diff --git a/requirements-dev.txt b/requirements-dev.txt
index c5f055a26..2aaca300b 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -1,5 +1,5 @@
 -r requirements.txt
-mock
+mock==3.0.5   # Last version compatible with Python 2.7
 nose
 black; python_version >= '3.6'
 regex==2019.11.1; python_version >= '3.6'   # Needed for black
diff --git a/setup.py b/setup.py
index 1dde71ac7..b806f7bae 100755
--- a/setup.py
+++ b/setup.py
@@ -1,20 +1,20 @@
 #!/usr/bin/env python
 from __future__ import unicode_literals
 import codecs
+from io import open
 import os
 import re
 import setuptools
 from setuptools import setup, find_packages
 import sys
 
-
 # Borrowed from pip at https://github.com/pypa/pip/blob/62c27dee45625e1b63d1e023b0656310f276e050/setup.py#L11-L15
 here = os.path.abspath(os.path.dirname(__file__))
 
 def read(*parts):
     # intentionally *not* adding an encoding option to open, See:
     #   https://github.com/pypa/virtualenv/issues/201#issuecomment-3145690
-    with codecs.open(os.path.join(here, *parts), 'r') as fp:
+    with open(os.path.join(here, *parts), 'r') as fp:
         return fp.read()
 
 
@@ -28,7 +28,8 @@ def get_version():
 
 
 install_requires = [
-    "Jinja2>=2.10.1",
+    "setuptools==44.0.0",
+    "Jinja2==2.11.0",
     "boto>=2.36.0",
     "boto3>=1.9.201",
     "botocore>=1.12.201",
@@ -41,14 +42,16 @@ install_requires = [
     "pytz",
     "python-dateutil<3.0.0,>=2.1",
     "python-jose<4.0.0",
-    "mock",
+    "mock==3.0.5",
     "docker>=2.5.1",
     "jsondiff>=1.1.2",
     "aws-xray-sdk!=0.96,>=0.93",
     "responses>=0.9.0",
     "idna<2.9,>=2.5",
     "cfn-lint>=0.4.0",
-    "sshpubkeys>=3.1.0,<4.0"
+    "sshpubkeys>=3.1.0,<4.0",
+    "zipp==0.6.0",
+    "more-itertools==5.0.0"
 ]
 
 extras_require = {
diff --git a/tests/test_core/test_auth.py b/tests/test_core/test_auth.py
index a8fde5d8c..29273cea7 100644
--- a/tests/test_core/test_auth.py
+++ b/tests/test_core/test_auth.py
@@ -274,9 +274,7 @@ def test_access_denied_with_not_allowing_policy():
     user_name = "test-user"
     inline_policy_document = {
         "Version": "2012-10-17",
-        "Statement": [
-            {"Effect": "Allow", "Action": ["ec2:Describe*"], "Resource": "*"}
-        ],
+        "Statement": [{"Effect": "Allow", "Action": ["ec2:Run*"], "Resource": "*"}],
     }
     access_key = create_user_with_access_key_and_inline_policy(
         user_name, inline_policy_document
@@ -288,12 +286,14 @@ def test_access_denied_with_not_allowing_policy():
         aws_secret_access_key=access_key["SecretAccessKey"],
     )
     with assert_raises(ClientError) as ex:
-        client.run_instances(MaxCount=1, MinCount=1)
+        client.describe_instances()
     ex.exception.response["Error"]["Code"].should.equal("AccessDenied")
     ex.exception.response["ResponseMetadata"]["HTTPStatusCode"].should.equal(403)
     ex.exception.response["Error"]["Message"].should.equal(
         "User: arn:aws:iam::{account_id}:user/{user_name} is not authorized to perform: {operation}".format(
-            account_id=ACCOUNT_ID, user_name=user_name, operation="ec2:RunInstances"
+            account_id=ACCOUNT_ID,
+            user_name=user_name,
+            operation="ec2:DescribeInstances",
         )
     )