* fix OPTIONS requests on non-existing API GW integrations
* add cloudformation models for API Gateway deployments
* bump version
* add backdoor to return CloudWatch metrics
* Updating implementation coverage
* Updating implementation coverage
* add cloudformation models for API Gateway deployments
* Updating implementation coverage
* Updating implementation coverage
* Implemented get-caller-identity returning real data depending on the access key used.
* bump version
* minor fixes
* fix Number data_type for SQS message attribute
* fix handling of encoding errors
* bump version
* make CF stack queryable before starting to initialize its resources
* bump version
* fix integration_method for API GW method integrations
* fix undefined status in CF FakeStack
* Fix apigateway issues with terraform v0.12.21
* resource_methods -> add handle for "DELETE" method
* integrations -> fix issue that "httpMethod" wasn't included in body request (this value was set as the value from refer method resource)
* bump version
* Fix setting http method for API gateway integrations (#6)
* bump version
* remove duplicate methods
* add storage class to S3 Key when completing multipart upload (#7)
* fix SQS performance issues; bump version
* add pagination to SecretsManager list-secrets (#9)
* fix default parameter groups in RDS
* fix adding S3 metadata headers with names containing dots (#13)
* Updating implementation coverage
* Updating implementation coverage
* add cloudformation models for API Gateway deployments
* Updating implementation coverage
* Updating implementation coverage
* Implemented get-caller-identity returning real data depending on the access key used.
* make CF stack queryable before starting to initialize its resources
* bump version
* remove duplicate methods
* fix adding S3 metadata headers with names containing dots (#13)
* Update amis.json to support EKS AMI mocks (#15)
* fix PascalCase for boolean value in ListMultipartUploads response (#17); fix _get_multi_param to parse nested list/dict query params
* determine non-zero container exit code in Batch API
* support filtering by dimensions in CW get_metric_statistics
* fix storing attributes for ELBv2 Route entities; API GW refactorings for TF tests
* add missing fields for API GW resources
* fix error messages for Route53 (TF-compat)
* various fixes for IAM resources (tf-compat)
* minor fixes for API GW models (tf-compat)
* minor fixes for API GW responses (tf-compat)
* add s3 exception for bucket notification filter rule validation
* change the way RESTErrors generate the response body and content-type header
* fix lint errors and disable "black" syntax enforcement
* remove return type hint in RESTError.get_body
* add RESTError XML template for IAM exceptions
* add support for API GW minimumCompressionSize
* fix casing getting PrivateDnsEnabled API GW attribute
* minor fixes for error responses
* fix escaping special chars for IAM role descriptions (tf-compat)
* minor fixes and tagging support for API GW and ELB v2 (tf-compat)
* Merge branch 'master' into localstack
* add "AlarmRule" attribute to enable support for composite CloudWatch metrics
* fix recursive parsing of complex/nested query params
* bump version
* add API to delete S3 website configurations (#18)
* use dict copy to allow parallelism and avoid concurrent modification exceptions in S3
* fix precondition check for etags in S3 (#19)
* minor fix for user filtering in Cognito
* fix API Gateway error response; avoid returning empty response templates (tf-compat)
* support tags and tracingEnabled attribute for API GW stages
* fix boolean value in S3 encryption response (#20)
* fix connection arn structure
* fix api destination arn structure
* black format
* release 2.0.3.37
* fix s3 exception tests
see botocore/parsers.py:1002 where RequestId is removed from parsed
* remove python 2 from build action
* add test failure annotations in build action
* fix events test arn comparisons
* fix s3 encryption response test
* return default value "0" if EC2 availableIpAddressCount is empty
* fix extracting SecurityGroupIds for EC2 VPC endpoints
* support deleting/updating API Gateway DomainNames
* fix(events): Return empty string instead of null when no pattern is specified in EventPattern (tf-compat) (#22)
* fix logic and revert CF changes to get tests running again (#21)
* add support for EC2 customer gateway API (#25)
* add support for EC2 Transit Gateway APIs (#24)
* feat(logs): add `kmsKeyId` into `LogGroup` entity (#23)
* minor change in ELBv2 logic to fix tests
* feat(events): add APIs to describe and delete CloudWatch Events connections (#26)
* add support for EC2 transit gateway route tables (#27)
* pass transit gateway route table ID in Describe API, minor refactoring (#29)
* add support for EC2 Transit Gateway Routes (#28)
* fix region on ACM certificate import (#31)
* add support for EC2 transit gateway attachments (#30)
* add support for EC2 Transit Gateway VPN attachments (#32)
* fix account ID for logs API
* add support for DeleteOrganization API
* feat(events): store raw filter representation for CloudWatch events patterns (tf-compat) (#36)
* feat(events): add support to describe/update/delete CloudWatch API destinations (#35)
* add Cognito UpdateIdentityPool, CW Logs PutResourcePolicy
* feat(events): add support for tags in EventBus API (#38)
* fix parameter validation for Batch compute environments (tf-compat)
* revert merge conflicts in IMPLEMENTATION_COVERAGE.md
* format code using black
* restore original README; re-enable and fix CloudFormation tests
* restore tests and old logic for CF stack parameters from SSM
* parameterize RequestId/RequestID in response messages and revert related test changes
* undo LocalStack-specific adaptations
* minor fix
* Update CodeCov config to reflect removal of Py2
* undo change related to CW metric filtering; add additional test for CW metric statistics with dimensions
* Terraform - Extend whitelist of running tests
Co-authored-by: acsbendi <acsbendi28@gmail.com>
Co-authored-by: Phan Duong <duongpv@outlook.com>
Co-authored-by: Thomas Rausch <thomas@thrau.at>
Co-authored-by: Macwan Nevil <macnev2013@gmail.com>
Co-authored-by: Dominik Schubert <dominik.schubert91@gmail.com>
Co-authored-by: Gonzalo Saad <saad.gonzalo.ale@gmail.com>
Co-authored-by: Mohit Alonja <monty16597@users.noreply.github.com>
Co-authored-by: Miguel Gagliardo <migag9@gmail.com>
Co-authored-by: Bert Blommers <info@bertblommers.nl>
* Retrieve SAML Attribute by Name instead of relying on order which is too fragile
* Handle case when SAML Attribute SessionDuration is not provided, as it is not a required attribute from SAML response
When session duration not provided, AWS consider by default a duration of one hour as cited in the following documentation:
"If this attribute is not present, then the credential last for one hour (the default value of the DurationSeconds parameter of the AssumeRoleWithSAML API)."
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_assertions.html#saml_role-session-duration
Traceback was:
[...]
File "/Users/benjamin.brabant/Projects/PERSO/moto/moto/sts/responses.py", line 79, in assume_role_with_saml
role = sts_backend.assume_role_with_saml(
File "/Users/benjamin.brabant/Projects/PERSO/moto/moto/sts/models.py", line 99, in assume_role_with_saml
role = AssumedRole(**kwargs)
TypeError: __init__() missing 1 required positional argument: 'duration'
* Process saml xml namespaces properly instead of relying on textual prefix that can vary between identity providers
* Handle when SAML response AttributeValue xml tag contains attributes that force xmltodict to build a dictionary as for complex types instead of directly returning string value
Leverage force_cdata option of xmltodict parser that always return a complex dictionary even if xml tag contains only text and no attributes.
* Improve existing test_assume_role_with_saml to be coherent with other assume_role_with_saml tests and remove dead code at the same time
The AssumeRoleWithWebIdentity is a similar endpoint to STS's AssumeRole
where the authentication element is a JWT id_token from a configured OP.
This commit implements the functionality and relies on the same result
generated for the regular AssumeRole.
