aws-cdk
Version:
CDK Toolkit, the command line tool for CDK apps
91 lines (90 loc) • 2.54 kB
TypeScript
import { Tag } from '@aws-sdk/client-sts';
interface AssumedRole {
readonly roleArn: string;
readonly serialNumber: string;
readonly externalId?: string;
readonly tokenCode: string;
readonly roleSessionName: string;
readonly tags?: Tag[];
readonly transitiveTagKeys?: string[];
}
/**
* Class for mocking AWS HTTP Requests and pretending to be STS
*
* This is necessary for testing our authentication layer. Most other mocking
* libraries don't consider as they mock functional methods which happen BEFORE
* the SDK's HTTP/Authentication layer.
*
* Instead, we want to validate how we're setting up credentials for the
* SDK, so we pretend to be the STS server and have an in-memory database
* of users and roles.
*
* With the v3 upgrade, this is only now half way being used as
*/
export declare class FakeSts {
readonly assumedRoles: AssumedRole[];
/**
* AccessKey -> User or Session
*/
private identities;
/**
* RoleARN -> Role
*
* When a Role is assumed it creates a Session.
*/
private roles;
/**
* Throw this error when AssumeRole is called
*/
failAssumeRole?: Error;
/**
* Begin mocking
*/
begin(): void;
/**
* Restore everything to normal
*/
restore(): void;
printState(): void;
/**
* Register a user
*/
registerUser(account: string, accessKey: string, options?: RegisterUserOptions): void;
/**
* Register an assumable role
*/
registerRole(account: string, roleArn: string, options?: RegisterRoleOptions): void;
private handleRequest;
private handleGetCallerIdentity;
/**
* Maps have a funky encoding to them when sent to STS.
*
* @see https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
*/
private decodeMapFromRequestBody;
/**
* Lists have a funky encoding when sent to STS.
*
* @see https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
*/
private decodeListKeysFromRequestBody;
private handleAssumeRole;
private checkForFailure;
private identity;
/**
* Return the access key from a signed request
*/
private accessKeyId;
}
export interface RegisterUserOptions {
readonly name?: string;
readonly partition?: string;
}
export interface RegisterRoleOptions {
readonly allowedAccounts?: string[];
readonly name?: string;
}
export interface STSMocksOptions {
readonly accessKey?: string;
}
export {};