feature added: support for api RolePermissionsBoundary (#3329)

* feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary * minor test fix * lint fixed * refractored test case * Issue 3224 s3 copy glacier object (#3318) * 3224 Enhancement - S3 Copy restored glacier objects - adds setter for expiry date - copy sets expiry date to none when source is glacier object - throws error for copying glacier object only if not restored/still restoring * 3224 Enhancement - S3 Copy restored glacier objects - throws error for copying deep archive object only if not restored/still restoring * Fix:s3 List Object response:delimiter (#3254) * Fix:s3 List Object delimiter in response * fixed tests * fixed failed tests Co-authored-by: usmankb <usman@krazybee.com> * feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary * minor test fix * lint fixed * refractored test case * added test case for put role exception Co-authored-by: ruthbovell <63656505+ruthbovell@users.noreply.github.com> Co-authored-by: usmangani1 <sgosman_chem@yahoo.com> Co-authored-by: usmankb <usman@krazybee.com>
2020-09-22 17:13:59 +05:30 · 2020-09-22 17:13:59 +05:30 · 427a222aa0
commit 427a222aa0
parent 958e95cf5c
3 changed files with 49 additions and 3 deletions
--- a/tests/test_iam/test_iam.py
+++ b/tests/test_iam/test_iam.py
@ -869,9 +869,7 @@ def test_list_access_keys():
    conn = boto3.client("iam", region_name="us-east-1")
    conn.create_user(UserName="my-user")
    response = conn.list_access_keys(UserName="my-user")
-    assert_equals(
-        response["AccessKeyMetadata"], [],
-    )
+    assert_equals(response["AccessKeyMetadata"], [])
    access_key = conn.create_access_key(UserName="my-user")["AccessKey"]
    response = conn.list_access_keys(UserName="my-user")
    assert_equals(
@ -2377,7 +2375,19 @@ def test_create_role_with_permissions_boundary():
    resp.get("Role").get("PermissionsBoundary").should.equal(expected)
    resp.get("Role").get("Description").should.equal("test")

+    conn.delete_role_permissions_boundary(RoleName="my-role")
+    conn.list_roles().get("Roles")[0].should_not.have.key("PermissionsBoundary")
+
+    conn.put_role_permissions_boundary(RoleName="my-role", PermissionsBoundary=boundary)
+    resp.get("Role").get("PermissionsBoundary").should.equal(expected)
+
    invalid_boundary_arn = "arn:aws:iam::123456789:not_a_boundary"
+
+    with assert_raises(ClientError):
+        conn.put_role_permissions_boundary(
+            RoleName="my-role", PermissionsBoundary=invalid_boundary_arn
+        )
+
    with assert_raises(ClientError):
        conn.create_role(
            RoleName="bad-boundary",