def test_default_roles_not_exist(self, get_rp_patch, role_exists_patch,
instance_profile_exists_patch,
construct_result_patch):
get_rp_patch.return_value = False
instance_profile_exists_patch.return_value = False
role_exists_patch.return_value = False
construct_result_patch.return_value = []
self.run_cmd(self.prefix, expected_rc=0)
self.assertEqual(len(self.operations_called), 6)
self.assertEqual(self.operations_called[0][0].name, 'CreateRole')
self.assertEqual(self.operations_called[0][1]['RoleName'],
DATAPIPELINE_DEFAULT_SERVICE_ROLE_NAME)
self.assertEqual(
self.operations_called[0][1]['AssumeRolePolicyDocument'],
dict_to_string(DATAPIPELINE_DEFAULT_SERVICE_ROLE_ASSUME_POLICY))
self.assertEqual(self.operations_called[1][0].name, 'AttachRolePolicy')
self.assertEqual(
self.operations_called[1][1]['PolicyArn'],
(createdefaultroles.DATAPIPELINE_DEFAULT_SERVICE_ROLE_ARN))
self.assertEqual(self.operations_called[1][1]['RoleName'],
DATAPIPELINE_DEFAULT_SERVICE_ROLE_NAME)
self.assertEqual(self.operations_called[2][0].name, 'CreateRole')
self.assertEqual(self.operations_called[2][1]['RoleName'],
DATAPIPELINE_DEFAULT_RESOURCE_ROLE_NAME)
self.assertEqual(
self.operations_called[2][1]['AssumeRolePolicyDocument'],
dict_to_string(DATAPIPELINE_DEFAULT_RESOURCE_ROLE_ASSUME_POLICY))
self.assertEqual(self.operations_called[3][0].name, 'AttachRolePolicy')
self.assertEqual(
self.operations_called[3][1]['PolicyArn'],
(createdefaultroles.DATAPIPELINE_DEFAULT_RESOURCE_ROLE_ARN))
self.assertEqual(self.operations_called[3][1]['RoleName'],
DATAPIPELINE_DEFAULT_RESOURCE_ROLE_NAME)
self.assertEqual(self.operations_called[4][0].name,
'CreateInstanceProfile')
self.assertEqual(self.operations_called[4][1]['InstanceProfileName'],
DATAPIPELINE_DEFAULT_RESOURCE_ROLE_NAME)
self.assertEqual(self.operations_called[5][0].name,
'AddRoleToInstanceProfile')
self.assertEqual(self.operations_called[5][1]['InstanceProfileName'],
DATAPIPELINE_DEFAULT_RESOURCE_ROLE_NAME)
self.assertEqual(self.operations_called[5][1]['RoleName'],
DATAPIPELINE_DEFAULT_RESOURCE_ROLE_NAME)
def _create_role_with_role_policy(
self, role_name, assume_role_policy, role_arn):
"""Method to create role with a given rolename, assume_role_policy
and role_arn
"""
# Create a role using IAM client CreateRole API
create_role_response = self._iam_client.create_role(
RoleName=role_name, AssumeRolePolicyDocument=dict_to_string(
assume_role_policy))
# Create a role using IAM client AttachRolePolicy API
self._iam_client.attach_role_policy(PolicyArn=role_arn,
RoleName=role_name)
return create_role_response
def _create_role_with_role_policy(self, role_name, assume_role_policy,
role_arn):
"""Method to create role with a given rolename, assume_role_policy
and role_arn
"""
# Create a role using IAM client CreateRole API
create_role_response = self._iam_client.create_role(
RoleName=role_name,
AssumeRolePolicyDocument=dict_to_string(assume_role_policy))
# Create a role using IAM client AttachRolePolicy API
self._iam_client.attach_role_policy(PolicyArn=role_arn,
RoleName=role_name)
return create_role_response