Implemented IAM delete_instance_profile (#3020)

* Implemented IAM delete_instance_profile * PR adjustment: positively verifying instance profile deletion in test case. Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
2020-05-27 13:22:06 -04:00 · 2020-05-27 13:22:06 -04:00 · 4303123312
commit 4303123312
parent 4d3e3c8c5e
3 changed files with 42 additions and 0 deletions
--- a/moto/iam/models.py
+++ b/moto/iam/models.py
@ -1341,6 +1341,15 @@ class IAMBackend(BaseBackend):
        self.instance_profiles[name] = instance_profile
        return instance_profile

+    def delete_instance_profile(self, name):
+        instance_profile = self.get_instance_profile(name)
+        if len(instance_profile.roles) > 0:
+            raise IAMConflictException(
+                code="DeleteConflict",
+                message="Cannot delete entity, must remove roles from instance profile first.",
+            )
+        del self.instance_profiles[name]
+
    def get_instance_profile(self, profile_name):
        for profile in self.get_instance_profiles():
            if profile.name == profile_name:
--- a/moto/iam/responses.py
+++ b/moto/iam/responses.py
@ -305,6 +305,13 @@ class IamResponse(BaseResponse):
        template = self.response_template(CREATE_INSTANCE_PROFILE_TEMPLATE)
        return template.render(profile=profile)

+    def delete_instance_profile(self):
+        profile_name = self._get_param("InstanceProfileName")
+
+        profile = iam_backend.delete_instance_profile(profile_name)
+        template = self.response_template(DELETE_INSTANCE_PROFILE_TEMPLATE)
+        return template.render(profile=profile)
+
    def get_instance_profile(self):
        profile_name = self._get_param("InstanceProfileName")
        profile = iam_backend.get_instance_profile(profile_name)
@ -1180,6 +1187,12 @@ CREATE_INSTANCE_PROFILE_TEMPLATE = """<CreateInstanceProfileResponse xmlns="http
  </ResponseMetadata>
 </CreateInstanceProfileResponse>"""

+DELETE_INSTANCE_PROFILE_TEMPLATE = """<DeleteInstanceProfileResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <ResponseMetadata>
+    <RequestId>786dff92-6cfd-4fa4-b1eb-27EXAMPLE804</RequestId>
+  </ResponseMetadata>
+</DeleteInstanceProfileResponse>"""
+
 GET_INSTANCE_PROFILE_TEMPLATE = """<GetInstanceProfileResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
  <GetInstanceProfileResult>
    <InstanceProfile>
--- a/tests/test_iam/test_iam.py
+++ b/tests/test_iam/test_iam.py
@ -206,6 +206,26 @@ def test_remove_role_from_instance_profile():
    dict(profile.roles).should.be.empty


+@mock_iam()
+def test_delete_instance_profile():
+    conn = boto3.client("iam", region_name="us-east-1")
+    conn.create_role(
+        RoleName="my-role", AssumeRolePolicyDocument="some policy", Path="/my-path/"
+    )
+    conn.create_instance_profile(InstanceProfileName="my-profile")
+    conn.add_role_to_instance_profile(
+        InstanceProfileName="my-profile", RoleName="my-role"
+    )
+    with assert_raises(conn.exceptions.DeleteConflictException):
+        conn.delete_instance_profile(InstanceProfileName="my-profile")
+    conn.remove_role_from_instance_profile(
+        InstanceProfileName="my-profile", RoleName="my-role"
+    )
+    conn.delete_instance_profile(InstanceProfileName="my-profile")
+    with assert_raises(conn.exceptions.NoSuchEntityException):
+        profile = conn.get_instance_profile(InstanceProfileName="my-profile")
+
+
@mock_iam()
 def test_get_login_profile():
    conn = boto3.client("iam", region_name="us-east-1")