def test_assume_role_from_cli_source_profile_no_role_duration_no_mfa(
aws_lib: MagicMock, profile_lib: MagicMock):
config = {}
arguments = argparse.Namespace(
role_duration=None,
session_name=None,
source_profile='mysource',
role_arn='myrolearn',
external_id=None,
mfa_token=None,
force_refresh=False,
)
profiles = {
'mysource': {
'aws_access_key_id': 'AKIA...',
'aws_secret_access_key': 'SECRET',
},
}
profile_lib.profile_to_credentials.return_value = {
'AccessKeyId': 'AKIA...',
'SecretAccessKey': 'SECRET',
}
default_plugins.assume_role_from_cli(config, arguments, profiles,
'us-east-1')
aws_lib.get_session_token.assert_not_called()
aws_lib.assume_role.assert_called_with(
profile_lib.profile_to_credentials.return_value,
arguments.role_arn,
'awsume-cli-role',
region='us-east-1',
external_id=arguments.external_id,
role_duration=0,
)
def test_assume_role_from_cli_source_profile_not_found(aws_lib: MagicMock,
profile_lib: MagicMock):
config = {}
arguments = argparse.Namespace(
role_duration=None,
session_name=None,
source_profile='notfoundsource',
role_arn='myrolearn',
external_id=None,
mfa_token='123123',
force_refresh=False,
)
profiles = {
'mysource': {
'aws_access_key_id': 'AKIA...',
'aws_secret_access_key': 'SECRET',
'mfa_serial': 'mymfaserial',
},
}
with pytest.raises(exceptions.ProfileNotFoundError):
default_plugins.assume_role_from_cli(config, arguments, profiles)
def test_assume_role_from_cli(aws_lib: MagicMock, profile_lib: MagicMock):
config = {}
arguments = argparse.Namespace(
role_duration=None,
session_name=None,
source_profile=None,
role_arn='myrolearn',
external_id=None,
mfa_token=None,
force_refresh=False,
)
profiles = {}
default_plugins.assume_role_from_cli(config, arguments, profiles)
aws_lib.assume_role.assert_called_with(
{},
arguments.role_arn,
'awsume-cli-role',
region=profile_lib.get_region.return_value,
external_id=arguments.external_id,
role_duration=0,
)
