moto/tests/test_iam/test_iam_groups.py

from datetime import datetime

import boto3
import sure  # noqa  # pylint: disable=unused-import
import json

import pytest
from botocore.exceptions import ClientError
from moto import mock_iam
from moto.core import ACCOUNT_ID

MOCK_POLICY = """
{
  "Version": "2012-10-17",
  "Statement":
    {
      "Effect": "Allow",
      "Action": "s3:ListBucket",
      "Resource": "arn:aws:s3:::example_bucket"
    }
}
"""


@mock_iam
def test_create_group_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    with pytest.raises(ClientError) as ex:
        conn.create_group(GroupName="my-group")
    err = ex.value.response["Error"]
    err["Code"].should.equal("Group my-group already exists")
    err["Message"].should.equal(None)


@mock_iam
def test_get_group_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    created = conn.create_group(GroupName="my-group")["Group"]
    created["Path"].should.equal("/")
    created["GroupName"].should.equal("my-group")
    created.should.have.key("GroupId")
    created["Arn"].should.equal("arn:aws:iam::{}:group/my-group".format(ACCOUNT_ID))
    created["CreateDate"].should.be.a(datetime)

    retrieved = conn.get_group(GroupName="my-group")["Group"]
    retrieved.should.equal(created)

    with pytest.raises(ClientError) as ex:
        conn.get_group(GroupName="not-group")
    err = ex.value.response["Error"]
    err["Code"].should.equal("NoSuchEntity")
    err["Message"].should.equal("Group not-group not found")


@mock_iam()
def test_get_group_current():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    result = conn.get_group(GroupName="my-group")

    assert result["Group"]["Path"] == "/"
    assert result["Group"]["GroupName"] == "my-group"
    assert isinstance(result["Group"]["CreateDate"], datetime)
    assert result["Group"]["GroupId"]
    assert result["Group"]["Arn"] == "arn:aws:iam::{}:group/my-group".format(ACCOUNT_ID)
    assert not result["Users"]

    # Make a group with a different path:
    other_group = conn.create_group(GroupName="my-other-group", Path="some/location")
    assert other_group["Group"]["Path"] == "some/location"
    assert other_group["Group"][
        "Arn"
    ] == "arn:aws:iam::{}:group/some/location/my-other-group".format(ACCOUNT_ID)


@mock_iam
def test_get_all_groups_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group1")
    conn.create_group(GroupName="my-group2")
    groups = conn.list_groups()["Groups"]
    groups.should.have.length_of(2)


@mock_iam
def test_add_unknown_user_to_group():
    conn = boto3.client("iam", region_name="us-east-1")
    with pytest.raises(ClientError) as ex:
        conn.add_user_to_group(GroupName="my-group", UserName="my-user")
    err = ex.value.response["Error"]
    err["Code"].should.equal("NoSuchEntity")
    err["Message"].should.equal("The user with name my-user cannot be found.")


@mock_iam
def test_add_user_to_unknown_group():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_user(UserName="my-user")
    with pytest.raises(ClientError) as ex:
        conn.add_user_to_group(GroupName="my-group", UserName="my-user")
    err = ex.value.response["Error"]
    err["Code"].should.equal("NoSuchEntity")
    err["Message"].should.equal("Group my-group not found")


@mock_iam
def test_add_user_to_group_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    conn.create_user(UserName="my-user")
    conn.add_user_to_group(GroupName="my-group", UserName="my-user")


@mock_iam
def test_remove_user_from_unknown_group():
    conn = boto3.client("iam", region_name="us-east-1")
    with pytest.raises(ClientError) as ex:
        conn.remove_user_from_group(GroupName="my-group", UserName="my-user")
    err = ex.value.response["Error"]
    err["Code"].should.equal("NoSuchEntity")
    err["Message"].should.equal("Group my-group not found")


@mock_iam
def test_remove_nonattached_user_from_group():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    conn.create_user(UserName="my-user")
    with pytest.raises(ClientError) as ex:
        conn.remove_user_from_group(GroupName="my-group", UserName="my-user")
    err = ex.value.response["Error"]
    err["Code"].should.equal("NoSuchEntity")
    err["Message"].should.equal("User my-user not in group my-group")


@mock_iam
def test_remove_user_from_group_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    conn.create_user(UserName="my-user")
    conn.add_user_to_group(GroupName="my-group", UserName="my-user")
    conn.remove_user_from_group(GroupName="my-group", UserName="my-user")


@mock_iam
def test_get_groups_for_user_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group1")
    conn.create_group(GroupName="my-group2")
    conn.create_group(GroupName="other-group")
    conn.create_user(UserName="my-user")
    conn.add_user_to_group(GroupName="my-group1", UserName="my-user")
    conn.add_user_to_group(GroupName="my-group2", UserName="my-user")

    groups = conn.list_groups_for_user(UserName="my-user")["Groups"]
    groups.should.have.length_of(2)


@mock_iam
def test_put_group_policy_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    conn.put_group_policy(
        GroupName="my-group", PolicyName="my-policy", PolicyDocument=MOCK_POLICY
    )


@mock_iam
def test_attach_group_policies():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    conn.list_attached_group_policies(GroupName="my-group")[
        "AttachedPolicies"
    ].should.be.empty
    policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role"
    conn.list_attached_group_policies(GroupName="my-group")[
        "AttachedPolicies"
    ].should.be.empty
    conn.attach_group_policy(GroupName="my-group", PolicyArn=policy_arn)
    conn.list_attached_group_policies(GroupName="my-group")[
        "AttachedPolicies"
    ].should.equal(
        [{"PolicyName": "AmazonElasticMapReduceforEC2Role", "PolicyArn": policy_arn}]
    )

    conn.detach_group_policy(GroupName="my-group", PolicyArn=policy_arn)
    conn.list_attached_group_policies(GroupName="my-group")[
        "AttachedPolicies"
    ].should.be.empty


@mock_iam
def test_get_group_policy_boto3():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    with pytest.raises(ClientError) as ex:
        conn.get_group_policy(GroupName="my-group", PolicyName="my-policy")
    err = ex.value.response["Error"]
    err["Code"].should.equal("NoSuchEntity")
    err["Message"].should.equal("Policy my-policy not found")

    conn.put_group_policy(
        GroupName="my-group", PolicyName="my-policy", PolicyDocument=MOCK_POLICY
    )
    policy = conn.get_group_policy(GroupName="my-group", PolicyName="my-policy")
    policy["GroupName"].should.equal("my-group")
    policy["PolicyName"].should.equal("my-policy")
    policy["PolicyDocument"].should.equal(json.loads(MOCK_POLICY))


@mock_iam()
def test_list_group_policies():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    conn.list_group_policies(GroupName="my-group")["PolicyNames"].should.be.empty
    conn.put_group_policy(
        GroupName="my-group", PolicyName="my-policy", PolicyDocument=MOCK_POLICY
    )
    conn.list_group_policies(GroupName="my-group")["PolicyNames"].should.equal(
        ["my-policy"]
    )


@mock_iam
def test_delete_group():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    groups = conn.list_groups()
    assert groups["Groups"][0]["GroupName"] == "my-group"
    assert len(groups["Groups"]) == 1
    conn.delete_group(GroupName="my-group")
    conn.list_groups()["Groups"].should.be.empty


@mock_iam
def test_delete_unknown_group():
    conn = boto3.client("iam", region_name="us-east-1")
    with pytest.raises(ClientError) as err:
        conn.delete_group(GroupName="unknown-group")
    err.value.response["Error"]["Code"].should.equal("NoSuchEntity")
    err.value.response["Error"]["Message"].should.equal(
        "The group with name unknown-group cannot be found."
    )


@mock_iam
def test_update_group_name():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group")
    initial_group = conn.get_group(GroupName="my-group")["Group"]

    conn.update_group(GroupName="my-group", NewGroupName="new-group")

    # The old group-name should no longer exist
    with pytest.raises(ClientError) as exc:
        conn.get_group(GroupName="my-group")
    exc.value.response["Error"]["Code"].should.equal("NoSuchEntity")

    result = conn.get_group(GroupName="new-group")["Group"]
    result["Path"].should.equal("/")
    result["GroupName"].should.equal("new-group")
    result["GroupId"].should.equal(initial_group["GroupId"])
    result["Arn"].should.match(":group/new-group")


@mock_iam
def test_update_group_name_that_has_a_path():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group", Path="/path")

    conn.update_group(GroupName="my-group", NewGroupName="new-group")

    # Verify the path hasn't changed
    new = conn.get_group(GroupName="new-group")["Group"]
    new["Path"].should.equal("/path")


@mock_iam
def test_update_group_path():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="my-group", Path="/path")

    conn.update_group(
        GroupName="my-group", NewGroupName="new-group", NewPath="/new-path"
    )

    # Verify the path has changed
    new = conn.get_group(GroupName="new-group")["Group"]
    new["Path"].should.equal("/new-path")


@mock_iam
def test_update_group_that_does_not_exist():
    conn = boto3.client("iam", region_name="us-east-1")

    with pytest.raises(ClientError) as exc:
        conn.update_group(GroupName="nonexisting", NewGroupName="..")
    err = exc.value.response["Error"]
    err["Code"].should.equal("NoSuchEntity")
    err["Message"].should.equal("The group with name nonexisting cannot be found.")


@mock_iam
def test_update_group_with_existing_name():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_group(GroupName="existing1")
    conn.create_group(GroupName="existing2")

    with pytest.raises(ClientError) as exc:
        conn.update_group(GroupName="existing1", NewGroupName="existing2")
    err = exc.value.response["Error"]
    err["Code"].should.equal("Conflict")
    err["Message"].should.equal("Group existing2 already exists")
Fixes for IAM Groups 2018-10-16 17:14:23 -07:00			`from datetime import datetime`

iam: add group policy methods (#849) Implemented mocks for: * get_all_group_policies * list_group_policies (boto3) * get_group_policy * put_group_policy 2017-03-05 04:56:36 +01:00			`import boto3`
Techdebt: Enable pylint rules (#4432) 2021-10-18 19:44:29 +00:00			`import sure # noqa # pylint: disable=unused-import`
IAM - duplicate boto tests (#3913) 2021-09-22 19:42:42 +00:00			`import json`
Add IAM list_groups and list_groups_for_user. Closes #343. 2015-04-30 19:32:53 -04:00
Port test suite from nose to pytest. This just eliminates all errors on the tests collection. Elimination of failures is left to the next commit. 2020-10-06 07:54:49 +02:00			`import pytest`
#2163 - Delete IAM group; Add test case and align error message with AWS 2019-11-08 01:19:45 -08:00			`from botocore.exceptions import ClientError`
Remove deprecated decorators + boto dependency (#4378) 2022-01-18 14:18:57 -01:00			`from moto import mock_iam`
ACCOUNT_ID moved to moto.core, MOTO_ACCOUNT_ID env var override 2019-12-16 21:05:29 -05:00			`from moto.core import ACCOUNT_ID`
Add IAM list_groups and list_groups_for_user. Closes #343. 2015-04-30 19:32:53 -04:00
Fixed old unit tests in test_iam that didn't use valid IAM policies. 2019-06-30 17:57:50 +02:00			`MOCK_POLICY = """`
			`{`
			`"Version": "2012-10-17",`
			`"Statement":`
			`{`
			`"Effect": "Allow",`
			`"Action": "s3:ListBucket",`
			`"Resource": "arn:aws:s3:::example_bucket"`
			`}`
			`}`
			`"""`

Add IAM list_groups and list_groups_for_user. Closes #343. 2015-04-30 19:32:53 -04:00
IAM - duplicate boto tests (#3913) 2021-09-22 19:42:42 +00:00			`@mock_iam`
			`def test_create_group_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`with pytest.raises(ClientError) as ex:`
			`conn.create_group(GroupName="my-group")`
			`err = ex.value.response["Error"]`
			`err["Code"].should.equal("Group my-group already exists")`
			`err["Message"].should.equal(None)`


			`@mock_iam`
			`def test_get_group_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`created = conn.create_group(GroupName="my-group")["Group"]`
			`created["Path"].should.equal("/")`
			`created["GroupName"].should.equal("my-group")`
			`created.should.have.key("GroupId")`
			`created["Arn"].should.equal("arn:aws:iam::{}:group/my-group".format(ACCOUNT_ID))`
			`created["CreateDate"].should.be.a(datetime)`

			`retrieved = conn.get_group(GroupName="my-group")["Group"]`
			`retrieved.should.equal(created)`

			`with pytest.raises(ClientError) as ex:`
			`conn.get_group(GroupName="not-group")`
			`err = ex.value.response["Error"]`
			`err["Code"].should.equal("NoSuchEntity")`
			`err["Message"].should.equal("Group not-group not found")`


Fixes for IAM Groups 2018-10-16 17:14:23 -07:00			`@mock_iam()`
			`def test_get_group_current():`
Run black on moto & test directories. 2019-10-31 08:44:26 -07:00			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`result = conn.get_group(GroupName="my-group")`
Fixes for IAM Groups 2018-10-16 17:14:23 -07:00
Run black on moto & test directories. 2019-10-31 08:44:26 -07:00			`assert result["Group"]["Path"] == "/"`
			`assert result["Group"]["GroupName"] == "my-group"`
			`assert isinstance(result["Group"]["CreateDate"], datetime)`
			`assert result["Group"]["GroupId"]`
Added references to moto.iam.models.ACCOUNT_ID instead of hardcoded id 2019-12-15 19:22:26 -05:00			`assert result["Group"]["Arn"] == "arn:aws:iam::{}:group/my-group".format(ACCOUNT_ID)`
Run black on moto & test directories. 2019-10-31 08:44:26 -07:00			`assert not result["Users"]`
Fixes for IAM Groups 2018-10-16 17:14:23 -07:00
			`# Make a group with a different path:`
Run black on moto & test directories. 2019-10-31 08:44:26 -07:00			`other_group = conn.create_group(GroupName="my-other-group", Path="some/location")`
			`assert other_group["Group"]["Path"] == "some/location"`
black linting 2019-12-16 21:25:20 -05:00			`assert other_group["Group"][`
			`"Arn"`
			`] == "arn:aws:iam::{}:group/some/location/my-other-group".format(ACCOUNT_ID)`
Fixes for IAM Groups 2018-10-16 17:14:23 -07:00

IAM - duplicate boto tests (#3913) 2021-09-22 19:42:42 +00:00			`@mock_iam`
			`def test_get_all_groups_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group1")`
			`conn.create_group(GroupName="my-group2")`
			`groups = conn.list_groups()["Groups"]`
			`groups.should.have.length_of(2)`


			`@mock_iam`
			`def test_add_unknown_user_to_group():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`with pytest.raises(ClientError) as ex:`
			`conn.add_user_to_group(GroupName="my-group", UserName="my-user")`
			`err = ex.value.response["Error"]`
			`err["Code"].should.equal("NoSuchEntity")`
			`err["Message"].should.equal("The user with name my-user cannot be found.")`


			`@mock_iam`
			`def test_add_user_to_unknown_group():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_user(UserName="my-user")`
			`with pytest.raises(ClientError) as ex:`
			`conn.add_user_to_group(GroupName="my-group", UserName="my-user")`
			`err = ex.value.response["Error"]`
			`err["Code"].should.equal("NoSuchEntity")`
			`err["Message"].should.equal("Group my-group not found")`


			`@mock_iam`
			`def test_add_user_to_group_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`conn.create_user(UserName="my-user")`
			`conn.add_user_to_group(GroupName="my-group", UserName="my-user")`


			`@mock_iam`
			`def test_remove_user_from_unknown_group():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`with pytest.raises(ClientError) as ex:`
			`conn.remove_user_from_group(GroupName="my-group", UserName="my-user")`
			`err = ex.value.response["Error"]`
			`err["Code"].should.equal("NoSuchEntity")`
			`err["Message"].should.equal("Group my-group not found")`


			`@mock_iam`
			`def test_remove_nonattached_user_from_group():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`conn.create_user(UserName="my-user")`
			`with pytest.raises(ClientError) as ex:`
			`conn.remove_user_from_group(GroupName="my-group", UserName="my-user")`
			`err = ex.value.response["Error"]`
			`err["Code"].should.equal("NoSuchEntity")`
			`err["Message"].should.equal("User my-user not in group my-group")`


			`@mock_iam`
			`def test_remove_user_from_group_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`conn.create_user(UserName="my-user")`
			`conn.add_user_to_group(GroupName="my-group", UserName="my-user")`
			`conn.remove_user_from_group(GroupName="my-group", UserName="my-user")`


			`@mock_iam`
			`def test_get_groups_for_user_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group1")`
			`conn.create_group(GroupName="my-group2")`
			`conn.create_group(GroupName="other-group")`
			`conn.create_user(UserName="my-user")`
			`conn.add_user_to_group(GroupName="my-group1", UserName="my-user")`
			`conn.add_user_to_group(GroupName="my-group2", UserName="my-user")`

			`groups = conn.list_groups_for_user(UserName="my-user")["Groups"]`
			`groups.should.have.length_of(2)`


			`@mock_iam`
			`def test_put_group_policy_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`conn.put_group_policy(`
			`GroupName="my-group", PolicyName="my-policy", PolicyDocument=MOCK_POLICY`
			`)`


test attaching group policies 2017-10-01 15:02:00 -07:00			`@mock_iam`
			`def test_attach_group_policies():`
Run black on moto & test directories. 2019-10-31 08:44:26 -07:00			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`conn.list_attached_group_policies(GroupName="my-group")[`
			`"AttachedPolicies"`
			`].should.be.empty`
			`policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonElasticMapReduceforEC2Role"`
			`conn.list_attached_group_policies(GroupName="my-group")[`
			`"AttachedPolicies"`
			`].should.be.empty`
			`conn.attach_group_policy(GroupName="my-group", PolicyArn=policy_arn)`
			`conn.list_attached_group_policies(GroupName="my-group")[`
			`"AttachedPolicies"`
			`].should.equal(`
			`[{"PolicyName": "AmazonElasticMapReduceforEC2Role", "PolicyArn": policy_arn}]`
			`)`

			`conn.detach_group_policy(GroupName="my-group", PolicyArn=policy_arn)`
			`conn.list_attached_group_policies(GroupName="my-group")[`
			`"AttachedPolicies"`
			`].should.be.empty`
implementing detach_group_policy 2017-10-01 15:04:59 -07:00
test attaching group policies 2017-10-01 15:02:00 -07:00
IAM - duplicate boto tests (#3913) 2021-09-22 19:42:42 +00:00			`@mock_iam`
			`def test_get_group_policy_boto3():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`with pytest.raises(ClientError) as ex:`
			`conn.get_group_policy(GroupName="my-group", PolicyName="my-policy")`
			`err = ex.value.response["Error"]`
			`err["Code"].should.equal("NoSuchEntity")`
			`err["Message"].should.equal("Policy my-policy not found")`

			`conn.put_group_policy(`
			`GroupName="my-group", PolicyName="my-policy", PolicyDocument=MOCK_POLICY`
			`)`
			`policy = conn.get_group_policy(GroupName="my-group", PolicyName="my-policy")`
			`policy["GroupName"].should.equal("my-group")`
			`policy["PolicyName"].should.equal("my-policy")`
			`policy["PolicyDocument"].should.equal(json.loads(MOCK_POLICY))`


iam: add group policy methods (#849) Implemented mocks for: * get_all_group_policies * list_group_policies (boto3) * get_group_policy * put_group_policy 2017-03-05 04:56:36 +01:00			`@mock_iam()`
			`def test_list_group_policies():`
Run black on moto & test directories. 2019-10-31 08:44:26 -07:00			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`conn.list_group_policies(GroupName="my-group")["PolicyNames"].should.be.empty`
			`conn.put_group_policy(`
			`GroupName="my-group", PolicyName="my-policy", PolicyDocument=MOCK_POLICY`
			`)`
			`conn.list_group_policies(GroupName="my-group")["PolicyNames"].should.equal(`
			`["my-policy"]`
			`)`
Implementing delete-group endpoint and appropriate test case 2019-04-20 22:50:28 +01:00

			`@mock_iam`
			`def test_delete_group():`
#2163 - Delete IAM group; Add test case and align error message with AWS 2019-11-08 01:19:45 -08:00			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
Implementing delete-group endpoint and appropriate test case 2019-04-20 22:50:28 +01:00			`groups = conn.list_groups()`
#2163 - Delete IAM group; Add test case and align error message with AWS 2019-11-08 01:19:45 -08:00			`assert groups["Groups"][0]["GroupName"] == "my-group"`
			`assert len(groups["Groups"]) == 1`
			`conn.delete_group(GroupName="my-group")`
			`conn.list_groups()["Groups"].should.be.empty`


			`@mock_iam`
			`def test_delete_unknown_group():`
			`conn = boto3.client("iam", region_name="us-east-1")`
Finish porting from nose to pytest. 2020-10-06 08:04:09 +02:00			`with pytest.raises(ClientError) as err:`
#2163 - Delete IAM group; Add test case and align error message with AWS 2019-11-08 01:19:45 -08:00			`conn.delete_group(GroupName="unknown-group")`
Finish porting from nose to pytest. 2020-10-06 08:04:09 +02:00			`err.value.response["Error"]["Code"].should.equal("NoSuchEntity")`
			`err.value.response["Error"]["Message"].should.equal(`
#2163 - Delete IAM group; Add test case and align error message with AWS 2019-11-08 01:19:45 -08:00			`"The group with name unknown-group cannot be found."`
			`)`
Prep 2.2.17 release (#4642) 2021-11-29 19:35:18 -01:00

			`@mock_iam`
			`def test_update_group_name():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group")`
			`initial_group = conn.get_group(GroupName="my-group")["Group"]`

			`conn.update_group(GroupName="my-group", NewGroupName="new-group")`

			`# The old group-name should no longer exist`
			`with pytest.raises(ClientError) as exc:`
			`conn.get_group(GroupName="my-group")`
			`exc.value.response["Error"]["Code"].should.equal("NoSuchEntity")`

			`result = conn.get_group(GroupName="new-group")["Group"]`
			`result["Path"].should.equal("/")`
			`result["GroupName"].should.equal("new-group")`
			`result["GroupId"].should.equal(initial_group["GroupId"])`
			`result["Arn"].should.match(":group/new-group")`


			`@mock_iam`
			`def test_update_group_name_that_has_a_path():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group", Path="/path")`

			`conn.update_group(GroupName="my-group", NewGroupName="new-group")`

			`# Verify the path hasn't changed`
			`new = conn.get_group(GroupName="new-group")["Group"]`
			`new["Path"].should.equal("/path")`


			`@mock_iam`
			`def test_update_group_path():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="my-group", Path="/path")`

			`conn.update_group(`
			`GroupName="my-group", NewGroupName="new-group", NewPath="/new-path"`
			`)`

			`# Verify the path has changed`
			`new = conn.get_group(GroupName="new-group")["Group"]`
			`new["Path"].should.equal("/new-path")`


			`@mock_iam`
			`def test_update_group_that_does_not_exist():`
			`conn = boto3.client("iam", region_name="us-east-1")`

			`with pytest.raises(ClientError) as exc:`
			`conn.update_group(GroupName="nonexisting", NewGroupName="..")`
			`err = exc.value.response["Error"]`
			`err["Code"].should.equal("NoSuchEntity")`
			`err["Message"].should.equal("The group with name nonexisting cannot be found.")`


			`@mock_iam`
			`def test_update_group_with_existing_name():`
			`conn = boto3.client("iam", region_name="us-east-1")`
			`conn.create_group(GroupName="existing1")`
			`conn.create_group(GroupName="existing2")`

			`with pytest.raises(ClientError) as exc:`
			`conn.update_group(GroupName="existing1", NewGroupName="existing2")`
			`err = exc.value.response["Error"]`
			`err["Code"].should.equal("Conflict")`
			`err["Message"].should.equal("Group existing2 already exists")`