Skip to content

Commit

Permalink
Added unit test for service role that exists (#704)
Browse files Browse the repository at this point in the history
  • Loading branch information
@alecrajeev @phobologic
alecrajeev authored and phobologic committed Feb 19, 2019
1 parent 4058c22 commit d20a9df
Showing 1 changed file with 30 additions and 2 deletions.
32 changes: 30 additions & 2 deletions stacker/tests/hooks/test_iam.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@
_get_cert_arn_from_response,
)

from awacs.helpers.trust import get_ecs_assumerole_policy

from ..factories import (
mock_context,
mock_provider,
Expand All @@ -22,8 +24,8 @@
REGION = "us-east-1"

# No test for stacker.hooks.iam.ensure_server_cert_exists until
# this PR is accepted in moto:
# https://github.com/spulec/moto/pull/679
# updated version of moto is imported
# (https://github.com/spulec/moto/pull/679) merged


class TestIAMHooks(unittest.TestCase):
Expand Down Expand Up @@ -71,3 +73,29 @@ def test_create_service_role(self):
RoleName=role_name,
PolicyName=policy_name
)

def test_create_service_role_already_exists(self):
role_name = "ecsServiceRole"
policy_name = "AmazonEC2ContainerServiceRolePolicy"
with mock_iam():
client = boto3.client("iam", region_name=REGION)
client.create_role(
RoleName=role_name,
AssumeRolePolicyDocument=get_ecs_assumerole_policy().to_json()
)

self.assertTrue(
create_ecs_service_role(
context=self.context,
provider=self.provider,
)
)

role = client.get_role(RoleName=role_name)

self.assertIn("Role", role)
self.assertEqual(role_name, role["Role"]["RoleName"])
client.get_role_policy(
RoleName=role_name,
PolicyName=policy_name
)

0 comments on commit d20a9df

Please sign in to comment.