Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(eks): partition is hardcoded in ALB controller IAM policies #27541

Merged
merged 5 commits into from
Oct 17, 2023

Conversation

laurelmay
Copy link
Contributor

This handles the issue by rewriting the policy objects before passing them to PolicyStatement.fromJson. Resources have the partition replaced with the Aws.PARTITION token and in tests we assert that the ARN is no longer hardcoded in the synthesized template.

Closes #22520.


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added the star-contributor [Pilot] contributed between 25-49 PRs to the CDK label Oct 14, 2023
@aws-cdk-automation aws-cdk-automation requested a review from a team October 14, 2023 04:45
@github-actions github-actions bot added bug This issue is a bug. effort/small Small work item – less than a day of effort p2 labels Oct 14, 2023
@laurelmay laurelmay changed the title fix: partition is hardcoded in ALB controller IAM fix(eks): partition is hardcoded in ALB controller IAM policies Oct 14, 2023
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@laurelmay
Copy link
Contributor Author

Exemption Request

This case should be covered by existing integration tests (integ.alb-controller.js); however, the integration tests are not run in non-standard partitions so there isn't an appropriate change to make to the test content. I cannot run the integration tests myself to update the snapshots because the two failing tests are aws-eks/test/integ.alb-controller.js and integ.eks-inference.js and I don't really want to have an EKS cluster with inf2.xlarge and inf1.2xlarge instances running for an indeterminate amount of time 😄. "Allow edits and access to secrets by maintainers" is enabled and I'd appreciate a core team member running the integration tests for me.

@aws-cdk-automation aws-cdk-automation added the pr-linter/exemption-requested The contributor has requested an exemption to the PR Linter feedback. label Oct 14, 2023
Signed-off-by: Sumu <sumughan@amazon.com>
Signed-off-by: Sumu <sumughan@amazon.com>
@aws-cdk-automation aws-cdk-automation dismissed their stale review October 17, 2023 20:39

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Oct 17, 2023
Copy link
Contributor

@sumupitchayan sumupitchayan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated the snapshots - thanks for your contribution!

@mergify
Copy link
Contributor

mergify bot commented Oct 17, 2023

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 90ea9dc
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify mergify bot merged commit 75e56ea into aws:main Oct 17, 2023
8 checks passed
@mergify
Copy link
Contributor

mergify bot commented Oct 17, 2023

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug This issue is a bug. effort/small Small work item – less than a day of effort p2 pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. pr-linter/exemption-requested The contributor has requested an exemption to the PR Linter feedback. star-contributor [Pilot] contributed between 25-49 PRs to the CDK
Projects
None yet
Development

Successfully merging this pull request may close these issues.

eks: ALB controller policies don't support gov cloud
3 participants