * basic crud of cert * support basic CRUD of policy * refactor * fix formatting of scaffold * support principal_pocicy * support thing_principal * update readme * escape service to handle service w/ hyphen like iot-data * escape service w/ hyphen * fix regexp to extract region from url * escape service * Implement basic iota-data feature * iot-data shadow delta * update readme * remove unused import * remove comment * fix syntax * specify region when creating boto3 client for test * use uuid for seed of generating cert id * specify region_name to iotdata client in test * specify region to boto3 client in moto response * excude iot and iotdata tests on server mode * fix handling of thingTypeName in describe-thing * test if server is up for iot 2017-11-10 18:44:02 +09:00			`cert_arn = cert["certificateArn"]`
Merged iot 2019-05-28 08:56:49 +02:00
			`client.attach_principal_policy(policyName=policy_name, principal=cert_arn)`

			`res = client.list_principal_policies(principal=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["policies"]) == 1`
			`assert res["policies"][0]["policyName"] == "my-policy"`
			`assert (`
			`res["policies"][0]["policyArn"]`
			`== f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:policy/my-policy"`
Admin - enable more Pylint rules (#5037) 2022-04-18 20:44:56 +00:00			`)`
Merged iot 2019-05-28 08:56:49 +02:00
			`res = client.list_policy_principals(policyName=policy_name)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["principals"]) == 1`
			`assert res["principals"][0].startswith(`
			`f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:cert/"`
			`)`
Merged iot 2019-05-28 08:56:49 +02:00
			`client.detach_principal_policy(policyName=policy_name, principal=cert_arn)`
			`res = client.list_principal_policies(principal=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["policies"]) == 0`
Merged iot 2019-05-28 08:56:49 +02:00			`res = client.list_policy_principals(policyName=policy_name)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["principals"]) == 0`
Merged iot 2019-05-28 08:56:49 +02:00

Introduce mock_aws() (#7194) 2024-01-07 12:03:33 +00:00			`@mock_aws`
Merged iot 2019-05-28 08:56:49 +02:00			`def test_principal_thing():`
Support iot and iot-data (#1303) * append appropriate urls when scaffolding * make dispatch for rest-api * fix dispatch for rest-json * fix moto/core/response to obtain path and body parameters * small fixes * remove unused import * fix get_int_param * Add features of things and thing-types * fix scaffold * basic crud of cert * support basic CRUD of policy * refactor * fix formatting of scaffold * support principal_pocicy * support thing_principal * update readme * escape service to handle service w/ hyphen like iot-data * escape service w/ hyphen * fix regexp to extract region from url * escape service * Implement basic iota-data feature * iot-data shadow delta * update readme * remove unused import * remove comment * fix syntax * specify region when creating boto3 client for test * use uuid for seed of generating cert id * specify region_name to iotdata client in test * specify region to boto3 client in moto response * excude iot and iotdata tests on server mode * fix handling of thingTypeName in describe-thing * test if server is up for iot 2017-11-10 18:44:02 +09:00			`client = boto3.client("iot", region_name="ap-northeast-1")`
			`thing_name = "my-thing"`
Techdebt: Enable pylint rules (#4432) 2021-10-18 19:44:29 +00:00			`client.create_thing(thingName=thing_name)`
Merged iot 2019-05-28 08:56:49 +02:00			`cert = client.create_keys_and_certificate(setAsActive=True)`
Support iot and iot-data (#1303) * append appropriate urls when scaffolding * make dispatch for rest-api * fix dispatch for rest-json * fix moto/core/response to obtain path and body parameters * small fixes * remove unused import * fix get_int_param * Add features of things and thing-types * fix scaffold * basic crud of cert * support basic CRUD of policy * refactor * fix formatting of scaffold * support principal_pocicy * support thing_principal * update readme * escape service to handle service w/ hyphen like iot-data * escape service w/ hyphen * fix regexp to extract region from url * escape service * Implement basic iota-data feature * iot-data shadow delta * update readme * remove unused import * remove comment * fix syntax * specify region when creating boto3 client for test * use uuid for seed of generating cert id * specify region_name to iotdata client in test * specify region to boto3 client in moto response * excude iot and iotdata tests on server mode * fix handling of thingTypeName in describe-thing * test if server is up for iot 2017-11-10 18:44:02 +09:00			`cert_arn = cert["certificateArn"]`
Merged iot 2019-05-28 08:56:49 +02:00
			`client.attach_thing_principal(thingName=thing_name, principal=cert_arn)`

			`res = client.list_principal_things(principal=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["things"]) == 1`
			`assert res["things"][0] == thing_name`
Merged iot 2019-05-28 08:56:49 +02:00			`res = client.list_thing_principals(thingName=thing_name)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["principals"]) == 1`
			`assert res["principals"][0].startswith(`
			`f"arn:aws:iot:ap-northeast-1:{ACCOUNT_ID}:cert/"`
			`)`
Merged iot 2019-05-28 08:56:49 +02:00
			`client.detach_thing_principal(thingName=thing_name, principal=cert_arn)`
			`res = client.list_principal_things(principal=cert_arn)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["things"]) == 0`
Merged iot 2019-05-28 08:56:49 +02:00			`res = client.list_thing_principals(thingName=thing_name)`
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert len(res["principals"]) == 0`
Add group features to iot (#1402) * Add thing group features * thing thing-group relation * clean up comments 2018-01-04 18:59:37 +09:00
Finish porting from nose to pytest. 2020-10-06 08:04:09 +02:00			`with pytest.raises(ClientError) as e:`
fix lint 2020-04-21 14:43:04 +09:00			`client.list_thing_principals(thingName="xxx")`
Added existence check of target thing to IoT ListThingPrincipals fix #2910 2020-04-21 14:11:53 +09:00
Techdebt: Replace sure with regular assertions in IOT (#6577) 2023-07-31 21:50:24 +00:00			`assert e.value.response["Error"]["Code"] == "ResourceNotFoundException"`
			`assert (`
			`e.value.response["Error"]["Message"]`
			`== "Failed to list principals for thing xxx because the thing does not exist in your account"`
Added existence check of target thing to IoT ListThingPrincipals fix #2910 2020-04-21 14:11:53 +09:00			`)`