UNPKG

@aws-cdk-testing/cli-integ

Version:

Integration tests for the AWS CDK CLI

github.com/aws/aws-cdk

aws/aws-cdk-cli

36 lines 6.36 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); const client_sts_1 = require("@aws-sdk/client-sts"); const lib_1 = require("../../../lib"); (0, lib_1.integTest)('deploy role cannot be assumed with external id', (0, lib_1.withoutBootstrap)(async (fixture) => { const bootstrapStackName = fixture.bootstrapStackName; await fixture.cdkBootstrapModern({ toolkitStackName: bootstrapStackName, cfnExecutionPolicy: 'arn:aws:iam::aws:policy/AdministratorAccess', }); const account = await fixture.aws.account(); const deployRoleArn = `arn:aws:iam::${account}:role/cdk-${fixture.qualifier}-deploy-role-${account}-${fixture.aws.region}`; // Attempt to assume the deploy role with an external ID should fail await expect(fixture.aws.sts.send(new client_sts_1.AssumeRoleCommand({ RoleArn: deployRoleArn, RoleSessionName: 'test-external-id-failure', ExternalId: 'some-external-id', }))).rejects.toThrow(); })); (0, lib_1.integTest)('deploy role can be assumed with ExternalId if protection is switched off', (0, lib_1.withoutBootstrap)(async (fixture) => { const bootstrapStackName = fixture.bootstrapStackName; await fixture.cdkBootstrapModern({ toolkitStackName: bootstrapStackName, cfnExecutionPolicy: 'arn:aws:iam::aws:policy/AdministratorAccess', denyExternalId: false, }); const account = await fixture.aws.account(); const deployRoleArn = `arn:aws:iam::${account}:role/cdk-${fixture.qualifier}-deploy-role-${account}-${fixture.aws.region}`; // Attempt to assume the deploy role with an external ID should fail await expect(fixture.aws.sts.send(new client_sts_1.AssumeRoleCommand({ RoleArn: deployRoleArn, RoleSessionName: 'test-external-id-failure', ExternalId: 'some-external-id', }))).resolves.toBeTruthy(); })); //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2RrLWJvb3RzdHJhcC1kZXBsb3ktcm9sZS1jYW5ub3QtYmUtYXNzdW1lZC13aXRoLWV4dGVybmFsLWlkLmludGVndGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbImNkay1ib290c3RyYXAtZGVwbG95LXJvbGUtY2Fubm90LWJlLWFzc3VtZWQtd2l0aC1leHRlcm5hbC1pZC5pbnRlZ3Rlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSxvREFBd0Q7QUFDeEQsc0NBQTJEO0FBRTNELElBQUEsZUFBUyxFQUFDLGdEQUFnRCxFQUFFLElBQUEsc0JBQWdCLEVBQUMsS0FBSyxFQUFFLE9BQU8sRUFBRSxFQUFFO0lBQzdGLE1BQU0sa0JBQWtCLEdBQUcsT0FBTyxDQUFDLGtCQUFrQixDQUFDO0lBRXRELE1BQU0sT0FBTyxDQUFDLGtCQUFrQixDQUFDO1FBQy9CLGdCQUFnQixFQUFFLGtCQUFrQjtRQUNwQyxrQkFBa0IsRUFBRSw2Q0FBNkM7S0FDbEUsQ0FBQyxDQUFDO0lBRUgsTUFBTSxPQUFPLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQzVDLE1BQU0sYUFBYSxHQUFHLGdCQUFnQixPQUFPLGFBQWEsT0FBTyxDQUFDLFNBQVMsZ0JBQWdCLE9BQU8sSUFBSSxPQUFPLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxDQUFDO0lBRTNILG9FQUFvRTtJQUNwRSxNQUFNLE1BQU0sQ0FDVixPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSw4QkFBaUIsQ0FBQztRQUN6QyxPQUFPLEVBQUUsYUFBYTtRQUN0QixlQUFlLEVBQUUsMEJBQTBCO1FBQzNDLFVBQVUsRUFBRSxrQkFBa0I7S0FDL0IsQ0FBQyxDQUFDLENBQ0osQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLENBQUM7QUFDdEIsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUVKLElBQUEsZUFBUyxFQUFDLDBFQUEwRSxFQUFFLElBQUEsc0JBQWdCLEVBQUMsS0FBSyxFQUFFLE9BQU8sRUFBRSxFQUFFO0lBQ3ZILE1BQU0sa0JBQWtCLEdBQUcsT0FBTyxDQUFDLGtCQUFrQixDQUFDO0lBRXRELE1BQU0sT0FBTyxDQUFDLGtCQUFrQixDQUFDO1FBQy9CLGdCQUFnQixFQUFFLGtCQUFrQjtRQUNwQyxrQkFBa0IsRUFBRSw2Q0FBNkM7UUFDakUsY0FBYyxFQUFFLEtBQUs7S0FDdEIsQ0FBQyxDQUFDO0lBRUgsTUFBTSxPQUFPLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQzVDLE1BQU0sYUFBYSxHQUFHLGdCQUFnQixPQUFPLGFBQWEsT0FBTyxDQUFDLFNBQVMsZ0JBQWdCLE9BQU8sSUFBSSxPQUFPLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxDQUFDO0lBRTNILG9FQUFvRTtJQUNwRSxNQUFNLE1BQU0sQ0FDVixPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSw4QkFBaUIsQ0FBQztRQUN6QyxPQUFPLEVBQUUsYUFBYTtRQUN0QixlQUFlLEVBQUUsMEJBQTBCO1FBQzNDLFVBQVUsRUFBRSxrQkFBa0I7S0FDL0IsQ0FBQyxDQUFDLENBQ0osQ0FBQyxRQUFRLENBQUMsVUFBVSxFQUFFLENBQUM7QUFDMUIsQ0FBQyxDQUFDLENBQUMsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEFzc3VtZVJvbGVDb21tYW5kIH0gZnJvbSAnQGF3cy1zZGsvY2xpZW50LXN0cyc7XG5pbXBvcnQgeyBpbnRlZ1Rlc3QsIHdpdGhvdXRCb290c3RyYXAgfSBmcm9tICcuLi8uLi8uLi9saWInO1xuXG5pbnRlZ1Rlc3QoJ2RlcGxveSByb2xlIGNhbm5vdCBiZSBhc3N1bWVkIHdpdGggZXh0ZXJuYWwgaWQnLCB3aXRob3V0Qm9vdHN0cmFwKGFzeW5jIChmaXh0dXJlKSA9PiB7XG4gIGNvbnN0IGJvb3RzdHJhcFN0YWNrTmFtZSA9IGZpeHR1cmUuYm9vdHN0cmFwU3RhY2tOYW1lO1xuXG4gIGF3YWl0IGZpeHR1cmUuY2RrQm9vdHN0cmFwTW9kZXJuKHtcbiAgICB0b29sa2l0U3RhY2tOYW1lOiBib290c3RyYXBTdGFja05hbWUsXG4gICAgY2ZuRXhlY3V0aW9uUG9saWN5OiAnYXJuOmF3czppYW06OmF3czpwb2xpY3kvQWRtaW5pc3RyYXRvckFjY2VzcycsXG4gIH0pO1xuXG4gIGNvbnN0IGFjY291bnQgPSBhd2FpdCBmaXh0dXJlLmF3cy5hY2NvdW50KCk7XG4gIGNvbnN0IGRlcGxveVJvbGVBcm4gPSBgYXJuOmF3czppYW06OiR7YWNjb3VudH06cm9sZS9jZGstJHtmaXh0dXJlLnF1YWxpZmllcn0tZGVwbG95LXJvbGUtJHthY2NvdW50fS0ke2ZpeHR1cmUuYXdzLnJlZ2lvbn1gO1xuXG4gIC8vIEF0dGVtcHQgdG8gYXNzdW1lIHRoZSBkZXBsb3kgcm9sZSB3aXRoIGFuIGV4dGVybmFsIElEIHNob3VsZCBmYWlsXG4gIGF3YWl0IGV4cGVjdChcbiAgICBmaXh0dXJlLmF3cy5zdHMuc2VuZChuZXcgQXNzdW1lUm9sZUNvbW1hbmQoe1xuICAgICAgUm9sZUFybjogZGVwbG95Um9sZUFybixcbiAgICAgIFJvbGVTZXNzaW9uTmFtZTogJ3Rlc3QtZXh0ZXJuYWwtaWQtZmFpbHVyZScsXG4gICAgICBFeHRlcm5hbElkOiAnc29tZS1leHRlcm5hbC1pZCcsXG4gICAgfSkpLFxuICApLnJlamVjdHMudG9UaHJvdygpO1xufSkpO1xuXG5pbnRlZ1Rlc3QoJ2RlcGxveSByb2xlIGNhbiBiZSBhc3N1bWVkIHdpdGggRXh0ZXJuYWxJZCBpZiBwcm90ZWN0aW9uIGlzIHN3aXRjaGVkIG9mZicsIHdpdGhvdXRCb290c3RyYXAoYXN5bmMgKGZpeHR1cmUpID0+IHtcbiAgY29uc3QgYm9vdHN0cmFwU3RhY2tOYW1lID0gZml4dHVyZS5ib290c3RyYXBTdGFja05hbWU7XG5cbiAgYXdhaXQgZml4dHVyZS5jZGtCb290c3RyYXBNb2Rlcm4oe1xuICAgIHRvb2xraXRTdGFja05hbWU6IGJvb3RzdHJhcFN0YWNrTmFtZSxcbiAgICBjZm5FeGVjdXRpb25Qb2xpY3k6ICdhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9BZG1pbmlzdHJhdG9yQWNjZXNzJyxcbiAgICBkZW55RXh0ZXJuYWxJZDogZmFsc2UsXG4gIH0pO1xuXG4gIGNvbnN0IGFjY291bnQgPSBhd2FpdCBmaXh0dXJlLmF3cy5hY2NvdW50KCk7XG4gIGNvbnN0IGRlcGxveVJvbGVBcm4gPSBgYXJuOmF3czppYW06OiR7YWNjb3VudH06cm9sZS9jZGstJHtmaXh0dXJlLnF1YWxpZmllcn0tZGVwbG95LXJvbGUtJHthY2NvdW50fS0ke2ZpeHR1cmUuYXdzLnJlZ2lvbn1gO1xuXG4gIC8vIEF0dGVtcHQgdG8gYXNzdW1lIHRoZSBkZXBsb3kgcm9sZSB3aXRoIGFuIGV4dGVybmFsIElEIHNob3VsZCBmYWlsXG4gIGF3YWl0IGV4cGVjdChcbiAgICBmaXh0dXJlLmF3cy5zdHMuc2VuZChuZXcgQXNzdW1lUm9sZUNvbW1hbmQoe1xuICAgICAgUm9sZUFybjogZGVwbG95Um9sZUFybixcbiAgICAgIFJvbGVTZXNzaW9uTmFtZTogJ3Rlc3QtZXh0ZXJuYWwtaWQtZmFpbHVyZScsXG4gICAgICBFeHRlcm5hbElkOiAnc29tZS1leHRlcm5hbC1pZCcsXG4gICAgfSkpLFxuICApLnJlc29sdmVzLnRvQmVUcnV0aHkoKTtcbn0pKTtcbiJdfQ==