def test_to_dict(self):
mha = MultiHopAccessor(
role_session_name="foo",
access_steps=[
AccessStep(role_name="foo", account_id="123456789012"),
AccessStep(role_name="boo"),
],
)
self.assertDictEqual(
mha.dict(),
{
"role_session_name":
"foo",
"access_steps": [
{
"role_name": "foo",
"account_id": "123456789012",
"external_id": None
},
{
"role_name": "boo",
"account_id": None,
"external_id": None
},
],
},
)
def test_from_dict(self):
mha = MultiHopAccessor(
role_session_name="foo",
access_steps=[
AccessStep(role_name="foo", account_id="123456789012"),
AccessStep(role_name="boo"),
],
)
data = {
"role_session_name":
"foo",
"access_steps": [
{
"role_name": "foo",
"account_id": "123456789012",
"external_id": None
},
{
"role_name": "boo",
"account_id": None,
"external_id": None
},
],
}
from_dict_mha = MultiHopAccessor(**data)
self.assertEqual(mha, from_dict_mha)
def test_from_dict_missing_role_session_name(self):
data = {
"access_steps": [
{"role_name": "foo", "account_id": "123456789012", "external_id": None},
{"role_name": "boo", "account_id": None, "external_id": None},
],
}
with self.assertRaises(ValueError):
MultiHopAccessor.from_dict(data)
def test_get_session_without_cache(self):
access_steps = [
AccessStep(role_name="test_role_name1", account_id="123456789012", external_id="abcd"),
AccessStep(role_name="test_role_name2", account_id="123456789012"),
AccessStep(role_name="test_role_name3"),
]
mha = MultiHopAccessor(
role_session_name="test_role_session_name", access_steps=access_steps
)
session = mha.get_session("123456789012")
self.assertIsNone(session.region_name)
def test_get_session_with_primed_cache(self):
cache = AWSCredentialsCache()
access_steps = [
AccessStep(role_name="test_role_name1", account_id="123456789012", external_id="abcd"),
AccessStep(role_name="test_role_name2", account_id="123456789012"),
AccessStep(role_name="test_role_name3"),
]
mha = MultiHopAccessor(
role_session_name="test_role_session_name", access_steps=access_steps
)
session = mha.get_session("123456789012", credentials_cache=cache)
frozen_creds = session.get_credentials().get_frozen_credentials()
# cache is now primed, the next call should use cached creds. record them so we can
# compare.
new_session = mha.get_session("123456789012", credentials_cache=cache)
self.assertEqual(frozen_creds, new_session.get_credentials().get_frozen_credentials())
def test_init_successful(self):
MultiHopAccessor(
role_session_name="foo",
access_steps=[
AccessStep(role_name="foo", account_id="123456789012"),
AccessStep(role_name="boo"),
],
)
def test_init_final_access_step_having_account_id(self):
with self.assertRaises(ValueError):
MultiHopAccessor(
role_session_name="foo",
access_steps=[
AccessStep(role_name="foo", account_id="123456789012"),
AccessStep(role_name="boo", account_id="123456789012"),
],
)
def test_init_nonfinal_access_step_missing_account_id(self):
with self.assertRaises(ValueError):
MultiHopAccessor(
role_session_name="foo",
access_steps=[
AccessStep(role_name="foo"),
AccessStep(role_name="boo")
],
)
def test_to_str(self):
mha = MultiHopAccessor(
role_session_name="foo",
access_steps=[
AccessStep(role_name="foo", account_id="123456789012"),
AccessStep(role_name="boo"),
],
)
self.assertEqual(str(mha), "accessor:foo:foo@123456789012,boo@target")
def test_from_dict_to_dict(self):
data = {
"role_session_name": "foo",
"access_steps": [
{"role_name": "foo", "account_id": "123456789012", "external_id": None},
{"role_name": "boo", "account_id": None, "external_id": None},
],
}
self.assertDictEqual(data, MultiHopAccessor.from_dict(data).to_dict())
def test_get_session_with_cache(self):
cache = AWSCredentialsCache()
access_steps = [
AccessStep(role_name="test_role_name1", account_id="123456789012", external_id="abcd"),
AccessStep(role_name="test_role_name2", account_id="123456789012"),
AccessStep(role_name="test_role_name3"),
]
mha = MultiHopAccessor(
role_session_name="test_role_session_name", access_steps=access_steps
)
session = mha.get_session("123456789012", credentials_cache=cache)
self.assertIsNone(session.region_name)
self.assertEqual(
sorted(cache.to_dict()["cache"].keys()),
[
"123456789012:test_role_name1:test_role_session_name",
"123456789012:test_role_name2:test_role_session_name",
"123456789012:test_role_name3:test_role_session_name",
],
)
def from_dict(cls: Type["Accessor"],
data: Dict[str, Any],
cache_creds: bool = True) -> "Accessor":
mhas = data.get("multi_hop_accessors", [])
credentials_cache = None
credentials_cache_dict = data.get("credentials_cache")
if credentials_cache_dict is None:
if cache_creds:
credentials_cache = AWSCredentialsCache()
else:
credentials_cache = AWSCredentialsCache.from_dict(
credentials_cache_dict)
return cls(
multi_hop_accessors=[
MultiHopAccessor.from_dict(mha) for mha in mhas
],
credentials_cache=credentials_cache,
)
def test_init_no_access_steps(self):
with self.assertRaises(ValueError):
MultiHopAccessor(role_session_name="foo", access_steps=[])