How to use the cloudaux.aws.iam.put_role_policy function in cloudaux

To help you get started, we’ve selected a few cloudaux examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Netflix / repokid / repokid / cli / repokid_cli.py View on Github external
conn (dict)

    Returns:
        error (string) or None
    """
    LOGGER.info(
        "Replacing Policies With: \n{} (role: {} account: {})".format(
            json.dumps(repoed_policies, indent=2, sort_keys=True),
            role.role_name,
            account_number,
        )
    )

    for policy_name, policy in repoed_policies.items():
        try:
            put_role_policy(
                RoleName=role.role_name,
                PolicyName=policy_name,
                PolicyDocument=json.dumps(policy, indent=2, sort_keys=True),
                **conn
            )

        except botocore.exceptions.ClientError as e:
            error = "Exception calling PutRolePolicy on {role}/{policy} in account {account}\n{e}\n".format(
                role=role.role_name,
                policy=policy_name,
                account=account_number,
                e=str(e),
            )
            return error
github Netflix / repokid / repokid / cli / repokid_cli.py View on Github external
if not commit:
        return False

    # if we're restoring from a version with fewer policies than we have now, we need to remove them to
    # complete the restore.  To do so we'll store all the policy names we currently have and remove them
    # from the list as we update.  Any policy names left need to be manually removed
    policies_to_remove = current_policies.keys()

    for policy_name, policy in role.policies[int(selection)]["Policy"].items():
        try:
            LOGGER.info(
                f"Pushing cached policy: {policy_name} (role: {role.role_name} account {account_number})"
            )

            put_role_policy(
                RoleName=role.role_name,
                PolicyName=policy_name,
                PolicyDocument=json.dumps(policy, indent=2, sort_keys=True),
                **conn
            )

        except botocore.exceptions.ClientError as e:
            message = "Unable to push policy {}.  Error: {} (role: {} account {})".format(
                policy_name, e.message, role.role_name, account_number
            )
            LOGGER.error(message)
            errors.append(message)

        else:
            # remove the policy name if it's in the list
            try: