moto/tests/test_s3/test_s3_cloudformation.py

import json
import boto3

import sure  # noqa # pylint: disable=unused-import

from moto import mock_s3, mock_cloudformation


@mock_s3
@mock_cloudformation
def test_s3_bucket_cloudformation_basic():
    s3 = boto3.client("s3", region_name="us-east-1")
    cf = boto3.client("cloudformation", region_name="us-east-1")

    template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {"testInstance": {"Type": "AWS::S3::Bucket", "Properties": {}}},
        "Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},
    }
    template_json = json.dumps(template)
    cf.create_stack(StackName="test_stack", TemplateBody=template_json)
    stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]

    s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])


@mock_s3
@mock_cloudformation
def test_s3_bucket_cloudformation_with_properties():
    s3 = boto3.client("s3", region_name="us-east-1")
    cf = boto3.client("cloudformation", region_name="us-east-1")

    bucket_name = "MyBucket"
    template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {
            "testInstance": {
                "Type": "AWS::S3::Bucket",
                "Properties": {
                    "BucketName": bucket_name,
                    "BucketEncryption": {
                        "ServerSideEncryptionConfiguration": [
                            {
                                "ServerSideEncryptionByDefault": {
                                    "SSEAlgorithm": "AES256"
                                }
                            }
                        ]
                    },
                },
            }
        },
        "Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},
    }
    template_json = json.dumps(template)
    cf.create_stack(StackName="test_stack", TemplateBody=template_json)
    cf.describe_stacks(StackName="test_stack")
    s3.head_bucket(Bucket=bucket_name)

    encryption = s3.get_bucket_encryption(Bucket=bucket_name)
    encryption["ServerSideEncryptionConfiguration"]["Rules"][0][
        "ApplyServerSideEncryptionByDefault"
    ]["SSEAlgorithm"].should.equal("AES256")


@mock_s3
@mock_cloudformation
def test_s3_bucket_cloudformation_update_no_interruption():
    s3 = boto3.client("s3", region_name="us-east-1")
    cf = boto3.client("cloudformation", region_name="us-east-1")

    template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {"testInstance": {"Type": "AWS::S3::Bucket"}},
        "Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},
    }
    template_json = json.dumps(template)
    cf.create_stack(StackName="test_stack", TemplateBody=template_json)
    stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]
    s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])

    template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {
            "testInstance": {
                "Type": "AWS::S3::Bucket",
                "Properties": {
                    "BucketEncryption": {
                        "ServerSideEncryptionConfiguration": [
                            {
                                "ServerSideEncryptionByDefault": {
                                    "SSEAlgorithm": "AES256"
                                }
                            }
                        ]
                    }
                },
            }
        },
        "Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},
    }
    template_json = json.dumps(template)
    cf.update_stack(StackName="test_stack", TemplateBody=template_json)
    encryption = s3.get_bucket_encryption(
        Bucket=stack_description["Outputs"][0]["OutputValue"]
    )
    encryption["ServerSideEncryptionConfiguration"]["Rules"][0][
        "ApplyServerSideEncryptionByDefault"
    ]["SSEAlgorithm"].should.equal("AES256")


@mock_s3
@mock_cloudformation
def test_s3_bucket_cloudformation_update_replacement():
    s3 = boto3.client("s3", region_name="us-east-1")
    cf = boto3.client("cloudformation", region_name="us-east-1")

    template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {"testInstance": {"Type": "AWS::S3::Bucket"}},
        "Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},
    }
    template_json = json.dumps(template)
    cf.create_stack(StackName="test_stack", TemplateBody=template_json)
    stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]
    s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])

    template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {
            "testInstance": {
                "Type": "AWS::S3::Bucket",
                "Properties": {"BucketName": "MyNewBucketName"},
            }
        },
        "Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},
    }
    template_json = json.dumps(template)
    cf.update_stack(StackName="test_stack", TemplateBody=template_json)
    stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]
    s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])


@mock_s3
@mock_cloudformation
def test_s3_bucket_cloudformation_outputs():
    region_name = "us-east-1"
    s3 = boto3.client("s3", region_name=region_name)
    cf = boto3.resource("cloudformation", region_name=region_name)
    stack_name = "test-stack"
    bucket_name = "test-bucket"
    template = {
        "AWSTemplateFormatVersion": "2010-09-09",
        "Resources": {
            "TestBucket": {
                "Type": "AWS::S3::Bucket",
                "Properties": {"BucketName": bucket_name},
            }
        },
        "Outputs": {
            "BucketARN": {
                "Value": {"Fn::GetAtt": ["TestBucket", "Arn"]},
                "Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketARN"}},
            },
            "BucketDomainName": {
                "Value": {"Fn::GetAtt": ["TestBucket", "DomainName"]},
                "Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketDomainName"}},
            },
            "BucketDualStackDomainName": {
                "Value": {"Fn::GetAtt": ["TestBucket", "DualStackDomainName"]},
                "Export": {
                    "Name": {"Fn::Sub": "${AWS::StackName}:BucketDualStackDomainName"}
                },
            },
            "BucketRegionalDomainName": {
                "Value": {"Fn::GetAtt": ["TestBucket", "RegionalDomainName"]},
                "Export": {
                    "Name": {"Fn::Sub": "${AWS::StackName}:BucketRegionalDomainName"}
                },
            },
            "BucketWebsiteURL": {
                "Value": {"Fn::GetAtt": ["TestBucket", "WebsiteURL"]},
                "Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketWebsiteURL"}},
            },
            "BucketName": {
                "Value": {"Ref": "TestBucket"},
                "Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketName"}},
            },
        },
    }
    cf.create_stack(StackName=stack_name, TemplateBody=json.dumps(template))
    outputs_list = cf.Stack(stack_name).outputs
    output = {item["OutputKey"]: item["OutputValue"] for item in outputs_list}
    s3.head_bucket(Bucket=output["BucketName"])
    output["BucketARN"].should.match(f"arn:aws:s3.+{bucket_name}")
    output["BucketDomainName"].should.equal(f"{bucket_name}.s3.amazonaws.com")
    output["BucketDualStackDomainName"].should.equal(
        f"{bucket_name}.s3.dualstack.{region_name}.amazonaws.com"
    )
    output["BucketRegionalDomainName"].should.equal(
        f"{bucket_name}.s3.{region_name}.amazonaws.com"
    )
    output["BucketWebsiteURL"].should.equal(
        f"http://{bucket_name}.s3-website.{region_name}.amazonaws.com"
    )
    output["BucketName"].should.equal(bucket_name)
Iam cloudformation update, singificant cloudformation refactoring (#3218) * IAM User Cloudformation Enhancements: update, delete, getatt. * AWS::IAM::Policy Support * Added unit tests for AWS:IAM:Policy for roles and groups. Fixed bug related to groups. * AWS:IAM:AccessKey CloudFormation support. * Refactor of CloudFormation parsing.py methods to simplify and standardize how they call to the models. Adjusted some models accordingly. * Further model CloudFormation support changes to align with revised CloudFormation logic. Mostly avoidance of getting resoure name from properties. * Support for Kinesis Stream RetentionPeriodHours param. * Kinesis Stream Cloudformation Tag Support. * Added omitted 'region' param to boto3.client() calls in new tests. Co-authored-by: Joseph Weitekamp <jweite@amazon.com> 2020-08-27 09:11:47 +00:00			`import json`
			`import boto3`

Pylint - Enable more rules on source and tests-directory (#4929) 2022-03-11 21:28:45 +00:00			`import sure # noqa # pylint: disable=unused-import`
Iam cloudformation update, singificant cloudformation refactoring (#3218) * IAM User Cloudformation Enhancements: update, delete, getatt. * AWS::IAM::Policy Support * Added unit tests for AWS:IAM:Policy for roles and groups. Fixed bug related to groups. * AWS:IAM:AccessKey CloudFormation support. * Refactor of CloudFormation parsing.py methods to simplify and standardize how they call to the models. Adjusted some models accordingly. * Further model CloudFormation support changes to align with revised CloudFormation logic. Mostly avoidance of getting resoure name from properties. * Support for Kinesis Stream RetentionPeriodHours param. * Kinesis Stream Cloudformation Tag Support. * Added omitted 'region' param to boto3.client() calls in new tests. Co-authored-by: Joseph Weitekamp <jweite@amazon.com> 2020-08-27 09:11:47 +00:00
			`from moto import mock_s3, mock_cloudformation`


			`@mock_s3`
			`@mock_cloudformation`
			`def test_s3_bucket_cloudformation_basic():`
			`s3 = boto3.client("s3", region_name="us-east-1")`
			`cf = boto3.client("cloudformation", region_name="us-east-1")`

			`template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
Update Black + formatting (#4926) 2022-03-10 14:39:59 +00:00			`"Resources": {"testInstance": {"Type": "AWS::S3::Bucket", "Properties": {}}},`
Iam cloudformation update, singificant cloudformation refactoring (#3218) * IAM User Cloudformation Enhancements: update, delete, getatt. * AWS::IAM::Policy Support * Added unit tests for AWS:IAM:Policy for roles and groups. Fixed bug related to groups. * AWS:IAM:AccessKey CloudFormation support. * Refactor of CloudFormation parsing.py methods to simplify and standardize how they call to the models. Adjusted some models accordingly. * Further model CloudFormation support changes to align with revised CloudFormation logic. Mostly avoidance of getting resoure name from properties. * Support for Kinesis Stream RetentionPeriodHours param. * Kinesis Stream Cloudformation Tag Support. * Added omitted 'region' param to boto3.client() calls in new tests. Co-authored-by: Joseph Weitekamp <jweite@amazon.com> 2020-08-27 09:11:47 +00:00			`"Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},`
			`}`
			`template_json = json.dumps(template)`
Techdebt: Enable pylint rules (#4432) 2021-10-18 19:44:29 +00:00			`cf.create_stack(StackName="test_stack", TemplateBody=template_json)`
Iam cloudformation update, singificant cloudformation refactoring (#3218) * IAM User Cloudformation Enhancements: update, delete, getatt. * AWS::IAM::Policy Support * Added unit tests for AWS:IAM:Policy for roles and groups. Fixed bug related to groups. * AWS:IAM:AccessKey CloudFormation support. * Refactor of CloudFormation parsing.py methods to simplify and standardize how they call to the models. Adjusted some models accordingly. * Further model CloudFormation support changes to align with revised CloudFormation logic. Mostly avoidance of getting resoure name from properties. * Support for Kinesis Stream RetentionPeriodHours param. * Kinesis Stream Cloudformation Tag Support. * Added omitted 'region' param to boto3.client() calls in new tests. Co-authored-by: Joseph Weitekamp <jweite@amazon.com> 2020-08-27 09:11:47 +00:00			`stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]`

			`s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])`


			`@mock_s3`
			`@mock_cloudformation`
			`def test_s3_bucket_cloudformation_with_properties():`
			`s3 = boto3.client("s3", region_name="us-east-1")`
			`cf = boto3.client("cloudformation", region_name="us-east-1")`

			`bucket_name = "MyBucket"`
			`template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Resources": {`
			`"testInstance": {`
			`"Type": "AWS::S3::Bucket",`
			`"Properties": {`
			`"BucketName": bucket_name,`
			`"BucketEncryption": {`
			`"ServerSideEncryptionConfiguration": [`
			`{`
			`"ServerSideEncryptionByDefault": {`
			`"SSEAlgorithm": "AES256"`
			`}`
			`}`
			`]`
			`},`
			`},`
			`}`
			`},`
			`"Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},`
			`}`
			`template_json = json.dumps(template)`
Techdebt: Enable pylint rules (#4432) 2021-10-18 19:44:29 +00:00			`cf.create_stack(StackName="test_stack", TemplateBody=template_json)`
			`cf.describe_stacks(StackName="test_stack")`
Iam cloudformation update, singificant cloudformation refactoring (#3218) * IAM User Cloudformation Enhancements: update, delete, getatt. * AWS::IAM::Policy Support * Added unit tests for AWS:IAM:Policy for roles and groups. Fixed bug related to groups. * AWS:IAM:AccessKey CloudFormation support. * Refactor of CloudFormation parsing.py methods to simplify and standardize how they call to the models. Adjusted some models accordingly. * Further model CloudFormation support changes to align with revised CloudFormation logic. Mostly avoidance of getting resoure name from properties. * Support for Kinesis Stream RetentionPeriodHours param. * Kinesis Stream Cloudformation Tag Support. * Added omitted 'region' param to boto3.client() calls in new tests. Co-authored-by: Joseph Weitekamp <jweite@amazon.com> 2020-08-27 09:11:47 +00:00			`s3.head_bucket(Bucket=bucket_name)`

			`encryption = s3.get_bucket_encryption(Bucket=bucket_name)`
			`encryption["ServerSideEncryptionConfiguration"]["Rules"][0][`
			`"ApplyServerSideEncryptionByDefault"`
			`]["SSEAlgorithm"].should.equal("AES256")`


			`@mock_s3`
			`@mock_cloudformation`
			`def test_s3_bucket_cloudformation_update_no_interruption():`
			`s3 = boto3.client("s3", region_name="us-east-1")`
			`cf = boto3.client("cloudformation", region_name="us-east-1")`

			`template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Resources": {"testInstance": {"Type": "AWS::S3::Bucket"}},`
			`"Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},`
			`}`
			`template_json = json.dumps(template)`
			`cf.create_stack(StackName="test_stack", TemplateBody=template_json)`
			`stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]`
			`s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])`

			`template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Resources": {`
			`"testInstance": {`
			`"Type": "AWS::S3::Bucket",`
			`"Properties": {`
			`"BucketEncryption": {`
			`"ServerSideEncryptionConfiguration": [`
			`{`
			`"ServerSideEncryptionByDefault": {`
			`"SSEAlgorithm": "AES256"`
			`}`
			`}`
			`]`
			`}`
			`},`
			`}`
			`},`
			`"Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},`
			`}`
			`template_json = json.dumps(template)`
			`cf.update_stack(StackName="test_stack", TemplateBody=template_json)`
			`encryption = s3.get_bucket_encryption(`
			`Bucket=stack_description["Outputs"][0]["OutputValue"]`
			`)`
			`encryption["ServerSideEncryptionConfiguration"]["Rules"][0][`
			`"ApplyServerSideEncryptionByDefault"`
			`]["SSEAlgorithm"].should.equal("AES256")`


			`@mock_s3`
			`@mock_cloudformation`
			`def test_s3_bucket_cloudformation_update_replacement():`
			`s3 = boto3.client("s3", region_name="us-east-1")`
			`cf = boto3.client("cloudformation", region_name="us-east-1")`

			`template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Resources": {"testInstance": {"Type": "AWS::S3::Bucket"}},`
			`"Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},`
			`}`
			`template_json = json.dumps(template)`
			`cf.create_stack(StackName="test_stack", TemplateBody=template_json)`
			`stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]`
			`s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])`

			`template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Resources": {`
			`"testInstance": {`
			`"Type": "AWS::S3::Bucket",`
			`"Properties": {"BucketName": "MyNewBucketName"},`
			`}`
			`},`
			`"Outputs": {"Bucket": {"Value": {"Ref": "testInstance"}}},`
			`}`
			`template_json = json.dumps(template)`
			`cf.update_stack(StackName="test_stack", TemplateBody=template_json)`
			`stack_description = cf.describe_stacks(StackName="test_stack")["Stacks"][0]`
			`s3.head_bucket(Bucket=stack_description["Outputs"][0]["OutputValue"])`
Fix: S3 Bucket does not support attribute type Arn in Fn::GetAtt (#3388) Fixes #3387 2020-10-16 10:29:26 +00:00

			`@mock_s3`
			`@mock_cloudformation`
			`def test_s3_bucket_cloudformation_outputs():`
Add missing `Fn::GetAtt` attributes to S3 bucket mock (#3396) * Add missing `Fn::GetAtt` attributes to S3 bucket mock Addresses an issue reported here https://github.com/localstack/aws-cdk-local/issues/1 * Reformat touched files with `black` * Reformat touched files with `black` on Python 3.7 2020-10-27 16:04:32 +00:00			`region_name = "us-east-1"`
			`s3 = boto3.client("s3", region_name=region_name)`
			`cf = boto3.resource("cloudformation", region_name=region_name)`
Fix: S3 Bucket does not support attribute type Arn in Fn::GetAtt (#3388) Fixes #3387 2020-10-16 10:29:26 +00:00			`stack_name = "test-stack"`
			`bucket_name = "test-bucket"`
			`template = {`
			`"AWSTemplateFormatVersion": "2010-09-09",`
			`"Resources": {`
			`"TestBucket": {`
			`"Type": "AWS::S3::Bucket",`
			`"Properties": {"BucketName": bucket_name},`
			`}`
			`},`
			`"Outputs": {`
			`"BucketARN": {`
			`"Value": {"Fn::GetAtt": ["TestBucket", "Arn"]},`
			`"Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketARN"}},`
			`},`
Add missing `Fn::GetAtt` attributes to S3 bucket mock (#3396) * Add missing `Fn::GetAtt` attributes to S3 bucket mock Addresses an issue reported here https://github.com/localstack/aws-cdk-local/issues/1 * Reformat touched files with `black` * Reformat touched files with `black` on Python 3.7 2020-10-27 16:04:32 +00:00			`"BucketDomainName": {`
			`"Value": {"Fn::GetAtt": ["TestBucket", "DomainName"]},`
			`"Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketDomainName"}},`
			`},`
			`"BucketDualStackDomainName": {`
			`"Value": {"Fn::GetAtt": ["TestBucket", "DualStackDomainName"]},`
			`"Export": {`
			`"Name": {"Fn::Sub": "${AWS::StackName}:BucketDualStackDomainName"}`
			`},`
			`},`
			`"BucketRegionalDomainName": {`
			`"Value": {"Fn::GetAtt": ["TestBucket", "RegionalDomainName"]},`
			`"Export": {`
			`"Name": {"Fn::Sub": "${AWS::StackName}:BucketRegionalDomainName"}`
			`},`
			`},`
			`"BucketWebsiteURL": {`
			`"Value": {"Fn::GetAtt": ["TestBucket", "WebsiteURL"]},`
			`"Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketWebsiteURL"}},`
			`},`
Fix: S3 Bucket does not support attribute type Arn in Fn::GetAtt (#3388) Fixes #3387 2020-10-16 10:29:26 +00:00			`"BucketName": {`
			`"Value": {"Ref": "TestBucket"},`
			`"Export": {"Name": {"Fn::Sub": "${AWS::StackName}:BucketName"}},`
			`},`
			`},`
			`}`
			`cf.create_stack(StackName=stack_name, TemplateBody=json.dumps(template))`
			`outputs_list = cf.Stack(stack_name).outputs`
			`output = {item["OutputKey"]: item["OutputValue"] for item in outputs_list}`
			`s3.head_bucket(Bucket=output["BucketName"])`
Techdebt: Replace string-format with f-strings (for tests dirs) (#5678) 2022-11-17 22:41:08 +00:00			`output["BucketARN"].should.match(f"arn:aws:s3.+{bucket_name}")`
			`output["BucketDomainName"].should.equal(f"{bucket_name}.s3.amazonaws.com")`
Add missing `Fn::GetAtt` attributes to S3 bucket mock (#3396) * Add missing `Fn::GetAtt` attributes to S3 bucket mock Addresses an issue reported here https://github.com/localstack/aws-cdk-local/issues/1 * Reformat touched files with `black` * Reformat touched files with `black` on Python 3.7 2020-10-27 16:04:32 +00:00			`output["BucketDualStackDomainName"].should.equal(`
Techdebt: Replace string-format with f-strings (for tests dirs) (#5678) 2022-11-17 22:41:08 +00:00			`f"{bucket_name}.s3.dualstack.{region_name}.amazonaws.com"`
Add missing `Fn::GetAtt` attributes to S3 bucket mock (#3396) * Add missing `Fn::GetAtt` attributes to S3 bucket mock Addresses an issue reported here https://github.com/localstack/aws-cdk-local/issues/1 * Reformat touched files with `black` * Reformat touched files with `black` on Python 3.7 2020-10-27 16:04:32 +00:00			`)`
			`output["BucketRegionalDomainName"].should.equal(`
Techdebt: Replace string-format with f-strings (for tests dirs) (#5678) 2022-11-17 22:41:08 +00:00			`f"{bucket_name}.s3.{region_name}.amazonaws.com"`
Add missing `Fn::GetAtt` attributes to S3 bucket mock (#3396) * Add missing `Fn::GetAtt` attributes to S3 bucket mock Addresses an issue reported here https://github.com/localstack/aws-cdk-local/issues/1 * Reformat touched files with `black` * Reformat touched files with `black` on Python 3.7 2020-10-27 16:04:32 +00:00			`)`
			`output["BucketWebsiteURL"].should.equal(`
Techdebt: Replace string-format with f-strings (for tests dirs) (#5678) 2022-11-17 22:41:08 +00:00			`f"http://{bucket_name}.s3-website.{region_name}.amazonaws.com"`
Add missing `Fn::GetAtt` attributes to S3 bucket mock (#3396) * Add missing `Fn::GetAtt` attributes to S3 bucket mock Addresses an issue reported here https://github.com/localstack/aws-cdk-local/issues/1 * Reformat touched files with `black` * Reformat touched files with `black` on Python 3.7 2020-10-27 16:04:32 +00:00			`)`
Fix: S3 Bucket does not support attribute type Arn in Fn::GetAtt (#3388) Fixes #3387 2020-10-16 10:29:26 +00:00			`output["BucketName"].should.equal(bucket_name)`