in packages/utilities/iam-role-helper/src/python/resolve_role/resolve_role.py [0:0]
def resolve_role_ref(role_ref):
if(role_ref.get("id", None) is not None):
resourceId = role_ref.get("id")
role = role_id_map.get(resourceId)
elif(role_ref.get("arn") is not None):
resourceId = role_ref.get("arn", None)
role = role_arn_map.get(resourceId)
elif(role_ref.get("name", None) is not None):
resourceId = role_ref.get("name")
# Handle SSO roles
sso = role_ref.get("sso", False)
if sso:
role = None
regex = "^AWSReservedSSO_" + resourceId +"_[0-9a-zA-Z]{16}$"
logger.info(regex)
for role_name,check_role in role_name_map.items():
logger.info(role_name)
if re.match(regex,role_name):
if role is not None:
raise Exception(f"Ambiguous role resolution: {role_name}/{resourceId}")
role = check_role
else:
role = role_name_map.get(resourceId)
else:
raise Exception("Callied without id, arn or name specified")
if(role is None):
raise Exception(f"Failed to resolve role: {role_ref}")
else:
return {
"Status": "200",
"Data": {
"arn": role['Arn'],
"name": role['RoleName'],
"id": role["RoleId"]
}
}