The following IAM operations were added in 3.3.0:
We need to add euare commands for each of the above actions, each command is not complex but there are quite a few of them. CreateRole , UpdateAssumeRolePolicy, and PutRolePolicy could have more complex UI to allow policy to be specified or could simply use a user supplied JSON policy document (i.e. euare-useraddpolicy vs. euare-useruploadpolicy)
We may want to better align the semantics of the metadata service iam credentials with AWS (EUCA-5788) in terms of how long we cache role credentials.
Policy support for the iam:PassRole action was not implemented and needs to be added (
Some clean up of error messages is probably necessary, one example of this is EUCA-6411. This may be better handled as separate bugs than as part of any story.