From cc3de11e54e2faddc82aa56a1977c6ce777e3158 Mon Sep 17 00:00:00 2001 From: richard-dds Date: Wed, 2 Oct 2019 11:34:51 -0400 Subject: [PATCH] Standardize all of the AWS credentials --- atst/domain/csp/cloud.py | 20 +++++++++----------- tests/domain/cloud/test_aws_csp.py | 29 +++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 11 deletions(-) diff --git a/atst/domain/csp/cloud.py b/atst/domain/csp/cloud.py index 00e896e4..88a16400 100644 --- a/atst/domain/csp/cloud.py +++ b/atst/domain/csp/cloud.py @@ -492,8 +492,8 @@ class AWSCloudProvider(CloudProviderInterface): self.boto3 = boto3 - def root_creds(): - return {"username": self.access_key_id, "password": self.secret_key} + def root_creds(self): + return {"AccessKeyId": self.access_key_id, "SecretAccessKey": self.secret_key} def create_environment( self, auth_credentials: Dict, user: User, environment: Environment @@ -503,9 +503,7 @@ class AWSCloudProvider(CloudProviderInterface): # Create an account. Requires organizations:CreateAccount permission account_request = org_client.create_account( - Email=user.email, - AccountName=uuid4().hex, - IamUserAccessToBilling="ALLOW", + Email=user.email, AccountName=uuid4().hex, IamUserAccessToBilling="ALLOW" ) # Configuration for our CreateAccount Waiter. @@ -618,8 +616,8 @@ class AWSCloudProvider(CloudProviderInterface): "AccessKey" ] credentials = { - "key": access_key["AccessKeyId"], - "secret_key": access_key["SecretAccessKey"], + "AccessKeyId": access_key["AccessKeyId"], + "SecretAccessKey": access_key["SecretAccessKey"], } # TODO: Create real policies in account. @@ -674,13 +672,13 @@ class AWSCloudProvider(CloudProviderInterface): A helper for creating a client of a given AWS service. """ credentials = credentials or { - "aws_access_key_id": self.access_key_id, - "aws_secret_access_key": self.secret_key, + "AccessKeyId": self.access_key_id, + "SecretAccessKey": self.secret_key, } return self.boto3.client( service, - aws_access_key_id=credentials["aws_access_key_id"], - aws_secret_access_key=credentials["aws_secret_access_key"], + aws_access_key_id=credentials["AccessKeyId"], + aws_secret_access_key=credentials["SecretAccessKey"], region_name=self.region_name, ) diff --git a/tests/domain/cloud/test_aws_csp.py b/tests/domain/cloud/test_aws_csp.py index 4a1ffd74..52d0f873 100644 --- a/tests/domain/cloud/test_aws_csp.py +++ b/tests/domain/cloud/test_aws_csp.py @@ -1,6 +1,11 @@ import pytest from atst.domain.csp.cloud import EnvironmentCreationException +from atst.jobs import ( + do_create_environment, + do_create_atat_admin_user, + do_create_environment_baseline, +) # pylint: disable=unused-import from tests.mock_boto3 import mock_aws, mock_boto3, AUTH_CREDENTIALS @@ -63,3 +68,27 @@ def test_create_environment_baseline_when_policy_already_exists(mock_aws): AUTH_CREDENTIALS, "csp_environment_id" ) assert "policies" in baseline_info + + +def test_aws_provision_environment(mock_aws, session): + environment = EnvironmentFactory.create() + + do_create_environment(mock_aws, environment_id=environment.id) + do_create_atat_admin_user(mock_aws, environment_id=environment.id) + do_create_environment_baseline(mock_aws, environment_id=environment.id) + + session.refresh(environment) + + assert "account-id" == environment.cloud_id + assert { + "id": "user-id", + "username": "user-name", + "credentials": { + "AccessKeyId": "access-key-id", + "SecretAccessKey": "secret-access-key", + }, + "resource_id": "user-arn", + } == environment.root_user_info + assert { + "policies": [{"BillingReadOnly": "policy-arn"}] + } == environment.baseline_info