Why This Matters
this module is the safety boundary for a generic read-only AWS tool.
Read First
app/services/aws_sdk_client.pyapp/tools/AWSOperationTool/__init__.py
Scope
- Add direct tests for
_is_operation_allowed().
- Add direct tests for
_sanitize_response().
- Add direct tests for
execute_aws_sdk_call() using a fake boto3 client.
Tests / Coverage
tests/services/test_aws_sdk_client.py- cover blocked operation names
- cover datetime, bytes, deep nesting, and oversized lists in sanitization
- cover missing operation and credentials errors
Acceptance Criteria
- allowlist and blocklist behavior is directly tested
- sanitization behavior is locked down
- the tests are fully offline
Why This Matters
this module is the safety boundary for a generic read-only AWS tool.
Read First
app/services/aws_sdk_client.pyapp/tools/AWSOperationTool/__init__.pyScope
_is_operation_allowed()._sanitize_response().execute_aws_sdk_call()using a fake boto3 client.Tests / Coverage
tests/services/test_aws_sdk_client.pyAcceptance Criteria