def delete_iam_role( role_name: str, region: Optional[str] = None, quiet: bool = True ) -> None: from boto.iam.connection import IAMConnection # TODO: the Boto3 type hints are a bit oversealous here; they want hundreds # of overloads of the client-getting methods to exist based on the literal # string passed in, to return exactly the right kind of client or resource. # So we end up having to wrap all the calls in casts, which kind of defeats # the point of a nice fluent method you can call with the name of the thing # you want; we should have been calling iam_client() and so on all along if # we wanted MyPy to be able to understand us. So at some point we should # consider revising our API here to be less annoying to explain to the type # checker. iam_client = cast(IAMClient, session.client('iam', region_name=region)) iam_resource = cast(IAMServiceResource, session.resource('iam', region_name=region)) boto_iam_connection = IAMConnection() role = iam_resource.Role(role_name) # normal policies for attached_policy in role.attached_policies.all(): printq(f'Now dissociating policy: {attached_policy.policy_name} from role {role.name}', quiet) role.detach_policy(PolicyArn=attached_policy.arn) # inline policies for inline_policy in role.policies.all(): printq(f'Deleting inline policy: {inline_policy.policy_name} from role {role.name}', quiet) # couldn't find an easy way to remove inline policies with boto3; use boto boto_iam_connection.delete_role_policy(role.name, inline_policy.policy_name) iam_client.delete_role(RoleName=role_name) printq(f'Role {role_name} successfully deleted.', quiet)
def delete_iam_role(role_name: str, region: Optional[str] = None, quiet: bool = True): from boto.iam.connection import IAMConnection iam_client = aws.client('iam', region_name=region) iam_resource = aws.resource('iam', region_name=region) boto_iam_connection = IAMConnection() role = iam_resource.Role(role_name) # normal policies for attached_policy in role.attached_policies.all(): printq( f'Now dissociating policy: {attached_policy.name} from role {role.name}', quiet) role.detach_policy(PolicyName=attached_policy.name) # inline policies for attached_policy in role.policies.all(): printq( f'Deleting inline policy: {attached_policy.name} from role {role.name}', quiet) # couldn't find an easy way to remove inline policies with boto3; use boto boto_iam_connection.delete_role_policy(role.name, attached_policy.name) iam_client.delete_role(RoleName=role_name) printq(f'Role {role_name} successfully deleted.', quiet)