2021-09-22 19:42:42 +00:00
|
|
|
import boto3
|
|
|
|
|
import pytest
|
2021-10-18 19:44:29 +00:00
|
|
|
import sure # noqa # pylint: disable=unused-import
|
2021-09-22 19:42:42 +00:00
|
|
|
|
|
|
|
|
from botocore.exceptions import ClientError
|
|
|
|
|
from datetime import datetime
|
|
|
|
|
|
|
|
|
|
from moto import mock_iam
|
2022-08-13 09:49:43 +00:00
|
|
|
from moto.core import DEFAULT_ACCOUNT_ID as ACCOUNT_ID
|
2021-09-22 19:42:42 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@mock_iam
|
|
|
|
|
def test_get_all_server_certs():
|
|
|
|
|
conn = boto3.client("iam", region_name="us-east-1")
|
|
|
|
|
|
|
|
|
|
conn.upload_server_certificate(
|
|
|
|
|
ServerCertificateName="certname",
|
|
|
|
|
CertificateBody="certbody",
|
|
|
|
|
PrivateKey="privatekey",
|
|
|
|
|
)
|
|
|
|
|
certs = conn.list_server_certificates()["ServerCertificateMetadataList"]
|
|
|
|
|
certs.should.have.length_of(1)
|
|
|
|
|
cert1 = certs[0]
|
|
|
|
|
cert1["ServerCertificateName"].should.equal("certname")
|
2022-11-17 21:41:08 -01:00
|
|
|
cert1["Arn"].should.equal(f"arn:aws:iam::{ACCOUNT_ID}:server-certificate/certname")
|
2021-09-22 19:42:42 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@mock_iam
|
|
|
|
|
def test_get_server_cert_doesnt_exist():
|
|
|
|
|
conn = boto3.client("iam", region_name="us-east-1")
|
|
|
|
|
|
|
|
|
|
with pytest.raises(ClientError) as ex:
|
|
|
|
|
conn.get_server_certificate(ServerCertificateName="NonExistant")
|
|
|
|
|
err = ex.value.response["Error"]
|
|
|
|
|
err["Code"].should.equal("NoSuchEntity")
|
|
|
|
|
err["Message"].should.equal(
|
|
|
|
|
"The Server Certificate with name NonExistant cannot be found."
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@mock_iam
|
|
|
|
|
def test_get_server_cert():
|
|
|
|
|
conn = boto3.client("iam", region_name="us-east-1")
|
|
|
|
|
|
|
|
|
|
conn.upload_server_certificate(
|
|
|
|
|
ServerCertificateName="certname",
|
|
|
|
|
CertificateBody="certbody",
|
|
|
|
|
PrivateKey="privatekey",
|
|
|
|
|
)
|
|
|
|
|
cert = conn.get_server_certificate(ServerCertificateName="certname")[
|
|
|
|
|
"ServerCertificate"
|
|
|
|
|
]
|
|
|
|
|
cert["CertificateBody"].should.equal("certbody")
|
|
|
|
|
cert.shouldnt.have.key("CertificateChain")
|
|
|
|
|
cert.shouldnt.have.key("Tags")
|
|
|
|
|
metadata = cert["ServerCertificateMetadata"]
|
|
|
|
|
metadata["Path"].should.equal("/")
|
|
|
|
|
metadata["ServerCertificateName"].should.equal("certname")
|
|
|
|
|
metadata["Arn"].should.equal(
|
2022-11-17 21:41:08 -01:00
|
|
|
f"arn:aws:iam::{ACCOUNT_ID}:server-certificate/certname"
|
2021-09-22 19:42:42 +00:00
|
|
|
)
|
|
|
|
|
metadata.should.have.key("ServerCertificateId")
|
|
|
|
|
metadata["UploadDate"].should.be.a(datetime)
|
|
|
|
|
metadata["Expiration"].should.be.a(datetime)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@mock_iam
|
|
|
|
|
def test_delete_server_cert():
|
|
|
|
|
conn = boto3.client("iam", region_name="us-east-1")
|
|
|
|
|
|
|
|
|
|
conn.upload_server_certificate(
|
|
|
|
|
ServerCertificateName="certname",
|
|
|
|
|
CertificateBody="certbody",
|
|
|
|
|
PrivateKey="privatekey",
|
|
|
|
|
)
|
|
|
|
|
conn.get_server_certificate(ServerCertificateName="certname")
|
|
|
|
|
conn.delete_server_certificate(ServerCertificateName="certname")
|
|
|
|
|
|
|
|
|
|
with pytest.raises(ClientError) as ex:
|
|
|
|
|
conn.get_server_certificate(ServerCertificateName="certname")
|
|
|
|
|
err = ex.value.response["Error"]
|
|
|
|
|
err["Code"].should.equal("NoSuchEntity")
|
|
|
|
|
err["Message"].should.equal(
|
|
|
|
|
"The Server Certificate with name certname cannot be found."
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@mock_iam
|
|
|
|
|
def test_delete_unknown_server_cert():
|
|
|
|
|
conn = boto3.client("iam", region_name="us-east-1")
|
|
|
|
|
|
|
|
|
|
with pytest.raises(ClientError) as ex:
|
|
|
|
|
conn.delete_server_certificate(ServerCertificateName="certname")
|
|
|
|
|
err = ex.value.response["Error"]
|
|
|
|
|
err["Code"].should.equal("NoSuchEntity")
|
|
|
|
|
err["Message"].should.equal(
|
|
|
|
|
"The Server Certificate with name certname cannot be found."
|
|
|
|
|
)
|
