Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

IAM - Add all valid TrustPolicy actions (#5751)

Browse Source
This commit is contained in:
Bert Blommers 2022-12-10 19:23:34 -01:00 committed by GitHub
parent b2300f1eae
commit dc812d9990
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
moto/iam/policy_validation.py
View File

@ -557,9 +557,17 @@ class IAMTrustPolicyDocumentValidator(BaseIAMPolicyValidator):
@staticmethod @staticmethod
def _validate_trust_policy_action(action): def _validate_trust_policy_action(action):
# https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecuritytokenservice.html
assert action in ( assert action in (
"sts:AssumeRole", "sts:AssumeRole",
"sts:AssumeRoleWithSAML", "sts:AssumeRoleWithSAML",
"sts:AssumeRoleWithWebIdentity", "sts:AssumeRoleWithWebIdentity",
"sts:DecodeAuthorizationMessage",
"sts:GetAccessKeyInfo",
"sts:GetCallerIdentity",
"sts:GetFederationToken",
"sts:GetServiceBearerToken",
"sts:GetSessionToken",
"sts:SetSourceIdentity",
"sts:TagSession", "sts:TagSession",
) )