def main(self): if self.args.get('recursive') or self.args.get('pretend'): # Figure out what we have to delete req = GetInstanceProfile( config=self.config, service=self.service, InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() roles = [] for role in response.get('InstanceProfile', {}).get('Roles') or []: roles.append({ 'arn': role.get('Arn'), 'name': role.get('RoleName') }) else: # Just in case roles = [] if self.args.get('pretend'): return {'roles': roles} else: if self.args.get('recursive'): for role in roles: req = RemoveRoleFromInstanceProfile( config=self.config, service=self.service, RoleName=role['name'], InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) req.main() return self.send()
def main(self): if self.args.get('recursive') or self.args.get('pretend'): # Figure out what we have to delete req = GetInstanceProfile.from_other( self, InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() roles = [] for role in response.get('InstanceProfile', {}).get('Roles') or []: roles.append({'arn': role.get('Arn'), 'name': role.get('RoleName')}) else: # Just in case roles = [] if self.args.get('pretend'): return {'roles': roles} else: if self.args.get('recursive'): for role in roles: req = RemoveRoleFromInstanceProfile.from_other( self, RoleName=role['name'], InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) req.main() return self.send()
def main(self): if self.args.get('recursive') or self.args.get('pretend'): # Figure out what we have to delete req = ListInstanceProfilesForRole.from_other( self, RoleName=self.args['RoleName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() instance_profiles = [] for profile in response.get('InstanceProfiles') or []: instance_profiles.append({ 'arn': profile.get('Arn'), 'name': profile.get('InstanceProfileName') }) req = ListRolePolicies.from_other( self, RoleName=self.args['RoleName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() policies = [] for policy in response.get('PolicyNames') or []: policies.append(policy) else: # Just in case instance_profiles = [] policies = [] if self.args.get('pretend'): return { 'instance_profiles': instance_profiles, 'policies': policies } else: if self.args.get('recursive'): for profile in instance_profiles: req = RemoveRoleFromInstanceProfile.from_other( self, RoleName=self.args['RoleName'], InstanceProfileName=profile['name'], DelegateAccount=self.args.get('DelegateAccount')) req.main() for policy in policies: req = DeleteRolePolicy.from_other( self, RoleName=self.args['RoleName'], PolicyName=policy, DelegateAccount=self.args.get('DelegateAccount')) req.main() return self.send()
def main(self): if self.args.get('recursive') or self.args.get('pretend'): # Figure out what we have to delete req = ListInstanceProfilesForRole.from_other( self, RoleName=self.args['RoleName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() instance_profiles = [] for profile in response.get('InstanceProfiles') or []: instance_profiles.append( {'arn': profile.get('Arn'), 'name': profile.get('InstanceProfileName')}) req = ListRolePolicies.from_other( self, RoleName=self.args['RoleName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() policies = [] for policy in response.get('PolicyNames') or []: policies.append(policy) else: # Just in case instance_profiles = [] policies = [] if self.args.get('pretend'): return {'instance_profiles': instance_profiles, 'policies': policies} else: if self.args.get('recursive'): for profile in instance_profiles: req = RemoveRoleFromInstanceProfile.from_other( self, RoleName=self.args['RoleName'], InstanceProfileName=profile['name'], DelegateAccount=self.args.get('DelegateAccount')) req.main() for policy in policies: req = DeleteRolePolicy.from_other( self, RoleName=self.args['RoleName'], PolicyName=policy, DelegateAccount=self.args.get('DelegateAccount')) req.main() return self.send()
def main(self): if self.args.get('recursive') or self.args.get('pretend'): # Figure out what we have to delete req = GetInstanceProfile.from_other( self, InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() roles = [] for role in response.get('InstanceProfile', {}).get('Roles') or []: roles.append({ 'arn': role.get('Arn'), 'name': role.get('RoleName') }) else: # Just in case roles = [] if self.args.get('pretend'): return {'roles': roles} else: if self.args.get('recursive'): for role in roles: req = RemoveRoleFromInstanceProfile.from_other( self, RoleName=role['name'], InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) req.main() # This role could be attached to another instance # profile, which means that a truly-recursive delete # would need to also remove it from that instance # profile, delete all of the role's policies, and # so on. The failure modes for this are rather nasty, # so we don't tell DeleteRole to delete recursively; # if the same role belongs to more than one instance # profile then DeleteRole will simply fail harmlessly. req = DeleteRole.from_other( self, RoleName=role['name'], DelegateAccount=self.args.get('DelegateAccount')) req.main() return self.send()
def main(self): if self.args.get('recursive') or self.args.get('pretend'): # Figure out what we have to delete req = GetInstanceProfile.from_other( self, InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) response = req.main() roles = [] for role in response.get('InstanceProfile', {}).get('Roles') or []: roles.append({'arn': role.get('Arn'), 'name': role.get('RoleName')}) else: # Just in case roles = [] if self.args.get('pretend'): return {'roles': roles} else: if self.args.get('recursive'): for role in roles: req = RemoveRoleFromInstanceProfile.from_other( self, RoleName=role['name'], InstanceProfileName=self.args['InstanceProfileName'], DelegateAccount=self.args.get('DelegateAccount')) req.main() # This role could be attached to another instance # profile, which means that a truly-recursive delete # would need to also remove it from that instance # profile, delete all of the role's policies, and # so on. The failure modes for this are rather nasty, # so we don't tell DeleteRole to delete recursively; # if the same role belongs to more than one instance # profile then DeleteRole will simply fail harmlessly. req = DeleteRole.from_other( self, RoleName=role['name'], DelegateAccount=self.args.get('DelegateAccount')) req.main() return self.send()