Fix IAM role name when parsed from CloudFormation JSON.
This commit is contained in:
Luis Pollo
Bert Blommers
parent
1aa99bb405
commit
20364b177a
4
moto/iam/models.py
Normal file → Executable file
4
moto/iam/models.py
Normal file → Executable file
@ -12,6 +12,7 @@ import re
|
|||||||
from cryptography import x509
|
from cryptography import x509
|
||||||
from cryptography.hazmat.backends import default_backend
|
from cryptography.hazmat.backends import default_backend
|
||||||
from six.moves.urllib.parse import urlparse
|
from six.moves.urllib.parse import urlparse
|
||||||
|
from uuid import uuid4
|
||||||
|
|
||||||
from moto.core.exceptions import RESTError
|
from moto.core.exceptions import RESTError
|
||||||
from moto.core import BaseBackend, BaseModel, ACCOUNT_ID
|
from moto.core import BaseBackend, BaseModel, ACCOUNT_ID
|
||||||
@ -330,9 +331,10 @@ class Role(BaseModel):
|
|||||||
cls, resource_name, cloudformation_json, region_name
|
cls, resource_name, cloudformation_json, region_name
|
||||||
):
|
):
|
||||||
properties = cloudformation_json["Properties"]
|
properties = cloudformation_json["Properties"]
|
||||||
|
role_name = properties['RoleName'] if 'RoleName' in properties else str(uuid4())[0:5]
|
||||||
|
|
||||||
role = iam_backend.create_role(
|
role = iam_backend.create_role(
|
||||||
role_name=resource_name,
|
role_name=role_name,
|
||||||
assume_role_policy_document=properties["AssumeRolePolicyDocument"],
|
assume_role_policy_document=properties["AssumeRolePolicyDocument"],
|
||||||
path=properties.get("Path", "/"),
|
path=properties.get("Path", "/"),
|
||||||
permissions_boundary=properties.get("PermissionsBoundary", ""),
|
permissions_boundary=properties.get("PermissionsBoundary", ""),
|
||||||
|
|||||||
@ -909,6 +909,7 @@ def test_iam_roles():
|
|||||||
},
|
},
|
||||||
"my-role-no-path": {
|
"my-role-no-path": {
|
||||||
"Properties": {
|
"Properties": {
|
||||||
|
"RoleName": "my-role-no-path-name",
|
||||||
"AssumeRolePolicyDocument": {
|
"AssumeRolePolicyDocument": {
|
||||||
"Statement": [
|
"Statement": [
|
||||||
{
|
{
|
||||||
@ -936,13 +937,13 @@ def test_iam_roles():
|
|||||||
role_name_to_id = {}
|
role_name_to_id = {}
|
||||||
for role_result in role_results:
|
for role_result in role_results:
|
||||||
role = iam_conn.get_role(role_result.role_name)
|
role = iam_conn.get_role(role_result.role_name)
|
||||||
role.role_name.should.contain("my-role")
|
if "my-role" not in role.role_name:
|
||||||
if "with-path" in role.role_name:
|
|
||||||
role_name_to_id["with-path"] = role.role_id
|
role_name_to_id["with-path"] = role.role_id
|
||||||
role.path.should.equal("my-path")
|
role.path.should.equal("my-path")
|
||||||
|
len(role.role_name).should.equal(5) # Role name is not specified, so randomly generated - can't check exact name
|
||||||
else:
|
else:
|
||||||
role_name_to_id["no-path"] = role.role_id
|
role_name_to_id["no-path"] = role.role_id
|
||||||
role.role_name.should.contain("no-path")
|
role.role_name.should.equal("my-role-no-path-name")
|
||||||
role.path.should.equal("/")
|
role.path.should.equal("/")
|
||||||
|
|
||||||
instance_profile_responses = iam_conn.list_instance_profiles()[
|
instance_profile_responses = iam_conn.list_instance_profiles()[
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user