UNPKG

@aws-cdk-testing/cli-integ

Version:

Integration tests for the AWS CDK CLI

github.com/aws/aws-cdk

aws/aws-cdk-cli-testing

61 lines 11.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); const client_cloudformation_1 = require("@aws-sdk/client-cloudformation"); const client_iam_1 = require("@aws-sdk/client-iam"); const lib_1 = require("../../lib"); const eventually_1 = require("../../lib/eventually"); jest.setTimeout(2 * 60 * 60000); // Includes the time to acquire locks, worst-case single-threaded runtime (0, lib_1.integTest)('can remove customPermissionsBoundary', (0, lib_1.withoutBootstrap)(async (fixture) => { var _a, _b, _c; const bootstrapStackName = fixture.bootstrapStackName; const policyName = `${bootstrapStackName}-pb`; let policyArn; try { const policy = await fixture.aws.iam.send(new client_iam_1.CreatePolicyCommand({ PolicyName: policyName, PolicyDocument: JSON.stringify({ Version: '2012-10-17', Statement: { Action: ['*'], Resource: ['*'], Effect: 'Allow', }, }), })); policyArn = (_a = policy.Policy) === null || _a === void 0 ? void 0 : _a.Arn; // Policy creation and consistency across regions is "almost immediate" // See: https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency // We will put this in an `eventually` block to retry stack creation with a reasonable timeout const createStackWithPermissionBoundary = async () => { var _a, _b; await fixture.cdkBootstrapModern({ // toolkitStackName doesn't matter for this particular invocation toolkitStackName: bootstrapStackName, customPermissionsBoundary: policyName, }); const response = await fixture.aws.cloudFormation.send(new client_cloudformation_1.DescribeStacksCommand({ StackName: bootstrapStackName })); expect((_b = (_a = response.Stacks) === null || _a === void 0 ? void 0 : _a[0].Parameters) === null || _b === void 0 ? void 0 : _b.some(param => (param.ParameterKey === 'InputPermissionsBoundary' && param.ParameterValue === policyName))).toEqual(true); }; await (0, eventually_1.default)(createStackWithPermissionBoundary, { maxAttempts: 3 }); await fixture.cdkBootstrapModern({ // toolkitStackName doesn't matter for this particular invocation toolkitStackName: bootstrapStackName, usePreviousParameters: false, }); const response2 = await fixture.aws.cloudFormation.send(new client_cloudformation_1.DescribeStacksCommand({ StackName: bootstrapStackName })); expect((_c = (_b = response2.Stacks) === null || _b === void 0 ? void 0 : _b[0].Parameters) === null || _c === void 0 ? void 0 : _c.some(param => (param.ParameterKey === 'InputPermissionsBoundary' && !param.ParameterValue))).toEqual(true); const region = fixture.aws.region; const account = await fixture.aws.account(); const role = await fixture.aws.iam.send(new client_iam_1.GetRoleCommand({ RoleName: `cdk-${fixture.qualifier}-cfn-exec-role-${account}-${region}` })); if (!role.Role) { throw new Error('Role not found'); } expect(role.Role.PermissionsBoundary).toBeUndefined(); } finally { if (policyArn) { await fixture.aws.iam.send(new client_iam_1.DeletePolicyCommand({ PolicyArn: policyArn })); } } })); //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2RrLWJvb3RzdHJhcC1jYW4tcmVtb3ZlLWN1c3RvbXBlcm1pc3Npb25zYm91bmRhcnkuaW50ZWd0ZXN0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiY2RrLWJvb3RzdHJhcC1jYW4tcmVtb3ZlLWN1c3RvbXBlcm1pc3Npb25zYm91bmRhcnkuaW50ZWd0ZXN0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsMEVBQXVFO0FBQ3ZFLG9EQUErRjtBQUMvRixtQ0FBd0Q7QUFDeEQscURBQThDO0FBRTlDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQyxHQUFHLEVBQUUsR0FBRyxLQUFNLENBQUMsQ0FBQyxDQUFDLHlFQUF5RTtBQUUzRyxJQUFBLGVBQVMsRUFBQyxzQ0FBc0MsRUFBRSxJQUFBLHNCQUFnQixFQUFDLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTs7SUFDbkYsTUFBTSxrQkFBa0IsR0FBRyxPQUFPLENBQUMsa0JBQWtCLENBQUM7SUFDdEQsTUFBTSxVQUFVLEdBQUcsR0FBRyxrQkFBa0IsS0FBSyxDQUFDO0lBQzlDLElBQUksU0FBUyxDQUFDO0lBQ2QsSUFBSSxDQUFDO1FBQ0gsTUFBTSxNQUFNLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQ3ZDLElBQUksZ0NBQW1CLENBQUM7WUFDdEIsVUFBVSxFQUFFLFVBQVU7WUFDdEIsY0FBYyxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUM7Z0JBQzdCLE9BQU8sRUFBRSxZQUFZO2dCQUNyQixTQUFTLEVBQUU7b0JBQ1QsTUFBTSxFQUFFLENBQUMsR0FBRyxDQUFDO29CQUNiLFFBQVEsRUFBRSxDQUFDLEdBQUcsQ0FBQztvQkFDZixNQUFNLEVBQUUsT0FBTztpQkFDaEI7YUFDRixDQUFDO1NBQ0gsQ0FBQyxDQUNILENBQUM7UUFDRixTQUFTLEdBQUcsTUFBQSxNQUFNLENBQUMsTUFBTSwwQ0FBRSxHQUFHLENBQUM7UUFFL0IsdUVBQXVFO1FBQ3ZFLDRIQUE0SDtRQUM1SCw4RkFBOEY7UUFDOUYsTUFBTSxpQ0FBaUMsR0FBRyxLQUFLLElBQW1CLEVBQUU7O1lBQ2xFLE1BQU0sT0FBTyxDQUFDLGtCQUFrQixDQUFDO2dCQUMvQixpRUFBaUU7Z0JBQ2pFLGdCQUFnQixFQUFFLGtCQUFrQjtnQkFDcEMseUJBQXlCLEVBQUUsVUFBVTthQUN0QyxDQUFDLENBQUM7WUFFSCxNQUFNLFFBQVEsR0FBRyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsY0FBYyxDQUFDLElBQUksQ0FDcEQsSUFBSSw2Q0FBcUIsQ0FBQyxFQUFFLFNBQVMsRUFBRSxrQkFBa0IsRUFBRSxDQUFDLENBQzdELENBQUM7WUFDRixNQUFNLENBQ0osTUFBQSxNQUFBLFFBQVEsQ0FBQyxNQUFNLDBDQUFHLENBQUMsRUFBRSxVQUFVLDBDQUFFLElBQUksQ0FDbkMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxZQUFZLEtBQUssMEJBQTBCLElBQUksS0FBSyxDQUFDLGNBQWMsS0FBSyxVQUFVLENBQUMsQ0FDcEcsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNyQixDQUFDLENBQUM7UUFFRixNQUFNLElBQUEsb0JBQVUsRUFBQyxpQ0FBaUMsRUFBRSxFQUFFLFdBQVcsRUFBRSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBRXhFLE1BQU0sT0FBTyxDQUFDLGtCQUFrQixDQUFDO1lBQy9CLGlFQUFpRTtZQUNqRSxnQkFBZ0IsRUFBRSxrQkFBa0I7WUFDcEMscUJBQXFCLEVBQUUsS0FBSztTQUM3QixDQUFDLENBQUM7UUFDSCxNQUFNLFNBQVMsR0FBRyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsY0FBYyxDQUFDLElBQUksQ0FDckQsSUFBSSw2Q0FBcUIsQ0FBQyxFQUFFLFNBQVMsRUFBRSxrQkFBa0IsRUFBRSxDQUFDLENBQzdELENBQUM7UUFDRixNQUFNLENBQ0osTUFBQSxNQUFBLFNBQVMsQ0FBQyxNQUFNLDBDQUFHLENBQUMsRUFBRSxVQUFVLDBDQUFFLElBQUksQ0FDcEMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxZQUFZLEtBQUssMEJBQTBCLElBQUksQ0FBQyxLQUFLLENBQUMsY0FBYyxDQUFDLENBQ3RGLENBQUMsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFbkIsTUFBTSxNQUFNLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUM7UUFDbEMsTUFBTSxPQUFPLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBQzVDLE1BQU0sSUFBSSxHQUFHLE1BQU0sT0FBTyxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUNyQyxJQUFJLDJCQUFjLENBQUMsRUFBRSxRQUFRLEVBQUUsT0FBTyxPQUFPLENBQUMsU0FBUyxrQkFBa0IsT0FBTyxJQUFJLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FDaEcsQ0FBQztRQUNGLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDZixNQUFNLElBQUksS0FBSyxDQUFDLGdCQUFnQixDQUFDLENBQUM7UUFDcEMsQ0FBQztRQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLENBQUMsYUFBYSxFQUFFLENBQUM7SUFDeEQsQ0FBQztZQUFTLENBQUM7UUFDVCxJQUFJLFNBQVMsRUFBRSxDQUFDO1lBQ2QsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxnQ0FBbUIsQ0FBQyxFQUFFLFNBQVMsRUFBRSxTQUFTLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDaEYsQ0FBQztJQUNILENBQUM7QUFDSCxDQUFDLENBQUMsQ0FBQyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgRGVzY3JpYmVTdGFja3NDb21tYW5kIH0gZnJvbSAnQGF3cy1zZGsvY2xpZW50LWNsb3VkZm9ybWF0aW9uJztcbmltcG9ydCB7IENyZWF0ZVBvbGljeUNvbW1hbmQsIERlbGV0ZVBvbGljeUNvbW1hbmQsIEdldFJvbGVDb21tYW5kIH0gZnJvbSAnQGF3cy1zZGsvY2xpZW50LWlhbSc7XG5pbXBvcnQgeyBpbnRlZ1Rlc3QsIHdpdGhvdXRCb290c3RyYXAgfSBmcm9tICcuLi8uLi9saWInO1xuaW1wb3J0IGV2ZW50dWFsbHkgZnJvbSAnLi4vLi4vbGliL2V2ZW50dWFsbHknO1xuXG5qZXN0LnNldFRpbWVvdXQoMiAqIDYwICogNjBfMDAwKTsgLy8gSW5jbHVkZXMgdGhlIHRpbWUgdG8gYWNxdWlyZSBsb2Nrcywgd29yc3QtY2FzZSBzaW5nbGUtdGhyZWFkZWQgcnVudGltZVxuXG5pbnRlZ1Rlc3QoJ2NhbiByZW1vdmUgY3VzdG9tUGVybWlzc2lvbnNCb3VuZGFyeScsIHdpdGhvdXRCb290c3RyYXAoYXN5bmMgKGZpeHR1cmUpID0+IHtcbiAgY29uc3QgYm9vdHN0cmFwU3RhY2tOYW1lID0gZml4dHVyZS5ib290c3RyYXBTdGFja05hbWU7XG4gIGNvbnN0IHBvbGljeU5hbWUgPSBgJHtib290c3RyYXBTdGFja05hbWV9LXBiYDtcbiAgbGV0IHBvbGljeUFybjtcbiAgdHJ5IHtcbiAgICBjb25zdCBwb2xpY3kgPSBhd2FpdCBmaXh0dXJlLmF3cy5pYW0uc2VuZChcbiAgICAgIG5ldyBDcmVhdGVQb2xpY3lDb21tYW5kKHtcbiAgICAgICAgUG9saWN5TmFtZTogcG9saWN5TmFtZSxcbiAgICAgICAgUG9saWN5RG9jdW1lbnQ6IEpTT04uc3RyaW5naWZ5KHtcbiAgICAgICAgICBWZXJzaW9uOiAnMjAxMi0xMC0xNycsXG4gICAgICAgICAgU3RhdGVtZW50OiB7XG4gICAgICAgICAgICBBY3Rpb246IFsnKiddLFxuICAgICAgICAgICAgUmVzb3VyY2U6IFsnKiddLFxuICAgICAgICAgICAgRWZmZWN0OiAnQWxsb3cnLFxuICAgICAgICAgIH0sXG4gICAgICAgIH0pLFxuICAgICAgfSksXG4gICAgKTtcbiAgICBwb2xpY3lBcm4gPSBwb2xpY3kuUG9saWN5Py5Bcm47XG5cbiAgICAvLyBQb2xpY3kgY3JlYXRpb24gYW5kIGNvbnNpc3RlbmN5IGFjcm9zcyByZWdpb25zIGlzIFwiYWxtb3N0IGltbWVkaWF0ZVwiXG4gICAgLy8gU2VlOiBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vSUFNL2xhdGVzdC9Vc2VyR3VpZGUvdHJvdWJsZXNob290X2dlbmVyYWwuaHRtbCN0cm91Ymxlc2hvb3RfZ2VuZXJhbF9ldmVudHVhbC1jb25zaXN0ZW5jeVxuICAgIC8vIFdlIHdpbGwgcHV0IHRoaXMgaW4gYW4gYGV2ZW50dWFsbHlgIGJsb2NrIHRvIHJldHJ5IHN0YWNrIGNyZWF0aW9uIHdpdGggYSByZWFzb25hYmxlIHRpbWVvdXRcbiAgICBjb25zdCBjcmVhdGVTdGFja1dpdGhQZXJtaXNzaW9uQm91bmRhcnkgPSBhc3luYyAoKTogUHJvbWlzZTx2b2lkPiA9PiB7XG4gICAgICBhd2FpdCBmaXh0dXJlLmNka0Jvb3RzdHJhcE1vZGVybih7XG4gICAgICAgIC8vIHRvb2xraXRTdGFja05hbWUgZG9lc24ndCBtYXR0ZXIgZm9yIHRoaXMgcGFydGljdWxhciBpbnZvY2F0aW9uXG4gICAgICAgIHRvb2xraXRTdGFja05hbWU6IGJvb3RzdHJhcFN0YWNrTmFtZSxcbiAgICAgICAgY3VzdG9tUGVybWlzc2lvbnNCb3VuZGFyeTogcG9saWN5TmFtZSxcbiAgICAgIH0pO1xuXG4gICAgICBjb25zdCByZXNwb25zZSA9IGF3YWl0IGZpeHR1cmUuYXdzLmNsb3VkRm9ybWF0aW9uLnNlbmQoXG4gICAgICAgIG5ldyBEZXNjcmliZVN0YWNrc0NvbW1hbmQoeyBTdGFja05hbWU6IGJvb3RzdHJhcFN0YWNrTmFtZSB9KSxcbiAgICAgICk7XG4gICAgICBleHBlY3QoXG4gICAgICAgIHJlc3BvbnNlLlN0YWNrcz8uWzBdLlBhcmFtZXRlcnM/LnNvbWUoXG4gICAgICAgICAgcGFyYW0gPT4gKHBhcmFtLlBhcmFtZXRlcktleSA9PT0gJ0lucHV0UGVybWlzc2lvbnNCb3VuZGFyeScgJiYgcGFyYW0uUGFyYW1ldGVyVmFsdWUgPT09IHBvbGljeU5hbWUpLFxuICAgICAgICApKS50b0VxdWFsKHRydWUpO1xuICAgIH07XG5cbiAgICBhd2FpdCBldmVudHVhbGx5KGNyZWF0ZVN0YWNrV2l0aFBlcm1pc3Npb25Cb3VuZGFyeSwgeyBtYXhBdHRlbXB0czogMyB9KTtcblxuICAgIGF3YWl0IGZpeHR1cmUuY2RrQm9vdHN0cmFwTW9kZXJuKHtcbiAgICAgIC8vIHRvb2xraXRTdGFja05hbWUgZG9lc24ndCBtYXR0ZXIgZm9yIHRoaXMgcGFydGljdWxhciBpbnZvY2F0aW9uXG4gICAgICB0b29sa2l0U3RhY2tOYW1lOiBib290c3RyYXBTdGFja05hbWUsXG4gICAgICB1c2VQcmV2aW91c1BhcmFtZXRlcnM6IGZhbHNlLFxuICAgIH0pO1xuICAgIGNvbnN0IHJlc3BvbnNlMiA9IGF3YWl0IGZpeHR1cmUuYXdzLmNsb3VkRm9ybWF0aW9uLnNlbmQoXG4gICAgICBuZXcgRGVzY3JpYmVTdGFja3NDb21tYW5kKHsgU3RhY2tOYW1lOiBib290c3RyYXBTdGFja05hbWUgfSksXG4gICAgKTtcbiAgICBleHBlY3QoXG4gICAgICByZXNwb25zZTIuU3RhY2tzPy5bMF0uUGFyYW1ldGVycz8uc29tZShcbiAgICAgICAgcGFyYW0gPT4gKHBhcmFtLlBhcmFtZXRlcktleSA9PT0gJ0lucHV0UGVybWlzc2lvbnNCb3VuZGFyeScgJiYgIXBhcmFtLlBhcmFtZXRlclZhbHVlKSxcbiAgICAgICkpLnRvRXF1YWwodHJ1ZSk7XG5cbiAgICBjb25zdCByZWdpb24gPSBmaXh0dXJlLmF3cy5yZWdpb247XG4gICAgY29uc3QgYWNjb3VudCA9IGF3YWl0IGZpeHR1cmUuYXdzLmFjY291bnQoKTtcbiAgICBjb25zdCByb2xlID0gYXdhaXQgZml4dHVyZS5hd3MuaWFtLnNlbmQoXG4gICAgICBuZXcgR2V0Um9sZUNvbW1hbmQoeyBSb2xlTmFtZTogYGNkay0ke2ZpeHR1cmUucXVhbGlmaWVyfS1jZm4tZXhlYy1yb2xlLSR7YWNjb3VudH0tJHtyZWdpb259YCB9KSxcbiAgICApO1xuICAgIGlmICghcm9sZS5Sb2xlKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoJ1JvbGUgbm90IGZvdW5kJyk7XG4gICAgfVxuICAgIGV4cGVjdChyb2xlLlJvbGUuUGVybWlzc2lvbnNCb3VuZGFyeSkudG9CZVVuZGVmaW5lZCgpO1xuICB9IGZpbmFsbHkge1xuICAgIGlmIChwb2xpY3lBcm4pIHtcbiAgICAgIGF3YWl0IGZpeHR1cmUuYXdzLmlhbS5zZW5kKG5ldyBEZWxldGVQb2xpY3lDb21tYW5kKHsgUG9saWN5QXJuOiBwb2xpY3lBcm4gfSkpO1xuICAgIH1cbiAgfVxufSkpO1xuXG4iXX0=