D6284: automation: detach policies before deleting role
indygreg (Gregory Szorc)
phabricator at mercurial-scm.org
Fri Apr 19 08:20:55 EDT 2019
indygreg created this revision.
Herald added a subscriber: mercurial-devel.
Herald added a reviewer: hg-reviewers.
You can't delete an IAM role that has attached policies.
With this change, the purge-ec2-resources command now works.
diff --git a/contrib/automation/hgautomation/aws.py b/contrib/automation/hgautomation/aws.py
@@ -505,6 +505,10 @@
for role in iamresource.roles.all():
+ for p in role.attached_policies.all():
+ print('detaching policy %s from %s' % (p.arn, role.name))
print('removing role %s' % role.name)
To: indygreg, #hg-reviewers
More information about the Mercurial-devel