added test to verify that managed policies are merged along with vpc config policies

2026-01-18 14:58:43 +00:00 · 2018-04-05 15:22:54 -04:00 · 2018-04-05 15:22:54 -04:00 · cc4dfca85f
commit cc4dfca85f
parent f1d3aecb63
1 changed files with 30 additions and 0 deletions
--- a/lib/plugins/aws/package/lib/mergeIamTemplates.test.js
+++ b/lib/plugins/aws/package/lib/mergeIamTemplates.test.js
@ -171,6 +171,36 @@ describe('#mergeIamTemplates()', () => {
      });
  });

+  it('should merge managed policy arns when vpc config supplied', () => {
+    awsPackage.serverless.service.provider.vpc = {
+      securityGroupIds: ['xxx'],
+      subnetIds: ['xxx'],
+    };
+    const iamManagedPolicies = [
+      'some:aws:arn:xxx:*:*',
+      'someOther:aws:arn:xxx:*:*',
+      { 'Fn::Join': [':', ['arn:aws:iam:', { Ref: 'AWSAccountId' }, 'some/path']] },
+    ];
+    awsPackage.serverless.service.provider.iamManagedPolicies = iamManagedPolicies
+    const expectedManagedPolicyArns = [...iamManagedPolicies,{
+      'Fn::Join': ['',
+        [
+          'arn:',
+          { Ref: 'AWS::Partition' },
+          ':iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole',
+        ],
+      ],
+    } ]
+    return awsPackage.mergeIamTemplates()
+      .then(() => {
+        expect(awsPackage.serverless.service.provider.compiledCloudFormationTemplate
+          .Resources[awsPackage.provider.naming.getRoleLogicalId()]
+          .Properties
+          .ManagedPolicyArns
+        ).to.deep.equal(expectedManagedPolicyArns);
+      });
+  });
+
  it('should throw error if custom IAM policy statements is not an array', () => {
    awsPackage.serverless.service.provider.iamRoleStatements = {
      policy: 'some_value',