def create_service_linked_role(self): service_name = self._get_param("AWSServiceName") description = self._get_param("Description") # TODO: how to support "CustomSuffix" API request parameter? policy_doc = json.dumps({ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": service_name }, "Action": "sts:AssumeRole", }], }) path = f"{SERVICE_LINKED_ROLE_PATH_PREFIX}/{service_name}" role_name = f"r-{short_uid()}" role = moto_iam_backend.create_role( role_name=role_name, assume_role_policy_document=policy_doc, path=path, permissions_boundary="", description=description, tags={}, max_session_duration=3600, ) template = self.response_template(GET_ROLE_TEMPLATE) role.service_linked_role_arn = "arn:aws:iam::{0}:role/aws-service-role/{1}/{2}".format( constants.TEST_AWS_ACCOUNT_ID, service_name, role.name) result = re.sub( r"<(/)?GetRole", r"<\1CreateServiceLinkedRole", template.render(role=role), ) return result
def create_service_linked_role(self): name_prefix = 'service-linked-role' service_name = self._get_param('AWSServiceName') description = self._get_param('Description') # TODO: how to support "CustomSuffix" API request parameter? policy_doc = json.dumps({ 'Version': '2012-10-17', 'Statement': [{ 'Effect': 'Allow', 'Principal': { 'Service': service_name }, 'Action': 'sts:AssumeRole' }] }) role = moto_iam_backend.create_role( role_name='%s-%s' % (name_prefix, short_uid()), assume_role_policy_document=policy_doc, path='/', permissions_boundary='', description=description, tags={}, max_session_duration=3600) template = self.response_template(GET_ROLE_TEMPLATE) role.service_linked_role_arn = 'arn:aws:iam::{0}:role/aws-service-role/{1}/{2}'.format( constants.TEST_AWS_ACCOUNT_ID, service_name, role.name) result = re.sub(r'<(/)?GetRole', r'<\1CreateServiceLinkedRole', template.render(role=role)) return result
def create_service_linked_role( self, context: RequestContext, aws_service_name: groupNameType, description: roleDescriptionType = None, custom_suffix: customSuffixType = None, ) -> CreateServiceLinkedRoleResponse: # TODO: test # TODO: how to support "CustomSuffix" API request parameter? policy_doc = json.dumps({ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": aws_service_name }, "Action": "sts:AssumeRole", }], }) path = f"{SERVICE_LINKED_ROLE_PATH_PREFIX}/{aws_service_name}" role_name = f"r-{short_uid()}" role = moto_iam_backend.create_role( role_name=role_name, assume_role_policy_document=policy_doc, path=path, permissions_boundary="", description=description, tags={}, max_session_duration=3600, ) role.service_linked_role_arn = "arn:aws:iam::{0}:role/aws-service-role/{1}/{2}".format( constants.TEST_AWS_ACCOUNT_ID, aws_service_name, role.name) res_role = self.moto_role_to_role_type(role) return CreateServiceLinkedRoleResponse(Role=res_role)