feature added: support for api RolePermissionsBoundary (#3329)

* feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary * minor test fix * lint fixed * refractored test case * Issue 3224 s3 copy glacier object (#3318) * 3224 Enhancement - S3 Copy restored glacier objects - adds setter for expiry date - copy sets expiry date to none when source is glacier object - throws error for copying glacier object only if not restored/still restoring * 3224 Enhancement - S3 Copy restored glacier objects - throws error for copying deep archive object only if not restored/still restoring * Fix:s3 List Object response:delimiter (#3254) * Fix:s3 List Object delimiter in response * fixed tests * fixed failed tests Co-authored-by: usmankb <usman@krazybee.com> * feature added: support for api PutUserPermissionsBoundary; DeleteRolePermissionsBoundary * minor test fix * lint fixed * refractored test case * added test case for put role exception Co-authored-by: ruthbovell <63656505+ruthbovell@users.noreply.github.com> Co-authored-by: usmangani1 <sgosman_chem@yahoo.com> Co-authored-by: usmankb <usman@krazybee.com>
2020-09-22 17:13:59 +05:30 · 2020-09-22 17:13:59 +05:30 · 427a222aa0
commit 427a222aa0
parent 958e95cf5c
3 changed files with 49 additions and 3 deletions
--- a/moto/iam/responses.py
+++ b/moto/iam/responses.py
@ -265,6 +265,19 @@ class IamResponse(BaseResponse):
        template = self.response_template(UPDATE_ROLE_TEMPLATE)
        return template.render(role=role)

+    def put_role_permissions_boundary(self):
+        permissions_boundary = self._get_param("PermissionsBoundary")
+        role_name = self._get_param("RoleName")
+        iam_backend.put_role_permissions_boundary(role_name, permissions_boundary)
+        template = self.response_template(GENERIC_EMPTY_TEMPLATE)
+        return template.render(name="PutRolePermissionsBoundary")
+
+    def delete_role_permissions_boundary(self):
+        role_name = self._get_param("RoleName")
+        iam_backend.delete_role_permissions_boundary(role_name)
+        template = self.response_template(GENERIC_EMPTY_TEMPLATE)
+        return template.render(name="DeleteRolePermissionsBoundary")
+
    def create_policy_version(self):
        policy_arn = self._get_param("PolicyArn")
        policy_document = self._get_param("PolicyDocument")
@ -1315,6 +1328,12 @@ GET_ROLE_TEMPLATE = """<GetRoleResponse xmlns="https://iam.amazonaws.com/doc/201
      <CreateDate>{{ role.created_iso_8601 }}</CreateDate>
      <RoleId>{{ role.id }}</RoleId>
      <MaxSessionDuration>{{ role.max_session_duration }}</MaxSessionDuration>
+      {% if role.permissions_boundary %}
+      <PermissionsBoundary>
+          <PermissionsBoundaryType>PermissionsBoundaryPolicy</PermissionsBoundaryType>
+          <PermissionsBoundaryArn>{{ role.permissions_boundary }}</PermissionsBoundaryArn>
+      </PermissionsBoundary>
+      {% endif %}
      {% if role.tags %}
      <Tags>
        {% for tag in role.get_tags() %}