Exemple #1
0
def test_usage_plans_keys():
    backend = server.create_backend_app('apigateway')
    test_client = backend.test_client()
    usage_plan_id = 'test_plan_id'

    # Create API key to be used in tests
    res = test_client.post('/apikeys', data=json.dumps({'name': 'test'}))
    created_api_key = json.loads(res.data)

    # List usage plans keys (expect empty)
    res = test_client.get('/usageplans/{0}/keys'.format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(0)

    # Create usage plan key
    res = test_client.post('/usageplans/{0}/keys'.format(usage_plan_id), data=json.dumps({'keyId': created_api_key["id"], 'keyType': 'API_KEY'}))
    created_usage_plan_key = json.loads(res.data)

    # List usage plans keys (expect 1 key)
    res = test_client.get('/usageplans/{0}/keys'.format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(1)

    # Get single usage plan key
    res = test_client.get('/usageplans/{0}/keys/{1}'.format(usage_plan_id, created_api_key["id"]))
    fetched_plan_key = json.loads(res.data)
    fetched_plan_key.should.equal(created_usage_plan_key)

    # Delete usage plan key
    res = test_client.delete('/usageplans/{0}/keys/{1}'.format(usage_plan_id, created_api_key["id"]))
    res.data.should.equal(b'{}')

    # List usage plans keys (expect to be empty again)
    res = test_client.get('/usageplans/{0}/keys'.format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(0)
Exemple #2
0
def test_rotate_secret():
    backend = server.create_backend_app('secretsmanager')
    test_client = backend.test_client()

    create_secret = test_client.post('/',
                        data={"Name": "test-secret",
                              "SecretString": "foosecret"},
                        headers={
                            "X-Amz-Target": "secretsmanager.CreateSecret"
                        },
                    )

    client_request_token = "EXAMPLE2-90ab-cdef-fedc-ba987SECRET2"
    rotate_secret = test_client.post('/',
                        data={"SecretId": "test-secret",
                              "ClientRequestToken": client_request_token},
                        headers={
                            "X-Amz-Target": "secretsmanager.RotateSecret"
                        },
                    )

    json_data = json.loads(rotate_secret.data.decode("utf-8"))
    assert json_data   # Returned dict is not empty
    assert json_data['ARN'] != ''
    assert json_data['Name'] == 'test-secret'
    assert json_data['VersionId'] == client_request_token
Exemple #3
0
def test_iot_list():
    backend = server.create_backend_app("iot")
    test_client = backend.test_client()

    # just making sure that server is up
    res = test_client.get('/things')
    res.status_code.should.equal(404)
Exemple #4
0
def test_list_databases():
    backend = server.create_backend_app("rds")
    test_client = backend.test_client()

    res = test_client.get('/?Action=DescribeDBInstances')

    res.data.decode("utf-8").should.contain("<DescribeDBInstancesResult>")
Exemple #5
0
def test_elbv2_describe_load_balancers():
    backend = server.create_backend_app("elbv2")
    test_client = backend.test_client()

    res = test_client.get('/?Action=DescribeLoadBalancers&Version=2015-12-01')

    res.data.should.contain(b'DescribeLoadBalancersResponse')
Exemple #6
0
def test_rotate_secret_client_request_token_too_long():
    backend = server.create_backend_app('secretsmanager')
    test_client = backend.test_client()

    create_secret = test_client.post('/',
                        data={"Name": "test-secret",
                              "SecretString": "foosecret"},
                        headers={
                            "X-Amz-Target": "secretsmanager.CreateSecret"
                        },
                    )

    client_request_token = (
        'ED9F8B6C-85B7-446A-B7E4-38F2A3BEB13C-'
        'ED9F8B6C-85B7-446A-B7E4-38F2A3BEB13C'
    )
    rotate_secret = test_client.post('/',
                        data={"SecretId": "test-secret",
                              "ClientRequestToken": client_request_token},
                        headers={
                            "X-Amz-Target": "secretsmanager.RotateSecret"
                        },
                    )

    json_data = json.loads(rotate_secret.data.decode("utf-8"))
    assert json_data['message'] == "ClientRequestToken must be 32-64 characters long."
    assert json_data['__type'] == 'InvalidParameterException'
Exemple #7
0
def test_sqs_list_identities():
    backend = server.create_backend_app("sqs")
    test_client = backend.test_client()

    res = test_client.get('/?Action=ListQueues')
    res.data.should.contain(b"ListQueuesResponse")

    # Make sure that we can receive messages from queues whose name contains dots (".")
    # The AWS API mandates that the names of FIFO queues use the suffix ".fifo"
    # See: https://github.com/spulec/moto/issues/866

    for queue_name in ('testqueue', 'otherqueue.fifo'):

        res = test_client.put('/?Action=CreateQueue&QueueName=%s' % queue_name)


        res = test_client.put(
            '/123/%s?MessageBody=test-message&Action=SendMessage' % queue_name)

        res = test_client.get(
            '/123/%s?Action=ReceiveMessage&MaxNumberOfMessages=1' % queue_name)

        message = re.search("<Body>(.*?)</Body>",
                            res.data.decode('utf-8')).groups()[0]
        message.should.equal('test-message')

    res = test_client.get('/?Action=ListQueues&QueueNamePrefix=other')
    res.data.should.contain(b'otherqueue.fifo')
    res.data.should_not.contain(b'testqueue')
Exemple #8
0
def test_list_vaults():
    backend = server.create_backend_app("glacier")
    test_client = backend.test_client()

    res = test_client.get('/1234bcd/vaults')

    json.loads(res.data.decode("utf-8")).should.equal({u'Marker': None, u'VaultList': []})
Exemple #9
0
def test_create_secret():

    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    res = test_client.post('/',
                           data={"Name": "test-secret",
                                 "SecretString": "foo-secret"},
                           headers={
                               "X-Amz-Target": "secretsmanager.CreateSecret"},
                           )
    res_2 = test_client.post('/',
                           data={"Name": "test-secret-2",
                                 "SecretString": "bar-secret"},
                           headers={
                               "X-Amz-Target": "secretsmanager.CreateSecret"},
                           )

    json_data = json.loads(res.data.decode("utf-8"))
    assert json_data['ARN'] != ''
    assert json_data['Name'] == 'test-secret'
    
    json_data_2 = json.loads(res_2.data.decode("utf-8"))
    assert json_data_2['ARN'] != ''
    assert json_data_2['Name'] == 'test-secret-2'
Exemple #10
0
def test_usage_plans_apis():
    backend = server.create_backend_app('apigateway')
    test_client = backend.test_client()

    # List usage plans (expect empty)
    res = test_client.get('/usageplans')
    json.loads(res.data)["item"].should.have.length_of(0)

    # Create usage plan
    res = test_client.post('/usageplans', data=json.dumps({'name': 'test'}))
    created_plan = json.loads(res.data)
    created_plan['name'].should.equal('test')

    # List usage plans (expect 1 plan)
    res = test_client.get('/usageplans')
    json.loads(res.data)["item"].should.have.length_of(1)

    # Get single usage plan
    res = test_client.get('/usageplans/{0}'.format(created_plan["id"]))
    fetched_plan = json.loads(res.data)
    fetched_plan.should.equal(created_plan)

    # Delete usage plan
    res = test_client.delete('/usageplans/{0}'.format(created_plan["id"]))
    res.data.should.equal(b'{}')

    # List usage plans (expect empty again)
    res = test_client.get('/usageplans')
    json.loads(res.data)["item"].should.have.length_of(0)
Exemple #11
0
def test_s3_server_get():
    backend = server.create_backend_app("s3bucket_path")
    test_client = backend.test_client()

    res = test_client.get('/')

    res.data.should.contain(b'ListAllMyBucketsResult')
Exemple #12
0
def test_s3_server_bucket_create():
    backend = server.create_backend_app("s3bucket_path")
    test_client = backend.test_client()

    res = test_client.put('/foobar', 'http://localhost:5000')
    res.status_code.should.equal(200)

    res = test_client.get('/')
    res.data.should.contain(b'<Name>foobar</Name>')

    res = test_client.get('/foobar', 'http://localhost:5000')
    res.status_code.should.equal(200)
    res.data.should.contain(b"ListBucketResult")

    res = test_client.put('/foobar2/', 'http://localhost:5000')
    res.status_code.should.equal(200)

    res = test_client.get('/')
    res.data.should.contain(b'<Name>foobar2</Name>')

    res = test_client.get('/foobar2/', 'http://localhost:5000')
    res.status_code.should.equal(200)
    res.data.should.contain(b"ListBucketResult")

    res = test_client.get('/missing-bucket', 'http://localhost:5000')
    res.status_code.should.equal(404)

    res = test_client.put('/foobar/bar', 'http://localhost:5000', data='test value')
    res.status_code.should.equal(200)

    res = test_client.get('/foobar/bar', 'http://localhost:5000')
    res.status_code.should.equal(200)
    res.data.should.equal(b"test value")
Exemple #13
0
def test_elb_describe_instances():
    backend = server.create_backend_app("elb")
    test_client = backend.test_client()

    res = test_client.get('/?Action=DescribeLoadBalancers')

    res.data.should.contain('DescribeLoadBalancersResponse')
Exemple #14
0
def test_messages_polling():
    backend = server.create_backend_app("sqs")
    test_client = backend.test_client()
    messages = []

    test_client.put('/?Action=CreateQueue&QueueName=testqueue')

    def insert_messages():
        messages_count = 5
        while messages_count > 0:
            test_client.put(
                '/123/testqueue?MessageBody=test-message&Action=SendMessage'
                '&Attribute.1.Name=WaitTimeSeconds&Attribute.1.Value=10'
            )
            messages_count -= 1
            time.sleep(.5)

    def get_messages():
        msg_res = test_client.get(
            '/123/testqueue?Action=ReceiveMessage&MaxNumberOfMessages=1&WaitTimeSeconds=5'
        )
        [messages.append(m) for m in re.findall("<Body>(.*?)</Body>", msg_res.data.decode('utf-8'))]

    get_messages_thread = threading.Thread(target=get_messages)
    insert_messages_thread = threading.Thread(target=insert_messages)

    get_messages_thread.start()
    insert_messages_thread.start()

    get_messages_thread.join()
    insert_messages_thread.join()

    assert len(messages) == 5
Exemple #15
0
def test_create_usage_plans_key_non_existent_api_key():
    backend = server.create_backend_app('apigateway')
    test_client = backend.test_client()
    usage_plan_id = 'test_plan_id'

    # Create usage plan key with non-existent api key
    res = test_client.post('/usageplans/{0}/keys'.format(usage_plan_id), data=json.dumps({'keyId': 'non-existent', 'keyType': 'API_KEY'}))
    res.status_code.should.equal(404)
Exemple #16
0
def test_describe_autoscaling_groups():
    backend = server.create_backend_app("autoscaling")
    test_client = backend.test_client()

    res = test_client.get("/?Action=DescribeLaunchConfigurations")

    res.data.should.contain(b"<DescribeLaunchConfigurationsResponse")
    res.data.should.contain(b"<LaunchConfigurations>")
Exemple #17
0
def test_describe_clusters():
    backend = server.create_backend_app("redshift")
    test_client = backend.test_client()

    res = test_client.get('/?Action=DescribeClusters')

    result = res.data.decode("utf-8")
    result.should.contain("<Clusters></Clusters>")
Exemple #18
0
def test_s3_server_bucket_versioning():
    backend = server.create_backend_app("s3")
    test_client = backend.test_client()

    # Just enough XML to enable versioning
    body = '<Status>Enabled</Status>'
    res = test_client.put('/?versioning', 'http://foobaz.localhost:5000', data=body)
    res.status_code.should.equal(200)
Exemple #19
0
def test_sts_get_session_token():
    backend = server.create_backend_app("sts")
    test_client = backend.test_client()

    res = test_client.get('/?Action=GetSessionToken')
    res.status_code.should.equal(200)
    res.data.should.contain("SessionToken")
    res.data.should.contain("AccessKeyId")
Exemple #20
0
def test_describe_jobflows():
    backend = server.create_backend_app("emr")
    test_client = backend.test_client()

    res = test_client.get('/?Action=DescribeJobFlows')

    res.data.should.contain('<DescribeJobFlowsResult>')
    res.data.should.contain('<JobFlows>')
Exemple #21
0
def test_iotdata_list():
    backend = server.create_backend_app("iot-data")
    test_client = backend.test_client()

    # just making sure that server is up
    thing_name = 'nothing'
    res = test_client.get('/things/{}/shadow'.format(thing_name))
    res.status_code.should.equal(404)
Exemple #22
0
def test_sts_get_caller_identity():
    backend = server.create_backend_app("sts")
    test_client = backend.test_client()

    res = test_client.get('/?Action=GetCallerIdentity')
    res.status_code.should.equal(200)
    res.data.should.contain(b"Arn")
    res.data.should.contain(b"UserId")
    res.data.should.contain(b"Account")
Exemple #23
0
def test_describe_clusters():
    backend = server.create_backend_app("redshift")
    test_client = backend.test_client()

    res = test_client.get('/?Action=DescribeClusters')

    json_data = json.loads(res.data.decode("utf-8"))
    clusters = json_data['DescribeClustersResponse']['DescribeClustersResult']['Clusters']
    list(clusters).should.equal([])
Exemple #24
0
def test_table_list():
    backend = server.create_backend_app("dynamodb2")
    test_client = backend.test_client()
    res = test_client.get('/')
    res.status_code.should.equal(404)

    headers = {'X-Amz-Target': 'TestTable.ListTables'}
    res = test_client.get('/', headers=headers)
    res.data.should.contain(b'TableNames')
Exemple #25
0
def test_s3_server_post_without_content_length():
    backend = server.create_backend_app("s3")
    test_client = backend.test_client()

    res = test_client.put('/', 'http://tester.localhost:5000/', environ_overrides={'CONTENT_LENGTH': ''})
    res.status_code.should.equal(411)

    res = test_client.post('/', "https://tester.localhost:5000/", environ_overrides={'CONTENT_LENGTH': ''})
    res.status_code.should.equal(411)
Exemple #26
0
def test_table_list():
    backend = server.create_backend_app("dynamodb")
    test_client = backend.test_client()

    res = test_client.get("/")
    res.status_code.should.equal(404)

    headers = {"X-Amz-Target": "TestTable.ListTables"}
    res = test_client.get("/", headers=headers)
    res.data.should.contain("TableNames")
Exemple #27
0
def test_sns_server_get():
    backend = server.create_backend_app("sns")
    test_client = backend.test_client()

    topic_data = test_client.action_json("CreateTopic", Name="test topic")
    topic_arn = topic_data["CreateTopicResponse"]["CreateTopicResult"]["TopicArn"]
    topics_data = test_client.action_json("ListTopics")
    topics_arns = [t["TopicArn"] for t in topics_data["ListTopicsResponse"]["ListTopicsResult"]["Topics"]]

    assert topic_arn in topics_arns
Exemple #28
0
def test_list_keys():
    backend = server.create_backend_app("kms")
    test_client = backend.test_client()

    res = test_client.get('/?Action=ListKeys')

    json.loads(res.data.decode("utf-8")).should.equal({
        "Keys": [],
        "NextMarker": None,
        "Truncated": False,
    })
Exemple #29
0
def test_list_streams():
    backend = server.create_backend_app("kinesis")
    test_client = backend.test_client()

    res = test_client.get('/?Action=ListStreams')

    json_data = json.loads(res.data.decode("utf-8"))
    json_data.should.equal({
        "HasMoreStreams": False,
        "StreamNames": [],
    })
Exemple #30
0
def test_sns_server_get():
    backend = server.create_backend_app("sns")
    test_client = backend.test_client()

    topic_data = test_client.action_data("CreateTopic", Name="test topic")
    topic_data.should.contain("CreateTopicResult")
    topic_data.should.contain("<TopicArn>arn:aws:sns:us-east-1:123456789012:test topic</TopicArn>")

    topics_data = test_client.action_data("ListTopics")
    topics_data.should.contain("ListTopicsResult")
    topic_data.should.contain("<TopicArn>arn:aws:sns:us-east-1:123456789012:test topic</TopicArn>")
Exemple #31
0
def test_can_list_secret_version_ids():
    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    put_first_secret_value_json = test_client.post(
        "/",
        data={
            "SecretId": DEFAULT_SECRET_NAME,
            "SecretString": "secret",
            "VersionStages": ["AWSCURRENT"],
        },
        headers={"X-Amz-Target": "secretsmanager.PutSecretValue"},
    )
    first_secret_json_data = json.loads(
        put_first_secret_value_json.data.decode("utf-8")
    )
    first_secret_version_id = first_secret_json_data["VersionId"]
    put_second_secret_value_json = test_client.post(
        "/",
        data={
            "SecretId": DEFAULT_SECRET_NAME,
            "SecretString": "secret",
            "VersionStages": ["AWSCURRENT"],
        },
        headers={"X-Amz-Target": "secretsmanager.PutSecretValue"},
    )
    second_secret_json_data = json.loads(
        put_second_secret_value_json.data.decode("utf-8")
    )
    second_secret_version_id = second_secret_json_data["VersionId"]

    list_secret_versions_json = test_client.post(
        "/",
        data={"SecretId": DEFAULT_SECRET_NAME},
        headers={"X-Amz-Target": "secretsmanager.ListSecretVersionIds"},
    )

    versions_list = json.loads(list_secret_versions_json.data.decode("utf-8"))

    returned_version_ids = [v["VersionId"] for v in versions_list["Versions"]]

    assert [
        first_secret_version_id,
        second_secret_version_id,
    ].sort() == returned_version_ids.sort()
Exemple #32
0
def test_list_attached_policies(url_encode_arn):
    backend = server.create_backend_app("iot")
    test_client = backend.test_client()

    result = test_client.post("/keys-and-certificate?setAsActive=true")
    result_dict = json.loads(result.data.decode("utf-8"))
    certificate_arn = result_dict["certificateArn"]

    test_client.post("/policies/my-policy", json={"policyDocument": {}})
    test_client.put("/target-policies/my-policy", json={"target": certificate_arn})

    if url_encode_arn:
        certificate_arn = quote(certificate_arn, safe="")

    result = test_client.post("/attached-policies/{}".format(certificate_arn))
    result.status_code.should.equal(200)
    result_dict = json.loads(result.data.decode("utf-8"))
    result_dict["policies"][0]["policyName"].should.equal("my-policy")
Exemple #33
0
def test_create_secret():

    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    res = test_client.post(
        '/',
        data={
            "Name": "test-secret",
            "SecretString": "foo-secret"
        },
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )

    json_data = json.loads(res.data.decode("utf-8"))
    assert json_data['ARN'] == (
        'arn:aws:secretsmanager:us-east-1:1234567890:secret:test-secret-rIjad')
    assert json_data['Name'] == 'test-secret'
Exemple #34
0
def test_create_cluster(is_json):
    backend = server.create_backend_app("redshift")
    test_client = backend.test_client()

    create_params = ("?Action=CreateCluster"
                     "&ClusterIdentifier=examplecluster"
                     "&MasterUsername=masteruser"
                     "&MasterUserPassword=12345678Aa"
                     "&NodeType=ds2.xlarge")
    if is_json:
        create_params += "&ContentType=JSON"
    res = test_client.post(create_params)

    result = res.data.decode("utf-8")

    if is_json:
        result = json.loads(result)
    else:
        result = xmltodict.parse(result, dict_constructor=dict)

    del result["CreateClusterResponse"]["ResponseMetadata"]
    result.should.have.key("CreateClusterResponse")
    result["CreateClusterResponse"].should.have.key("CreateClusterResult")
    result["CreateClusterResponse"]["CreateClusterResult"].should.have.key(
        "Cluster")
    result = result["CreateClusterResponse"]["CreateClusterResult"]["Cluster"]

    result.should.have.key("MasterUsername").equal("masteruser")
    result.should.have.key("MasterUserPassword").equal("****")
    result.should.have.key("ClusterVersion").equal("1.0")
    result.should.have.key("ClusterSubnetGroupName").equal(None)
    result.should.have.key("AvailabilityZone").equal("us-east-1a")
    result.should.have.key("ClusterStatus").equal("creating")
    result.should.have.key("NumberOfNodes").equal(1 if is_json else "1")
    result.should.have.key("PubliclyAccessible").equal(None)
    result.should.have.key("Encrypted").equal(None)
    result.should.have.key("DBName").equal("dev")
    result.should.have.key("NodeType").equal("ds2.xlarge")
    result.should.have.key("ClusterIdentifier").equal("examplecluster")
    result.should.have.key("Endpoint").should.have.key("Address").match(
        "examplecluster.[a-z0-9]+.us-east-1.redshift.amazonaws.com")
    result.should.have.key("Endpoint").should.have.key("Port").equal(
        5439 if is_json else "5439")
    result.should.have.key("ClusterCreateTime")
Exemple #35
0
def test_get_secret_that_does_not_match():
    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    create_secret = test_client.post('/',
                           data={"Name": "test-secret",
                                 "SecretString": "foo-secret"},
                           headers={
                               "X-Amz-Target": "secretsmanager.CreateSecret"},
                           )
    get_secret = test_client.post('/',
                           data={"SecretId": "i-dont-match",
                                 "VersionStage": "AWSCURRENT"},
                           headers={
                               "X-Amz-Target": "secretsmanager.GetSecretValue"},
                           )
    json_data = json.loads(get_secret.data.decode("utf-8"))
    assert json_data['message'] == "Secrets Manager can't find the specified secret"
    assert json_data['__type'] == 'ResourceNotFoundException'
Exemple #36
0
    def test_rotate_secret_with_incorrect_lambda_arn():
        secretsmanager_backend = server.create_backend_app("secretsmanager")
        secretsmanager_client = secretsmanager_backend.test_client()

        secretsmanager_client.post(
            "/",
            data={"Name": DEFAULT_SECRET_NAME, "SecretString": "foosecret"},
            headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
        )

        resp = secretsmanager_client.post(
            "/",
            data={"SecretId": DEFAULT_SECRET_NAME, "RotationLambdaARN": "notarealarn",},
            headers={"X-Amz-Target": "secretsmanager.RotateSecret"},
        )
        json_data = json.loads(resp.data.decode("utf-8"))
        assert json_data["message"] == "Resource not found for ARN 'notarealarn'."
        assert json_data["__type"] == "ResourceNotFoundException"
        assert resp.status_code == 404
Exemple #37
0
def test_cloudformation_server_get():
    backend = server.create_backend_app("cloudformation")
    stack_name = 'test stack'
    test_client = backend.test_client()
    template_body = {
        "Resources": {},
    }
    create_stack_resp = test_client.action_data("CreateStack", StackName=stack_name,
                                                TemplateBody=json.dumps(template_body))
    create_stack_resp.should.match(
        r"<CreateStackResponse>.*<CreateStackResult>.*<StackId>.*</StackId>.*</CreateStackResult>.*</CreateStackResponse>", re.DOTALL)
    stack_id_from_create_response = re.search(
        "<StackId>(.*)</StackId>", create_stack_resp).groups()[0]

    list_stacks_resp = test_client.action_data("ListStacks")
    stack_id_from_list_response = re.search(
        "<StackId>(.*)</StackId>", list_stacks_resp).groups()[0]

    stack_id_from_create_response.should.equal(stack_id_from_list_response)
Exemple #38
0
def test_update_item_in_nonexisting_table():
    backend = server.create_backend_app("dynamodb")
    test_client = backend.test_client()

    # UpdateItem
    headers = {"X-Amz-Target": "DynamoDB_20111205.UpdateItem"}
    request_body = {
        "TableName": "nonexistent",
        "Key": {
            "HashKeyElement": {"S": "customer"},
            "RangeKeyElement": {"N": "12341234"},
        },
        "AttributeUpdates": {"new_att": {"Value": {"SS": ["val"]}, "Action": "PUT"}},
    }
    res = test_client.post("/", headers=headers, json=request_body)
    res.status_code.should.equal(400)
    json.loads(res.data).should.equal(
        {"__type": "com.amazonaws.dynamodb.v20111205#ResourceNotFoundException"}
    )
Exemple #39
0
def test_get_secret_that_has_no_value():
    backend = server.create_backend_app('secretsmanager')
    test_client = backend.test_client()

    create_secret = test_client.post(
        '/',
        data={"Name": DEFAULT_SECRET_NAME},
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )
    get_secret = test_client.post(
        '/',
        data={"SecretId": DEFAULT_SECRET_NAME},
        headers={"X-Amz-Target": "secretsmanager.GetSecretValue"},
    )

    json_data = json.loads(get_secret.data.decode("utf-8"))
    assert json_data[
        'message'] == u"Secrets Manager can\u2019t find the specified secret value for staging label: AWSCURRENT"
    assert json_data['__type'] == 'ResourceNotFoundException'
Exemple #40
0
def test_get_secret_value():

    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    create_secret = test_client.post(
        "/",
        data={"Name": DEFAULT_SECRET_NAME, "SecretString": "foo-secret"},
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )
    get_secret = test_client.post(
        "/",
        data={"SecretId": DEFAULT_SECRET_NAME, "VersionStage": "AWSCURRENT"},
        headers={"X-Amz-Target": "secretsmanager.GetSecretValue"},
    )

    json_data = json.loads(get_secret.data.decode("utf-8"))

    assert json_data["SecretString"] == "foo-secret"
Exemple #41
0
def test_rotate_secret_that_does_not_match():
    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    create_secret = test_client.post(
        "/",
        data={"Name": DEFAULT_SECRET_NAME, "SecretString": "foosecret"},
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )

    rotate_secret = test_client.post(
        "/",
        data={"SecretId": "i-dont-match"},
        headers={"X-Amz-Target": "secretsmanager.RotateSecret"},
    )

    json_data = json.loads(rotate_secret.data.decode("utf-8"))
    assert json_data["message"] == "Secrets Manager can't find the specified secret."
    assert json_data["__type"] == "ResourceNotFoundException"
Exemple #42
0
def test_put_secret_value_puts_new_secret():
    backend = server.create_backend_app('secretsmanager')
    test_client = backend.test_client()

    test_client.post(
        '/',
        data={
            "SecretId": DEFAULT_SECRET_NAME,
            "SecretString": "foosecret",
            "VersionStages": ["AWSCURRENT"]
        },
        headers={"X-Amz-Target": "secretsmanager.PutSecretValue"},
    )

    put_second_secret_value_json = test_client.post(
        '/',
        data={
            "SecretId": DEFAULT_SECRET_NAME,
            "SecretString": "foosecret",
            "VersionStages": ["AWSCURRENT"]
        },
        headers={"X-Amz-Target": "secretsmanager.PutSecretValue"},
    )
    second_secret_json_data = json.loads(
        put_second_secret_value_json.data.decode("utf-8"))

    version_id = second_secret_json_data['VersionId']

    secret_value_json = test_client.post(
        '/',
        data={
            "SecretId": DEFAULT_SECRET_NAME,
            "VersionId": version_id,
            "VersionStage": 'AWSCURRENT'
        },
        headers={"X-Amz-Target": "secretsmanager.GetSecretValue"},
    )

    second_secret_json_data = json.loads(
        secret_value_json.data.decode("utf-8"))

    assert second_secret_json_data
    assert second_secret_json_data['SecretString'] == 'foosecret'
Exemple #43
0
def test_create_identity_pool():

    backend = server.create_backend_app("cognito-identity")
    test_client = backend.test_client()

    res = test_client.post(
        "/",
        data={
            "IdentityPoolName": "test",
            "AllowUnauthenticatedIdentities": True
        },
        headers={
            "X-Amz-Target":
            "com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.CreateIdentityPool"
        },
    )

    json_data = json.loads(res.data.decode("utf-8"))
    assert json_data["IdentityPoolName"] == "test"
Exemple #44
0
    def setUpClass(cls) -> None:
        cls.env = EnvironmentVarGuard()

        if os.getenv("IS_LOCAL", True):
            cls.env.set('DYNAMO_TABLE', 'test_table')
            cls.env.set('AWS_REGION', 'us-west-1')
            cls.env.set('AWS_ENDPOINT_URL', 'http://localhost:7012')
            cls.env.set('AWS_ACCESS_KEY_ID', 'testing')
            cls.env.set('AWS_SECRET_ACCESS_KEY', 'testing')
            cls.env.set('AWS_SECURITY_TOKEN', 'testing')
            cls.env.set('AWS_SESSION_TOKEN', 'testing')
            cls.env.set('PERSONALIZE_SRC_FILE',
                        'app/personalize/rsvp_content.yaml')
            cls.moto_app = create_backend_app("dynamodb2")
            cls.moto_thread = threading.Thread(target=cls.moto_app.run,
                                               args=("localhost", 7012),
                                               kwargs={"use_reloader": False})
            cls.moto_thread.setDaemon(True)
            cls.moto_thread.start()
Exemple #45
0
def test_put_secret_value_can_get_first_version_if_put_twice():
    backend = server.create_backend_app('secretsmanager')
    test_client = backend.test_client()

    first_secret_string = 'first_secret'
    second_secret_string = 'second_secret'

    put_first_secret_value_json = test_client.post('/',
                                                   data={
                                                       "SecretId": DEFAULT_SECRET_NAME,
                                                       "SecretString": first_secret_string,
                                                       "VersionStages": ["AWSCURRENT"]},
                                                   headers={
                                                       "X-Amz-Target": "secretsmanager.PutSecretValue"},
                                                   )

    first_secret_json_data = json.loads(put_first_secret_value_json.data.decode("utf-8"))

    first_secret_version_id = first_secret_json_data['VersionId']

    test_client.post('/',
                     data={
                         "SecretId": DEFAULT_SECRET_NAME,
                         "SecretString": second_secret_string,
                         "VersionStages": ["AWSCURRENT"]},
                     headers={
                         "X-Amz-Target": "secretsmanager.PutSecretValue"},
                     )

    get_first_secret_value_json = test_client.post('/',
                                                   data={
                                                       "SecretId": DEFAULT_SECRET_NAME,
                                                       "VersionId": first_secret_version_id,
                                                       "VersionStage": 'AWSCURRENT'},
                                                   headers={
                                                       "X-Amz-Target": "secretsmanager.GetSecretValue"},
                                                   )

    get_first_secret_json_data = json.loads(get_first_secret_value_json.data.decode("utf-8"))

    assert get_first_secret_json_data
    assert get_first_secret_json_data['SecretString'] == first_secret_string
Exemple #46
0
def test_describe_secret():

    backend = server.create_backend_app('secretsmanager')
    test_client = backend.test_client()

    create_secret = test_client.post(
        '/',
        data={
            "Name": "test-secret",
            "SecretString": "foosecret"
        },
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )
    describe_secret = test_client.post(
        '/',
        data={"SecretId": "test-secret"},
        headers={"X-Amz-Target": "secretsmanager.DescribeSecret"},
    )

    create_secret_2 = test_client.post(
        '/',
        data={
            "Name": "test-secret-2",
            "SecretString": "barsecret"
        },
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )
    describe_secret_2 = test_client.post(
        '/',
        data={"SecretId": "test-secret-2"},
        headers={"X-Amz-Target": "secretsmanager.DescribeSecret"},
    )

    json_data = json.loads(describe_secret.data.decode("utf-8"))
    assert json_data  # Returned dict is not empty
    assert json_data['ARN'] != ''
    assert json_data['Name'] == 'test-secret'

    json_data_2 = json.loads(describe_secret_2.data.decode("utf-8"))
    assert json_data_2  # Returned dict is not empty
    assert json_data_2['ARN'] != ''
    assert json_data_2['Name'] == 'test-secret-2'
Exemple #47
0
def test_describe_secret():

    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    test_client.post(
        "/",
        data={
            "Name": "test-secret",
            "SecretString": "foosecret"
        },
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )
    describe_secret = test_client.post(
        "/",
        data={"SecretId": "test-secret"},
        headers={"X-Amz-Target": "secretsmanager.DescribeSecret"},
    )

    test_client.post(
        "/",
        data={
            "Name": "test-secret-2",
            "SecretString": "barsecret"
        },
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )
    describe_secret_2 = test_client.post(
        "/",
        data={"SecretId": "test-secret-2"},
        headers={"X-Amz-Target": "secretsmanager.DescribeSecret"},
    )

    json_data = json.loads(describe_secret.data.decode("utf-8"))
    assert json_data  # Returned dict is not empty
    assert json_data["ARN"] != ""
    assert json_data["Name"] == "test-secret"

    json_data_2 = json.loads(describe_secret_2.data.decode("utf-8"))
    assert json_data_2  # Returned dict is not empty
    assert json_data_2["ARN"] != ""
    assert json_data_2["Name"] == "test-secret-2"
Exemple #48
0
def test_s3_server_bucket_create():
    backend = server.create_backend_app("s3")
    test_client = backend.test_client()

    res = test_client.put('/', 'http://foobaz.localhost:5000/')
    res.status_code.should.equal(200)

    res = test_client.get('/')
    res.data.should.contain('<Name>foobaz</Name>')

    res = test_client.get('/', 'http://foobaz.localhost:5000/')
    res.status_code.should.equal(200)
    res.data.should.contain("ListBucketResult")

    res = test_client.put('/bar', 'http://foobaz.localhost:5000/', data='test value')
    res.status_code.should.equal(200)

    res = test_client.get('/bar', 'http://foobaz.localhost:5000/')
    res.status_code.should.equal(200)
    res.data.should.equal("test value")
Exemple #49
0
def test_sqs_list_identities():
    backend = server.create_backend_app("sqs")
    test_client = backend.test_client()

    res = test_client.get('/?Action=ListQueues')
    res.data.should.contain("ListQueuesResponse")

    res = test_client.put('/?Action=CreateQueue&QueueName=testqueue')
    res = test_client.put('/?Action=CreateQueue&QueueName=otherqueue')

    res = test_client.get('/?Action=ListQueues&QueueNamePrefix=other')
    res.data.should_not.contain('testqueue')

    res = test_client.put(
        '/123/testqueue?MessageBody=test-message&Action=SendMessage')

    res = test_client.get(
        '/123/testqueue?Action=ReceiveMessage&MaxNumberOfMessages=1')
    message = re.search("<Body>(.*?)</Body>", res.data).groups()[0]
    message.should.equal('test-message')
Exemple #50
0
    def test_rotate_secret_lambda_invocations():
        conn = boto3.client("iam", region_name="us-east-1")
        logs_conn = boto3.client("logs", region_name="us-east-1")
        role = conn.create_role(
            RoleName="role", AssumeRolePolicyDocument="some policy", Path="/my-path/",
        )

        conn = boto3.client("lambda", region_name="us-east-1")
        func = conn.create_function(
            FunctionName="testFunction",
            Code=dict(ZipFile=get_test_zip_file1()),
            Handler="lambda_function.lambda_handler",
            Runtime="python2.7",
            Role=role["Role"]["Arn"],
        )

        secretsmanager_backend = server.create_backend_app("secretsmanager")
        secretsmanager_client = secretsmanager_backend.test_client()

        secretsmanager_client.post(
            "/",
            data={"Name": DEFAULT_SECRET_NAME, "SecretString": "foosecret"},
            headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
        )

        with pytest.raises(logs_conn.exceptions.ResourceNotFoundException):
            # The log group doesn't exist yet
            logs_conn.describe_log_streams(logGroupName="/aws/lambda/testFunction")

        secretsmanager_client.post(
            "/",
            data={
                "SecretId": DEFAULT_SECRET_NAME,
                "RotationLambdaARN": func["FunctionArn"],
            },
            headers={"X-Amz-Target": "secretsmanager.RotateSecret"},
        )

        # The log group now exists and has been logged to 4 times (for each invocation)
        logs = logs_conn.describe_log_streams(logGroupName="/aws/lambda/testFunction")
        assert len(logs["logStreams"]) == 4
Exemple #51
0
def test_usage_plans_keys():
    backend = server.create_backend_app("apigateway")
    test_client = backend.test_client()
    usage_plan_id = "test_plan_id"

    # Create API key to be used in tests
    res = test_client.post("/apikeys", data=json.dumps({"name": "test"}))
    created_api_key = json.loads(res.data)

    # List usage plans keys (expect empty)
    res = test_client.get("/usageplans/{0}/keys".format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(0)

    # Create usage plan key
    res = test_client.post(
        "/usageplans/{0}/keys".format(usage_plan_id),
        data=json.dumps({
            "keyId": created_api_key["id"],
            "keyType": "API_KEY"
        }),
    )
    created_usage_plan_key = json.loads(res.data)

    # List usage plans keys (expect 1 key)
    res = test_client.get("/usageplans/{0}/keys".format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(1)

    # Get single usage plan key
    res = test_client.get("/usageplans/{0}/keys/{1}".format(
        usage_plan_id, created_api_key["id"]))
    fetched_plan_key = json.loads(res.data)
    fetched_plan_key.should.equal(created_usage_plan_key)

    # Delete usage plan key
    res = test_client.delete("/usageplans/{0}/keys/{1}".format(
        usage_plan_id, created_api_key["id"]))
    res.data.should.equal(b"{}")

    # List usage plans keys (expect to be empty again)
    res = test_client.get("/usageplans/{0}/keys".format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(0)
Exemple #52
0
def test_create_db_instance():
    backend = server.create_backend_app("rds")
    test_client = backend.test_client()

    body = {
        "DBInstanceIdentifier": "hi",
        "DBInstanceClass": "db.m4.large",
        "Engine": "aurora",
        "StorageType": "standard",
        "Port": 3306,
    }
    res = test_client.post("/?Action=CreateDBInstance", data=json.dumps(body))

    response = res.data.decode("utf-8")
    response.shouldnt.contain("<DBClusterIdentifier>")

    # We do not pass these values - they should default to false
    response.should.contain("<MultiAZ>false</MultiAZ>")
    response.should.contain(
        "<IAMDatabaseAuthenticationEnabled>false</IAMDatabaseAuthenticationEnabled>"
    )
Exemple #53
0
def test_get_id():
    backend = server.create_backend_app("cognito-identity")
    test_client = backend.test_client()

    res = test_client.post(
        "/",
        data=json.dumps({
            "AccountId": "someaccount",
            "IdentityPoolId": "us-west-2:12345",
            "Logins": {
                "someurl": "12345"
            },
        }),
        headers={
            "X-Amz-Target":
            "com.amazonaws.cognito.identity.model.AWSCognitoIdentityService.GetId"
        },
    )

    json_data = json.loads(res.data.decode("utf-8"))
    assert ":" in json_data["IdentityId"]
Exemple #54
0
def test_create_and_describe_clusters(is_json):
    backend = server.create_backend_app("redshift")
    test_client = backend.test_client()
    cluster_names = ["examplecluster1", "examplecluster2"]

    for name in cluster_names:
        create_params = ("?Action=CreateCluster"
                         "&ClusterIdentifier=" + name +
                         "&MasterUsername=masteruser"
                         "&MasterUserPassword=12345678Aa"
                         "&NodeType=ds2.xlarge")
        if is_json:
            create_params += "&ContentType=JSON"
        test_client.post(create_params)

    describe_params = "/?Action=DescribeClusters"
    if is_json:
        describe_params += "&ContentType=JSON"
    res = test_client.get(describe_params)
    result = res.data.decode("utf-8")

    if is_json:
        result = json.loads(result)
    else:
        result = xmltodict.parse(result, dict_constructor=dict)

    del result["DescribeClustersResponse"]["ResponseMetadata"]
    result.should.have.key("DescribeClustersResponse")
    result["DescribeClustersResponse"].should.have.key(
        "DescribeClustersResult")
    result["DescribeClustersResponse"][
        "DescribeClustersResult"].should.have.key("Clusters")
    result = result["DescribeClustersResponse"]["DescribeClustersResult"][
        "Clusters"]
    if not is_json:
        result = result["item"]

    result.should.have.length_of(2)
    for cluster in result:
        cluster_names.should.contain(cluster["ClusterIdentifier"])
Exemple #55
0
def test_messages_polling():
    backend = server.create_backend_app("sqs")
    test_client = backend.test_client()
    messages = []

    test_client.put('/?Action=CreateQueue&QueueName=testqueue')

    def insert_messages():
        messages_count = 5
        while messages_count > 0:
            test_client.put(
                '/123/testqueue?MessageBody=test-message&Action=SendMessage'
                '&Attribute.1.Name=WaitTimeSeconds&Attribute.1.Value=10'
            )
            messages_count -= 1
            time.sleep(.5)

    def get_messages():
        count = 0
        while count < 5:
            msg_res = test_client.get(
                '/123/testqueue?Action=ReceiveMessage&MaxNumberOfMessages=1&WaitTimeSeconds=5'
            )
            new_msgs = re.findall("<Body>(.*?)</Body>",
                                  msg_res.data.decode('utf-8'))
            count += len(new_msgs)
            messages.append(new_msgs)

    get_messages_thread = threading.Thread(target=get_messages)
    insert_messages_thread = threading.Thread(target=insert_messages)

    get_messages_thread.start()
    insert_messages_thread.start()

    get_messages_thread.join()
    insert_messages_thread.join()

    # got each message in a separate call to ReceiveMessage, despite the long
    # WaitTimeSeconds
    assert len(messages) == 5
Exemple #56
0
def test_usage_plans_keys():
    backend = server.create_backend_app('apigateway')
    test_client = backend.test_client()
    usage_plan_id = 'test_plan_id'

    # Create API key to be used in tests
    res = test_client.post('/apikeys', data=json.dumps({'name': 'test'}))
    created_api_key = json.loads(res.data)

    # List usage plans keys (expect empty)
    res = test_client.get('/usageplans/{0}/keys'.format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(0)

    # Create usage plan key
    res = test_client.post('/usageplans/{0}/keys'.format(usage_plan_id),
                           data=json.dumps({
                               'keyId': created_api_key["id"],
                               'keyType': 'API_KEY'
                           }))
    created_usage_plan_key = json.loads(res.data)

    # List usage plans keys (expect 1 key)
    res = test_client.get('/usageplans/{0}/keys'.format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(1)

    # Get single usage plan key
    res = test_client.get('/usageplans/{0}/keys/{1}'.format(
        usage_plan_id, created_api_key["id"]))
    fetched_plan_key = json.loads(res.data)
    fetched_plan_key.should.equal(created_usage_plan_key)

    # Delete usage plan key
    res = test_client.delete('/usageplans/{0}/keys/{1}'.format(
        usage_plan_id, created_api_key["id"]))
    res.data.should.equal(b'{}')

    # List usage plans keys (expect to be empty again)
    res = test_client.get('/usageplans/{0}/keys'.format(usage_plan_id))
    json.loads(res.data)["item"].should.have.length_of(0)
Exemple #57
0
def test_describe_unknown_cluster_security_group(is_json):
    backend = server.create_backend_app("redshift")
    test_client = backend.test_client()

    describe_params = ("/?Action=DescribeClusterSecurityGroups"
                       "&ClusterSecurityGroupName=unknown")
    if is_json:
        describe_params += "&ContentType=JSON"
    res = test_client.get(describe_params)

    res.status_code.should.equal(400)

    if is_json:
        response = json.loads(res.data.decode("utf-8"))
    else:
        response = xmltodict.parse(
            res.data.decode("utf-8"),
            dict_constructor=dict)["RedshiftClientError"]
    error = response["Error"]

    error["Code"].should.equal("ClusterSecurityGroupNotFound")
    error["Message"].should.equal("Security group unknown not found.")
Exemple #58
0
def test_put_secret_value_versions_differ_if_same_secret_put_twice():
    backend = server.create_backend_app("secretsmanager")
    test_client = backend.test_client()

    test_client.post(
        "/",
        data={
            "Name": DEFAULT_SECRET_NAME,
            "SecretString": "foosecret"
        },
        headers={"X-Amz-Target": "secretsmanager.CreateSecret"},
    )
    put_first_secret_value_json = test_client.post(
        "/",
        data={
            "SecretId": DEFAULT_SECRET_NAME,
            "SecretString": "secret",
            "VersionStages": ["AWSCURRENT"],
        },
        headers={"X-Amz-Target": "secretsmanager.PutSecretValue"},
    )
    first_secret_json_data = json.loads(
        put_first_secret_value_json.data.decode("utf-8"))
    first_secret_version_id = first_secret_json_data["VersionId"]

    put_second_secret_value_json = test_client.post(
        "/",
        data={
            "SecretId": DEFAULT_SECRET_NAME,
            "SecretString": "secret",
            "VersionStages": ["AWSCURRENT"],
        },
        headers={"X-Amz-Target": "secretsmanager.PutSecretValue"},
    )
    second_secret_json_data = json.loads(
        put_second_secret_value_json.data.decode("utf-8"))
    second_secret_version_id = second_secret_json_data["VersionId"]

    assert first_secret_version_id != second_secret_version_id
Exemple #59
0
def test_list_recordset():
    backend = server.create_backend_app("route53")
    test_client = backend.test_client()

    # create hosted zone
    request_data = '<CreateHostedZoneRequest xmlns="https://route53.amazonaws.com/doc/2013-04-01/"><Name>example.com</Name><CallerReference>2014-04-01-18:47</CallerReference></CreateHostedZoneRequest>'
    res = test_client.post("2013-04-01/hostedzone", data=request_data)
    body = parse_xml(res.data)
    zone_id = body["CreateHostedZoneResponse"]["HostedZone"]["Id"].rsplit(
        "/")[-1]

    # change record set
    # Contains a special character
    request_data = '<ChangeResourceRecordSetsRequest xmlns="https://route53.amazonaws.com/doc/2013-04-01/"><ChangeBatch><Changes><Change><Action>CREATE</Action><ResourceRecordSet><Name>n.example.com</Name><Type>TXT</Type><SetIdentifier>string</SetIdentifier><Weight>1</Weight><Region>us-east-1</Region><ResourceRecords><ResourceRecord><Value>val&amp;sth</Value></ResourceRecord></ResourceRecords></ResourceRecordSet></Change></Changes></ChangeBatch></ChangeResourceRecordSetsRequest>'
    test_client.post(f"2013-04-01/hostedzone/{zone_id}/rrset/",
                     data=request_data)

    # list record set
    res = test_client.get(f"2013-04-01/hostedzone/{zone_id}/rrset")
    # Ampersand should be properly encoded
    res.data.decode("utf-8").should.contain(
        "<Value><![CDATA[val&sth]]></Value>")
Exemple #60
0
def test_ec2_get_unknown_vpc():
    """
    Ensure that this call returns the error format in the right format
    Terraform will throw errors when destroying a VPC otherwise
    :return:
    """
    backend = server.create_backend_app("ec2")
    test_client = backend.test_client()

    res = test_client.get(
        "/?Action=DescribeVpcs&VpcId.1=vpc-unknown",
        headers={"Host": "ec2.us-east-1.amazonaws.com"},
    )

    res.status_code.should.equal(400)
    body = xmltodict.parse(res.data.decode("utf-8"), dict_constructor=dict)
    body.should.have.key("Response")
    body["Response"].should.have.key("Errors")
    body["Response"]["Errors"].should.have.key("Error")
    error = body["Response"]["Errors"]["Error"]
    error["Code"].should.equal("InvalidVpcID.NotFound")
    error["Message"].should.equal("VpcID {'vpc-unknown'} does not exist.")