From 123d59af71a303998aa21f0b12ca13c3c8f94687 Mon Sep 17 00:00:00 2001
From: Calum Barnett <calum.barnett@digital.justice.gov.uk>
Date: Thu, 22 Aug 2024 20:06:40 +0100
Subject: [PATCH] Update test

---
 tests/test_pull.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tests/test_pull.py b/tests/test_pull.py
index 419d2e1..f88f12f 100644
--- a/tests/test_pull.py
+++ b/tests/test_pull.py
@@ -29,6 +29,19 @@ def test_create_pull_bucket_policy():
             "principals": [{"identifiers": ["arn-one", "arn-two"], "type": "AWS"}],
             "resources": ["arn:aws:s3:::test-bucket"],
         },
+        {
+            "actions": ["s3:*"],
+            "conditions": [
+                {
+                    "test": "NumericLessThan",
+                    "variable": "s3:TlsVersion",
+                    "values": ["1.2"],
+                }
+            ],
+            "effect": "Deny",
+            "principals": [{"identifiers": ["*"], "type": "AWS"}],
+            "resources": ["arn:aws:s3:::test-bucket", "arn:aws:s3:::test-bucket/*"],
+        },
     ]
     return Output.all(policy.statements, expected).apply(
         assert_pulumi_output_equals_expected