New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add tagging support to AWS IAM Policies #6751
Conversation
I've fixed the tests that needed additional or changed resources in the test fixtures. There is one test, the remaining failure, that I am uncertain how to fix as I'm uncertain exactly what its testing:
|
Thanks for the PR!
Ok, that's happening because augments can be source-specific. By default, the resource manager defers to the source to handle augments. This test sees that the Given all of that context, I think the smoothest way forward would be to define augments per source. Which would mean something like this for the existing |
the shadow augment catch is valid here, config source already has tags, so redundantly fetching them when that's the source on a manager augment is not good, this should be on a describe source subclass overriding the augment method on it. |
bd8f462
to
6e515c0
Compare
6e515c0
to
e3100ae
Compare
Sorry for the slow reply on this one folks. I added the previous patch to my workflow and forgot a little about the PR. I've implemented the above suggested change, moving the augment to the existing This has made the automated tests happy (a rebase was also needed) and I can confirm this works in my environment also. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, thanks
i do wonder if we want to do a follow up branch to default to only customer managed policies wrt to server side query. |
I cannot comment for all users of this but I'm certainly filtering down to just my customer policies when I am running my policies. A default or some intuitive way to do this would be welcome. |
Add tag loading and tagging to AWS IAM Policies.
Resolves: #6679