-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(iam): incorrect input for AccountPrincipal is building successfully #30559
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request
. Additionally, if clarification is needed add Clarification Request
to a comment.
Logs are quite odd
Seems issue with yarn/nx |
/** | ||
* | ||
* @param accountId AWS account ID (i.e. '123456789012') | ||
*/ | ||
constructor(public readonly accountId: any) { | ||
super(new StackDependentToken(stack => `arn:${stack.partition}:iam::${accountId}:root`).toString()); | ||
if (!cdk.Token.isUnresolved(accountId) && typeof accountId !== 'string') { | ||
throw new Error('accountId should be of type string'); | ||
if (!cdk.Token.isUnresolved(accountId) && typeof accountId !== 'string' && !this.accountIdRegExp.test(accountId)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While you're at it, maybe we should check to see that all characters in the string are digits.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's covered with the regex new RegExp('^[0-9]{12}$');
as restricting only digits to 0-9 (could also be \d, but 0-9 is easier to read imo)
This build failure can't possibly have anything to do with this change... I'll retrigger it. |
@Mergifyio update |
✅ Branch has been successfully updated |
For fixes, the title should describe the bug, not the solution. Could you please update it? |
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request
. Additionally, if clarification is needed add Clarification Request
to a comment.
Hey Kendra, thanks for the review and restarting the build
Done ! Is it better with this ?
|
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
Pull request has been modified.
206cce4
to
17c7271
Compare
Seems this PR is breaking lots of existing test ... I'll look into it, if it's too complex or there is actual use case where the an AWS ID is not 12 digits (which should not be the case ?) I'll close it. |
...-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecr-source.ts
Show resolved
Hide resolved
...testing/framework-integ/test/aws-codepipeline-actions/test/cloudformation/integ.stacksets.ts
Outdated
Show resolved
Hide resolved
@TheRealAmazonKendra can you take a quick look ? PR seems big (🥲) but 99% is just updating existing test |
This PR cannot be merged because it has conflicts. Please resolve them. The PR will be considered stale and closed if it remains in an unmergeable state. |
1 similar comment
This PR cannot be merged because it has conflicts. Please resolve them. The PR will be considered stale and closed if it remains in an unmergeable state. |
…rror (#30726) Closes #30717. esbuild introduced a breaking change in v0.22 which caused the build error in `aws-lambda-nodejs` module. Pin the esbuild version to 0.21 in Dockerfile - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
They have now been standardized for a few years. We did not initially remove the old mappings out of caution and because we were unsure that the changes has made it to all regions yet. It is long past that happening at this point. Because we never removed this or marked it as deprecated, we still have a not insignificant amount of customers who believe the individual mapping is necessary and cut tickets because it is not up-to-date. Closes #<issue number here>. - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Closes #30331. This will improve the security group lookup functionality for importing existing security groups into a CDK stack. I added the ability to lookup existing security groups via more filters. Filters are supported by the [DescribeSecurityGroups API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html), and using these filters can be immensely useful for looking up existing security groups, especially if your account or organization follows predictable rules regarding things like security group tags. I added unit tests similar to the ones that test the normal lookup by ID or name. - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
This PR cannot be merged because it has conflicts. Please resolve them. The PR will be considered stale and closed if it remains in an unmergeable state. |
1 similar comment
This PR cannot be merged because it has conflicts. Please resolve them. The PR will be considered stale and closed if it remains in an unmergeable state. |
Comments on closed issues and PRs are hard for our team to see. |
Reason for this change
There is no validation and test that the AWS Account Id when creating AccountPrincipal Object. In my case I missed a digit when copy pasting an account id and the build still passed, the typo has been caught only during the code review process
Description of changes
Adding simple regex to check that AWS Id is 12 digits long & update error message
Description of how you validated changes
Existing tests are passing and added 2 of them
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license