Udacity-Data-Engineering-Projects
Udacity-Data-Engineering-Projects copied to clipboard
san089
Check if IAM role already exists and then skip creating new one.
Check if IAM role already exists and then skip creating a new one.
try:
create_response = iam_client.create_role(
Path='/',
RoleName=role_name,
Description=role_description,
AssumeRolePolicyDocument = role_policy_document
)
logger.debug(f"Got response from IAM client for creating role : {create_response}")
logger.info(f"Role create response code : {create_response['ResponseMetadata']['HTTPStatusCode']}")
except Exception as e:
logger.error(f"Error occured while creating role : {e}")
return False
In order to check it, you can use 'get_role' method of the 'boto3' IAM client. here is the code:
`import boto3 import logging
Initialize logging
logger = logging.getLogger() logger.setLevel(logging.INFO)
Initialize IAM client
iam_client = boto3.client('iam')
def ensure_iam_role(role_name, role_description, role_policy_document): try: # Check if the role already exists logger.info(f"Checking if IAM role '{role_name}' exists...") response = iam_client.get_role(RoleName=role_name) logger.info(f"Role '{role_name}' already exists. Skipping creation.") return True # Role exists except iam_client.exceptions.NoSuchEntityException: # Role does not exist, proceed to create it try: logger.info(f"Role '{role_name}' does not exist. Creating a new one...") create_response = iam_client.create_role( Path='/', RoleName=role_name, Description=role_description, AssumeRolePolicyDocument=role_policy_document ) logger.debug(f"Got response from IAM client for creating role: {create_response}") logger.info(f"Role create response code: {create_response['ResponseMetadata']['HTTPStatusCode']}") return True # Role created successfully except Exception as e: logger.error(f"Error occurred while creating role: {e}") return False # Role creation failed except Exception as e: # Handle other exceptions from get_role logger.error(f"Unexpected error occurred while checking role: {e}") return False `
