(aws-iam): role contains invalid characters for service roles #8691
Comments
ThomasSteinbach
added
bug
github-actions
bot
added
the
@aws-cdk/aws-iam
I am no typescript programmer but I think this change could solve aws#8691
|
I have added a code change #8692 which shows, how the bug could be fixed in my opinion. Note that I am not a typescript developer and the code change is just a proposal. Hopefully ist accelerates the bugfix. |
|
Hi @skinny85 , I've seen that you have implemented the original support for service roles. However AWS also known "service linked roles" which have a little different ARN which https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html The ARN format is In the I hope I am not too pushy, but could you please have a look, if you could extend your solution for those "service linked roles". That would be very kind, as this is a really blocker for my work with CDK. I am not able to patch this bug locally, as we are using CDK with python and I don't know how to patch, build and package the CDK library on my machine. I have already made a proposal with #8692 |
|
Replied in the PR 🙂 |
SomayaB
added
in-progress
|
Don't the docs specifically state that role paths aren't supported? |
) Fixes #8691 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
I have a service account role - generated by AWS itself - with about following ARN:
Then
returns
aws-service-role/ssm.amazonaws.com/AWSServiceRoleForAmazonSSMbut should return justAWSServiceRoleForAmazonSSMinstead.Using the Role
from_role_arnleads to errors on deployment, as the role name contains invalid characters like/.This is 🐛 Bug Report
The text was updated successfully, but these errors were encountered: