Iam list-roles does not display permission boundaries for the roles
rams3sh opened this issue · comments
I have enforced permission boundaries in one of my roles in my AWS account. However , I do not get the permission boundary policy displayed as part of list-roles api call as documented as part of official API docs here
But the same policy is being displayed when get-role is called for the specific role. Since I am not sure on whose side the problem is either at the AWS API gateway / boto3. Hence raising it here.
I use windows 10 and have my boto3 version as given below :-
C:\>python -c "import boto3; print(boto3.__version__)"
1.9.156
Given down the output of the aws cli command with jq to give out the keys of the output for clarity :-
C:\>aws iam list-roles | jq ".Roles[] | keys"
[
"Arn",
"AssumeRolePolicyDocument",
"CreateDate",
"Description",
"MaxSessionDuration",
"Path",
"RoleId",
"RoleName"
]
[
"Arn",
"AssumeRolePolicyDocument",
"CreateDate",
"MaxSessionDuration",
"Path",
"RoleId",
"RoleName"
]
[
"Arn",
"AssumeRolePolicyDocument",
"CreateDate",
"MaxSessionDuration",
"Path",
"RoleId",
"RoleName"
]
Output of get-role for the specific role with Permissions Boundary :-
C:\>aws iam get-role --role-name "RoleWithPermissionBoundarySet" | jq ".Role[] | keys?"
[
"PermissionsBoundaryArn",
"PermissionsBoundaryType"
]
[
"Statement",
"Version"
]