Test your AI Agents with the all-new Agent to Agent Testing Platform.Learn More

How to use detach_user_policy method in localstack

Best Python code snippet using localstack_python

deepracer.py

Source:deepracer.py

...132    if os.environ.get('CHILD_ACCOUNT_BILLING_ACCESS') == 'TRUE':133        iam_client.attach_user_policy(UserName=account_name,PolicyArn="arn:aws:iam::aws:policy/AWSBillingReadOnlyAccess")134def update_policies(account_id,iam_user_name,iam_client):135    try:136        iam_client.detach_user_policy(UserName=iam_user_name,137            PolicyArn="arn:aws:iam::{}:policy/DeepRacerWorkshopAttendeePolicy".format(account_id)138        )139        print("Detached DeepRacerWorkshopAttendeePolicy from IAM User: {} in account id:{}".format(iam_user_name,account_id))140    except iam_client.exceptions.NoSuchEntityException as error:141        print("Policy already detached --> Message: {}".format(error))142    try:143        iam_client.delete_policy(PolicyArn="arn:aws:iam::{}:policy/DeepRacerWorkshopAttendeePolicy".format(account_id))144        print("Deleted DeepRacerWorkshopAttendeePolicy in account id:{}".format(account_id))145    except iam_client.exceptions.NoSuchEntityException as error:146        print("Policy already deleted --> Message: {}".format(error))147    custom_policy_arn=create_custom_iam_userpolicy(iam_client)148    print("Created DeepRacerWorkshopAttendeePolicy in account id:{}".format(account_id))149    150    attach_iam_user_policies(iam_client,iam_user_name,custom_policy_arn)151    print("Attached DeepRacerWorkshopAttendeePolicy, Billing Access to IAM User:{} in account id:{}".format(iam_user_name, account_id))152def set_permissions(sts_client,account_name,account_id,default_password,type=None):153    assume_creds = assume_child_credentials(sts_client,account_id)154    iam_client = boto3.client('iam', region_name=os.environ['AWS_DEFAULT_REGION'] ,155                        aws_access_key_id=assume_creds['AccessKeyId'],156                        aws_secret_access_key=assume_creds['SecretAccessKey'],157                        aws_session_token = assume_creds['SessionToken'])158    iam_user_name="{}-deepracer-{}".format(account_name,account_id)159    # iam_user_name="deepraceruser-{}".format(account_id)160    if type == "update" and not exists_iam_user(iam_client,iam_user_name):161        print("IAM user:{} not found, NO need to update. You should first bootstrap it. Exit!".format(iam_user_name))162        return163    if type == "update" and exists_iam_user(iam_client,iam_user_name):164        print("IAM user:{} found, It will update the policies!".format(iam_user_name))165        update_policies(account_id,iam_user_name,iam_client)166        return167    if type == "attach" and not exists_iam_user(iam_client,iam_user_name):168        print("IAM user:{} not found, NO need to attach. You should first bootstrap it. Exit!".format(iam_user_name))169        return170    if type == "attach" and exists_iam_user(iam_client,iam_user_name):171        print("IAM user:{} found, It will attach the policies!".format(iam_user_name))172        iam_client.attach_user_policy(UserName=iam_user_name,173            PolicyArn="arn:aws:iam::{}:policy/DeepRacerWorkshopAttendeePolicy".format(account_id)174        )175        print("Attached DeepRacerWorkshopAttendeePolicy from IAM User: {} in account id:{}".format(iam_user_name,account_id))176        iam_client.attach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/AWSDeepRacerFullAccess")177        print("Attached AWSDeepRacerFullAccess from IAM User: {} in account id:{}".format(iam_user_name,account_id))178        iam_client.attach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy")179        print("Attached AWSDeepRacerRoboMakerAccessPolicy from IAM User: {} in account id:{}".format(iam_user_name,account_id))180        iam_client.attach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy")181        print("Attached AWSDeepRacerServiceRolePolicy from IAM User: {} in account id:{}".format(iam_user_name,account_id))182        183        if os.environ.get('CHILD_ACCOUNT_BILLING_ACCESS') == 'TRUE':184            iam_client.attach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/AWSBillingReadOnlyAccess")185            print("Attached AWSBillingReadOnlyAccess from IAM User: {} in account id:{}".format(iam_user_name,account_id))186        return187    if type == "detach" and not exists_iam_user(iam_client,iam_user_name):188        print("IAM user:{} not found, NO need to detach. You should first bootstrap it. Exit!".format(iam_user_name))189        return190    if type == "detach" and exists_iam_user(iam_client,iam_user_name):191        try:192            print("IAM user:{} found, It will detach the policies!".format(iam_user_name))193            iam_client.detach_user_policy(UserName=iam_user_name,194                PolicyArn="arn:aws:iam::{}:policy/DeepRacerWorkshopAttendeePolicy".format(account_id)195            )196            print("Detached DeepRacerWorkshopAttendeePolicy from IAM User: {} in account id:{}".format(iam_user_name,account_id))197            iam_client.detach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/AWSDeepRacerFullAccess")198            print("Detached AWSDeepRacerFullAccess from IAM User: {} in account id:{}".format(iam_user_name,account_id))199            iam_client.detach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/AWSDeepRacerRoboMakerAccessPolicy")200            print("Detached AWSDeepRacerRoboMakerAccessPolicy from IAM User: {} in account id:{}".format(iam_user_name,account_id))201            iam_client.detach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/service-role/AWSDeepRacerServiceRolePolicy")202            print("Detached AWSDeepRacerServiceRolePolicy from IAM User: {} in account id:{}".format(iam_user_name,account_id))203            if os.environ.get('CHILD_ACCOUNT_BILLING_ACCESS') == 'TRUE':204                iam_client.detach_user_policy(UserName=iam_user_name,PolicyArn="arn:aws:iam::aws:policy/AWSBillingReadOnlyAccess")205                print("Detached AWSBillingReadOnlyAccess from IAM User: {} in account id:{}".format(iam_user_name,account_id))206        except iam_client.exceptions.NoSuchEntityException as error:207            print("Policy already detached --> Message: {}".format(error))208        return209    if not exists_iam_user(iam_client,iam_user_name):210        iam_client.create_user(UserName=iam_user_name)211        print("Created IAM User:{} in account id:{}".format(iam_user_name,account_id))212        custom_policy_arn=create_custom_iam_userpolicy(iam_client)213        print("Created DeepRacerWorkshopAttendeePolicy in account id:{}".format(account_id))214        attach_iam_user_policies(iam_client,iam_user_name,custom_policy_arn)215        print("Attached DeepRacerWorkshopAttendeePolicy to IAM User:{} in account id:{}".format(iam_user_name, account_id))216        iam_client.create_login_profile(UserName=iam_user_name,Password=default_password,217                PasswordResetRequired=True218        )...

bot.py

Source:bot.py

...37    # Get the AWS IAM client from our frameworks38    iam_client = ctx.get_client(account_id = account_id).get('iam')39    # Call the AWS detach_user_policy API to detach the policy from the user40    logging.info('Detaching policy {} from user {}'.format(policy_arn, user_name))41    iam_client.detach_user_policy(UserName=user_name, PolicyArn=policy_arn)42    # If we were asked to close the ticket then do that now43    if close_ticket == 'true':44        query = '''45            mutation closeTicket($srn: String) {46              CloseTickets(input: {srns: [$srn]}) {47                successCount48                failureCount49                __typename50              }51            }52        '''53        variables = { "srn": ticket_srn }...

detachpolicy.py

Source:detachpolicy.py

1import boto32import json3def detach_user_policy(username, policy_arn):4    iam = boto3.resource("iam")5    attached_policy = iam.Policy(policy_arn)6    response = attached_policy.detach_user(7        UserName=username8    )9    print(response)10detach_user_policy(username="TrustedAdvisor", policy_arn="arn:aws:iam::151439720941:user/TrustedAdvisor")
...

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.