Skip to content

Commit

Permalink
[issue-190] Regional clients modify default botocore session (#193)
Browse files Browse the repository at this point in the history 
* [issue-190] Creation of regional clients modifies default botocore session's region
  • Loading branch information
@polamayster @mattsb42-aws
polamayster authored and mattsb42-aws committed Sep 20, 2019
1 parent f00fdd2 commit 7ef7aa2
Show file tree
Hide file tree
Showing 4 changed files with 41 additions and 5 deletions.
4 changes: 2 additions & 2 deletions src/aws_encryption_sdk/key_providers/kms.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,8 +161,8 @@ def add_regional_client(self, region_name):
:param str region_name: AWS Region ID (ex: us-east-1)
"""
if region_name not in self._regional_clients:
session = boto3.session.Session(region_name=region_name, botocore_session=self.config.botocore_session)
client = session.client("kms", config=self._user_agent_adding_config)
session = boto3.session.Session(botocore_session=self.config.botocore_session)
client = session.client("kms", region_name=region_name, config=self._user_agent_adding_config)
self._register_client(client, region_name)
self._regional_clients[region_name] = client

Expand Down
19 changes: 19 additions & 0 deletions test/integration/integration_test_utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,13 @@
"""Utility functions to handle configuration and credentials setup for integration tests."""
import os

import botocore.session

from aws_encryption_sdk.key_providers.kms import KMSMasterKeyProvider

AWS_KMS_KEY_ID = "AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID"
_KMS_MKP = None
_KMS_MKP_BOTO = None


def get_cmk_arn():
Expand Down Expand Up @@ -47,3 +50,19 @@ def setup_kms_master_key_provider(cache=True):
_KMS_MKP = kms_master_key_provider

return kms_master_key_provider


def setup_kms_master_key_provider_with_botocore_session(cache=True):
"""Reads the test_values config file and builds the requested KMS Master Key Provider with botocore_session."""
global _KMS_MKP_BOTO # pylint: disable=global-statement
if cache and _KMS_MKP_BOTO is not None:
return _KMS_MKP_BOTO

cmk_arn = get_cmk_arn()
kms_master_key_provider = KMSMasterKeyProvider(botocore_session=botocore.session.Session())
kms_master_key_provider.add_master_key(cmk_arn)

if cache:
_KMS_MKP_BOTO = kms_master_key_provider

return kms_master_key_provider
15 changes: 14 additions & 1 deletion test/integration/test_i_aws_encrytion_sdk_client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,11 @@
from aws_encryption_sdk.identifiers import USER_AGENT_SUFFIX, Algorithm
from aws_encryption_sdk.key_providers.kms import KMSMasterKey, KMSMasterKeyProvider

from .integration_test_utils import get_cmk_arn, setup_kms_master_key_provider
from .integration_test_utils import (
get_cmk_arn,
setup_kms_master_key_provider,
setup_kms_master_key_provider_with_botocore_session,
)

pytestmark = [pytest.mark.integ]

Expand Down Expand Up @@ -68,6 +72,15 @@ def test_remove_bad_client():
assert not test._regional_clients


def test_regional_client_does_not_modify_botocore_session(caplog):
mkp = setup_kms_master_key_provider_with_botocore_session()
fake_region = "us-fakey-12"

assert mkp.config.botocore_session.get_config_variable("region") != fake_region
mkp.add_regional_client(fake_region)
assert mkp.config.botocore_session.get_config_variable("region") != fake_region


class TestKMSThickClientIntegration(object):
@pytest.fixture(autouse=True)
def apply_fixtures(self):
Expand Down
8 changes: 6 additions & 2 deletions test/unit/test_providers_kms_master_key_provider.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,8 +108,12 @@ def test_add_regional_client_new(self):
test = KMSMasterKeyProvider()
test._regional_clients = {}
test.add_regional_client("ex_region_name")
self.mock_boto3_session.assert_called_with(region_name="ex_region_name", botocore_session=ANY)
self.mock_boto3_session_instance.client.assert_called_with("kms", config=test._user_agent_adding_config)
self.mock_boto3_session.assert_called_with(botocore_session=ANY)
self.mock_boto3_session_instance.client.assert_called_with(
"kms",
region_name="ex_region_name",
config=test._user_agent_adding_config,
)
assert test._regional_clients["ex_region_name"] is self.mock_boto3_client_instance

def test_add_regional_client_exists(self):
Expand Down

0 comments on commit 7ef7aa2

Please sign in to comment.