From cc4dfca85fc02ecaabd20fe90dfaef8034e5780f Mon Sep 17 00:00:00 2001
From: CHRIS BARBOUR <CHRIS.BARBOUR@LIBERTY-IT.CO.UK>
Date: Thu, 5 Apr 2018 15:22:54 -0400
Subject: [PATCH] added test to verify that managed policies are merged along
 with vpc config policies

---
 .../aws/package/lib/mergeIamTemplates.test.js | 30 +++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/lib/plugins/aws/package/lib/mergeIamTemplates.test.js b/lib/plugins/aws/package/lib/mergeIamTemplates.test.js
index 479efa3b2..3d617e514 100644
--- a/lib/plugins/aws/package/lib/mergeIamTemplates.test.js
+++ b/lib/plugins/aws/package/lib/mergeIamTemplates.test.js
@@ -171,6 +171,36 @@ describe('#mergeIamTemplates()', () => {
       });
   });
 
+  it('should merge managed policy arns when vpc config supplied', () => {
+    awsPackage.serverless.service.provider.vpc = {
+      securityGroupIds: ['xxx'],
+      subnetIds: ['xxx'],
+    };
+    const iamManagedPolicies = [
+      'some:aws:arn:xxx:*:*',
+      'someOther:aws:arn:xxx:*:*',
+      { 'Fn::Join': [':', ['arn:aws:iam:', { Ref: 'AWSAccountId' }, 'some/path']] },
+    ];
+    awsPackage.serverless.service.provider.iamManagedPolicies = iamManagedPolicies
+    const expectedManagedPolicyArns = [...iamManagedPolicies,{
+      'Fn::Join': ['',
+        [
+          'arn:',
+          { Ref: 'AWS::Partition' },
+          ':iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole',
+        ],
+      ],
+    } ]
+    return awsPackage.mergeIamTemplates()
+      .then(() => {
+        expect(awsPackage.serverless.service.provider.compiledCloudFormationTemplate
+          .Resources[awsPackage.provider.naming.getRoleLogicalId()]
+          .Properties
+          .ManagedPolicyArns
+        ).to.deep.equal(expectedManagedPolicyArns);
+      });
+  });
+
   it('should throw error if custom IAM policy statements is not an array', () => {
     awsPackage.serverless.service.provider.iamRoleStatements = {
       policy: 'some_value',