def test_get_sts_access(self, mock_boto3_client): """Test _get_sts_access success.""" expected_access_key = FAKE.md5() expected_secret_access_key = FAKE.md5() expected_session_token = FAKE.md5() assume_role = { "Credentials": { "AccessKeyId": expected_access_key, "SecretAccessKey": expected_secret_access_key, "SessionToken": expected_session_token, } } sts_client = Mock() sts_client.assume_role.return_value = assume_role mock_boto3_client.return_value = sts_client iam_arn = "arn:aws:s3:::my_s3_bucket" credentials = _get_sts_access(iam_arn) sts_client.assume_role.assert_called() self.assertEqual(credentials.get("aws_access_key_id"), expected_access_key) self.assertEqual(credentials.get("aws_secret_access_key"), expected_secret_access_key) self.assertEqual(credentials.get("aws_session_token"), expected_session_token)
def test_get_sts_access(self, mock_boto3_client): """Test _get_sts_access success.""" expected_access_key = FAKE.md5() expected_secret_access_key = FAKE.md5() expected_session_token = FAKE.md5() assume_role = { 'Credentials': { 'AccessKeyId': expected_access_key, 'SecretAccessKey': expected_secret_access_key, 'SessionToken': expected_session_token } } sts_client = Mock() sts_client.assume_role.return_value = assume_role mock_boto3_client.return_value = sts_client iam_arn = 'arn:aws:s3:::my_s3_bucket' credentials = _get_sts_access(iam_arn) sts_client.assume_role.assert_called() self.assertEquals(credentials.get('aws_access_key_id'), expected_access_key) self.assertEquals(credentials.get('aws_secret_access_key'), expected_secret_access_key) self.assertEquals(credentials.get('aws_session_token'), expected_session_token)
def test_get_sts_access_fail(self, mock_boto3_client): """Test _get_sts_access fail.""" logging.disable(logging.NOTSET) sts_client = Mock() sts_client.assume_role.side_effect = _mock_boto3_kwargs_exception mock_boto3_client.return_value = sts_client iam_arn = 'arn:aws:s3:::my_s3_bucket' with self.assertLogs(level=logging.CRITICAL): credentials = _get_sts_access(iam_arn) self.assertIn('aws_access_key_id', credentials) self.assertIn('aws_secret_access_key', credentials) self.assertIn('aws_session_token', credentials) self.assertIsNone(credentials.get('aws_access_key_id')) self.assertIsNone(credentials.get('aws_secret_access_key')) self.assertIsNone(credentials.get('aws_session_token'))
def test_parm_val_exception(self, mock_boto3_client): """Test _get_sts_access fail.""" logging.disable(logging.NOTSET) sts_client = Mock() sts_client.assume_role.side_effect = ParamValidationError(report="test") mock_boto3_client.return_value = sts_client iam_arn = "BAD" with self.assertLogs(level=logging.CRITICAL): credentials = _get_sts_access(iam_arn) self.assertIn("aws_access_key_id", credentials) self.assertIn("aws_secret_access_key", credentials) self.assertIn("aws_session_token", credentials) self.assertIsNone(credentials.get("aws_access_key_id")) self.assertIsNone(credentials.get("aws_secret_access_key")) self.assertIsNone(credentials.get("aws_session_token"))