TrueCloudLab/s3-tests
7
0
Fork 1
mirror of https://github.com/ceph/s3-tests.git synced 2024-11-21 11:51:06 +00:00
Code Issues 1 Projects Releases Packages Wiki Activity

BlockPublicPolicy: add test when policy has principal

Browse source 
Ref. https://tracker.ceph.com/issues/67048

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
This commit is contained in:
Seena Fallah 2024-07-19 20:51:10 +02:00
parent 93a3b6c704
commit a83396cda7
1 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
s3tests_boto3/functional/test_s3.py
View file

@ -12984,6 +12984,23 @@ def test_block_public_policy():
check_access_denied(client.put_bucket_policy, Bucket=bucket_name, Policy=policy_document) check_access_denied(client.put_bucket_policy, Bucket=bucket_name, Policy=policy_document)
def test_block_public_policy_with_principal():
bucket_name = get_new_bucket()
client = get_client()
access_conf = {'BlockPublicAcls': False,
'IgnorePublicAcls': False,
'BlockPublicPolicy': True,
'RestrictPublicBuckets': False}
client.put_public_access_block(Bucket=bucket_name, PublicAccessBlockConfiguration=access_conf)
resource = _make_arn_resource("{}/{}".format(bucket_name, "*"))
policy_document = make_json_policy("s3:GetObject",
resource, principal={"AWS": "arn:aws:iam::s3tenant1:root"})
client.put_bucket_policy(Bucket=bucket_name, Policy=policy_document)
def test_ignore_public_acls(): def test_ignore_public_acls():
bucket_name = get_new_bucket() bucket_name = get_new_bucket()
client = get_client() client = get_client()