in cfn_policy_validator/parsers/identity.py [0:0]
def parse_managed_policies(self, principal, properties, property_name='ManagedPolicyArns'):
managed_policy_arns = properties.get(property_name, [])
for arn in managed_policy_arns:
policy = ManagedPolicyParser.managed_policies.get(arn)
if policy is not None:
principal.add_policy(policy)
continue
try:
# if the ARN is not a managed policy in the template, pull it from the environment
response = self.client.get_policy(PolicyArn=arn)
except ClientError as e:
if e.response['Error']['Code'] == 'NoSuchEntity':
raise ApplicationError(f'Could not find managed policy with {arn} in template or in environment.')
else:
raise
policy_name = response['Policy']['PolicyName']
default_version_id = response['Policy']['DefaultVersionId']
policy_path = response['Policy']['Path']
response = self.client.get_policy_version(PolicyArn=arn, VersionId=default_version_id)
policy_document = response['PolicyVersion']['Document']
policy = Policy(policy_name, policy_document, policy_path)
principal.add_policy(policy)