* Update cloudwatch.put_metric_alarm to accept TreatMissingData and Tags parameter
* Add parameter ExtendedStatistic and EvaluateLowSampleCountPercentile to cloudwatch.put_metric_alarm
* Add parameter ThresholdMetricId to cloudwatch.put_metric_alarm
* fix OPTIONS requests on non-existing API GW integrations
* add cloudformation models for API Gateway deployments
* bump version
* add backdoor to return CloudWatch metrics
* Updating implementation coverage
* Updating implementation coverage
* add cloudformation models for API Gateway deployments
* Updating implementation coverage
* Updating implementation coverage
* Implemented get-caller-identity returning real data depending on the access key used.
* bump version
* minor fixes
* fix Number data_type for SQS message attribute
* fix handling of encoding errors
* bump version
* make CF stack queryable before starting to initialize its resources
* bump version
* fix integration_method for API GW method integrations
* fix undefined status in CF FakeStack
* Fix apigateway issues with terraform v0.12.21
* resource_methods -> add handle for "DELETE" method
* integrations -> fix issue that "httpMethod" wasn't included in body request (this value was set as the value from refer method resource)
* bump version
* Fix setting http method for API gateway integrations (#6)
* bump version
* remove duplicate methods
* add storage class to S3 Key when completing multipart upload (#7)
* fix SQS performance issues; bump version
* add pagination to SecretsManager list-secrets (#9)
* fix default parameter groups in RDS
* fix adding S3 metadata headers with names containing dots (#13)
* Updating implementation coverage
* Updating implementation coverage
* add cloudformation models for API Gateway deployments
* Updating implementation coverage
* Updating implementation coverage
* Implemented get-caller-identity returning real data depending on the access key used.
* make CF stack queryable before starting to initialize its resources
* bump version
* remove duplicate methods
* fix adding S3 metadata headers with names containing dots (#13)
* Update amis.json to support EKS AMI mocks (#15)
* fix PascalCase for boolean value in ListMultipartUploads response (#17); fix _get_multi_param to parse nested list/dict query params
* determine non-zero container exit code in Batch API
* support filtering by dimensions in CW get_metric_statistics
* fix storing attributes for ELBv2 Route entities; API GW refactorings for TF tests
* add missing fields for API GW resources
* fix error messages for Route53 (TF-compat)
* various fixes for IAM resources (tf-compat)
* minor fixes for API GW models (tf-compat)
* minor fixes for API GW responses (tf-compat)
* add s3 exception for bucket notification filter rule validation
* change the way RESTErrors generate the response body and content-type header
* fix lint errors and disable "black" syntax enforcement
* remove return type hint in RESTError.get_body
* add RESTError XML template for IAM exceptions
* add support for API GW minimumCompressionSize
* fix casing getting PrivateDnsEnabled API GW attribute
* minor fixes for error responses
* fix escaping special chars for IAM role descriptions (tf-compat)
* minor fixes and tagging support for API GW and ELB v2 (tf-compat)
* Merge branch 'master' into localstack
* add "AlarmRule" attribute to enable support for composite CloudWatch metrics
* fix recursive parsing of complex/nested query params
* bump version
* add API to delete S3 website configurations (#18)
* use dict copy to allow parallelism and avoid concurrent modification exceptions in S3
* fix precondition check for etags in S3 (#19)
* minor fix for user filtering in Cognito
* fix API Gateway error response; avoid returning empty response templates (tf-compat)
* support tags and tracingEnabled attribute for API GW stages
* fix boolean value in S3 encryption response (#20)
* fix connection arn structure
* fix api destination arn structure
* black format
* release 2.0.3.37
* fix s3 exception tests
see botocore/parsers.py:1002 where RequestId is removed from parsed
* remove python 2 from build action
* add test failure annotations in build action
* fix events test arn comparisons
* fix s3 encryption response test
* return default value "0" if EC2 availableIpAddressCount is empty
* fix extracting SecurityGroupIds for EC2 VPC endpoints
* support deleting/updating API Gateway DomainNames
* fix(events): Return empty string instead of null when no pattern is specified in EventPattern (tf-compat) (#22)
* fix logic and revert CF changes to get tests running again (#21)
* add support for EC2 customer gateway API (#25)
* add support for EC2 Transit Gateway APIs (#24)
* feat(logs): add `kmsKeyId` into `LogGroup` entity (#23)
* minor change in ELBv2 logic to fix tests
* feat(events): add APIs to describe and delete CloudWatch Events connections (#26)
* add support for EC2 transit gateway route tables (#27)
* pass transit gateway route table ID in Describe API, minor refactoring (#29)
* add support for EC2 Transit Gateway Routes (#28)
* fix region on ACM certificate import (#31)
* add support for EC2 transit gateway attachments (#30)
* add support for EC2 Transit Gateway VPN attachments (#32)
* fix account ID for logs API
* add support for DeleteOrganization API
* feat(events): store raw filter representation for CloudWatch events patterns (tf-compat) (#36)
* feat(events): add support to describe/update/delete CloudWatch API destinations (#35)
* add Cognito UpdateIdentityPool, CW Logs PutResourcePolicy
* feat(events): add support for tags in EventBus API (#38)
* fix parameter validation for Batch compute environments (tf-compat)
* revert merge conflicts in IMPLEMENTATION_COVERAGE.md
* format code using black
* restore original README; re-enable and fix CloudFormation tests
* restore tests and old logic for CF stack parameters from SSM
* parameterize RequestId/RequestID in response messages and revert related test changes
* undo LocalStack-specific adaptations
* minor fix
* Update CodeCov config to reflect removal of Py2
* undo change related to CW metric filtering; add additional test for CW metric statistics with dimensions
* Terraform - Extend whitelist of running tests
Co-authored-by: acsbendi <acsbendi28@gmail.com>
Co-authored-by: Phan Duong <duongpv@outlook.com>
Co-authored-by: Thomas Rausch <thomas@thrau.at>
Co-authored-by: Macwan Nevil <macnev2013@gmail.com>
Co-authored-by: Dominik Schubert <dominik.schubert91@gmail.com>
Co-authored-by: Gonzalo Saad <saad.gonzalo.ale@gmail.com>
Co-authored-by: Mohit Alonja <monty16597@users.noreply.github.com>
Co-authored-by: Miguel Gagliardo <migag9@gmail.com>
Co-authored-by: Bert Blommers <info@bertblommers.nl>
* Update implementation coverage
* EC2 - Update instance type offerings
* IAM - update list of managed policies
* Changelog for release 2.0.9
* Instance Type Offerings - fix number of available offerings
* add test that fails with FilterNotImplementedError
* describe_network_acls: add support for owner-id filter
Co-authored-by: Kevin Neal <Kevin_Neal@intuit.com>
* Make security rules consistent between direct (backend) and indirect (api) boundaries
Security rules added directly via the backend were unable to be revoked via the API
because the port values were being stored as strings but were always coerced back
to integers by the botocore model. `"0" != 0`, so the rules would never match,
raising an `InvalidPermissionNotFoundError`.
This change ensures that the port values for a security group rule are always of type
`Union[int, None]`.
No tests needed to be modified as a result of this change. A new test was added that
explicitly covers the behavior that had been failing.
* Skip test in server mode
The `InvalidPermission.Duplicate` error was already implemented for inbound rules,
but AWS also returns this error for duplicate outbound rules.
Very minor changes were needed on existing tests that were adding duplicate
outbound rules (when testing the RulesPerSecurityGroupLimitExceeded error).
* fix route table association by internet gateway per https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateRouteTable.html
* Route53
- Add test for route table association by internet gateway
- Minor test tweak for Main route table values
TODO: explicitly set the route table main route association
* Route53
- forgot subnet id association test
Co-authored-by: Tony Greising-Murschel <tony@platform.sh>
These tests, when run, do not execute any `moto` code. They fail the
parameter validation check in `botocore`, which raises an exception
before ever sending a request. These tests do not cover or verify
any `moto` behavior and have been removed.
* Address `boto` deprecation warnings
This commit eliminates the following warning:
../boto/ec2/connection.py:582:
PendingDeprecationWarning: The current get_all_instances implementation will be replaced with get_all_reservations.
`boto` isn't likely to ever make good on this warning, but doing the replacement will
declutter the `moto` test output.
* Remove `invoke_lambda` tracebacks from unit test logging
If an exception is encountered, the details are returned in the response payload.
Printing the traceback was just adding noise to the pytest output.
* Use known AMIs in unit tests
This commit eliminates the following warning in the pytest output:
`PendingDeprecationWarning: Could not find AMI with image-id:ami-123456, in the near future this will cause an error.`
Known, pre-loaded AMI image ids are used instead of random ids that don't actually
exist in the moto backend. The integrity of the tests is unaffected by this change.
A test has been added to provide explicit coverage of the PendingDeprecationWarning
raised when an invalid AMI image id is passed to moto.
This commit eliminates the following warning (of which there are currently dozens):
../boto/ec2/connection.py:582:
PendingDeprecationWarning: The current get_all_instances implementation will be replaced with get_all_reservations.
`boto` isn't likely to ever make good on this warning, but doing the replacement will
declutter the `moto` test output.
* Fix ec2 filter by empty tag value
Return `None` instead of an empty string when the tag key does not exist
and replace the falsy check with a more explicit `is None`, which allows
empty string values to correctly pass through the filter comparator.
Behavior confirmed against a real AWS backend.
Closes#3603
* Make test case more explicit
Test case now pulled directly from the issue report (#3603).
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
* Properly coerce `privateDnsEnabled` to boolean value when parsing requests.
* Per AWS spec, default `privateDnsEnabled` request value to `True`.
* Properly serialize `privateDnsEnabled` as boolean value in responses.
* Add test coverage.
Ref: #3540
The `boto` library (long ago superseded by `boto3`) has not had an official
release in over two years or even a commit in the last 18 months. Importing
the package (or indirectly importing it by via `moto`) generates a deprecation
warning. Additionally, an ever-increasing number of `moto` users who have
left `boto` behind for `boto3` are still being forced to install `boto`.
This commit vendors a very small subset of the `boto` library--only the code
required by `moto` to run--into the /packages subdirectory. A README file
is included explaining the origin of the files and a recommendation for how
they can be removed entirely in a future release.
NOTE: Users of `boto` will still be able to use `moto` after this is merged.
closes#2978closes#3013closes#3170closes#3418
relates to #2950
* Properly coerce `Encrypted` attribute to bool on request/response.
* Create and use a default AWS managed CMK for EBS when clients request
an encrypted volume without specifying a KmsKeyId.
NOTE: A client-provided KmsKeyId is simply stored as-is, and is not validated
against the KMS backend. This is in keeping with other moto backends (RDS, Redshift)
that currently also accept unvalidated customer master key (CMK) parameters, but could
be an area for future improvement.
Closes#3248
* Start working on flow logs
* Change test
* Constructing tests
* Changing exceptions and adding more tests
* Adding more tests
* Changing model and adding more tests
* Adding support for tags
* Mocking Access error with non-existing Log Group Name
* Adding FlowLogAlreadyExists support
* Changing style
* Reformatted code
* Reformatted tests
* Removing needless test
* Adding support for CloudFormation
* Reformatting slightly
* Removing arnparse and using split
* Rearranging tests
* Fixing FilterNotImplementedError test
* Moving imports to 'if' clauses and adding explicit test for 'cloud-watch-logs' type
* Setting names matching boto3 API and restoring 'not-implementd-filter' test
* Reformatting tests with black
* Make ElasticAddress a tagged resource
To be able to filter on tags on ElasticAddresses, I need to have tags.
* remove unneeded commented lines
Was beginning of how to to it before further checking how it is done with other resources.
* do not ignore network-interface-owner-id filter
* add TODO about currently hardcoded region
* remove hardcoding region
* add testing for tags
creating and allocation, adding tags and querying for it
* separate test for tags into own method
* Linting
Co-authored-by: Bert Blommers <info@bertblommers.nl>
* Add support for Description in egress rule response
* Update SecurityGroup default egress rule ip range
* Remove extra commas
* Remove extra commas
* Lower docker package in Travis
* Add more lambda vars per PR 3247
* Remove code added in 3247
* Add tests for egress rules with Descriptions
* Reformat based on black
Co-authored-by: spillin <jmbollard@me.com>
* implement register_image
* format code
* add user_ids to snapshot model
* implement register_image
* format code
* add user_ids to snapshot model
* trying to un-deprecate tests
* Write tests and finalize implementation
* Add region parameter to boto3 resource call
* fixed test error
* Add test for describe_instance_types
It currently fails due to an invalid XML schema
* Add more detail to test
* Fix the XML schema for describe_instance_types
* Adding attchment.vpc-id, attachment.state, type, and vpn-gateway-id filters for VPN Gateways. fixes#3154
* Run formatting on tests
Co-authored-by: Alan Baldwin <alan.baldwin.jr@gmail.com>
This test is useful because before the last commit using copy_image
would not set the owner_id to the same one used when calling
describe_images.
For example, this code
conn = boto3.client("ec2")
copy_resp = conn.copy_image(
SourceImageId="ami-whatever",
...
)
describe_resp = conn.describe_images(
Owners=["self"]
)
Would result in describe_resp being empty, when it should contain the
image from the copy_resp before it.
By ensuring the owner ids are the same (see ce4059f6) the code example
now works as expected.
Previously there were a couple models which used different owner ids by
default, which could make tests relying on them fail if someone wasn't
expecting that. This change ensures a uniform owner id between
resources.
* Removed Tags field from create_subnet response.
* Added DefaultForAz to create_subnet response.
* Added MapPublicIpOnLaunch to create_subnet response.
* Added OwnerId to create_subnet response.
* Added AssignIpv6AddressOnCreation field for create_subnet and describe_subnet and implemented setting it in modify_subnet_attribute.
* Added SubnetArn to create_subnet response.
* Added AvailabilityZoneId to create_subnet and describe_subnet responses, and error for invalid availability zone.
* Added Ipv6CidrBlockAssociationSet to create_subnet response.
* Added missing fields to describe_subnets response.
* Added myself to list of contributors and marked describe_subnet as implemented.
* Fixed linting errors.
* Fixed blank line containing a tab.
* Fixed accidentally deleted ).
* Fixed broken tests.
* Fixed a bug where default network ACL entries could not be deleted.
* Implemented throwing error when a network entry with the same rule number and egress value already exists.
* Fixed syntax errors.
* Added socket.timeout to possibly raised exceptions in wait_for for Python 3.
Add a class level store in models/VPCPeeringConnectionBackend of ec2
for saving vpc peering connection.
Any instance can correctly save VPC peering connection info
on both region when it create vpc peering connection.
Update vpc_peering_connections in ec2/responses to meet new version:
DESCRIBE_VPC_PEERING_CONNECTIONS_RESPONSE,
ACCEPT_VPC_PEERING_CONNECTION_RESPONSE,
Previous code only create one region VPC peering connection but
doesn't create the other region VPC peering connection
when create cross region VPC peering connection.
Tested in real AWS environment at first
and create unit test case according to real AWS environment response.
Add 5 test cases
VPC cross region delete case
VPC cross region accept case
VPC cross region accept wrong region case
VPC cross region reject case
VPC cross region reject wrong region case
Related: #1842, #1830
AWS always assigns a primary IP address to Network Interfaces.
Using a test account (modified the IP):
>>> import boto
>>> vpc = boto.connect_vpc()
>>> eni = vpc.create_network_interface(subnet_id)
>>> eni.private_ip_addresses
[PrivateIPAddress(10.1.2.3, primary=True)]
This commit adds a test for a case where an EBS volume has no tags. When
an EBS volume has no tags, calls to the aws ec2 endpoints `create_volume`
and `describe_volumes` do not include the `Tags` key in the
`response.Volumes[]` object.
However, moto does include the `Tags` key in this case. This discrepancy
in behaviour can result in code passing a moto test but failing in
production.
Sample snippets that trigger this condition:
```
def create_volume_and_then_get_tags_from_response():
client = boto3.client('ec2', region_name='us-east-1')
volume_response = client.create_volume(
Size=10,
AvailabilityZone='us-east-1a'
)
keys = volume_response['Keys']
```
```
def create_volume_and_then_get_tags_from_describe_volumes():
client = boto3.client('ec2', region_name='us-east-1')
volume_response = client.create_volume(
Size=10,
AvailabilityZone='us-east-1a'
)
volume_describe_response = client.describe_volumes()
keys = volume_describe_response['Volumes'][0]['Keys']
```
Both sample snippets will succeed in a moto test, but fail with a
`KeyError` when using the aws api.
Add a class level store in models/VPCBackend of ec2
for saving vpcs of all regions info. Any instance can correctly find vpc in another region
when connecting vpc of cross-region or vpc of same region.
Modify vpc_peering_connections in ec2/responses to handle
vpc peering of same region or cross region.
Update vpc_peering_connections response
template content to latest (2016-11-15) .
Add vpc cross region peering successful test case.
Add vpc cross region peering fail test case.
Related: https://github.com/spulec/moto/issues/1830
Reference
CreateVpcPeeringConnection Sample Response
https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVpcPeeringConnection.html
* Enable Extended CIDR Associations on VPC
* Ooops missed the utils, try to be more flakey?, remove unnecessary part in tests
* try to be even more flakey
* Delete the volume used during AMI creation
Creating an AMI doesn't actually result in the creation of an EBS
volume, although the associated snapshot does reference one. To that
end, delete the volume once we've used it.
* Add `owner_id` to `Snapshot`, verify AMI snapshots
The default AMIs which are created by moto have EBS volume mappings
but the snapshots associated with those don't have the correct
owners set.
This adds the owner to the snapshot model and passes it through from
the JSON data.
The logic which contructed a list of values for parameters with
multiple values was flawed in that e.g. `Subnet.1` and `Subnet.10`
would be have their values counted against `Subnet.1` because they
share a prefix.
This now checks for a starting `.` before counting that name as
having the requested prefix.
The AWS docs say that: "Currently, the resource types that support
tagging on creation are instance and volume." Calling `create_volume`
and passing `image` as the resource type in tag specifications causes
an `InvalidParameterValue` error.
- missing and malformed image ids
- test_ami_filters
- test_ami_copy tests
- test_ami_create_and_delete test
- test_ami_filter_wildcard test
- the rest of the tests by using the non-deprecated mock_ec2
In trying to debug changes to the ami mock introduced in 1.1.25,
I noticed that the ami tests were not running. Turns out that nose does not
run test files that are executable.
http://nose.readthedocs.io/en/latest/finding_tests.html
The ami test file was the only test file I could find that had the executable bit set.
* Adding owner-id/OwnerId to the AMI classes to allow the value to be specified to test filtering images based on owner.
* Added default AMIs and filtering by owner-id
* Fixed some tests
* Fixed more random tests
* Updated MANIFEST
* .
* add private-dns-name to filter_dict_attribute_mapping
* add region_name attribute to Instance and InstanceResponse
* set dns name based on region
* test private-dns-name and network-interface.private-dns-name filters. checking both regional dns formats
* update test_ec2_classic_has_public_ip_address to use correct dns values
Boto can be configured with extra regions, but moto will fail to import
if they are not in the hardcoded list in ec2/models.py. Instead, use the
region list from boto to build the ec2_backends dict to ensure all
regions are available.
* made the Security Group backend throw the same error as AWS if the security group limit is hit
* included in the security group limit the count of grants to other security groups & updated the unit tests to cover these
* refactored a few things about the sec group rule count limit