Merge pull request #2557 from reilings/fix_instance_profile_uniqueness

Fix IAM instance profile tracking to reflect AWS's requirement for account-unique names
2019-11-14 18:18:16 -08:00 · 2019-11-14 18:18:16 -08:00 · bf1715c3f1
commit bf1715c3f1
parent 19a0d381e2 cd0769af7e
2 changed files with 17 additions and 3 deletions
--- a/moto/iam/models.py
+++ b/moto/iam/models.py
@ -719,7 +719,7 @@ class AccountPasswordPolicy(BaseModel):

    def _format_error(self, key, value, constraint):
        return 'Value "{value}" at "{key}" failed to satisfy constraint: {constraint}'.format(
-            constraint=constraint, key=key, value=value,
+            constraint=constraint, key=key, value=value
        )

    def _raise_errors(self):
@ -731,7 +731,7 @@ class AccountPasswordPolicy(BaseModel):

            raise ValidationError(
                "{count} validation error{plural} detected: {errors}".format(
-                    count=count, plural=plural, errors=errors,
+                    count=count, plural=plural, errors=errors
                )
            )

@ -1104,11 +1104,17 @@ class IAMBackend(BaseBackend):
        raise IAMNotFoundException("Policy not found")

    def create_instance_profile(self, name, path, role_ids):
+        if self.instance_profiles.get(name):
+            raise IAMConflictException(
+                code="EntityAlreadyExists",
+                message="Instance Profile {0} already exists.".format(name),
+            )
+
        instance_profile_id = random_resource_id()

        roles = [iam_backend.get_role_by_id(role_id) for role_id in role_ids]
        instance_profile = InstanceProfile(instance_profile_id, name, path, roles)
-        self.instance_profiles[instance_profile_id] = instance_profile
+        self.instance_profiles[name] = instance_profile
        return instance_profile

    def get_instance_profile(self, profile_name):
--- a/tests/test_iam/test_iam.py
+++ b/tests/test_iam/test_iam.py
@ -169,6 +169,14 @@ def test_create_role_and_instance_profile():
    profile.path.should.equal("/")


+@mock_iam
+def test_create_instance_profile_should_throw_when_name_is_not_unique():
+    conn = boto3.client("iam", region_name="us-east-1")
+    conn.create_instance_profile(InstanceProfileName="unique-instance-profile")
+    with assert_raises(ClientError):
+        conn.create_instance_profile(InstanceProfileName="unique-instance-profile")
+
+
@mock_iam_deprecated()
 def test_remove_role_from_instance_profile():
    conn = boto.connect_iam()