Testing that STS Assume Role fails #7207
-
|
Is it possible to test that STS assume_role fails (returns access denied) if being called using credentials that are from the "wrong" AWS account (Trust Relationship hasn't been set up with that account)? From the documentation, it seems like roles for assume_role in moto don't even have to exist, so assume_role always will succeed. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hi @tony-garcia, that is not possible yet. Have you tried patching boto3 instead? You could choose to throw an exception for this action (when appopriate) before it gets executed/mocked. |
Beta Was this translation helpful? Give feedback.
Hi @tony-garcia, that is not possible yet.
Have you tried patching boto3 instead? You could choose to throw an exception for this action (when appopriate) before it gets executed/mocked.
See the docs here: http://docs.getmoto.org/en/latest/docs/services/patching_other_services.html