[SecretsManager] Handle missing secrets versions (#3349)

* SecretsManager - handle missing secrets versions The get_secret_value method should raise ResourceNotFoundException if a secret exists but the provided VersionId does not. * Run black * 2.x support * black fix? * secret is not a dict. Fix error msg output.
2020-10-05 04:22:54 -07:00 · 2020-10-05 04:22:54 -07:00 · 2391a4ab97
commit 2391a4ab97
parent c1a7f29c62
2 changed files with 29 additions and 1 deletions
--- a/moto/secretsmanager/models.py
+++ b/moto/secretsmanager/models.py
@ -14,6 +14,7 @@ from .exceptions import (
    SecretHasNoValueException,
    InvalidParameterException,
    ResourceExistsException,
+    ResourceNotFoundException,
    InvalidRequestException,
    ClientError,
 )
@ -205,7 +206,14 @@ class SecretsManagerBackend(BaseBackend):
        secret = self.secrets[secret_id]
        version_id = version_id or secret.default_version_id

-        secret_version = secret.versions[version_id]
+        secret_version = secret.versions.get(version_id)
+        if not secret_version:
+            raise ResourceNotFoundException(
+                "An error occurred (ResourceNotFoundException) when calling the GetSecretValue operation: Secrets "
+                "Manager can't find the specified secret value for VersionId: {}".format(
+                    version_id
+                )
+            )

        response_data = {
            "ARN": secret.arn,
--- a/tests/test_secretsmanager/test_secretsmanager.py
+++ b/tests/test_secretsmanager/test_secretsmanager.py
@ -105,6 +105,26 @@ def test_get_secret_that_has_no_value():
    )


+@mock_secretsmanager
+def test_get_secret_version_that_does_not_exist():
+    conn = boto3.client("secretsmanager", region_name="us-west-2")
+
+    result = conn.create_secret(Name="java-util-test-password")
+    secret_arn = result["ARN"]
+    missing_version_id = "00000000-0000-0000-0000-000000000000"
+
+    with assert_raises(ClientError) as cm:
+        conn.get_secret_value(SecretId=secret_arn, VersionId=missing_version_id)
+
+    assert_equal(
+        (
+            "An error occurred (ResourceNotFoundException) when calling the GetSecretValue operation: Secrets "
+            "Manager can't find the specified secret value for VersionId: 00000000-0000-0000-0000-000000000000"
+        ),
+        cm.exception.response["Error"]["Message"],
+    )
+
+
@mock_secretsmanager
 def test_create_secret():
    conn = boto3.client("secretsmanager", region_name="us-east-1")