Beispiel #1
0
func (r *Role) ListRolePolicies(cli *iam.IAM, rolename string) {
	req := &iam.ListRolePoliciesInput{
		RoleName: aws.String(rolename),
	}
	resp, err := cli.ListRolePolicies(req)

	if err != nil {
		panic(err)
	}
	if len(resp.PolicyNames) < 1 {
		fmt.Println("\tnot found")
		return
	}
	for i := 0; i < len(resp.PolicyNames); i++ {
		fmt.Printf("\t%s\n", *resp.PolicyNames[i])
	}
}
func attachPolicyToRoles(conn *iam.IAM, roles []*string, arn string) error {
	for _, r := range roles {
		_, err := conn.AttachRolePolicy(&iam.AttachRolePolicyInput{
			RoleName:  r,
			PolicyArn: aws.String(arn),
		})
		if err != nil {
			return err
		}

		var attachmentErr error
		attachmentErr = resource.Retry(2*time.Minute, func() *resource.RetryError {

			input := iam.ListRolePoliciesInput{
				RoleName: r,
			}

			attachedPolicies, err := conn.ListRolePolicies(&input)
			if err != nil {
				return resource.NonRetryableError(err)
			}

			if len(attachedPolicies.PolicyNames) > 0 {
				var foundPolicy bool
				for _, policyName := range attachedPolicies.PolicyNames {
					if strings.HasSuffix(arn, *policyName) {
						foundPolicy = true
						break
					}
				}

				if !foundPolicy {
					return resource.NonRetryableError(err)
				}
			}

			return nil
		})

		if attachmentErr != nil {
			return attachmentErr
		}
	}
	return nil
}