JT *_*ouk 6 javascript unit-testing aws-cdk
我有一个针对 EC2 Redis 构造的测试套件,用于测试资源是否附加了特定的 IAM 策略。我可以测试它是否成功地具有一次测试中的所有值,但是当测试它是否单独具有每个策略时,只有第一个测试通过。策略数组中的值的顺序似乎会使测试失败,这并不理想。
我希望能够提供更精细的单元测试,其中特定测试将失败,并提供测试所需策略的描述,但我无法在 AWS CDK 断言库中找到任何可能启用此行为的内容。有没有一种方法可以测试 CDK 构造的一组属性是否只包含一个值?
通过:
test('Redis Instance - should attach all IAM policies in order', () => {
const name = 'test-redis'
const { stack } = createRedisInstance(name)
expect(stack).to(haveResourceLike('AWS::IAM::Role', {
ManagedPolicyArns: [{
'Fn::Join': ['', [
'arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/AmazonSSMManagedInstanceCore'
]]
}, {
'Fn::Join': ['', [
'arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/AmazonS3ReadOnlyAccess'
]]
}, {
'Fn::Join': ['', [
'arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/CloudWatchAgentServerPolicy'
]]
}]
}))
})
失败:
test('Redis Instance - should attach AmazonSSMManagedInstanceCore IAM policy', () => {
const name = 'test-redis'
const { stack } = createRedisInstance(name)
expect(stack).to(haveResourceLike('AWS::IAM::Role', {
ManagedPolicyArns: [{
'Fn::Join': ['', [
'arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/AmazonSSMManagedInstanceCore'
]]
}]
}))
})
test('Redis Instance - should attach AmazonS3ReadOnlyAccess IAM policy', () => {
const name = 'test-redis'
const { stack } = createRedisInstance(name)
expect(stack).to(haveResourceLike('AWS::IAM::Role', {
ManagedPolicyArns: [{
'Fn::Join': ['', [
'arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/AmazonS3ReadOnlyAccess'
]]
}]
}))
})
test('Redis Instance - should attach CloudWatchAgentServerPolicy IAM policy', () => {
const name = 'test-redis'
const { stack } = createRedisInstance(name)
expect(stack).to(haveResourceLike('AWS::IAM::Role', {
ManagedPolicyArns: [{
'Fn::Join': ['', [
'arn:', { Ref: 'AWS::Partition' }, ':iam::aws:policy/CloudWatchAgentServerPolicy'
]]
}]
}))
})
小智 9
对于使用 CDK v2 的用户,您可以使用 Match.arrayWith 和 Match.objectLike 实现相同的效果
template.hasResourceProperties('AWS::IAM::Policy', Match.objectLike({
PolicyDocument: {
Statement: Match.arrayWith([Match.objectLike({
Action: 'secretsmanager:GetSecretValue',
Effect: 'Allow',
Resource: 'arn:aws:secretsmanager:TEST_REGION:TEST_ACCOUNT:secret:YourSecret-??????'
})])
}
}));
https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.assertions-readme.html
用于arrayWith(objectLike({...}))测试数组中任意位置的对象。
例子
import {
expect as expectCDK,
haveResourceLike,
arrayWith,
objectLike,
// deepObjectLike // sometimes better than objectLike
} from '@aws-cdk/assert';
...
...
test('Redis Instance - should attach CloudWatchAgentServerPolicy IAM policy', () => {
const name = 'test-redis'
const { stack } = createRedisInstance(name)
expect(stack).to(haveResourceLike('AWS::IAM::Role', {
ManagedPolicyArns: arrayWith(
objectLike({ ... }),
)
}))
})
https://www.npmjs.com/package/@aws-cdk/assert
| 归档时间: |
|
| 查看次数: |
5822 次 |
| 最近记录: |