Iam list-roles does not display permission boundaries for the roles #229

rams3sh · 2019-05-26T18:25:38Z

I have enforced permission boundaries in one of my roles in my AWS account. However , I do not get the permission boundary policy displayed as part of list-roles api call as documented as part of official API docs here

But the same policy is being displayed when get-role is called for the specific role. Since I am not sure on whose side the problem is either at the AWS API gateway / boto3. Hence raising it here.

I use windows 10 and have my boto3 version as given below :-

C:\>python -c "import boto3; print(boto3.__version__)"
1.9.156

Given down the output of the aws cli command with jq to give out the keys of the output for clarity :-

C:\>aws iam list-roles | jq ".Roles[] | keys"
[
  "Arn",
  "AssumeRolePolicyDocument",
  "CreateDate",
  "Description",
  "MaxSessionDuration",
  "Path",
  "RoleId",
  "RoleName"
]
[
  "Arn",
  "AssumeRolePolicyDocument",
  "CreateDate",
  "MaxSessionDuration",
  "Path",
  "RoleId",
  "RoleName"
]
[
  "Arn",
  "AssumeRolePolicyDocument",
  "CreateDate",
  "MaxSessionDuration",
  "Path",
  "RoleId",
  "RoleName"
]

Output of get-role for the specific role with Permissions Boundary :-

C:\>aws iam get-role --role-name "RoleWithPermissionBoundarySet" | jq ".Role[] | keys?"
[
  "PermissionsBoundaryArn",
  "PermissionsBoundaryType"
]
[
  "Statement",
  "Version"
]

May	JUN	Jul
	14
2019	2020	2021

awslabs / aws-shell

Iam list-roles does not display permission boundaries for the roles #229

Iam list-roles does not display permission boundaries for the roles #229

rams3sh commented May 26, 2019

awslabs / aws-shell

Join GitHub today

Iam list-roles does not display permission boundaries for the roles #229

Iam list-roles does not display permission boundaries for the roles #229

Comments

rams3sh commented May 26, 2019