AnsibleAWSModule related cleanup - redshift (#66779)

* AnsibleAWSModule related cleanup - redshift * Apply a backoff on modify_cluster to cope with concurrent operations * Add AWS 'hacking' policy to allow creation of Redshift ServiceRole * Adding the retry policies makes the redshift test suite more reliable
author: Mark Chappell <mchappel@redhat.com> 2020-02-12 19:17:18 +0100
committer: GitHub <noreply@github.com> 2020-02-12 11:17:18 -0700
commit: 8d574c37700f9a438de839b74a5c8251fa49f727 (patch)
tree: 65183b7bc537b41c4a4ac16268fc08198e6f099c /hacking
parent: a6bb3ae29178b115927bd020d7c9374f21a65f01 (diff)
download: ansible-8d574c37700f9a438de839b74a5c8251fa49f727.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/hacking/aws_config/testing_policies/database-policy.json b/hacking/aws_config/testing_policies/database-policy.json
index 39fd43ac49..2f15baaf3e 100644
--- a/hacking/aws_config/testing_policies/database-policy.json
+++ b/hacking/aws_config/testing_policies/database-policy.json
@@ -12,6 +12,15 @@
             }
         },
         {
+            "Action": "iam:CreateServiceLinkedRole",
+            "Effect": "Allow",
+            "Resource": "arn:aws:iam::*:role/aws-service-role/redshift.amazonaws.com/AWSServiceRoleForRedshift",
+            "Condition": {
+                "StringLike": {
+                    "iam:AWSServiceName": "redshift.amazonaws.com"}
+                }
+        },
+        {
             "Sid": "AllowRDSReadEverywhere",
             "Effect": "Allow",
             "Action": [
author	Mark Chappell <mchappel@redhat.com>	2020-02-12 19:17:18 +0100
committer	GitHub <noreply@github.com>	2020-02-12 11:17:18 -0700
commit	8d574c37700f9a438de839b74a5c8251fa49f727 (patch)
tree	65183b7bc537b41c4a4ac16268fc08198e6f099c /hacking
parent	a6bb3ae29178b115927bd020d7c9374f21a65f01 (diff)
download	ansible-8d574c37700f9a438de839b74a5c8251fa49f727.tar.gz