From 85570f0abed30c0a74eee9de36f07aad3c21c19b Mon Sep 17 00:00:00 2001 From: Bert Blommers Date: Mon, 11 Nov 2019 09:14:22 +0000 Subject: [PATCH] IAM - Add Validation on duplicate policy names --- moto/iam/models.py | 2 +- tests/test_iam/test_iam.py | 16 ++++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/moto/iam/models.py b/moto/iam/models.py index 3e744f6a7..df4fa987c 100644 --- a/moto/iam/models.py +++ b/moto/iam/models.py @@ -820,7 +820,7 @@ class IAMBackend(BaseBackend): ) if policy.arn in self.managed_policies: raise EntityAlreadyExists( - "A policy called {} already exists. Duplicate names are not allowed.".format( + "A policy called {0} already exists. Duplicate names are not allowed.".format( policy_name ) ) diff --git a/tests/test_iam/test_iam.py b/tests/test_iam/test_iam.py index 5146f891c..61b0d534c 100644 --- a/tests/test_iam/test_iam.py +++ b/tests/test_iam/test_iam.py @@ -2071,6 +2071,22 @@ def test_create_role_with_same_name_should_fail(): ) +@mock_iam +def test_create_policy_with_same_name_should_fail(): + iam = boto3.client("iam", region_name="us-east-1") + test_policy_name = str(uuid4()) + policy = iam.create_policy(PolicyName=test_policy_name, PolicyDocument=MOCK_POLICY) + # Create the role again, and verify that it fails + with assert_raises(ClientError) as err: + iam.create_policy(PolicyName=test_policy_name, PolicyDocument=MOCK_POLICY) + err.exception.response["Error"]["Code"].should.equal("EntityAlreadyExists") + err.exception.response["Error"]["Message"].should.equal( + "A policy called {0} already exists. Duplicate names are not allowed.".format( + test_policy_name + ) + ) + + @mock_iam def test_create_open_id_connect_provider(): client = boto3.client("iam", region_name="us-east-1")