Various changes to organizations endpoint (#3175)

* Raise DuplicatePolicyException when a policy with the same name exists

* Implement update_policy

* Implement delete_policy

moto/organizations/exceptions.py

@@ -17,3 +17,12 @@ class DuplicateOrganizationalUnitException(JsonRESTError):
             "DuplicateOrganizationalUnitException",
             "An OU with the same name already exists.",
         )
+
+
+class DuplicatePolicyException(JsonRESTError):
+    code = 400
+
+    def __init__(self):
+        super(DuplicatePolicyException, self).__init__(
+            "DuplicatePolicyException", "A policy with the same name already exists."
+        )

moto/organizations/models.py

@@ -11,6 +11,7 @@ from moto.organizations import utils
 from moto.organizations.exceptions import (
     InvalidInputException,
     DuplicateOrganizationalUnitException,
+    DuplicatePolicyException,
 )
 
 
@@ -409,6 +410,9 @@ class OrganizationsBackend(BaseBackend):
 
     def create_policy(self, **kwargs):
         new_policy = FakeServiceControlPolicy(self.org, **kwargs)
+        for policy in self.policies:
+            if kwargs["Name"] == policy.name:
+                raise DuplicatePolicyException
         self.policies.append(new_policy)
         return new_policy.describe()
 
@@ -426,8 +430,26 @@ class OrganizationsBackend(BaseBackend):
             raise RESTError("InvalidInputException", "You specified an invalid value.")
         return policy.describe()
 
+    def get_policy_by_id(self, policy_id):
+        policy = next(
+            (policy for policy in self.policies if policy.id == policy_id), None
+        )
+        if policy is None:
+            raise RESTError(
+                "PolicyNotFoundException",
+                "We can't find a policy with the PolicyId that you specified.",
+            )
+        return policy
+
+    def update_policy(self, **kwargs):
+        policy = self.get_policy_by_id(kwargs["PolicyId"])
+        policy.name = kwargs.get("Name", policy.name)
+        policy.description = kwargs.get("Description", policy.description)
+        policy.content = kwargs.get("Content", policy.content)
+        return policy.describe()
+
     def attach_policy(self, **kwargs):
-        policy = next((p for p in self.policies if p.id == kwargs["PolicyId"]), None)
+        policy = self.get_policy_by_id(kwargs["PolicyId"])
         if re.compile(utils.ROOT_ID_REGEX).match(kwargs["TargetId"]) or re.compile(
             utils.OU_ID_REGEX
         ).match(kwargs["TargetId"]):
@@ -462,6 +484,21 @@ class OrganizationsBackend(BaseBackend):
             Policies=[p.describe()["Policy"]["PolicySummary"] for p in self.policies]
         )
 
+    def delete_policy(self, **kwargs):
+        for idx, policy in enumerate(self.policies):
+            if policy.id == kwargs["PolicyId"]:
+                if self.list_targets_for_policy(PolicyId=policy.id)["Targets"]:
+                    raise RESTError(
+                        "PolicyInUseException",
+                        "The policy is attached to one or more entities. You must detach it from all roots, OUs, and accounts before performing this operation.",
+                    )
+                del self.policies[idx]
+                return
+        raise RESTError(
+            "PolicyNotFoundException",
+            "We can't find a policy with the PolicyId that you specified.",
+        )
+
     def list_policies_for_target(self, **kwargs):
         if re.compile(utils.OU_ID_REGEX).match(kwargs["TargetId"]):
             obj = next((ou for ou in self.ou if ou.id == kwargs["TargetId"]), None)

moto/organizations/responses.py

@@ -105,6 +105,11 @@ class OrganizationsResponse(BaseResponse):
             self.organizations_backend.describe_policy(**self.request_params)
         )
 
+    def update_policy(self):
+        return json.dumps(
+            self.organizations_backend.update_policy(**self.request_params)
+        )
+
     def attach_policy(self):
         return json.dumps(
             self.organizations_backend.attach_policy(**self.request_params)
@@ -115,6 +120,10 @@ class OrganizationsResponse(BaseResponse):
             self.organizations_backend.list_policies(**self.request_params)
         )
 
+    def delete_policy(self):
+        self.organizations_backend.delete_policy(**self.request_params)
+        return json.dumps({})
+
     def list_policies_for_target(self):
         return json.dumps(
             self.organizations_backend.list_policies_for_target(**self.request_params)