Fix Beanstalk integ by making sure they have the required IAM permiss…

…ions for the Beanstalk environment.
aws · Dec 4, 2024 · 1e0fbde · 1e0fbde
1 parent 5ed05e5
commit 1e0fbde
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/test/AWS.Deploy.CLI.IntegrationTests/Helpers/IAMHelper.cs b/test/AWS.Deploy.CLI.IntegrationTests/Helpers/IAMHelper.cs
@@ -32,6 +32,19 @@ public async Task DeleteRoleAndInstanceProfileAfterBeanstalkEnvionmentDeployment
             var role = existingRoles.FirstOrDefault(x => string.Equals(roleName, x.RoleName));
             if (role != null)
             {
+                var polices = (await _client.ListAttachedRolePoliciesAsync(new ListAttachedRolePoliciesRequest { RoleName = roleName })).AttachedPolicies;
+                if (polices != null)
+                {
+                    foreach(var policy in polices)
+                    {
+                        await _client.DetachRolePolicyAsync(new DetachRolePolicyRequest
+                        {
+                            RoleName = roleName,
+                            PolicyArn = policy.PolicyArn
+                        });
+                    }
+                }
+
                 await _client.RemoveRoleFromInstanceProfileAsync(new RemoveRoleFromInstanceProfileRequest
                 {
                     RoleName = roleName,
@@ -78,6 +91,12 @@ await _client.CreateRoleAsync(new CreateRoleRequest
                     AssumeRolePolicyDocument = assumeRolepolicyDocument.Replace("'", "\""),
                     MaxSessionDuration = 7200
                 });
+
+                await _client.AttachRolePolicyAsync(new AttachRolePolicyRequest
+                {
+                    RoleName = roleName,
+                    PolicyArn = "arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier"
+                });
             }
 
             InstanceProfile instanceProfile = null;