Refactor iam_role to bring down the complexity score (#66027)

* Simplify BotoCore- / Client- Error try/except loops where we don't need different behaviour * Refactor IAM Role manipulation to reduce complexity scores * Missing permissions * Add retry decorator by default * compare_attached_role_policies is dead code, remove it
author: Mark Chappell <mchappel@redhat.com> 2020-02-15 13:57:52 +0100
committer: GitHub <noreply@github.com> 2020-02-15 12:57:52 +0000
commit: 9edcda7ef769d3955740934e0e6183d462054de4 (patch)
tree: e73697af1c83060a878be1e0be5498eb8ef3cbcd /hacking
parent: d0443909ff1c8b89f87ed66c79aee7751a213e05 (diff)
download: ansible-9edcda7ef769d3955740934e0e6183d462054de4.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/hacking/aws_config/testing_policies/security-policy.json b/hacking/aws_config/testing_policies/security-policy.json
index f0d0768a7a..adacf0040c 100644
--- a/hacking/aws_config/testing_policies/security-policy.json
+++ b/hacking/aws_config/testing_policies/security-policy.json
@@ -20,6 +20,7 @@
                 "iam:ListPolicies",
                 "iam:ListRoles",
                 "iam:ListRolePolicies",
+                "iam:ListRoleTags",
                 "iam:ListUsers",
                 "iam:ListAccountAliases"
             ],
@@ -50,6 +51,8 @@
                 "iam:PassRole",
                 "iam:PutRolePolicy",
                 "iam:PutRolePermissionsBoundary",
+                "iam:TagRole",
+                "iam:UntagRole",
                 "iam:UpdateAssumeRolePolicy",
                 "iam:UpdateRole",
                 "iam:UpdateRoleDescription",
author	Mark Chappell <mchappel@redhat.com>	2020-02-15 13:57:52 +0100
committer	GitHub <noreply@github.com>	2020-02-15 12:57:52 +0000
commit	9edcda7ef769d3955740934e0e6183d462054de4 (patch)
tree	e73697af1c83060a878be1e0be5498eb8ef3cbcd /hacking
parent	d0443909ff1c8b89f87ed66c79aee7751a213e05 (diff)
download	ansible-9edcda7ef769d3955740934e0e6183d462054de4.tar.gz