From 6e9fbb16dec65cb807ae42c2258461a3b09dde74 Mon Sep 17 00:00:00 2001 From: dlpzx Date: Wed, 11 Sep 2024 16:50:57 +0200 Subject: [PATCH] Fix issue checking existing bucket --- backend/dataall/core/environment/cdk/environment_stack.py | 4 ++-- .../integration_tests/modules/s3_datasets/aws_clients.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/dataall/core/environment/cdk/environment_stack.py b/backend/dataall/core/environment/cdk/environment_stack.py index 41bd732b1..58e30a221 100644 --- a/backend/dataall/core/environment/cdk/environment_stack.py +++ b/backend/dataall/core/environment/cdk/environment_stack.py @@ -581,12 +581,11 @@ def create_integration_tests_role(self): 's3:CreateBucket', 's3:DeleteBucket', 's3:PutEncryptionConfiguration', - 's3:List*', 's3:GetObject*', 's3:DeleteObject', ], effect=iam.Effect.ALLOW, - resources=['arn:aws:s3:::dataalltesting*'], + resources=['arn:aws:s3:::dataalltesting*', 'arn:aws:s3:::dataalltesting*/*'], ) ) self.test_role.add_to_policy( @@ -618,6 +617,7 @@ def create_integration_tests_role(self): 'kms:TagResource', 'kms:DescribeKey', 's3:GetBucketVersioning', + 's3:List*', ], effect=iam.Effect.ALLOW, resources=['*'], diff --git a/tests_new/integration_tests/modules/s3_datasets/aws_clients.py b/tests_new/integration_tests/modules/s3_datasets/aws_clients.py index e50730682..4af2d5259 100644 --- a/tests_new/integration_tests/modules/s3_datasets/aws_clients.py +++ b/tests_new/integration_tests/modules/s3_datasets/aws_clients.py @@ -23,7 +23,7 @@ def bucket_exists(self, bucket_name): self._client.head_bucket(Bucket=bucket_name) return True except ClientError as e: - if e.response['Error']['Code'] == '404': + if e.response['Error']['Code'] in ['400', '403', '404']: return False else: raise Exception(f'Error checking if bucket {bucket_name} exists: {e}')