Implementing IAM policy versions
Adding definitions for create, list, and delete policy_versions
This commit is contained in:
Kate Heddleston
parent
df84675ae6
commit
e307dc38e6
2 changed files with 85 additions and 0 deletions
|
|
@ -43,6 +43,7 @@ class Policy(BaseModel):
|
|||
self.id = random_policy_id()
|
||||
self.path = path or '/'
|
||||
self.default_version_id = default_version_id or 'v1'
|
||||
self.versions = []
|
||||
|
||||
self.create_datetime = datetime.now(pytz.utc)
|
||||
self.update_datetime = datetime.now(pytz.utc)
|
||||
|
|
@ -52,6 +53,20 @@ class Policy(BaseModel):
|
|||
return 'arn:aws:iam::aws:policy{0}{1}'.format(self.path, self.name)
|
||||
|
||||
|
||||
class Version(object):
|
||||
|
||||
def __init__(self,
|
||||
policy_arn,
|
||||
document,
|
||||
is_default_version=False):
|
||||
self.policy_arn = policy_arn
|
||||
self.document = document or {}
|
||||
self.is_default_version = is_default_version
|
||||
self.version_id = 'v1'
|
||||
|
||||
self.create_datetime = datetime.now(pytz.utc)
|
||||
|
||||
|
||||
class ManagedPolicy(Policy):
|
||||
"""Managed policy."""
|
||||
|
||||
|
|
@ -536,6 +551,15 @@ class IAMBackend(BaseBackend):
|
|||
|
||||
return policies, marker
|
||||
|
||||
def get_policy(self, policy_name):
|
||||
policy = self.managed_policies[policy_name]
|
||||
if not policy:
|
||||
raise IAMNotFoundException("Policy {0} not found".format(policy_name))
|
||||
return policy
|
||||
|
||||
def get_policies(self):
|
||||
return self.managed_policies.values()
|
||||
|
||||
def create_role(self, role_name, assume_role_policy_document, path):
|
||||
role_id = random_resource_id()
|
||||
role = Role(role_id, role_name, assume_role_policy_document, path)
|
||||
|
|
@ -568,6 +592,24 @@ class IAMBackend(BaseBackend):
|
|||
role = self.get_role(role_name)
|
||||
return role.policies.keys()
|
||||
|
||||
def create_policy_version(self, policy_arn, policy_document, set_as_default):
|
||||
policy_name = policy_arn.split(':')[-1]
|
||||
policy_name = policy_name.split('/')[1]
|
||||
policy = self.get_policy(policy_name)
|
||||
version = Version(policy_arn, policy_document, set_as_default)
|
||||
policy.versions.append(version)
|
||||
if set_as_default:
|
||||
policy.default_version_id = version.version_id
|
||||
|
||||
def delete_policy_version(self, policy_arn, version_id):
|
||||
policy_name = policy_arn.split(':')[-1]
|
||||
policy_name = policy_name.split('/')[1]
|
||||
policy = self.get_policy(policy_name)
|
||||
for i, v in enumerate(policy.versions):
|
||||
if v.version_id == version_id:
|
||||
del policy.versions[i]
|
||||
return
|
||||
|
||||
def create_instance_profile(self, name, path, role_ids):
|
||||
instance_profile_id = random_resource_id()
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue