IAM - Delete Policy implementation

2019-10-17 09:28:19 +01:00 · 2019-10-17 09:28:19 +01:00 · 856a06a778
commit 856a06a778
parent e261ddb063
5 changed files with 34 additions and 2 deletions
--- a/IMPLEMENTATION_COVERAGE.md
+++ b/IMPLEMENTATION_COVERAGE.md
@ -3194,7 +3194,7 @@
 - [ ] delete_instance_profile
 - [X] delete_login_profile
 - [ ] delete_open_id_connect_provider
- [ ] delete_policy
+- [X] delete_policy
 - [X] delete_policy_version
 - [X] delete_role
 - [ ] delete_role_permissions_boundary
--- a/moto/iam/models.py
+++ b/moto/iam/models.py
@ -1099,6 +1099,9 @@ class IAMBackend(BaseBackend):
        user = self.get_user(user_name)
        user.delete_policy(policy_name)

+    def delete_policy(self, policy_arn):
+        del self.managed_policies[policy_arn]
+
    def create_access_key(self, user_name=None):
        user = self.get_user(user_name)
        key = user.create_access_key()
--- a/moto/iam/responses.py
+++ b/moto/iam/responses.py
@ -604,6 +604,12 @@ class IamResponse(BaseResponse):
        template = self.response_template(GENERIC_EMPTY_TEMPLATE)
        return template.render(name='DeleteUser')

+    def delete_policy(self):
+        policy_arn = self._get_param('PolicyArn')
+        iam_backend.delete_policy(policy_arn)
+        template = self.response_template(GENERIC_EMPTY_TEMPLATE)
+        return template.render(name='DeletePolicy')
+
    def delete_login_profile(self):
        user_name = self._get_param('UserName')
        iam_backend.delete_login_profile(user_name)
--- a/tests/test_awslambda/test_lambda_eventsourcemappings.py
+++ b/tests/test_awslambda/test_lambda_eventsourcemappings.py
--- a/tests/test_iam/test_iam.py
+++ b/tests/test_iam/test_iam.py
@ -338,6 +338,16 @@ def test_create_policy():
    response['Policy']['Arn'].should.equal("arn:aws:iam::123456789012:policy/TestCreatePolicy")


+@mock_iam
+def test_delete_policy():
+    conn = boto3.client('iam', region_name='us-east-1')
+    response = conn.create_policy(PolicyName="TestCreatePolicy", PolicyDocument=MOCK_POLICY)
+    [pol['PolicyName'] for pol in conn.list_policies(Scope='Local')['Policies']].should.equal(['TestCreatePolicy'])
+    #
+    conn.delete_policy(PolicyArn=response['Policy']['Arn'])
+    assert conn.list_policies(Scope='Local')['Policies'].should.be.empty
+
+
@mock_iam
 def test_create_policy_versions():
    conn = boto3.client('iam', region_name='us-east-1')
@ -713,7 +723,7 @@ def test_mfa_devices():


@mock_iam_deprecated()
-def test_delete_user():
+def test_delete_user_deprecated():
    conn = boto.connect_iam()
    with assert_raises(BotoServerError):
        conn.delete_user('my-user')
@ -721,6 +731,19 @@ def test_delete_user():
    conn.delete_user('my-user')


+@mock_iam()
+def test_delete_user():
+    conn = boto3.client('iam', region_name='us-east-1')
+    with assert_raises(ClientError):
+        conn.delete_user(UserName='my-user')
+    #
+    conn.create_user(UserName='my-user')
+    [user['UserName'] for user in conn.list_users()['Users']].should.equal(['my-user'])
+    #
+    conn.delete_user(UserName='my-user')
+    assert conn.list_users()['Users'].should.be.empty
+
+
@mock_iam_deprecated()
 def test_generate_credential_report():
    conn = boto.connect_iam()