Port sts_assume_role to boto3 (#32569)

* Ported sts_assume_role to boto3 * Added integration tests
author: Marek <piontas@users.noreply.github.com> 2018-01-22 23:46:08 +0100
committer: Sloane Hertel <shertel@redhat.com> 2018-01-22 17:46:08 -0500
commit: 5fa29201a79068ea08f90205dfb22470f49e6455 (patch)
tree: 300efb0a8eab33a9b207d44bebe644bb0831781a /hacking
parent: ffe0ddea96bbe8ac27af816e58667c212e74688e (diff)
download: ansible-5fa29201a79068ea08f90205dfb22470f49e6455.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/hacking/aws_config/testing_policies/sts-policy.json b/hacking/aws_config/testing_policies/sts-policy.json
new file mode 100644
index 0000000000..ba955548ee
--- /dev/null
+++ b/hacking/aws_config/testing_policies/sts-policy.json
@@ -0,0 +1,23 @@
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "AllowSTSAnsibleTests",
+            "Action": [
+                "iam:Get*",
+                "iam:List*",
+                "iam:CreateRole",
+                "iam:DeleteRole",
+                "iam:DetachRolePolicy",
+                "sts:AssumeRole",
+                "iam:AttachRolePolicy",
+                "iam:CreateInstanceProfile"
+            ],
+            "Effect": "Allow",
+            "Resource": [
+                "arn:aws:iam::{{aws_account}}:role/ansible-test-sts-*",
+                "arn:aws:iam::{{aws_account}}:instance-profile/ansible-test-sts-*"
+            ]
+        }
+    ]
+}
author	Marek <piontas@users.noreply.github.com>	2018-01-22 23:46:08 +0100
committer	Sloane Hertel <shertel@redhat.com>	2018-01-22 17:46:08 -0500
commit	5fa29201a79068ea08f90205dfb22470f49e6455 (patch)
tree	300efb0a8eab33a9b207d44bebe644bb0831781a /hacking
parent	ffe0ddea96bbe8ac27af816e58667c212e74688e (diff)
download	ansible-5fa29201a79068ea08f90205dfb22470f49e6455.tar.gz