Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(event-targets): ecsTask uses invalid task definition arn in policy #31615

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

fix(event-targets): ecsTask uses invalid task definition arn in policy #31615

wants to merge 4 commits into from

Conversation

samson-keung
Copy link
Contributor

Issue # (if applicable)

Closes #30390 .

Reason for this change

This is extending a closed PR #30484 by @jwoehrle . I couldn't update that PR so I am creating this new one.

Reason for this change is due to a AWS ECS campaign where they are asking customers to add task definition revision number (or wildcard as the revision number) to IAM policies.

Description of changes

When adding permission to the Events Role to allow it to use the task definition, check if the task definition arn has a revision number, if yes, do nothing, if not, add the wildcard *. This is only done when the task definition arn is not using any token.

Description of how you validated changes

Unit tests and Integ tests are added.

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added bug This issue is a bug. effort/small Small work item – less than a day of effort labels Oct 1, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team October 1, 2024 22:28
@github-actions github-actions bot added the p1 label Oct 1, 2024
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Oct 1, 2024
@samson-keung samson-keung mentioned this pull request Oct 1, 2024
Closed
1 task
@msambol
Copy link
Contributor

msambol commented Oct 2, 2024

Per #30751, without the * isn't valid. I believe you can copy this PR and simplify the code here.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: e08c643
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@samson-keung samson-keung marked this pull request as ready for review October 2, 2024 19:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug This issue is a bug. contribution/core This is a PR that came from AWS. effort/small Small work item – less than a day of effort p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(event-targets): EcsTask uses invalid task definition arn in policy
3 participants
@samson-keung @msambol @aws-cdk-automation