def test_delete_group(iam, group, user_roles):
role = iam.Role('test_user_alice')
aws.update_group_members(group.arn, set([role.name]))
assert len(list(role.attached_policies.all())) == 2
try:
aws.delete_group(group.arn)
except NotImplementedError as e:
if 'delete_policy' in str(e):
# moto 1.3.13 doesn't mock delete_policy yet
pass
# with pytest.raises(iam.meta.client.exceptions.NoSuchEntityException):
# iam.Policy(group_arn).load()
assert len(list(role.attached_policies.all())) == 1
def test_update_group_members(iam, group, users, user_roles, live, stored):
aws.update_group_members(group.arn, set(live))
assert_group_members(group, live)
aws.update_group_members(group.arn, set(stored))
assert_group_members(group, stored)
def update_members(self):
aws.update_group_members(
self.arn,
{user.iam_role_name
for user in self.policy.users.all()},
)