diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index 3358d3d26fa..cba42c97345 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -942,6 +942,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Add basic ECS categorization and `cloud` fields. {pull}19174[19174] - Add support for parallelization factor for kinesis. {pull}20727[20727] - Provide more ways to set AWS credentials. {issue}12464[12464] {pull}23344[23344] +- Add support for multiple regions {pull}21065[21065] *Winlogbeat* diff --git a/x-pack/functionbeat/config/config.go b/x-pack/functionbeat/config/config.go index a95346c59c1..61451554728 100644 --- a/x-pack/functionbeat/config/config.go +++ b/x-pack/functionbeat/config/config.go @@ -16,7 +16,14 @@ import ( ) var ( - functionPattern = "^[A-Za-z][A-Za-z0-9\\-]{0,139}$" + // We're appending the function name to the role name. + // Limiting this to 30 because, we're prefixing the role name + // with "functionbeat-lambda-"(20 chars) and suffixing with + // the region, the max of which is "ap-southeast-2" (14 chars) + // Length constraints for roleName in AWS is 64 characters max per + // https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html + + functionPattern = "^[A-Za-z][A-Za-z0-9\\-]{0,30}$" functionRE = regexp.MustCompile(functionPattern) configOverrides = common.MustNewConfigFrom(map[string]interface{}{ "path.data": "/tmp", @@ -103,7 +110,7 @@ type functionName string func (f *functionName) Unpack(s string) error { if !functionRE.MatchString(s) { return fmt.Errorf( - "invalid name: '%s', name must match [a-zA-Z0-9-] and be at most 140 characters", + "invalid name: '%s', name must match [a-zA-Z0-9-] and be at most 30 characters", s, ) } diff --git a/x-pack/functionbeat/config/config_test.go b/x-pack/functionbeat/config/config_test.go index af62d8ca7e4..a196c096b83 100644 --- a/x-pack/functionbeat/config/config_test.go +++ b/x-pack/functionbeat/config/config_test.go @@ -105,9 +105,24 @@ func TestFunctionName(t *testing.T) { assert.Equal(t, functionName("hello-world"), f) }) + t.Run("valid function name: length of 30 chars", func(t *testing.T) { + f := functionName("") + err := f.Unpack("something-which-is--30--chars") + if !assert.NoError(t, err) { + return + } + assert.Equal(t, functionName("something-which-is--30--chars"), f) + }) + t.Run("invalid function name", func(t *testing.T) { f := functionName("") err := f.Unpack("hello world") assert.Error(t, err) }) + + t.Run("invalid function name: length", func(t *testing.T) { + f := functionName("") + err := f.Unpack("something-which-is-greater-than-thirty-characters") + assert.Error(t, err) + }) } diff --git a/x-pack/functionbeat/manager/aws/template_builder.go b/x-pack/functionbeat/manager/aws/template_builder.go index ed3b8a75a61..b50860a805a 100644 --- a/x-pack/functionbeat/manager/aws/template_builder.go +++ b/x-pack/functionbeat/manager/aws/template_builder.go @@ -264,7 +264,7 @@ func (d *defaultTemplateBuilder) roleTemplate(function installer, name string) * }, }, Path: "/", - RoleName: "functionbeat-lambda-" + name, + RoleName: "functionbeat-lambda-" + name + "-" + cloudformation.Ref("AWS::Region"), // Allow the lambda to write log to cloudwatch logs. // doc: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html Policies: policies,