def test_canonical_user(): identity = f"{uuid.uuid4()}.internal" request = Request( "Create", identity, {"CanonicalUser": "******"} ) provider.set_request(request, {}) assert provider.is_valid_request(), provider.reason
def test_list_of_federated(): identity = f"{uuid.uuid4()}.internal" request = Request( "Create", identity, {"Federated": ["ecs.amazonaws.com", "eks.amazonaws.com"]} ) provider.set_request(request, {}) assert provider.is_valid_request(), provider.reason
def test_invalid_principal(): identity = f"{uuid.uuid4()}.internal" request = Request( "Create", identity, {"FederatedUser": ["ecs.amazonaws.com", "eks.amazonaws.com"]}, ) provider.set_request(request, {}) assert not provider.is_valid_request(), provider.reason
def test_list_of_aws_root(): identity = f"{uuid.uuid4()}.internal" request = Request( "Create", identity, {"AWS": ["arn:aws:iam::111111111111:root", "arn:aws:iam::222222222222:root"]}, ) provider.set_request(request, {}) assert provider.is_valid_request(), provider.reason
def test_wildcard(): identity = f"{uuid.uuid4()}.internal" provider.set_request(Request("Create", identity, "*"), {}) assert provider.is_valid_request(), provider.reason
def test_services(): identity = f"{uuid.uuid4()}.internal" request = Request("Create", identity, {"Service": "ecs.amazonaws.com"}) provider.set_request(request, {}) assert provider.is_valid_request(), provider.reason
def test_simple_root(): identity = f"{uuid.uuid4()}.internal" request = Request("Create", identity, {"AWS": "arn:aws:iam::111111111111:root"}) provider.set_request(request, {}) assert provider.is_valid_request(), provider.reason