From 69a78ba7c98dba3886a63d7923fa18bea94eaea1 Mon Sep 17 00:00:00 2001
From: Neil Roberts <neil.roberts@cambiahealth.com>
Date: Wed, 15 Aug 2018 10:52:30 -0700
Subject: [PATCH] Moto-1781: Create initial stub of rotate_secret and tests.

---
 moto/secretsmanager/models.py                    | 15 +++++++++++++++
 tests/test_secretsmanager/test_secretsmanager.py | 16 ++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/moto/secretsmanager/models.py b/moto/secretsmanager/models.py
index c60feb530..4d9c4ecbe 100644
--- a/moto/secretsmanager/models.py
+++ b/moto/secretsmanager/models.py
@@ -36,6 +36,7 @@ class SecretsManagerBackend(BaseBackend):
         self.rotation_enabled = False
         self.rotation_lambda_arn = ''
         self.auto_rotate_after_days = 0
+        self.version_id = ''
 
     def reset(self):
         region_name = self.region
@@ -105,6 +106,20 @@ class SecretsManagerBackend(BaseBackend):
 
         return response
 
+    def rotate_secret(self, secret_id, client_request_token=None,
+                      rotation_lambda_arn=None, rotation_rules=None):
+
+        if not self._is_valid_identifier(secret_id):
+            raise ResourceNotFoundException
+
+        response = json.dumps({
+            "ARN": secret_arn(self.region, self.secret_id),
+            "Name": self.name,
+            "VersionId": self.version_id
+        })
+
+        return response
+
     def get_random_password(self, password_length,
                             exclude_characters, exclude_numbers,
                             exclude_punctuation, exclude_uppercase,
diff --git a/tests/test_secretsmanager/test_secretsmanager.py b/tests/test_secretsmanager/test_secretsmanager.py
index d3fc85467..bbc87e5c1 100644
--- a/tests/test_secretsmanager/test_secretsmanager.py
+++ b/tests/test_secretsmanager/test_secretsmanager.py
@@ -179,3 +179,19 @@ def test_describe_secret_that_does_not_match():
     
     with assert_raises(ClientError):
         result = conn.get_secret_value(SecretId='i-dont-match')
+
+@mock_secretsmanager
+def test_rotate_secret_that_does_not_exist():
+    conn = boto3.client('secretsmanager', 'us-west-2')
+
+    with assert_raises(ClientError):
+        result = conn.rotate_secret(SecretId='i-dont-exist')
+
+@mock_secretsmanager
+def test_rotate_secret_that_does_not_match():
+    conn = boto3.client('secretsmanager', region_name='us-west-2')
+    conn.create_secret(Name='test-secret',
+                       SecretString='foosecret')
+
+    with assert_raises(ClientError):
+        result = conn.rotate_secret(SecretId='i-dont-match')