Merge pull request #2415 from brunog3/fix-iam-policy-statements-with-empty-sid

Fix multiple IAM Policy Statement creation with empty sid
2019-09-11 22:04:35 -05:00 · 2019-09-11 22:04:35 -05:00 · e5311eb6f6
commit e5311eb6f6
parent f8cde9da9d 21933052d3
2 changed files with 21 additions and 2 deletions
--- a/moto/iam/policy_validation.py
+++ b/moto/iam/policy_validation.py
@ -152,8 +152,10 @@ class IAMPolicyDocumentValidator:
        sids = []
        for statement in self._statements:
            if "Sid" in statement:
-                assert statement["Sid"] not in sids
-                sids.append(statement["Sid"])
+                statementId = statement["Sid"]
+                if statementId:
+                    assert statementId not in sids
+                    sids.append(statementId)

    def _validate_statements_syntax(self):
        assert "Statement" in self._policy_json
--- a/tests/test_iam/test_iam_policies.py
+++ b/tests/test_iam/test_iam_policies.py
@ -1827,6 +1827,23 @@ valid_policy_documents = [
                "Resource": ["*"]
            }
        ]
+    },
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Sid": "",
+                "Effect": "Allow",
+                "Action": "rds:*",
+                "Resource": ["arn:aws:rds:region:*:*"]
+            },
+            {
+                "Sid": "",
+                "Effect": "Allow",
+                "Action": ["rds:Describe*"],
+                "Resource": ["*"]
+            }
+        ]
    }
 ]