How to use put_role_policy method in localstack
Best Python code snippet using localstack_python
setup_iam_roles.py
Source:setup_iam_roles.py 
...24 RoleName=role_name,25 PolicyArn='arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'26 )27 28 response = iam.put_role_policy(29 RoleName=role_name,30 PolicyName='create_log_group',31 PolicyDocument='{"Version":"2012-10-17","Statement":{"Effect":"Allow","Action":"logs:CreateLogGroup","Resource":"*"}}'32 )33 34 return role_arn35 36 except iam.exceptions.EntityAlreadyExistsException:37 print(f'Using ARN from existing role: {role_name}')38 response = iam.get_role(RoleName=role_name)39 return response['Role']['Arn']40def create_task_runner_role(role_name):41 try:42 response = iam.create_role(43 RoleName = role_name,44 AssumeRolePolicyDocument = json.dumps({45 "Version": "2012-10-17",46 "Statement": [47 {48 "Effect": "Allow",49 "Principal": {50 "Service": "ecs-tasks.amazonaws.com"51 },52 "Action": "sts:AssumeRole"53 }54 ]55 }),56 Description='Role for ECS tasks'57 )58 role_arn = response['Role']['Arn']59 role_policy_document = json.dumps({60 "Version": "2012-10-17",61 "Statement": [62 {63 "Effect": "Allow",64 "Action": "sagemaker:*",65 "Resource": "*"66 },67 {68 "Effect": "Allow",69 "Action": [70 "glue:StartJobRun",71 "glue:GetJobRun"72 ],73 "Resource": "*"74 },75 {76 "Effect": "Allow",77 "Action": "logs:CreateLogGroup",78 "Resource": "*"79 }80 ]81 })82 response = iam.put_role_policy(83 RoleName=role_name,84 PolicyName='glue_logs_sagemaker',85 PolicyDocument=role_policy_document86 )87 88 response = iam.put_role_policy(89 RoleName=role_name,90 PolicyName='create_log_group',91 PolicyDocument='{"Version":"2012-10-17","Statement":{"Effect":"Allow","Action":"logs:CreateLogGroup","Resource":"*"}}'92 )93 94 return role_arn95 except iam.exceptions.EntityAlreadyExistsException:96 print(f'Using ARN from existing role: {role_name}')97 response = iam.get_role(RoleName=role_name)98 return response['Role']['Arn']99def create_glue_pipeline_role(role_name, bucket):100 try:101 response = iam.create_role(102 RoleName = role_name,103 AssumeRolePolicyDocument = json.dumps({104 "Version": "2012-10-17",105 "Statement": [106 {107 "Effect": "Allow",108 "Principal": {109 "Service": "glue.amazonaws.com"110 },111 "Action": "sts:AssumeRole"112 }113 ]114 }),115 Description='Role for Glue ETL job'116 )117 role_arn = response['Role']['Arn']118 response = iam.attach_role_policy(119 RoleName=role_name,120 PolicyArn='arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole'121 )122 123 role_policy_document = json.dumps({124 "Version": "2012-10-17",125 "Statement": [126 {127 "Effect": "Allow",128 "Action": "s3:*",129 "Resource": f"arn:aws:s3:::{bucket}"130 }131 ]132 })133 134 response = iam.put_role_policy(135 RoleName=role_name,136 PolicyName='glue_s3_bucket',137 PolicyDocument=role_policy_document138 )139 140 role_policy_document = json.dumps({141 "Version": "2012-10-17",142 "Statement": [143 {144 "Effect": "Allow",145 "Action": "s3:*",146 "Resource": f"arn:aws:s3:::{bucket}/*"147 }148 ]149 })150 151 response = iam.put_role_policy(152 RoleName=role_name,153 PolicyName='glue_s3_objects',154 PolicyDocument=role_policy_document155 )156 157 return role_arn158 except iam.exceptions.EntityAlreadyExistsException:159 print(f'Using ARN from existing role: {role_name}')160 response = iam.get_role(RoleName=role_name)161 return response['Role']['Arn']162 163def create_lambda_sm_pipeline_role(role_name, ecs_role_arn, task_role_arn):164 try:165 response = iam.create_role(166 RoleName = role_name,167 AssumeRolePolicyDocument = json.dumps({168 "Version": "2012-10-17",169 "Statement": [170 {171 "Effect": "Allow",172 "Principal": {173 "Service": "lambda.amazonaws.com"174 },175 "Action": "sts:AssumeRole"176 }177 ]178 }),179 Description='Role for Lambda to call ECS Fargate task'180 )181 role_arn = response['Role']['Arn']182 response = iam.attach_role_policy(183 RoleName=role_name,184 PolicyArn='arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'185 )186 role_policy_document = json.dumps({187 "Version": "2012-10-17",188 "Statement": [189 {190 "Effect": "Allow",191 "Action": "ecs:RunTask",192 "Resource": ["*"]193 },194 {195 "Effect": "Allow",196 "Action": "sqs:*",197 "Resource": ["*"]198 },199 {200 "Effect": "Allow",201 "Action": "sagemaker:*",202 "Resource": ["*"]203 },204 {205 "Effect": "Allow",206 "Action": "iam:PassRole",207 "Resource": [ecs_role_arn, task_role_arn]208 },209 ]210 })211 response = iam.put_role_policy(212 RoleName=role_name,213 PolicyName='ecs_sqs_sagemaker',214 PolicyDocument=role_policy_document215 )216 return role_arn217 except iam.exceptions.EntityAlreadyExistsException:218 print(f'Using ARN from existing role: {role_name}')219 response = iam.get_role(RoleName=role_name)...
Automation Testing Tutorials
Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.
LambdaTest Learning Hubs:
- JUnit Tutorial
- TestNG Tutorial
- Webdriver Tutorial
- WebDriverIO Tutorial
- Protractor Tutorial
- Selenium 4 Tutorial
- Jenkins Tutorial
- NUnit Tutorial
- Jest Tutorial
- Playwright Tutorial
- Cypress Tutorial
- PyTest Tutorial
YouTube
You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.
Run localstack automation tests on LambdaTest cloud grid
Perform automation testing on 3000+ real desktop and mobile devices online.
Try LambdaTest Now !!
Get 100 minutes of automation test minutes FREE!!
Was this article helpful?
