(t *testing.T)
| 206 | } |
| 207 | |
| 208 | func TestS3IAMListPoliciesAndGetPolicy(t *testing.T) { |
| 209 | if testing.Short() { |
| 210 | t.Skip("Skipping integration test in short mode") |
| 211 | } |
| 212 | |
| 213 | cluster, err := startMiniCluster(t) |
| 214 | require.NoError(t, err) |
| 215 | defer cluster.Stop() |
| 216 | |
| 217 | time.Sleep(500 * time.Millisecond) |
| 218 | |
| 219 | policyName := uniqueName("managed-policy") |
| 220 | policyArn := fmt.Sprintf("arn:aws:iam:::policy/%s", policyName) |
| 221 | policyContent := `{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":"s3:ListAllMyBuckets","Resource":"*"}]}` |
| 222 | |
| 223 | iamClient := newIAMClient(t, cluster.s3Endpoint) |
| 224 | _, err = iamClient.CreatePolicy(&iam.CreatePolicyInput{ |
| 225 | PolicyName: aws.String(policyName), |
| 226 | PolicyDocument: aws.String(policyContent), |
| 227 | }) |
| 228 | require.NoError(t, err) |
| 229 | |
| 230 | listOut, err := iamClient.ListPolicies(&iam.ListPoliciesInput{}) |
| 231 | require.NoError(t, err) |
| 232 | require.True(t, managedPolicyContains(listOut.Policies, policyName)) |
| 233 | |
| 234 | getOut, err := iamClient.GetPolicy(&iam.GetPolicyInput{PolicyArn: aws.String(policyArn)}) |
| 235 | require.NoError(t, err) |
| 236 | require.NotNil(t, getOut.Policy) |
| 237 | require.NotNil(t, getOut.Policy.PolicyName) |
| 238 | require.Equal(t, policyName, *getOut.Policy.PolicyName) |
| 239 | |
| 240 | missingArn := fmt.Sprintf("arn:aws:iam:::policy/%s", uniqueName("missing")) |
| 241 | _, err = iamClient.GetPolicy(&iam.GetPolicyInput{PolicyArn: aws.String(missingArn)}) |
| 242 | require.Error(t, err) |
| 243 | var awsErr awserr.Error |
| 244 | require.True(t, errors.As(err, &awsErr)) |
| 245 | require.Equal(t, iam.ErrCodeNoSuchEntityException, awsErr.Code()) |
| 246 | } |
| 247 | |
| 248 | func TestS3IAMDeletePolicyInUse(t *testing.T) { |
| 249 | if testing.Short() { |
nothing calls this directly
no test coverage detected