IAM - Add Validation on duplicate policy names

2019-11-11 09:14:22 +00:00 · 2019-11-11 09:14:22 +00:00 · 85570f0abe
commit 85570f0abe
parent 422bca8e90
2 changed files with 17 additions and 1 deletions
--- a/moto/iam/models.py
+++ b/moto/iam/models.py
@ -820,7 +820,7 @@ class IAMBackend(BaseBackend):
        )
        if policy.arn in self.managed_policies:
            raise EntityAlreadyExists(
-                "A policy called {} already exists. Duplicate names are not allowed.".format(
+                "A policy called {0} already exists. Duplicate names are not allowed.".format(
                    policy_name
                )
            )
--- a/tests/test_iam/test_iam.py
+++ b/tests/test_iam/test_iam.py
@ -2071,6 +2071,22 @@ def test_create_role_with_same_name_should_fail():
    )


+@mock_iam
+def test_create_policy_with_same_name_should_fail():
+    iam = boto3.client("iam", region_name="us-east-1")
+    test_policy_name = str(uuid4())
+    policy = iam.create_policy(PolicyName=test_policy_name, PolicyDocument=MOCK_POLICY)
+    # Create the role again, and verify that it fails
+    with assert_raises(ClientError) as err:
+        iam.create_policy(PolicyName=test_policy_name, PolicyDocument=MOCK_POLICY)
+    err.exception.response["Error"]["Code"].should.equal("EntityAlreadyExists")
+    err.exception.response["Error"]["Message"].should.equal(
+        "A policy called {0} already exists. Duplicate names are not allowed.".format(
+            test_policy_name
+        )
+    )
+
+
@mock_iam
 def test_create_open_id_connect_provider():
    client = boto3.client("iam", region_name="us-east-1")