Merge branch 'release-1.11.11'

* release-1.11.11: Bumping version to 1.11.11 Update changelog based on model updates Update changelog for cloudrail Fix typo (?) in sync documentation Remove dead code after integration with s3transfer Replace IAM with STS in CreateSubscription
tangaowei · Nov 1, 2016 · 65f6cad · 65f6cad
2 parents 748caf6 + 66ffbbd
commit 65f6cad
Show file tree

Hide file tree

Showing 26 changed files with 71 additions and 4,282 deletions.
diff --git a/.changes/1.11.11.json b/.changes/1.11.11.json
@@ -0,0 +1,12 @@
+[
+  {
+    "category": "``cloudtrail``", 
+    "description": "Use STS instead of IAM in CreateSubscription", 
+    "type": "bugfix"
+  }, 
+  {
+    "category": "``cloudformation``", 
+    "description": "Update cloudformation command to latest version", 
+    "type": "feature"
+  }
+]
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -2,6 +2,13 @@
 CHANGELOG
 =========
 
+1.11.11
+=======
+
+* bugfix:``cloudtrail``: Use STS instead of IAM in CreateSubscription
+* feature:``cloudformation``: Update cloudformation command to latest version
+
+
 1.11.10
 =======
 

diff --git a/awscli/__init__.py b/awscli/__init__.py
@@ -17,7 +17,7 @@
 """
 import os
 
-__version__ = '1.11.10'
+__version__ = '1.11.11'
 
 #
 # Get our data path to be added to botocore's search path

diff --git a/awscli/customizations/cloudtrail/subscribe.py b/awscli/customizations/cloudtrail/subscribe.py
@@ -80,7 +80,7 @@ def setup_services(self, args, parsed_globals):
 
         # Initialize services
         LOG.debug('Initializing S3, SNS and CloudTrail...')
-        self.iam = self._session.create_client('iam', **client_args)
+        self.sts = self._session.create_client('sts', **client_args)
         self.s3 = self._session.create_client('s3', **client_args)
         self.sns = self._session.create_client('sns', **client_args)
         self.region_name = self.s3.meta.region_name
@@ -187,7 +187,7 @@ def setup_new_bucket(self, bucket, prefix, custom_policy=None):
         sys.stdout.write(
             'Setting up new S3 bucket {bucket}...\n'.format(bucket=bucket))
 
-        account_id = get_account_id(self.iam)
+        account_id = get_account_id(self.sts)
 
         # Clean up the prefix - it requires a trailing slash if set
         if prefix and not prefix.endswith('/'):
@@ -239,7 +239,7 @@ def setup_new_topic(self, topic, custom_policy=None):
         sys.stdout.write(
             'Setting up new SNS topic {topic}...\n'.format(topic=topic))
 
-        account_id = get_account_id(self.iam)
+        account_id = get_account_id(self.sts)
 
         # Make sure topic doesn't already exist
         # Warn but do not fail if ListTopics permissions

diff --git a/awscli/customizations/cloudtrail/utils.py b/awscli/customizations/cloudtrail/utils.py
@@ -17,10 +17,10 @@ def get_account_id_from_arn(trail_arn):
     return trail_arn.split(':')[4]
 
 
-def get_account_id(iam_client):
-    """Retrieve the AWS account ID for the authenticated user"""
-    response = iam_client.get_user()
-    return get_account_id_from_arn(response['User']['Arn'])
+def get_account_id(sts_client):
+    """Retrieve the AWS account ID for the authenticated user or role"""
+    response = sts_client.get_caller_identity()
+    return response['Account']
 
 
 def get_trail_by_arn(cloudtrail_client, trail_arn):