func()

in operator/pkg/awsprovider/iam/reconciler.go [80:112]

• 32 lines of code
• 9 McCabe index (conditional complexity)

func (c *Controller) Finalize(ctx context.Context, controlPlane *apis.ControlPlane) error {
	_, err := c.iam.RemoveRoleFromInstanceProfileWithContext(ctx, &iam.RemoveRoleFromInstanceProfileInput{
		InstanceProfileName: aws.String(KitNodeInstanceProfileNameFor(controlPlane.ClusterName())),
		RoleName:            aws.String(KitNodeRoleNameFor(controlPlane.ClusterName())),
	})
	if err != nil && !errors.IsIAMObjectDoNotExist(err) {
		return fmt.Errorf("removing role from instance profile, %w", err)
	}
	_, err = c.iam.DeleteInstanceProfileWithContext(ctx, &iam.DeleteInstanceProfileInput{
		InstanceProfileName: aws.String(KitNodeInstanceProfileNameFor(controlPlane.ClusterName())),
	})
	if err != nil && !errors.IsIAMObjectDoNotExist(err) {
		return fmt.Errorf("deleting instance profile, %w", err)
	}

	for _, policy := range kitNodeRolePolicies {
		if _, err = c.iam.DetachRolePolicyWithContext(ctx, &iam.DetachRolePolicyInput{
			PolicyArn: aws.String(policy),
			RoleName:  aws.String(KitNodeRoleNameFor(controlPlane.ClusterName())),
		}); err != nil {
			return fmt.Errorf("detaching policy from role, %w", err)
		}
	}
	_, err = c.iam.DeleteRoleWithContext(ctx, &iam.DeleteRoleInput{
		RoleName: aws.String(KitNodeRoleNameFor(controlPlane.ClusterName())),
	})
	if err != nil && !errors.IsIAMObjectDoNotExist(err) {
		return fmt.Errorf("deleting role, %w", err)
	}
	zap.S().Infof("[%s] Deleted IAM Role %v and instance profile",
		controlPlane.ClusterName(), KitNodeRoleNameFor(controlPlane.ClusterName()))
	return nil
}