Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: load managed policies locally #2839

Merged
merged 107 commits into from
Feb 15, 2023
Merged

feat: load managed policies locally #2839

merged 107 commits into from
Feb 15, 2023

Conversation

hoffa
Copy link
Contributor

@hoffa hoffa commented Jan 31, 2023
edited
Loading

Issue #, if available

Description of changes

Faster and more resilient transforms by bundling the name-to-ARN managed policy map with the code.

The ARN of a managed policy name is determined by Translator in the following order:

  1. From the managed_policy_map argument. Can be None.
  2. From the bundled managed policy map.
  3. From the get_managed_policy_map function. Must be efficient to call, as it can be called multiple times within a transform.

Got the managed policies from my personal account using:

aws iam list-policies --scope AWS | jq '.Policies[] | {(.PolicyName): .Arn}' | jq -s add --sort-keys

Originally cached get_managed_policy_map() within the Translator instance, but anecdotally Translator is instantiated in hot paths, so letting the caller do the caching is simpler to integrate.

Description of how you validated changes

Checklist

Examples?

Please reach out in the comments if you want to add an example. Examples will be
added to sam init through aws/aws-sam-cli-app-templates.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@hoffa hoffa changed the title feat: store managed policies with code feat: store managed policies in code Feb 1, 2023
@aahung
Copy link
Contributor

aahung commented Feb 1, 2023

gogogo

aahung
aahung reviewed Feb 1, 2023
View reviewed changes
bin/list_managed_policies.py Outdated Show resolved Hide resolved
@hoffa hoffa requested a review from aahung February 15, 2023 01:56
@hoffa hoffa mentioned this pull request Feb 15, 2023
Merged
5 tasks
@hoffa hoffa marked this pull request as draft February 15, 2023 18:15
@hoffa hoffa marked this pull request as ready for review February 15, 2023 18:55
aahung
aahung approved these changes Feb 15, 2023
View reviewed changes
Copy link
Contributor

@aahung aahung left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉

acristin
acristin approved these changes Feb 15, 2023
View reviewed changes
Copy link
Contributor

@acristin acristin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a minor complaint and two questions.

samtranslator/model/role_utils/role_constructor.py Outdated Show resolved Hide resolved
samtranslator/model/role_utils/role_constructor.py Show resolved Hide resolved
samtranslator/translator/transform.py Show resolved Hide resolved
@hoffa hoffa merged commit 4b01409 into aws:develop Feb 15, 2023
@hoffa hoffa deleted the store-managed-policies branch February 15, 2023 21:08
@hoffa hoffa mentioned this pull request Mar 13, 2023
Closed
@hoffa hoffa mentioned this pull request Apr 18, 2023
Merged
5 tasks
@hoffa hoffa mentioned this pull request May 5, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@acristin acristin acristin approved these changes

@aahung aahung aahung approved these changes

@GavinZZ GavinZZ GavinZZ approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@hoffa @aahung @acristin @GavinZZ