The pagination for this endpoint has been modified to more closely
model the real AWS behavior:
* Log Groups are now sorted alphabetically by `logGroupName`.
* `nextToken` is now a string containing the last `logGroupName` in the
current response.
* Specifying an invalid `nextToken` does not generate an error, but does
return an empty group list.
* `nextToken` is not included in the response if there are no additional
items to return.
Fixes#3395
* Properly coerce `Encrypted` attribute to bool on request/response.
* Create and use a default AWS managed CMK for EBS when clients request
an encrypted volume without specifying a KmsKeyId.
NOTE: A client-provided KmsKeyId is simply stored as-is, and is not validated
against the KMS backend. This is in keeping with other moto backends (RDS, Redshift)
that currently also accept unvalidated customer master key (CMK) parameters, but could
be an area for future improvement.
Closes#3248
* Enable more unit tests for ACM
* put a smile on travis-ci face
Co-authored-by: nom3ad <nom3ad@gmail.com>
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
* ACM: support `tags` parameter in import_certificate()
* ACM: support tags parameter in request_certificate()
* ACM: better tag operations with more unit tests
Co-authored-by: nom3ad <nom3ad@gmail.com>
The `tag_filter` method has been re-arranged to mimic the actual AWS behavior:
Return `True` if *any* tag matches a filter and *all* filters are matched.
Python's closures are late-binding, so we have to modify the lambdas accordingly!
Closes#2814
When comparing old and new values when doing a nested item update, the
`!=` implementation fails when the value being compared is `None`. This
results in an exception when trying to insert a new item into a nested
map. So just do a quick check that the original value is exists before
doing the comparison, as the `None` default is what is tripping this.
* SecretsManager - handle missing secrets versions
The get_secret_value method should raise ResourceNotFoundException
if a secret exists but the provided VersionId does not.
* Run black
* 2.x support
* black fix?
* secret is not a dict. Fix error msg output.
* Transcribe first cut: Medical: start, get and delete jobs.
* Added list_medical_transcription_job() support to Transcribe.
* Support for medical vocabularies.
* Added transcribe to list of backends to fix server mode error.
* PR3299 requested changes: don't offer deprecated decorator, regionalize download_uri, create/use service-specific exceptions.
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* Start working on flow logs
* Change test
* Constructing tests
* Changing exceptions and adding more tests
* Adding more tests
* Changing model and adding more tests
* Adding support for tags
* Mocking Access error with non-existing Log Group Name
* Adding FlowLogAlreadyExists support
* Changing style
* Reformatted code
* Reformatted tests
* Removing needless test
* Adding support for CloudFormation
* Reformatting slightly
* Removing arnparse and using split
* Rearranging tests
* Fixing FilterNotImplementedError test
* Moving imports to 'if' clauses and adding explicit test for 'cloud-watch-logs' type
* Setting names matching boto3 API and restoring 'not-implementd-filter' test
* Reformatting tests with black
* added organizations detach_policy response, model, and tests, issue #3239
Signed-off-by: Ben <ben.lipscomb@fmr.com>
* Created individual tests for detach_policy exceptions, updated regex statements for Root, OU, and Account Id
* Make ElasticAddress a tagged resource
To be able to filter on tags on ElasticAddresses, I need to have tags.
* remove unneeded commented lines
Was beginning of how to to it before further checking how it is done with other resources.
* do not ignore network-interface-owner-id filter
* add TODO about currently hardcoded region
* remove hardcoding region
* add testing for tags
creating and allocation, adding tags and querying for it
* separate test for tags into own method
* Linting
Co-authored-by: Bert Blommers <info@bertblommers.nl>
Support for cluster_id parameter substitution in autoscaling policy cloudwatch alarm dimensions.
New operations put_autoscaling_policy and remove_autoscaling_policy support
Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
* feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary
* minor test fix
* lint fixed
* refractored test case
* Issue 3224 s3 copy glacier object (#3318)
* 3224 Enhancement - S3 Copy restored glacier objects
- adds setter for expiry date
- copy sets expiry date to none when source is glacier object
- throws error for copying glacier object only if not restored/still restoring
* 3224 Enhancement - S3 Copy restored glacier objects
- throws error for copying deep archive object only if not restored/still restoring
* Fix:s3 List Object response:delimiter (#3254)
* Fix:s3 List Object delimiter in response
* fixed tests
* fixed failed tests
Co-authored-by: usmankb <usman@krazybee.com>
* feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary
* minor test fix
* lint fixed
* refractored test case
* added test case for put role exception
Co-authored-by: ruthbovell <63656505+ruthbovell@users.noreply.github.com>
Co-authored-by: usmangani1 <sgosman_chem@yahoo.com>
Co-authored-by: usmankb <usman@krazybee.com>
* Make IoT certificate id generation deterministic
Fixes#3321
As per https://stackoverflow.com/questions/55847788/how-does-aws-iot-generate-a-certificate-id,
the IoT certificate ID is the SHA256 fingerprint of the
certificate. Since moto doesn't generate full certificates we will
instead use the SHA256 hash of the passed certificate pem.
* Don't allow duplicate IoT certificates to be created
Fixes#3320
When using boto3, trying to register a certificate that already
exists will throw a ResourceAlreadyExistsException. Moto should
follow the same pattern to allow testing error handling code in
this area.
