diff --git a/airflow/providers/amazon/aws/auth_manager/cli/avp_commands.py b/airflow/providers/amazon/aws/auth_manager/cli/avp_commands.py index 1ee9d90692e6d..5caf5a48ab82f 100644 --- a/airflow/providers/amazon/aws/auth_manager/cli/avp_commands.py +++ b/airflow/providers/amazon/aws/auth_manager/cli/avp_commands.py @@ -120,7 +120,7 @@ def _create_policy_store(client: BaseClient, args) -> tuple[str | None, bool]: response = client.create_policy_store( validationSettings={ - "mode": "OFF", + "mode": "STRICT", }, description=args.policy_store_description, ) @@ -138,30 +138,6 @@ def _set_schema(client: BaseClient, policy_store_id: str, args) -> None: print(f"Dry run, not updating the schema of the policy store with ID '{policy_store_id}'.") return - if args.verbose: - log.debug("Getting the policy store details") - - details = client.get_policy_store( - policyStoreId=policy_store_id, - ) - - if args.verbose: - log.debug("Response from get_policy_store: %s", details) - - if args.verbose: - log.debug("Disabling schema validation before updating schema") - - response = client.update_policy_store( - policyStoreId=policy_store_id, - validationSettings={ - "mode": "OFF", - }, - description=details["description"], - ) - - if args.verbose: - log.debug("Response from update_policy_store: %s", response) - schema_path = Path(__file__).parents[0].joinpath("schema.json").resolve() with open(schema_path) as schema_file: response = client.put_schema( @@ -175,17 +151,3 @@ def _set_schema(client: BaseClient, policy_store_id: str, args) -> None: log.debug("Response from put_schema: %s", response) print("Policy store schema updated.") - - if args.verbose: - log.debug("Enabling schema validation after updating schema") - - response = client.update_policy_store( - policyStoreId=policy_store_id, - validationSettings={ - "mode": "STRICT", - }, - description=details["description"], - ) - - if args.verbose: - log.debug("Response from update_policy_store: %s", response) diff --git a/tests/providers/amazon/aws/auth_manager/cli/test_avp_commands.py b/tests/providers/amazon/aws/auth_manager/cli/test_avp_commands.py index 8787c22fa81be..c9bf7ffe2f129 100644 --- a/tests/providers/amazon/aws/auth_manager/cli/test_avp_commands.py +++ b/tests/providers/amazon/aws/auth_manager/cli/test_avp_commands.py @@ -65,7 +65,6 @@ def test_init_avp_with_no_existing_resources(self, mock_get_client, dry_run, ver mock_boto3.get_paginator.return_value = paginator mock_boto3.create_policy_store.return_value = {"policyStoreId": policy_store_id} - mock_boto3.get_policy_store.return_value = {"description": policy_store_description} with conf_vars({("database", "check_migrations"): "False"}): params = [ @@ -82,16 +81,14 @@ def test_init_avp_with_no_existing_resources(self, mock_get_client, dry_run, ver if dry_run: mock_boto3.create_policy_store.assert_not_called() - mock_boto3.update_policy_store.assert_not_called() mock_boto3.put_schema.assert_not_called() else: mock_boto3.create_policy_store.assert_called_once_with( validationSettings={ - "mode": "OFF", + "mode": "STRICT", }, description=policy_store_description, ) - assert mock_boto3.update_policy_store.call_count == 2 mock_boto3.put_schema.assert_called_once_with( policyStoreId=policy_store_id, definition={ @@ -164,10 +161,8 @@ def test_update_schema(self, mock_get_client, dry_run, verbose): update_schema(self.arg_parser.parse_args(params)) if dry_run: - mock_boto3.update_policy_store.assert_not_called() mock_boto3.put_schema.assert_not_called() else: - assert mock_boto3.update_policy_store.call_count == 2 mock_boto3.put_schema.assert_called_once_with( policyStoreId=policy_store_id, definition={