Merge pull request #362 from TRYTOBE8TME/wip-sts-issue-fix

STS issue fix (https://tracker.ceph.com/issues/47588)
This commit is contained in:
Casey Bodley 2020-10-05 17:19:09 -04:00 committed by GitHub
commit 0b2d7f729d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -86,7 +86,7 @@ def test_get_session_token():
user_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":[\"*\"],\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}},{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}}]}" user_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":[\"*\"],\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}},{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}}]}"
(resp_err,resp)=put_user_policy(iam_client,sts_user_id,None,user_policy) (resp_err,resp)=put_user_policy(iam_client,sts_user_id,None,user_policy)
eq(resp['ResponseMetadata']['HTTPStatusCode'],200) eq(resp['ResponseMetadata']['HTTPStatusCode'],200)
response=sts_client.get_session_token(DurationSeconds=43200) response=sts_client.get_session_token()
eq(response['ResponseMetadata']['HTTPStatusCode'],200) eq(response['ResponseMetadata']['HTTPStatusCode'],200)
s3_client=boto3.client('s3', s3_client=boto3.client('s3',
aws_access_key_id = response['Credentials']['AccessKeyId'], aws_access_key_id = response['Credentials']['AccessKeyId'],
@ -116,7 +116,7 @@ def test_get_session_token_permanent_creds_denied():
user_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":[\"*\"],\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}},{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}}]}" user_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Deny\",\"Action\":\"s3:*\",\"Resource\":[\"*\"],\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}},{\"Effect\":\"Allow\",\"Action\":\"sts:GetSessionToken\",\"Resource\":\"*\",\"Condition\":{\"BoolIfExists\":{\"sts:authentication\":\"false\"}}}]}"
(resp_err,resp)=put_user_policy(iam_client,sts_user_id,None,user_policy) (resp_err,resp)=put_user_policy(iam_client,sts_user_id,None,user_policy)
eq(resp['ResponseMetadata']['HTTPStatusCode'],200) eq(resp['ResponseMetadata']['HTTPStatusCode'],200)
response=sts_client.get_session_token(DurationSeconds=43200) response=sts_client.get_session_token()
eq(response['ResponseMetadata']['HTTPStatusCode'],200) eq(response['ResponseMetadata']['HTTPStatusCode'],200)
s3_client=boto3.client('s3', s3_client=boto3.client('s3',
aws_access_key_id = s3_main_access_key, aws_access_key_id = s3_main_access_key,