ps/Modules/Alkami.DevOps.SystemEngineering/Private/Get-ServerlessServiceAccountIamPolicyString.tests.ps1

. $PSScriptRoot\..\..\Load-PesterModules.ps1
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
$global:functionPath = Join-Path -Path $here -ChildPath $sut

InModuleScope -ModuleName Alkami.DevOps.SystemEngineering -ScriptBlock {
    Write-Host "InModuleScope - Overriding SUT: $global:functionPath"
    Import-Module $global:functionPath -Force

    Describe "Get-ServerlessServiceAccountIamPolicyString" {

        Context "Parameter Validation" {

            It "Throws if SecretArns is Null" {
                { Get-ServerlessServiceAccountIamPolicyString -SecretArns $null } | Should -Throw
            }

            It "Throws if SecretArns is Empty" {
                { Get-ServerlessServiceAccountIamPolicyString -SecretArns @() } | Should -Throw
            }
        }

        Context "Logic" {

            It "Returns a String" {

                (Get-Command Get-ServerlessServiceAccountIamPolicyString).OutputType.Type.ToString() | Should -BeExactly "System.String"
            }

            It "Returns a String With a Valid JSON Conversion" {

                { ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test')) } | Should -Not -Throw
            }

            It "Allows DescribeSecret Action" {

                $result = ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test'))
                $result.Statement[0].Action | Should -Contain 'secretsmanager:DescribeSecret'
            }

            It "Allows GetSecretValue Action" {

                $result = ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test'))
                $result.Statement[0].Action | Should -Contain 'secretsmanager:GetSecretValue'
            }

            It "Grants Access To Specified Resource(s)" {

                $result = ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test1', 'test2'))
                $result.Statement[0].Resource | Should -HaveCount 2
                $result.Statement[0].Resource | Should -Contain 'test1'
                $result.Statement[0].Resource | Should -Contain 'test2'
            }
        }
    }
}
First full commit 2023-05-30 22:51:22 -07:00			`. $PSScriptRoot\..\..\Load-PesterModules.ps1`
			`$here = Split-Path -Parent $MyInvocation.MyCommand.Path`
			`$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'`
			`$global:functionPath = Join-Path -Path $here -ChildPath $sut`

			`InModuleScope -ModuleName Alkami.DevOps.SystemEngineering -ScriptBlock {`
			`Write-Host "InModuleScope - Overriding SUT: $global:functionPath"`
			`Import-Module $global:functionPath -Force`

			`Describe "Get-ServerlessServiceAccountIamPolicyString" {`

			`Context "Parameter Validation" {`

			`It "Throws if SecretArns is Null" {`
			`{ Get-ServerlessServiceAccountIamPolicyString -SecretArns $null } \| Should -Throw`
			`}`

			`It "Throws if SecretArns is Empty" {`
			`{ Get-ServerlessServiceAccountIamPolicyString -SecretArns @() } \| Should -Throw`
			`}`
			`}`

			`Context "Logic" {`

			`It "Returns a String" {`

			`(Get-Command Get-ServerlessServiceAccountIamPolicyString).OutputType.Type.ToString() \| Should -BeExactly "System.String"`
			`}`

			`It "Returns a String With a Valid JSON Conversion" {`

			`{ ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test')) } \| Should -Not -Throw`
			`}`

			`It "Allows DescribeSecret Action" {`

			`$result = ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test'))`
			`$result.Statement[0].Action \| Should -Contain 'secretsmanager:DescribeSecret'`
			`}`

			`It "Allows GetSecretValue Action" {`

			`$result = ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test'))`
			`$result.Statement[0].Action \| Should -Contain 'secretsmanager:GetSecretValue'`
			`}`

			`It "Grants Access To Specified Resource(s)" {`

			`$result = ConvertFrom-Json (Get-ServerlessServiceAccountIamPolicyString -SecretArns @('test1', 'test2'))`
			`$result.Statement[0].Resource \| Should -HaveCount 2`
			`$result.Statement[0].Resource \| Should -Contain 'test1'`
			`$result.Statement[0].Resource \| Should -Contain 'test2'`
			`}`
			`}`
			`}`
			`}`