def test_create(certificates):
name = 'test-%s.binx.io' % uuid.uuid4()
alt_name = 'test-%s.binx.io' % uuid.uuid4()
request = Request('Create', name)
request['ResourceProperties']['SubjectAlternativeNames'] = [ alt_name]
response = handler(request, ())
assert response['Status'] == 'SUCCESS', response['Reason']
physical_resource_id = response['PhysicalResourceId']
certificates.append(physical_resource_id)
request['RequestType'] = 'Update'
request['PhysicalResourceId'] = physical_resource_id
response = handler(request, ())
assert response['Status'] == 'SUCCESS', response['Reason']
assert response['Reason'] == 'nothing to change'
request['OldResourceProperties'] = request['ResourceProperties'].copy()
request['ResourceProperties']['SubjectAlternativeNames'] = ['new-' + alt_name]
response = handler(request, ())
assert response['Status'] == 'FAILED', response['Reason']
assert response['Reason'].startswith('You can only change the "Options" of a certificate,'), response['Reason']
request['ResourceProperties']['SubjectAlternativeNames'] = [alt_name]
request['ResourceProperties']['Options'] = {'CertificateTransparencyLoggingPreference': 'DISABLED'}
response = handler(request, ())
assert response['Status'] == 'FAILED', response['Reason']
assert response['Reason'].startswith('An error occurred (InvalidStateException) when calling the UpdateCertificateOptions operation')
request['RequestType'] = 'Delete'
response = handler(request, ())
assert response['Status'] == 'SUCCESS', response['Reason']
def handler(request, context):
if request['ResourceType'] == 'Custom::Certificate':
return certificate_provider.handler(request, context)
elif request['ResourceType'] == 'Custom::IssuedCertificate':
return issued_certificate_provider.handler(request, context)
else:
return certificate_dns_record_provider.handler(request, context)
def test_create_wildcard(certificates):
name = "test-%s.mark.binx.dev" % uuid.uuid4()
request = Request("Create", f'*.{name}')
request["ResourceProperties"]["DomainValidationOptions"] = [
{ 'DomainName': f'*.{name}', 'ValidationDomain': name }
]
response = handler(request, ())
assert response["Status"] == "SUCCESS", response["Reason"]
physical_resource_id = response["PhysicalResourceId"]
certificates.append(physical_resource_id)
def test_create(certificates):
name = "test-%s.binx.io" % uuid.uuid4()
new_name = "test-new-%s.binx.io" % uuid.uuid4()
alt_name = "test-%s.binx.io" % uuid.uuid4()
request = Request("Create", name)
request["ResourceProperties"]["SubjectAlternativeNames"] = [alt_name]
response = handler(request, ())
assert response["Status"] == "SUCCESS", response["Reason"]
physical_resource_id = response["PhysicalResourceId"]
certificates.append(physical_resource_id)
request["RequestType"] = "Update"
request["PhysicalResourceId"] = physical_resource_id
response = handler(request, ())
assert response["Status"] == "SUCCESS", response["Reason"]
assert response["Reason"] == "nothing to change"
assert physical_resource_id == response["PhysicalResourceId"]
request["OldResourceProperties"] = request["ResourceProperties"].copy()
request["ResourceProperties"]["DomainName"] = new_name
response = handler(request, ())
assert response["Status"] == "SUCCESS", response["Reason"]
assert physical_resource_id != response["PhysicalResourceId"]
request["OldResourceProperties"] = request["ResourceProperties"].copy()
request["ResourceProperties"]["SubjectAlternativeNames"] = [
"new-" + alt_name
]
response = handler(request, ())
assert response["Status"] == "FAILED", response["Reason"]
assert response["Reason"].startswith(
'You can only change the "Options" and "DomainName" of a certificate,'
), response["Reason"]
request["ResourceProperties"]["SubjectAlternativeNames"] = [alt_name]
request["ResourceProperties"]["Options"] = {
"CertificateTransparencyLoggingPreference": "DISABLED"
}
response = handler(request, ())
assert response["Status"] == "FAILED", response["Reason"]
assert response["Reason"].startswith(
"An error occurred (InvalidStateException) when calling the UpdateCertificateOptions operation"
)
request["RequestType"] = "Delete"
response = handler(request, ())
assert response["Status"] == "SUCCESS", response["Reason"]
try:
acm.delete_certificate(CertificateArn=physical_resource_id)
assert False, "Delete operation failed for {}".format(
physical_resource_id)
except acm.exceptions.ResourceNotFoundException:
pass