Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Corrected bug in IAM delete_role() due to overloading of name 'role' … (#3019)

Browse Source 
* Corrected bug in IAM delete_role() due to overloading of name 'role' in function

* PR-requested fixes: added region to tests boto client create, reformatted with black

Co-authored-by: Joseph Weitekamp <jweite@amazon.com>
This commit is contained in:
jweite 2020-05-27 12:00:28 -04:00 committed by GitHub
parent 97a6e8d9e8
commit b7a1b666a8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
moto/iam/models.py
View File

@ -1148,8 +1148,8 @@ class IAMBackend(BaseBackend):
def delete_role(self, role_name): def delete_role(self, role_name):
role = self.get_role(role_name) role = self.get_role(role_name)
for instance_profile in self.get_instance_profiles(): for instance_profile in self.get_instance_profiles():
for role in instance_profile.roles: for profile_role in instance_profile.roles:
if role.name == role_name: if profile_role.name == role_name:
raise IAMConflictException( raise IAMConflictException(
code="DeleteConflict", code="DeleteConflict",
message="Cannot delete entity, must remove roles from instance profile first.", message="Cannot delete entity, must remove roles from instance profile first.",

33
tests/test_iam/test_iam.py
View File

@ -2815,3 +2815,36 @@ def test_list_user_tags():
[{"Key": "Stan", "Value": "The Caddy"}, {"Key": "like-a", "Value": "glove"}] [{"Key": "Stan", "Value": "The Caddy"}, {"Key": "like-a", "Value": "glove"}]
) )
response["IsTruncated"].should_not.be.ok response["IsTruncated"].should_not.be.ok
@mock_iam()
def test_delete_role_with_instance_profiles_present():
iam = boto3.client("iam", region_name="us-east-1")
trust_policy = """
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
"""
trust_policy = trust_policy.strip()
iam.create_role(RoleName="Role1", AssumeRolePolicyDocument=trust_policy)
iam.create_instance_profile(InstanceProfileName="IP1")
iam.add_role_to_instance_profile(InstanceProfileName="IP1", RoleName="Role1")
iam.create_role(RoleName="Role2", AssumeRolePolicyDocument=trust_policy)
iam.delete_role(RoleName="Role2")
role_names = [role["RoleName"] for role in iam.list_roles()["Roles"]]
assert "Role1" in role_names
assert "Role2" not in role_names