6

I want to create a key that's managed by AWS. So far this is what I have

@mock_kms
def test_mocking_getting_keys(self):
    session = boto3.Session(profile_name=profile)
    client = session.client('kms', 'us-east-2')
    key = client.create_key(
        Policy='string',
        Description='string',
        KeyUsage='SIGN_VERIFY',
        CustomerMasterKeySpec='RSA_2048',
        Origin='AWS_KMS',
        CustomKeyStoreId='string',
        BypassPolicyLockoutSafetyCheck=True,
        Tags=[
            {
                'TagKey': 'string',
                'TagValue': 'string'
            },
        ]
    )
    print(key)

But the key doesn't seem to have KeyManager field:

 {'KeyMetadata': {'AWSAccountId': '012345678912', 'KeyId': '7fc3e676-0d1c-4526-9161-41b27a776033', 'Arn': 'arn:aws:kms:us-east-2:012345678912:key/7fc3e676-0d1c-4526-9161-41b27a776033', 'CreationDate': datetime.datetime(2020, 1, 3, 13, 31, 17, tzinfo=tzutc()), 'Enabled': True, 'Description': 'string', 'KeyUsage': 'SIGN_VERIFY', 'KeyState': 'Enabled'}, 'ResponseMetadata': {'HTTPStatusCode': 200, 'HTTPHeaders': {'server': 'amazon.com'}, 'RetryAttempts': 0}}

I tried adding KeyManager as a param during create_key call but that didn't work either.

Seems like moto doens't return the KeyManager field. Is there a way to mock that return value specifically but not change the behavior of the dictionary.get method for the rest of the params?

i.e.

key['KeyMetadata']['AWSAccountId'] would return the mocked value and then key['KeyMetadata']['KeyManager'] would return a another mocked value that I could specify.

Stupid.Fat.Cat
  • 10,755
  • 23
  • 83
  • 144

1 Answers1

2

The KeyManager attribute is currently not returned by Moto, you can either open an Issue on the Moto GitHub, or add it yourself (either locally, or PR'ed to upstream)

Niobos
  • 880
  • 4
  • 15
  • Ah.... Any recommendations as to how to mock a specific return value in that dictionary only for that specific KeyManager field? – Stupid.Fat.Cat Jan 07 '20 at 19:30