Best Python code snippet using localstack_python
test_iam_cloudformation.py
Source:test_iam_cloudformation.py
...20""".strip().format(21 user_name22 )23 cf_client.create_stack(StackName=stack_name, TemplateBody=template)24 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[25 "StackResourceSummaries"26 ][0]27 provisioned_resource["LogicalResourceId"].should.equal("TheUser")28 provisioned_resource["PhysicalResourceId"].should.equal(user_name)29@mock_iam30@mock_cloudformation31def test_iam_cloudformation_update_user_no_interruption():32 cf_client = boto3.client("cloudformation", region_name="us-east-1")33 stack_name = "MyStack"34 template = """35Resources:36 TheUser:37 Type: AWS::IAM::User38""".strip()39 cf_client.create_stack(StackName=stack_name, TemplateBody=template)40 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[41 "StackResourceSummaries"42 ][0]43 user_name = provisioned_resource["PhysicalResourceId"]44 iam_client = boto3.client("iam", region_name="us-east-1")45 user = iam_client.get_user(UserName=user_name)["User"]46 user["Path"].should.equal("/")47 path = "/MyPath/"48 template = """49Resources:50 TheUser:51 Type: AWS::IAM::User52 Properties:53 Path: {0}54""".strip().format(55 path56 )57 cf_client.update_stack(StackName=stack_name, TemplateBody=template)58 user = iam_client.get_user(UserName=user_name)["User"]59 user["Path"].should.equal(path)60@mock_iam61@mock_cloudformation62def test_iam_cloudformation_update_user_replacement():63 cf_client = boto3.client("cloudformation", region_name="us-east-1")64 stack_name = "MyStack"65 template = """66Resources:67 TheUser:68 Type: AWS::IAM::User69""".strip()70 cf_client.create_stack(StackName=stack_name, TemplateBody=template)71 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[72 "StackResourceSummaries"73 ][0]74 original_user_name = provisioned_resource["PhysicalResourceId"]75 iam_client = boto3.client("iam", region_name="us-east-1")76 user = iam_client.get_user(UserName=original_user_name)["User"]77 user["Path"].should.equal("/")78 new_user_name = "MyUser"79 template = """80Resources:81 TheUser:82 Type: AWS::IAM::User83 Properties:84 UserName: {0}85""".strip().format(86 new_user_name87 )88 cf_client.update_stack(StackName=stack_name, TemplateBody=template)89 with pytest.raises(ClientError) as e:90 iam_client.get_user(UserName=original_user_name)91 e.value.response["Error"]["Code"].should.equal("NoSuchEntity")92 iam_client.get_user(UserName=new_user_name)93@mock_iam94@mock_cloudformation95def test_iam_cloudformation_update_drop_user():96 cf_client = boto3.client("cloudformation", region_name="us-east-1")97 stack_name = "MyStack"98 template = """99Resources:100 TheFirstUser:101 Type: AWS::IAM::User102 TheSecondUser:103 Type: AWS::IAM::User104""".strip()105 cf_client.create_stack(StackName=stack_name, TemplateBody=template)106 provisioned_resources = cf_client.list_stack_resources(StackName=stack_name)[107 "StackResourceSummaries"108 ]109 first_provisioned_user = [110 resource111 for resource in provisioned_resources112 if resource["LogicalResourceId"] == "TheFirstUser"113 ][0]114 second_provisioned_user = [115 resource116 for resource in provisioned_resources117 if resource["LogicalResourceId"] == "TheSecondUser"118 ][0]119 first_user_name = first_provisioned_user["PhysicalResourceId"]120 second_user_name = second_provisioned_user["PhysicalResourceId"]121 iam_client = boto3.client("iam", region_name="us-east-1")122 iam_client.get_user(UserName=first_user_name)123 iam_client.get_user(UserName=second_user_name)124 template = """125Resources:126 TheSecondUser:127 Type: AWS::IAM::User128""".strip()129 cf_client.update_stack(StackName=stack_name, TemplateBody=template)130 provisioned_resources = cf_client.list_stack_resources(StackName=stack_name)[131 "StackResourceSummaries"132 ]133 len(provisioned_resources).should.equal(1)134 second_provisioned_user = [135 resource136 for resource in provisioned_resources137 if resource["LogicalResourceId"] == "TheSecondUser"138 ][0]139 second_user_name.should.equal(second_provisioned_user["PhysicalResourceId"])140 iam_client.get_user(UserName=second_user_name)141 with pytest.raises(ClientError) as e:142 iam_client.get_user(UserName=first_user_name)143 e.value.response["Error"]["Code"].should.equal("NoSuchEntity")144@mock_iam145@mock_cloudformation146def test_iam_cloudformation_delete_user():147 cf_client = boto3.client("cloudformation", region_name="us-east-1")148 stack_name = "MyStack"149 user_name = "MyUser"150 template = """151Resources:152 TheUser:153 Type: AWS::IAM::User154 Properties:155 UserName: {}156""".strip().format(157 user_name158 )159 cf_client.create_stack(StackName=stack_name, TemplateBody=template)160 iam_client = boto3.client("iam", region_name="us-east-1")161 user = iam_client.get_user(UserName=user_name)162 cf_client.delete_stack(StackName=stack_name)163 with pytest.raises(ClientError) as e:164 user = iam_client.get_user(UserName=user_name)165 e.value.response["Error"]["Code"].should.equal("NoSuchEntity")166@mock_iam167@mock_cloudformation168def test_iam_cloudformation_delete_user_having_generated_name():169 cf_client = boto3.client("cloudformation", region_name="us-east-1")170 stack_name = "MyStack"171 template = """172Resources:173 TheUser:174 Type: AWS::IAM::User175""".strip()176 cf_client.create_stack(StackName=stack_name, TemplateBody=template)177 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[178 "StackResourceSummaries"179 ][0]180 provisioned_resource["LogicalResourceId"].should.equal("TheUser")181 user_name = provisioned_resource["PhysicalResourceId"]182 iam_client = boto3.client("iam", region_name="us-east-1")183 user = iam_client.get_user(UserName=user_name)184 cf_client.delete_stack(StackName=stack_name)185 with pytest.raises(ClientError) as e:186 user = iam_client.get_user(UserName=user_name)187 e.value.response["Error"]["Code"].should.equal("NoSuchEntity")188@mock_iam189@mock_cloudformation190def test_iam_cloudformation_user_get_attr():191 cf_client = boto3.client("cloudformation", region_name="us-east-1")192 stack_name = "MyStack"193 user_name = "MyUser"194 template = """195Resources:196 TheUser:197 Type: AWS::IAM::User198 Properties:199 UserName: {0}200Outputs:201 UserName:202 Value: !Ref TheUser203 UserArn:204 Value: !GetAtt TheUser.Arn205""".strip().format(206 user_name207 )208 cf_client.create_stack(StackName=stack_name, TemplateBody=template)209 stack_description = cf_client.describe_stacks(StackName=stack_name)["Stacks"][0]210 output_user_name = [211 output["OutputValue"]212 for output in stack_description["Outputs"]213 if output["OutputKey"] == "UserName"214 ][0]215 output_user_arn = [216 output["OutputValue"]217 for output in stack_description["Outputs"]218 if output["OutputKey"] == "UserArn"219 ][0]220 iam_client = boto3.client("iam", region_name="us-east-1")221 user_description = iam_client.get_user(UserName=output_user_name)["User"]222 output_user_arn.should.equal(user_description["Arn"])223# AWS::IAM::Policy Tests224@mock_s3225@mock_iam226@mock_cloudformation227def test_iam_cloudformation_create_user_policy():228 iam_client = boto3.client("iam", region_name="us-east-1")229 user_name = "MyUser"230 iam_client.create_user(UserName=user_name)231 s3_client = boto3.client("s3", region_name="us-east-1")232 bucket_name = "my-bucket"233 bucket = s3_client.create_bucket(Bucket=bucket_name)234 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)235 cf_client = boto3.client("cloudformation", region_name="us-east-1")236 stack_name = "MyStack"237 policy_name = "MyPolicy"238 template = """239Resources:240 ThePolicy:241 Type: AWS::IAM::Policy242 Properties:243 PolicyName: {0}244 PolicyDocument:245 Version: '2012-10-17'246 Statement:247 - Effect: Allow248 Action: s3:*249 Resource: {1}250 Users:251 - {2}252""".strip().format(253 policy_name, bucket_arn, user_name254 )255 cf_client.create_stack(StackName=stack_name, TemplateBody=template)256 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[257 "StackResourceSummaries"258 ][0]259 logical_resource_id = provisioned_resource["LogicalResourceId"]260 logical_resource_id.should.equal("ThePolicy")261 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][262 logical_resource_id263 ]["Properties"]["PolicyDocument"]264 policy = iam_client.get_user_policy(UserName=user_name, PolicyName=policy_name)265 policy["PolicyDocument"].should.equal(original_policy_document)266@mock_s3267@mock_iam268@mock_cloudformation269def test_iam_cloudformation_update_user_policy():270 iam_client = boto3.client("iam", region_name="us-east-1")271 user_name_1 = "MyUser1"272 iam_client.create_user(UserName=user_name_1)273 user_name_2 = "MyUser2"274 iam_client.create_user(UserName=user_name_2)275 s3_client = boto3.client("s3", region_name="us-east-1")276 bucket_name = "my-bucket"277 s3_client.create_bucket(Bucket=bucket_name)278 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)279 cf_client = boto3.client("cloudformation", region_name="us-east-1")280 stack_name = "MyStack"281 policy_name = "MyPolicy"282 template = """283Resources:284 ThePolicy:285 Type: AWS::IAM::Policy286 Properties:287 PolicyName: {0}288 PolicyDocument:289 Version: '2012-10-17'290 Statement:291 - Effect: Allow292 Action: s3:*293 Resource: {1}294 Users:295 - {2}296""".strip().format(297 policy_name, bucket_arn, user_name_1298 )299 cf_client.create_stack(StackName=stack_name, TemplateBody=template)300 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[301 "StackResourceSummaries"302 ][0]303 logical_resource_id = provisioned_resource["LogicalResourceId"]304 logical_resource_id.should.equal("ThePolicy")305 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][306 logical_resource_id307 ]["Properties"]["PolicyDocument"]308 policy = iam_client.get_user_policy(UserName=user_name_1, PolicyName=policy_name)309 policy["PolicyDocument"].should.equal(original_policy_document)310 # Change template and user311 template = """312Resources:313 ThePolicy:314 Type: AWS::IAM::Policy315 Properties:316 PolicyName: {0}317 PolicyDocument:318 Version: '2012-10-17'319 Statement:320 - Effect: Allow321 Action: s3:ListBuckets322 Resource: {1}323 Users:324 - {2}325""".strip().format(326 policy_name, bucket_arn, user_name_2327 )328 cf_client.update_stack(StackName=stack_name, TemplateBody=template)329 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[330 "StackResourceSummaries"331 ][0]332 logical_resource_id = provisioned_resource["LogicalResourceId"]333 logical_resource_id.should.equal("ThePolicy")334 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][335 logical_resource_id336 ]["Properties"]["PolicyDocument"]337 policy = iam_client.get_user_policy(UserName=user_name_2, PolicyName=policy_name)338 policy["PolicyDocument"].should.equal(original_policy_document)339 iam_client.get_user_policy.when.called_with(340 UserName=user_name_1, PolicyName=policy_name341 ).should.throw(iam_client.exceptions.NoSuchEntityException)342@mock_s3343@mock_iam344@mock_cloudformation345def test_iam_cloudformation_delete_user_policy_having_generated_name():346 iam_client = boto3.client("iam", region_name="us-east-1")347 user_name = "MyUser"348 iam_client.create_user(UserName=user_name)349 s3_client = boto3.client("s3", region_name="us-east-1")350 bucket_name = "my-bucket"351 bucket = s3_client.create_bucket(Bucket=bucket_name)352 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)353 cf_client = boto3.client("cloudformation", region_name="us-east-1")354 stack_name = "MyStack"355 policy_name = "MyPolicy"356 template = """357Resources:358 ThePolicy:359 Type: AWS::IAM::Policy360 Properties:361 PolicyName: MyPolicy362 PolicyDocument:363 Version: '2012-10-17'364 Statement:365 - Effect: Allow366 Action: s3:*367 Resource: {0}368 Users:369 - {1}370""".strip().format(371 bucket_arn, user_name372 )373 cf_client.create_stack(StackName=stack_name, TemplateBody=template)374 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[375 "StackResourceSummaries"376 ][0]377 logical_resource_id = provisioned_resource["LogicalResourceId"]378 logical_resource_id.should.equal("ThePolicy")379 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][380 logical_resource_id381 ]["Properties"]["PolicyDocument"]382 policy = iam_client.get_user_policy(UserName=user_name, PolicyName=policy_name)383 policy["PolicyDocument"].should.equal(original_policy_document)384 cf_client.delete_stack(StackName=stack_name)385 iam_client.get_user_policy.when.called_with(386 UserName=user_name, PolicyName=policy_name387 ).should.throw(iam_client.exceptions.NoSuchEntityException)388@mock_s3389@mock_iam390@mock_cloudformation391def test_iam_cloudformation_create_role_policy():392 iam_client = boto3.client("iam", region_name="us-east-1")393 role_name = "MyRole"394 iam_client.create_role(RoleName=role_name, AssumeRolePolicyDocument="{}")395 s3_client = boto3.client("s3", region_name="us-east-1")396 bucket_name = "my-bucket"397 s3_client.create_bucket(Bucket=bucket_name)398 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)399 cf_client = boto3.client("cloudformation", region_name="us-east-1")400 stack_name = "MyStack"401 policy_name = "MyPolicy"402 template = """403Resources:404 ThePolicy:405 Type: AWS::IAM::Policy406 Properties:407 PolicyName: {0}408 PolicyDocument:409 Version: '2012-10-17'410 Statement:411 - Effect: Allow412 Action: s3:*413 Resource: {1}414 Roles:415 - {2}416""".strip().format(417 policy_name, bucket_arn, role_name418 )419 cf_client.create_stack(StackName=stack_name, TemplateBody=template)420 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[421 "StackResourceSummaries"422 ][0]423 logical_resource_id = provisioned_resource["LogicalResourceId"]424 logical_resource_id.should.equal("ThePolicy")425 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][426 logical_resource_id427 ]["Properties"]["PolicyDocument"]428 policy = iam_client.get_role_policy(RoleName=role_name, PolicyName=policy_name)429 policy["PolicyDocument"].should.equal(original_policy_document)430@mock_s3431@mock_iam432@mock_cloudformation433def test_iam_cloudformation_update_role_policy():434 iam_client = boto3.client("iam", region_name="us-east-1")435 role_name_1 = "MyRole1"436 iam_client.create_role(RoleName=role_name_1, AssumeRolePolicyDocument="{}")437 role_name_2 = "MyRole2"438 iam_client.create_role(RoleName=role_name_2, AssumeRolePolicyDocument="{}")439 s3_client = boto3.client("s3", region_name="us-east-1")440 bucket_name = "my-bucket"441 s3_client.create_bucket(Bucket=bucket_name)442 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)443 cf_client = boto3.client("cloudformation", region_name="us-east-1")444 stack_name = "MyStack"445 policy_name = "MyPolicy"446 template = """447Resources:448 ThePolicy:449 Type: AWS::IAM::Policy450 Properties:451 PolicyName: {0}452 PolicyDocument:453 Version: '2012-10-17'454 Statement:455 - Effect: Allow456 Action: s3:*457 Resource: {1}458 Roles:459 - {2}460""".strip().format(461 policy_name, bucket_arn, role_name_1462 )463 cf_client.create_stack(StackName=stack_name, TemplateBody=template)464 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[465 "StackResourceSummaries"466 ][0]467 logical_resource_id = provisioned_resource["LogicalResourceId"]468 logical_resource_id.should.equal("ThePolicy")469 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][470 logical_resource_id471 ]["Properties"]["PolicyDocument"]472 policy = iam_client.get_role_policy(RoleName=role_name_1, PolicyName=policy_name)473 policy["PolicyDocument"].should.equal(original_policy_document)474 # Change template and user475 template = """476Resources:477 ThePolicy:478 Type: AWS::IAM::Policy479 Properties:480 PolicyName: {0}481 PolicyDocument:482 Version: '2012-10-17'483 Statement:484 - Effect: Allow485 Action: s3:ListBuckets486 Resource: {1}487 Roles:488 - {2}489""".strip().format(490 policy_name, bucket_arn, role_name_2491 )492 cf_client.update_stack(StackName=stack_name, TemplateBody=template)493 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[494 "StackResourceSummaries"495 ][0]496 logical_resource_id = provisioned_resource["LogicalResourceId"]497 logical_resource_id.should.equal("ThePolicy")498 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][499 logical_resource_id500 ]["Properties"]["PolicyDocument"]501 policy = iam_client.get_role_policy(RoleName=role_name_2, PolicyName=policy_name)502 policy["PolicyDocument"].should.equal(original_policy_document)503 iam_client.get_role_policy.when.called_with(504 RoleName=role_name_1, PolicyName=policy_name505 ).should.throw(iam_client.exceptions.NoSuchEntityException)506@mock_s3507@mock_iam508@mock_cloudformation509def test_iam_cloudformation_delete_role_policy_having_generated_name():510 iam_client = boto3.client("iam", region_name="us-east-1")511 role_name = "MyRole"512 iam_client.create_role(RoleName=role_name, AssumeRolePolicyDocument="{}")513 s3_client = boto3.client("s3", region_name="us-east-1")514 bucket_name = "my-bucket"515 s3_client.create_bucket(Bucket=bucket_name)516 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)517 cf_client = boto3.client("cloudformation", region_name="us-east-1")518 stack_name = "MyStack"519 policy_name = "MyPolicy"520 template = """521Resources:522 ThePolicy:523 Type: AWS::IAM::Policy524 Properties:525 PolicyName: MyPolicy526 PolicyDocument:527 Version: '2012-10-17'528 Statement:529 - Effect: Allow530 Action: s3:*531 Resource: {0}532 Roles:533 - {1}534""".strip().format(535 bucket_arn, role_name536 )537 cf_client.create_stack(StackName=stack_name, TemplateBody=template)538 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[539 "StackResourceSummaries"540 ][0]541 logical_resource_id = provisioned_resource["LogicalResourceId"]542 logical_resource_id.should.equal("ThePolicy")543 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][544 logical_resource_id545 ]["Properties"]["PolicyDocument"]546 policy = iam_client.get_role_policy(RoleName=role_name, PolicyName=policy_name)547 policy["PolicyDocument"].should.equal(original_policy_document)548 cf_client.delete_stack(StackName=stack_name)549 iam_client.get_role_policy.when.called_with(550 RoleName=role_name, PolicyName=policy_name551 ).should.throw(iam_client.exceptions.NoSuchEntityException)552@mock_s3553@mock_iam554@mock_cloudformation555def test_iam_cloudformation_create_group_policy():556 iam_client = boto3.client("iam", region_name="us-east-1")557 group_name = "MyGroup"558 iam_client.create_group(GroupName=group_name)559 s3_client = boto3.client("s3", region_name="us-east-1")560 bucket_name = "my-bucket"561 s3_client.create_bucket(Bucket=bucket_name)562 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)563 cf_client = boto3.client("cloudformation", region_name="us-east-1")564 stack_name = "MyStack"565 policy_name = "MyPolicy"566 template = """567Resources:568 ThePolicy:569 Type: AWS::IAM::Policy570 Properties:571 PolicyName: {0}572 PolicyDocument:573 Version: '2012-10-17'574 Statement:575 - Effect: Allow576 Action: s3:*577 Resource: {1}578 Groups:579 - {2}580""".strip().format(581 policy_name, bucket_arn, group_name582 )583 cf_client.create_stack(StackName=stack_name, TemplateBody=template)584 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[585 "StackResourceSummaries"586 ][0]587 logical_resource_id = provisioned_resource["LogicalResourceId"]588 logical_resource_id.should.equal("ThePolicy")589 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][590 logical_resource_id591 ]["Properties"]["PolicyDocument"]592 policy = iam_client.get_group_policy(GroupName=group_name, PolicyName=policy_name)593 policy["PolicyDocument"].should.equal(original_policy_document)594@mock_s3595@mock_iam596@mock_cloudformation597def test_iam_cloudformation_update_group_policy():598 iam_client = boto3.client("iam", region_name="us-east-1")599 group_name_1 = "MyGroup1"600 iam_client.create_group(GroupName=group_name_1)601 group_name_2 = "MyGroup2"602 iam_client.create_group(GroupName=group_name_2)603 s3_client = boto3.client("s3", region_name="us-east-1")604 bucket_name = "my-bucket"605 s3_client.create_bucket(Bucket=bucket_name)606 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)607 cf_client = boto3.client("cloudformation", region_name="us-east-1")608 stack_name = "MyStack"609 policy_name = "MyPolicy"610 template = """611Resources:612 ThePolicy:613 Type: AWS::IAM::Policy614 Properties:615 PolicyName: {0}616 PolicyDocument:617 Version: '2012-10-17'618 Statement:619 - Effect: Allow620 Action: s3:*621 Resource: {1}622 Groups:623 - {2}624""".strip().format(625 policy_name, bucket_arn, group_name_1626 )627 cf_client.create_stack(StackName=stack_name, TemplateBody=template)628 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[629 "StackResourceSummaries"630 ][0]631 logical_resource_id = provisioned_resource["LogicalResourceId"]632 logical_resource_id.should.equal("ThePolicy")633 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][634 logical_resource_id635 ]["Properties"]["PolicyDocument"]636 policy = iam_client.get_group_policy(GroupName=group_name_1, PolicyName=policy_name)637 policy["PolicyDocument"].should.equal(original_policy_document)638 # Change template and user639 template = """640Resources:641 ThePolicy:642 Type: AWS::IAM::Policy643 Properties:644 PolicyName: {0}645 PolicyDocument:646 Version: '2012-10-17'647 Statement:648 - Effect: Allow649 Action: s3:ListBuckets650 Resource: {1}651 Groups:652 - {2}653""".strip().format(654 policy_name, bucket_arn, group_name_2655 )656 cf_client.update_stack(StackName=stack_name, TemplateBody=template)657 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[658 "StackResourceSummaries"659 ][0]660 logical_resource_id = provisioned_resource["LogicalResourceId"]661 logical_resource_id.should.equal("ThePolicy")662 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][663 logical_resource_id664 ]["Properties"]["PolicyDocument"]665 policy = iam_client.get_group_policy(GroupName=group_name_2, PolicyName=policy_name)666 policy["PolicyDocument"].should.equal(original_policy_document)667 iam_client.get_group_policy.when.called_with(668 GroupName=group_name_1, PolicyName=policy_name669 ).should.throw(iam_client.exceptions.NoSuchEntityException)670@mock_s3671@mock_iam672@mock_cloudformation673def test_iam_cloudformation_delete_group_policy_having_generated_name():674 iam_client = boto3.client("iam", region_name="us-east-1")675 group_name = "MyGroup"676 iam_client.create_group(GroupName=group_name)677 s3_client = boto3.client("s3", region_name="us-east-1")678 bucket_name = "my-bucket"679 s3_client.create_bucket(Bucket=bucket_name)680 bucket_arn = "arn:aws:s3:::{0}".format(bucket_name)681 cf_client = boto3.client("cloudformation", region_name="us-east-1")682 stack_name = "MyStack"683 policy_name = "MyPolicy"684 template = """685Resources:686 ThePolicy:687 Type: AWS::IAM::Policy688 Properties:689 PolicyName: MyPolicy690 PolicyDocument:691 Version: '2012-10-17'692 Statement:693 - Effect: Allow694 Action: s3:*695 Resource: {0}696 Groups:697 - {1}698""".strip().format(699 bucket_arn, group_name700 )701 cf_client.create_stack(StackName=stack_name, TemplateBody=template)702 provisioned_resource = cf_client.list_stack_resources(StackName=stack_name)[703 "StackResourceSummaries"704 ][0]705 logical_resource_id = provisioned_resource["LogicalResourceId"]706 logical_resource_id.should.equal("ThePolicy")707 original_policy_document = yaml.load(template, Loader=yaml.FullLoader)["Resources"][708 logical_resource_id709 ]["Properties"]["PolicyDocument"]710 policy = iam_client.get_group_policy(GroupName=group_name, PolicyName=policy_name)711 policy["PolicyDocument"].should.equal(original_policy_document)712 cf_client.delete_stack(StackName=stack_name)713 iam_client.get_group_policy.when.called_with(714 GroupName=group_name, PolicyName=policy_name715 ).should.throw(iam_client.exceptions.NoSuchEntityException)716# AWS::IAM::User AccessKeys717@mock_iam718@mock_cloudformation719def test_iam_cloudformation_create_user_with_access_key():720 cf_client = boto3.client("cloudformation", region_name="us-east-1")721 stack_name = "MyStack"722 template = """723Resources:724 TheUser:725 Type: AWS::IAM::User726 TheAccessKey:727 Type: AWS::IAM::AccessKey728 Properties:729 UserName: !Ref TheUser730""".strip()731 cf_client.create_stack(StackName=stack_name, TemplateBody=template)732 provisioned_resources = cf_client.list_stack_resources(StackName=stack_name)[733 "StackResourceSummaries"734 ]735 provisioned_user = [736 resource737 for resource in provisioned_resources738 if resource["LogicalResourceId"] == "TheUser"739 ][0]740 user_name = provisioned_user["PhysicalResourceId"]741 provisioned_access_keys = [742 resource743 for resource in provisioned_resources744 if resource["LogicalResourceId"] == "TheAccessKey"745 ]746 len(provisioned_access_keys).should.equal(1)747 iam_client = boto3.client("iam", region_name="us-east-1")748 user = iam_client.get_user(UserName=user_name)["User"]749 user["UserName"].should.equal(user_name)750 access_keys = iam_client.list_access_keys(UserName=user_name)751 access_keys["AccessKeyMetadata"][0]["UserName"].should.equal(user_name)752@mock_sts753@mock_iam754@mock_cloudformation755def test_iam_cloudformation_access_key_get_attr():756 cf_client = boto3.client("cloudformation", region_name="us-east-1")757 stack_name = "MyStack"758 template = """759Resources:760 TheUser:761 Type: AWS::IAM::User762 TheAccessKey:763 Type: AWS::IAM::AccessKey764 Properties:765 UserName: !Ref TheUser766Outputs:767 AccessKeyId:768 Value: !Ref TheAccessKey769 SecretKey:770 Value: !GetAtt TheAccessKey.SecretAccessKey771""".strip()772 cf_client.create_stack(StackName=stack_name, TemplateBody=template)773 provisioned_resources = cf_client.list_stack_resources(StackName=stack_name)[774 "StackResourceSummaries"775 ]776 provisioned_user = [777 resource778 for resource in provisioned_resources779 if resource["LogicalResourceId"] == "TheUser"780 ][0]781 user_name = provisioned_user["PhysicalResourceId"]782 stack_description = cf_client.describe_stacks(StackName=stack_name)["Stacks"][0]783 output_access_key_id = [784 output["OutputValue"]785 for output in stack_description["Outputs"]786 if output["OutputKey"] == "AccessKeyId"787 ][0]788 output_secret_key = [789 output["OutputValue"]790 for output in stack_description["Outputs"]791 if output["OutputKey"] == "SecretKey"792 ][0]793 sts_client = boto3.client(794 "sts",795 aws_access_key_id=output_access_key_id,796 aws_secret_access_key=output_secret_key,797 region_name="us-east-1",798 )799 caller_identity = sts_client.get_caller_identity()800 caller_identity["Arn"].split("/")[1].should.equal(user_name)801 pass802@mock_iam803@mock_cloudformation804def test_iam_cloudformation_delete_users_access_key():805 cf_client = boto3.client("cloudformation", region_name="us-east-1")806 stack_name = "MyStack"807 template = """808 Resources:809 TheUser:810 Type: AWS::IAM::User811 TheAccessKey:812 Type: AWS::IAM::AccessKey813 Properties:814 UserName: !Ref TheUser815 """.strip()816 cf_client.create_stack(StackName=stack_name, TemplateBody=template)817 provisioned_resources = cf_client.list_stack_resources(StackName=stack_name)[818 "StackResourceSummaries"819 ]820 provisioned_user = [821 resource822 for resource in provisioned_resources823 if resource["LogicalResourceId"] == "TheUser"824 ][0]825 user_name = provisioned_user["PhysicalResourceId"]826 provisioned_access_keys = [827 resource828 for resource in provisioned_resources829 if resource["LogicalResourceId"] == "TheAccessKey"830 ]831 provisioned_access_keys.should.have.length_of(1)832 access_key_id = provisioned_access_keys[0]["PhysicalResourceId"]833 iam_client = boto3.client("iam", region_name="us-east-1")834 user = iam_client.get_user(UserName=user_name)["User"]835 user["UserName"].should.equal(user_name)836 access_keys = iam_client.list_access_keys(UserName=user_name)837 access_keys["AccessKeyMetadata"][0]["UserName"].should.equal(user_name)838 access_key_id.should.equal(access_keys["AccessKeyMetadata"][0]["AccessKeyId"])839 cf_client.delete_stack(StackName=stack_name)840 iam_client.get_user.when.called_with(UserName=user_name).should.throw(841 iam_client.exceptions.NoSuchEntityException842 )843 iam_client.list_access_keys.when.called_with(UserName=user_name).should.throw(844 iam_client.exceptions.NoSuchEntityException845 )846@mock_iam847@mock_cloudformation848def test_iam_cloudformation_update_users_access_key_no_interruption():849 cf_client = boto3.client("cloudformation", region_name="us-east-1")850 stack_name = "MyStack"851 template = """852Resources:853 TheUser:854 Type: AWS::IAM::User855 TheAccessKey:856 Type: AWS::IAM::AccessKey857 Properties:858 UserName: !Ref TheUser859""".strip()860 cf_client.create_stack(StackName=stack_name, TemplateBody=template)861 provisioned_resources = cf_client.list_stack_resources(StackName=stack_name)[862 "StackResourceSummaries"863 ]864 provisioned_user = [865 resource866 for resource in provisioned_resources867 if resource["LogicalResourceId"] == "TheUser"868 ][0]869 user_name = provisioned_user["PhysicalResourceId"]870 provisioned_access_key = [871 resource872 for resource in provisioned_resources873 if resource["LogicalResourceId"] == "TheAccessKey"874 ][0]875 access_key_id = provisioned_access_key["PhysicalResourceId"]876 iam_client = boto3.client("iam", region_name="us-east-1")877 user = iam_client.get_user(UserName=user_name)878 access_keys = iam_client.list_access_keys(UserName=user_name)879 access_key_id.should.equal(access_keys["AccessKeyMetadata"][0]["AccessKeyId"])880 template = """881Resources:882 TheUser:883 Type: AWS::IAM::User884 TheAccessKey:885 Type: AWS::IAM::AccessKey886 Properties:887 Status: Inactive888""".strip()889 cf_client.update_stack(StackName=stack_name, TemplateBody=template)890 access_keys = iam_client.list_access_keys(UserName=user_name)891 access_keys["AccessKeyMetadata"][0]["Status"].should.equal("Inactive")892@mock_iam893@mock_cloudformation894def test_iam_cloudformation_update_users_access_key_replacement():895 cf_client = boto3.client("cloudformation", region_name="us-east-1")896 stack_name = "MyStack"897 template = """898Resources:899 TheUser:900 Type: AWS::IAM::User901 TheAccessKey:902 Type: AWS::IAM::AccessKey903 Properties:904 UserName: !Ref TheUser905""".strip()906 cf_client.create_stack(StackName=stack_name, TemplateBody=template)907 provisioned_resources = cf_client.list_stack_resources(StackName=stack_name)[908 "StackResourceSummaries"909 ]910 provisioned_user = [911 resource912 for resource in provisioned_resources913 if resource["LogicalResourceId"] == "TheUser"914 ][0]915 user_name = provisioned_user["PhysicalResourceId"]916 provisioned_access_key = [917 resource918 for resource in provisioned_resources919 if resource["LogicalResourceId"] == "TheAccessKey"920 ][0]921 access_key_id = provisioned_access_key["PhysicalResourceId"]...
test_resources.py
Source:test_resources.py
1import pytest2import mock3from mock import Mock4from formica import cli5from formica.cli import RESOURCE_HEADERS6from tests.unit.constants import STACK, LIST_STACK_RESOURCES7def test_print_stacks(client, session, logger):8 client.get_paginator.return_value.paginate.return_value = [LIST_STACK_RESOURCES]9 cli.main(['resources', '--stack', STACK])10 client.get_paginator.assert_called_with('list_stack_resources')11 client.get_paginator.return_value.paginate.assert_called_with(StackName=STACK)12 logger.info.assert_called_with(mock.ANY)13 args = logger.info.call_args[0]14 to_search = []15 to_search.extend(RESOURCE_HEADERS)16 to_search.extend(['AWS::Route53::HostedZone'])17 to_search.extend(['FlomotlikMe'])18 to_search.extend(['CREATE_COMPLETE'])19 to_search.extend(['ZAYGDOKFPYFK6'])20 change_set_output = args[0]21 for term in to_search:22 assert term in change_set_output...
main.py
Source:main.py
1import boto32cfn = boto3.client('cloudformation')3cloudfront = boto3.client('cloudfront')4def list_stack_resources(stackName):5 # Generates a list of lists6 finalReponse = []7 response = cfn.list_stack_resources(8 StackName=stackName9 )10 finalReponse.append(response['StackResourceSummaries'])11 if 'NextToken' in response:12 list_stack_resources(stackName)13 return finalReponse14stack_summary_list = list_stack_resources('spa')15for summary in stack_summary_list:16 for resource in summary:17 if resource['ResourceType'] == 'AWS::CloudFront::Distribution':18 response = cloudfront.get_distribution(19 Id=resource['PhysicalResourceId']20 )...
Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.
You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.
Get 100 minutes of automation test minutes FREE!!