Пример #1
0
def _handle_response_code(response_data, attempt, aggregated_error_message):
    max_attempts = 10

    LOG.debug('Response: ' + str(response_data))
    status = response_data['ResponseMetadata']['HTTPStatusCode']
    LOG.debug('API call finished, status = ' + str(status))
    try:
        message = str(response_data['Error']['Message'])
    except KeyError:
        message = ""
    if status == 400:
        error = _get_400_error(response_data, message)
        if isinstance(error, ThrottlingError):
            LOG.debug('Received throttling error')
            if attempt > max_attempts:
                raise MaxRetriesError('Max retries exceeded for '
                                      'throttling error')
        else:
            raise error
    elif status == 403:
        LOG.debug('Received a 403')
        if not message:
            message = 'Are your permissions correct?'
        if _region_name == 'cn-north-1':
            raise NotAuthorizedInRegionError(
                'Operation Denied. ' + message + '\n' +
                strings['region.china.credentials'])
        else:
            raise NotAuthorizedError('Operation Denied. ' + message)
    elif status == 404:
        LOG.debug('Received a 404')
        raise NotFoundError(message)
    elif status == 409:
        LOG.debug('Received a 409')
        raise AlreadyExistsError(message)
    elif status in (500, 503, 504):
        LOG.debug('Received 5XX error')
        retry_failure_message = \
            'Received 5XX error during attempt #{0}\n   {1}\n'.format(
                str(attempt),
                message
            )

        aggregated_error_message.insert(attempt, retry_failure_message)

        if attempt > max_attempts:
            _handle_500_error(('\n').join(aggregated_error_message))
    else:
        raise ServiceError('API Call unsuccessful. '
                           'Status code returned ' + str(status))
Пример #2
0
def create_default_service_role():
    """
    Create the default service role
    """
    io.log_info('Creating service role {} with default permissions.'
                .format(DEFAULT_SERVICE_ROLE_NAME))
    trust_document = _get_default_service_trust_document()
    role_name = DEFAULT_SERVICE_ROLE_NAME

    try:
        iam.create_role_with_policy(role_name, trust_document,
                                    DEFAULT_SERVICE_ROLE_POLICIES)
    except NotAuthorizedError as e:
        raise NotAuthorizedError(prompts['create.servicerole.nopermissions']
                                 .format(DEFAULT_SERVICE_ROLE_NAME, e))

    return DEFAULT_SERVICE_ROLE_NAME