def _handle_response_code(response_data, attempt, aggregated_error_message):
max_attempts = 10
LOG.debug('Response: ' + str(response_data))
status = response_data['ResponseMetadata']['HTTPStatusCode']
LOG.debug('API call finished, status = ' + str(status))
try:
message = str(response_data['Error']['Message'])
except KeyError:
message = ""
if status == 400:
error = _get_400_error(response_data, message)
if isinstance(error, ThrottlingError):
LOG.debug('Received throttling error')
if attempt > max_attempts:
raise MaxRetriesError('Max retries exceeded for '
'throttling error')
else:
raise error
elif status == 403:
LOG.debug('Received a 403')
if not message:
message = 'Are your permissions correct?'
if _region_name == 'cn-north-1':
raise NotAuthorizedInRegionError(
'Operation Denied. ' + message + '\n' +
strings['region.china.credentials'])
else:
raise NotAuthorizedError('Operation Denied. ' + message)
elif status == 404:
LOG.debug('Received a 404')
raise NotFoundError(message)
elif status == 409:
LOG.debug('Received a 409')
raise AlreadyExistsError(message)
elif status in (500, 503, 504):
LOG.debug('Received 5XX error')
retry_failure_message = \
'Received 5XX error during attempt #{0}\n {1}\n'.format(
str(attempt),
message
)
aggregated_error_message.insert(attempt, retry_failure_message)
if attempt > max_attempts:
_handle_500_error(('\n').join(aggregated_error_message))
else:
raise ServiceError('API Call unsuccessful. '
'Status code returned ' + str(status))
def create_default_service_role():
"""
Create the default service role
"""
io.log_info('Creating service role {} with default permissions.'
.format(DEFAULT_SERVICE_ROLE_NAME))
trust_document = _get_default_service_trust_document()
role_name = DEFAULT_SERVICE_ROLE_NAME
try:
iam.create_role_with_policy(role_name, trust_document,
DEFAULT_SERVICE_ROLE_POLICIES)
except NotAuthorizedError as e:
raise NotAuthorizedError(prompts['create.servicerole.nopermissions']
.format(DEFAULT_SERVICE_ROLE_NAME, e))
return DEFAULT_SERVICE_ROLE_NAME