diff --git a/moto/awslambda/models.py b/moto/awslambda/models.py index 80131dedc..af87b5392 100644 --- a/moto/awslambda/models.py +++ b/moto/awslambda/models.py @@ -229,6 +229,7 @@ class LayerVersion(CloudFormationModel): # optional self.description = spec.get("Description", "") + self.compatible_architectures = spec.get("CompatibleArchitectures", []) self.compatible_runtimes = spec.get("CompatibleRuntimes", []) self.license_info = spec.get("LicenseInfo", "") @@ -279,6 +280,7 @@ class LayerVersion(CloudFormationModel): "LayerArn": self._layer.layer_arn, "LayerVersionArn": self.arn, "CreatedDate": self.created_date, + "CompatibleArchitectures": self.compatible_architectures, "CompatibleRuntimes": self.compatible_runtimes, "Description": self.description, "LicenseInfo": self.license_info, diff --git a/moto/dax/models.py b/moto/dax/models.py index 2d261f513..83f7b49b4 100644 --- a/moto/dax/models.py +++ b/moto/dax/models.py @@ -75,6 +75,7 @@ class DaxCluster(BaseModel, ManagedState): replication_factor, iam_role_arn, sse_specification, + encryption_type, ): # Configure ManagedState super().__init__( @@ -100,6 +101,7 @@ class DaxCluster(BaseModel, ManagedState): {"SecurityGroupIdentifier": f"sg-{get_random_hex(10)}", "Status": "active"} ] self.sse_specification = sse_specification + self.encryption_type = encryption_type def _create_new_node(self, idx): return DaxNode(endpoint=self.endpoint, name=self.name, index=idx) @@ -142,7 +144,7 @@ class DaxCluster(BaseModel, ManagedState): if self.sse_specification.get("Enabled") is True else "DISABLED" }, - "ClusterEndpointEncryptionType": "NONE", + "ClusterEndpointEncryptionType": self.encryption_type, "SecurityGroups": self.security_groups, } if use_full_repr: @@ -183,10 +185,11 @@ class DAXBackend(BaseBackend): iam_role_arn, tags, sse_specification, + encryption_type, ): """ The following parameters are not yet processed: - AvailabilityZones, SubnetGroupNames, SecurityGroups, PreferredMaintenanceWindow, NotificationTopicArn, ParameterGroupName, ClusterEndpointEncryptionType + AvailabilityZones, SubnetGroupNames, SecurityGroups, PreferredMaintenanceWindow, NotificationTopicArn, ParameterGroupName """ cluster = DaxCluster( region=self.region_name, @@ -196,6 +199,7 @@ class DAXBackend(BaseBackend): replication_factor=replication_factor, iam_role_arn=iam_role_arn, sse_specification=sse_specification, + encryption_type=encryption_type, ) self.clusters[cluster_name] = cluster self._tagger.tag_resource(cluster.arn, tags) diff --git a/moto/dax/responses.py b/moto/dax/responses.py index 914071eaf..3ebd66026 100644 --- a/moto/dax/responses.py +++ b/moto/dax/responses.py @@ -20,6 +20,7 @@ class DAXResponse(BaseResponse): iam_role_arn = params.get("IamRoleArn") tags = params.get("Tags", []) sse_specification = params.get("SSESpecification", {}) + encryption_type = params.get("ClusterEndpointEncryptionType", "NONE") self._validate_arn(iam_role_arn) self._validate_name(cluster_name) @@ -32,6 +33,7 @@ class DAXResponse(BaseResponse): iam_role_arn=iam_role_arn, tags=tags, sse_specification=sse_specification, + encryption_type=encryption_type, ) return json.dumps(dict(Cluster=cluster.to_json())) diff --git a/moto/ecr/models.py b/moto/ecr/models.py index 4fb2020b4..022ffb872 100644 --- a/moto/ecr/models.py +++ b/moto/ecr/models.py @@ -806,7 +806,10 @@ class ECRBackend(BaseBackend): policy = json.loads(policy_text) for statement in policy["Statement"]: - if set(statement["Action"]) - VALID_ACTIONS: + action = statement["Action"] + if isinstance(action, str): + action = [action] + if set(action) - VALID_ACTIONS: raise MalformedPolicyDocument() def put_registry_policy(self, policy_text): diff --git a/tests/terraformtests/bin/run_go_test b/tests/terraformtests/bin/run_go_test index 3683fdf43..3a6c7a30d 100755 --- a/tests/terraformtests/bin/run_go_test +++ b/tests/terraformtests/bin/run_go_test @@ -9,6 +9,7 @@ PATCH="etc/0001-Patch-Hardcode-endpoints-to-local-server.patch" (git apply $pwd/etc/0001-Patch-Hardcode-endpoints-to-local-server.patch > /dev/null 2>&1 && echo "Patched endpoints") || echo "Not patching endpoints - Directory was probably already patched." (git apply $pwd/etc/0002-EC2-reduce-wait-times.patch > /dev/null 2>&1 && echo "Patched EC2") || echo "Not patching EC2 - Directory was probably already patched." (git apply $pwd/etc/0003-Patch-IAM-wait-times.patch > /dev/null 2>&1 && echo "Patched IAM") || echo "Not patching IAM - Directory was probably already patched." +(git apply $pwd/etc/0004-DAX-Reduce-wait-times.patch > /dev/null 2>&1 && echo "Patched DAX") || echo "Not patching DAX - Directory was probably already patched." ) ( diff --git a/tests/terraformtests/terraform-tests.failures.txt b/tests/terraformtests/terraform-tests.failures.txt index 4993b1804..4790a6217 100644 --- a/tests/terraformtests/terraform-tests.failures.txt +++ b/tests/terraformtests/terraform-tests.failures.txt @@ -12,7 +12,6 @@ TestAccCloudTrail TestAccEventsRule TestAccCloudWatchEventTarget_ssmDocument TestAccCloudWatchMetricAlarm -TestAccDAX TestAccEC2DefaultSecurityGroup TestAccEC2DefaultVPCAndSubnet TestAccMetaDefaultTagsDataSource @@ -38,8 +37,6 @@ TestAccEc2TransitGatewayDxGatewayAttachmentDataSource TestAccEc2TransitGatewayPeeringAttachmentAccepter TestAccEc2TransitGatewayRouteTableAssociation TestAccEc2TransitGatewayVpcAttachment -TestAccEcrRegistryPolicy -TestAccEcrReplicationConfiguration TestAccEC2EgressOnlyInternetGateway TestAccEFSMountTarget TestAccEksClusterDataSource @@ -48,8 +45,6 @@ TestAccIotThing TestAccIPRanges TestAccKinesisStream TestAccELBPolicy -TestAccLambdaAlias -TestAccLambdaLayerVersion TestAccPartition TestAccPinpointApp TestAccPinpointEventStream diff --git a/tests/terraformtests/terraform-tests.success.txt b/tests/terraformtests/terraform-tests.success.txt index b1724ddf3..e0480c840 100644 --- a/tests/terraformtests/terraform-tests.success.txt +++ b/tests/terraformtests/terraform-tests.success.txt @@ -30,6 +30,9 @@ cognitoidp: - TestAccCognitoUserInGroup_ - TestAccCognitoIDPUserPoolClients - TestAccCognitoIDPUserPoolClientDataSource +dax: + - TestAccDAXCluster_basic + - TestAccDAXCluster_Encryption dynamodb: - TestAccDynamoDBTableItem ec2: @@ -40,13 +43,18 @@ ec2: - TestAccEC2InternetGateway_ - TestAccEC2NATGateway_ - TestAccEC2RouteTableAssociation_ + - TestAccEC2SecurityGroups - TestAccEC2SpotInstanceRequest_disappears - TestAccEC2SpotInstanceRequest_interruptUpdate - TestAccEC2VPCEndpointService_ + - TestAccEC2VPCPeeringConnectionAccepter_ + - TestAccEC2VPCsDataSource - TestAccEC2VPNGateway_ - TestAccEC2VPNGatewayAttachment_ ecr: - TestAccECRLifecyclePolicy + - TestAccECRRegistryPolicy + - TestAccECRReplicationConfiguration - TestAccECRRepository - TestAccECRRepositoryDataSource - TestAccECRRepositoryPolicy @@ -107,6 +115,9 @@ kms: - TestAccKMSKey_Policy_iamServiceLinkedRole - TestAccKMSSecretDataSource - TestAccKMSSecretsDataSource +lambda: + - TestAccLambdaAlias_ + - TestAccLambdaLayerVersion_ meta: - TestAccMetaBillingServiceAccountDataSource mq: diff --git a/tests/test_awslambda/test_lambda_layers.py b/tests/test_awslambda/test_lambda_layers.py index 542771e2e..8e0be4001 100644 --- a/tests/test_awslambda/test_lambda_layers.py +++ b/tests/test_awslambda/test_lambda_layers.py @@ -76,6 +76,7 @@ def test_get_lambda_layers(): "CompatibleRuntimes": ["python3.6"], "Description": "", "LicenseInfo": "MIT", + "CompatibleArchitectures": [], }, { "Version": 2, @@ -83,6 +84,7 @@ def test_get_lambda_layers(): "CompatibleRuntimes": ["python3.6"], "Description": "", "LicenseInfo": "MIT", + "CompatibleArchitectures": [], }, ] ) @@ -154,10 +156,16 @@ def test_get_layer_version(): Content={"ZipFile": get_test_zip_file1()}, CompatibleRuntimes=["python3.6"], LicenseInfo="MIT", + CompatibleArchitectures=["x86_64"], ) layer_version = resp["Version"] resp = conn.get_layer_version(LayerName=layer_name, VersionNumber=layer_version) + resp.should.have.key("Description").equals("") + resp.should.have.key("Version").equals(1) + resp.should.have.key("CompatibleArchitectures").equals(["x86_64"]) + resp.should.have.key("CompatibleRuntimes").equals(["python3.6"]) + resp.should.have.key("LicenseInfo").equals("MIT") @mock_lambda diff --git a/tests/test_cloudformation/test_cloudformation_stack_integration.py b/tests/test_cloudformation/test_cloudformation_stack_integration.py index 308cc499d..21f602401 100644 --- a/tests/test_cloudformation/test_cloudformation_stack_integration.py +++ b/tests/test_cloudformation/test_cloudformation_stack_integration.py @@ -281,6 +281,7 @@ def lambda_handler(event, context): "Description": "Test Layer", "CompatibleRuntimes": ["python2.7", "python3.6"], "LicenseInfo": "MIT", + "CompatibleArchitectures": [], }, }, }, @@ -305,6 +306,7 @@ def lambda_handler(event, context): "CompatibleRuntimes": ["python2.7", "python3.6"], "Description": "Test Layer", "LicenseInfo": "MIT", + "CompatibleArchitectures": [], } ] ) diff --git a/tests/test_dax/test_dax.py b/tests/test_dax/test_dax.py index 0203837cc..4091d2f0b 100644 --- a/tests/test_dax/test_dax.py +++ b/tests/test_dax/test_dax.py @@ -79,6 +79,7 @@ def test_create_cluster_with_sse_enabled(): ReplicationFactor=3, IamRoleArn=iam_role_arn, SSESpecification={"Enabled": True}, + ClusterEndpointEncryptionType="TLS", )["Cluster"] described_cluster = client.describe_clusters(ClusterNames=["daxcluster"])[ @@ -88,6 +89,7 @@ def test_create_cluster_with_sse_enabled(): for cluster in [created_cluster, described_cluster]: cluster["ClusterName"].should.equal("daxcluster") cluster["SSEDescription"].should.equal({"Status": "ENABLED"}) + cluster["ClusterEndpointEncryptionType"].should.equal("TLS") @mock_dax diff --git a/tests/test_ecr/test_ecr_boto3.py b/tests/test_ecr/test_ecr_boto3.py index aaa49d6d6..f498b79a4 100644 --- a/tests/test_ecr/test_ecr_boto3.py +++ b/tests/test_ecr/test_ecr_boto3.py @@ -2053,7 +2053,12 @@ def test_delete_lifecycle_policy_error_policy_not_exists(): @mock_ecr -def test_put_registry_policy(): +@pytest.mark.parametrize( + "actions", + ["ecr:CreateRepository", ["ecr:CreateRepository", "ecr:ReplicateImage"]], + ids=["single-action", "multiple-actions"], +) +def test_put_registry_policy(actions): # given client = boto3.client("ecr", region_name="eu-central-1") policy = { @@ -2064,7 +2069,7 @@ def test_put_registry_policy(): "Principal": { "AWS": ["arn:aws:iam::111111111111:root", "222222222222"] }, - "Action": ["ecr:CreateRepository", "ecr:ReplicateImage"], + "Action": actions, "Resource": "*", } ],