bbd7fefb37
* initial work - adding put_secret_value and list_secret_versions * Added support for versions in all functions except rotate_secret * more work - refactor rotate_secret method - now, adds a new version of the secret and points default version id to it - updated implementation coverage readme - element in list check to fix unit test - fixed linting errors - added tests, fixed exception, failing tests still - secrets_manager/test_server fails when running whole suite, but not when running that individual test file * fixed failing test_get_secret_value * Removed test.py. Fixed condition statement. * fixed default stages + adding AWSPREVIOUS * remove old AWSPREVIOUS stages
608 lines
26 KiB
Python
608 lines
26 KiB
Python
from __future__ import unicode_literals
|
|
|
|
import json
|
|
import sure # noqa
|
|
|
|
import moto.server as server
|
|
from moto import mock_secretsmanager
|
|
|
|
'''
|
|
Test the different server responses for secretsmanager
|
|
'''
|
|
|
|
DEFAULT_SECRET_NAME = 'test-secret'
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_get_secret_value():
|
|
|
|
backend = server.create_backend_app("secretsmanager")
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foo-secret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"},
|
|
)
|
|
get_secret = test_client.post('/',
|
|
data={"SecretId": DEFAULT_SECRET_NAME,
|
|
"VersionStage": "AWSCURRENT"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.GetSecretValue"},
|
|
)
|
|
|
|
json_data = json.loads(get_secret.data.decode("utf-8"))
|
|
|
|
assert json_data['SecretString'] == 'foo-secret'
|
|
|
|
@mock_secretsmanager
|
|
def test_get_secret_that_does_not_exist():
|
|
|
|
backend = server.create_backend_app("secretsmanager")
|
|
test_client = backend.test_client()
|
|
|
|
get_secret = test_client.post('/',
|
|
data={"SecretId": "i-dont-exist",
|
|
"VersionStage": "AWSCURRENT"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.GetSecretValue"},
|
|
)
|
|
json_data = json.loads(get_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "Secrets Manager can't find the specified secret"
|
|
assert json_data['__type'] == 'ResourceNotFoundException'
|
|
|
|
@mock_secretsmanager
|
|
def test_get_secret_that_does_not_match():
|
|
backend = server.create_backend_app("secretsmanager")
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foo-secret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"},
|
|
)
|
|
get_secret = test_client.post('/',
|
|
data={"SecretId": "i-dont-match",
|
|
"VersionStage": "AWSCURRENT"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.GetSecretValue"},
|
|
)
|
|
json_data = json.loads(get_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "Secrets Manager can't find the specified secret"
|
|
assert json_data['__type'] == 'ResourceNotFoundException'
|
|
|
|
@mock_secretsmanager
|
|
def test_create_secret():
|
|
|
|
backend = server.create_backend_app("secretsmanager")
|
|
test_client = backend.test_client()
|
|
|
|
res = test_client.post('/',
|
|
data={"Name": "test-secret",
|
|
"SecretString": "foo-secret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"},
|
|
)
|
|
res_2 = test_client.post('/',
|
|
data={"Name": "test-secret-2",
|
|
"SecretString": "bar-secret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"},
|
|
)
|
|
|
|
json_data = json.loads(res.data.decode("utf-8"))
|
|
assert json_data['ARN'] != ''
|
|
assert json_data['Name'] == 'test-secret'
|
|
|
|
json_data_2 = json.loads(res_2.data.decode("utf-8"))
|
|
assert json_data_2['ARN'] != ''
|
|
assert json_data_2['Name'] == 'test-secret-2'
|
|
|
|
@mock_secretsmanager
|
|
def test_describe_secret():
|
|
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": "test-secret",
|
|
"SecretString": "foosecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
describe_secret = test_client.post('/',
|
|
data={"SecretId": "test-secret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.DescribeSecret"
|
|
},
|
|
)
|
|
|
|
create_secret_2 = test_client.post('/',
|
|
data={"Name": "test-secret-2",
|
|
"SecretString": "barsecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
describe_secret_2 = test_client.post('/',
|
|
data={"SecretId": "test-secret-2"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.DescribeSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(describe_secret.data.decode("utf-8"))
|
|
assert json_data # Returned dict is not empty
|
|
assert json_data['ARN'] != ''
|
|
assert json_data['Name'] == 'test-secret'
|
|
|
|
json_data_2 = json.loads(describe_secret_2.data.decode("utf-8"))
|
|
assert json_data_2 # Returned dict is not empty
|
|
assert json_data_2['ARN'] != ''
|
|
assert json_data_2['Name'] == 'test-secret-2'
|
|
|
|
@mock_secretsmanager
|
|
def test_describe_secret_that_does_not_exist():
|
|
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
describe_secret = test_client.post('/',
|
|
data={"SecretId": "i-dont-exist"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.DescribeSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(describe_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "Secrets Manager can't find the specified secret"
|
|
assert json_data['__type'] == 'ResourceNotFoundException'
|
|
|
|
@mock_secretsmanager
|
|
def test_describe_secret_that_does_not_match():
|
|
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
describe_secret = test_client.post('/',
|
|
data={"SecretId": "i-dont-match"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.DescribeSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(describe_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "Secrets Manager can't find the specified secret"
|
|
assert json_data['__type'] == 'ResourceNotFoundException'
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
|
|
client_request_token = "EXAMPLE2-90ab-cdef-fedc-ba987SECRET2"
|
|
rotate_secret = test_client.post('/',
|
|
data={"SecretId": DEFAULT_SECRET_NAME,
|
|
"ClientRequestToken": client_request_token},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.RotateSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
assert json_data # Returned dict is not empty
|
|
assert json_data['ARN'] != ''
|
|
assert json_data['Name'] == DEFAULT_SECRET_NAME
|
|
assert json_data['VersionId'] == client_request_token
|
|
|
|
# @mock_secretsmanager
|
|
# def test_rotate_secret_enable_rotation():
|
|
# backend = server.create_backend_app('secretsmanager')
|
|
# test_client = backend.test_client()
|
|
|
|
# create_secret = test_client.post(
|
|
# '/',
|
|
# data={
|
|
# "Name": "test-secret",
|
|
# "SecretString": "foosecret"
|
|
# },
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.CreateSecret"
|
|
# },
|
|
# )
|
|
|
|
# initial_description = test_client.post(
|
|
# '/',
|
|
# data={
|
|
# "SecretId": "test-secret"
|
|
# },
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.DescribeSecret"
|
|
# },
|
|
# )
|
|
|
|
# json_data = json.loads(initial_description.data.decode("utf-8"))
|
|
# assert json_data # Returned dict is not empty
|
|
# assert json_data['RotationEnabled'] is False
|
|
# assert json_data['RotationRules']['AutomaticallyAfterDays'] == 0
|
|
|
|
# rotate_secret = test_client.post(
|
|
# '/',
|
|
# data={
|
|
# "SecretId": "test-secret",
|
|
# "RotationRules": {"AutomaticallyAfterDays": 42}
|
|
# },
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.RotateSecret"
|
|
# },
|
|
# )
|
|
|
|
# rotated_description = test_client.post(
|
|
# '/',
|
|
# data={
|
|
# "SecretId": "test-secret"
|
|
# },
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.DescribeSecret"
|
|
# },
|
|
# )
|
|
|
|
# json_data = json.loads(rotated_description.data.decode("utf-8"))
|
|
# assert json_data # Returned dict is not empty
|
|
# assert json_data['RotationEnabled'] is True
|
|
# assert json_data['RotationRules']['AutomaticallyAfterDays'] == 42
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_that_does_not_exist():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
rotate_secret = test_client.post('/',
|
|
data={"SecretId": "i-dont-exist"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.RotateSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "Secrets Manager can't find the specified secret"
|
|
assert json_data['__type'] == 'ResourceNotFoundException'
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_that_does_not_match():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
|
|
rotate_secret = test_client.post('/',
|
|
data={"SecretId": "i-dont-match"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.RotateSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "Secrets Manager can't find the specified secret"
|
|
assert json_data['__type'] == 'ResourceNotFoundException'
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_client_request_token_too_short():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
|
|
client_request_token = "ED9F8B6C-85B7-B7E4-38F2A3BEB13C"
|
|
rotate_secret = test_client.post('/',
|
|
data={"SecretId": DEFAULT_SECRET_NAME,
|
|
"ClientRequestToken": client_request_token},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.RotateSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "ClientRequestToken must be 32-64 characters long."
|
|
assert json_data['__type'] == 'InvalidParameterException'
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_client_request_token_too_long():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
|
|
client_request_token = (
|
|
'ED9F8B6C-85B7-446A-B7E4-38F2A3BEB13C-'
|
|
'ED9F8B6C-85B7-446A-B7E4-38F2A3BEB13C'
|
|
)
|
|
rotate_secret = test_client.post('/',
|
|
data={"SecretId": DEFAULT_SECRET_NAME,
|
|
"ClientRequestToken": client_request_token},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.RotateSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "ClientRequestToken must be 32-64 characters long."
|
|
assert json_data['__type'] == 'InvalidParameterException'
|
|
|
|
@mock_secretsmanager
|
|
def test_rotate_secret_rotation_lambda_arn_too_long():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
create_secret = test_client.post('/',
|
|
data={"Name": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret"},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.CreateSecret"
|
|
},
|
|
)
|
|
|
|
rotation_lambda_arn = '85B7-446A-B7E4' * 147 # == 2058 characters
|
|
rotate_secret = test_client.post('/',
|
|
data={"SecretId": DEFAULT_SECRET_NAME,
|
|
"RotationLambdaARN": rotation_lambda_arn},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.RotateSecret"
|
|
},
|
|
)
|
|
|
|
json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
assert json_data['message'] == "RotationLambdaARN must <= 2048 characters long."
|
|
assert json_data['__type'] == 'InvalidParameterException'
|
|
|
|
|
|
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_put_secret_value_puts_new_secret():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret",
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
|
|
put_second_secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": "foosecret",
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
second_secret_json_data = json.loads(put_second_secret_value_json.data.decode("utf-8"))
|
|
|
|
version_id = second_secret_json_data['VersionId']
|
|
|
|
secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"VersionId": version_id,
|
|
"VersionStage": 'AWSCURRENT'},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.GetSecretValue"},
|
|
)
|
|
|
|
second_secret_json_data = json.loads(secret_value_json.data.decode("utf-8"))
|
|
|
|
assert second_secret_json_data
|
|
assert second_secret_json_data['SecretString'] == 'foosecret'
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_put_secret_value_can_get_first_version_if_put_twice():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
first_secret_string = 'first_secret'
|
|
second_secret_string = 'second_secret'
|
|
|
|
put_first_secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": first_secret_string,
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
|
|
first_secret_json_data = json.loads(put_first_secret_value_json.data.decode("utf-8"))
|
|
|
|
first_secret_version_id = first_secret_json_data['VersionId']
|
|
|
|
test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": second_secret_string,
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
|
|
get_first_secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"VersionId": first_secret_version_id,
|
|
"VersionStage": 'AWSCURRENT'},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.GetSecretValue"},
|
|
)
|
|
|
|
get_first_secret_json_data = json.loads(get_first_secret_value_json.data.decode("utf-8"))
|
|
|
|
assert get_first_secret_json_data
|
|
assert get_first_secret_json_data['SecretString'] == first_secret_string
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_put_secret_value_versions_differ_if_same_secret_put_twice():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
put_first_secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": "secret",
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
first_secret_json_data = json.loads(put_first_secret_value_json.data.decode("utf-8"))
|
|
first_secret_version_id = first_secret_json_data['VersionId']
|
|
|
|
put_second_secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": "secret",
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
second_secret_json_data = json.loads(put_second_secret_value_json.data.decode("utf-8"))
|
|
second_secret_version_id = second_secret_json_data['VersionId']
|
|
|
|
assert first_secret_version_id != second_secret_version_id
|
|
|
|
|
|
@mock_secretsmanager
|
|
def test_can_list_secret_version_ids():
|
|
backend = server.create_backend_app('secretsmanager')
|
|
test_client = backend.test_client()
|
|
|
|
put_first_secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": "secret",
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
first_secret_json_data = json.loads(put_first_secret_value_json.data.decode("utf-8"))
|
|
first_secret_version_id = first_secret_json_data['VersionId']
|
|
put_second_secret_value_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME,
|
|
"SecretString": "secret",
|
|
"VersionStages": ["AWSCURRENT"]},
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.PutSecretValue"},
|
|
)
|
|
second_secret_json_data = json.loads(put_second_secret_value_json.data.decode("utf-8"))
|
|
second_secret_version_id = second_secret_json_data['VersionId']
|
|
|
|
list_secret_versions_json = test_client.post('/',
|
|
data={
|
|
"SecretId": DEFAULT_SECRET_NAME, },
|
|
headers={
|
|
"X-Amz-Target": "secretsmanager.ListSecretVersionIds"},
|
|
)
|
|
|
|
versions_list = json.loads(list_secret_versions_json.data.decode("utf-8"))
|
|
|
|
returned_version_ids = [v['VersionId'] for v in versions_list['Versions']]
|
|
|
|
assert [first_secret_version_id, second_secret_version_id].sort() == returned_version_ids.sort()
|
|
|
|
#
|
|
# The following tests should work, but fail on the embedded dict in
|
|
# RotationRules. The error message suggests a problem deeper in the code, which
|
|
# needs further investigation.
|
|
#
|
|
|
|
# @mock_secretsmanager
|
|
# def test_rotate_secret_rotation_period_zero():
|
|
# backend = server.create_backend_app('secretsmanager')
|
|
# test_client = backend.test_client()
|
|
|
|
# create_secret = test_client.post('/',
|
|
# data={"Name": "test-secret",
|
|
# "SecretString": "foosecret"},
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.CreateSecret"
|
|
# },
|
|
# )
|
|
|
|
# rotate_secret = test_client.post('/',
|
|
# data={"SecretId": "test-secret",
|
|
# "RotationRules": {"AutomaticallyAfterDays": 0}},
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.RotateSecret"
|
|
# },
|
|
# )
|
|
|
|
# json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
# assert json_data['message'] == "RotationRules.AutomaticallyAfterDays must be within 1-1000."
|
|
# assert json_data['__type'] == 'InvalidParameterException'
|
|
|
|
# @mock_secretsmanager
|
|
# def test_rotate_secret_rotation_period_too_long():
|
|
# backend = server.create_backend_app('secretsmanager')
|
|
# test_client = backend.test_client()
|
|
|
|
# create_secret = test_client.post('/',
|
|
# data={"Name": "test-secret",
|
|
# "SecretString": "foosecret"},
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.CreateSecret"
|
|
# },
|
|
# )
|
|
|
|
# rotate_secret = test_client.post('/',
|
|
# data={"SecretId": "test-secret",
|
|
# "RotationRules": {"AutomaticallyAfterDays": 1001}},
|
|
# headers={
|
|
# "X-Amz-Target": "secretsmanager.RotateSecret"
|
|
# },
|
|
# )
|
|
|
|
# json_data = json.loads(rotate_secret.data.decode("utf-8"))
|
|
# assert json_data['message'] == "RotationRules.AutomaticallyAfterDays must be within 1-1000."
|
|
# assert json_data['__type'] == 'InvalidParameterException'
|