Check if IAM role already exists and then skip creating new one. #2

san089 · 2020-01-30T16:36:30Z

Check if IAM role already exists and then skip creating a new one.

try:
        create_response = iam_client.create_role(
                    Path='/',
                    RoleName=role_name,
                    Description=role_description,
                    AssumeRolePolicyDocument = role_policy_document
        )
        logger.debug(f"Got response from IAM client for creating role : {create_response}")
        logger.info(f"Role create response code : {create_response['ResponseMetadata']['HTTPStatusCode']}")
    except Exception as e:
        logger.error(f"Error occured while creating role : {e}")
        return False

The text was updated successfully, but these errors were encountered:

BestuSingh · 2025-01-24T21:00:08Z

In order to check it, you can use 'get_role' method of the 'boto3' IAM client. here is the code:

`import boto3
import logging

Initialize logging

logger = logging.getLogger()
logger.setLevel(logging.INFO)

Initialize IAM client

iam_client = boto3.client('iam')

def ensure_iam_role(role_name, role_description, role_policy_document):
try:
# Check if the role already exists
logger.info(f"Checking if IAM role '{role_name}' exists...")
response = iam_client.get_role(RoleName=role_name)
logger.info(f"Role '{role_name}' already exists. Skipping creation.")
return True # Role exists
except iam_client.exceptions.NoSuchEntityException:
# Role does not exist, proceed to create it
try:
logger.info(f"Role '{role_name}' does not exist. Creating a new one...")
create_response = iam_client.create_role(
Path='/',
RoleName=role_name,
Description=role_description,
AssumeRolePolicyDocument=role_policy_document
)
logger.debug(f"Got response from IAM client for creating role: {create_response}")
logger.info(f"Role create response code: {create_response['ResponseMetadata']['HTTPStatusCode']}")
return True # Role created successfully
except Exception as e:
logger.error(f"Error occurred while creating role: {e}")
return False # Role creation failed
except Exception as e:
# Handle other exceptions from get_role
logger.error(f"Unexpected error occurred while checking role: {e}")
return False
`

san089 self-assigned this Jan 30, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Check if IAM role already exists and then skip creating new one. #2

Check if IAM role already exists and then skip creating new one. #2

san089 commented Jan 30, 2020

BestuSingh commented Jan 24, 2025

Check if IAM role already exists and then skip creating new one. #2

Check if IAM role already exists and then skip creating new one. #2

Comments

san089 commented Jan 30, 2020

BestuSingh commented Jan 24, 2025

Initialize logging

Initialize IAM client