From 856a06a7785d3afa7e6b932c9a628bd1f4986299 Mon Sep 17 00:00:00 2001 From: Bert Blommers Date: Thu, 17 Oct 2019 09:28:19 +0100 Subject: [PATCH] IAM - Delete Policy implementation --- IMPLEMENTATION_COVERAGE.md | 2 +- moto/iam/models.py | 3 +++ moto/iam/responses.py | 6 +++++ .../test_lambda_eventsourcemappings.py | 0 tests/test_iam/test_iam.py | 25 ++++++++++++++++++- 5 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 tests/test_awslambda/test_lambda_eventsourcemappings.py diff --git a/IMPLEMENTATION_COVERAGE.md b/IMPLEMENTATION_COVERAGE.md index 57f169b8a..e304904c7 100644 --- a/IMPLEMENTATION_COVERAGE.md +++ b/IMPLEMENTATION_COVERAGE.md @@ -3194,7 +3194,7 @@ - [ ] delete_instance_profile - [X] delete_login_profile - [ ] delete_open_id_connect_provider -- [ ] delete_policy +- [X] delete_policy - [X] delete_policy_version - [X] delete_role - [ ] delete_role_permissions_boundary diff --git a/moto/iam/models.py b/moto/iam/models.py index d76df8a28..506f2a942 100644 --- a/moto/iam/models.py +++ b/moto/iam/models.py @@ -1099,6 +1099,9 @@ class IAMBackend(BaseBackend): user = self.get_user(user_name) user.delete_policy(policy_name) + def delete_policy(self, policy_arn): + del self.managed_policies[policy_arn] + def create_access_key(self, user_name=None): user = self.get_user(user_name) key = user.create_access_key() diff --git a/moto/iam/responses.py b/moto/iam/responses.py index 806dd37f4..8e63c1075 100644 --- a/moto/iam/responses.py +++ b/moto/iam/responses.py @@ -604,6 +604,12 @@ class IamResponse(BaseResponse): template = self.response_template(GENERIC_EMPTY_TEMPLATE) return template.render(name='DeleteUser') + def delete_policy(self): + policy_arn = self._get_param('PolicyArn') + iam_backend.delete_policy(policy_arn) + template = self.response_template(GENERIC_EMPTY_TEMPLATE) + return template.render(name='DeletePolicy') + def delete_login_profile(self): user_name = self._get_param('UserName') iam_backend.delete_login_profile(user_name) diff --git a/tests/test_awslambda/test_lambda_eventsourcemappings.py b/tests/test_awslambda/test_lambda_eventsourcemappings.py new file mode 100644 index 000000000..e69de29bb diff --git a/tests/test_iam/test_iam.py b/tests/test_iam/test_iam.py index fe2117a3a..36c9b1910 100644 --- a/tests/test_iam/test_iam.py +++ b/tests/test_iam/test_iam.py @@ -338,6 +338,16 @@ def test_create_policy(): response['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestCreatePolicy") +@mock_iam +def test_delete_policy(): + conn = boto3.client('iam', region_name='us-east-1') + response = conn.create_policy(PolicyName="TestCreatePolicy", PolicyDocument=MOCK_POLICY) + [pol['PolicyName'] for pol in conn.list_policies(Scope='Local')['Policies']].should.equal(['TestCreatePolicy']) + # + conn.delete_policy(PolicyArn=response['Policy']['Arn']) + assert conn.list_policies(Scope='Local')['Policies'].should.be.empty + + @mock_iam def test_create_policy_versions(): conn = boto3.client('iam', region_name='us-east-1') @@ -713,7 +723,7 @@ def test_mfa_devices(): @mock_iam_deprecated() -def test_delete_user(): +def test_delete_user_deprecated(): conn = boto.connect_iam() with assert_raises(BotoServerError): conn.delete_user('my-user') @@ -721,6 +731,19 @@ def test_delete_user(): conn.delete_user('my-user') +@mock_iam() +def test_delete_user(): + conn = boto3.client('iam', region_name='us-east-1') + with assert_raises(ClientError): + conn.delete_user(UserName='my-user') + # + conn.create_user(UserName='my-user') + [user['UserName'] for user in conn.list_users()['Users']].should.equal(['my-user']) + # + conn.delete_user(UserName='my-user') + assert conn.list_users()['Users'].should.be.empty + + @mock_iam_deprecated() def test_generate_credential_report(): conn = boto.connect_iam()