Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

#2774 - Run Policy test on different method

Browse Source
This commit is contained in:
Bert Blommers 2020-03-05 15:49:30 +00:00
parent 00134d2df3
commit b19cf8a085
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
tests/test_core/test_auth.py
View File

@ -275,7 +275,7 @@ def test_access_denied_with_not_allowing_policy():
inline_policy_document = { inline_policy_document = {
"Version": "2012-10-17", "Version": "2012-10-17",
"Statement": [ "Statement": [
{"Effect": "Allow", "Action": ["ec2:Describe*"], "Resource": "*"} {"Effect": "Allow", "Action": ["ec2:Run*"], "Resource": "*"}
], ],
} }
access_key = create_user_with_access_key_and_inline_policy( access_key = create_user_with_access_key_and_inline_policy(
@ -288,12 +288,12 @@ def test_access_denied_with_not_allowing_policy():
aws_secret_access_key=access_key["SecretAccessKey"], aws_secret_access_key=access_key["SecretAccessKey"],
) )
with assert_raises(ClientError) as ex: with assert_raises(ClientError) as ex:
client.run_instances(MaxCount=1, MinCount=1) client.describe_instances()
ex.exception.response["Error"]["Code"].should.equal("AccessDenied") ex.exception.response["Error"]["Code"].should.equal("AccessDenied")
ex.exception.response["ResponseMetadata"]["HTTPStatusCode"].should.equal(403) ex.exception.response["ResponseMetadata"]["HTTPStatusCode"].should.equal(403)
ex.exception.response["Error"]["Message"].should.equal( ex.exception.response["Error"]["Message"].should.equal(
"User: arn:aws:iam::{account_id}:user/{user_name} is not authorized to perform: {operation}".format( "User: arn:aws:iam::{account_id}:user/{user_name} is not authorized to perform: {operation}".format(
account_id=ACCOUNT_ID, user_name=user_name, operation="ec2:RunInstances" account_id=ACCOUNT_ID, user_name=user_name, operation="ec2:DescribeInstances"
) )
) )