pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Extract constant for permission boundary ARN

Browse Source
This commit is contained in:
richard-dds 2019-10-02 15:59:34 -04:00
parent 329f014b16
commit 04235fd13d
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
atst/domain/csp/cloud.py
View File

@ -475,6 +475,9 @@ class AWSCloudProvider(CloudProviderInterface):
] ]
MAX_CREATE_ACCOUNT_ATTEMPTS = 10 MAX_CREATE_ACCOUNT_ATTEMPTS = 10
# Placeholder permission boundary for root user
PERMISSION_BOUNDARY_ARN = "arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup"
def __init__(self, config, boto3=None): def __init__(self, config, boto3=None):
self.config = config self.config = config
@ -598,11 +601,10 @@ class AWSCloudProvider(CloudProviderInterface):
iam_client = self._get_client("iam", credentials=credentials) iam_client = self._get_client("iam", credentials=credentials)
# Create the user with a PermissionBoundary # Create the user with a PermissionBoundary
permission_boundary_arn = "arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup"
try: try:
user = iam_client.create_user( user = iam_client.create_user(
UserName=self.root_account_username, UserName=self.root_account_username,
PermissionsBoundary=permission_boundary_arn, PermissionsBoundary=self.PERMISSION_BOUNDARY_ARN,
Tags=[{"Key": "foo", "Value": "bar"}], Tags=[{"Key": "foo", "Value": "bar"}],
)["User"] )["User"]
except iam_client.exceptions.EntityAlreadyExistsException as _exc: except iam_client.exceptions.EntityAlreadyExistsException as _exc: