Add iam.get_account_password_policy

2019-10-28 23:50:17 +01:00 · 2019-10-28 23:50:17 +01:00 · 65fa8f1a1b
commit 65fa8f1a1b
parent 06581391bd
5 changed files with 108 additions and 7 deletions
--- a/tests/test_iam/test_iam.py
+++ b/tests/test_iam/test_iam.py
@ -2200,17 +2200,29 @@ def test_list_open_id_connect_providers():
@mock_iam
 def test_update_account_password_policy():
    client = boto3.client('iam', region_name='us-east-1')
+
    client.update_account_password_policy()

+    response = client.get_account_password_policy()
+    response['PasswordPolicy'].should.equal({
+        'AllowUsersToChangePassword': False,
+        'ExpirePasswords': False,
+        'MinimumPasswordLength': 6,
+        'RequireLowercaseCharacters': False,
+        'RequireNumbers': False,
+        'RequireSymbols': False,
+        'RequireUppercaseCharacters': False
+    })
+

@mock_iam
 def test_update_account_password_policy_errors():
    client = boto3.client('iam', region_name='us-east-1')

    client.update_account_password_policy.when.called_with(
-        MaxPasswordAge = 1096,
-        MinimumPasswordLength = 129,
-        PasswordReusePrevention = 25
+        MaxPasswordAge=1096,
+        MinimumPasswordLength=129,
+        PasswordReusePrevention=25
    ).should.throw(
        ClientError,
        '3 validation errors detected: '
@ -2221,3 +2233,44 @@ def test_update_account_password_policy_errors():
        'Value "1096" at "maxPasswordAge" failed to satisfy constraint: '
        'Member must have value less than or equal to 1095'
    )
+
+
+@mock_iam
+def test_get_account_password_policy():
+    client = boto3.client('iam', region_name='us-east-1')
+    client.update_account_password_policy(
+        AllowUsersToChangePassword=True,
+        HardExpiry=True,
+        MaxPasswordAge=60,
+        MinimumPasswordLength=10,
+        PasswordReusePrevention=3,
+        RequireLowercaseCharacters=True,
+        RequireNumbers=True,
+        RequireSymbols=True,
+        RequireUppercaseCharacters=True
+    )
+
+    response = client.get_account_password_policy()
+    
+    response['PasswordPolicy'].should.equal({
+        'AllowUsersToChangePassword': True,
+        'ExpirePasswords': True,
+        'HardExpiry': True,
+        'MaxPasswordAge': 60,
+        'MinimumPasswordLength': 10,
+        'PasswordReusePrevention': 3,
+        'RequireLowercaseCharacters': True,
+        'RequireNumbers': True,
+        'RequireSymbols': True,
+        'RequireUppercaseCharacters': True
+    })
+
+
+@mock_iam
+def test_get_account_password_policy_errors():
+    client = boto3.client('iam', region_name='us-east-1')
+
+    client.get_account_password_policy.when.called_with().should.throw(
+        ClientError,
+        'The Password Policy with domain name 123456789012 cannot be found.'
+    )