Skip to content

Commit

Permalink
AssumeRolePolicyDocument is a required parameter to CreateRole
Browse files Browse the repository at this point in the history
  • Loading branch information
Andriy Zavada committed Dec 31, 2023
1 parent 35f1aa9 commit 025ef45
Showing 1 changed file with 21 additions and 5 deletions.
26 changes: 21 additions & 5 deletions apps/riak_cs/src/riak_cs_iam.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -454,11 +454,27 @@ fix_permissions_boundary(Map) ->

-spec create_role(maps:map()) -> {ok, role()} | {error, reportable_error_reason()}.
create_role(Specs) ->
Encoded = riak_cs_json:to_json(exprec_role(Specs)),
{ok, AdminCreds} = riak_cs_config:admin_creds(),
velvet:create_role("application/json",
Encoded,
[{auth_creds, AdminCreds}]).
case validate_role_specs(Specs) of
ok ->
Encoded = riak_cs_json:to_json(exprec_role(Specs)),
{ok, AdminCreds} = riak_cs_config:admin_creds(),
velvet:create_role("application/json",
Encoded,
[{auth_creds, AdminCreds}]);
ER ->
ER
end.

validate_role_specs(#{assume_role_policy_document := A}) ->
case riak_cs_aws_policy:policy_from_json(A) of
{ok, _} ->
ok;
ER ->
ER
end;
validate_role_specs(#{}) ->
{error, missing_parameter}.


-spec delete_role(binary()) -> ok | {error, reportable_error_reason()}.
delete_role(Arn) ->
Expand Down

0 comments on commit 025ef45

Please sign in to comment.