Actions
Bug #58547
open?Action=ListRoles endpoint json response incorrectly formatted
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
After creating 2 dummy roles and trying to retrieve the list of roles through the S3 api, the list of roles was inadequately formatted. The roles were created following the docs:
radosgw-admin role create --role-name=S3Access1 --path=/application_abc/component_xyz/ --assume-role-policy-doc=\{\"Version\":\"2012-10-17\",\"Statement\":\[\{\"Effect\":\"Allow\",\"Principal\":\{\"AWS\":\[\"arn:aws:iam:::user/TESTER\"\]\},\"Action\":\[\"sts:AssumeRole\"\]\}\]\}
radosgw-admin role create --role-name=S3Access2 --path=/application_abc/component_xyz/ --assume-role-policy-doc=\{\"Version\":\"2012-10-17\",\"Statement\":\[\{\"Effect\":\"Allow\",\"Principal\":\{\"AWS\":\[\"arn:aws:iam:::user/TESTER\"\]\},\"Action\":\[\"sts:AssumeRole\"\]\}\]\}
After calling the endpoint the response received was unexpectedly transformed:
RAW response:
b'[[{"member":{"RoleId":"904622a9-62d2-4e3a-b996-1db6d81991a2","RoleName":"S3Access2","Path":"/application_abc/component_xyz/","Arn":"arn:aws:iam:::role/application_abc/component_xyz/S3Access2","CreateDate":"2023-01-23T08:46:07.624Z","MaxSessionDuration":3600,"AssumeRolePolicyDocument":"{\\"Version\\":\\"2012-10-17\\",\\"Statement\\":[{\\"Effect\\":\\"Allow\\",\\"Principal\\":{\\"AWS\\":[\\"arn:aws:iam:::user/TESTER\\"]},\\"Action\\":[\\"sts:AssumeRole\\"]}]}"*},"member*":{"RoleId":"67691833-c6ab-4172-bff1-9deb176a486f","RoleName":"S3Access1","Path":"/application_abc/component_xyz/","Arn":"arn:aws:iam:::role/application_abc/component_xyz/S3Access1","CreateDate":"2023-01-23T08:45:49.729Z","MaxSessionDuration":3600,"AssumeRolePolicyDocument":"{\\"Version\\":\\"2012-10-17\\",\\"Statement\\":[{\\"Effect\\":\\"Allow\\",\\"Principal\\":{\\"AWS\\":[\\"arn:aws:iam:::user/TESTER\\"]},\\"Action\\":[\\"sts:AssumeRole\\"]}]}"}}],{"RequestId":"tx0000034b8fd6de729452c-0063ce4d91-1175-default"}]'
After calling json.loads on the response:
[[{'member': {'RoleId': '67691833-c6ab-4172-bff1-9deb176a486f', 'RoleName': 'S3Access1', 'Path': '/application_abc/component_xyz/', 'Arn': 'arn:aws:iam:::role/application_abc/component_xyz/S3Access1', 'CreateDate': '2023-01-23T08:45:49.729Z', 'MaxSessionDuration': 3600, 'AssumeRolePolicyDocument': '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":["arn:aws:iam:::user/TESTER"]},"Action":["sts:AssumeRole"]}]}'}}], {'RequestId': 'tx0000034b8fd6de729452c-0063ce4d91-1175-default'}]
If you look closely at the RAW response you'll find the second "member" object doesn't have a preceding "{".
Actions