Skip to content

Commit

Permalink
PR changes
Browse files Browse the repository at this point in the history
  • Loading branch information
Sofia Sazonova committed Sep 30, 2024
1 parent 18ab1e0 commit f4aec98
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 9 deletions.
8 changes: 7 additions & 1 deletion backend/dataall/core/environment/cdk/environment_stack.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -657,7 +657,13 @@ def create_integration_tests_role(self):

self.test_role.add_to_policy(
iam.PolicyStatement(
actions=['iam:GetRole', 'iam:CreateRole', 'iam:DeleteRole', 'iam:PutRolePolicy'],
actions=[
'iam:GetRole',
'iam:CreateRole',
'iam:DeleteRole',
'iam:PutRolePolicy',
'iam:DeleteRolePolicy',
],
effect=iam.Effect.ALLOW,
resources=[f'arn:aws:iam::{self.account}:role/dataall-test-*'],
),
Expand Down
17 changes: 10 additions & 7 deletions tests_new/integration_tests/aws_clients/iam.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@


class IAMClient:
CONSUMPTION_POLICY_NAME = 'ConsumptionPolicy'

def __init__(self, session=boto3.Session(), region=os.environ.get('AWS_REGION', 'us-east-1')):
self._client = session.client('iam', region_name=region)
self._resource = session.resource('iam', region_name=region)
Expand Down Expand Up @@ -56,23 +58,24 @@ def create_role(self, account_id, role_name, test_role_name):
log.error(e)
raise e

def create_role_if_not_exists(self, account_id, role_name, test_role_name):
role = self.get_role(role_name)
if role is None:
role = self.create_role(account_id, role_name, test_role_name)
return role

def get_consumption_role(self, account_id, role_name, test_role_name):
role = self.get_role(role_name)
if role is None:
role = self.create_role(account_id, role_name, test_role_name)
self.put_consumption_role_policy(role_name)
return role

def delete_policy(self, role_name, policy_name):
self._client.delete_role_policy(RoleName=role_name, PolicyName=policy_name)

def delete_consumption_role(self, role_name):
self.delete_policy(role_name, self.CONSUMPTION_POLICY_NAME)
self.delete_role(role_name)

def put_consumption_role_policy(self, role_name):
self._client.put_role_policy(
RoleName=role_name,
PolicyName='ConsumptionPolicy',
PolicyName=self.CONSUMPTION_POLICY_NAME,
PolicyDocument="""{
"Version": "2012-10-17",
"Statement": [
Expand Down
2 changes: 1 addition & 1 deletion tests_new/integration_tests/modules/share_base/conftest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ def consumption_role_1(client5, group5, session_cross_acc_env_1, session_cross_a
)
yield consumption_role
remove_consumption_role(client5, session_cross_acc_env_1.environmentUri, consumption_role.consumptionRoleUri)
iam_client.delete_role(role['Role']['RoleName'])
iam_client.delete_consumption_role(role['Role']['RoleName'])


@pytest.fixture(scope='session')
Expand Down

0 comments on commit f4aec98

Please sign in to comment.