bbd7fefb37
* initial work - adding put_secret_value and list_secret_versions * Added support for versions in all functions except rotate_secret * more work - refactor rotate_secret method - now, adds a new version of the secret and points default version id to it - updated implementation coverage readme - element in list check to fix unit test - fixed linting errors - added tests, fixed exception, failing tests still - secrets_manager/test_server fails when running whole suite, but not when running that individual test file * fixed failing test_get_secret_value * Removed test.py. Fixed condition statement. * fixed default stages + adding AWSPREVIOUS * remove old AWSPREVIOUS stages
570 lines
21 KiB
Python
570 lines
21 KiB
Python
from __future__ import unicode_literals
|
|
|
|
import boto3
|
|
|
|
from moto import mock_secretsmanager
|
|
from botocore.exceptions import ClientError
|
|
import string
|
|
import unittest
|
|
import pytz
|
|
from datetime import datetime
|
|
from nose.tools import assert_raises
|
|
|
|
DEFAULT_SECRET_NAME = 'test-secret'
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_get_secret_value():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
create_secret = conn.create_secret(Name='java-util-test-password',
|
|
SecretString="foosecret")
|
|
result = conn.get_secret_value(SecretId='java-util-test-password')
|
|
assert result['SecretString'] == 'foosecret'
|
|
|
|
@mock_secretsmanager
|
|
def test_get_secret_that_does_not_exist():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.get_secret_value(SecretId='i-dont-exist')
|
|
|
|
@mock_secretsmanager
|
|
def test_get_secret_that_does_not_match():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
create_secret = conn.create_secret(Name='java-util-test-password',
|
|
SecretString="foosecret")
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.get_secret_value(SecretId='i-dont-match')
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_get_secret_value_that_is_marked_deleted():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
conn.delete_secret(SecretId='test-secret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.get_secret_value(SecretId='test-secret')
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_create_secret():
|
|
conn = boto3.client('secretsmanager', region_name='us-east-1')
|
|
|
|
result = conn.create_secret(Name='test-secret', SecretString="foosecret")
|
|
assert result['ARN']
|
|
assert result['Name'] == 'test-secret'
|
|
secret = conn.get_secret_value(SecretId='test-secret')
|
|
assert secret['SecretString'] == 'foosecret'
|
|
|
|
@mock_secretsmanager
|
|
def test_create_secret_with_tags():
|
|
conn = boto3.client('secretsmanager', region_name='us-east-1')
|
|
secret_name = 'test-secret-with-tags'
|
|
|
|
result = conn.create_secret(
|
|
Name=secret_name,
|
|
SecretString="foosecret",
|
|
Tags=[{"Key": "Foo", "Value": "Bar"}, {"Key": "Mykey", "Value": "Myvalue"}]
|
|
)
|
|
assert result['ARN']
|
|
assert result['Name'] == secret_name
|
|
secret_value = conn.get_secret_value(SecretId=secret_name)
|
|
assert secret_value['SecretString'] == 'foosecret'
|
|
secret_details = conn.describe_secret(SecretId=secret_name)
|
|
assert secret_details['Tags'] == [{"Key": "Foo", "Value": "Bar"}, {"Key": "Mykey", "Value": "Myvalue"}]
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_delete_secret():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
deleted_secret = conn.delete_secret(SecretId='test-secret')
|
|
|
|
assert deleted_secret['ARN']
|
|
assert deleted_secret['Name'] == 'test-secret'
|
|
assert deleted_secret['DeletionDate'] > datetime.fromtimestamp(1, pytz.utc)
|
|
|
|
secret_details = conn.describe_secret(SecretId='test-secret')
|
|
|
|
assert secret_details['ARN']
|
|
assert secret_details['Name'] == 'test-secret'
|
|
assert secret_details['DeletedDate'] > datetime.fromtimestamp(1, pytz.utc)
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_delete_secret_force():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
result = conn.delete_secret(SecretId='test-secret', ForceDeleteWithoutRecovery=True)
|
|
|
|
assert result['ARN']
|
|
assert result['DeletionDate'] > datetime.fromtimestamp(1, pytz.utc)
|
|
assert result['Name'] == 'test-secret'
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.get_secret_value(SecretId='test-secret')
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_delete_secret_that_does_not_exist():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.delete_secret(SecretId='i-dont-exist', ForceDeleteWithoutRecovery=True)
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_delete_secret_fails_with_both_force_delete_flag_and_recovery_window_flag():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.delete_secret(SecretId='test-secret', RecoveryWindowInDays=1, ForceDeleteWithoutRecovery=True)
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_delete_secret_recovery_window_too_short():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.delete_secret(SecretId='test-secret', RecoveryWindowInDays=6)
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_delete_secret_recovery_window_too_long():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.delete_secret(SecretId='test-secret', RecoveryWindowInDays=31)
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_delete_secret_that_is_marked_deleted():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
deleted_secret = conn.delete_secret(SecretId='test-secret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.delete_secret(SecretId='test-secret')
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_password_default_length():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password()
|
|
assert len(random_password['RandomPassword']) == 32
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_password_default_requirements():
|
|
# When require_each_included_type, default true
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password()
|
|
# Should contain lowercase, upppercase, digit, special character
|
|
assert any(c.islower() for c in random_password['RandomPassword'])
|
|
assert any(c.isupper() for c in random_password['RandomPassword'])
|
|
assert any(c.isdigit() for c in random_password['RandomPassword'])
|
|
assert any(c in string.punctuation
|
|
for c in random_password['RandomPassword'])
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_password_custom_length():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=50)
|
|
assert len(random_password['RandomPassword']) == 50
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_exclude_lowercase():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=55,
|
|
ExcludeLowercase=True)
|
|
assert any(c.islower() for c in random_password['RandomPassword']) == False
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_exclude_uppercase():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=55,
|
|
ExcludeUppercase=True)
|
|
assert any(c.isupper() for c in random_password['RandomPassword']) == False
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_exclude_characters_and_symbols():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=20,
|
|
ExcludeCharacters='xyzDje@?!.')
|
|
assert any(c in 'xyzDje@?!.' for c in random_password['RandomPassword']) == False
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_exclude_numbers():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=100,
|
|
ExcludeNumbers=True)
|
|
assert any(c.isdigit() for c in random_password['RandomPassword']) == False
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_exclude_punctuation():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=100,
|
|
ExcludePunctuation=True)
|
|
assert any(c in string.punctuation
|
|
for c in random_password['RandomPassword']) == False
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_include_space_false():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=300)
|
|
assert any(c.isspace() for c in random_password['RandomPassword']) == False
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_include_space_true():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=4,
|
|
IncludeSpace=True)
|
|
assert any(c.isspace() for c in random_password['RandomPassword']) == True
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_require_each_included_type():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
random_password = conn.get_random_password(PasswordLength=4,
|
|
RequireEachIncludedType=True)
|
|
assert any(c in string.punctuation for c in random_password['RandomPassword']) == True
|
|
assert any(c in string.ascii_lowercase for c in random_password['RandomPassword']) == True
|
|
assert any(c in string.ascii_uppercase for c in random_password['RandomPassword']) == True
|
|
assert any(c in string.digits for c in random_password['RandomPassword']) == True
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_too_short_password():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
with assert_raises(ClientError):
|
|
random_password = conn.get_random_password(PasswordLength=3)
|
|
|
|
@mock_secretsmanager
|
|
def test_get_random_too_long_password():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
with assert_raises(Exception):
|
|
random_password = conn.get_random_password(PasswordLength=5555)
|
|
|
|
@mock_secretsmanager
|
|
def test_describe_secret():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
conn.create_secret(Name='test-secret-2',
|
|
SecretString='barsecret')
|
|
|
|
secret_description = conn.describe_secret(SecretId='test-secret')
|
|
secret_description_2 = conn.describe_secret(SecretId='test-secret-2')
|
|
|
|
assert secret_description # Returned dict is not empty
|
|
assert secret_description['Name'] == ('test-secret')
|
|
assert secret_description['ARN'] != '' # Test arn not empty
|
|
assert secret_description_2['Name'] == ('test-secret-2')
|
|
assert secret_description_2['ARN'] != '' # Test arn not empty
|
|
|
|
@mock_secretsmanager
|
|
def test_describe_secret_that_does_not_exist():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.get_secret_value(SecretId='i-dont-exist')
|
|
|
|
@mock_secretsmanager
|
|
def test_describe_secret_that_does_not_match():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.get_secret_value(SecretId='i-dont-match')
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_list_secrets_empty():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
secrets = conn.list_secrets()
|
|
|
|
assert secrets['SecretList'] == []
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_list_secrets():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
conn.create_secret(Name='test-secret-2',
|
|
SecretString='barsecret',
|
|
Tags=[{
|
|
'Key': 'a',
|
|
'Value': '1'
|
|
}])
|
|
|
|
secrets = conn.list_secrets()
|
|
|
|
assert secrets['SecretList'][0]['ARN'] is not None
|
|
assert secrets['SecretList'][0]['Name'] == 'test-secret'
|
|
assert secrets['SecretList'][1]['ARN'] is not None
|
|
assert secrets['SecretList'][1]['Name'] == 'test-secret-2'
|
|
assert secrets['SecretList'][1]['Tags'] == [{
|
|
'Key': 'a',
|
|
'Value': '1'
|
|
}]
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_restore_secret():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
conn.delete_secret(SecretId='test-secret')
|
|
|
|
described_secret_before = conn.describe_secret(SecretId='test-secret')
|
|
assert described_secret_before['DeletedDate'] > datetime.fromtimestamp(1, pytz.utc)
|
|
|
|
restored_secret = conn.restore_secret(SecretId='test-secret')
|
|
assert restored_secret['ARN']
|
|
assert restored_secret['Name'] == 'test-secret'
|
|
|
|
described_secret_after = conn.describe_secret(SecretId='test-secret')
|
|
assert 'DeletedDate' not in described_secret_after
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_restore_secret_that_is_not_deleted():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
restored_secret = conn.restore_secret(SecretId='test-secret')
|
|
assert restored_secret['ARN']
|
|
assert restored_secret['Name'] == 'test-secret'
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_restore_secret_that_does_not_exist():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.restore_secret(SecretId='i-dont-exist')
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name=DEFAULT_SECRET_NAME,
|
|
SecretString='foosecret')
|
|
|
|
rotated_secret = conn.rotate_secret(SecretId=DEFAULT_SECRET_NAME)
|
|
|
|
assert rotated_secret
|
|
assert rotated_secret['ARN'] != '' # Test arn not empty
|
|
assert rotated_secret['Name'] == DEFAULT_SECRET_NAME
|
|
assert rotated_secret['VersionId'] != ''
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_enable_rotation():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name=DEFAULT_SECRET_NAME,
|
|
SecretString='foosecret')
|
|
|
|
initial_description = conn.describe_secret(SecretId=DEFAULT_SECRET_NAME)
|
|
assert initial_description
|
|
assert initial_description['RotationEnabled'] is False
|
|
assert initial_description['RotationRules']['AutomaticallyAfterDays'] == 0
|
|
|
|
conn.rotate_secret(SecretId=DEFAULT_SECRET_NAME,
|
|
RotationRules={'AutomaticallyAfterDays': 42})
|
|
|
|
rotated_description = conn.describe_secret(SecretId=DEFAULT_SECRET_NAME)
|
|
assert rotated_description
|
|
assert rotated_description['RotationEnabled'] is True
|
|
assert rotated_description['RotationRules']['AutomaticallyAfterDays'] == 42
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_that_is_marked_deleted():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
conn.delete_secret(SecretId='test-secret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.rotate_secret(SecretId='test-secret')
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_that_does_not_exist():
|
|
conn = boto3.client('secretsmanager', 'us-west-2')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.rotate_secret(SecretId='i-dont-exist')
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_that_does_not_match():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name='test-secret',
|
|
SecretString='foosecret')
|
|
|
|
with assert_raises(ClientError):
|
|
result = conn.rotate_secret(SecretId='i-dont-match')
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_client_request_token_too_short():
|
|
# Test is intentionally empty. Boto3 catches too short ClientRequestToken
|
|
# and raises ParamValidationError before Moto can see it.
|
|
# test_server actually handles this error.
|
|
assert True
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_client_request_token_too_long():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name=DEFAULT_SECRET_NAME,
|
|
SecretString='foosecret')
|
|
|
|
client_request_token = (
|
|
'ED9F8B6C-85B7-446A-B7E4-38F2A3BEB13C-'
|
|
'ED9F8B6C-85B7-446A-B7E4-38F2A3BEB13C'
|
|
)
|
|
with assert_raises(ClientError):
|
|
result = conn.rotate_secret(SecretId=DEFAULT_SECRET_NAME,
|
|
ClientRequestToken=client_request_token)
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_rotation_lambda_arn_too_long():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name=DEFAULT_SECRET_NAME,
|
|
SecretString='foosecret')
|
|
|
|
rotation_lambda_arn = '85B7-446A-B7E4' * 147 # == 2058 characters
|
|
with assert_raises(ClientError):
|
|
result = conn.rotate_secret(SecretId=DEFAULT_SECRET_NAME,
|
|
RotationLambdaARN=rotation_lambda_arn)
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_rotation_period_zero():
|
|
# Test is intentionally empty. Boto3 catches zero day rotation period
|
|
# and raises ParamValidationError before Moto can see it.
|
|
# test_server actually handles this error.
|
|
assert True
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_rotation_period_too_long():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
conn.create_secret(Name=DEFAULT_SECRET_NAME,
|
|
SecretString='foosecret')
|
|
|
|
rotation_rules = {'AutomaticallyAfterDays': 1001}
|
|
with assert_raises(ClientError):
|
|
result = conn.rotate_secret(SecretId=DEFAULT_SECRET_NAME,
|
|
RotationRules=rotation_rules)
|
|
|
|
@mock_secretsmanager
|
|
def test_put_secret_value_puts_new_secret():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
put_secret_value_dict = conn.put_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
SecretString='foosecret',
|
|
VersionStages=['AWSCURRENT'])
|
|
version_id = put_secret_value_dict['VersionId']
|
|
|
|
get_secret_value_dict = conn.get_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
VersionId=version_id,
|
|
VersionStage='AWSCURRENT')
|
|
|
|
assert get_secret_value_dict
|
|
assert get_secret_value_dict['SecretString'] == 'foosecret'
|
|
|
|
@mock_secretsmanager
|
|
def test_put_secret_value_can_get_first_version_if_put_twice():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
put_secret_value_dict = conn.put_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
SecretString='first_secret',
|
|
VersionStages=['AWSCURRENT'])
|
|
first_version_id = put_secret_value_dict['VersionId']
|
|
conn.put_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
SecretString='second_secret',
|
|
VersionStages=['AWSCURRENT'])
|
|
|
|
first_secret_value_dict = conn.get_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
VersionId=first_version_id)
|
|
first_secret_value = first_secret_value_dict['SecretString']
|
|
|
|
assert first_secret_value == 'first_secret'
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_put_secret_value_versions_differ_if_same_secret_put_twice():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
put_secret_value_dict = conn.put_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
SecretString='dupe_secret',
|
|
VersionStages=['AWSCURRENT'])
|
|
first_version_id = put_secret_value_dict['VersionId']
|
|
put_secret_value_dict = conn.put_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
SecretString='dupe_secret',
|
|
VersionStages=['AWSCURRENT'])
|
|
second_version_id = put_secret_value_dict['VersionId']
|
|
|
|
assert first_version_id != second_version_id
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_can_list_secret_version_ids():
|
|
conn = boto3.client('secretsmanager', region_name='us-west-2')
|
|
put_secret_value_dict = conn.put_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
SecretString='dupe_secret',
|
|
VersionStages=['AWSCURRENT'])
|
|
first_version_id = put_secret_value_dict['VersionId']
|
|
put_secret_value_dict = conn.put_secret_value(SecretId=DEFAULT_SECRET_NAME,
|
|
SecretString='dupe_secret',
|
|
VersionStages=['AWSCURRENT'])
|
|
second_version_id = put_secret_value_dict['VersionId']
|
|
|
|
versions_list = conn.list_secret_version_ids(SecretId=DEFAULT_SECRET_NAME)
|
|
|
|
returned_version_ids = [v['VersionId'] for v in versions_list['Versions']]
|
|
|
|
assert [first_version_id, second_version_id].sort() == returned_version_ids.sort()
|
|
|