def test_bucket_exists_with_non_404(self): self.error_response['Error']['Code'] = '403' self.error_response['Error']['Message'] = 'Forbidden' forbidden_error = ClientError(self.error_response, 'HeadBucket') self.s3_client.head_bucket.side_effect = forbidden_error self.assertTrue( utils.s3_bucket_exists(self.s3_client, self.bucket_name))
def setup_new_bucket(self, bucket, prefix, custom_policy=None): """ Creates a new S3 bucket with an appropriate policy to let CloudTrail write to the prefix path. """ sys.stdout.write( 'Setting up new S3 bucket {bucket}...\n'.format(bucket=bucket)) # Who am I? response = self.iam.get_user() account_id = response['User']['Arn'].split(':')[4] # Clean up the prefix - it requires a trailing slash if set if prefix and not prefix.endswith('/'): prefix += '/' # Fetch policy data from S3 or a custom URL if custom_policy is not None: policy = custom_policy else: policy = self._get_policy(S3_POLICY_TEMPLATE) policy = policy.replace('<BucketName>', bucket)\ .replace('<CustomerAccountID>', account_id) if '<Prefix>/' in policy: policy = policy.replace('<Prefix>/', prefix or '') else: policy = policy.replace('<Prefix>', prefix or '') LOG.debug('Bucket policy:\n{0}'.format(policy)) bucket_exists = s3_bucket_exists(self.s3, bucket) if bucket_exists: raise Exception( 'Bucket {bucket} already exists.'.format(bucket=bucket)) # If we are not using the us-east-1 region, then we must set # a location constraint on the new bucket. params = {'Bucket': bucket} if self.region_name != 'us-east-1': bucket_config = {'LocationConstraint': self.region_name} params['CreateBucketConfiguration'] = bucket_config data = self.s3.create_bucket(**params) try: self.s3.put_bucket_policy(Bucket=bucket, Policy=policy) except ClientError: # Roll back bucket creation. self.s3.delete_bucket(Bucket=bucket) raise return data
def setup_new_bucket(self, bucket, prefix, custom_policy=None): """ Creates a new S3 bucket with an appropriate policy to let CloudTrail write to the prefix path. """ sys.stdout.write( 'Setting up new S3 bucket {bucket}...\n'.format(bucket=bucket)) # Who am I? response = self.iam.get_user() account_id = response['User']['Arn'].split(':')[4] # Clean up the prefix - it requires a trailing slash if set if prefix and not prefix.endswith('/'): prefix += '/' # Fetch policy data from S3 or a custom URL if custom_policy is not None: policy = custom_policy else: policy = self._get_policy(S3_POLICY_TEMPLATE) policy = policy.replace('<BucketName>', bucket)\ .replace('<CustomerAccountID>', account_id) if '<Prefix>/' in policy: policy = policy.replace('<Prefix>/', prefix or '') else: policy = policy.replace('<Prefix>', prefix or '') LOG.debug('Bucket policy:\n{0}'.format(policy)) bucket_exists = s3_bucket_exists(self.s3, bucket) if bucket_exists: raise Exception('Bucket {bucket} already exists.'.format( bucket=bucket)) # If we are not using the us-east-1 region, then we must set # a location constraint on the new bucket. params = {'Bucket': bucket} if self.region_name != 'us-east-1': bucket_config = {'LocationConstraint': self.region_name} params['CreateBucketConfiguration'] = bucket_config data = self.s3.create_bucket(**params) try: self.s3.put_bucket_policy(Bucket=bucket, Policy=policy) except ClientError: # Roll back bucket creation. self.s3.delete_bucket(Bucket=bucket) raise return data
def test_bucket_not_exists(self): self.s3_client.head_bucket.side_effect = self.bucket_no_exists_error self.assertFalse( utils.s3_bucket_exists(self.s3_client, self.bucket_name))
def test_bucket_exists(self): self.assertTrue( utils.s3_bucket_exists(self.s3_client, self.bucket_name))
def _check_bucket_exists(self, bucket): self._s3_client.meta.events.unregister( 'after-call', unique_id='awscli-error-handler') return s3_bucket_exists(self._s3_client, bucket)
def test_bucket_exists_with_non_404(self): self.error_response["Error"]["Code"] = "403" self.error_response["Error"]["Message"] = "Forbidden" forbidden_error = ClientError(self.error_response, "HeadBucket") self.s3_client.head_bucket.side_effect = forbidden_error self.assertTrue(utils.s3_bucket_exists(self.s3_client, self.bucket_name))
def _check_bucket_exists(self, bucket): return s3_bucket_exists(self._s3_client, bucket)