Fixes for IAM Role Description field in responses from list_roles and create_roles (#3724)

* Add IAM Role Description field to list_roles responses The IAM ListRoles IAM API call will return the Description key/value for each role if it exists. If it does not exist the Description key is not included. * fix handling in create_role resp * blackg * Combine two tests using pytest.mark.parametrize * consistency
2021-02-24 11:14:11 -08:00 · 2021-02-24 11:14:11 -08:00 · 0625bbfa11
commit 0625bbfa11
parent 0ae1ce9042
2 changed files with 27 additions and 1 deletions
--- a/moto/iam/responses.py
+++ b/moto/iam/responses.py
@ -1275,7 +1275,7 @@ CREATE_ROLE_TEMPLATE = """<CreateRoleResponse xmlns="https://iam.amazonaws.com/d
      <Arn>{{ role.arn }}</Arn>
      <RoleName>{{ role.name }}</RoleName>
      <AssumeRolePolicyDocument>{{ role.assume_role_policy_document }}</AssumeRolePolicyDocument>
-      {% if role.description %}
+      {% if role.description is not none %}
      <Description>{{role.description}}</Description>
      {% endif %}
      <CreateDate>{{ role.created_iso_8601 }}</CreateDate>
@ -1420,6 +1420,9 @@ LIST_ROLES_TEMPLATE = """<ListRolesResponse xmlns="https://iam.amazonaws.com/doc
          <PermissionsBoundaryArn>{{ role.permissions_boundary }}</PermissionsBoundaryArn>
        </PermissionsBoundary>
        {% endif %}
+        {% if role.description is not none %}
+        <Description>{{ role.description }}</Description>
+        {% endif %}
      </member>
      {% endfor %}
    </Roles>
--- a/tests/test_iam/test_iam.py
+++ b/tests/test_iam/test_iam.py
@ -4029,6 +4029,29 @@ def test_list_roles_none_found_returns_empty_list():
    assert len(roles) == 0


+@pytest.mark.parametrize("desc", ["", "Test Description"])
+@mock_iam()
+def test_list_roles_with_description(desc):
+    conn = boto3.client("iam", region_name="us-east-1")
+    resp = conn.create_role(
+        RoleName="my-role", AssumeRolePolicyDocument="some policy", Description=desc,
+    )
+    resp.get("Role").get("Description").should.equal(desc)
+
+    # Ensure the Description is included in role listing as well
+    conn.list_roles().get("Roles")[0].get("Description").should.equal(desc)
+
+
+@mock_iam()
+def test_list_roles_without_description():
+    conn = boto3.client("iam", region_name="us-east-1")
+    resp = conn.create_role(RoleName="my-role", AssumeRolePolicyDocument="some policy",)
+    resp.get("Role").should_not.have.key("Description")
+
+    # Ensure the Description is not included in role listing as well
+    conn.list_roles().get("Roles")[0].should_not.have.key("Description")
+
+
@mock_iam()
 def test_create_user_with_tags():
    conn = boto3.client("iam", region_name="us-east-1")