New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Support new CodeDeploy ManagedPolicy #1858
Conversation
…ployRoleForLambda CodeDeploy is migrating from AWSCodeDeployRoleForLambda to AWSCodeDeployRoleForLambdaLimited. Some partitions do not support AWSCodeDeployRoleForLambda and therefore we need to use the newer one in those partitions. We cannot widely update to AWSCodeDeployRoleForLambdaLimited since this can cause customer's stacks to fail unexpectedly.
Codecov Report
@@ Coverage Diff @@
## develop #1858 +/- ##
===========================================
+ Coverage 93.97% 94.05% +0.07%
===========================================
Files 89 89
Lines 5825 5832 +7
Branches 1185 1188 +3
===========================================
+ Hits 5474 5485 +11
+ Misses 162 160 -2
+ Partials 189 187 -2
Continue to review full report at Codecov.
|
@@ -18,4 +18,9 @@ def is_apigw_edge_configuration_supported(cls): | |||
:return: True, if API Gateway does not support Edge configuration | |||
""" | |||
|
|||
return ArnGenerator.get_partition_name() not in [cls.partitions["govcloud"], cls.partitions["china"]] | |||
return ArnGenerator.get_partition_name() not in [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor: Looks like the list can be replaced by cls.partitions.values(), so we don't change two places.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 for using cls.partitions.values()
it should be cls.partitions.values()
instead of cls.partitions.keys()
, because for example we are checking whether "aws-iso"
is in the list, but not "iso"
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes indeed, I removed my comment :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch. Not sure why this is defined this way in general. Will simplify.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was no need for the dictionary that I could find. So I just pushed everything into the in
statement.
Do we also need to update |
I added unit test around this so we don't need to do the full functional testing. We also have integ tests we run when deploying the service. I would prefer not to keep replicating these tests per region/partition. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
* fix: Support new CodeDeploy MangedPolicy in regions without AWSCodeDeployRoleForLambda CodeDeploy is migrating from AWSCodeDeployRoleForLambda to AWSCodeDeployRoleForLambdaLimited. Some partitions do not support AWSCodeDeployRoleForLambda and therefore we need to use the newer one in those partitions. We cannot widely update to AWSCodeDeployRoleForLambdaLimited since this can cause customer's stacks to fail unexpectedly. * Forgot to commit unit tests * Handle PR feedback Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com>
* fix: Support new CodeDeploy MangedPolicy in regions without AWSCodeDeployRoleForLambda CodeDeploy is migrating from AWSCodeDeployRoleForLambda to AWSCodeDeployRoleForLambdaLimited. Some partitions do not support AWSCodeDeployRoleForLambda and therefore we need to use the newer one in those partitions. We cannot widely update to AWSCodeDeployRoleForLambdaLimited since this can cause customer's stacks to fail unexpectedly. * Forgot to commit unit tests * Handle PR feedback Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com>
* Support DLQ, RetryPolicy properties for EventBridgeRule,Schedule event sources (#1842) * Add DeadLetterConfig,RetryPolicy properties for EventBridgeRule,Schedule event sources * Minor fix,rename function argument * Update test class name * Combine dlq extraction/generation into the utility class * Remove unused import * fix: propagate condition to sqs queue policy for sqssubscription (#1798) * fix: propagate condition to sqs queue policy for sqssubscription * Update unit test for function_event_conditions * Update black commands in Makefile to check only .py files * Update test with one more SNS event source with sqsSubscription set * Revert "Update black commands in Makefile to check only .py files" This reverts commit 115ff09. * chore: Remove biased language from pylintrc (#1847) * fix: Support new CodeDeploy ManagedPolicy (#1858) * fix: Support new CodeDeploy MangedPolicy in regions without AWSCodeDeployRoleForLambda CodeDeploy is migrating from AWSCodeDeployRoleForLambda to AWSCodeDeployRoleForLambdaLimited. Some partitions do not support AWSCodeDeployRoleForLambda and therefore we need to use the newer one in those partitions. We cannot widely update to AWSCodeDeployRoleForLambdaLimited since this can cause customer's stacks to fail unexpectedly. * Forgot to commit unit tests * Handle PR feedback Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com> * fix: Update Slack invite link (#1877) Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com> * feature: Support for custom checkpointing (#1883) Co-authored-by: Vinayak <vinayaks@amazon.com> * Fix: Description in AWS::Serverless::HttpApi (#1884) * Fix: Description in AWS::Serverless::HttpApi * Update _set to _add * Update AWS::S3::Bucket properties (#1885) * Update AWS::S3::Bucket properties * Fix type checking validators for AWS::S3::Bucket * Update to use any_type() in favor of supporing ref * Fix: Replaced invalid AMQ managed policy by providing policy statements (#1891) * Fix for invalid MQ event source managed policy * Fix for invalid managed policy for MQ, included support for new MQ event source property, updated test cases * Black reformatting * Test case changes * Changed policy name * Modified test cases with new policy name * chore: bump version 1.34.0 (#1892) * Fix: SAM crashes method_definition for path is invalid (#1802) * Fix: SAM crashes method_definition for path is invalid * Fix: SAM crashes whenmappings is null * Removed print statement in test_translator * Fix: Swagger security not a dict Co-authored-by: Mufaddal Makati <mmmakati@amazon.com> Co-authored-by: ejafarli <54083696+ejafarli@users.noreply.github.com> Co-authored-by: _sam <3804518+aahung@users.noreply.github.com> Co-authored-by: Jacob Fuss <32497805+jfuss@users.noreply.github.com> Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com> Co-authored-by: vinayaksood <vinayaksood.282@gmail.com> Co-authored-by: Vinayak <vinayaks@amazon.com> Co-authored-by: Qingchuan Ma <69653965+qingchm@users.noreply.github.com> Co-authored-by: Mufaddal Makati <mufaddal@rawbytes.com> Co-authored-by: Mufaddal Makati <mmmakati@amazon.com>
* Support DLQ, RetryPolicy properties for EventBridgeRule,Schedule event sources (#1842) * Add DeadLetterConfig,RetryPolicy properties for EventBridgeRule,Schedule event sources * Minor fix,rename function argument * Update test class name * Combine dlq extraction/generation into the utility class * Remove unused import * fix: propagate condition to sqs queue policy for sqssubscription (#1798) * fix: propagate condition to sqs queue policy for sqssubscription * Update unit test for function_event_conditions * Update black commands in Makefile to check only .py files * Update test with one more SNS event source with sqsSubscription set * Revert "Update black commands in Makefile to check only .py files" This reverts commit 115ff09. * chore: Remove biased language from pylintrc (#1847) * fix: Support new CodeDeploy ManagedPolicy (#1858) * fix: Support new CodeDeploy MangedPolicy in regions without AWSCodeDeployRoleForLambda CodeDeploy is migrating from AWSCodeDeployRoleForLambda to AWSCodeDeployRoleForLambdaLimited. Some partitions do not support AWSCodeDeployRoleForLambda and therefore we need to use the newer one in those partitions. We cannot widely update to AWSCodeDeployRoleForLambdaLimited since this can cause customer's stacks to fail unexpectedly. * Forgot to commit unit tests * Handle PR feedback Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com> * fix: Update Slack invite link (#1877) Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com> * feature: Support for custom checkpointing (#1883) Co-authored-by: Vinayak <vinayaks@amazon.com> * Fix: Description in AWS::Serverless::HttpApi (#1884) * Fix: Description in AWS::Serverless::HttpApi * Update _set to _add * Update AWS::S3::Bucket properties (#1885) * Update AWS::S3::Bucket properties * Fix type checking validators for AWS::S3::Bucket * Update to use any_type() in favor of supporing ref * Fix: Replaced invalid AMQ managed policy by providing policy statements (#1891) * Fix for invalid MQ event source managed policy * Fix for invalid managed policy for MQ, included support for new MQ event source property, updated test cases * Black reformatting * Test case changes * Changed policy name * Modified test cases with new policy name * chore: bump version 1.34.0 (#1892) * Fix: SAM crashes method_definition for path is invalid (#1802) * Fix: SAM crashes method_definition for path is invalid * Fix: SAM crashes whenmappings is null * Removed print statement in test_translator * Fix: Swagger security not a dict Co-authored-by: Mufaddal Makati <mmmakati@amazon.com> Co-authored-by: ejafarli <54083696+ejafarli@users.noreply.github.com> Co-authored-by: _sam <3804518+aahung@users.noreply.github.com> Co-authored-by: Jacob Fuss <32497805+jfuss@users.noreply.github.com> Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com> Co-authored-by: vinayaksood <vinayaksood.282@gmail.com> Co-authored-by: Vinayak <vinayaks@amazon.com> Co-authored-by: Qingchuan Ma <69653965+qingchm@users.noreply.github.com> Co-authored-by: Mufaddal Makati <mufaddal@rawbytes.com> Co-authored-by: Mufaddal Makati <mmmakati@amazon.com> Co-authored-by: ejafarli <54083696+ejafarli@users.noreply.github.com> Co-authored-by: _sam <3804518+aahung@users.noreply.github.com> Co-authored-by: Jacob Fuss <32497805+jfuss@users.noreply.github.com> Co-authored-by: Jacob Fuss <jfuss@users.noreply.github.com> Co-authored-by: vinayaksood <vinayaksood.282@gmail.com> Co-authored-by: Vinayak <vinayaks@amazon.com> Co-authored-by: Qingchuan Ma <69653965+qingchm@users.noreply.github.com> Co-authored-by: Mufaddal Makati <mufaddal@rawbytes.com> Co-authored-by: Mufaddal Makati <mmmakati@amazon.com>
CodeDeploy is migrating from AWSCodeDeployRoleForLambda to AWSCodeDeployRoleForLambdaLimited.
Some partitions do not support AWSCodeDeployRoleForLambda and therefore we need to use the newer
one in those partitions. We cannot widely update to AWSCodeDeployRoleForLambdaLimited since this
can cause customer's stacks to fail unexpectedly.
Issue #, if available:
Description of changes:
Description of how you validated changes:
Checklist:
make pr
passesExamples?
Please reach out in the comments, if you want to add an example. Examples will be
added to
sam init
through https://github.com/awslabs/aws-sam-cli-app-templates/By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.