Skip to content

Commit bfaafe3

Browse files
andremoellerandremoeller
authored
Merge branch 'master' into remove_cw_metrics_arg
2 parents 1b083f5 + 2fa160c commit bfaafe3

File tree

3 files changed

+20
-3
lines changed

3 files changed

+20
-3
lines changed

CHANGELOG.rst

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,9 @@ CHANGELOG
33
=========
44

55
1.7.1dev
6-
========
6+
=====
77

8+
* bug-fix: get_execution_role no longer fails if user can't call get_role
89
* bug-fix: Session: use existing model instead of failing during ``create_model()``
910
* deprecate enable_cloudwatch_metrics from Framework Estimators.
1011

src/sagemaker/session.py

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -760,7 +760,7 @@ def expand_role(self, role):
760760
def get_caller_identity_arn(self):
761761
"""Returns the ARN user or role whose credentials are used to call the API.
762762
Returns:
763-
(str): The ARN uer or role
763+
(str): The ARN user or role
764764
"""
765765
assumed_role = self.boto_session.client('sts').get_caller_identity()['Arn']
766766

@@ -772,7 +772,11 @@ def get_caller_identity_arn(self):
772772

773773
# Call IAM to get the role's path
774774
role_name = role[role.rfind('/') + 1:]
775-
role = self.boto_session.client('iam').get_role(RoleName=role_name)['Role']['Arn']
775+
try:
776+
role = self.boto_session.client('iam').get_role(RoleName=role_name)['Role']['Arn']
777+
except ClientError:
778+
LOGGER.warning("Couldn't call 'get_role' to get Role ARN from role name {} to get Role path."
779+
.format(role_name))
776780

777781
return role
778782

tests/unit/test_session.py

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,18 @@ def test_get_caller_identity_arn_from_an_user(boto_session):
7070
assert actual == 'arn:aws:iam::369233609183:user/mia'
7171

7272

73+
def test_get_caller_identity_arn_from_an_user_without_permissions(boto_session):
74+
sess = Session(boto_session)
75+
arn = 'arn:aws:iam::369233609183:user/mia'
76+
sess.boto_session.client('sts').get_caller_identity.return_value = {'Arn': arn}
77+
sess.boto_session.client('iam').get_role.side_effect = ClientError({}, {})
78+
79+
with patch('logging.Logger.warning') as mock_logger:
80+
actual = sess.get_caller_identity_arn()
81+
assert actual == 'arn:aws:iam::369233609183:user/mia'
82+
mock_logger.assert_called_once()
83+
84+
7385
def test_get_caller_identity_arn_from_a_role(boto_session):
7486
sess = Session(boto_session)
7587
arn = 'arn:aws:sts::369233609183:assumed-role/SageMakerRole/6d009ef3-5306-49d5-8efc-78db644d8122'

0 commit comments

Comments
 (0)