mirror of
https://github.com/tiennm99/litellm.git
synced 2026-07-13 03:05:31 +00:00
6fdfdd27b5
1. Cross-account false match: Added _parse_arn_account_and_role_name() helper that compares partition + account ID + role name (not just role name) to prevent same-name-different-account false matches. 2. SSL verify: _is_already_running_as_role() now passes ssl_verify to the STS client via self._get_ssl_verify(), consistent with all other boto3 client creation in this module. 3. Overbroad AccessDenied fallback: The catch in _auth_with_aws_role now only falls back to ambient credentials when _is_already_running_as_role positively confirms the caller is the target role. Genuine trust-policy or permission misconfigurations are re-raised. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Testing for litellm/
This directory 1:1 maps the the litellm/ directory, and can only contain mocked tests.
The point of this is to:
- Increase test coverage of
litellm/ - Make it easy for contributors to add tests for the
litellm/package and easily run tests without needing LLM API keys.
File name conventions
litellm/proxy/test_caching_routes.pymaps tolitellm/proxy/caching_routes.pytest_<filename>.pymaps tolitellm/<filename>.py