-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request ... iam, sts #25
Comments
That would be incredible! Hitting a dead end with localstack alone because everything seems to happen in one virtual account. But pytest_localstack very nicely simulates multiple accounts, per your s3_sync example. However 99% of our app's calls are to IAM, and they don't seem to be hitting a real endpoint in the container (unlike, say, S3 tests which seem to work fine). This result is what leads me to think iam might be present in the two lists but not implemented:
There's some muttering about region not being defined too, but that seems to have an intelligent default. The test code is pretty basic, but I'm new to this and one never knows ...
|
I've made a new release with IAM, STS, and others. A slightly modified version of your test is working for me: import json
import pytest_localstack
localstack_identity = pytest_localstack.session_fixture(services=["iam"])
localstack_target_1 = pytest_localstack.session_fixture(services=["iam"])
def test_user_create2(localstack_identity, localstack_target_1):
id_client = localstack_identity.boto3.client("iam")
target_client = localstack_target_1.boto3.client("iam")
arp_template = {
"Version": "2012-10-17",
"Statement": [
{"Effect": "Allow", "Principal": {"AWS": []}, "Action": "sts:AssumeRole"}
],
}
arps = json.dumps(arp_template)
id_client.create_role(RoleName="role1", AssumeRolePolicyDocument=arps)
response = id_client.list_roles()
assert "Roles" in response
assert len(response["Roles"]) == 1
assert response["Roles"][0]["RoleName"] == "role1"
target_client.create_role(RoleName="role2", AssumeRolePolicyDocument=arps)
response = target_client.list_roles()
assert "Roles" in response
assert len(response["Roles"]) == 1
assert response["Roles"][0]["RoleName"] == "role2" Good luck with your testing! |
Many, many thanks! Looks really good, and will make a lot of difference in our project. So far, so good! |
Looks like exactly what I need for a multiaccount configuration service ... especially because of the session scope that lets me test across accounts. But need iam and sts mocking, which localstack covers. Any guidance on either ETA or what it takes to add another service/endpoint to pytest-localstack?
The text was updated successfully, but these errors were encountered: