diff --git a/moto/secretsmanager/models.py b/moto/secretsmanager/models.py index 419b765c1..f39b91eaa 100644 --- a/moto/secretsmanager/models.py +++ b/moto/secretsmanager/models.py @@ -14,6 +14,7 @@ from .exceptions import ( SecretHasNoValueException, InvalidParameterException, ResourceExistsException, + ResourceNotFoundException, InvalidRequestException, ClientError, ) @@ -205,7 +206,14 @@ class SecretsManagerBackend(BaseBackend): secret = self.secrets[secret_id] version_id = version_id or secret.default_version_id - secret_version = secret.versions[version_id] + secret_version = secret.versions.get(version_id) + if not secret_version: + raise ResourceNotFoundException( + "An error occurred (ResourceNotFoundException) when calling the GetSecretValue operation: Secrets " + "Manager can't find the specified secret value for VersionId: {}".format( + version_id + ) + ) response_data = { "ARN": secret.arn, diff --git a/tests/test_secretsmanager/test_secretsmanager.py b/tests/test_secretsmanager/test_secretsmanager.py index 1ae53603e..dcb3b9b0c 100644 --- a/tests/test_secretsmanager/test_secretsmanager.py +++ b/tests/test_secretsmanager/test_secretsmanager.py @@ -105,6 +105,26 @@ def test_get_secret_that_has_no_value(): ) +@mock_secretsmanager +def test_get_secret_version_that_does_not_exist(): + conn = boto3.client("secretsmanager", region_name="us-west-2") + + result = conn.create_secret(Name="java-util-test-password") + secret_arn = result["ARN"] + missing_version_id = "00000000-0000-0000-0000-000000000000" + + with assert_raises(ClientError) as cm: + conn.get_secret_value(SecretId=secret_arn, VersionId=missing_version_id) + + assert_equal( + ( + "An error occurred (ResourceNotFoundException) when calling the GetSecretValue operation: Secrets " + "Manager can't find the specified secret value for VersionId: 00000000-0000-0000-0000-000000000000" + ), + cm.exception.response["Error"]["Message"], + ) + + @mock_secretsmanager def test_create_secret(): conn = boto3.client("secretsmanager", region_name="us-east-1")