Add failure test for sts tokens

2026-01-26 16:11:30 -03:30 · 2015-10-01 10:49:58 -04:00 · 2015-10-01 10:49:58 -04:00 · 6a3a36513a
commit 6a3a36513a
parent acc974289f
1 changed files with 22 additions and 0 deletions
--- a/awx/main/tests/inventory.py
+++ b/awx/main/tests/inventory.py
@ -1691,6 +1691,28 @@ class InventoryUpdatesTest(BaseTransactionTest):
                                                        source_vars='---\n\nnested_groups: false\ncache_path: %s\n' % cache_path)
        self.check_inventory_source(inventory_source)

+    def test_update_from_ec2_sts_iam_bad_token(self):
+        source_username = getattr(settings, 'TEST_AWS_ACCESS_KEY_ID', '')
+        source_password = getattr(settings, 'TEST_AWS_SECRET_ACCESS_KEY', '')
+        source_regions = getattr(settings, 'TEST_AWS_REGIONS', 'all')
+        self.create_test_license_file()
+        credential = Credential.objects.create(kind='aws',
+                                               user=self.super_django_user,
+                                               username=source_username,
+                                               password=source_password,
+                                               security_token="BADTOKEN")
+        # Set parent group name to one that might be created by the sync.
+        group = self.group
+        group.name = 'ec2'
+        group.save()
+        self.group = group
+        cache_path = tempfile.mkdtemp(prefix='awx_ec2_')
+        self._temp_paths.append(cache_path)
+        inventory_source = self.update_inventory_source(self.group,
+                                                        source='ec2', credential=credential, source_regions=source_regions,
+                                                        source_vars='---\n\nnested_groups: false\ncache_path: %s\n' % cache_path)
+        self.check_inventory_update(inventory_source, should_fail=True)
+
    def test_update_from_ec2_without_credential(self):
        self.create_test_license_file()
        group = self.group