def test_init_must_raise_on_invalid_template(self,
is_valid_templates_dict_mock):
policy_templates_dict = {"Templates": {}}
is_valid_templates_dict_mock.side_effect = ValueError()
with self.assertRaises(ValueError):
PolicyTemplatesProcessor(policy_templates_dict)
def test_init_must_validate_against_default_schema(self, is_valid_templates_dict_mock):
policy_templates_dict = {
"Templates": {}
}
is_valid_templates_dict_mock.return_value = True
PolicyTemplatesProcessor(policy_templates_dict)
is_valid_templates_dict_mock.assert_called_once_with(policy_templates_dict, None)
def test_convert_must_raise_if_template_name_not_found(
self, template_from_dict_mock, is_valid_templates_dict):
policy_templates_dict = {"Templates": {"key1": "value1"}}
parameter_values = {"a": "b"}
processor = PolicyTemplatesProcessor(policy_templates_dict)
with self.assertRaises(TemplateNotFoundException):
processor.convert("key2", parameter_values)
def make_policy_template_for_function_plugin():
"""
Constructs an instance of policy templates processing plugin using default policy templates JSON data
:return plugins.policies.policy_templates_plugin.PolicyTemplatesForFunctionPlugin: Instance of the plugin
"""
policy_templates = PolicyTemplatesProcessor.get_default_policy_templates_json()
processor = PolicyTemplatesProcessor(policy_templates)
return PolicyTemplatesForFunctionPlugin(processor)
def test_init_must_validate_against_input_schema(self, is_valid_templates_dict_mock):
policy_templates_dict = {
"Templates": {}
}
schema = "something"
is_valid_templates_dict_mock.return_value = True
PolicyTemplatesProcessor(policy_templates_dict, schema)
is_valid_templates_dict_mock.assert_called_once_with(policy_templates_dict, schema)
def test_get_method_must_return_none_for_unknown_template_names(
self, template_from_dict_mock, is_valid_templates_dict):
policy_templates_dict = {"Templates": {"key1": "value1"}}
template_obj = "some value"
template_from_dict_mock.return_value = template_obj
processor = PolicyTemplatesProcessor(policy_templates_dict)
self.assertEquals(processor.get("key2"), None)
def test_has_method_must_work_for_not_known_template_names(self, template_from_dict_mock, is_valid_templates_dict):
policy_templates_dict = {
"Templates": {
"key1": "value1",
"key2": "value2"
}
}
processor = PolicyTemplatesProcessor(policy_templates_dict)
self.assertFalse(processor.has("someotherkey"))
def test_convert_must_bubble_exceptions(self, template_from_dict_mock,
is_valid_templates_dict):
policy_templates_dict = {"Templates": {"key1": "value1"}}
parameter_values = {"a": "b"}
template_obj_mock = Mock()
template_from_dict_mock.return_value = template_obj_mock
template_obj_mock.to_statement.side_effect = TypeError
processor = PolicyTemplatesProcessor(policy_templates_dict)
with self.assertRaises(TypeError):
processor.convert("key1", parameter_values)
def test_convert_must_work_for_known_template_names(
self, template_from_dict_mock, is_valid_templates_dict):
policy_templates_dict = {"Templates": {"key1": "value1"}}
parameter_values = {"a": "b"}
template_obj_mock = Mock()
template_from_dict_mock.return_value = template_obj_mock
expected = {"stmt": "result"}
template_obj_mock.to_statement.return_value = expected
processor = PolicyTemplatesProcessor(policy_templates_dict)
result = processor.convert("key1", parameter_values)
self.assertEquals(result, expected)
template_obj_mock.to_statement.assert_called_once_with(
parameter_values)
def test_init_must_convert_template_value_dict_to_object(self, template_from_dict_mock, is_valid_templates_dict_mock):
policy_templates_dict = {
"Templates": {
"key1": "value1",
"key2": "value2"
}
}
is_valid_templates_dict_mock.return_value = True
template_from_dict_mock.return_value = "Something"
processor = PolicyTemplatesProcessor(policy_templates_dict)
self.assertEquals(2, len(processor.policy_templates))
self.assertEquals(set(["key1", "key2"]), set(processor.policy_templates.keys()))
# Template.from_dict must be called only once for each template entry
self.assertEquals(2, template_from_dict_mock.call_count)
template_from_dict_mock.assert_any_call("key1", "value1")
template_from_dict_mock.assert_any_call("key2", "value2")
"""Shim for calling SAM translator"""
#pylint: disable = line-too-long,import-error
import argparse
from ast import literal_eval
from typing import Dict
import sys
import yaml
from samtranslator.policy_template_processor.processor import PolicyTemplatesProcessor
import samtranslator.policy_template_processor.exceptions as translator_errors
# This is the set of policy templates that Amazon provides for serverless apps:
# https://github.com/aws/serverless-application-model/blob/develop/samtranslator/policy_templates_data/policy_templates.json
# Lucky for us, the class has a utility method to load and validate the JSON document.
aws_templates = PolicyTemplatesProcessor.get_default_policy_templates_json()
ptp = PolicyTemplatesProcessor(aws_templates)
def get_policy(policy_name : str, parameters: Dict[str, any]) -> Dict[str, any]:
"""
Get a completed IAM policy statement from the named policy ready for inclusion in a CloudFormation template.
Args:
policy_name (str): The SAM policy template name
parameters (Dict[str, any]): The policy arguments
Returns:
Dict[str, any]: An IAM policy statement.
Raises:
InsufficientParameterValues: If the parameter values do not have values for all required parameters
TemplateNotFoundException: If the policy_name is not present in the set of SAM policy templates