Adding put_role_policy, get_role_policy, and list_role_policies, update_assume_role_policy
This commit is contained in:
Kevin Glisson
parent
7f6af025f3
commit
cc312d29fc
@ -26,6 +26,9 @@ class Role(object):
|
||||
policies=properties.get('Policies', []),
|
||||
)
|
||||
|
||||
def put_policy(self, policy_name, policy_json):
|
||||
self.policies[policy_name] = policy_json
|
||||
|
||||
@property
|
||||
def physical_resource_id(self):
|
||||
return self.id
|
||||
@ -202,6 +205,29 @@ class IAMBackend(BaseBackend):
|
||||
def get_roles(self):
|
||||
return self.roles.values()
|
||||
|
||||
def put_role_policy(self, role_name, policy_name, policy_json):
|
||||
role = self.get_role(role_name)
|
||||
if role:
|
||||
role.put_policy(policy_name, policy_json)
|
||||
else:
|
||||
raise BotoServerError(404, 'Not Found')
|
||||
|
||||
def get_role_policy(self, role_name, policy_name):
|
||||
role = self.get_role(role_name)
|
||||
if role:
|
||||
for p, d in role.policies.iteritems():
|
||||
if p == policy_name:
|
||||
return p, d
|
||||
else:
|
||||
raise BotoServerError(404, 'Not Found')
|
||||
|
||||
def list_role_policies(self, role_name):
|
||||
role = self.get_role(role_name)
|
||||
if role:
|
||||
return role.policies.keys()
|
||||
else:
|
||||
raise BotoServerError(404, 'Not Found')
|
||||
|
||||
def create_instance_profile(self, name, path, role_ids):
|
||||
instance_profile_id = random_resource_id()
|
||||
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
from __future__ import unicode_literals
|
||||
from __future__ import unicode_literals
|
||||
from jinja2 import Template
|
||||
|
||||
from moto.core.responses import BaseResponse
|
||||
@ -15,7 +16,7 @@ class IamResponse(BaseResponse):
|
||||
path = self._get_param('Path')
|
||||
assume_role_policy_document = self._get_param('AssumeRolePolicyDocument')
|
||||
|
||||
role = iam_backend.create_role(role_name, assume_role_policy_document, path, policies=[])
|
||||
role = iam_backend.create_role(role_name, assume_role_policy_document, path)
|
||||
template = Template(CREATE_ROLE_TEMPLATE)
|
||||
return template.render(role=role)
|
||||
|
||||
@ -26,6 +27,36 @@ class IamResponse(BaseResponse):
|
||||
template = Template(GET_ROLE_TEMPLATE)
|
||||
return template.render(role=role)
|
||||
|
||||
def list_role_policies(self):
|
||||
role_name = self._get_param('RoleName')
|
||||
role_policies_names = iam_backend.list_role_policies(role_name)
|
||||
template = Template(LIST_ROLE_POLICIES)
|
||||
return template.render(role_policies=role_policies_names)
|
||||
|
||||
def put_role_policy(self):
|
||||
role_name = self._get_param('RoleName')
|
||||
policy_name = self._get_param('PolicyName')
|
||||
policy_document = self._get_param('PolicyDocument')
|
||||
iam_backend.put_role_policy(role_name, policy_name, policy_document)
|
||||
template = Template(GENERIC_EMPTY_TEMPLATE)
|
||||
return template.render(name="PutRolePolicyResponse")
|
||||
|
||||
def get_role_policy(self):
|
||||
role_name = self._get_param('RoleName')
|
||||
policy_name = self._get_param('PolicyName')
|
||||
policy_name, policy_document = iam_backend.get_role_policy(role_name, policy_name)
|
||||
template = Template(GET_ROLE_POLICY_TEMPLATE)
|
||||
return template.render(role_name=role_name,
|
||||
policy_name=policy_name,
|
||||
policy_document=policy_document)
|
||||
|
||||
def update_assume_role_policy(self):
|
||||
role_name = self._get_param('RoleName')
|
||||
role = iam_backend.get_role(role_name)
|
||||
role.assume_role_policy_document = self._get_param('PolicyDocument')
|
||||
template = Template(GENERIC_EMPTY_TEMPLATE)
|
||||
return template.render(name="UpdateAssumeRolePolicyResponse")
|
||||
|
||||
def create_instance_profile(self):
|
||||
profile_name = self._get_param('InstanceProfileName')
|
||||
path = self._get_param('Path')
|
||||
@ -259,6 +290,17 @@ CREATE_ROLE_TEMPLATE = """<CreateRoleResponse xmlns="https://iam.amazonaws.com/d
|
||||
</ResponseMetadata>
|
||||
</CreateRoleResponse>"""
|
||||
|
||||
GET_ROLE_POLICY_TEMPLATE = """<GetRolePolicyResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||
<GetRolePolicyResult>
|
||||
<PolicyName>{{ policy_name }}</PolicyName>
|
||||
<RoleName>{{ role_name }}</RoleName>
|
||||
<PolicyDocument>{{ policy_document }}</PolicyDocument>
|
||||
</GetRolePolicyResult>
|
||||
<ResponseMetadata>
|
||||
<RequestId>7e7cd8bc-99ef-11e1-a4c3-27EXAMPLE804</RequestId>
|
||||
</ResponseMetadata>
|
||||
</GetRolePolicyResponse>"""
|
||||
|
||||
GET_ROLE_TEMPLATE = """<GetRoleResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||
<GetRoleResult>
|
||||
<Role>
|
||||
@ -302,6 +344,20 @@ LIST_ROLES_TEMPLATE = """<ListRolesResponse xmlns="https://iam.amazonaws.com/doc
|
||||
</ResponseMetadata>
|
||||
</ListRolesResponse>"""
|
||||
|
||||
LIST_ROLE_POLICIES = """<ListRolePoliciesResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||
<ListRolePoliciesResult>
|
||||
<PolicyNames>
|
||||
{% for policy_name in role_policies %}
|
||||
<member>{{ policy_name }}</member>
|
||||
{% endfor %}
|
||||
</PolicyNames>
|
||||
<IsTruncated>false</IsTruncated>
|
||||
</ListRolePoliciesResult>
|
||||
<ResponseMetadata>
|
||||
<RequestId>8c7e1816-99f0-11e1-a4c3-27EXAMPLE804</RequestId>
|
||||
</ResponseMetadata>
|
||||
</ListRolePoliciesResponse>"""
|
||||
|
||||
LIST_INSTANCE_PROFILES_TEMPLATE = """<ListInstanceProfilesResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
|
||||
<ListInstanceProfilesResult>
|
||||
<IsTruncated>false</IsTruncated>
|
||||
|
||||
@ -61,12 +61,33 @@ def test_create_role_and_instance_profile():
|
||||
conn.list_roles().roles[0].role_name.should.equal('my-role')
|
||||
conn.list_instance_profiles().instance_profiles[0].instance_profile_name.should.equal("my-profile")
|
||||
|
||||
|
||||
@mock_iam()
|
||||
def test_create_role():
|
||||
def test_list_role_policies():
|
||||
conn = boto.connect_iam()
|
||||
conn.create_role('test')
|
||||
with assert_raises(BotoServerError):
|
||||
conn.create_role('test')
|
||||
conn.create_role("my-role")
|
||||
conn.put_role_policy("my-role", "test policy", "my policy")
|
||||
role = conn.list_role_policies("my-role")
|
||||
role.policy_names[0].should.equal("test policy")
|
||||
|
||||
|
||||
@mock_iam()
|
||||
def test_put_role_policy():
|
||||
conn = boto.connect_iam()
|
||||
conn.create_role("my-role", assume_role_policy_document="some policy", path="my-path")
|
||||
conn.put_role_policy("my-role", "test policy", "my policy")
|
||||
policy = conn.get_role_policy("my-role", "test policy")['get_role_policy_response']['get_role_policy_result']['policy_name']
|
||||
policy.should.equal("test policy")
|
||||
|
||||
|
||||
@mock_iam()
|
||||
def test_update_assume_role_policy():
|
||||
conn = boto.connect_iam()
|
||||
role = conn.create_role("my-role")
|
||||
conn.update_assume_role_policy(role.role_name, "my-policy")
|
||||
role = conn.get_role("my-role")
|
||||
role.assume_role_policy_document.should.equal("my-policy")
|
||||
|
||||
|
||||
@mock_iam()
|
||||
def test_create_group():
|
||||
|
||||
Loading…
Reference in New Issue
Block a user