fix: iam policy

badmintoncryer · Feb 14, 2024 · b7a4cab · b7a4cab
1 parent 088d16a
commit b7a4cab
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 7 deletions.
diff --git a/src/rds-scheduler.ts b/src/rds-scheduler.ts
@@ -1,4 +1,4 @@
-import { Stack, TimeZone } from 'aws-cdk-lib';
+import { ArnFormat, Stack, TimeZone } from 'aws-cdk-lib';
 import * as iam from 'aws-cdk-lib/aws-iam';
 import * as rds from 'aws-cdk-lib/aws-rds';
 import * as scheduler from 'aws-cdk-lib/aws-scheduler';
@@ -82,6 +82,7 @@ export class RdsScheduler extends Construct {
                   service: 'rds',
                   resource: isCluster ? 'cluster' : 'db',
                   resourceName: identifier,
+                  arnFormat: ArnFormat.COLON_RESOURCE_NAME,
                 }),
               ],
             }),

diff --git a/test/integ.rds-scheduler.js.snapshot/TestStack.assets.json b/test/integ.rds-scheduler.js.snapshot/TestStack.assets.json
@@ -14,15 +14,15 @@
         }
       }
     },
-    "4f2899bfb38ee140ef49a7d087f25900ba73e0d95a4cf4e62c55d467dad7f322": {
+    "ce9d7f9993bf31ced6e7ab2a63d5e39bf5187b71b445f967363970c7f0f559f3": {
       "source": {
         "path": "TestStack.template.json",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "4f2899bfb38ee140ef49a7d087f25900ba73e0d95a4cf4e62c55d467dad7f322.json",
+          "objectKey": "ce9d7f9993bf31ced6e7ab2a63d5e39bf5187b71b445f967363970c7f0f559f3.json",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }

diff --git a/test/integ.rds-scheduler.js.snapshot/TestStack.template.json b/test/integ.rds-scheduler.js.snapshot/TestStack.template.json
@@ -703,7 +703,7 @@
             {
              "Ref": "AWS::AccountId"
             },
-            ":cluster/",
+            ":cluster:",
             {
              "Ref": "DatabaseCluster68FC2945"
             }

diff --git a/test/integ.rds-scheduler.js.snapshot/manifest.json b/test/integ.rds-scheduler.js.snapshot/manifest.json
@@ -18,7 +18,7 @@
         "validateOnSynth": false,
         "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
         "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
-        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4f2899bfb38ee140ef49a7d087f25900ba73e0d95a4cf4e62c55d467dad7f322.json",
+        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ce9d7f9993bf31ced6e7ab2a63d5e39bf5187b71b445f967363970c7f0f559f3.json",
         "requiresBootstrapStackVersion": 6,
         "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
         "additionalDependencies": [
@@ -193,7 +193,22 @@
         "/TestStack/DatabaseCluster": [
           {
             "type": "aws:cdk:warning",
-            "data": "Cluster DatabaseCluster only has serverless readers and no reader is in promotion tier 0-1.Serverless readers in promotion tiers >= 2 will NOT scale with the writer, which can lead to availability issues if a failover event occurs. It is recommended that at least one reader has `scaleWithWriter` set to true [ack: @aws-cdk/aws-rds:noFailoverServerlessReaders]"
+            "data": "Cluster DatabaseCluster only has serverless readers and no reader is in promotion tier 0-1.Serverless readers in promotion tiers >= 2 will NOT scale with the writer, which can lead to availability issues if a failover event occurs. It is recommended that at least one reader has `scaleWithWriter` set to true [ack: @aws-cdk/aws-rds:noFailoverServerlessReaders]",
+            "trace": [
+              "Annotations.addMessage (/Users/kazuhoshinozuka/git/rds-scheduler/node_modules/aws-cdk-lib/core/lib/annotations.js:1:1608)",
+              "Annotations.addWarningV2 (/Users/kazuhoshinozuka/git/rds-scheduler/node_modules/aws-cdk-lib/core/lib/annotations.js:1:825)",
+              "DatabaseCluster.validateClusterInstances (/Users/kazuhoshinozuka/git/rds-scheduler/node_modules/aws-cdk-lib/aws-rds/lib/cluster.js:1:9863)",
+              "DatabaseCluster._createInstances (/Users/kazuhoshinozuka/git/rds-scheduler/node_modules/aws-cdk-lib/aws-rds/lib/cluster.js:1:8774)",
+              "new DatabaseCluster (/Users/kazuhoshinozuka/git/rds-scheduler/node_modules/aws-cdk-lib/aws-rds/lib/cluster.js:5:5913)",
+              "new TestStack (/Users/kazuhoshinozuka/git/rds-scheduler/test/integ.rds-scheduler.js:36:33)",
+              "Object.<anonymous> (/Users/kazuhoshinozuka/git/rds-scheduler/test/integ.rds-scheduler.js:57:15)",
+              "Module._compile (node:internal/modules/cjs/loader:1376:14)",
+              "Module._extensions..js (node:internal/modules/cjs/loader:1435:10)",
+              "Module.load (node:internal/modules/cjs/loader:1207:32)",
+              "Module._load (node:internal/modules/cjs/loader:1023:12)",
+              "Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:135:12)",
+              "node:internal/main/run_main_module:28:49"
+            ]
           }
         ],
         "/TestStack/DatabaseCluster/Subnets/Default": [

diff --git a/test/integ.rds-scheduler.js.snapshot/tree.json b/test/integ.rds-scheduler.js.snapshot/tree.json
@@ -1033,7 +1033,7 @@
                                         {
                                           "Ref": "AWS::AccountId"
                                         },
-                                        ":cluster/",
+                                        ":cluster:",
                                         {
                                           "Ref": "DatabaseCluster68FC2945"
                                         }