I'm importing a role in two separate stacks to add permissions to resources created in those stacks and they end up overwriting each other
Reproduction Steps
stack 1 has:
const myRole = Role.fromRoleArn(
this,
'myRole',
StringParameter.valueForStringParameter(this, 'myParam');
);
myLambda.grantInvoke(myRole);
stack 2 has:
const myRole = Role.fromRoleArn(
this,
'myRole',
StringParameter.valueForStringParameter(this, 'myParam');
);
myEventbridge.grantPutEventsTo(myRole);
What did you expect to happen?
I expected two policies to be added to the role allowing put permission to myEventbridge and allowing invoke on myLambda.
What actually happened?
I only get one of these permissions. The policy name generated is the same for both (in my case something like 'myRolePolicy3334F5F9') so one ends up overwriting the other.
I've worked around this by changing the imported role id in each stack to be unique but I find this troubling as it is extremely easy to accidentally overwrite policies set in a different stack. Shouldn't names be unique by stack?
Environment
- **CDK CLI Version :1.117.0
- **Framework Version:1.117.0
- **Node.js Version:v16.3.0
- **OS :ios
- **Language (Version):TypeScript 4.3.4
Other
This is 🐛 Bug Report
I'm importing a role in two separate stacks to add permissions to resources created in those stacks and they end up overwriting each other
Reproduction Steps
stack 1 has:
stack 2 has:
What did you expect to happen?
I expected two policies to be added to the role allowing put permission to myEventbridge and allowing invoke on myLambda.
What actually happened?
I only get one of these permissions. The policy name generated is the same for both (in my case something like 'myRolePolicy3334F5F9') so one ends up overwriting the other.
I've worked around this by changing the imported role id in each stack to be unique but I find this troubling as it is extremely easy to accidentally overwrite policies set in a different stack. Shouldn't names be unique by stack?
Environment
Other
This is 🐛 Bug Report