pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use jinja template to generate policy json

Browse Source
This commit is contained in:
richard-dds 2019-10-02 12:04:02 -04:00
parent e34333a990
commit 329f014b16
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
atst/domain/csp/cloud.py
View File

@ -1,6 +1,7 @@
from typing import Dict from typing import Dict
from uuid import uuid4 from uuid import uuid4
import json import json
from jinja2 import Template
from atst.models.environment_role import CSPRole from atst.models.environment_role import CSPRole
from atst.models.user import User from atst.models.user import User
@ -692,7 +693,7 @@ class AWSCloudProvider(CloudProviderInterface):
) )
def _inline_org_management_policy(self, account_id: str) -> Dict: def _inline_org_management_policy(self, account_id: str) -> Dict:
policy_dict = json.loads( policy_template = Template(
""" """
{ {
"Version": "2012-10-17", "Version": "2012-10-17",
@ -703,14 +704,13 @@ class AWSCloudProvider(CloudProviderInterface):
"sts:AssumeRole" "sts:AssumeRole"
], ],
"Resource": [ "Resource": [
"arn:aws:iam::{}:role/{}" "arn:aws:iam::{{ account_id }}:role/{{ role_name }}"
] ]
} }
] ]
} }
""" """
) )
policy_dict["Statement"][0]["Resource"][0] = policy_dict["Statement"][0][ return policy_template.render(
"Resource" account_id=account_id, role_name=self.root_account_policy_name
][0].format(account_id, self.root_account_policy_name) )
return json.dumps(policy_dict)