def create_role(session, role_name, account_number):
client = session.client('iam')
res = None
try:
role = client.create_role(
RoleName=role_name,
AssumeRolePolicyDocument=json.dumps(default_trust(str(account_number)))
)
client.attach_role_policy(
RoleName=role_name,
PolicyArn='arn:aws:iam::aws:policy/AdministratorAccess'
)
res = role['Role']['Arn']
print "+ Created IAM role: {}".format(res)
except ClientError as e:
raise e
return res
评论列表
文章目录
