def fake_cfn(request, context):
if request['RequestType'] == 'Create':
response = handler(request, context)
if response['Status'] == 'SUCCESS':
physical_resource_id = response['PhysicalResourceId']
objects[physical_resource_id] = json.loads(json.dumps(request))
if request['RequestType'] == 'Delete':
physical_resource_id = request['PhysicalResourceId']
response = handler(request, context)
del objects[physical_resource_id]
return response
if request['RequestType'] == 'Update':
physical_resource_id = request['PhysicalResourceId']
exists = physical_resource_id in objects
assert exists
request['OldResourceProperties'] = json.loads(
json.dumps(objects[physical_resource_id]['ResourceProperties']))
response = handler(request, context)
if response['Status'] == 'SUCCESS':
if response['PhysicalResourceId'] != physical_resource_id:
objects[response['PhysicalResourceId']] = json.loads(
json.dumps(request))
# delete the old resource, if the physical resource id change
delete_request = json.loads(
json.dumps(objects[physical_resource_id]))
delete_request['PhysicalResourceId'] = physical_resource_id
delete_request['RequestType'] = 'Delete'
delete_response = handler(delete_request, context)
assert delete_response['Status'] == 'SUCCESS', delete_response[
'Reason']
cfn_deleted[physical_resource_id] = True
return response
def test_invalid_physical_resource_id():
request = Request('Delete', 'bla', '/ok',
'devapi-auth0rules-Auth0AccessKey-1F0NKYHR4YF7Y')
response = handler(request, {})
assert response['Status'] == 'SUCCESS', response['Reason']
assert response[
'Reason'] == 'physical resource id is not an access key id.'
def test_invalid_physical_resource_id():
request = Request("Delete", "bla", "/ok",
"devapi-auth0rules-Auth0AccessKey-1F0NKYHR4YF7Y")
response = handler(request, {})
assert response["Status"] == "SUCCESS", response["Reason"]
assert response[
"Reason"] == "physical resource id is not an access key id."
def handler(request, context):
if request['ResourceType'] == 'Custom::RSAKey':
return cfn_rsakey_provider.handler(request, context)
elif request['ResourceType'] == 'Custom::KeyPair':
return cfn_keypair_provider.handler(request, context)
elif request['ResourceType'] == 'Custom::AccessKey':
return cfn_accesskey_provider.handler(request, context)
else:
return cfn_secret_provider.handler(request, context)
def fake_cfn(request, context):
if request["RequestType"] == "Create":
response = handler(request, context)
if response["Status"] == "SUCCESS":
physical_resource_id = response["PhysicalResourceId"]
objects[physical_resource_id] = json.loads(json.dumps(request))
if request["RequestType"] == "Delete":
physical_resource_id = request["PhysicalResourceId"]
response = handler(request, context)
if physical_resource_id in objects:
del objects[physical_resource_id]
return response
if request["RequestType"] == "Update":
physical_resource_id = request["PhysicalResourceId"]
exists = physical_resource_id in objects
assert exists
request["OldResourceProperties"] = json.loads(
json.dumps(objects[physical_resource_id]["ResourceProperties"]))
response = handler(request, context)
if response["Status"] == "SUCCESS":
if response["PhysicalResourceId"] != physical_resource_id:
objects[response["PhysicalResourceId"]] = json.loads(
json.dumps(request))
# delete the old resource, if the physical resource id change
delete_request = json.loads(
json.dumps(objects[physical_resource_id]))
delete_request["PhysicalResourceId"] = physical_resource_id
delete_request["RequestType"] = "Delete"
delete_response = handler(delete_request, context)
assert delete_response["Status"] == "SUCCESS", delete_response[
"Reason"]
cfn_deleted[physical_resource_id] = True
return response
def handler(request, context):
if request["ResourceType"] == "Custom::RSAKey":
return cfn_rsakey_provider.handler(request, context)
if request["ResourceType"] == "Custom::DSAKey":
return cfn_dsakey_provider.handler(request, context)
elif request["ResourceType"] == "Custom::KeyPair":
return cfn_keypair_provider.handler(request, context)
elif request["ResourceType"] == "Custom::AccessKey":
return cfn_accesskey_provider.handler(request, context)
elif request["ResourceType"] == "Custom::SecretsManagerSecret":
return cfn_secrets_manager_secret_provider.handler(request, context)
elif request["ResourceType"] == "Custom::ReadOnlySecret":
return cfn_read_only_secret_provider.handler(request, context)
else:
return cfn_secret_provider.handler(request, context)
def handler(request, context):
if request['ResourceType'] == 'Custom::RSAKey':
return cfn_rsakey_provider.handler(request, context)
if request['ResourceType'] == 'Custom::DSAKey':
return cfn_dsakey_provider.handler(request, context)
elif request['ResourceType'] == 'Custom::KeyPair':
return cfn_keypair_provider.handler(request, context)
elif request['ResourceType'] == 'Custom::IAMSSHPublicKey':
return cfn_iam_publickey_provider.handler(request, context)
elif request['ResourceType'] == 'Custom::AccessKey':
return cfn_accesskey_provider.handler(request, context)
elif request['ResourceType'] == 'Custom::SecretsManagerSecret':
return cfn_secrets_manager_secret_provider.handler(request, context)
else:
return cfn_secret_provider.handler(request, context)
def test_delete_non_existing_access_key():
name = '/test-{}'.format(uuid.uuid4())
request = Request('Delete', 'bla', name, 'AAAAAAAAAAAAAAAAAA')
response = handler(request, {})
assert response['Status'] == 'SUCCESS', response['Reason']
assert response['Reason'].startswith('no access key found under /')
def test_delete_non_existing_access_key():
name = "/test-{}".format(uuid.uuid4())
request = Request("Delete", "bla", name, "AAAAAAAAAAAAAAAAAA")
response = handler(request, {})
assert response["Status"] == "SUCCESS", response["Reason"]
assert response["Reason"].startswith("no access key found under /")
