mirror of
https://github.com/tiennm99/litellm.git
synced 2026-07-11 15:05:47 +00:00
6fdfdd27b5
1. Cross-account false match: Added _parse_arn_account_and_role_name() helper that compares partition + account ID + role name (not just role name) to prevent same-name-different-account false matches. 2. SSL verify: _is_already_running_as_role() now passes ssl_verify to the STS client via self._get_ssl_verify(), consistent with all other boto3 client creation in this module. 3. Overbroad AccessDenied fallback: The catch in _auth_with_aws_role now only falls back to ambient credentials when _is_already_running_as_role positively confirms the caller is the target role. Genuine trust-policy or permission misconfigurations are re-raised. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
In total litellm runs 1000+ tests
[02/20/2025] Update:
To make it easier to contribute and map what behavior is tested,
we've started mapping the litellm directory in tests/test_litellm
This folder can only run mock tests.