func roleCheck()

in pkg/ram.go [16:45]

• 28 lines of code
• 6 McCabe index (conditional complexity)

func roleCheck(ak string, sk string, roleName string) ([]ram.Policy, error) {
	config := sdk.NewConfig()
	credential := credentials.NewAccessKeyCredential(ak, sk)
	// log.DefaultLogger.Info("roleName", roleName)
	client, err := ram.NewClientWithOptions("cn-hangzhou", config, credential)
	if err != nil {
		return nil, err
	}
	request := ram.CreateListPoliciesForRoleRequest()
	request.Scheme = "https"
	request.RoleName = roleName

	response, err := client.ListPoliciesForRole(request)
	if err != nil {
		s := err.Error()
		if strings.Contains(s, "NoPermission") {
			return nil, errors.New(RAM_NO_PERMISSION_ERROR)
		}
		return nil, err
	}
	policyList := response.Policies.Policy
	len := len(policyList)
	if len != 1 {
		return nil, errors.New(POLICY_LEN_ERROR)
	}
	if policyList[0].PolicyName != "AliyunLogReadOnlyAccess" {
		return nil, errors.New(POLYCY_NOT_MATCH_ERROR)
	}
	return policyList, nil
}