Python delete_policy Exemples, aws_idem.iam.policy.delete_policy Python Exemples

Exemple #1

0

Afficher le fichier

Fichier : test_policy.py Projet : tflynn/aws_idem

    def test_006_delete_non_existent_policy_by_arn(self):

        policy_arn = 'arn:aws:iam::097064421904:policy/test_policy_ecr_ro'

        # Do it this way so placebo-based testing works
        iam_client = self.boto3_session.client('iam')

        response = policy_m.delete_policy(client=iam_client,
                                          policy_arn=policy_arn)
        self.assertTrue("error" in response)

Exemple #2

0

Afficher le fichier

Fichier : test_policy.py Projet : tflynn/aws_idem

    def test_005_delete_non_existent_policy_by_name(self):

        data = self.test_data['policy_data']
        policy_name = data['policy_name']

        # Do it this way so placebo-based testing works
        iam_client = self.boto3_session.client('iam')

        response = policy_m.delete_policy(client=iam_client,
                                          policy_name=policy_name)
        self.assertTrue("error" in response)

Exemple #3

0

Afficher le fichier

Fichier : test_policy.py Projet : tflynn/aws_idem

    def test_003_delete_existing_policy_by_name(self):

        data = self.test_data['policy_data']
        policy_name = data['policy_name']

        # Do it this way so placebo-based testing works
        iam_client = self.boto3_session.client('iam')

        response = policy_m.delete_policy(client=iam_client,
                                          policy_name=policy_name)
        self.assertEqual(response['deleted'], True)
        self.assertEqual(response['policy_name'], policy_name)

Exemple #4

0

Afficher le fichier

Fichier : test_policy.py Projet : tflynn/aws_idem

    def test_004_delete_existing_policy_by_arn(self):

        # Have to recreate policy because previous test deleted it
        data = self.test_data['policy_data']

        policy_resources = [self.test_data['ecr_repo_data']['repositoryArn']]
        policy_doc_json_str = self.policy_document(policy_resources)

        # Do it this way so placebo-based testing works
        iam_client = self.boto3_session.client('iam')

        response = policy_m.create_policy(client=iam_client,
                                          policy_name=data['policy_name'],
                                          policy_document=policy_doc_json_str,
                                          description=data['policy_name'])

        policy_arn = response['policy']['Arn']

        response = policy_m.delete_policy(client=iam_client,
                                          policy_arn=policy_arn)
        self.assertEqual(response['deleted'], True)
        self.assertEqual(response['policy_arn'], policy_arn)

Exemple #5

0

Afficher le fichier

def policy_action(module,
                  state=None,
                  policy_name=None,
                  policy_arn=None,
                  policy_document=None,
                  path=None,
                  description=None):
    """
    Execute the actions needed to bring the policy into the specified state.

    Args:
        module (obj): Ansible module
        state (str): Ansible state - 'present' | 'absent'
        policy_name (str): Policy name. One and only one of policy name or policy ARN must be given.
        policy_arn (str): Policy ARN. One and only one of policy name or policy ARN must be given.
        policy_document(dict): JSON policy document
        path (str): Policy path
        description (str): Policy description. Defaults to 'policy_name'

    Returns:
        Success:
            (bool) changed, (dict) policy object (see boto3.get_policy docs)
        Failure:
            Invokes  module.fail_json with suitable text at point of error
    """

    changed = False
    policy = None
    error = {}

    if state == 'present':
        try:
            if isinstance(policy_document, dict):
                policy_document = json.dumps(policy_document)

            response = policy_m.create_policy(policy_name=policy_name,
                                              path=path,
                                              policy_document=policy_document,
                                              description=description)

            if 'error' in response:
                error = response['error']
            else:
                if response['state'] == 'New':
                    changed = True
                policy = response['policy']

        except Exception as e:
            module.fail_json(msg='policy action {0} failed: {1} {2}'.format(
                'present', e, traceback.format_exc()))

    elif state == 'absent':
        try:
            response = policy_m.delete_policy(policy_name=policy_name,
                                              path=path)

            if 'error' in response:
                error = response['error']
            else:
                changed = True
                policy = response['policy']

        except Exception as e:
            module.fail_json(msg='policy action {0} failed: {1} {2}'.format(
                'absent', e, traceback.format_exc()))

    else:
        error = {"error": "state must be either 'present' or 'absent'"}

    if error:
        module.fail_json(msg='policy action failed: {0}'.format(error))

    return changed, policy