2015-04-30 23:32:53 +00:00
|
|
|
from __future__ import unicode_literals
|
|
|
|
import boto
|
2017-03-05 03:56:36 +00:00
|
|
|
import boto3
|
2015-04-30 23:32:53 +00:00
|
|
|
import sure # noqa
|
|
|
|
|
|
|
|
from nose.tools import assert_raises
|
|
|
|
from boto.exception import BotoServerError
|
2017-02-16 03:35:45 +00:00
|
|
|
from moto import mock_iam, mock_iam_deprecated
|
2015-04-30 23:32:53 +00:00
|
|
|
|
|
|
|
|
2017-02-16 03:35:45 +00:00
|
|
|
@mock_iam_deprecated()
|
2015-04-30 23:32:53 +00:00
|
|
|
def test_create_group():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
conn.create_group('my-group')
|
|
|
|
with assert_raises(BotoServerError):
|
|
|
|
conn.create_group('my-group')
|
|
|
|
|
|
|
|
|
2017-02-16 03:35:45 +00:00
|
|
|
@mock_iam_deprecated()
|
2015-04-30 23:32:53 +00:00
|
|
|
def test_get_group():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
conn.create_group('my-group')
|
|
|
|
conn.get_group('my-group')
|
|
|
|
with assert_raises(BotoServerError):
|
|
|
|
conn.get_group('not-group')
|
|
|
|
|
|
|
|
|
2017-02-16 03:35:45 +00:00
|
|
|
@mock_iam_deprecated()
|
2015-04-30 23:32:53 +00:00
|
|
|
def test_get_all_groups():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
conn.create_group('my-group1')
|
|
|
|
conn.create_group('my-group2')
|
2017-02-24 02:37:43 +00:00
|
|
|
groups = conn.get_all_groups()['list_groups_response'][
|
|
|
|
'list_groups_result']['groups']
|
2015-04-30 23:32:53 +00:00
|
|
|
groups.should.have.length_of(2)
|
|
|
|
|
|
|
|
|
2017-02-16 03:35:45 +00:00
|
|
|
@mock_iam_deprecated()
|
2015-04-30 23:32:53 +00:00
|
|
|
def test_add_user_to_group():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
with assert_raises(BotoServerError):
|
|
|
|
conn.add_user_to_group('my-group', 'my-user')
|
|
|
|
conn.create_group('my-group')
|
|
|
|
with assert_raises(BotoServerError):
|
|
|
|
conn.add_user_to_group('my-group', 'my-user')
|
|
|
|
conn.create_user('my-user')
|
|
|
|
conn.add_user_to_group('my-group', 'my-user')
|
|
|
|
|
|
|
|
|
2017-02-16 03:35:45 +00:00
|
|
|
@mock_iam_deprecated()
|
2015-04-30 23:32:53 +00:00
|
|
|
def test_remove_user_from_group():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
with assert_raises(BotoServerError):
|
|
|
|
conn.remove_user_from_group('my-group', 'my-user')
|
|
|
|
conn.create_group('my-group')
|
|
|
|
conn.create_user('my-user')
|
|
|
|
with assert_raises(BotoServerError):
|
|
|
|
conn.remove_user_from_group('my-group', 'my-user')
|
|
|
|
conn.add_user_to_group('my-group', 'my-user')
|
|
|
|
conn.remove_user_from_group('my-group', 'my-user')
|
|
|
|
|
|
|
|
|
2017-02-16 03:35:45 +00:00
|
|
|
@mock_iam_deprecated()
|
2015-04-30 23:32:53 +00:00
|
|
|
def test_get_groups_for_user():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
conn.create_group('my-group1')
|
|
|
|
conn.create_group('my-group2')
|
|
|
|
conn.create_group('other-group')
|
|
|
|
conn.create_user('my-user')
|
|
|
|
conn.add_user_to_group('my-group1', 'my-user')
|
|
|
|
conn.add_user_to_group('my-group2', 'my-user')
|
|
|
|
|
2017-02-24 02:37:43 +00:00
|
|
|
groups = conn.get_groups_for_user(
|
|
|
|
'my-user')['list_groups_for_user_response']['list_groups_for_user_result']['groups']
|
2015-04-30 23:32:53 +00:00
|
|
|
groups.should.have.length_of(2)
|
2017-03-05 03:56:36 +00:00
|
|
|
|
|
|
|
|
2017-03-05 14:58:39 +00:00
|
|
|
@mock_iam_deprecated()
|
2017-03-05 03:56:36 +00:00
|
|
|
def test_put_group_policy():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
conn.create_group('my-group')
|
|
|
|
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}')
|
|
|
|
|
|
|
|
|
2017-10-01 22:02:00 +00:00
|
|
|
@mock_iam
|
|
|
|
def test_attach_group_policies():
|
|
|
|
conn = boto3.client('iam', region_name='us-east-1')
|
|
|
|
conn.create_group(GroupName='my-group')
|
|
|
|
conn.list_attached_group_policies(GroupName='my-group')['AttachedPolicies'].should.be.empty
|
|
|
|
policy_arn = 'arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role'
|
|
|
|
conn.list_attached_group_policies(GroupName='my-group')['AttachedPolicies'].should.be.empty
|
|
|
|
conn.attach_group_policy(GroupName='my-group', PolicyArn=policy_arn)
|
|
|
|
conn.list_attached_group_policies(GroupName='my-group')['AttachedPolicies'].should.equal(
|
|
|
|
[
|
|
|
|
{
|
|
|
|
'PolicyName': 'AmazonElasticMapReduceforEC2Role',
|
|
|
|
'PolicyArn': policy_arn,
|
|
|
|
}
|
|
|
|
])
|
|
|
|
|
|
|
|
|
2017-03-05 14:58:39 +00:00
|
|
|
@mock_iam_deprecated()
|
2017-03-05 03:56:36 +00:00
|
|
|
def test_get_group_policy():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
conn.create_group('my-group')
|
|
|
|
with assert_raises(BotoServerError):
|
|
|
|
conn.get_group_policy('my-group', 'my-policy')
|
|
|
|
|
|
|
|
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}')
|
|
|
|
policy = conn.get_group_policy('my-group', 'my-policy')
|
|
|
|
|
2017-03-05 14:58:39 +00:00
|
|
|
@mock_iam_deprecated()
|
2017-03-05 03:56:36 +00:00
|
|
|
def test_get_all_group_policies():
|
|
|
|
conn = boto.connect_iam()
|
|
|
|
conn.create_group('my-group')
|
|
|
|
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
|
|
|
|
assert policies == []
|
|
|
|
conn.put_group_policy('my-group', 'my-policy', '{"some": "json"}')
|
|
|
|
policies = conn.get_all_group_policies('my-group')['list_group_policies_response']['list_group_policies_result']['policy_names']
|
|
|
|
assert policies == ['my-policy']
|
|
|
|
|
|
|
|
|
|
|
|
@mock_iam()
|
|
|
|
def test_list_group_policies():
|
2017-03-05 15:09:19 +00:00
|
|
|
conn = boto3.client('iam', region_name='us-east-1')
|
2017-03-05 03:56:36 +00:00
|
|
|
conn.create_group(GroupName='my-group')
|
|
|
|
policies = conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.be.empty
|
|
|
|
conn.put_group_policy(GroupName='my-group', PolicyName='my-policy', PolicyDocument='{"some": "json"}')
|
|
|
|
policies = conn.list_group_policies(GroupName='my-group')['PolicyNames'].should.equal(['my-policy'])
|