updates to tests and source for IAM file

ruby/example_code/iam/manage_roles.rb

@@ -47,8 +47,10 @@ def list_roles(count)
   # @param name [String] The name of the role to look up.
   # @return [Aws::IAM::Role] The retrieved role.
   def get_role(name)
-    role = @iam_resource.role(name)
-    puts("Got data for role '#{role.name}'. Its ARN is '#{role.arn}'.")
+    role = @iam_client.get_role({
+                                  role_name: name,
+                                }).role
+    puts("Got data for role '#{role.role_name}'. Its ARN is '#{role.arn}'.")
   rescue Aws::Errors::ServiceError => e
     puts("Couldn't get data for role '#{name}' Here's why:")
     puts("\t#{e.code}: #{e.message}")
@@ -119,8 +121,11 @@ def delete_role(role_name)
                                     role_name: role_name,
                                     policy_arn: policy.policy_arn
                                   })
-          @iam_client.delete_policy({ policy_arn: policy.policy_arn })
-          @logger.info("Deleted policy #{policy.policy_name}.")
+          # Check if the policy is a customer managed policy (not AWS managed)
+          unless policy.policy_arn.include?("aws:policy/")
+            @iam_client.delete_policy({ policy_arn: policy.policy_arn })
+            @logger.info("Deleted customer managed policy #{policy.policy_name}.")
+          end
         end
       end
 

ruby/example_code/iam/spec/manage_roles_spec.rb

@@ -3,58 +3,49 @@
 require_relative "../manage_roles"
 
 describe RoleManager do
-  let(:iam_client) { Aws::IAM::Client.new }
-  let(:role_manager) { RoleManager.new(iam_client) }
-
-  let(:role_name) { "rspec-test-role-#{Time.now.to_i}" }
-  let(:assume_role_policy_document) {
-    {
-      Version: "2012-10-17",
-      Statement: [
+  before(:all) do
+    @iam_client = Aws::IAM::Client.new
+    @role_manager = RoleManager.new(@iam_client)
+    @role_name = "rspec-test-role-#{Time.now.to_i}"
+    @assume_role_policy_document = {
+      "Version" => "2012-10-17",
+      "Statement" => [
         {
-          Effect: "Allow",
-          Principal: { Service: "ec2.amazonaws.com" },
-          Action: "sts:AssumeRole"
+          "Effect" => "Allow",
+          "Principal" => { "Service" => "ec2.amazonaws.com" },
+          "Action" => "sts:AssumeRole"
         }
       ]
     }
-  }
-  let(:policy_arns) { ["arn:aws:iam::aws:policy/ReadOnlyAccess"] }
-
-  before(:each) do
-    role_manager.create_role(role_name, assume_role_policy_document, policy_arns)
-  end
-
-  after(:each) do
-    role_manager.delete_role(role_name) rescue nil # Clean up role
+    @policy_arns = ["arn:aws:iam::aws:policy/ReadOnlyAccess"]
   end
 
   describe "#create_role" do
     it "creates a role and returns its ARN" do
-      role_arn = role_manager.create_role(role_name, assume_role_policy_document, policy_arns)
+      role_arn = @role_manager.create_role(@role_name, @assume_role_policy_document, @policy_arns)
       expect(role_arn).to be_a(String)
       expect(role_arn).to include("arn:aws:iam::")
     end
   end
 
   describe "#list_roles" do
     it "lists available roles" do
-      roles = role_manager.list_roles(100) # Adjust count as necessary
-      expect(roles).to include(role_name)
+      roles = @role_manager.list_roles(1000) # Adjust count as necessary
+      expect(roles).to include(@role_name)
     end
   end
 
   describe "#get_role" do
     it "retrieves data about a specific role" do
-      role = role_manager.get_role(role_name)
-      expect(role).to be_a(Aws::IAM::Role)
-      expect(role.role_name).to eq(role_name)
+      role = @role_manager.get_role(@role_name)
+      expect(role).to be_a(Aws::IAM::Types::Role)
+      expect(role.role_name).to eq(@role_name)
     end
   end
 
   describe "#delete_role" do
     it "deletes a specified role" do
-      expect { role_manager.delete_role(role_name) }.not_to raise_error
+      expect { @role_manager.delete_role(@role_name) }.not_to raise_error
     end
   end
 end