-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Option to disable checking of API Gateway CloudWatch role setting #7333
Option to disable checking of API Gateway CloudWatch role setting #7333
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great thanks @coyoteecd, definitely a worthwhile improvement. Please see my remarks
Codecov Report
@@ Coverage Diff @@
## master #7333 +/- ##
==========================================
+ Coverage 87.92% 87.97% +0.04%
==========================================
Files 240 240
Lines 8897 8929 +32
==========================================
+ Hits 7823 7855 +32
Misses 1074 1074
Continue to review full report at Codecov.
|
Made updates, ready for review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @coyoteecd, looks really good. Just proposed few style improvements, and we should be good to go
lib/plugins/aws/package/compile/events/lib/ensureApiGatewayCloudWatchRole.js
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @coyoteecd !
What did you implement
Provides a
roleManagedExternally
setting to enable/disable checking of API Gateway CloudWatch role when usingprovider.logs
to enable API Gateway logs. This avoids creating a custom resource lambda (which requires a number of extra permissions assigned to your cfnRole just to run it). You must ensure the setting is there through other means, otherwise the deployment will fail when trying to enable the logs.Also documents the logging choices available under the Logs section in the API Gateway events doc page.
See also discussion here.
Closes #6973
How can we verify it
Deploying a serverless.yml with roleManagedExternally: false should not create a custom resource. Deployment should succeed when API Gateway already has a CloudWatch role ARN configured in that region (and fail otherwise, obviously).
Default is false, to avoid making it a breaking change.
Todos
Useful Scripts
npm run test:ci
--> Run all validation checks on proposed changesnpm run lint:updated
--> Lint all the updated filesnpm run lint:fix
--> Automatically fix lint problems (if possible)npm run prettier-check:updated
--> Check if updated files adhere to Prettier confignpm run prettify:updated
--> Prettify all the updated filesIs this ready for review?: YES
Is it a breaking change?: NO