Unable to strip quote from string in Python

Question

I'm creating a list of AWS IAM managed policies. And when I try to give the detach command I get an error that says:

Invalid length for parameter PolicyArn, value: 1, valid range: 20-inf

I think that the reason I'm getting this error is that quotes are interfering with the detach command.

This is the list I'm trying to give to the command:

['arn:aws:iam::aws:policy/AmazonAppStreamFullAccess', 'arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator']

I'm trying to strip the brackets and single quotes from the list with this command:

managed_policies_list = str(managed_policies_list).replace('[','').replace(']','').replace('\'','')

I'm having trouble with the remove policy command because the quotes are not being stripped from the list. This is what the managed_policies_list looks like after the strip command:

'arn:aws:iam::aws:policy/AmazonAppStreamFullAccess, arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator'

When I run this code that tries to remove the policies from the user:

managed_user_policies = (iam_client.list_attached_user_policies(UserName=user_name))
tree = objectpath.Tree(managed_user_policies)
managed_policies_list = set(tree.execute('$..AttachedPolicies[\'PolicyArn\']'))
managed_policies_list = list(managed_policies_list)
managed_policies_list = str(managed_policies_list).replace('[','').replace(']','').replace('\'','')
for policy_arn in managed_policies_list:
    print(f"Removing: {policy_arn} from User: {user_name}.")
    detach_user_policy_response = (iam_client.detach_user_policy(UserName=user_name,PolicyArn=\'policy_arn\'))

I get this error because the quote isn't being stripped:

'arn:aws:iam::aws:policy/AlexaForBusinessReadOnlyAccess'
Traceback (most recent call last):
  File "<stdin>", line 3, in <module>
  File "C:\Users\tdunphy\AppData\Local\Programs\Python\Python37-32\lib\site-packages\botocore\client.py", line 357, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "C:\Users\tdunphy\AppData\Local\Programs\Python\Python37-32\lib\site-packages\botocore\client.py", line 634, in _make_api_call
    api_params, operation_model, context=request_context)
  File "C:\Users\tdunphy\AppData\Local\Programs\Python\Python37-32\lib\site-packages\botocore\client.py", line 682, in _convert_to_request_dict
    api_params, operation_model)
  File "C:\Users\tdunphy\AppData\Local\Programs\Python\Python37-32\lib\site-packages\botocore\validate.py", line 297, in serialize_to_request
    raise ParamValidationError(report=report.generate_report())
botocore.exceptions.ParamValidationError: Parameter validation failed:
Invalid length for parameter PolicyArn, value: 1, valid range: 20-inf

How can I do this correctly?

Answer 1

There's no bracket nor single/double quote in your command as far as I can tell. What you see are not part of the command (string):

• Brackets ([ ]) indicate that it's a list/array.
• Quotes (' ") indicate that it's a string.

Those are regular indicators by the Python interpreter to help you see what data type (string, integer, dictionary, etc...) you're working with.

See:

riverman@ubuntu:~$ python3
Python 3.7.3 (default, Apr  3 2019, 05:39:12) 
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.


aws_iam_mp_list = ['arn:aws:iam::aws:policy/AmazonAppStreamFullAccess', 'arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator']

aws_iam_mp_list  # Typing a variable's name into the interpreter prints their content
['arn:aws:iam::aws:policy/AmazonAppStreamFullAccess', 'arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator']

for managed_policy in aws_iam_mp_list:
    print(managed_policy)

arn:aws:iam::aws:policy/AmazonAppStreamFullAccess
arn:aws:iam::aws:policy/AmazonAPIGatewayAdministrator

When you programmatically use the results, those indicators will not be part of the code.

Do I understand you correctly?