adding additional cli params to smoke test

fac · Jan 23, 2023 · c00ad05 · c00ad05
1 parent 878ff00
commit c00ad05
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 5 deletions.
diff --git a/cicd/cloudformation/developer.yaml b/cicd/cloudformation/developer.yaml
@@ -229,9 +229,9 @@ Resources:
               InputArtifacts:
                 - Name: Built
                 - Name: Source
-        - Name: Test
+        - Name: Prep
           Actions:
-            - Name: Staging
+            - Name: Publish
               Namespace: RC
               ActionTypeId:
                 Category: Build
@@ -760,11 +760,22 @@ Resources:
               -  'lambda:invokeFunction'
               Effect: Allow
               Resource: '*'
+            - Action:
+                - "identitystore:DeleteUser"
+                - "identitystore:CreateGroup"
+                - "identitystore:CreateGroupMembership"
+                - "identitystore:ListGroups"
+                - "identitystore:ListUsers"
+                - "identitystore:ListGroupMemberships"
+                - "identitystore:IsMemberInGroups"
+                - "identitystore:GetGroupMembershipId"
+                - "identitystore:DeleteGroupMembership"
+              Effect: Allow
+              Resource: '*'
             - Action:
                 - "secretsmanager:Get*"
-              Resource:
-                - "*"
               Effect: Allow
+              Resource: '*'
 
   CloudFormationDeployerRole:
     Type: AWS::IAM::Role

diff --git a/cicd/tests/smoke/cli/buildspec.yml b/cicd/tests/smoke/cli/buildspec.yml
@@ -5,6 +5,8 @@ env:
     GoogleAdminEmail: TestGoogleAdminEmail
     SCIMEndpointUrl: TestSCIMEndpointUrl
     SCIMAccessToken: TestSCIMAccessToken
+    IdentityStoreID: TestIdentityStoreId
+    Region: TestRegion
 
 phases:
   pre_build: 
@@ -18,4 +20,4 @@ phases:
       - aws secretsmanager  get-secret-value --secret-id=TestGoogleCredentials --query SecretString --output text | jq '.' > credentials.json
       - cat credentials.json
 
-      - ./ssosync -t "${SCIMAccessToken}" -e "${SCIMEndpointUrl}" -u "${GoogleAdminEmail}" -s "groups" -g "name:AWS*" 
+      - ./ssosync -t "${SCIMAccessToken}" -e "${SCIMEndpointUrl}" -u "${GoogleAdminEmail}" -i "${IdentityStoreID}" -r "${Region}" -s "groups" -g "name:AWS*"