From 6ab416724a594e545af42e14a21a4b00db7e38d7 Mon Sep 17 00:00:00 2001 From: andrew Date: Thu, 22 Feb 2018 14:58:19 -0500 Subject: [PATCH] WIP: add iam roles to redshift --- moto/redshift/models.py | 5 ++++- moto/redshift/responses.py | 11 ++++++++++- tests/test_redshift/test_redshift.py | 18 ++++++++++++++++++ 3 files changed, 32 insertions(+), 2 deletions(-) diff --git a/moto/redshift/models.py b/moto/redshift/models.py index fa642ef01..7062b521c 100644 --- a/moto/redshift/models.py +++ b/moto/redshift/models.py @@ -67,7 +67,7 @@ class Cluster(TaggableResourceMixin, BaseModel): preferred_maintenance_window, cluster_parameter_group_name, automated_snapshot_retention_period, port, cluster_version, allow_version_upgrade, number_of_nodes, publicly_accessible, - encrypted, region_name, tags=None): + encrypted, region_name, tags=None, iam_roles=None): super(Cluster, self).__init__(region_name, tags) self.redshift_backend = redshift_backend self.cluster_identifier = cluster_identifier @@ -112,6 +112,9 @@ class Cluster(TaggableResourceMixin, BaseModel): else: self.number_of_nodes = 1 + if iam_roles: + self.iam_roles = iam_roles + @classmethod def create_from_cloudformation_json(cls, resource_name, cloudformation_json, region_name): redshift_backend = redshift_backends[region_name] diff --git a/moto/redshift/responses.py b/moto/redshift/responses.py index a320f9cae..54cd51744 100644 --- a/moto/redshift/responses.py +++ b/moto/redshift/responses.py @@ -99,6 +99,12 @@ class RedshiftResponse(BaseResponse): vpc_security_group_ids = self._get_multi_param('VpcSecurityGroupIds.VpcSecurityGroupId') return vpc_security_group_ids + def _get_iam_roles(self): + iam_roles = self._get_multi_param('IamRoles.member') + if not iam_roles: + iam_roles = self._get_multi_param('IamRoles.IamRoleArn') + return iam_roles + def _get_subnet_ids(self): subnet_ids = self._get_multi_param('SubnetIds.member') if not subnet_ids: @@ -127,7 +133,8 @@ class RedshiftResponse(BaseResponse): "publicly_accessible": self._get_param("PubliclyAccessible"), "encrypted": self._get_param("Encrypted"), "region_name": self.region, - "tags": self.unpack_complex_list_params('Tags.Tag', ('Key', 'Value')) + "tags": self.unpack_complex_list_params('Tags.Tag', ('Key', 'Value')), + "iam_roles": self._get_iam_roles(), } cluster = self.redshift_backend.create_cluster(**cluster_kwargs).to_json() cluster['ClusterStatus'] = 'creating' @@ -162,6 +169,7 @@ class RedshiftResponse(BaseResponse): "automated_snapshot_retention_period": self._get_int_param( 'AutomatedSnapshotRetentionPeriod'), "region_name": self.region, + "iam_roles": self._get_iam_roles(), } cluster = self.redshift_backend.restore_from_cluster_snapshot(**restore_kwargs).to_json() cluster['ClusterStatus'] = 'creating' @@ -209,6 +217,7 @@ class RedshiftResponse(BaseResponse): "number_of_nodes": self._get_int_param('NumberOfNodes'), "publicly_accessible": self._get_param("PubliclyAccessible"), "encrypted": self._get_param("Encrypted"), + "iam_roles": self._get_iam_roles(), } cluster_kwargs = {} # We only want parameters that were actually passed in, otherwise diff --git a/tests/test_redshift/test_redshift.py b/tests/test_redshift/test_redshift.py index cebaa3ec7..3267b3acf 100644 --- a/tests/test_redshift/test_redshift.py +++ b/tests/test_redshift/test_redshift.py @@ -294,6 +294,24 @@ def test_create_cluster_with_vpc_security_groups_boto3(): list(group_ids).should.equal([security_group.id]) +@mock_redshift +def test_create_cluster_with_iam_roles(): + iam_role = 'arn:aws:iam:::role/my-iam-role' + client = boto3.client('redshift', region_name='us-east-1') + cluster_id = 'my_cluster' + client.create_cluster( + ClusterIdentifier=cluster_id, + NodeType="dw.hs1.xlarge", + MasterUsername="username", + MasterUserPassword="password", + IamRoles=[iam_role], + ) + response = client.describe_clusters(ClusterIdentifier=cluster_id) + cluster = response['Clusters'][0] + iam_roles = [role['IamRoleArn'] for role in cluster['IamRoles']] + list(iam_roles).should.equal([iam_role.arn]) + + @mock_redshift_deprecated def test_create_cluster_with_parameter_group(): conn = boto.connect_redshift()