Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

IAM - Add Validation on duplicate policy names

Browse Source
This commit is contained in:
Bert Blommers 2019-11-11 09:14:22 +00:00
parent 422bca8e90
commit 85570f0abe
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
moto/iam/models.py
View File

@ -820,7 +820,7 @@ class IAMBackend(BaseBackend):
) )
if policy.arn in self.managed_policies: if policy.arn in self.managed_policies:
raise EntityAlreadyExists( raise EntityAlreadyExists(
"A policy called {} already exists. Duplicate names are not allowed.".format( "A policy called {0} already exists. Duplicate names are not allowed.".format(
policy_name policy_name
) )
) )

16
tests/test_iam/test_iam.py
View File

@ -2071,6 +2071,22 @@ def test_create_role_with_same_name_should_fail():
) )
@mock_iam
def test_create_policy_with_same_name_should_fail():
iam = boto3.client("iam", region_name="us-east-1")
test_policy_name = str(uuid4())
policy = iam.create_policy(PolicyName=test_policy_name, PolicyDocument=MOCK_POLICY)
# Create the role again, and verify that it fails
with assert_raises(ClientError) as err:
iam.create_policy(PolicyName=test_policy_name, PolicyDocument=MOCK_POLICY)
err.exception.response["Error"]["Code"].should.equal("EntityAlreadyExists")
err.exception.response["Error"]["Message"].should.equal(
"A policy called {0} already exists. Duplicate names are not allowed.".format(
test_policy_name
)
)
@mock_iam @mock_iam
def test_create_open_id_connect_provider(): def test_create_open_id_connect_provider():
client = boto3.client("iam", region_name="us-east-1") client = boto3.client("iam", region_name="us-east-1")