[BUG] - Unable to remove readOnlyAccessRoleArns from acceleratorMetadata configuration #644
Labels
bug
Something isn't working
Comments
|
@joeldesaulniers - what happens when you make it an empty array? The AWS team has created data models for expected data structure, mandatory and optional fields |
|
FYI per the schema, it is mandatory |
|
Thank you @richardkeit ! I believe this may be a part of the issue. If the field of readOnlyAccessRoleArns is mandatory, why is it possible to define an acceleratorMetadata resource without it? Perhaps readOnlyAccessRoleArns should be changed to optional? For example, initially my configuration was as follows, which deployed successfully: acceleratorMetadata: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
When defining acceleratorMetadata in the global-config.yaml file, the "readOnlyAccessRoleArns" parameter is optional. However, if it's added and then later removed, the codepipeline will fail.
To Reproduce
In global-config.yaml, add the following snippet:
acceleratorMetadata:
enable: true
account: LogArchive
readOnlyAccessRoleArns:
- arn:aws:iam::[account-id]:role/[role]
Run the codepipeline. Then, remove the readOnlyAccessRoleArns parameter and the role that it refers to:
acceleratorMetadata:
enable: true
account: LogArchive
The codepipeline will fail at the Build stage, with the following error:
Expected behavior
It's expected that if the acceleratorMetadata resource in the global-config.yaml file has readOnlyAccessRoleArns defined, the entire readOnlyAccessRoleArns parameter can be removed successfully without resulting in an error.
Please complete the following information about the solution:
Version: v1.9.2
Region: ca-central-1
Screenshot attached.
The text was updated successfully, but these errors were encountered: