mirror of https://github.com/kubernetes/kops.git
Ignore InvalidAction errors when tagging IAM Instance Profiles
This commit is contained in:
parent
7f59cd8086
commit
fd2370c8e8
|
@ -92,6 +92,34 @@ func (m *MockIAM) CreateInstanceProfileRequest(*iam.CreateInstanceProfileInput)
|
|||
panic("Not implemented")
|
||||
}
|
||||
|
||||
func (m *MockIAM) TagInstanceProfile(request *iam.TagInstanceProfileInput) (*iam.TagInstanceProfileOutput, error) {
|
||||
m.mutex.Lock()
|
||||
defer m.mutex.Unlock()
|
||||
|
||||
klog.Infof("CreateInstanceProfile: %v", request)
|
||||
|
||||
ip := m.InstanceProfiles[aws.StringValue(request.InstanceProfileName)]
|
||||
if ip == nil {
|
||||
return nil, fmt.Errorf("InstanceProfile not found")
|
||||
}
|
||||
|
||||
for _, tag := range request.Tags {
|
||||
key := *tag.Key
|
||||
overwritten := false
|
||||
for _, existingTag := range ip.Tags {
|
||||
if *existingTag.Key == key {
|
||||
existingTag.Value = tag.Value
|
||||
overwritten = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if !overwritten {
|
||||
ip.Tags = append(ip.Tags, tag)
|
||||
}
|
||||
}
|
||||
return &iam.TagInstanceProfileOutput{}, nil
|
||||
}
|
||||
|
||||
func (m *MockIAM) AddRoleToInstanceProfile(request *iam.AddRoleToInstanceProfileInput) (*iam.AddRoleToInstanceProfileOutput, error) {
|
||||
m.mutex.Lock()
|
||||
defer m.mutex.Unlock()
|
||||
|
|
|
@ -118,7 +118,6 @@ func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAM
|
|||
|
||||
request := &iam.CreateInstanceProfileInput{
|
||||
InstanceProfileName: e.Name,
|
||||
Tags: mapToIAMTags(e.Tags),
|
||||
}
|
||||
|
||||
response, err := t.Cloud.IAM().CreateInstanceProfile(request)
|
||||
|
@ -126,6 +125,19 @@ func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAM
|
|||
return fmt.Errorf("error creating IAMInstanceProfile: %v", err)
|
||||
}
|
||||
|
||||
tagRequest := &iam.TagInstanceProfileInput{
|
||||
InstanceProfileName: e.Name,
|
||||
Tags: mapToIAMTags(e.Tags),
|
||||
}
|
||||
_, err = t.Cloud.IAM().TagInstanceProfile(tagRequest)
|
||||
if err != nil {
|
||||
if awsup.AWSErrorCode(err) == awsup.AWSErrCodeInvalidAction {
|
||||
klog.Warningf("Ignoring unsupported IAMInstanceProfile tagging %v", *a.Name)
|
||||
} else {
|
||||
return fmt.Errorf("error tagging IAMInstanceProfile: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
e.ID = response.InstanceProfile.InstanceProfileId
|
||||
e.Name = response.InstanceProfile.InstanceProfileName
|
||||
} else {
|
||||
|
@ -151,14 +163,17 @@ func (_ *IAMInstanceProfile) RenderAWS(t *awsup.AWSAPITarget, a, e, changes *IAM
|
|||
}
|
||||
_, err := t.Cloud.IAM().TagInstanceProfile(tagRequest)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error tagging IAMInstanceProfile: %v", err)
|
||||
if awsup.AWSErrorCode(err) == awsup.AWSErrCodeInvalidAction {
|
||||
klog.Warningf("Ignoring unsupported IAMInstanceProfile tagging %v", *a.Name)
|
||||
} else {
|
||||
return fmt.Errorf("error tagging IAMInstanceProfile: %v", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: Should we use path as our tag?
|
||||
return nil // No tags in IAM
|
||||
return nil
|
||||
}
|
||||
|
||||
func (_ *IAMInstanceProfile) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *IAMInstanceProfile) error {
|
||||
|
|
|
@ -115,6 +115,9 @@ const (
|
|||
WellKnownAccountUbuntu = "099720109477"
|
||||
)
|
||||
|
||||
// AWSErrCodeInvalidAction is returned in AWS partitions that don't support certain actions
|
||||
const AWSErrCodeInvalidAction = "InvalidAction"
|
||||
|
||||
type AWSCloud interface {
|
||||
fi.Cloud
|
||||
CloudFormation() *cloudformation.CloudFormation
|
||||
|
|
Loading…
Reference in New Issue