You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@dlab.apache.org by om...@apache.org on 2019/04/08 10:39:26 UTC

[incubator-dlab] branch DLAB-593 created (now 583cf02)

This is an automated email from the ASF dual-hosted git repository.

omartushevskyi pushed a change to branch DLAB-593
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git.


      at 583cf02  [DLAB-593]: Fixed issue with removing IAM resources

This branch includes the following new commits:

     new 583cf02  [DLAB-593]: Fixed issue with removing IAM resources

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org

[incubator-dlab] 01/01: [DLAB-593]: Fixed issue with removing IAM resources

Posted by om...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

omartushevskyi pushed a commit to branch DLAB-593
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git

commit 583cf02b0b070d67a268afab3f3fb315d289e876
Author: Oleh Martushevskyi <Ol...@epam.com>
AuthorDate: Mon Apr 8 13:39:17 2019 +0300

    [DLAB-593]: Fixed issue with removing IAM resources
---
 .../src/general/lib/aws/actions_lib.py                    | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/infrastructure-provisioning/src/general/lib/aws/actions_lib.py b/infrastructure-provisioning/src/general/lib/aws/actions_lib.py
index f6f37d0..f7ff407 100644
--- a/infrastructure-provisioning/src/general/lib/aws/actions_lib.py
+++ b/infrastructure-provisioning/src/general/lib/aws/actions_lib.py
@@ -862,7 +862,7 @@ def remove_roles_and_profiles(role_name, role_profile_name):
 def remove_all_iam_resources(instance_type, scientist=''):
     try:
         client = boto3.client('iam')
-        service_base_name = os.environ['conf_service_base_name']
+        service_base_name = os.environ['conf_service_base_name'].lower().replace('-', '_')
         roles_list = []
         for item in client.list_roles(MaxItems=250).get("Roles"):
             if item.get("RoleName").startswith(service_base_name + '-'):
@@ -872,14 +872,15 @@ def remove_all_iam_resources(instance_type, scientist=''):
             for iam_role in roles_list:
                 if '-ssn-Role' in iam_role and instance_type == 'ssn' or instance_type == 'all':
                     try:
-                        client.delete_role_policy(RoleName=iam_role, PolicyName=service_base_name + '-ssn-Policy')
+                        client.delete_role_policy(RoleName=iam_role, PolicyName='{0}-ssn-Policy'.format(
+                            service_base_name))
                     except:
                         print('There is no policy {}-ssn-Policy to delete'.format(service_base_name))
                     role_profiles = client.list_instance_profiles_for_role(RoleName=iam_role).get('InstanceProfiles')
                     if role_profiles:
                         for i in role_profiles:
                             role_profile_name = i.get('InstanceProfileName')
-                            if role_profile_name == service_base_name + '-ssn-Profile':
+                            if role_profile_name == '{0}-ssn-Profile'.format(service_base_name):
                                 remove_roles_and_profiles(iam_role, role_profile_name)
                     else:
                         print("There is no instance profile for {}".format(iam_role))
@@ -888,8 +889,7 @@ def remove_all_iam_resources(instance_type, scientist=''):
                 if '-edge-Role' in iam_role:
                     if instance_type == 'edge' and scientist in iam_role:
                         remove_detach_iam_policies(iam_role, 'delete')
-                        role_profile_name = os.environ['conf_service_base_name'] + '-' + '{}'.format(scientist) + \
-                                            '-edge-Profile'
+                        role_profile_name = '{0}-{1}-edge-Profile'.format(service_base_name, scientist)
                         try:
                             client.get_instance_profile(InstanceProfileName=role_profile_name)
                             remove_roles_and_profiles(iam_role, role_profile_name)
@@ -912,8 +912,7 @@ def remove_all_iam_resources(instance_type, scientist=''):
                 if '-nb-de-Role' in iam_role:
                     if instance_type == 'notebook' and scientist in iam_role:
                         remove_detach_iam_policies(iam_role)
-                        role_profile_name = os.environ['conf_service_base_name'] + '-' + "{}".format(scientist) + \
-                                            '-nb-de-Profile'
+                        role_profile_name = '{0}-{1}-nb-de-Profile'.format(service_base_name, scientist)
                         try:
                             client.get_instance_profile(InstanceProfileName=role_profile_name)
                             remove_roles_and_profiles(iam_role, role_profile_name)
@@ -937,7 +936,7 @@ def remove_all_iam_resources(instance_type, scientist=''):
             print("There are no IAM roles to delete. Checking instance profiles...")
         profile_list = []
         for item in client.list_instance_profiles(MaxItems=250).get("InstanceProfiles"):
-            if item.get("InstanceProfileName").startswith(service_base_name + '-'):
+            if item.get("InstanceProfileName").startswith('{}-'.format(service_base_name)):
                 profile_list.append(item.get('InstanceProfileName'))
         if profile_list:
             for instance_profile in profile_list:


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org