Fix remove policies from certificate when deleting edge device

CGI-FR · Jun 23, 2023 · 70b90cb · 70b90cb
1 parent 3b3c921
commit 70b90cb
Showing 1 changed file with 7 additions and 9 deletions.
diff --git a/src/AzureIoTHub.Portal.Infrastructure/Services/AwsExternalDeviceService.cs b/src/AzureIoTHub.Portal.Infrastructure/Services/AwsExternalDeviceService.cs
@@ -450,17 +450,15 @@ public async Task RemoveDeviceCredentials(IoTEdgeDevice device)
 
         private async Task RemoveGreengrassCertificateFromPrincipal(IoTEdgeDevice device, string principalId)
         {
-            _ = await this.amazonIoTClient.DetachPolicyAsync(new DetachPolicyRequest
+            foreach (var item in this.configHandler.AWSGreengrassRequiredRoles)
             {
-                Target = principalId,
-                PolicyName = "GreengrassV2IoTThingPolicy"
-            });
+                _ = await this.amazonIoTClient.AttachPolicyAsync(new AttachPolicyRequest
+                {
+                    PolicyName = item,
+                    Target = principalId
+                });
+            }
 
-            _ = await this.amazonIoTClient.DetachPolicyAsync(new DetachPolicyRequest
-            {
-                Target = principalId,
-                PolicyName = "GreengrassCoreTokenExchangeRoleAliasPolicy"
-            });
             _ = await this.amazonIoTClient.DetachThingPrincipalAsync(device.DeviceName, principalId);
 
             _ = await this.amazonSecretsManager.DeleteSecretAsync(new DeleteSecretRequest