Example 1 with Config
use of com.aliyuncs.fc.config.Config in project fc-java-sdk by aliyun.
the class FunctionComputeClientTest method testCreateServiceStsTokenNoPassRole.
@Test
public void testCreateServiceStsTokenNoPassRole() throws com.aliyuncs.exceptions.ClientException {
// Use a policy that does not have ram:PassRole, this policy will intersect with the role policy
// Access denied is expected if using STS without PassRole allowed
// Policy intersection doc: https://help.aliyun.com/document_detail/31935.html
String policy = "{\"Version\": \"1\",\"Statement\": [{\"Effect\": \"Allow\",\"Action\": [\"fc:*\"],\"Resource\": [\"*\"]}]}";
Credentials creds = getAssumeRoleCredentials(policy);
client = new FunctionComputeClient(new Config(REGION, ACCOUNT_ID, creds.getAccessKeyId(), creds.getAccessKeySecret(), creds.getSecurityToken(), false));
try {
createService(SERVICE_NAME);
fail("ClientException is expected");
} catch (ClientException e) {
assertTrue(e.getErrorMessage().contains("the caller is not authorized to perform 'ram:PassRole'"));
}
}
Also used :
Config(com.aliyuncs.fc.config.Config)
OSSTriggerConfig(com.aliyuncs.fc.model.OSSTriggerConfig)
ClientException(com.aliyuncs.fc.exceptions.ClientException)
FunctionComputeClient(com.aliyuncs.fc.client.FunctionComputeClient)
Credentials(com.aliyuncs.sts.model.v20150401.AssumeRoleResponse.Credentials)
Test(org.junit.Test)
Aggregations
FunctionComputeClient (com.aliyuncs.fc.client.FunctionComputeClient)1
Config (com.aliyuncs.fc.config.Config)1
ClientException (com.aliyuncs.fc.exceptions.ClientException)1
OSSTriggerConfig (com.aliyuncs.fc.model.OSSTriggerConfig)1
Credentials (com.aliyuncs.sts.model.v20150401.AssumeRoleResponse.Credentials)1
Test (org.junit.Test)1
